[prev in list] [next in list] [prev in thread] [next in thread]
List: opensuse-factory
Subject: New Tumbleweed snapshot 20220126 released!
From: Dominique Leuenberger <dimstar () suse ! de>
Date: 2022-01-28 2:58:59
Message-ID: 164333884327.12307.4916782478333889800 () go-agent-stagingbot-2
[Download RAW message or body]
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20220126
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox
bind
brasero
freerdp
kernel-source (5.16.1 -> 5.16.2)
mozilla-nss (3.73.1 -> 3.74)
paprefs (1.1 -> 1.2)
patterns-gnome
pciutils
python-py (1.10.0 -> 1.11.0)
python-xarray
rsyslog
samba (4.15.3+git.219.40cc1cd8591 -> 4.15.4+git.224.dea2f6dc836)
selinux-policy (20211111 -> 20220124)
vim (8.2.4063 -> 8.2.4186)
vsftpd
wpa_supplicant (2.9 -> 2.10)
xf86-input-libinput (1.2.0 -> 1.2.1)
xlockmore (5.67 -> 5.68)
=== Details ===
==== MozillaFirefox ====
Subpackages: MozillaFirefox-translations-common
- Enable -fimplicit-constexpr for GCC 12+.
==== bind ====
Subpackages: bind-doc bind-utils python3-bind
- Add now working CONFIG parameter to sysusers generator
==== brasero ====
Subpackages: libbrasero-burn3-1 libbrasero-media3-1 libbrasero-utils3-1
- Add 9b3f451e72cfa3bac700517a036faab61f683b3f.patch:
libbrasero-media: Fix duplicated if.
- Disable nautilus integration for now, does not work with gtk4
based nautilus. Disable pkgconfig(libnautilus-extension)
BuildRequires and pass disable-nautilus to configure via bcond.
- Modernize post(un) handling and Supplements, use
ldconfig_scriptlets macro.
==== freerdp ====
Subpackages: libfreerdp2-2 libwinpr2-2
- Enable FFmpeg support for Leap-15.2+
==== kernel-source ====
Version update (5.16.1 -> 5.16.2)
Subpackages: kernel-default kernel-docs
- Update
patches.kernel.org/5.16.2-005-vfs-fs_context-fix-up-param-length-parsing-in-.patch
(bsc#1012628 CVE-2022-0185 bsc#1194517).
Add CVE reference.
- commit 0d710a8
- s390/mm: fix 2KB pgtable release race (bsc#1188896).
- commit 6f62d73
- HID: wacom: Avoid using stale array indicies to read contact
count (bsc#1194667).
- HID: wacom: Ignore the confidence flag when a touch is removed
(bsc#1194667).
- HID: wacom: Reset expected and received contact counts at the
same time (bsc#1194667).
- commit 07a970c
- Linux 5.16.2 (bsc#1012628).
- ALSA: hda/realtek: Re-order quirk entries for Lenovo
(bsc#1012628).
- ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
(bsc#1012628).
- ALSA: hda/tegra: Fix Tegra194 HDA reset failure (bsc#1012628).
- ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker
quirk (bsc#1012628).
- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus
Master after reboot from Windows (bsc#1012628).
- ALSA: hda/realtek: Use ALC285_FIXUP_HP_GPIO_LED on another HP
laptop (bsc#1012628).
- ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5
devices (bsc#1012628).
- perf annotate: Avoid TUI crash when navigating in the annotation
of recursive functions (bsc#1012628).
- firmware: qemu_fw_cfg: fix kobject leak in probe error path
(bsc#1012628).
- firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate
entries (bsc#1012628).
- firmware: qemu_fw_cfg: fix sysfs information leak (bsc#1012628).
- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore()
with interrupts enabled (bsc#1012628).
- media: uvcvideo: fix division by zero at stream start
(bsc#1012628).
- video: vga16fb: Only probe for EGA and VGA 16 color graphic
cards (bsc#1012628).
- 9p: fix enodata when reading growing file (bsc#1012628).
- 9p: only copy valid iattrs in 9P2000.L setattr implementation
(bsc#1012628).
- NFSD: Fix zero-length NFSv3 WRITEs (bsc#1012628).
- remoteproc: qcom: pas: Add missing power-domain "mxc" for CDSP
(bsc#1012628).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART
(bsc#1012628).
- KVM: x86: don't print when fail to read/write pv eoi memory
(bsc#1012628).
- KVM: x86: Register Processor Trace interrupt hook iff PT
enabled in guest (bsc#1012628).
- KVM: x86: Register perf callbacks after calling vendor's
hardware_setup() (bsc#1012628).
- perf: Protect perf_guest_cbs with RCU (bsc#1012628).
- vfs: fs_context: fix up param length parsing in
legacy_parse_param (bsc#1012628).
- remoteproc: qcom: pil_info: Don't memcpy_toio more than is
provided (bsc#1012628).
- orangefs: Fix the size of a memory allocation in
orangefs_bufmap_alloc() (bsc#1012628).
- drm/amd/display: explicitly set is_dsc_supported to false
before use (bsc#1012628).
- devtmpfs regression fix: reconfigure on each mount
(bsc#1012628).
- commit 6fa29ec
- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).
Using the the default path is broken since Linux 5.17
- commit 68b36f0
- disable the Bluetooth patch again
The kernel is currently tested whether the patch is needed at all. As
95655456e7ce in upstream might fix the issue too (but differently).
- commit c3bbaae
- series.conf: cleanup
- move mainline patches into sorted section:
- patches.suse/mwifiex-Fix-skb_over_panic-in-mwifiex_usb_recv.patch
- patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch
- patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch
- update upstream references and move into sorted section:
- patches.suse/ALSA-usb-audio-Add-minimal-mute-notion-in-dB-mapping.patch
- patches.suse/ALSA-usb-audio-Fix-dB-level-of-Bose-Revolve-SoundLin.patch
- patches.suse/ALSA-usb-audio-Use-int-for-dB-map-values.patch
No effect on expanded tree.
- commit 607f978
- Refresh and reenable
patches.suse/Bluetooth-Apply-initial-command-workaround-for-more-.patch.
- commit a7b7c0d
- series.conf: Add sorted section header/footer
Even though we don't carry many patches in the stable or master
branches, having the sorted section header/footer allows the automated
tools to work.
- commit 05f8150
==== mozilla-nss ====
Version update (3.73.1 -> 3.74)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac \
mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.74
* bmo#966856 - mozilla::pkix: support SHA-2 hashes in CertIDs in
OCSP responses
* bmo#1553612 - Ensure clients offer consistent ciphersuites after HRR
* bmo#1721426 - NSS does not properly restrict server keys based on policy
* bmo#1733003 - Set nssckbi version number to 2.54
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R4 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R3 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R2 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R1 root certificate
* bmo#1735407 - Replace GlobalSign ECC Root CA R4
* bmo#1733560 - Remove Expired Root Certificates - DST Root CA X3
* bmo#1740807 - Remove Expiring Cybertrust Global Root and GlobalSign root
certificates
* bmo#1741930 - Add renewed Autoridad de Certificacion Firmaprofesional
CIF A62634068 root certificate
* bmo#1740095 - Add iTrusChina ECC root certificate
* bmo#1740095 - Add iTrusChina RSA root certificate
* bmo#1738805 - Add ISRG Root X2 root certificate
* bmo#1733012 - Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
* bmo#1738028 - Avoid a clang 13 unused variable warning in opt build
* bmo#1735028 - Check for missing signedData field
* bmo#1737470 - Ensure DER encoded signatures are within size limits
- enable key logging option (boo#1195040)
==== paprefs ====
Version update (1.1 -> 1.2)
Subpackages: paprefs-lang
- Update to version 1.2:
+ Compatibility with PulseAudio 16.0 module paths
+ Crash bug fix
+ Updated translations.
==== patterns-gnome ====
Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basic \
patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games \
patterns-gnome-gnome_imaging patterns-gnome-gnome_internet \
patterns-gnome-gnome_multimedia patterns-gnome-gnome_office \
patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast \
patterns-gnome-sw_management_gnome
- Do not require gnome-packagekit by gnome_x11: we have a specific
sw_management_gnome pattern, which supplements the generic
sw_management plus the basic gnome pattern, and that's where we
also should (and do) recommend gnome-packagekit.
- Do not recommend speech-dispatcher-module-espeak: we recommend
speech-dispatcher, the rest is handled by dependencies from the
packages (recommends and supplements).
- No longer recommend gnome-menus: GNOME 3 is not using menu
structures. This package is used by extension-classic, and if
that extension is installed, gnome-menus comes in as a dep.
- Stop recommending samba: samba is the server, which makes no
sense to be recommended by the desktop pattern.
==== pciutils ====
Subpackages: libpci3
- Set sbindir to /usr/bin to fix Steam issues
(rh#1858437, gh#ValveSoftware/steam-for-linux#3306)
- Add symlinks from /usr/sbin to /usr/bin
==== python-py ====
Version update (1.10.0 -> 1.11.0)
- update to 1.11.0:
* Support Python 3.11
* Support ``NO_COLOR`` environment variable
* Update vendored apipkg: 1.5 => 2.0
==== python-xarray ====
- Don't test with dask and distributed in python310: not supported
yet
==== rsyslog ====
- add service dependencies for remote logging (bsc#1194669)
- update config example in remote.conf to match upstream documentation
==== samba ====
Version update (4.15.3+git.219.40cc1cd8591 -> 4.15.4+git.224.dea2f6dc836)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client \
samba-client-32bit samba-client-libs samba-client-libs-32bit samba-doc samba-gpupdate \
samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind \
samba-winbind-libs samba-winbind-libs-32bit
- Update to 4.15.4
* Duplicate SMB file_ids leading to Windows client cache
poisoning; (bso#14928);
* Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error -
NT_STATUS_BUFFER_TOO_SMALL; (bso#14932);
* kill_tcp_connections does not work; (bso#14934);
* Can't connect to Windows shares not requiring authentication
using KDE/Gnome; (bso#14935);
* smbclient -L doesn't set "client max protocol" to NT1 before
calling the "Reconnecting with SMB1 for workgroup listing"
path; (bso#14939);
* Cross device copy of the crossrename module always fails;
(bso#14940);
* symlinkat function from VFS cap module always fails with an
error; (bso#14941);
* Fix possible fsp pointer deference; (bso#14942);
* Missing pop_sec_ctx() in error path inside close_directory();
(bso#14944);
* "smbd --build-options" no longer works without an smb.conf file;
(bso#14945);
==== selinux-policy ====
Version update (20211111 -> 20220124)
Subpackages: selinux-policy-targeted
- Update to version 20220124. Refreshed:
* fix_hadoop.patch
* fix_init.patch
* fix_kernel_sysctl.patch
* fix_systemd.patch
* fix_systemd_watch.patch
- Added fix_hypervkvp.patch to fix issues with hyperv labeling
(bsc#1193987)
==== vim ====
Version update (8.2.4063 -> 8.2.4186)
Subpackages: gvim vim-data vim-data-common
- Updated to version 8.2.4186, fixes the following problems
* Vim9: exported function in autoload script not found. (Yegappan Lakshmanan)
* Foam files are not detected.
* Computation overflow with large count for :yank.
* Vim9: imported autoload script loaded again.
* Vim9: cannot call imported function with :call. (Drew Vogel)
* Vim9: import test fails.
* Vim9: import test fails on MS-Windows.
* Using uninitialized memory when reading empty file.
* Vim9: no detection of return in try/endtry. (Dominique Pellé)
* Vim9: compiling function fails when autoload script is not loaded yet.
* Coverity warns for using NULL pointer.
* Going over the end of NameBuff.
* Test failures.
* Memory leak in autoload import.
* Not all Libsensors files are recognized.
* Terminal test for current directory not used on FreeBSD.
* MS-Windows: "gvim --version" didn't work when build with VIMDLL.
* Not sufficient test coverage for xxd.
* CodeQL reports problem in if_cscope causing it to fail.
* Check for autoload file name and prefix fails. (Christian J. Robinson)
* Vim9: no test for "vim9script autoload' and using script variable in
the same script.
* Memory leak when looking for autoload prefixed variable.
* Vim9: no test for using import in legacy script.
* "cctx" argument of find_func_even_dead() is unused.
* Cannot test items from an autoload script easily.
* Xxd cannot output everything in one line.
* Terminal test for current directory fails on FreeBSD.
* After restoring a session buffer order can be quite different.
* Virtcol is recomputed for statusline unnecessarily.
* MacOS CI: unnecessarily doing "Install packages".
* Cached breakindent values not initialized properly.
* 'virtualedit' is window-local but using buffer-local enum.
* Sed script not recognized by the first line.
* Linux CI: unnecessarily installing packages
* Wrong number in error message on 32 bit system. (John Paul Adrian Glaubitz)
* Typing "interrupt" at debug prompt may keep exception around, causing
function calls to fail.
* Vim9: cannot use Vim9 syntax in mapping.
* Early return when getting the 'formatlistpat' value.
* Warning for unused argument in tiny version.
* Vim9: import cannot be used after method.
* Vim9: variable declared in for loop not initialzed.
* Vim9: lower casing the autoload prefix causes problems.
* Translation related comment in the wrong place.
* Going over the end of the w_lines array.
* Script context not restored after using <ScriptCmd>.
* Going over the end of the w_lines array.
* MS-Windows: high dpi support is outdated.
* Coverity warns for using NULL pointer.
* Potential proglem when map is deleted while executing.
* Function not deleted at end of test.
* Typo on DOCMD_RANGEOK results in not recognizing command.
* Vim9: type checking for a funcref does not work for when it is used in
a method.
* Cannot use a method with a complex expression.
* Vim9: cannot use a method with a complex expression in a :def function.
* Vim9: wrong white space error after using imported item.
* Using UNUSED for argument that is used.
* Build failure when disabling the channel feature.
* Block insert goes over the end of the line.
* Visual test fails on MS-Windows.
* ":command Cmd" does not show custom completion argument.
* Complete function cannot be import.Name.
* Vim9: method in compiled function may not see script item.
* Completion tests fail.
* Crash on exit when built with dynamic Tcl and EXITFREE is
defined. (Dominique Pellé)
* Build failure without the +eval feature.
* Crash when method cannot be found. (Christian J. Robinson)
* Building with +sound but without +eval fails. (Dominique Pellé)
* MS-Windows: MSVC build may have libraries duplicated.
* Vim9: calling function in autoload import does not work in a :def function.
* Vim9: wrong error message when autoload script can't be found.
* output of ":scriptnames" goes into the message history, while this des
not happen for other commands, such as ":ls".
* MS-Windows: test for import with absolute path fails.
* Vim9: ":scriptnames" shows unloaded imported autoload script.
* Vim9: the "autoload" argument of ":vim9script" is not useful.
* Vim9: calling import with and without method is inconsistent.
* Vim9: no error for return with argument when the function does not
return anything.
* Using freed memory if an expression abbreviation deletes the abbreviation.
* maparg() does not indicate the type of script where it was defined.
* Vim9 builtin functions test fails.
* Build failure with normal features without persistent undo.
* MS-Windows: IME support for Win9x is obsolete.
* Cannot load libsodium dynamically.
* Confusing error when using name of import for a function.
* Vim9: shadowed function can be used in compiled function but not at
script level.
* E464 does not always include the offending command.
* Deleting any mapping may cause <ScriptCmd> to not set the script context.
* Test override not restored, autocommand left behind.
* Coverity warns for using pointer after free.
* Reading beyond the end of a line.
* Block insert with double wide character fails.
* MS-Windows: Global IME is no longer supported.
* ml_get error when exchanging windows in Visual mode.
* Translating strftime() argument results in check error.
* Fileinfo message overwrites echo'ed message.
* Terminal test fails because Windows sets the title.
* MS-Windows: memory leak in :browse.
* MS-Windows: _WndProc() is very long.
* Cannot change the register used for Select mode delete.
* Vim9: warning for missing white space after imported variable.
* Vim9: no error for redefining function with export.
* No error for omitting function name after autoload prefix.
* Error in legacy code for function shadowing variable.
* The nv_g_cmd() function is too long.
* Undo synced when switching buffer in another window.
* Vim9: error message for old style import.
* Disallowing empty function name breaks existing plugins.
* MS-Windows: unnessary casts and other minor things.
* MS-Windows: still using old message API calls.
* Cannot invoke option function using autoload import.
* Filetype detection for BASIC is not optimal.
* Cannot use an import in 'foldexpr'.
* Vim9: can use an autoload name in normal script.
* MS-Windows: runtime check for multi-line balloon is obsolete.
* Vim9: cannot use imported function with call().
* Vim9: autoload script not loaded after "vim9script noclear".
* Vim9: invalid error for return type of lambda when debugging.
* 'foldtext' is evaluated in the current script context.
* 'balloonexpr' is evaluated in the current script context.
* Vim9: cannot use an import in 'diffexpr'.
* Memory leak when evaluating 'diffexpr'.
* Cannot use an import in 'formatexpr'.
* Cannot use an import in 'includeexpr'.
* Cannot use an import in 'indentexpr'.
* Cannot use an import in 'patchexpr'.
==== vsftpd ====
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* vsftpd.service
==== wpa_supplicant ====
Version update (2.9 -> 2.10)
Subpackages: wpa_supplicant-gui
- update to 2.10.0:
* SAE changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
- added support for the hash-to-element mechanism (sae_pwe=1 or
sae_pwe=2); this is currently disabled by default, but will likely
get enabled by default in the future
- fixed PMKSA caching with OKC
- added support for SAE-PK
* EAP-pwd changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
* fixed P2P provision discovery processing of a specially constructed
invalid frame
[https://w1.fi/security/2021-1/]
* fixed P2P group information processing of a specially constructed
invalid frame
[https://w1.fi/security/2020-2/]
* fixed PMF disconnection protection bypass in AP mode
[https://w1.fi/security/2019-7/]
* added support for using OpenSSL 3.0
* increased the maximum number of EAP message exchanges (mainly to
support cases with very large certificates)
* fixed various issues in experimental support for EAP-TEAP peer
* added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
* a number of MKA/MACsec fixes and extensions
* added support for SAE (WPA3-Personal) AP mode configuration
* added P2P support for EDMG (IEEE 802.11ay) channels
* fixed EAP-FAST peer with TLS GCM/CCM ciphers
* improved throughput estimation and BSS selection
* dropped support for libnl 1.1
* added support for nl80211 control port for EAPOL frame TX/RX
* fixed OWE key derivation with groups 20 and 21; this breaks backwards
compatibility for these groups while the default group 19 remains
backwards compatible
* added support for Beacon protection
* added support for Extended Key ID for pairwise keys
* removed WEP support from the default build (CONFIG_WEP=y can be used
to enable it, if really needed)
* added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
* added support for Transition Disable mechanism to allow the AP to
automatically disable transition mode to improve security
* extended D-Bus interface
* added support for PASN
* added a file-based backend for external password storage to allow
secret information to be moved away from the main configuration file
without requiring external tools
* added EAP-TLS peer support for TLS 1.3 (disabled by default for now)
* added support for SCS, MSCS, DSCP policy
* changed driver interface selection to default to automatic fallback
to other compiled in options
* a large number of other fixes, cleanup, and extensions
- drop wpa_supplicant-p2p_iname_size.diff, CVE-2021-30004.patch,
CVE-2021-27803.patch, CVE-2021-0326.patch, CVE-2019-16275.patch:
upstream
- refresh config from 2.10 defconfig, re-enable CONFIG_WEP
==== xf86-input-libinput ====
Version update (1.2.0 -> 1.2.1)
- Enable tarball sig url too, verify tarball via keyring.
- Update to version 1.2.1
* few typos and misc minor fixes
* property added to turn off new high-resolution wheel scrolling
API
==== xlockmore ====
Version update (5.67 -> 5.68)
- update to 5.68:
* Updated xscreensaver port for xscreensaver-6.02.
* Various NetBsd install issues fixed including config.cygport.
* pam vulnerabiliy patch added thanks to Elmar Hoffmann, elho AT elho.net.
Card vulnerability may remain, see README.
* module fixes for deluxe, eyes, starfish, swirl, text3d2, module use is
still experimental.
* biof mode removed again (though was not building by default).
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic