Removed rpms
============
- OpenIPMI
- appres
- bdftopcf
- beforelight
- bitmap
- editres
- expect
- fonttosfnt
- fslsfonts
- fstobdf
- grub2
- grub2-s390x-emu
- grub2-snapper-plugin
- grub2-systemd-sleep-plugin
- hardlink
- hunspell
- hunspell-tools
- ico
- insserv-compat
- ipmitool
- lbxproxy
- libFS6
- libXRes1
- libXTrap6
- libXiterm1
- libXp6
- libXprintUtil1
- libXxf86dga1
- libgthread-2_0-0
- liblbxutil1
- liblvm2cmd2_03
- librecode3
- libstartup-notification-1-0
- libxml2-tools
- libyui-ncurses-pkg14
- libyui-ncurses14
- libyui-qt-graph14
- libyui-qt-pkg14
- libyui-qt14
- libyui14
- listres
- lvm2
- m4
- make
- make-lang
- man-pages-fr
- mkcomposecache
- mksh
- mutt
- mutt-doc
- mutt-lang
- oclock
- patterns-base-apparmor_opt
- patterns-base-enhanced_base_opt
- patterns-base-x11_opt
- patterns-desktop-laptop
- perl-Expect
- proxymngr
- python3-urwid
- raleway-fonts
- recode
- release-notes-openSUSE
- rendercheck
- rstart
- rxvt-unicode
- showfont
- site-config
- smproxy
- supportutils
- sysfsutils
- twm
- urlscan
- urlview
- viewres
- x11-japanese-bitmap-fonts
- x11perf
- xbacklight
- xbiff
- xcalc
- xclipboard
- xcmsdb
- xcompmgr
- xcursor-themes
- xcursorgen
- xdbedizzy
- xditview
- xdpyinfo
- xedit
- xev
- xeyes
- xf86dga
- xfd
- xfindproxy
- xfontsel
- xfs
- xfsinfo
- xfwp
- xgamma
- xgc
- xinput
- xiterm
- xkbevd
- xkbprint
- xkbutils
- xkill
- xload
- xlogo
- xlsatoms
- xlsclients
- xlsfonts
- xmag
- xman
- xmanja
- xmore
- xorg-scripts
- xorg-x11
- xplsprinters
- xpr
- xprehashprinterlist
- xrefresh
- xrestop
- xrx
- xscope
- xsetmode
- xsetpointer
- xsm
- xstdcmap
- xtrap
- xvidtune
- xvinfo
- xwd
- xwininfo
- xwud
- yast2-support
Added rpms
==========
- SUSEConnect
- WindowMaker
- dracut-transactional-update
- google-poppins-fonts
- inotify-tools
- libeconf0
- libgif7
- libgnomesu
- libgnomesu-lang
- libgnomesu0
- libinotifytools0
- liblmdb-0_9_17
- libnss_usrfiles2
- libtukit0
- libyui-ncurses-pkg15
- libyui-ncurses15
- libyui-qt-graph15
- libyui-qt-pkg15
- libyui-qt15
- libyui15
- login_defs
- metamail
- mpt-status
- pam-doc
- pam_pwquality
- patterns-base-basic_desktop
- patterns-base-documentation
- patterns-desktop-mobile
- patterns-yast-yast2_desktop
- patterns-yast-yast2_server
- perl-TermReadLine-Gnu
- procinfo
- procmail
- rollback-helper
- setserial
- sharutils
- sharutils-lang
- spax
- star
- star-rmt
- systemd-doc
- tukit
- update-test-trivial
- vlan
- zypper-migration-plugin
- zypper-search-packages-plugin
Package Source Changes
======================
MozillaFirefox
+- Firefox Extended Support Release 78.7.1 ESR
+ * Fixed: Prevent access to NTFS special paths that could lead
+ to filesystem corruption. (bmo#1689598)
+ * Fixed: Security fix
+ MFSA 2021-06 (bsc#1181848)
+ * MOZ-2021-0001 (bmo#1676636)
+ Buffer overflow in depth pitch calculations for compressed
+ textures
+
+- Firefox Extended Support Release 78.7.0 ESR
+ * Fixed: Various stability, functionality, and security fixes
+ MFSA 2021-04 (bsc#1181414)
+ * CVE-2021-23953 (bmo#1683940)
+ Cross-origin information leakage via redirected PDF requests
+ * CVE-2021-23954 (bmo#1684020)
+ Type confusion when using logical assignment operators in
+ JavaScript switch statements
+ * CVE-2020-26976 (bmo#1674343)
+ HTTPS pages could have been intercepted by a registered
+ service worker when they should not have been
+ * CVE-2021-23960 (bmo#1675755)
+ Use-after-poison for incorrectly redeclared JavaScript
+ variables during GC
+ * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526,
+ bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844,
+ bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410,
+ bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736,
+ bmo#1685260, bmo#1685925)
+ Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+
MozillaThunderbird
+- Mozilla Thunderbird 78.7.1 (bsc#1181848)
+ * changed: Building OpenPGP shared library linked to system
+ libraries now supported (bmo#1634963)
+ * changed: MailExtension errors now shown in Developer Tools
+ console by default (bmo#1650149)
+ * changed: MailExtensions: Dynamic registration of calendar
+ providers now supported (bmo#1652885)
+ * fixed: OpenPGP improvements (bmo#1655210)
+ * fixed: Message preview was sometimes blank after upgrading
+ from Thunderbird 68 (bmo#1653168)
+ * fixed: Email addresses whitelisted for remote content not
+ displayed in preferences (bmo#1652575)
+ * fixed: Importing data from Seamonkey did not work
+ (bmo#272292)
+ * fixed: Renaming a mail list did not update the side bar
+ (bmo#1632331)
+ * fixed: MailExtensions: messenger.* namespace was undefined
+ (bmo#1641573)
+
PackageKit
+- Add PackageKit-zypp-reset-update-mode-after-get-updates.patch:
+ zypp: Reset update mode after getting updates
+ (gh#hughsie/PackageKit/commit#b208f551, bsc#1180150).
+
autoyast2
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.68
+
bcm43xx-firmware
-- use %_firmwaredir
-
colord
+- allow access to /usr/local/share/color in AppArmor profile (boo#1180898)
+
cups
+- cups-2.2.7-CVE-2020-10001.patch fixes CVE-2020-10001
+ access to uninitialized buffer in ipp.c (bsc#1180520)
+- cups-2.2.7-CVE-2019-8842.patch fixes CVE-2019-8842 (bsc#1170671)
+ the ippReadIO function may under-read an extension field
+
dracut
+- Update to version 049.1+suse.183.g7282fe92:
+ * As of v246 of systemd "syslog" and "syslog-console" switches have been deprecated
+ (multiple backported commits, bsc#1180119)
+
+- Update to version 049.1+suse.174.g150b9981:
+ * make collect optional (bsc#1177870)
+ * Inclusion of dracut modifications to enable nvme-fc boot support (bsc#1142248)
+ * suse.spec: add nvmf module
+ * 95nvmf: Implement 'fc,auto' commandline syntax
+ * 95nvmf: add nvmf-autoconnect script
+ * 95nvmf: Fixup FC connections
+ * 95nvmf: rework parameter handling
+ * 95nvmf: fix typo in the example documentation
+ * 95nvmf: add NVMe over TCP support
+ * 95nvmf: add module for NVMe-oF
+ Adds new module 95nvmf, see jsc#ECO-3063.
+
gdm
+- Add gdm-fix-crash-when-using-Xvfb.patch: For some reason gdm
+ fails to get display and does not set it to NULL when using
+ with Xvfb, and it leads into a crash, this patch sets display
+ to NULL by default. (bsc#1178292, glgo#GNOME/gdm!118)
+
gmp
+- adjusted to be the same license as in factory (bsc#1180603)
+
+- correct license statement (library itself is no GPL-3.0)
+
hwdata
+- Add merge-pciids.pl to fully duplicate behavior of pciutils-ids
+ * Resolves SLE issue bsc#1180422 bsc#1180482
+
+- Update to version 0.343:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.342:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.341:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.340:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.339:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.338:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.337:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.336:
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.335:
+ * Updated pci, usb and vendor ids.
+
jasper
+- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls
+ Add jasper-CVE-2020-27828.patch
+- bsc#1181483 CVE-2021-3272: Fix heap overflow by ensuring number
+ of channels matches image components
+ Add jasper-CVE-2021-3272.patch
+
kernel-default
+- Rename duplicate patches to their SLE15-SP2 equivalents.
+ This is to prepare for the next SLE15-SP2 -> SLE15-SP3 merge.
+- commit a7157b9
+
+- platform/x86: pmt: Fix a potential Oops on error in probe
+ (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391).
+- commit e21ef02
+
+- platform/x86: Intel PMT Crashlog capability driver
+ (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391).
+- Update config files: Build PMT Crashlog capability driver.
+- supported.conf: Add the PMT Crashlog capability driver.
+- commit 0f2da12
+
+- platform/x86: Intel PMT Telemetry capability driver
+ (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391).
+- Update config files: Build PMT Telemetry capability driver.
+- supported.conf: Add the PMT Telemetry capability driver.
+- commit e0ffba9
+
+- platform/x86: Intel PMT class driver (jsc#SLE-13352,
+ jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391).
+- Update config files: Build PMT class driver.
+- supported.conf: Add the PMT class driver.
+- commit 22095e8
+
+- mfd: Intel Platform Monitoring Technology support
+ (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391).
+- Update config files: Build PMT driver on x86_64.
+- supported.conf: Add the PMT driver.
+- commit be0482a
+
+- PCI: Add defines for Designated Vendor-Specific Extended
+ Capability (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363,
+ jsc#SLE-13391).
+- commit 8eb1abf
+
+- series.conf: cleanup
+- update upstream references of unsortable patches and sort them properly:
+ patches.suse/perf-x86-intel-uncore-Store-the-logical-die-id-inste.patch
+ patches.suse/perf-x86-intel-uncore-With-8-nodes-get-pci-bus-die-i.patch
+- commit b4f0fcb
+
+- fix patch metadata and move it to correct section
+- fix upstream reference of a non-mainline patch and move to correct section:
+ patches.suse/net-sctp-filter-remap-copy_from_user-failure-error.patch
+- commit fda606d
+
+- usb: xhci-mtk: break loop when find the endpoint to drop
+ (git-fixes).
+- commit bd7c89a
+
+- usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints
+ (git-fixes).
+- commit 1a31126
+
+- usb: xhci-mtk: fix unreleased bandwidth data (git-fixes).
+- commit 6da0a12
+
+- usb: dwc2: Fix endpoint direction check in ep_from_windex
+ (git-fixes).
+- usb: dwc3: fix clock issue during resume in OTG mode
+ (git-fixes).
+- xhci: fix bounce buffer usage for non-sg list case (git-fixes).
+- usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
+ (git-fixes).
+- USB: gadget: legacy: fix an error code in eth_bind()
+ (git-fixes).
+- Input: i8042 - unbreak Pegatron C15B (git-fixes).
+- commit bcaeec1
+
+- net: qca_spi: Move reset_count to struct qcaspi (git-fixes).
+- commit 45b7fef
+
+- net: qca_spi: fix receive buffer size check (git-fixes).
+- commit 5cd7e42
+
+- net: stmmac: fix disabling flexible PPS output (git-fixes).
+- commit 20dce33
+
+- net: stmmac: fix length of PTP clock's name string (git-fixes).
+- commit 9f89a73
+
+- net: phy: at803x: use operating parameters from PHY-specific
+ status (git-fixes).
+- commit e91964f
+
+- net: phy: extract pause mode (git-fixes).
+- commit c81698a
+
+- net: phy: extract link partner advertisement reading
+ (git-fixes).
+- commit 18dc97f
+
+- net: phy: read MII_CTRL1000 in genphy_read_status only if needed
+ (git-fixes).
+- commit d5eb04d
+
+- net: stmmac: selftests: Flow Control test can also run with
+ ASYM Pause (git-fixes).
+- commit 26dfc56
+
+- cirrus: cs89x0: remove set but not used variable 'lp'
+ (git-fixes).
+- commit 0385a3f
+
+- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify
+ code (git-fixes).
+- commit f75aac5
+
+- blacklist.conf: update blacklist
+- commit ca67b2c
+
+- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from
+ NUMA info (bsc#1180989).
+- perf/x86/intel/uncore: Store the logical die id instead of
+ the physical die id (bsc#1180989).
+- perf/x86/intel/uncore: Generic support for the PCI sub driver
+ (bsc#1180989).
+- perf/x86/intel/uncore: Factor out uncore_pci_pmu_unregister()
+ (bsc#1180989).
+- perf/x86/intel/uncore: Factor out uncore_pci_pmu_register()
+ (bsc#1180989).
+- perf/x86/intel/uncore: Factor out uncore_pci_find_dev_pmu()
+ (bsc#1180989).
+- perf/x86/intel/uncore: Factor out uncore_pci_get_dev_die_info()
+ (bsc#1180989).
+- commit 6e81128
+
+- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from
+ NUMA info (bsc#1180989).
+- perf/x86/intel/uncore: Store the logical die id instead of
+ the physical die id (bsc#1180989).
+- commit 67d84dd
+
+- gpiolib: fix gpio_do_set_config() (bsc#1180682).
+- Refresh
+ patches.suse/gpiolib-Extract-gpio_set_config_with_argument-for-fu.patch.
+- Refresh
+ patches.suse/gpiolib-Introduce-gpio_set_debounce_timeout-for-inte.patch.
+- Refresh
+ patches.suse/gpiolib-use-proper-API-to-pack-pin-configuration-par.patch.
+- commit 11e6d6f
+
+- gpiolib: acpi: Fix fall-through warnings for Clang
+ (bsc#1180682).
+- gpiolib: split error path in gpiod_request_commit()
+ (bsc#1180682).
+- gpiolib: Unify expectations about ->request() returned value
+ (bsc#1180682).
+- gpiolib: Extract gpiod_not_found() helper (bsc#1180682).
+- gpio: just plain warning when nonexisting gpio requested
+ (bsc#1180682).
+- gpiolib: acpi: Use BIT() macro to increase readability
+ (bsc#1180682).
+- gpiolib: acpi: Convert pin_index to be u16 (bsc#1180682).
+- gpiolib: acpi: Extract acpi_request_own_gpiod() helper
+ (bsc#1180682).
+- gpiolib: acpi: Make acpi_gpio_to_gpiod_flags() usable for
+ GpioInt() (bsc#1180682).
+- gpiolib: acpi: Set initial value for output pin based on bias
+ and polarity (bsc#1180682).
+- gpiolib: acpi: Move acpi_gpio_to_gpiod_flags() upper in the code
+ (bsc#1180682).
+- gpiolib: acpi: Move non-critical code outside of critical
+ section (bsc#1180682).
+- gpiolib: acpi: Take into account debounce settings
+ (bsc#1180682).
+- gpiolib: acpi: Use named item for enum gpiod_flags variable
+ (bsc#1180682).
+- gpiolib: acpi: Respect bias settings for GpioInt() resource
+ (bsc#1180682).
+- gpiolib: Introduce gpio_set_debounce_timeout() for internal use
+ (bsc#1180682).
+- gpiolib: Extract gpio_set_config_with_argument_optional()
+ helper (bsc#1180682).
+- gpiolib: Extract gpio_set_config_with_argument() for future use
+ (bsc#1180682).
+- gpiolib: use proper API to pack pin configuration parameters
+ (bsc#1180682).
+- gpiolib: add missed break statement (bsc#1180682).
+- gpiolib: have a single place of calling set_config()
+ (bsc#1180682).
+- gpiolib: use 'unsigned int' instead of 'unsigned' in
+ gpio_set_config() (bsc#1180682).
+- commit da451fd
+
+- bus: fsl-mc: add autorescan sysfs (jsc#SLE-12251).
+- bus: fsl-mc: add bus rescan attribute (jsc#SLE-12251).
+- bus: fsl-mc: add fsl-mc userspace support (jsc#SLE-12251).
+- bus: fsl-mc: export mc_cmd_hdr_read_cmdid() to the fsl-mc bus
+ (jsc#SLE-12251).
+- bus: fsl-mc: move fsl_mc_command struct in a uapi header
+ (jsc#SLE-12251).
+- bus: fsl-mc: return -EPROBE_DEFER when a device is not yet
+ discovered (jsc#SLE-12251).
+- bus: fsl-mc: add missing __iomem attribute (jsc#SLE-12251).
+- commit 21968ee
+
+- bonding: wait for sysfs kobject destruction before freeing
+ struct slave (git-fixes).
+- net/mlx5: E-Switch, Use vport metadata matching by default
+ (git-fixes).
+- cxgb4: fix all-mask IP address comparison (git-fixes).
+- cxgb4: fix set but unused variable when DCB is disabled
+ (git-fixes).
+- commit 8f53029
+
+- Refresh
+ patches.suse/coresight-etm4x-Skip-setting-LPOVERRIDE-bit-for-qcom.patch.
+- commit 6434185
+
+- Refresh
+ patches.suse/spi-fsl-dspi-fix-wrong-pointer-in-suspend-resume.patch.
+- commit 78ee3ab
+
+- bpf, cgroup: Fix problematic bounds check (bsc#1155518).
+- bpf, cgroup: Fix optlen WARN_ON_ONCE toctou (bsc#1155518).
+- commit 3ab5222
+
+- net, sctp, filter: remap copy_from_user failure error
+ (bsc#1181637).
+- commit 32551e1
+
+- i40e: Revert "i40e: don't report link up for a VF who hasn't
+ enabled queues" (jsc#SLE-8025).
+- igc: Fix returning wrong statistics (git-fixes).
+- i40e: Fix MAC address setting for a VF via Host/VM (git-fixes).
+- mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
+ (git-fixes).
+- mlxsw: core: Fix memory leak on module removal (git-fixes).
+- net/mlx5: Don't call timecounter cyc2time directly from 1PPS
+ flow (git-fixes).
+- net: ethernet: mlx4: Avoid assigning a value to ring_cons but
+ not used it anymore in mlx4_en_xmit() (git-fixes).
+- net: team: fix memory leak in __team_options_register
+ (git-fixes).
+- net/mlx5e: Fix VLAN create flow (git-fixes).
+- net/mlx5e: Fix VLAN cleanup flow (git-fixes).
+- net/mlx5: Fix request_irqs error flow (git-fixes).
+- mlxsw: spectrum_acl: Fix mlxsw_sp_acl_tcam_group_add()'s error
+ path (git-fixes).
+- team: set dev->needed_headroom in team_setup_by_port()
+ (git-fixes).
+- bonding: set dev->needed_headroom in bond_setup_by_slave()
+ (git-fixes).
+- net: qed: RDMA personality shouldn't fail VF load (git-fixes).
+- net: thunderx: initialize VF's mailbox mutex before first usage
+ (git-fixes).
+- net: mvpp2: fix memory leak in mvpp2_rx (git-fixes).
+- iavf: Fix updating statistics (git-fixes).
+- iavf: fix error return code in iavf_init_get_resources()
+ (git-fixes).
+- net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes).
+- vxlan: fix memleak of fdb (git-fixes).
+- net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq
+ (git-fixes).
+- mlxsw: core: Free EMAD transactions using kfree_rcu()
+ (git-fixes).
+- mlxsw: core: Increase scope of RCU read-side critical section
+ (git-fixes).
+- net/mlx5: Query PPS pin operational status before registering it
+ (git-fixes).
+- net/mlx5: Verify Hardware supports requested ptp function on
+ a given pin (git-fixes).
+- net/mlx5: Fix a bug of using ptp channel index as pin index
+ (git-fixes).
+- net/mlx5e: Fix error path of device attach (git-fixes).
+- net/mlx5: E-switch, Destroy TSAR after reload interface
+ (git-fixes).
+- net: hns3: fix aRFS FD rules leftover after add a user FD rule
+ (git-fixes).
+- net: hns3: fix a TX timeout issue (git-fixes).
+- net: hns3: fix desc filling bug when skb is expanded or lineared
+ (git-fixes).
+- qed: Populate nvm-file attributes while reading nvm config
+ partition (git-fixes).
+- net: hns3: fix use-after-free when doing self test (git-fixes).
+- net: hns3: add a missing uninit debugfs when unload driver
+ (git-fixes).
+- net: cxgb4: fix return error value in t4_prep_fw (git-fixes).
+- cxgb4vf: update kernel-doc line comments (git-fixes).
+- cxgb4: update kernel-doc line comments (git-fixes).
+- cxgb4: move DCB version extern to header file (git-fixes).
+- cxgb4: remove cast when saving IPv4 partial checksum
+ (git-fixes).
+- cxgb4: fix SGE queue dump destination buffer context
+ (git-fixes).
+- cxgb4: use correct type for all-mask IP address comparison
+ (git-fixes).
+- cxgb4: fix endian conversions for L4 ports in filters
+ (git-fixes).
+- cxgb4: parse TC-U32 key values and masks natively (git-fixes).
+- cxgb4: use unaligned conversion for fetching timestamp
+ (git-fixes).
+- cxgb4: move PTP lock and unlock to caller in Tx path
+ (git-fixes).
+- cxgb4: move handling L2T ARP failures to caller (git-fixes).
+- net: qed: fix "maybe uninitialized" warning (git-fixes).
+- net: qede: fix use-after-free on recovery and AER handling
+ (git-fixes).
+- net: qede: fix PTP initialization on recovery (git-fixes).
+- net: qed: fix excessive QM ILT lines consumption (git-fixes).
+- net: qed: fix NVMe login fails over VFs (git-fixes).
+- net: qede: stop adding events on an already destroyed workqueue
+ (git-fixes).
+- net: qed: fix async event callbacks unregistering (git-fixes).
+- iavf: fix speed reporting over virtchnl (git-fixes).
+- net/mlx5e: IPoIB, Drop multicast packets that this interface
+ sent (git-fixes).
+- ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
+ (git-fixes).
+- veth: Adjust hard_start offset on redirect XDP frames
+ (git-fixes).
+- net/mlx5e: Set of completion request bit should not clear
+ other adjacent bits (git-fixes).
+- net/mlx5e: en_accel, Add missing net/geneve.h include
+ (git-fixes).
+- bonding: Fix reference count leak in bond_sysfs_slave_add
+ (git-fixes).
+- bnxt_en: Fix accumulation of bp->net_stats_prev (git-fixes).
+- net/mlx5: Annotate mutex destroy for root ns (git-fixes).
+- net/mlx5: Don't maintain a case of del_sw_func being null
+ (git-fixes).
+- net/mlx4_core: fix a memory leak bug (git-fixes).
+- mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set
+ in case reload fails (git-fixes).
+- net/mlx5e: Get the latest values from counters in switchdev mode
+ (git-fixes).
+- net/mlx5e: Don't trigger IRQ multiple times on XSK wakeup to
+ avoid WQ overruns (git-fixes).
+- net/mlx5: Fix failing fw tracer allocation on s390 (git-fixes).
+- net/cxgb4: Check the return from t4_query_params properly
+ (git-fixes).
+- net: hns3: fix set and get link ksettings issue (git-fixes).
+- net: hns3: fix RSS config lost after VF reset (git-fixes).
+- qed: Fix race condition between scheduling and destroying the
+ slowpath workqueue (git-fixes).
+- net/mlx5: E-Switch, Hold mutex when querying drop counter in
+ legacy mode (git-fixes).
+- net/mlx5: E-Switch, Use vport metadata matching only when
+ mandatory (git-fixes).
+- net/liquidio: Delete non-working LIQUIDIO_PACKAGE check
+ (git-fixes).
+- virtio_net: Keep vnet header zeroed if XDP is loaded for small
+ buffer (git-fixes).
+- net/mlx5: Clear LAG notifier pointer after unregister
+ (git-fixes).
+- net/mlx5e: Fix endianness handling in pedit mask (git-fixes).
+- net/mlx5e: kTLS, Fix wrong value in record tracker enum
+ (git-fixes).
+- net: hns3: clear port base VLAN when unload PF (git-fixes).
+- net: hns3: fix VF VLAN table entries inconsistent issue
+ (git-fixes).
+- net: hns3: fix "tc qdisc del" failed issue (git-fixes).
+- cxgb4: fix checks for max queues to allocate (git-fixes).
+- commit a805d8f
+
+- Update config files. Switch on DWC3 on x86_64
+ (jsc#SLE-14042)
+- commit 1a0a5a5
+
+- Another fix of the missing merge commit hunk in idxd dma driver (bsc#1181795)
+- commit 4b7e5ed
+
+- Fix the missing change via the upstream merge commit for idxd dma driver (bsc#1181795)
+- commit e5ace2b
+
+- dmaengine: idxd: add missing invalid flags field to completion
+ (bsc#1181795).
+- dmaengine: idxd: fix hw descriptor fields for delta record
+ (bsc#1181795).
+- commit fb2caf6
+
+- blacklist.conf: Blacklist two 32-bit only fixes
+ 50fe7ebb6475 bpf, x86_32: Fix clobbering of dst for BPF_JSET
+ 5ca1ca01fae1 bpf, x86_32: Fix logic error in BPF_LDX zero-extension
+- commit 55cadfc
+
+- nvme-multipath: Early exit if no path is available
+ (bsc#1180964).
+- commit 1c96465
+
+- kABI: Fix kABI after AMD SEV PCID fixes (bsc#1178995).
+- commit bf72ec9
+
+- ahci: Add Intel Emmitsburg PCH RAID PCI IDs (jsc#SLE-14457).
+- commit a78ee51
+
+- iwlwifi: pcie: remove obsolete pre-release support code
+ (git-fixes).
+- iwlwifi: pcie: add some missing entries for AX210 (git-fixes).
+- iwlwifi: support an additional Qu subsystem id (git-fixes).
+- iwlwifi: add new card for MA family (git-fixes).
+- iwlwifi: iwl-trans: move all txcmd init to trans alloc
+ (git-fixes).
+- commit 133d60e
+
+- iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit
+ (git-fixes).
+- iwlwifi: pcie: add rules to match Qu with Hr2 (git-fixes).
+- iwlwifi: Add a new card for MA family (git-fixes).
+- iwlwifi: follow the new inclusive terminology (git-fixes).
+- iwlwifi: pcie: fix xtal latency for 9560 devices (git-fixes).
+- iwlwifi: pcie: fix 0x271B and 0x271C trans cfg struct
+ (git-fixes).
+- iwlwifi: add new cards for MA family (git-fixes).
+- iwlwifi: add new cards for AX201 family (git-fixes).
+- commit 050b58f
+
+- gpio: gpiolib: remove shadowed variable (git-fixes).
+- drm/i915/gt: Always try to reserve GGTT address 0x0 (git-fixes).
+- iwlwifi: pcie: set LTR on more devices (git-fixes).
+- commit d7ad942
+
+- mac80211: pause TX while changing interface type (git-fixes).
+- wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
+ (git-fixes).
+- iwlwifi: pcie: reschedule in long-running memory reads
+ (git-fixes).
+- iwlwifi: pcie: use jiffies for memory read spin time limit
+ (git-fixes).
+- net: usb: qmi_wwan: added support for Thales Cinterion PLSx3
+ modem family (git-fixes).
+- drivers: soc: atmel: add null entry at the end of
+ at91_soc_allowed_list[] (git-fixes).
+- drivers: soc: atmel: Avoid calling at91_soc_init on non AT91
+ SoCs (git-fixes).
+- commit 023b5c2
+
+- perf: Make struct ring_buffer less ambiguous (bsc#1177028).
+ Refresh patches.suse/0001-perf-core-Fix-race-in-the-perf_mmap_close-function.patch.
+- commit 5dfb979
+
+- powerpc/mm/pkeys: Make pkey access check work on execute_only_key
+ (bsc#1181544 ltc#191080 git-fixes).
+- Refresh patches.suse/powerpc-book3s64-pkeys-Fix-pkey_access_permitted-for.patch.
+- commit 7508356
+
+- rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796)
+ The product string was changed from openSUSE to Leap.
+- commit 4127a14
+
+- powerpc/pkeys: Check vma before returning key fault error to
+ the user (bsc#1181544 ltc#191080).
+- powerpc/pkeys: Avoid using lockless page table walk (bsc#1181544
+ ltc#191080).
+- commit 8cb9fab
+
+- net/mlx5: Fix function calculation for page trees (git-fixes).
+- commit 22c3016
+
+- net: fec: put child node on error path (git-fixes).
+- commit cbac658
+
+- ARM: imx: fix imx8m dependencies (git-fixes).
+- soc: imx: select ARM_GIC_V3 for i.MX8M (git-fixes).
+- commit adb9b1b
+
+- Add no-fix tag to drm cherry-picks
+ Add a no-fix tag to drm patches that are cherry-picks and are not
+ already blacklisted.
+- Refresh
+ patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch.
+- Refresh
+ patches.suse/0001-drm-i915-Update-drm-i915-bug-filing-URL.patch.
+- Refresh
+ patches.suse/0001-drm-i915-execlists-Always-force-a-context-reload-whe.patch.
+- Refresh
+ patches.suse/0001-drm-i915-icl-Fix-hotplug-interrupt-disabling-after-s.patch.
+- Refresh
+ patches.suse/0003-drm-i915-Correctly-set-SFC-capability-for-video-engi.patch.
+- Refresh
+ patches.suse/0029-drm-i915-gem-Avoid-implicit-vmap-for-highmem-on-x86-.patch.
+- Refresh
+ patches.suse/drm-i915-Perform-GGTT-restore-much-earlier-during-re.patch.
+- Refresh
+ patches.suse/drm-i915-Whitelist-COMMON_SLICE_CHICKEN2.patch.
+- Refresh
+ patches.suse/drm-i915-pmu-Frequency-is-reported-as-accumulated-cy.patch.
+- Refresh
+ patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch.
+- Refresh
+ patches.suse/drm-i915-update-rawclk-also-on-resume.patch.
+- Refresh
+ patches.suse/drm-i915-userptr-Never-allow-userptr-into-the-mappab.patch.
+- commit 46ba73b
+
+- KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests
+ (bsc#1178995).
+- KVM: x86: Introduce cr3_lm_rsvd_bits in kvm_vcpu_arch
+ (bsc#1178995).
+- commit 49749c4
+
+- r8169: work around RTL8125 UDP hw bug (git-fixes).
+- commit db42a5b
+
+- r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set
+ (git-fixes).
+- commit ab82b36
+
+- exfat: Avoid allocating upcase table using kcalloc()
+ (git-fixes).
+- exec: Always set cap_ambient in cap_bprm_set_creds (git-fixes).
+- commit eb2e605
+
+- s390/dasd: Fix inconsistent kobject removal (jsc#SLE-13767
+ bsc#1178420 LTC#185092).
+- commit e13d81a
+
+- blacklist.conf: no change to /sys/firmware/uv/query/max_cpus
+- commit 737a803
+
+- s390/vfio-ap: No need to disable IRQ after queue reset
+ (git-fixes).
+- s390/vfio-ap: clean up vfio_ap resources when KVM pointer
+ invalidated (git-fixes).
+- commit d91ae22
+
+- Refresh patches.suse/edac-amd64-set-grain-per-dimm.patch.
+ Readd the second hunk which wasn't needed during the original git-fixes
+ backport.
+- commit 9c3639f
+
+- Update patches.suse/bpf-Fix-modifier-skipping-logic.patch (bsc#1177028).
+ Restore the patch to match the upstream commit
+- commit a490625
+
+- mlxsw: spectrum_span: Do not overwrite policer configuration
+ (bsc#1176774).
+- net/mlx5: CT: Fix incorrect removal of tuple_nat_node from
+ nat rhashtable (jsc#SLE-15172).
+- net/mlx5e: Revert parameters on errors when changing trust
+ state without reset (jsc#SLE-15172).
+- net/mlx5e: Correctly handle changing the number of queues when
+ the interface is down (jsc#SLE-15172).
+- net/mlx5e: Fix CT rule + encap slow path offload and deletion
+ (jsc#SLE-15172).
+- net/mlx5e: Disable hw-tc-offload when MLX5_CLS_ACT config is
+ disabled (jsc#SLE-15172).
+- net/mlx5: Maintain separate page trees for ECPF and PF functions
+ (jsc#SLE-15172).
+- net/mlx5e: Fix IPSEC stats (jsc#SLE-15172).
+- net/mlx5e: free page before return (jsc#SLE-15172).
+- ice: Fix MSI-X vector fallback logic (bsc#1180945).
+- ice: Don't allow more channels than LAN MSI-X available
+ (bsc#1180945).
+- ice: update dev_addr in ice_set_mac_address even if HW filter
+ exists (jsc#SLE-12878).
+- ice: Implement flow for IPv6 next header (extension header)
+ (jsc#SLE-12878).
+- ice: fix FDir IPv6 flexbyte (jsc#SLE-12878).
+- uapi: fix big endian definition of ipv6_rpl_sr_hdr
+ (bsc#1176447).
+- commit a3c4fad
+
+- rxrpc: Fix memory leak in rxrpc_lookup_local (bsc#1154353
+ bnc#1151927 5.3.9).
+- net/mlx5e: E-switch, Fix rate calculation for overflow
+ (jsc#SLE-8464).
+- i40e: acquire VSI pointer only after VF is initialized
+ (jsc#SLE-8025).
+- ice: Fix MSI-X vector fallback logic (jsc#SLE-7926).
+- ice: Don't allow more channels than LAN MSI-X available
+ (jsc#SLE-7926).
+- Revert "RDMA/mlx5: Fix devlink deadlock on net namespace
+ deletion" (jsc#SLE-8464).
+- commit 76b9a3a
+
+- Refresh patches.suse/bpf-Introduce-bpf_sk_-ancestor_-cgroup_id-helpers.patch.
+ The diff for cg_skb_func_proto was wrongly applied to
+ tc_cls_act_func_proto.
+- commit 6cbb315
+
+- selftests/bpf: Fix "dubious pointer arithmetic" test
+ (bsc#1177028).
+- commit eb710d9
+
kernel-firmware
+- Correct the RPi4 brcm config to recover the WiFi breakage
+ (bsc#1182320):
+ Revert-brcm-rpi4-boardflags3-bit.patch
+
+- Update to version 20210208 (commit b79d2396bc63):
+ * Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304
+ * linux-firmware: add firmware for MT7921
+ * rtw88: RTL8821C: Update firmware to v24.8
+ * linux-firmware: Update firmware file for Intel Bluetooth AX210
+ * linux-firmware: Update firmware file for Intel Bluetooth AX200
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * i915: Add DMC v2.01 for ADL-S
+ * i915: Add HuC v7.7.1 for DG1
+ * i915: Add GuC v49.0.1 for DG1
+ * qcom: Add venus firmware files for VPU-1.0
+ * qcom: Add SM8250 Compute DSP firmware
+ * qcom: Add SM8250 Audio DSP firmware
+ * qcom: add firmware files for Adreno a650
+
+- Update to version 20210119 (git commit 05789708b79b):
+ * brcm: Link RPi4's WiFi firmware with DMI machine name.
+ * brcm: Add NVRAM for Vamrs 96boards Rock960
+ * brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes
+ * cypress: Fix link direction
+ * cypress: Link the new cypress firmware to the old brcm files
+ * brcm: remove old brcm firmwares that have newer cypress variants
+ * rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB
+ * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253
+ * rtl_bt: Add firmware and config files for RTL8852A BT USB chip
+ * rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644
+- Fix install-split.sh to deal with the quoted spaces
+- Update aliases
+
kernel-firmware:compressed
+- Correct the RPi4 brcm config to recover the WiFi breakage
+ (bsc#1182320):
+ Revert-brcm-rpi4-boardflags3-bit.patch
+
+- Update to version 20210208 (commit b79d2396bc63):
+ * Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304
+ * linux-firmware: add firmware for MT7921
+ * rtw88: RTL8821C: Update firmware to v24.8
+ * linux-firmware: Update firmware file for Intel Bluetooth AX210
+ * linux-firmware: Update firmware file for Intel Bluetooth AX200
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * i915: Add DMC v2.01 for ADL-S
+ * i915: Add HuC v7.7.1 for DG1
+ * i915: Add GuC v49.0.1 for DG1
+ * qcom: Add venus firmware files for VPU-1.0
+ * qcom: Add SM8250 Compute DSP firmware
+ * qcom: Add SM8250 Audio DSP firmware
+ * qcom: add firmware files for Adreno a650
+
+- Update to version 20210119 (git commit 05789708b79b):
+ * brcm: Link RPi4's WiFi firmware with DMI machine name.
+ * brcm: Add NVRAM for Vamrs 96boards Rock960
+ * brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes
+ * cypress: Fix link direction
+ * cypress: Link the new cypress firmware to the old brcm files
+ * brcm: remove old brcm firmwares that have newer cypress variants
+ * rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB
+ * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253
+ * rtl_bt: Add firmware and config files for RTL8852A BT USB chip
+ * rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644
+- Fix install-split.sh to deal with the quoted spaces
+- Update aliases
+
kexec-tools
+- Remove kexec-tools-xen-balloon-up.patch (bsc#1176606,
+ bsc#1174508)
+ This patch was introduced to address bsc#694863; it enabled kexec
+ for HVM at that time. Meanwhile Xen 4.7 introduced "soft-reset"
+ for HVM domUs. This host feature removes the requirement to
+ un-ballon the domU prior kexec.
+ With Xen 4.13 cpuid faulting became the default, which affects
+ the approach used in this patch to detect the domU type. As a
+ result, invoking kexec in dom0 failed.
+
libsolv
+- repo_write: fix handling of nested flexarray
+- improve choicerule generation a bit more to cover more cases
+- harden testcase parser against repos being added too late
+- support python-3.10
+- check %_dbpath macro in rpmdb code
+- handle default/visible/langonly attributes in comps parser
+- support multiple collections in updateinfo parser
+- add '-D' option in rpmdb2solv to set the dbpath
+- bump version to 0.7.17
+
libstorage-ng
+- merge gh#openSUSE/libstorage-ng#798
+- handle logical partitions in Pool::create_partitions
+- 4.3.88
+
+- merge gh#openSUSE/libstorage-ng#797
+- added function to calculate size of underlying devices of MD RAID
+- added unit tests
+- updated documentation
+- 4.3.87
+
libxcrypt
+- add compatibility provides for Step 15 as well (bsc#1181571)
+
libzypp
+- Try to provide a mounted /proc in --root installs (bsc#1181328)
+ Some systemd tools require /proc to be mounted and fail if it's
+ not there.
+- Enable release packages to request a releaxed suse/opensuse
+ vendorcheck in dup when migrating. (bsc#1182629)
+- version 17.25.8 (22)
+
+- Patch: Identify well-known category names (bsc#117984)
+ This allows to use the RH and SUSE patch categrory names
+ synonymously:
+ (recommendedi = bugfix) and (optional = feature = enhancement).
+- Add missing includes for GCC 11 compatibility.
+- Fix %posttrans script execution (fixes #265)
+ The scripts are execuable. No need to call them through 'sh -c'.
+- Commit: Fix rpmdb compat symlink in case rpm got removed.
+- Repo: Allow multiple baseurls specified on one line (fixes #285)
+- Regex: Fix memory leak and undefined behavior.
+- Add rpm buildrequires for test suite (fixes #279)
+- Use rpmdb2solv new -D switch to tell the location ob the
+ rpmdatabase to use.
+- BuildRequires: libsolv-devel >= 0.7.17.
+- version 17.25.7 (22)
+
lightdm
+- Add lightdm-glibc-2.33-fix.patch that fixes issue with glibc 2.33
+ (boo#1181778). The patch was suggested as gh#168.
+
lvm2
+- revert commit which caused a regression:
+ lvm2 should use 'external_device_info_source="udev"' by default (bsc#1179691)
+ - change lvm.conf item external_device_info_source from none to udev
+
+- back port lvmlockd adopt orphan locks feature into sles15sp2 (bsc#1181319)
+ + bug-1181319_01-Revert-lvmlockd-use-commonly-used-define-NOTIFYDBUS_.patch
+ + bug-1181319_02-lvmlockctl-ensure-result-value-is-always-defined.patch
+ + bug-1181319_03-lvmlockctl-use-inline-initilizers.patch
+ + bug-1181319_04-lvmlockd-replace-lock-adopt-info-source.patch
+ + bug-1181319_05-cov-check-sscanf-result.patch
+
pam
+- Create macros.pam with definition of %_pamdir so packages which
+ are commonly shared between Factory and SLE can use this macro
+ [pam.spec]
+
patterns-base
-- Support multiversion(kernel) with purge-kernels.service separated
- from dracut (jsc#SLE-10162).
+- bootloader pattern should not require a base pattern
+
+- Remove yast2-qt requires on x11 pattern, there is already
+ an equivalent recommends in the pattern.
+
+- Add selinux pattern
+
+- Have pattern enhanced_base recommend documentation:
+ patterns-base-documentation in turn recommends man-pages (man cp)
+ and pam-doc (boo#1177828).
+
+- Handle the yast pattern split into basis, desktop and server (boo#1159875)
+
+- Don't recommend lightdm directly, also allow other DMs
+
+- Move pam_pwquality to Recommends section, as it is not required
+ and user should be able to de-install the full pwquality stack.
+
+- Stop trying to install grub2-branding on ppc64/ppc64le [boo#1171146]
+
+- Suggest postfix from the basesystem pattern: suggested packages
+ are not flagged for installation, but give the solver a hint. So
+ in case something wants an MTA (smtp_daemon), openSUSE installs
+ will all default to postfix (as the base pattern is generally
+ installed). Users are still free to switch as they wish
+ (boo#1136078).
+
+- re-add ppc64-diag on ppc64le (bsc#1098849).
+
+- Suggest xz in base, as it is now required by aaa_base and we don't
+ want that zypper uses busybox instead [bsc#1172209]
+
+- Re-add purge-kernels-service dependency (boo#1168727).
+ Support multiversion(kernel) with purge-kernels.service separated from dracut
+ (jsc#SLE-10162).
+- Call perl directly in pre_checkin.sh. create_32bit-patterns_file.pl is not
+ executable when checked out from OBS.
+- Skip bootloader in pre_checkin.sh
+- Re-generate 32bit patterns.
+
+- Require pam_pwquality in base as it's the replacement for
+ pam_cracklib, previously part of the required pam package
+
+- Use requires in update-test pattern so it also works when
+ installing with recommends disabled.
+- Require update-test pattern from sw_management pattern instead of
+ subtle supplements for same reason.
+
+- basic_desktop: Fix icon
+
+- Recommend bash-completion in enhanced_base as it got lost in the
+ base pattern cleanup
+
+- bootloader: pull in grub2-snapper plugin if snapper is installed
+
+- base pattern cleanup:
+ * make minimal_base really minimal by moving packages to base instead. Only
+ pull in the release package and branding. So this is really what
+ can be used for application containers, portable services etc.
+ In it's current form it also pulls in bash, glibc, coreutils
+ etc, so no need to specify explicitly.
+ * strip down base so it forms a minimal booting system that can install
+ packages.
+ * don't pull in man into transactional system
+
+- Add bootloader pattern. Useful for appliances to not repeat the logic
+ in kiwi files.
+
+- drop telnet from enhanced_base recommendations
+
+- Fix basic_desktop upgrade path for SLE-15 SP2 and later
+- Put transactional_base in alphabetical order
+- Fix SLE bug in generation of txt files for basic_desktop
+
+- Re-enable purge-kernels-service dependency: dracut dropped the service.
+ (boo#1161620,boo#1161780)
+
+- Disable purge-kernels-service dependency for now: dracut has not
+ yet been updated to no longer ship the service file.
+
+- Support multiversion(kernel) with purge-kernels.service separated from dracut
+ (jsc#SLE-10162, jsc#SLE-10465).
+
+- Drop Obsoletes: pattern() = readonly_root_tools: RPM only honors
+ obsoletes against package names, so this obsoletes is in fact
+ useless. WithRPM 4.15, there is a syntax check which even
+ disallows Obsoletes against non-valid names.
+
+- Remove tcpdump from enhanced_base
+
+- transactional_base require man by default (boo#1127539)
-- recomment issue-generator in the minimal_base pattern rather than
- the release package (boo#1133636)
+- Added snapper back to base pattern as recommended package, the
+ workaround for boo#1151148
-- Move haveged from enhanced_base to minimal_base (bsc#1131369).
+- minimal_base: add libnss_usrfiles2, required to read /usr/etc
-- Remove btrfsmaintenance from patterns-base (boo#1063638)
+- minimal_base: remove dracut. Only useful when there is also a
+ kernel and the kernel requires it anyways.
+- base:
+ * remove bootloader packages. They are only required on real
+ hardware or VMs. YaST will add them.
+ * remove btrfsprogs. Has supplemements on btrfs so will be auto
+ installed when on btrfs. Also yast installs it.
+ * remove snapper (supplements btrfsprogs)
+ * move openssh to enhanced_base
+- enhanced_base:
+ * iproute2 already in minimal_base
+ * remove explicit grub and plymouth branding. They are pulled
+ via supplements
+- documentation:
+ * remove info2html, old tool not useful today.
+ * susehelp and sled manuals no longer exist
+ * Use minimal_base as Basesystem is just an alias
+- sw_management:
+ * require zypper also on TW
+
+- use obsolete_legacy_pattern macro for readability
+- drop _opt patterns and integrate them into main patterns to reduce complexity
+
+- use journal by default (boo#1143144)
+
+- Add openSUSE Welcome to be included in the x11_enhanced pattern.
+
+- Drop google-roboto-fonts recommends: nothing really depends on
+ it and roboto is not used as default font in any openSUSE setup
+ (boo#1144135).
+
+- Add %files section for basic_desktop, or the package won't be
+ generated.
+- Provide pattern() = basic_desktop
+
+- Create basic_desktop pattern containing the desktop packages like
+ icewm that are wanted on a basic sles desktop but not in every
+ openSUSE install (boo#1124865)
+- .Remove some duplicated packages in x11_enhanced
+- Regenerate 32bit patterns
+
+- move haveged to base instead of minimal_base as the comment indicates that
+ minimal_base should not have recommended packages.
+- recomment issue-generator in the base pattern rather than the release package
+ (boo#1133636)
+
+- Move haveged from enhanced_base to minimal_base (bsc#1131369).
-- Do not require openssh-askpass-gnome on openSUSE it doesn't make
- sense for most desktops (boo#1124865)
-- enhanced_base does not need to recommend sw_management or yast
- these are pulled in from enough other more sensible places.
+- Suggest openSUSE-release to guide zypper away from picking
+ openSUSE-Tumbleweed-Kubic-release automatically
+- Re-run pre_checkin.sh, updating -32bit patterns
+ Extended to openSUSE on request by fcrozat.
+- Insert comments to keep format_spec_file from reordering too much
-- Don't hard-require busybox-static in minimal_base (bsc#1126436)
-- Run pre_checkin.sh
+- Strip down minimal_base pattern:
+ * Drop elfutils Requires: all tools from elfutils exist in
+ binutils, without the eu- prefix.
+ * Drop openssh requires: forcing a user to have openssh present no
+ matter what, without a possibility to uninstall it, is not
+ wanted.
+ * Drop sysvinit requires: this is a dependency to systemd after
+ all.
+- Move systemd-coredump and busybox-static from requires in
+ minimal_base to recommends in base (users are free to uninstall
+ those tools and their use in e.g. containers is questionable).
-- Add busybox-static to Minimal system so people can recover really
- broken systems
-
+- Pull in below changes made to SLE / openSUSE 15.1 patterns by
+ kukuk@suse.de
+- Version: 20190206
+- Remove minimal_base_conflicts, its not in SLE or Leap anymore
+ (boo#1103325)
+- Change all the Recommends in minimal_base to Requires,
+ minimal_base is always installed and can't be installed with
+ - -no-recommends (boo#1103326)
+- Hardware specific packages should be in base pattern not
+ minimal_base (boo#1106405)
+- busybox should be in minimal_base to allow recovery from a big
+ system failure
+- Remove some duplicate entries between base and minimal_base
+- Suggest rather then recommend man-pages (boo#1116987)
+- Require xorg-x11-essentials rather then recommending xorg-x11
+ (boo#1121730)
+- Recommend Web-web_browser and suggest Firefox to make it possible
+ to install chromium instead
+- Recommend rather then require multipath-tools, it is only in
+ enhanced_base so requiring it doesn't make sense, if it Should
+ be required it likely should be in base
+- general cleanup, fix meta info spec-cleaner re arranged remove
+ commented out packages
+
+- update version number to current date
+
+- recommend grub2-*arm*efi variants for arm/arm64 (bsc#1120804)
+- recommend shim for aarch64
+
+- Recommend grub2-x86_64-efi by base pattern on x86_64: since we use
+ the shim RPMs from Leap, there is currently no dependency on
+ grub2-x86_64-efi defined. Once shim changes that, we can drop the
+ recommends here.
+
+- Drop recommends to net-tools (no more tools of general
+ usefulnes), popt and pcre (both are just libraries nowadays,
+ which are pulled in by normal dependencies)
+
-- transactional_base now requires base, recommends enhanced_base
- (bsc#1111311)
-
-- Remove libnss_usrfiles2 from transactional server pattern
-
-- Make transactional_base pattern available for SLE (fate#326327)
-- Sync transactional_base pattern with Factory/patterns-base
+- Recommend new package system-tuning-common-SUSE in
+ enhanced_base
-- moved xfsprogs from enhanced_base pattern to
- minimal base pattern, changed 'suggests:' to 'recommends:' while
- doing so. [bsc#1095916]
+- transactional_base now requires base, recommends enhanced_base
+ (boo#1111426)
+- nfs-doc is now installed with supplements
+- remove the list of openSUSE only packages that was rejected for
+ inclusion in SLE.
+- Add bug numbers for TODO's
+
+- Merge back in Leap 15 / SLE changes, important items from that
+ packages changlog can be found below
+ lnussel@suse.de
-
-
-- Rework x11 pattern bsc#1086663
-- Recommend terminfo in minimal_base bsc#1081747
-- rpm doesn't need to be in base and minimal_base_conflicts
-- dont create transactional_base-32bit pattern.
-- Regenerate 32bit patterns
-
-
-
-
-- Rename readonly_root_tools to transactional_base (boo#1089095)
-- Correct transactional server role pattern to use enhanced_base
- (boo#1088884)
-
-- Do not recommends on SLE patterns which aren't shipped on SLE.
-- Ensure recommends on ntfs-3g and ntfsprogs are enabled on SLE
- (bsc#1087242).
-
-- drop patterns-base-32bit pattern for s390 and s390x [bsc#1088669]
-- re-run create_32bit-patterns_file.pl
-
-- Don't install systemd-coredump by default on Leap (bsc#1083849)
-
-- Add systemd-coredump to the list of recommended packages of miminal_base
- Latest systemd package splitted off its coredump management facility
- into a sub-package. Recommend this package so this functionnality is
- still available by default on SLE (but will be disabled on Leap, see
- bsc#1083849).
- Also give the possibility to block it by using a soft dep
- (Recommends:). This might be needed on live images for example where
- space is rather low.
-
+- Don't generate 32bit patterns for readonly_root_tools
+- Add create_32bit-patterns_file.pl as source
+- guard some sle specifics with %is_opensuse
+ sflees@suse.de
+- Rework x11 pattern bsc#1086663
+- Recommend terminfo in minimal_base bsc#1081747
+- rpm doesn't need to be in base and minimal_base_conflicts
+- dont create transactional_base-32bit pattern.
-
-- added timezone as recommended to minimal_base pattern
- [bsc#1085075]
-
-- ethtool is available on SLE 15, moving out of "opensuse only"
- section [bsc#1087354]
-
-
-- regenerate 32bit patterns
-- Don't generate 32bit patterns for readonly_root_tools
-
-- Introduce readonly_root_tools pattern for Read-Only Root
- Filesystem (boo#1084149)
-
-- put cron in base system (bsc#1072602)
-
-
-
-- Don't require apparmor-docs, only recommend it
-- Require xorg-x11-fonts-core instead of xorg-x11-fonts
-- Don't require xorg-x11, only recommend it
-
-
-- Regenerate 32bit patterns
-
-- Ensure xorg-x11-driver-input is required for x11 pattern, except
- on s390/390x where it doesn't exist.
-
-- Version: 20171206
-- Fix the formatting mess spec cleaner reintroduced (again)
-
-- Recommends plymouth on SLE (bsc#1067481).
-
-- Add create_32bit-patterns_file.pl as source
-- guard some sle specifics with %is_opensuse
-
-- Ensure openSUSE patterns aren't provided / obsoletes when
- building for SLE.
-- Add Recommend to enhanced_base: OpenIPMI bash-completion cpp
- cryptconfig expect ipmitool lvm2 m4 make mksh mutt quota
- supportutils sysfsutils tcsh w3m lsof psmisc sudo.
-- Add grub2-branding-SLE recommends on enhanced_base on SLE.
-- Fix description of minimal_base on SLE.
-
-- Remove salt-minion from base [bsc#1064266]
-
-- Regenerate 32bit patterns
-
-- Move tar to minimal pattern, too many low level tools assume
- tar is installed by default
-
-- Recommend glibc-locale from minimal_base not enhanced_base,
- we install in en_US, so we need a locale one way or the other.
- Requiring it from enhanced_base now to make sure it's part of
- regular installations (but can be disabled for e.g. chroots
- with C locale - bsc#1057377)
-
-
-- Do not provide x11 in x11_enhanced but require it
-- Move basic X11 apps to x11 pattern and Firefox to x11_enhanced
-- Remove tcl and tk from default installation
-
-- Rename xterm-bin back to xterm, we still have xterm.rpm
-
-- Remove libnss_compat2 (dropped, still part of glibc) and
- libnss_nis2 (needs to be together with ypbind)
-
-- Remove again added pam-modules, this package deprecated since
- many years.
-
-
+ fcrozat@suse.com
+- Do not recommends on SLE patterns which aren't shipped on SLE.
+- Ensure recommends on ntfs-3g and ntfsprogs are enabled on SLE
+ (bsc#1087242).
+- Ensure xorg-x11-driver-input is required for x11 pattern, except
+ on s390/390x where it doesn't exist.
+- Recommends plymouth on SLE (bsc#1067481).
+- Ensure openSUSE patterns aren't provided / obsoletes when
+ building for SLE.
+- Add Recommend to enhanced_base: OpenIPMI bash-completion cpp
+ cryptconfig expect ipmitool lvm2 m4 make mksh mutt quota
+ supportutils sysfsutils tcsh w3m lsof psmisc sudo.
+- Add grub2-branding-SLE recommends on enhanced_base on SLE.
+- Fix description of minimal_base on SLE.
+ behlert@suse.de
+- drop patterns-base-32bit pattern for s390 and s390x [bsc#1088669]
+- added timezone as recommended to minimal_base pattern
+ [bsc#1085075]
+- ethtool is available on SLE 15, moving out of "opensuse only"
+ section [bsc#1087354]
+ okurz@suse.com
+- put cron in base system (bsc#1072602)
+ fvogt@suse.com
+- Don't require apparmor-docs, only recommend it
+- Require xorg-x11-fonts-core instead of xorg-x11-fonts
+- Don't require xorg-x11, only recommend it
+ kukuk@suse.de
+- Remove salt-minion from base [bsc#1064266]
+- Move tar to minimal pattern, too many low level tools assume
+ tar is installed by default
+- Rename xterm-bin back to xterm, we still have xterm.rpm
+- Remove libnss_compat2 (dropped, still part of glibc) and
+ libnss_nis2 (needs to be together with ypbind)
+- Remove again added pam-modules, this package deprecated since
+ many years.
+ coolo@suse.com
+- Recommend glibc-locale from minimal_base not enhanced_base,
+ we install in en_US, so we need a locale one way or the other.
+ Requiring it from enhanced_base now to make sure it's part of
+ regular installations (but can be disabled for e.g. chroots
+ with C locale - bsc#1057377)
+- Do not provide x11 in x11_enhanced but require it
+- Move basic X11 apps to x11 pattern and Firefox to x11_enhanced
+- Remove tcl and tk from default installation
+ fbui@suse.com
+- Don't install systemd-coredump by default on Leap (bsc#1083849)
+- Add systemd-coredump to the list of recommended packages of miminal_base
+ Latest systemd package splitted off its coredump management facility
+ into a sub-package. Recommend this package so this functionnality is
+ still available by default on SLE (but will be disabled on Leap, see
+ bsc#1083849).
+ Also give the possibility to block it by using a soft dep
+ (Recommends:). This might be needed on live images for example where
+ space is rather low.
+
+- No longer recommend missing packages (boo#1104264):
+ * genisoimage
+ * ksymoops
+ * system-group-trusted
+
+- Remove libnss_usrfiles from transactional_base, not needed
+ anymore.
+
+- add lightdm as a recommends to x11 pattern boo#1081760
+
+- Drop recode from recommends as it was droped from distro
+ bsc#1104264
+- Drop cryptconfig from suggest as it was removed from distro
+
+- Remove btrfsmaintenance from patterns-base (boo#1063638)
+
+- Make transactional_base pattern available for SLE (fate#326327)
+
+- Only recommend rollback-helper if sle_version is defined: The
+ helper makes sense on Leap and SLE, where one can register with
+ SCC, but not for Tumbleweed.
+
+- Add busybox to base patterns in case your system explodes, in
+ past we had sash doing the same
+
+- Rename readonly_root_tools to transactional_base (boo#1089095)
+
+- Correct transactional server role pattern to use enhanced_base
+ (boo#1088884)
+
+- Recommend bash-completion by the base system (not minimal_base):
+ most users will expect it to be present and until recently, it
+ was in a recommended chain of systemd (boo#1087710).
+
+- Add systemd-coredump to the list of recommended of miminal_base
+ Latest systemd package split off its coredump management facility
+ into a sub-package. Recommend this package so this functionnality is
+ still available by default on Factory but give the possibility to
+ block it by using a soft dep (Recommends:). This might be needed on
+ live images for example where space is rather low.
+
+- Introduce readonly_root_tools pattern for Read-Only Root
+ Filesystem (boo#1084149)
+
+- Remove finger from enahnced_base_opt as functionality already
+ provided by pinky in coreutils.
+
+- Replace SuSEfirewall2 with firewalld in enhanced_base
+ (fate#323460).
+
+- Switch ntp-client from ntp to chrony: replace corresponding
+ recommends in console and enhanced_base pattern (FATE#323432).
+
+- move plymouth from base to X11. No need to have a fancy boot splash that
+ pulls in extra deps for a text console (boo#1066510)
+
+- Swap back to SuSEfirewall2, its not fully intergrated everywhere
patterns-desktop
+- Rename laptop pattern to mobile (jsc#SLE-11520).
+- Remove from laptop/mobile pattern, pcmciautils (obsolete),
+ wireless-regdb (required by crda), laptop-mode-tools (tlp does
+ the same and is recommended).
+
+- merge _opt patterns into main patterns
+
+- Use much more fitting pattern-laptop icon for laptop pattern.
+
patterns-yast
+- Do not recomment yast2-fonts (bsc#1179866).
+- 20201210
+
+- Split basis pattern into basis, desktop and server (boo#1159875)
+- 20191229
+
perl-Bootloader
+- merge gh#openSUSE/perl-bootloader#133
+- use shim on aarch64 (jsc#SLE-15823, jsc#SLE-15020)
+- 0.933
+
php7
+ fix CVE-2021-21702 [bsc#1182049], NULL pointer dereference in SoapClient
+ + php7-CVE-2021-21702.patch
+
+- security update
+- added patches
postfix
+- (bsc#1180473) [Build 20201230] postfix has invalid default config
+ (bsc#1181381) [Build 130.3] openQA test fails in mta, mutt -
+ postfix broken: "queue file write error" and "error: unsupported
+ dictionary type: hash"
+ Export DEF_DB_TYPE before starting the perl script.
+
+- bsc#1180473 - [Build 20201230] postfix has invalid default config
+ Fixing config.postfix and sysconfig.postfix
+
+- Update to 3.5.9
+ * improves the reporting of DNSSEC problems that may affect
+ DANE security
+
+- Only do the conversion from the hash/btree databases to lmdb when
+ the default database type changes from hash to lmdb and do not
+ stop and start the service (the old compiled databases can live
+ together with the new ones)
+ - convert-bdb-to-lmdb.sh
+- Clean up the specfile
+ * Remove < 1330 conditional builds
+ * Use generated postfix-files instead of the obsolete one from
+ postfix-SUSE.tar.gz
+ * Use dynamicmaps.cf.d instead of modifying dynamicmaps.cf upon
+ (de)installation of optional mysql, pgsql and ldap subpackages
+ * Use default location for post-install, postfix-tls-script,
+ postfix-wrapper and postmulti-script
+
+- Set lmdb to be the default db.
+- Convert btree tables to lmdb too. Stop postfix before converting from
+ bdb to lmdb
+- This package is without bdb support. That's why convert must be done
+ without any suse release condition.
+ o remove patch postfix-no-btree.patch
+ o add set-default-db-type.patch
+
+- Set database type for address_verify_map and postscreen_cache_map
+ to lmdb (btree requires Berkeley DB)
+ o add postfix-no-btree.patch
+
+- Set default database type to lmdb and fix update_postmaps script
+
+- Use variable substition instead of sed to remove .db suffix and
+ substitute hash: for lmdb: in /etc/postfix/master.cf as well.
+ Check before substitution if there is something to do (to keep
+ rpmcheck happy).
+
+- Remove Berkeley DB dependency (JIRA#SLE-12191)
+ The pacakges postfix is build without Berkely DB support.
+ lmdb will be used instead of BDB.
+ The pacakges postfix-bdb is build with Berkely DB support.
+ o add patch for main.cf for postfix-bdb package
+ postfix-bdb-main.cf.patch
+
+- Update to 3.5.8
+ * The Postfix SMTP client inserted <CR><LF> into message headers longer
+ than $line_length_limit (default: 2048), causing all subsequent header
+ content to become message body content.
+ * The postscreen daemon did not save a copy of the
+ postscreen_dnsbl_reply_map lookup result. This has no effect when the
+ recommended texthash: look table is used, but it could result in stale
+ data with other lookup tables.
+ * After deleting a recipient with a Milter, the Postfix recipient
+ duplicate filter was not updated; the filter suppressed requests
+ to add the recipient back.
+ * Memory leak: the static: maps did not free their casefolding buffer.
+ * With "smtpd_tls_wrappermode = yes", the smtps service was waiting for a
+ TLS handshake, after processing an XCLIENT command.
+ * The smtp_sasl_mechanism_filter implementation ignored table lookup
+ errors, treating them as 'not found'.
+ * The code that looks for Delivered-To: headers ignored headers longer
+ than $line_length_limit (default: 2048).
+
+- Update to 3.5.7
+ * Fixed random certificate verification failures with
+ "smtp_tls_connection_reuse = yes", because tlsproxy(8) was using
+ the wrong global TLS context for connections that use DANE or
+ non-DANE trust anchors.
+
+- Move ldap into an own sub-package like all other databases
+- Move manual pages to correct sub-package
+
+- Use sysusers.d to create system accounts
+- Remove wrong %config for systemd directory content
+
+- Use the correct signature file for source verification
+- Rename postfix-3.5.6.tar.gz.sig to postfix-3.5.6.tar.gz.asc (to
+ prevent confusion, as the signature file from upstream with .sig
+ extension is incompatible with the build service)
+
+- Update to 3.5.6 with following fixes:
+ * Workaround for unexpected TLS interoperability problems when Postfix
+ runs on OS distributions with system-wide OpenSSL configurations.
+ * Memory leaks in the Postfix TLS library, the largest one
+ involving multiple kBytes per peer certificate.
+
+- Add source verification (add postfix.keyring)
+
+- Use systemd_ordering instead of systemd_require.
+- Move /etc/postfix/system to /usr/lib/postfix/systemd [bsc#1173688]
+- Drop /var/adm/SuSEconfig from %post, it does nothing.
+- Rename postfix-SuSE to postfix-SUSE
+- Delete postfix-SUSE/README.SuSE, company name spelled wrong,
+ completly outdated and not used.
+- Delete postfix-SUSE/SPAMASSASSIN+POSTFIX.SuSE, company name
+ spelled wrong, outdated and not used.
+- sysconfig.mail-postfix: Fix description of MAIL_CREATE_CONFIG,
+ SuSEconfig is gone since ages.
+- update_chroot.systemd: Remove advice to run SuSEconfig.
+- Remove rc.postfix, not used, outdated.
+- mkpostfixcert: Remove advice to run SuSEconfig.
+
+- Update to 3.5.4:
+ * The connection_reuse attribute in smtp_tls_policy_maps always
+ resulted in an "invalid attribute name" error.
+ * SMTP over TLS connection reuse always failed for Postfix SMTP
+ client configurations that specify explicit trust anchors (remote
+ SMTP server certificates or public keys).
+ * The Postfix SMTP client's DANE implementation would always send
+ an SNI option with the name in a destination's MX record, even
+ if the MX record pointed to a CNAME record. MX records that
+ point to CNAME records are not conformant with RFC5321, and so
+ are rare.
+ Based on the DANE survey of ~2 million hosts it was found that
+ with the corrected SMTP client behavior, sending SNI with the
+ CNAME-expanded name, the SMTP server would not send a different
+ certificate. This fix should therefore be safe.
+
+- Update to 3.5.3:
+ * TLS handshake failure in the Postfix SMTP server during SNI
+ processing, after the server-side TLS engine sent a TLSv1.3
+ HelloRetryRequest (HRR) to a remote SMTP client.
+ * The command "postfix tls deploy-server-cert" did not handle a
+ missing optional argument. This bug was introduced in Postfix
+ 3.1.
+
+- Update to 3.5.2:
+ * A TLS error for a database client caused a false 'lost connection'
+ error for an SMTP over TLS session in the same Postfix process.
+ This bug was introduced with Postfix 2.2.
+ * The same bug existed in the tlsproxy(8) daemon, where a TLS
+ error for one TLS session could cause a false 'lost connection'
+ error for a concurrent TLS session in the same process. This
+ bug was introduced with Postfix 2.8.
+ * The Postfix build now disables DANE support on Linux systems
+ with libc-musl such as Alpine, because libc-musl provides no
+ indication whether DNS responses are authentic. This broke DANE
+ support without a clear explanation.
+ * Due to implementation changes in the ICU library, some Postfix
+ daemons reported file access errrors (U_FILE_ACCESS_ERROR) after
+ chroot(). This was fixed by initializing the ICU library before
+ making the chroot() call.
+ * Minor code changes to silence a compiler that special-cases
+ string literals.
+ * Segfault (null pointer) in the tlsproxy(8) client role when the
+ server role was disabled. This typically happened on systems
+ that do not receive mail, after configuring connection reuse
+ for outbound SMTP over TLS.
+ * The date portion of the maillog_file_rotate_suffix default value
+ used the minute (%M) instead of the month (%m).
+
+- boo#1106004 fix incorrect locations for files in postfix-files
+
+- Dropped deprecated-RES_INSECURE1.patch to make DNSSEC-secured
+ lookups and DANE mail transport work again
+- Update to 3.5.1:
+ * Support for the haproxy v2 protocol. The Postfix implementation
+ supports TCP over IPv4 and IPv6, as well as non-proxied
+ connections; the latter are typically used for heartbeat tests.
+ * Support to force-expire email messages. This introduces new
+ postsuper(1) command-line options to request expiration, and
+ additional information in mailq(1) or postqueue(1) output.
+ * The Postfix SMTP and LMTP client support a list of nexthop
+ destinations separated by comma or whitespace. These destinations
+ will be tried in the specified order.
+ * Incompatible changes:
+ * Logging: Postfix daemon processes now log the from= and to=
+ addresses in external (quoted) form in non-debug logging (info,
+ warning, etc.). This means that when an address localpart
+ contains spaces or other special characters, the localpart will
+ be quoted, for example:
+ from=<"name with spaces"@example.com>
+ Specify "info_log_address_format = internal" for backwards compatibility.
+ * Postfix now normalizes IP addresses received with XCLIENT,
+ XFORWARD, or with the HaProxy protocol, for consistency with
+ direct connections to Postfix. This may change the appearance
+ of logging, and the way that check_client_access will match
+ subnets of an IPv6 address.
+
+- Update to 3.4.10:
+ * Bug (introduced: Postfix 2.3): Postfix Milter client state
+ was not properly reset after one Milter in a multi-Milter
+ configuration failed during MAIL FROM, resulting in a Postfix
+ Milter client panic during the next MAIL FROM command in the
+ same SMTP session.
+
+- bsc#1162891 server:mail/postfix: cond_slp bug on TW after
+ moving /etc/services to /usr/etc/services
+
+- bsc#1160413 postfix fails with -fno-common
+
+- Update to 3.4.9:
+ * Bug (introduced: Postfix 3.1): smtp_dns_resolver_options were
+ broken while adding support for negative DNS response caching
+ in postscreen. Postfix was inadvertently changed to call
+ res_query() instead of res_search().
+ * Bug (introduced: Postfix 2.5): Postfix ignored the CONNECT macro
+ overrides from a Milter application. Postfix now evaluates the
+ Milter macros for an SMTP CONNECT event after the Postfix-to-Milter
+ connection is negotiated.
+ * Bug (introduced: Postfix 3.0): sanitize (remote) server responses
+ before storing them in the verify database, to avoid Postfix
+ warnings about malformed UTF8. Found during code maintenance.
+
+- Update to 3.4.8:
+ * Fix for an Exim interoperability problem when postscreen after-220
+ checks are enabled. Bug introduced in Postfix 3.4: the code
+ that detected "PIPELINING after BDAT" looked at the wrong
+ variable. The warning now says "BDAT without valid RCPT", and
+ the error is no longer treated as a command PIPELINING error,
+ thus allowing mail to be delivered. Meanwhile, Exim has been
+ fixed to stop sending BDAT commands when postscreen rejects all
+ RCPT commands.
+ * Usability bug, introduced in Postfix 3.4: the parser for
+ key/certificate chain files rejected inputs that contain an EC
+ PARAMETERS object. While this is technically correct (the
+ documentation says what types are allowed) this is surprising
+ behavior because the legacy cert/key parameters will accept
+ such inputs. For now, the parser skips object types that it
+ does not know about for usability, and logs a warning because
+ ignoring inputs is not kosher.
+ * Bug introduced in Postfix 2.8: don't gratuitously enable all
+ after-220 tests when only one such test is enabled. This made
+ selective tests impossible with 'good' clients. This will be
+ fixed in older Postfix versions at some later time.
+
pulseaudio
+- Drop the bad patch: pulseaudio-wrong-memset.patch
+ the patch has been wrongly refreshed, mutated into a harmful form.
+ The original bug has been already fixed in the upstream commit 764eabd10.
+
+- Supplement pulseaudio-bash-completion against bash-completion,
+ not bash.
+
qemu
+- Fix uninitialized variable in ipxe driver code (boo#1181922)
+ ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch
+- Add a few improvements to the git-based package workflow scripts
+
+- Include additional upstream patches designated as stable material
+ and reviewed for applicability to include here
+ blockjob-Fix-crash-with-IOthread-when-bl.patch
+ monitor-Fix-assertion-failure-on-shutdow.patch
+ qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch
+ qemu-storage-daemon-Enable-object-add.patch
+
+- Switch the modules qemu-ui-display-gpu and qemu-ui-display-gpu-pci
+ from being an x86 only Recommends, to a Recommends for all arch's
+ except s390x (boo#1181350)
+- Fix qemu-hw-usb-smartcard to not be a Recommends for s390x
+- Minor spec file tweaks for compatibility with upcoming spec file
+ formatter
+
+- Make note that this patch takes care of an OOB access in ARM
+ interrupt handling (CVE-2021-20221 bsc#1181933)
+ hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
+
+- Include upstream patches designated as stable material and
+ reviewed for applicability to include here
+ block-Separate-blk_is_writable-and-blk_s.patch
+ hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
+ hw-net-lan9118-Fix-RX-Status-FIFO-PEEK-v.patch
+ hw-timer-slavio_timer-Allow-64-bit-acces.patch
+ net-Fix-handling-of-id-in-netdev_add-and.patch
+ target-arm-Don-t-decode-insns-in-the-XSc.patch
+ target-arm-Fix-MTE0_ACTIVE.patch
+ target-arm-Introduce-PREDDESC-field-defi.patch
+ target-arm-Update-PFIRST-PNEXT-for-pred_.patch
+ target-arm-Update-REV-PUNPK-for-pred_des.patch
+ target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch
+ tcg-Use-memset-for-large-vector-byte-rep.patch
+ ui-vnc-Add-missing-lock-for-send_color_m.patch
+ virtio-move-use-disabled-flag-property-t.patch
+
+- binutils v2.36 has changed the handling of the assembler's
+ - mx86-used-note, resulting in a build failure. To compensate, we
+ now explicitly specify -mx86-used-note=no in the seabios Makefile
+ (boo#1181775)
+ build-be-explicit-about-mx86-used-note-n.patch
+
s390-tools
+- Added s390-tools-sles15sp3-zkey-Fix-APQN-property-names.patch
+ (bsc#1182113)
+ Problem: The KMS configuration property names to store the CCA and
+ EP11 APQNs are incorrect, i.e. swapped.
+ Solution: Correct the KMS configuration property names.
+
screen
+- Fix double width combining char handling that could lead
+ to a segfault [bnc#1182092] [CVE-2021-26937]
+ new patch: combchar.diff
+
-- GNU screen 4.2.1:
- * allow for terminal with long $TERM (up to 32 characters)
- (already patched in this package previously)
- * allow to use long logins
- * documentation fixes
- * runtime fixes
-- packaging changes:
- * use source URLs
- * verify source signatures
- * drop screen-man-loginshell.diff, equivalent change upstream
- * drop term_too_long.diff, equivalent change upstream
- * drop use_locale.diff, applied upstream
- * drop msg_version_3.patch, obsolete after upstream changes
-
-- Update to 4.2.0 as released on screen-devel@gnu.org yesterday.
- Thank you Amadeusz!
- * keep libtinfo.diff (from coolo 2011, why exactly?)
- * keep global_screenrc.patch (renamed from screen-4.0.2.dif)
- * keep screen-man-loginshell.diff (to be upstreamed)
- * dropped screen-__P.diff (not needed)
- * keep term_too_long.diff (savannah#30880, to be upstreamed)
- * keep use_locale.diff (from lnt-sysadmin@lists.lrz.de 2012, check?)
- * keep screen-4.0.3-ipv6.patch (builtin telnet, to be upstreamed)
- * keep screen_enhance_windows_list.patch (to be upstreamed)
- * keep screen-poll-zombies.patch (to be upstreamed)
- * keep xX_string_escape.patch (renamed from show_all_active.patch, to be upstreamed)
- * keep sort_command.patch (from trenn 2011, to be upstreamed)
- * added msg_version_3.patch (ouch, incompatible protocol, to be upstreamed)
-- added %rundir with /var/run for 1310 and before; but /run afterwards.
- aj advocates /run for Factory; for 1310 it was banned by
- suse-filelist-forbidden-fhs23
-
-- Fix comment.
-
-- Use /run instead of /var/run.
-
-- update to current 4.0.4 git to get support for non-bmp unicode
- * remove no longer needed mappedcmd.diff
- * remove no longer needed styroptcrash.diff
-- fix potential buffer overrun in show_all_active.patch
-- redo combine screen_enhance_windows_list_1_3.patch,
- screen_enhance_windows_list_2_3.patch,
- screen_fix_wW_string_escapes_to_nearly_old_behavior.patch
- into screen_enhance_windows_list.patch.
- Do not mess with the old %w behaviour, just add support for the
- windows command argument. Fixes bnc#808565.
-
-- Patch screen_enhance_windows_list_1_3.patch changed wW string escapes
- in an unintended way.
- Fix this by ignoring longflg and behave the way wW string esacpes
- behaved with adding addtional L escape. (So %w is now what %Lw was before
- all these changes. This should be a minor, acceptable change as it was
- undocumented and it buys quite some code cleanup with it.). Patch is:
- screen_fix_wW_string_escapes_to_nearly_old_behavior.patch
-
-- Introduce Xx string escape showing the executed command of a window
- patch: show_all_active.patch
-
-- Add zombie and enhance windows commands
- screen-poll-zombies.patch: Dead windows will be restarted after
- a specified timeout (if enabled)
- screen_enhance_windows_list_1_3.patch:
- Cleanup window flags processing. This leads to a slight
- output change in "Ww" string escapes (window list), but these
- should be rather seldom used and flags are still shown.
- screen_enhance_windows_list_2_3.patch:
- Enhance windows command with an optional string escape based
- parameter which also removes the output size (1024 bytes)
- restriction (only if param is passed) of the windows command.
- If you used captions with "%w" before, you can simulate the old
- behaviour with "%-w%n* %t%+w".
-- Only Require makeinfo for openSUSE versions 11.4 and above.
- This requirement did not exist in earlier versions, now the package
- builds again for example against SLES 11 (11.4 based).
-
-- Fix sort command to not stop at window gaps.
- That can happen if windows got deleted and the window numbers do not
- increment sequentially anymore.
-
-- add use_locale.diff to fix --enable-use-locale configure option
-
-- add prereq coreutils so that mkdir works [bnc#780033]
-
-- Add build dependency on makeinfo
-
-- fix crash when doing 'screen -d -r' inside of screen
-
-- add mappedcmd.diff to make ^A DEL work again
-
-- update to screen-4.0.4devel
- * support for multiple layouts
- * no more stuck screen sessions
-
-- fix build with latest ncurses (split tinfo)
-
-- mkdir /var/run/*screen both immediatly and via systemd.
-
-- Add sort command
-- convert maxwin99bug.patch into a patch format quilt understands
-
-- Use /usr/lib/tmpfiles.d instead of /etc/tmpfiles.d.
-
-- bugfix bnc#668306, a buffer overflow with '%d'.
- Added maxwin99bug.patch
- This is already upstream, but was never released.
-
-- term_too_long.patch added.
- corresponds to savannah#30880
-
-- Add /etc/tmpfiles.d/screen.conf for /var/run on tmpfs.
-
-- BuildRequire utempter-devel
-
-- /var/run directories are created by /etc/tmpdirs.d/01_aaa_base.
-
-- Update to version 4.0.3
-- Dropped screen-4.0.2-comb.diff, upstream merged.
-
-- enable parallel building
-
-- add fedora patch for IPv6 support, this removes usage
- of gethostbyname(3)
-
-- re-add lost maxwin definition [fate#301190]
-
shadow
+- Do not require libeconf-devel on products without /usr/etc.
+
+- Split login.defs configuration file into own sub-package, which
+ allows to install util-linux or pam on small embedded/edge
+ systems or container without the need to pull in the full shadow
+ suite.
+
+- Amend patches/useradd-userkeleton.patch to also write into
+ existing directories and prefer files from /etc
+
+- Add patch useradd-userkeleton.patch to extend original C code
+ of useradd to handle /usr/etc/skel (boo#1173321)
+- Remove /usr/etc/skel support in useradd.local script
+
+- Change again useradd.local script to let it work even for system
+ accounts and work together with SELinux (bsc#1178296)
+- Change patch useradd-script.patch to support the four arguments
+ used by the useradd.local script (bsc#1178296)
+
+- Add support for /usr/etc/skel to useradd.local script (boo#1173321)
+
+- shadow-login_defs-check.sh: Fix the regexp to get a real variable
+ list (boo#1164274).
+
+- login.defs: Add support for new util-linux-2.36 login variable
+ MOTD_FIRSTONLY (shadow-util-linux.patch).
+- shadow-login_defs-comments.patch: Remove duplicated
+ LASTLOG_UID_MAX.
+- shadow-login_defs-check.sh: Update for new build system.
+- shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is
+ not used in SUSE Linux.
+- Refresh shadow-login_defs-suse.patch and
+ shadow-login_defs-comments.patch.
+
+- Use pure #!/bin/sh in:
+ * useradd.local
+ * userdel-post.local
+ * userdel-pre.local
+
+- Update to 4.8.1:
+ * selinux: include stdio
+ * man: don't suggest making groupmems user-writeable
+ * Makefile: bail out on error in for loops
+ * Adding logging of SSH_ORIGINAL_COMMAND to nologin
+ * add new HOME_MODE login.defs option
+ * Add tty logging to useradd
+ * Useradd: make non-executable shell check only a warning
+ * Update Dutch translation
+ * user_busy: Do not mistake a regular user process for a namespaced one
+ * Revert "Honor --sbindir and --bindir for binary installation"
+- Remove shadow-4.8-shell-check.patch: included
+- Remove shadow-4.8-selinux-include.patch: upstreamed
+
+- Set 0755 for chpasswd, groupadd, groupdel, groupmod, newusers,
+ useradd, userdel, usermod explicitly.
+
+- bsc#1160729: Make valid shell check only a warning
+ * Add shadow-4.8-shell-check.patch
+
+- Update to 4.8:
+ * Initial optional bcrypt support.
+ * Make build/install of 'su' optional.
+ * Fix for vipw not resuming correctly when suspended
+ * Sync password field descriptions in manpages
+ * Check for valid shell argument in useradd
+ * Allow translation of new strings through POTFILES.in
+ * Migrate to itstool for translations
+ * Migrate to new SELinux api
+ * Support --enable-vendordir
+ * pwck: Only check homedir if set and not a system user
+ * Support nonstandard usernames
+ * sget{pw,gr}ent: check for data at EOL
+ * Add YYY-MM-DD support in chage
+ * Fix failing chmod calls for suidubins
+ * Fix --sbindir and --bindir for binary installations
+ * Fix LASTLOG_UID_MAX in login.defs
+ * Fix configure error with dash
+- Remove because upstreamed:
+ * libeconf.patch
+ * shadow-usermod-variable.patch
+- Rebase:
+ * shadow-login_defs-unused-by-pam.patch
+ * chkname-regex.patch
+ * shadow-util-linux.patch
+ * shadow-login_defs-comments.patch
+- Add shadow-4.8-selinux-include.patch
+ See https://github.com/shadow-maint/shadow/pull/200
+
+- libeconf.patch: Add support for libeconf and /usr/etc for
+ login.defs.
+- Move first configuration files and pam config files to /usr/etc
+
+- bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files
+ to support kernel keyring feature
+- Update pamd.tar.bz2 with pam configuration files accordingly
+
+- encryption_method_nis.patch: drop, DES should really not be used
+ anymore anywhere, even with NIS
+- shadow-login_defs-suse.patch: remove encryption NIS entry
+
+- Fix incorrect variable name in usermod
+ (shadow-usermod-variable.patch).
+- shadow-login_defs-comments.patch:
+ * Drop SHA_CRYPT_*_ROUNDS that are in the upstream login.defs.
+ * Add missing LASTLOG_UID_MAX.
+ * Refresh shadow-login_defs-suse.patch.
+- Port shadow-login_defs-check.sh to match the current spec file
+ and login.defs.
+
+- Provide "useradd_or_adduser_dep" for sysuser-shadow
+
-- bsc#1141113: Fix segfault in useradd
- * Add shadow-4.6-bsc1141113-useradd-segfault.patch
+- Fix comment about patch in spec file
+
+- Update to 4.7:
+ * Spawn: don't loop forever on ECHILD
+ * Do not fail locking if there is a stale lockfile (Tomas Mraz)
+ * Use lckpwdf if prefix not set (Tomas Mraz)
+ * Build: check correct DocBook version (Jan Tojnar)
+ * Usermod: Print 'no changes' to stdout, not stderr (Serge Hallyn)
+ * Add support for btrfs subvolumes for home (Adam Majer)
+ * Fix chpasswd long line handling (Nathan Ruiz)
+ * Use secure_getenv for gettime (Chris Lamb)
+ * Make sp_lstchg reproducible (Chris Lamb)
+ * Do not crash commonio_close if db file is not open (Tomas Mraz)
+ * Don't flush nscd and sssd cache in read-only mode (Charlie Vuillemez)
+ * French manpage update (Alban VIDAL)
+ * Fix manpage defaults for SUB_UID/GID_COUNT (Tomas Mraz)
+ * Sync po files from shadow.pot (Alban VIDAL)
+ * Usermod: guard against unsafe chown of homedir contents (Tomas Mraz)
+ * Add LASTLOG_UID_MAX to login.defs (Tomas Mraz)
+ * new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner)
+ * Fix segfault in useradd (Tomas Mraz)
+ * Coverity issues (Tomas Mraz)
+ * Flush sssd caches (Jakub Hrozek)
+ * Log UID in nologin (Vladimir Ivanov)
+ * run pam_getenvlist after setup_env in su.c (Michael Vogt)
+ * Support systems with only utmpx (A. Wilcox)
+ * Fix unguarded ENABLE_SUBIDS code (Jan Chren (rindeal))
+ * Update po/zh_CN translation (Lion Yang)
+ * Create parent dirs for useradd -m (Michael Vetter)
+ * Prevent usermod segv
+ * Fix usermod crash (fariouche)
+- Remove btrfs-subvolumes.patch (fate#316134):
+ upstreamed: https://github.com/shadow-maint/shadow/pull/149
+- Remove useradd-mkdirs.patch (bsc#865563):
+ upstreamed https://github.com/shadow-maint/shadow/pull/112
+- Remove shadow-4.6.0-fix-usermod-prefix-crash.patch
+ upstreamed https://github.com/shadow-maint/shadow/issues/110
+- Rebase userdel-script.patch
+- Rebase useradd-script.patch
+- Rebase shadow-util-linux.patch
+
+- Make building more verbose
+- Use spec-cleaner
+
+- don't specify MOTD_FILE in login.defs but fall back to built in
+ defaults of login (boo#1133929)
+- Add shadow-login_defs-unused-check.sh to allow verification of
+ login.defs variable usage (bsc#1121197).
+- Add virtual symbols for login.defs compatibility (bsc#1121197).
sudo
+- Update to 1.9.5.p2
+ * When invoked as sudoedit, the same set of command line
+ options are now accepted as for sudo -e. The -H and -P
+ options are now rejected for sudoedit and sudo -e which
+ matches the sudo 1.7 behavior. This is part of the fix for
+ CVE-2021-3156.
+ * Fixed a potential buffer overflow when unescaping backslashes
+ in the command's arguments. Normally, sudo escapes special
+ characters when running a command via a shell (sudo -s or
+ sudo -i). However, it was also possible to run sudoedit with
+ the -s or -i flags in which case no escaping had actually
+ been done, making a buffer overflow possible.
+ This fixes CVE-2021-3156. (bsc#1181090)
+ * Fixed sudo's setprogname(3) emulation on systems that don't
+ provide it.
+ * Fixed a problem with the sudoers log server client where a
+ partial write to the server could result the sudo process
+ consuming large amounts of CPU time due to a cycle in the
+ buffer queue. Bug #954.
+ * Added a missing dependency on libsudo_util in libsudo_eventlog.
+ Fixes a link error when building sudo statically.
+ * The user's KRB5CCNAME environment variable is now preserved
+ when performing PAM authentication. This fixes GSSAPI
+ authentication when the user has a non-default ccache.
+
+- Update to 1.9.5.p1
+ * Fixed a regression introduced in sudo 1.9.5 where the editor run
+ by sudoedit was set-user-ID root unless SELinux RBAC was in use.
+ The editor is now run with the user's real and effective user-IDs.
+- News in 1.9.5
+ * Fixed a crash introduced in 1.9.4 when running "sudo -i" as an
+ unknown user. This is related to but distinct from Bug #948.
+ * If the "lecture_file" setting is enabled in sudoers, it must now
+ refer to a regular file or a symbolic link to a regular file.
+ * Fixed a potential use-after-free bug in sudo_logsrvd when the
+ server shuts down if there are existing connections from clients
+ that are only logging events and not session I/O data.
+ * Fixed a buffer size mismatch when serializing the list of IP
+ addresses for configured network interfaces. This bug is not
+ actually exploitable since the allocated buffer is large enough
+ to hold the list of addresses.
+ * If sudo is executed with a name other than "sudo" or "sudoedit",
+ it will now fall back to "sudo" as the program name. This affects
+ warning, help and usage messages as well as the matching of Debug
+ lines in the /etc/sudo.conf file. Previously, it was possible
+ for the invoking user to manipulate the program name by setting
+ argv[0] to an arbitrary value when executing sudo. (bsc#1180687)
+ * Sudo now checks for failure when setting the close-on-exec flag
+ on open file descriptors. This should never fail but, if it
+ were to, there is the possibility of a file descriptor leak to
+ a child process (such as the command sudo runs).
+ * Fixed CVE-2021-23239, a potential information leak in sudoedit
+ that could be used to test for the existence of directories not
+ normally accessible to the user in certain circumstances. When
+ creating a new file, sudoedit checks to make sure the parent
+ directory of the new file exists before running the editor.
+ However, a race condition exists if the invoking user can replace
+ (or create) the parent directory. If a symbolic link is created
+ in place of the parent directory, sudoedit will run the editor
+ as long as the target of the link exists. If the target of the
+ link does not exist, an error message will be displayed. The
+ race condition can be used to test for the existence of an
+ arbitrary directory. However, it _cannot_ be used to write to
+ an arbitrary location. (bsc#1180684)
+ * Fixed CVE-2021-23240, a flaw in the temporary file handling of
+ sudoedit's SELinux RBAC support. On systems where SELinux is
+ enabled, a user with sudoedit permissions may be able to set the
+ owner of an arbitrary file to the user-ID of the target user.
+ On Linux kernels that support "protected symlinks", setting
+ /proc/sys/fs/protected_symlinks to 1 will prevent the bug from
+ being exploited. For more information see
+ https://www.sudo.ws/alerts/sudoedit_selinux.html. (bsc#1180685)
+ * Added writability checks for sudoedit when SELinux RBAC is in use.
+ This makes sudoedit behavior consistent regardless of whether
+ or not SELinux RBAC is in use. Previously, the "sudoedit_checkdir"
+ setting had no effect for RBAC entries.
+ * A new sudoers option "selinux" can be used to disable sudo's
+ SELinux RBAC support.
+ * Quieted warnings from PVS Studio, clang analyzer, and cppcheck.
+ Added suppression annotations for PVS Studio false positives.
+
+- Update to 1.9.4p2
+ * Fixed a bug introduced in sudo 1.9.4p1 which could lead to a crash
+ if the sudoers file contains a runas user-specific Defaults entry.
+ Bug #951.
+- News in 1.9.4p1
+ * Fixed a regression introduced in version 1.9.4 where sudo would
+ not build when configured using the --without-sendmail option.
+ Bug #947.
+ * Fixed a problem where if I/O logging was disabled and sudo was
+ unable to connect to sudo_logsrvd, the command would still be
+ allowed to run even when the "ignore_logfile_errors" sudoers
+ option was enabled.
+ * Fixed a crash introduced in version 1.9.4 when attempting to run
+ a command as a non-existent user. Bug #948.
+ * The installed sudo.conf file now has the default sudoers Plugin
+ lines commented out. This fixes a potential conflict when there
+ is both a system-installed version of sudo and a user-installed
+ version. GitHub issue #75.
+ * Fixed a regression introduced in sudo 1.9.4 where sudo would run
+ the command as a child process even when a pseudo-terminal was
+ not in use and the "pam_session" and "pam_setcred" options were
+ disabled. GitHub issue #76.
+ * Fixed a regression introduced in sudo 1.8.9 where the "closefrom"
+ sudoers option could not be set to a value of 3. Bug #950.
+
+- Update to 1.9.4
+ * The sudoers parser will now detect when an upper-case reserved
+ word is used when declaring an alias. Now instead of "syntax
+ error, unexpected CHROOT, expecting ALIAS" the message will be
+ "syntax error, reserved word CHROOT used as an alias name".
+ Bug #941.
+ * Better handling of sudoers files without a final newline.
+ The parser now adds a newline at end-of-file automatically which
+ removes the need for special cases in the parser.
+ * Fixed a regression introduced in sudo 1.9.1 in the sssd back-end
+ where an uninitialized pointer could be freed on an error path.
+ GitHub issue #67.
+ * The core logging code is now shared between sudo_logsrvd and
+ the sudoers plugin.
+ * JSON log entries sent to syslog now use "minimal" JSON which
+ skips all non-essential whitespace.
+ * The sudoers plugin can now produce JSON-formatted logs. The
+ "log_format" sudoers option can be used to select sudo or json
+ format logs. The default is sudo format logs.
+ * The sudoers plugin and visudo now display the column number in
+ syntax error messages in addition to the line number. Bug #841.
+ * If I/O logging is not enabled but "log_servers" is set, the
+ sudoers plugin will now log accept events to sudo_logsrvd.
+ Previously, the accept event was only sent when I/O logging was
+ enabled. The sudoers plugin now sends reject and alert events too.
+ * The sudo logsrv protocol has been extended to allow an AlertMessage
+ to contain an optional array of InfoMessage, as AcceptMessage
+ and RejectMessage already do.
+ * Fixed a bug in sudo_logsrvd where receipt of SIGHUP would result
+ in duplicate entries in the debug log when debugging was enabled.
+ * The visudo utility now supports EDITOR environment variables
+ that use single or double quotes in the command arguments.
+ Bug #942.
+ * The PAM session modules now run when sudo is set-user-ID root,
+ which allows a module to determine the original user-ID.
+ Bug #944.
+ * Fixed a regression introduced in sudo 1.8.24 in the LDAP back-end
+ where sudoNotBefore and sudoNotAfter were applied even when the
+ SUDOERS_TIMED setting was not present in ldap.conf. Bug #945.
+ * Sudo packages for macOS 11 now contain universal binaries that
+ support both Intel and Apple Silicon CPUs.
+ * For sudo_logsrvd, an empty value for the "pid_file" setting in
+ sudo_logsrvd.conf will now disable the process ID file.
+- Remove sudo-1.9.3p1-pam_xauth.patch (upstreamed)
+
systemd
+- Add 0001-rules-don-t-ignore-Xen-interfaces-anymore.patch (bsc#1178561)
+
+- Import commit f366438ca2d66c287ea836174e73dd03a98914bf (merge of v246.10)
+ 25f220eafb sysusers: flush nscd's caches whenever /etc/{passwd,group} are modified (bsc#1181121)
+ For a complete list of changes, visit:
+ https://github.com/openSUSE/systemd/compare/64dfb99ca3c9cbc75f6abe7aa6aa60f66ae4210d...f366438ca2d66c287ea836174e73dd03a98914bf
+
+- systemd-sysv-convert: handle the case when services are migrated
+ from SysV scripts to systemd units and are renamed at the same
+ time (bsc#1181788)
+ The list of such services is hard coded and contains only the
+ 'ntp->ntpd' translation.
+
timezone
+- timezone update 2021a (bsc#1177460)
+ * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.
+
tk
+- bsc#1179615: TK_LIBS in tkConfig.sh possibly breaks build on
+ newer service packs and is not needed for linking to a dynamic
+ libtk anyway, so make it empty.
+
-- Final 8.6.1 release:
- * Fix several crashes.
-
-- New patchlevel release 8.6.1rc0:
- * (enhancement) better build support for Debian arch
- * (bug fix)[3603077] treeview update on tag add/remove
- * (bug fix)[3599312] First Alt key event is lost
- * (platform support) FreeBSD updates
-
-- New version: 8.6.0.
- * Built-in PNG Image Support: Photo images now support
- read/write in the PNG format, with the ability to set the
- alpha channel.
- * Busy Windows: New command tk busy is a variant of blt::busy
- that lets the interactivity of windows be suspended and
- restored as required by the needs of the program.
- * New Font Selection Dialog Interface: New command tk
- fontchooser provides a portable interface to the standard font
- selector of the platform, whether that is modal or not.
- * Angled Text: New option -angle $degrees to $canvas create text
- for rotating displayed text.
- * Moving Things on a Canvas: New commands $canvas moveto,
- $canvas imove and $canvas rchars for moving and manipulating
- canvas items.
- * Additional New Features: Text widget cursor control, more
- window manager hints, and a collection of modernizations in
- appearance and function.
-- Integrate tkcon.
-
-- Add Source URL, see https://en.opensuse.org/SourceUrls
-
-- Fix configure xft detection (add patch tk-8.5.12-fix-xft.patch).
-- Replace build requires of xorg-x11-devel with those that are really
- needed.
-
-- New patchlevel release 8.5.12:
- * [3437816] return code of [canvas lower]
- * [3021557] cursor freeze in elided text
- * [3476698] hang in [text mark prev/next]
- * [3475627] Stop text-31.11 failure
- * [1630271] hang/crash on mark before -startline
- * [1754043,2321450] -blockcursor appearance
- * [3480471] crash in [tk_getOpenFile]
- * [3480634] PNG image in menus
- * [2925561] disabled combobox don't take focus
- * [3486474] Correct color scaling
- * [1630262,1615425] [text] crash tags & -*line
- * [3497848] consistent pixel rounding
- * [3503317] XParseColor speedup
- * [3176239] control-Mousewheel crash
- * [3520202] <MouseWheel> %k,%K,%N for Python
- * [533519] multiscreen window placement
- * [2768586] multiscreen menu posting
- * [1630254] text peer update on -startline reset
- * [3294450] ttk text element clipping
- * Make sure all index tables are static
- * [3546073] DisplayString() -> DefaultDisplay()
-
-- patch license to follow spdx.org standard
-
-- New patchlevel release 8.5.11:
- * [3341056] new crash in unset traces
- * [3314770] restore file dialog resizeability
- * [3404541] -takefocus option
- * [TIP 382] -confirmoverwrite on save dialog
- * [3410609] AltGr keysyms on Swiss keyboard
- * [3431491] improved "pixels" shimmer logic
-- Add a manpage for wish8.5 by symlinking to the wish manpage.
-- Remove unneeded %clean section and norootforbuild comment.
-- Add tk-upstream-fixes.patch with fixes for manpage bugs and
- a missing x-bit in the demo section.
-
-- New patchlevel release 8.5.10:
- * (bug fix)[3057573] specify combobox text fg color
- * (bug fix)[2829363] [$tv see] open item -> sched display
- * (bug fix)[3085489] crash in [tag add/remove]
- * (enhancement) Updated German messages.
- * (platform) VS 2005 SP1 MSVC compiler
- * (bug fix)[3071836] crash in tk_getSaveFile
- * (bug fix)[3154705] tk_messageBox close button disabled
- * (enhancement) add [ttk::entry validate]
- * (bug fix)[3205260] crash in [wm manage]
- * (bug fix)[3181181] tearoff submenu fix
- * (bug fix)[3205464] [wm forget] loses window
- * (bug fix)[3223850] ttk button state disabled during click
- * (bug fix)[3000002] ttk scrollbar size Appearance
- * (bug fix)[3239768] Win menu font support
- * (bug fix)[3129527] stop buffer overflows
- * (feature change)[2997657] No -container for [labelframe]
- * (bug fix)[723765] [grid remove] lost -in value
- * (bug fix)[3291543] mem corrupt when [$canvas dchars] removes
- all coords of a polygon
- * (bug fix)[2949774] cascade menu unpost
- * (bug fix)[2546087] [console] treatment of '\0'
- * (bug fix)[2358545] Restore "08" in spinbox configured with
- - from and -to (porter)
- * (bug fix)[2484771] modal dialog settings
- * (bug fix)[3175610] incomplete line item refresh
- * (bug fix)[3062331] crash in unset traces
-- tk-xft.patch has been integrated upstream.
-
-- Fix libXft detection in configure.
-
-- Bugfix release: 8.5.9:
- * [sf#2899949] crash on widget destroy
- * [sf#2902814] fix [wm iconphoto] on LP64 systems
- * [sf#2548661] crash in GetFontFamilyName
- * [sf#2864685] Compiz menu item animation
- * [sf#2902573] Update Safe Tk to new Safe Base
- * [sf#2912473] accept :: in DISPLAY name
- * [sf#2496162] crash calling Tk_DeleteOptionTable()
- * [sf#2917663] [send] accept SI:* on auth list
- * [sf#2919205] syntax bug in [tk_messageBox]
- * [sf#2912356] [ttk::sizegrip] accommodate Compiz
- * [sf#2879927] Win: cascade menu highlight
- * [sf#1924761] stop [event generate] / XIM conflict
- * [sf#2848897] ODS_NOACCEL flag support
- * [sf#220950] [$menu delete] bounds check
- * [sf#2898255] unlimited multi-file select
- * [sf#1163496] X: [wm transient] fix
- * [TIP 360] Modernize X11 Menus
- * [sf#2932808] canvas update on state change
- * [sf#2931374] overflow in complex tag search
- * [TIP 359] Extended Window Manager Hint Support
- * [sf#2952745] crash in menu deletion
- * [sf#2968379] crash in peer text dump
- * [sf#3006842] crash on empty bind scripts
- * entry validation compat with Itcl scope
- * [sf#2585265] text <Delete>,<Backspace> note selection
- * [sf#3053320] update Ttk to tile 0.8.6 feature set
-
-- Bugfix-Release 8.5.8:
- * [sf#2080533] panedwindow sash draw crash
- * [sf#2504402] iconphoto on non-32-bit displays
- * [sf#2785744] broken flag twiddling
- * [sf#2791352] XLFD parsing error
- * [sf#1923684] confused checkbutton state
- * [sf#2799589] crash on delayed window activation
- * [sf#220935] canvas dash update problem
- * [sf#2821962] photo image copy/paste
- * [sf#2496114] focus in dead window crash
- * [sf#2830420] X iconphoto for big endian
- * Fix word-wrap of non-breaking space in [text]
- * Fix tk::MessageBox bindings for ttk::buttons
- * [sf#1909931] [send] update for Fedora 8
- * Fix font allocation crash
- * Fix grayscale from images
- * [sf#2088597] min scrollbar slider size
- * [sf#2787164] combobox/menubutton arrow size
- * [sf#2870648] file dialog cursor
- * [sf#1961455] underline, overstrike Xft fonts
- * [sf#2794032] permit [load] into Tcl 8.6+ interps
- * [sf#2168768] file dialog -typevariable scope
- * [sf#1469210] [text] modified error
- * [sf#1530276] X checkbutton -selectcolor
- * [sf#1854913] [.t delete] before -startindex
- * [sf#2809525] prevent X crash on overlong color name
- * [sf#2891541] fix grab behaviour for main window
-
-- Install binaries unstripped to fix debuginfo packages
-
-- New version: 8.5.7
- * Improve keyboard bindings for ttk::scale.
- * Permit [text] names containing "-".
- * Limit [wm manage] to Frames.
- * Fix Tk_Create*ImageType() thread safety.
- * Eliminate unnecessary units conversion in screen distances,
- reducing precision loss.
- * Fix crash on XCreateIC failure.
- * Fax crash in Tk_MakeWindowExist().
- * More bug fixes and improvements.
-
transactional-update
-- Added 0001-Fix-EFI-grub2.patch:
- Backport of upstream fix for [boo#1162320] (grub2-arm64-efi
- upgrade 2.02-lp151.21.6.1 -> 2.02-lp151.21.9.1 causes system to
- fail reboot with "error: symbol `grub_efi_allocate_any_pages' not
- found.")
+- Version 3.1.4
+ - SELinux: Fix syncing of SELinux attributes when using overlays
+ - SELinux: Tag the overlay directory itself (again)
+
+- Version 3.1.3
+ - Fix overlay syncing on SELinux systems
+ - Fix resuming transactions where the parent does not exist any more
+
+- Version 3.1.2
+ - libtukit: Report when application was terminated due to a signal, and
+ return the signal number as a return value. This will cause the
+ transaction to be aborted when called via `execute`.
+ - libtukit: Set PATH variable for internal commands to fixed value to
+ find the helper applications, as in some environments such as PolicyKit
+ PATH wouldn't be set.
+ - Fix compiler warnings
+
+- Version 3.1.1
+ - Fix hang in tukit on aarch64 [bsc#1181844]
+ - Prevent deletion of snapshots when resuming a snapshot where no
+ transaction is open
+ - Make tukit work in non-dbus environments [boo#1181934]
+
+- Version 3.1.0
+ - t-u: Support installing RPMs from the user's directory again
+ - Adapt selfupdate to new packaging
+ - Implement signal handling
+ - Remove empty text files
+
+- Add libselinux build time dependency
+- Remove RPM version check
+
+- Fix libstdc++ filesystem ABI incompatibility by using newer gcc
+ version on old distributions. [boo#1181582]
+
+- Rework packaging based on Fedora packaging to separate all the
+ components to remove the intrinsic requirement for Zypper
+
+- Version 3.0.0
+ - This release changes the internal structure, but should be
+ identical to the previous release feature wise.
+ - Major parts of the previous Bash only application have been
+ rewritten in C++ with the goal to provide an API around
+ transactions; the transactional-update script is using that
+ new interface internally already, however the API should
+ be considered experimental for now - if you are interested to
+ use it, please notify us in
+ https://github.com/openSUSE/transactional-update/issues/52
+ - A new tool called "tukit" provides a C++ tool that can be
+ wrapped by scripts to leverage the functionality. Please
+ consider it experimental for now, the commands may still change.
+ - Bugfixes:
+ - Implement support for system offline update [boo#1180808]
+ - Add statistics files to update environment [boo#1173282]
+
+- Version 2.38.3
+ - SELinux: Make synchronisation work for both pre-SELinux
+ snapshots and later snapshots; SELinux support should be ready
+ for most tasks now.
+
+- Version 2.28.2
+ - SELinux: Exclude security.selinux attribute from rsyncing (again)
+
+- Version 2.28.1
+ - SELinux: Fixed changing the wrong grub configuration file
+ - SELinux: Move /.autorelabel file to writeable location
+
+- Version 2.28
+ - Add 'setup-selinux' command for easy setup of a SELinux system
+ - Allow complex commands for the 'run' command
+ - SELinux: Fix /etc / overlay labeling
+
+- Version 2.27
+ - Add support for network systemd-resolvd network connections in t-u
+ environment
+ - Mount /var/lib/ca-certificates read-write to prevent SELinux error
+ - Prevent calling transactional-update from within transactional-update
+
+- Version 2.26
+ - Fix broken sync for second snapshot [boo#1176989]
+ - Add new options to allow separate cleanup of snapshots and overlays
+ - Check for existence of inotifywait before using it
+ - Check that mount options don't exceed maximum length
+
+- Version 2.25.1
+ - Fix inotify watcher setup
+ - Use log_{info,error} for more messages to avoid messing up Salt logs
+
+- Version 2.25
+ - Reduce number of overlays:
+ Instead of using transparent overlays for all previous layers only add the
+ previous snapshot's overlay; this will greatly reduce the number of
+ overlays while still making sure that /etc changes in the running system
+ will be visible in the next snapshot
+ - When using --drop-if-no-change synchronize potential /etc changes with
+ running system
+ - Exclude all non-root-fs mounts from inotify watcher
+
+- Version 2.24.1
+ - SELinux: adjust labels for etc, fstab and grub.cfg
+
+- Version 2.24
+ - Add partial SELinux support
+
+- Version 2.23
+ - Add "run" command to be able to execute a single command in a new snapshot
+ - Add "--drop-if-no-change" option to discard snapshots if no changes were
+ perfomed (BETA, required for Salt integration)
+ - Removed previous CaaSP Salt support (gh#openSUSE/transactional-update#33)
+ - Avoid "file not found" message on systems without /var subvol
+
+- Remove unused attr requires
+- Change bc to file requires
+
+- Version 2.22
+ - Use pkgconf to determine installation paths
+ - Enable SSL connections in update shell
+ [boo#1149131] & [boo#1133891]
+
+- Version 2.21.1
+ - Rework error messages on failing umount [boo#1168389]
+
+- Update to version 2.21
+ - Use slave mounts for /proc, /sys & /dev
+
+- Update to version 2.20.4
+ - Mount efivarfs on EFI systems to make sure the bootloader will be installed
+ correctly [boo#1162320]
+ - Fix removal of existing overlay directories
+
+- Add dependencies to btrfsprogs, zypper and snapper - most of the
+ functionality is not usable if those applications are not
+ installed. [boo#1166502]
util-linux
-- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
+- libmount: don't use "symfollow" for helpers on user mounts
+ (boo#1181750, util-linux-libmount-dont-use-symfollow.patch)
+
+- Override GTKDOCIZE with /bin/true so we can run autoreconf
+ without needing gtk-doc as a dependency.
+
+- Merge package with SLE15 SP3 and openSUSE Leap 15.3:
+ Obsoletes upstreamed patches:
+- libblkid: Do not trigger CDROM autoclose (v2.35, bsc#1084671,
+- lscpu: avoid segfault on PowerPC systems with valid hardware
+ configurations
+ (v2.36.1, bsc#1175623, bsc#1178554, bsc#1178825,
+ lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
+- Fix for SG#57988, bsc#1174942 (v2.36):
+ libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
+ to CIFS with mount –a.
+- blockdev: Do not fail --report on kpartx-style partitions on
+ multipath (v2.36,
+ bsc#1168235, util-linux-blockdev-report-dm.patch).
+- nologin: Add support for -c to prevent error from su -c
+ (v2.35, bsc#1151708, util-linux-nologin-su-c.patch).
+- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
+ Avoid triggering autofs in lookup_umount_fs_by_statfs
+ (v2.36 boo#1168389)
+- mount: fall back to device node name if /dev/mapper link not found
+ (v2.34, bsc#1149911)
+ * Add patch: util-linux-canonicalize-coverity-scan.patch
+- De-duplicate fstrim -A properly (v2.34, bsc#1127701,
+ util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch,
+ util-linux-fstrim-A-4.patch).
+- Do not trim read-only volumes
+ (v2.34, boo#1106214, util-linux-fstrim-A-2.patch,
+ util-linux-fstrim-A-4.patch).
+- libmount: To prevent incorrect behavior, recognize more pseudofs
+ and netfs (v2.34, bsc#1122417,
+ util-linux-libmount-pseudofs.patch).
+- agetty: Return previous response of agetty for special characters
+ (v2.34, bsc#1085196, bsc#1125886,
+ util-linux-agetty-smart-reload-13.patch,
+ util-linux-agetty-smart-reload-14.patch).
+- Fix problems in reading of login.defs values (v2.34, bsc#1121197,
+ util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch,
+ util-linux-login_defs-SYS_UID.patch).
+
+- Build with libudev support to support non-root users
+ (boo#1169006).
+- Move findmnt and lsblk to util-linux-systemd, as they use libudev
+ (bsc#1169006#c10).
+
+- Do not require libeconf-devel on products without /usr/etc.
+
+- s/--enable-vendordir/--with-vendordir/
+- remove pam_securetty line again. As long as there is no agreement
+ from pam side having it would fail openQA (boo#1033626)
+
+- Update to version 2.36.1:
+ * chrt: use SCHED_FLAG_RESET_ON_FORK for sched_setattr()
+ * fallocate: fix --dig-holes at end of files
+ * fdisk: always report fdisk_create_disklabel() errors
+ * flock: keep -E exit status more restrictive
+ * fstrim: remove fstab condition from fstrim.timer
+ * hexdump: automatically use -C when called as hd
+ * hwclock: add fallback if SYS_settimeofday does not exist, fix
+ SYS_settimeofday fallback
+ * libblkid: allow a lot of mac partitions, fix Atari prober logic,
+ limit amount of parsed partitions
+ * more libfdisk improvements
+ * losetup: avoid infinite busy loop, increase limit of setup
+ attempts
+ * lsblk: fix -T optional argument, fix SCSI_IDENT_SERIAL, print
+ zero rather than empty SIZE, read ID_SCSI_IDENT_SERIAL if
+ available
+ * lscpu: Add FUJITSU aarch64 A64FX cpupart, Even more Arm part
+ numbers, avoid segfault on PowerPC systems with valid hardware
+ configurations (bsc#1175623)
+ * mount: Add support for "nosymfollow" mount option.
+ * pg: fix wcstombs()
+ * sfdisk: correct --json --dump false exclusive, fix backward
+ - -move-data
+ * vipw: fix short write handling in copyfile
+ * whereis: fix out of boundary read, support zst compressed man
+ pages
+ * minor code improvements and fixes
+ * minor licensing changes
+ * improve docs
+- Require both group(uuidd) and user(uuidd).
+
+- Do search /usr/sbin for mount helpers. (This drops /sbin/fs,
+ /sbin/fs.d, which we do not use in openSUSE.)
+
+- prepare usrmerge (boo#1029961)
-- Build with libudev support to support non-root users
- (boo#1169006).
+- Fix default permissions of wall and write.
+- Update to version 2.36:
+ * blkdiscard(8) refuses to proceed if filesystem or RAID
+ signatures are found in interactive mode (executed on a
+ terminal). The option --force is required to the discard
+ data.
+ * new commands irqtop(1) and lsirq(1)to monitor kernel
+ interrupts.
+ * cal(1) provides a new --vertical command line option.
+ * blkzone(8) implements open/close/finish commands now.
+ * unshare(1) and nsenter(1) commands support the time namespace
+ now.
+ * agetty(8) now supports multiple paths in the option
+ - -issue-file.
+ * fdisk(8), sfdisk(8), cfdisk(8), mkswap(8) and wipefs(8) now
+ support block devices locking by flock(2), new command line
+ option --lock and $LOCK_BLOCK_DEVICE environmental variable.
+ * dmesg(1) new command line option --follow-new to wait and
+ print only new kernel messages.
+ * fdisk(8) new command line option --list-details and
+ - -noauto-pt.
+ * fdisk(8) and sfdisk(8) support user-friendly aliases for
+ partition types.
+ * fstrim(8) supports new command line option --listed-in.
+ * libfdisk provides API to relocate GPT backup header. New
+ command line option "sfdisk --relocate".
+ * mount(8) now supports mount by ID= tag.
+ * login(1) supports list of "message of the day".
+ * All tools which read /etc/login.defs is possible to compile
+ with libeconf now.
+ * more(1) has been refactored.
+ * man pages cleanup
+ * other fixes and improvements, see:
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.36/v2.36-ReleaseNotes
+- Refresh Add-documentation-on-blacklisted-modules-to-mount-8-.patch.
+- Drop upstreamed libeconf.patch,
+ libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch.
+- util-linux-login_defs-check.sh: Perform all steps to integrate
+ MOTD_FIRSTONLY.
+- Update baselibs.conf.
+
+- Use plain #!/bin/sh for flushb
+
+- Include pam_securetty in login.pamd again (bsc#1033626)
+- Update to 2.35.2
+ * make glibc 2.31 compatible
+- Dropped unneeded patch libfdisk-script-accept-sector-size.patch
+
+- Add patch to fix sfdisk not reading its own scripts:
+ * libfdisk-script-accept-sector-size.patch
+- Use %autopatch
+
+- Fix verification of mount, su and umount (bsc#1166948)
+
+- Update to version 2.35.1:
+ * agetty: add --show-issue, support for /run/issue and
+ * fdisk: Correct handling of hybrid MBR, cleanup wipe warning,
+ use 'r' to return from MBR to GPT.
+ * lsblk: FSVER column,
+ drop e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch.
+ * lscpu: Add HiSilicon aarch64 tsv110 cpupart, add a new columns
+ to --cache.
+ * mount: add --target-prefix.
+ * mountpoint: add --nofollow option.
+ * script: add --echo, --log-in, --logging-format, --log-out and
+ - -log-timing.
+ * scriptlive: new command.
+ * scriptreplay: add --log-* options, --cr-mode, --stream,
+ - -summary, -T --log-timing.
+ * sfdisk: add progress bars.
+ * unshare: add --keep-caps and --map-current-user options.
+ * Many other fixes and improvements, see:
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35.1-ReleaseNotes
+- Refresh libeconf.patch.
-- lscpu: avoid segfault on PowerPC systems with valid hardware
- configurations
- (bsc#1175623, bsc#1178554, bsc#1178825,
- lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
+- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
+ Avoid triggering autofs in lookup_umount_fs_by_statfs
+ (boo#1168389)
-- Fix for SG#57988, bsc#1174942:
- libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
- to CIFS with mount –a.
+- libeconf.patch: fix a long int error on 32bit
-- blockdev: Do not fail --report on kpartx-style partitions on
- multipath (bsc#1168235, util-linux-blockdev-report-dm.patch).
+- libeconf.patch: Add support for libeconf
+- Move /etc/pam.d/* to /usr/etc/pam.d
+- Remove migration code for su from coreutils to util-linux, not
+ needed anymore
-- nologin: Add support for -c to prevent error from su -c
- (bsc#1151708, util-linux-nologin-su-c.patch).
+- Do not recommend lang package. The lang package already has a
+ supplements.
-- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
- Avoid triggering autofs in lookup_umount_fs_by_statfs
- (boo#1168389)
+- lsblk: force to print PKNAME for partition with
+ e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch
-- mount: fall back to device node name if /dev/mapper link not found
- (bsc#1149911)
- * Add patch: util-linux-canonicalize-coverity-scan.patch
+- Remove outdated buildignore for pwdutils, had no effect with
+ shadow anyways
-- Fix comments and unify look of PAM files that were just changed
- (login.pamd, remote.pamd).
+- Fix comments and unify look of PAM files (login.pamd,
+ remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
+
+- Update to version 2.34:
+ * new command hardlink
+ * rewrite of lsblk, now supports --dedup
+ * support for FUSE in umount
+ * support for "--all -o remount" in mount
+ * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
+ over ENV_ROOTPATH (bsc#1121197), improved --pty
+ * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
+ * fstrim: do not suppress warnings unless --quiet is used
+ * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
+ - -caches
+ * logger: merge multiple MESSAGE= lines
+ * libblkid: do not depend on libuuid, supports DRBD9 detection
+ * libsmartcols: support N:M relationships in tree-like output
+ * fstrim and uuidd systemd services: hardening settings to
+ improve security and service isolation
+ * fstrim: trim root filesystem on --fstab, check for read-only
+ filesystems on --all and --fstab (boo#1106214).
+ * fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
+ * Obsoletes util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch and
+ util-linux-login_defs-SYS_UID.patch.
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
+- Provide and obsolete hardlink package.
+- util-linux-login_defs-check.sh: Update checksum, login now
+ supports LASTLOG_UID_MAX.
-- De-duplicate fstrim -A properly (bsc#1127701,
- util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch,
- util-linux-fstrim-A-4.patch).
-- Do not trim read-only volumes
- (boo#1106214, util-linux-fstrim-A-2.patch,
- util-linux-fstrim-A-4.patch).
-
-- libmount: To prevent incorrect behavior, recognize more pseudofs
- and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch).
-
+- Use FAT LTO objects in order to provide proper static library (boo#1138795).
+
-- agetty: Return previous response of agetty for special characters
- (bsc#1085196, bsc#1125886,
- util-linux-agetty-smart-reload-13.patch,
- util-linux-agetty-smart-reload-14.patch).
+- Update to version 2.33.2 (bsc#1134337):
+ * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
+ * mount: Fix "mount" output for net file systems (bsc#1122417).
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
+- Add virtual symbols for login.defs compatibility (bsc#1121197).
+- Add login.defs safety check util-linux-login_defs-check.sh
+ (bsc#1121197).
+- Drop bc BuildRequires: not needed.
+
+- libmount: remove jffs2 and ubifs from blacklist (jsc#SLE-4085).
+
- (jsc#SUSE-4085, fate#326832), and add documentation
+ (jsc#SLE-4085, fate#326832), and add documentation
+- agetty: Fixes for reload issue only if it is really needed
+ (bsc#1085196, boo#1120298,
+ util-linux-agetty-smart-reload-10.patch,
+ util-linux-agetty-smart-reload-11.patch,
+ util-linux-agetty-smart-reload-12.patch).
+
-- Update to version 2.33 (FATE#326844):
+- Update to version 2.33:
+- Drop klogconsole in favor of dmesg --console-level plus
+ setlogcons (kbd) (boo#1116277).
+
+- Fix runstatedir path (to /run) (boo#1113188#c1).
+
+- Create empty /etc/issue.d for the new agetty feature.
+
+- Drop obsolete downstream ppc utilities
+ chrp-addnote and mkzimage_cmdline (boo#1109284).
+- Drop obsolete setctsid (boo#1109290).
+
+- Update to version 2.32.1:
- https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33-ReleaseNotes
- util-linux-chcpu-cpu-count.patch,
- util-linux-bash-completion-umount-CVE-2018-7738.patch).
-- agetty: Fixes for reload issue only if it is really needed
- (bsc#1085196, util-linux-agetty-smart-reload-10.patch,
- util-linux-agetty-smart-reload-11.patch,
- util-linux-agetty-smart-reload-12.patch).
-- agetty BEHAVIOR CHANGE: Terminal switches to character mode when
- entering logname; echo is generated by the agetty itself.
- (In past, logname echo was generated locally by the terminal,
- using the canonical line editing mode.)
-
-- Fix runstatedir path (to /run) (boo#1113188#c1).
-
-- Create empty /etc/issue.d for the new agetty feature.
+ util-linux-chcpu-cpu-count.patch).
-- Fix local vulnerability using embeded shell commands in
- a mountpoint name (bsc#1084300, CVE-2018-7738,
- util-linux-bash-completion-umount-CVE-2018-7738.patch).
-
util-linux-systemd
-- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
+- libmount: don't use "symfollow" for helpers on user mounts
+ (boo#1181750, util-linux-libmount-dont-use-symfollow.patch)
+
+- Override GTKDOCIZE with /bin/true so we can run autoreconf
+ without needing gtk-doc as a dependency.
+
+- Merge package with SLE15 SP3 and openSUSE Leap 15.3:
+ Obsoletes upstreamed patches:
+- libblkid: Do not trigger CDROM autoclose (v2.35, bsc#1084671,
+- lscpu: avoid segfault on PowerPC systems with valid hardware
+ configurations
+ (v2.36.1, bsc#1175623, bsc#1178554, bsc#1178825,
+ lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
+- Fix for SG#57988, bsc#1174942 (v2.36):
+ libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
+ to CIFS with mount –a.
+- blockdev: Do not fail --report on kpartx-style partitions on
+ multipath (v2.36,
+ bsc#1168235, util-linux-blockdev-report-dm.patch).
+- nologin: Add support for -c to prevent error from su -c
+ (v2.35, bsc#1151708, util-linux-nologin-su-c.patch).
+- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
+ Avoid triggering autofs in lookup_umount_fs_by_statfs
+ (v2.36 boo#1168389)
+- mount: fall back to device node name if /dev/mapper link not found
+ (v2.34, bsc#1149911)
+ * Add patch: util-linux-canonicalize-coverity-scan.patch
+- De-duplicate fstrim -A properly (v2.34, bsc#1127701,
+ util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch,
+ util-linux-fstrim-A-4.patch).
+- Do not trim read-only volumes
+ (v2.34, boo#1106214, util-linux-fstrim-A-2.patch,
+ util-linux-fstrim-A-4.patch).
+- libmount: To prevent incorrect behavior, recognize more pseudofs
+ and netfs (v2.34, bsc#1122417,
+ util-linux-libmount-pseudofs.patch).
+- agetty: Return previous response of agetty for special characters
+ (v2.34, bsc#1085196, bsc#1125886,
+ util-linux-agetty-smart-reload-13.patch,
+ util-linux-agetty-smart-reload-14.patch).
+- Fix problems in reading of login.defs values (v2.34, bsc#1121197,
+ util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch,
+ util-linux-login_defs-SYS_UID.patch).
+
+- Build with libudev support to support non-root users
+ (boo#1169006).
+- Move findmnt and lsblk to util-linux-systemd, as they use libudev
+ (bsc#1169006#c10).
+
+- Do not require libeconf-devel on products without /usr/etc.
+
+- s/--enable-vendordir/--with-vendordir/
+- remove pam_securetty line again. As long as there is no agreement
+ from pam side having it would fail openQA (boo#1033626)
+
+- Update to version 2.36.1:
+ * chrt: use SCHED_FLAG_RESET_ON_FORK for sched_setattr()
+ * fallocate: fix --dig-holes at end of files
+ * fdisk: always report fdisk_create_disklabel() errors
+ * flock: keep -E exit status more restrictive
+ * fstrim: remove fstab condition from fstrim.timer
+ * hexdump: automatically use -C when called as hd
+ * hwclock: add fallback if SYS_settimeofday does not exist, fix
+ SYS_settimeofday fallback
+ * libblkid: allow a lot of mac partitions, fix Atari prober logic,
+ limit amount of parsed partitions
+ * more libfdisk improvements
+ * losetup: avoid infinite busy loop, increase limit of setup
+ attempts
+ * lsblk: fix -T optional argument, fix SCSI_IDENT_SERIAL, print
+ zero rather than empty SIZE, read ID_SCSI_IDENT_SERIAL if
+ available
+ * lscpu: Add FUJITSU aarch64 A64FX cpupart, Even more Arm part
+ numbers, avoid segfault on PowerPC systems with valid hardware
+ configurations (bsc#1175623)
+ * mount: Add support for "nosymfollow" mount option.
+ * pg: fix wcstombs()
+ * sfdisk: correct --json --dump false exclusive, fix backward
+ - -move-data
+ * vipw: fix short write handling in copyfile
+ * whereis: fix out of boundary read, support zst compressed man
+ pages
+ * minor code improvements and fixes
+ * minor licensing changes
+ * improve docs
+- Require both group(uuidd) and user(uuidd).
+
+- Do search /usr/sbin for mount helpers. (This drops /sbin/fs,
+ /sbin/fs.d, which we do not use in openSUSE.)
+
+- prepare usrmerge (boo#1029961)
-- Build with libudev support to support non-root users
- (boo#1169006).
+- Fix default permissions of wall and write.
+- Update to version 2.36:
+ * blkdiscard(8) refuses to proceed if filesystem or RAID
+ signatures are found in interactive mode (executed on a
+ terminal). The option --force is required to the discard
+ data.
+ * new commands irqtop(1) and lsirq(1)to monitor kernel
+ interrupts.
+ * cal(1) provides a new --vertical command line option.
+ * blkzone(8) implements open/close/finish commands now.
+ * unshare(1) and nsenter(1) commands support the time namespace
+ now.
+ * agetty(8) now supports multiple paths in the option
+ - -issue-file.
+ * fdisk(8), sfdisk(8), cfdisk(8), mkswap(8) and wipefs(8) now
+ support block devices locking by flock(2), new command line
+ option --lock and $LOCK_BLOCK_DEVICE environmental variable.
+ * dmesg(1) new command line option --follow-new to wait and
+ print only new kernel messages.
+ * fdisk(8) new command line option --list-details and
+ - -noauto-pt.
+ * fdisk(8) and sfdisk(8) support user-friendly aliases for
+ partition types.
+ * fstrim(8) supports new command line option --listed-in.
+ * libfdisk provides API to relocate GPT backup header. New
+ command line option "sfdisk --relocate".
+ * mount(8) now supports mount by ID= tag.
+ * login(1) supports list of "message of the day".
+ * All tools which read /etc/login.defs is possible to compile
+ with libeconf now.
+ * more(1) has been refactored.
+ * man pages cleanup
+ * other fixes and improvements, see:
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.36/v2.36-ReleaseNotes
+- Refresh Add-documentation-on-blacklisted-modules-to-mount-8-.patch.
+- Drop upstreamed libeconf.patch,
+ libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch.
+- util-linux-login_defs-check.sh: Perform all steps to integrate
+ MOTD_FIRSTONLY.
+- Update baselibs.conf.
+
+- Use plain #!/bin/sh for flushb
+
+- Include pam_securetty in login.pamd again (bsc#1033626)
+- Update to 2.35.2
+ * make glibc 2.31 compatible
+- Dropped unneeded patch libfdisk-script-accept-sector-size.patch
+
+- Add patch to fix sfdisk not reading its own scripts:
+ * libfdisk-script-accept-sector-size.patch
+- Use %autopatch
+
+- Fix verification of mount, su and umount (bsc#1166948)
+
+- Update to version 2.35.1:
+ * agetty: add --show-issue, support for /run/issue and
+ * fdisk: Correct handling of hybrid MBR, cleanup wipe warning,
+ use 'r' to return from MBR to GPT.
+ * lsblk: FSVER column,
+ drop e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch.
+ * lscpu: Add HiSilicon aarch64 tsv110 cpupart, add a new columns
+ to --cache.
+ * mount: add --target-prefix.
+ * mountpoint: add --nofollow option.
+ * script: add --echo, --log-in, --logging-format, --log-out and
+ - -log-timing.
+ * scriptlive: new command.
+ * scriptreplay: add --log-* options, --cr-mode, --stream,
+ - -summary, -T --log-timing.
+ * sfdisk: add progress bars.
+ * unshare: add --keep-caps and --map-current-user options.
+ * Many other fixes and improvements, see:
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes
+ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35.1-ReleaseNotes
+- Refresh libeconf.patch.
-- lscpu: avoid segfault on PowerPC systems with valid hardware
- configurations
- (bsc#1175623, bsc#1178554, bsc#1178825,
- lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
+- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
+ Avoid triggering autofs in lookup_umount_fs_by_statfs
+ (boo#1168389)
-- Fix for SG#57988, bsc#1174942:
- libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
- to CIFS with mount –a.
+- libeconf.patch: fix a long int error on 32bit
-- blockdev: Do not fail --report on kpartx-style partitions on
- multipath (bsc#1168235, util-linux-blockdev-report-dm.patch).
+- libeconf.patch: Add support for libeconf
+- Move /etc/pam.d/* to /usr/etc/pam.d
+- Remove migration code for su from coreutils to util-linux, not
+ needed anymore
-- nologin: Add support for -c to prevent error from su -c
- (bsc#1151708, util-linux-nologin-su-c.patch).
+- Do not recommend lang package. The lang package already has a
+ supplements.
-- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch:
- Avoid triggering autofs in lookup_umount_fs_by_statfs
- (boo#1168389)
+- lsblk: force to print PKNAME for partition with
+ e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch
-- mount: fall back to device node name if /dev/mapper link not found
- (bsc#1149911)
- * Add patch: util-linux-canonicalize-coverity-scan.patch
+- Remove outdated buildignore for pwdutils, had no effect with
+ shadow anyways
-- Fix comments and unify look of PAM files that were just changed
- (login.pamd, remote.pamd).
+- Fix comments and unify look of PAM files (login.pamd,
+ remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
+
+- Update to version 2.34:
+ * new command hardlink
+ * rewrite of lsblk, now supports --dedup
+ * support for FUSE in umount
+ * support for "--all -o remount" in mount
+ * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
+ over ENV_ROOTPATH (bsc#1121197), improved --pty
+ * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
+ * fstrim: do not suppress warnings unless --quiet is used
+ * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
+ - -caches
+ * logger: merge multiple MESSAGE= lines
+ * libblkid: do not depend on libuuid, supports DRBD9 detection
+ * libsmartcols: support N:M relationships in tree-like output
+ * fstrim and uuidd systemd services: hardening settings to
+ improve security and service isolation
+ * fstrim: trim root filesystem on --fstab, check for read-only
+ filesystems on --all and --fstab (boo#1106214).
+ * fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
+ * Obsoletes util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch and
+ util-linux-login_defs-SYS_UID.patch.
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
+- Provide and obsolete hardlink package.
+- util-linux-login_defs-check.sh: Update checksum, login now
+ supports LASTLOG_UID_MAX.
-- De-duplicate fstrim -A properly (bsc#1127701,
- util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch,
- util-linux-fstrim-A-4.patch).
-- Do not trim read-only volumes
- (boo#1106214, util-linux-fstrim-A-2.patch,
- util-linux-fstrim-A-4.patch).
-
-- libmount: To prevent incorrect behavior, recognize more pseudofs
- and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch).
-
+- Use FAT LTO objects in order to provide proper static library (boo#1138795).
+
-- agetty: Return previous response of agetty for special characters
- (bsc#1085196, bsc#1125886,
- util-linux-agetty-smart-reload-13.patch,
- util-linux-agetty-smart-reload-14.patch).
+- Update to version 2.33.2 (bsc#1134337):
+ * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
+ * mount: Fix "mount" output for net file systems (bsc#1122417).
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
+- Add virtual symbols for login.defs compatibility (bsc#1121197).
+- Add login.defs safety check util-linux-login_defs-check.sh
+ (bsc#1121197).
+- Drop bc BuildRequires: not needed.
+
+- libmount: remove jffs2 and ubifs from blacklist (jsc#SLE-4085).
+
- (jsc#SUSE-4085, fate#326832), and add documentation
+ (jsc#SLE-4085, fate#326832), and add documentation
+- agetty: Fixes for reload issue only if it is really needed
+ (bsc#1085196, boo#1120298,
+ util-linux-agetty-smart-reload-10.patch,
+ util-linux-agetty-smart-reload-11.patch,
+ util-linux-agetty-smart-reload-12.patch).
+
-- Update to version 2.33 (FATE#326844):
+- Update to version 2.33:
+- Drop klogconsole in favor of dmesg --console-level plus
+ setlogcons (kbd) (boo#1116277).
+
+- Fix runstatedir path (to /run) (boo#1113188#c1).
+
+- Create empty /etc/issue.d for the new agetty feature.
+
+- Drop obsolete downstream ppc utilities
+ chrp-addnote and mkzimage_cmdline (boo#1109284).
+- Drop obsolete setctsid (boo#1109290).
+
+- Update to version 2.32.1:
- https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33-ReleaseNotes
- util-linux-chcpu-cpu-count.patch,
- util-linux-bash-completion-umount-CVE-2018-7738.patch).
-- agetty: Fixes for reload issue only if it is really needed
- (bsc#1085196, util-linux-agetty-smart-reload-10.patch,
- util-linux-agetty-smart-reload-11.patch,
- util-linux-agetty-smart-reload-12.patch).
-- agetty BEHAVIOR CHANGE: Terminal switches to character mode when
- entering logname; echo is generated by the agetty itself.
- (In past, logname echo was generated locally by the terminal,
- using the canonical line editing mode.)
-
-- Fix runstatedir path (to /run) (boo#1113188#c1).
-
-- Create empty /etc/issue.d for the new agetty feature.
+ util-linux-chcpu-cpu-count.patch).
-- Fix local vulnerability using embeded shell commands in
- a mountpoint name (bsc#1084300, CVE-2018-7738,
- util-linux-bash-completion-umount-CVE-2018-7738.patch).
-
wpa_supplicant
+- Add CVE-2021-0326.patch -- P2P group information processing vulnerability
+ (bsc#1181777)
+
- [https://w1.fi/security/2019-1/] (CVE-2019-9494)
+ [https://w1.fi/security/2019-1/] (CVE-2019-9494, bsc#1131868)
- [https://w1.fi/security/2019-2/] (CVE-2019-9495)
+ [https://w1.fi/security/2019-2/] (CVE-2019-9495, bsc#1131870)
- [https://w1.fi/security/2019-4/] (CVE-2019-9499)
+ [https://w1.fi/security/2019-4/] (CVE-2019-9497, CVE-2019-9498,
+ CVE-2019-9499, bsc#1131874, bsc#1131872, bsc#1131871, bsc#1131644)
- [https://w1.fi/security/2019-5/]
+ [https://w1.fi/security/2019-5/] (CVE-2019-11555, bsc#1133640)
+ - SAE/EAP-pwd side-channel attack update
+ [https://w1.fi/security/2019-6/] (CVE-2019-13377, bsc#1144443)
- [http://w1.fi/security/2015-5/]
+ [http://w1.fi/security/2015-5/] (CVE-2015-8041)
-- added patch for bnc#930077
+- added patch for bnc#930077 CVE-2015-4141
-- added patch for bnc#930078
+- added patch for bnc#930078 CVE-2015-4142
-- added patches for bnc#930079
+- added patches for bnc#930079 CVE-2015-4143
yast2
+- Fixed bug introduced while adding auto wrapping (bsc#1179893)
+- 4.3.55
+
+- Use Auto Wrapping of long lines for Yast2::Popup and Yast::Report
+ (bsc#1179893)
+- 4.3.54
+
+- Do not use the 'installation-helper' binary to create snapshots
+ during installation or offline upgrade (bsc#1180142).
+- Add a new exception to properly handle exceptions
+ when reading/writing snapshots numbers (related to bsc#1180142).
+- 4.3.53
+
+- Added supported migration "openSUSE Leap 15.3" -> SLES
+ (in 15.3 the product has been renamed from "openSUSE" to "Leap")
+ (bsc#1181773)
+- 4.3.52
+
yast2-add-on
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.8
+
yast2-bootloader
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.22
+
+- use shim for secure boot also on aarch64 (jsc#SLE-15020)
+- 4.3.21
+
yast2-configuration-management
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.5
+
yast2-country
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893)
+- 4.3.12
+
yast2-firewall
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893)
+- 4.3.10
+
yast2-installation
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.26
+
+- Do not crash when it is not possible to create a snapshot after
+ installing or upgrading the system (bsc#1180142).
+- 4.3.25
+
yast2-network
+- Added AutoYaST interfaces section errors reporting (bsc#1174353,
+ bsc#1178107).
+- 4.3.49
+
+- Improve the AutoYaST interfaces reader handling better the IP
+ Addresses configuration. (bsc#1174353, bsc#1178107)
+- 4.3.48
+
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.47
+
+- Allow to disable the proposal of the bridge network configuration
+ for virtualization in the installation summary or by the new
+ 'virt_bridge_proposal' AutoYaST option (bsc#1178603)
+- 4.3.46
+
+- Fix for not present interfaces when deciding whether
+ the "Scan Network" button should be disabled or not during a
+ wireless configuration (bsc#1177834).
+- 4.3.45
+
+- Cache the hardware netcards information in order to speed up the
+ access (bsc#1180702)
+- 4.3.44
+
+- Added lladdr attribute to the interface section in the networking
+ schema and honors it when importing the config (bsc#1179876)
+- 4.3.43
+
yast2-nfs-client
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.3
+
yast2-nfs-server
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.2
+
yast2-nis-client
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.6
+
yast2-ntp-client
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.2
+
yast2-packager
+- Show correct number of downloaded packages in log (bsc#1180278)
+- Fix crash when installation proposal require pattern and such
+ pattern is not available in any repository (found during testing
+ jsc#SLE-17427)
+- 4.3.14
+
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.13
+
yast2-pam
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.4
+
yast2-s390
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893, bsc#1182624).
+- 4.3.3
+
yast2-samba-server
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.4
+
yast2-schema
+- Add the 'virt_bridge_proposal' element to the networking section
+ in order to permit to disable the proposal of the bridge network
+ configuration for virtualization (bsc#1178603).
+- 4.3.18
+
+- Add the 'lladdr' element to the networking interface section
+ (bsc#1179876).
+- 4.3.17
+
yast2-security
+- Move SELinux .autorelabel file from / to /etc/selinux if root
+ filesystem will be mounted as read only (jsc#SLE-17307).
+- 4.3.10
+
+- jsc#SMO-20, jsc#SLE-17342:
+ - Add class for managing SELinux configuration.
+ - AutoYaST: add support for SELinux configuration.
+- 4.3.9
+
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.8
+
yast2-services-manager
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.6
+
yast2-storage-ng
+- Partitioner: ask for recursively unmounting affected devices when
+ deleting a device (bsc#1171310).
+- 4.3.44
+
+- Partitioner: in general, collapse branches of the tables only if
+ they contain Btrfs snapshots (related to bsc#1181464).
+- 4.3.43
+
+- Partitioner: stop offering LVM pools as possible base devices
+ for bcache devices and for multi-device btrfs (bsc#1170044).
+- 4.3.42
+
yast2-sysconfig
+- Adapted unit test to recent changes in Yast::Report (related to
+ bsc#1179893).
+- 4.3.3
+
yast2-theme
+- Use Poppins fonts instead of Raleway in all style files.
+- Part of jsc#SLE-15714.
+- 4.3.4
+
+- Update branding (jsc#SLE-15714).
+- 4.3.3
+
+- Add icon for cinnamon pattern
+- 4.3.2
+
yast2-trans
+- Update to version 84.87.20210219.c6a06209b7:
+ * New POT for text domain 'security'.
+
+- Update to version 84.87.20210212.15272017a9:
+ * New POT for text domain 'ncurses'.
+ * New POT for text domain 'base'.
+ * New POT for text domain 'update'.
+ * New POT for text domain 'installation'.
+ * New POT for text domain 'network'.
+
+- Update to version 84.87.20210205.68980f3ed7:
+ * New POT for text domain 'qt-pkg'.
+ * New POT for text domain 'qt'.
+ * New POT for text domain 'ncurses-pkg'.
+ * New POT for text domain 'wol'.
+ * New POT for text domain 'vpn'.
+ * New POT for text domain 'users'.
+ * New POT for text domain 'update'.
+ * New POT for text domain 'tune'.
+ * New POT for text domain 'sysconfig'.
+ * New POT for text domain 'support'.
+ * New POT for text domain 'sudo'.
+ * New POT for text domain 'storage'.
+ * New POT for text domain 'squid'.
+ * New POT for text domain 'sound'.
+ * New POT for text domain 'snapper'.
+ * New POT for text domain 'slp-server'.
+ * New POT for text domain 'services-manager'.
+ * New POT for text domain 'security'.
+ * New POT for text domain 'scanner'.
+ * New POT for text domain 'samba-server'.
+ * New POT for text domain 'samba-client'.
+ * New POT for text domain 's390'.
+ * New POT for text domain 'rmt'.
+ * New POT for text domain 'relocation-server'.
+ * New POT for text domain 'reipl'.
+ * New POT for text domain 'registration'.
+ * New POT for text domain 'rdp'.
+ * New POT for text domain 'proxy'.
+ * New POT for text domain 'printer'.
+ * New POT for text domain 'pam'.
+ * New POT for text domain 'packager'.
+ * New POT for text domain 'online-update'.
+ * New POT for text domain 'ntp-client'.
+ * New POT for text domain 'nis_server'.
+ * New POT for text domain 'nis'.
+ * New POT for text domain 'nfs_server'.
+ * New POT for text domain 'nfs'.
+ * New POT for text domain 'network'.
+ * New POT for text domain 'multipath'.
+ * New POT for text domain 'migration'.
+ * New POT for text domain 'mail'.
+ * New POT for text domain 'ldap-client'.
+ * New POT for text domain 'ldap'.
+ * New POT for text domain 'kdump'.
+ * New POT for text domain 'journalctl'.
+ * New POT for text domain 'isns'.
+ * New POT for text domain 'iscsi-lio-server'.
+ * New POT for text domain 'iscsi-client'.
+ * New POT for text domain 'iplb'.
+ * New POT for text domain 'instserver'.
+ * New POT for text domain 'installation'.
+ * New POT for text domain 'http-server'.
+ * New POT for text domain 'geo-cluster'.
+ * New POT for text domain 'ftp-server'.
+ * New POT for text domain 'firewall'.
+ * New POT for text domain 'fcoe-client'.
+ * New POT for text domain 'drbd'.
+ * New POT for text domain 'dns-server'.
+ * New POT for text domain 'dhcp-server'.
+ * New POT for text domain 'crowbar'.
+ * New POT for text domain 'country'.
+ * New POT for text domain 'control'.
+ * New POT for text domain 'cluster'.
+ * New POT for text domain 'bootloader'.
+ * New POT for text domain 'base'.
+ * New POT for text domain 'autoinst'.
+ * New POT for text domain 'auth-client'.
+ * New POT for text domain 'audit-laf'.
+ * New POT for text domain 'apparmor'.
+ * New POT for text domain 'add-on'.
+ * Add empty po files for cc and cc-control
+ * product-check.sh: Add support for 000product and inherited products
+ * DOMAIN_MAP: Add system-role-common-criteria
+ * Automatic update of wol.
+ * Automatic update of vpn.
+ * Automatic update of users.
+ * Automatic update of update.
+ * Automatic update of tune.
+ * Automatic update of s390.
+ * Automatic update of sysconfig.
+ * Automatic update of support.
+ * Automatic update of sudo.
+ * Automatic update of storage.
+ * Automatic update of squid.
+ * Automatic update of sound.
+ * Automatic update of snapper.
+ * Automatic update of slp-server.
+ * Automatic update of services-manager.
+ * Automatic update of security.
+ * Automatic update of scanner.
+ * Automatic update of samba-server.
+ * Automatic update of samba-client.
+ * Automatic update of rmt.
+ * Automatic update of relocation-server.
+ * Automatic update of reipl.
+ * Automatic update of registration.
+ * Automatic update of rdp.
+ * Automatic update of proxy.
+ * Automatic update of printer.
+ * Automatic update of pam.
+ * Automatic update of packager.
+ * Automatic update of online-update.
+ * Automatic update of ntp-client.
+ * Automatic update of nis_server.
+ * Automatic update of nis.
+ * Automatic update of nfs_server.
+ * Automatic update of nfs.
+ * Automatic update of network.
+ * Automatic update of multipath.
+ * Automatic update of migration.
+ * Automatic update of mail.
+ * Automatic update of ldap-client.
+ * Automatic update of ldap.
+ * Automatic update of kdump.
+ * Automatic update of journalctl.
+ * Automatic update of isns.
+ * Automatic update of iscsi-lio-server.
+ * Automatic update of iscsi-client.
+ * Automatic update of iplb.
+ * Automatic update of instserver.
+ * Automatic update of installation.
+ * Automatic update of http-server.
+ * Automatic update of geo-cluster.
+ * Automatic update of ftp-server.
+ * Automatic update of firewall.
+ * Automatic update of fcoe-client.
+ * Automatic update of drbd.
+ * Automatic update of dns-server.
+ * Automatic update of dhcp-server.
+ * Automatic update of crowbar.
+ * Automatic update of country.
+ * Automatic update of control.
+ * Automatic update of cluster.
+ * Automatic update of bootloader.
+ * Automatic update of base.
+ * Automatic update of autoinst.
+ * Automatic update of auth-client.
+ * Automatic update of audit-laf.
+ * Automatic update of apparmor.
+ * Automatic update of add-on.
+ * New POT for text domain 'ncurses'.
+ * New POT for text domain 'autoinst'.
+
yast2-update
+- Do not rely on the 'installation-helper' binary to create
+ snapshots after installation or offline upgrade (bsc#1180142).
+- Do not crash when it is not possible to create a snapshot before
+ upgrading the system (related to bsc#1180142).
+- 4.3.2
+
yast2-x11
+- Added "active_window" for switching the current X window
+ (or restoring back the previously active window)
+ (jsc#PM-1895, jsc#SLE-16263)
+- 4.3.0
+
-- Add explicit COPYING file
-
yast2-ycp-ui-bindings
+- Handle special keyboard shortcuts (jsc#PM-1895, jsc#SLE-16263)
+- 4.3.9
+
+- Adapted to libyui SO bump 14 -> 15 (bsc#1181653)
+- 4.3.8
+
zypper
+- doc: give more details about creating versioned package locks
+ (bsc#1181622)
+- man: Document synonymously used patch categories (bsc#1179847)
+- version 1.14.43
+