Packages changed: bc ceph (14.2.2.348+gf6da3d1d18 -> 14.2.2.354+g8878cf2360) cloud-init-config-MicroOS cri-o dracut (049+git104.1244eed7 -> 049+git108.6c9d1156) kernel-source (5.2.10 -> 5.2.11) libsolv (0.7.5 -> 0.7.6) microos-tools (1.0+git20190611.6211f74 -> 1.0+git20190812.97ca0ee) multipath-tools (0.8.2+11+suse.0f6a649 -> 0.8.2+26+suse.d884195) podman (1.5.0 -> 1.5.1) python-more-itertools (5.0.0 -> 7.2.0) slirp4netns (0.3.2 -> 0.4.1) vim === Details === ==== bc ==== - Use %license instead of %doc [bsc#1082318] - Cleanup %doc section ==== ceph ==== Version update (14.2.2.348+gf6da3d1d18 -> 14.2.2.354+g8878cf2360) Subpackages: ceph-base ceph-common ceph-mds ceph-mgr ceph-mon ceph-osd libcephfs2 librados2 libradosstriper1 librbd1 librgw2 python3-ceph-argparse python3-cephfs python3-rados python3-rbd python3-rgw - Update to 14.2.2-354-g8878cf2360: + rgw: Move upload_info declaration out of conditional (bsc#1137189, https://github.com/SUSE/ceph/pull/325) - Update to 14.2.2.349+g6716a1e448: + rgw: fix for CVE-2019-10222/bsc#1145093 for the beast frontend ("rgw: asio: check the remote endpoint before processing requests") ==== cloud-init-config-MicroOS ==== - Drop explicit list of data sources (boo#1146802) ==== cri-o ==== Subpackages: cri-o-kubeadm-criconfig - Update crio.conf to: * set manage_network_ns_lifecycle per default to true ==== dracut ==== Version update (049+git104.1244eed7 -> 049+git108.6c9d1156) Subpackages: dracut-ima - Update to version 049+git108.6c9d1156: * dracut-init.sh: Nuke unused install_kmod_with_fw function * dracut-install: Support the compressed firmware files correctly (boo#1146769) * dracut: let module handling function accept optional path option * dracut.sh: Fix udevdir detection ==== kernel-source ==== Version update (5.2.10 -> 5.2.11) Subpackages: kernel-debug kernel-default - Linux 5.2.11 (bnc#1012628). - ASoC: simple_card_utils.h: care NULL dai at asoc_simple_debug_dai() (bnc#1012628). - ASoC: simple-card: fix an use-after-free in simple_dai_link_of_dpcm() (bnc#1012628). - ASoC: simple-card: fix an use-after-free in simple_for_each_link() (bnc#1012628). - ASoC: audio-graph-card: fix use-after-free in graph_dai_link_of_dpcm() (bnc#1012628). - ASoC: audio-graph-card: fix an use-after-free in graph_get_dai_id() (bnc#1012628). - ASoC: audio-graph-card: add missing const at graph_get_dai_id() (bnc#1012628). - regulator: axp20x: fix DCDCA and DCDCD for AXP806 (bnc#1012628). - regulator: axp20x: fix DCDC5 and DCDC6 for AXP803 (bnc#1012628). - ASoC: samsung: odroid: fix an use-after-free issue for codec (bnc#1012628). - ASoC: samsung: odroid: fix a double-free issue for cpu_dai (bnc#1012628). - ASoC: Intel: bytcht_es8316: Add quirk for Irbis NB41 netbook (bnc#1012628). - HID: logitech-hidpp: add USB PID for a few more supported mice (bnc#1012628). - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT (bnc#1012628). - MIPS: kernel: only use i8253 clocksource with periodic clockevent (bnc#1012628). - mips: fix cacheinfo (bnc#1012628). - libbpf: sanitize VAR to conservative 1-byte INT (bnc#1012628). - netfilter: ebtables: fix a memory leak bug in compat (bnc#1012628). - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks (bnc#1012628). - ASoC: SOF: use __u32 instead of uint32_t in uapi headers (bnc#1012628). - spi: pxa2xx: Balance runtime PM enable/disable on error (bnc#1012628). - bpf: sockmap, sock_map_delete needs to use xchg (bnc#1012628). - bpf: sockmap, synchronize_rcu before free'ing map (bnc#1012628). - bpf: sockmap, only create entry if ulp is not already enabled (bnc#1012628). - selftests/bpf: fix sendmsg6_prog on s390 (bnc#1012628). - ASoC: dapm: fix a memory leak bug (bnc#1012628). - bonding: Force slave speed check after link state recovery for 802.3ad (bnc#1012628). - net: mvpp2: Don't check for 3 consecutive Idle frames for 10G links (bnc#1012628). - selftests: forwarding: gre_multipath: Enable IPv4 forwarding (bnc#1012628). - selftests: forwarding: gre_multipath: Fix flower filters (bnc#1012628). - selftests/bpf: add another gso_segs access (bnc#1012628). - libbpf: fix using uninitialized ioctl results (bnc#1012628). - can: dev: call netif_carrier_off() in register_candev() (bnc#1012628). - can: mcp251x: add error check when wq alloc failed (bnc#1012628). - can: gw: Fix error path of cgw_module_init (bnc#1012628). - ASoC: Fail card instantiation if DAI format setup fails (bnc#1012628). - Staging: fbtft: Fix GPIO handling (bnc#1012628). - libbpf: silence GCC8 warning about string truncation (bnc#1012628). - st21nfca_connectivity_event_received: null check the allocation (bnc#1012628). - st_nci_hci_connectivity_event_received: null check the allocation (bnc#1012628). - {nl,mac}80211: fix interface combinations on crypto controlled devices (bnc#1012628). - ASoC: ti: davinci-mcasp: Fix clk PDIR handling for i2s master mode (bnc#1012628). - ASoC: rockchip: Fix mono capture (bnc#1012628). - ASoC: ti: davinci-mcasp: Correct slot_width posed constraint (bnc#1012628). - net: usb: qmi_wwan: Add the BroadMobi BM818 card (bnc#1012628). - qed: RDMA - Fix the hw_ver returned in device attributes (bnc#1012628). - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() (bnc#1012628). - habanalabs: fix F/W download in BE architecture (bnc#1012628). - mac80211_hwsim: Fix possible null-pointer dereferences in hwsim_dump_radio_nl() (bnc#1012628). - net: stmmac: manage errors returned by of_get_mac_address() (bnc#1012628). - netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too (bnc#1012628). - netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets (bnc#1012628). - netfilter: ipset: Fix rename concurrency with listing (bnc#1012628). - rxrpc: Fix potential deadlock (bnc#1012628). - rxrpc: Fix the lack of notification when sendmsg() fails on a DATA packet (bnc#1012628). - nvmem: Use the same permissions for eeprom as for nvmem (bnc#1012628). - iwlwifi: mvm: avoid races in rate init and rate perform (bnc#1012628). - iwlwifi: dbg_ini: move iwl_dbg_tlv_load_bin out of debug override ifdef (bnc#1012628). - iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (bnc#1012628). - iwlwifi: fix locking in delayed GTK setting (bnc#1012628). - iwlwifi: mvm: send LQ command always ASYNC (bnc#1012628). - enetc: Fix build error without PHYLIB (bnc#1012628). - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack (bnc#1012628). - net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() (bnc#1012628). - perf bench numa: Fix cpu0 binding (bnc#1012628). - spi: pxa2xx: Add support for Intel Tiger Lake (bnc#1012628). - can: sja1000: force the string buffer NULL-terminated (bnc#1012628). - can: peak_usb: force the string buffer NULL-terminated (bnc#1012628). - ASoC: amd: acp3x: use dma_ops of parent device for acp3x dma driver (bnc#1012628). - net/ethernet/qlogic/qed: force the string buffer NULL-terminated (bnc#1012628). - enetc: Select PHYLIB while CONFIG_FSL_ENETC_VF is set (bnc#1012628). - NFSv4: Fix a credential refcount leak in nfs41_check_delegation_stateid (bnc#1012628). - NFSv4: When recovering state fails with EAGAIN, retry the same recovery (bnc#1012628). - NFSv4.1: Fix open stateid recovery (bnc#1012628). - NFSv4.1: Only reap expired delegations (bnc#1012628). - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() (bnc#1012628). - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts (bnc#1012628). - HID: quirks: Set the INCREMENT_USAGE_ON_DUPLICATE quirk on Saitek X52 (bnc#1012628). - HID: input: fix a4tech horizontal wheel custom usage (bnc#1012628). - drm/rockchip: Suspend DP late (bnc#1012628). - SMB3: Fix potential memory leak when processing compound chain (bnc#1012628). - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL (bnc#1012628). - sched/deadline: Fix double accounting of rq/running bw in push & pull (bnc#1012628). - sched/psi: Reduce psimon FIFO priority (bnc#1012628). - sched/psi: Do not require setsched permission from the trigger creator (bnc#1012628). - s390/protvirt: avoid memory sharing for diag 308 set/store (bnc#1012628). - s390/mm: fix dump_pagetables top level page table walking (bnc#1012628). - s390: put _stext and _etext into .text section (bnc#1012628). - ata: rb532_cf: Fix unused variable warning in rb532_pata_driver_probe (bnc#1012628). - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' (bnc#1012628). - net: stmmac: Fix issues when number of Queues >= 4 (bnc#1012628). - net: stmmac: tc: Do not return a fragment entry (bnc#1012628). - drm/amdgpu: pin the csb buffer on hw init for gfx v8 (bnc#1012628). - net: hisilicon: make hip04_tx_reclaim non-reentrant (bnc#1012628). - net: hisilicon: fix hip04-xmit never return TX_BUSY (bnc#1012628). - net: hisilicon: Fix dma_map_single failed on arm64 (bnc#1012628). - NFSv4: Ensure state recovery handles ETIMEDOUT correctly (bnc#1012628). - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests (bnc#1012628). - libata: add SG safety checks in SFF pio transfers (bnc#1012628). - x86/lib/cpu: Address missing prototypes warning (bnc#1012628). - drm/vmwgfx: fix memory leak when too many retries have occurred (bnc#1012628). - block: aoe: Fix kernel crash due to atomic sleep when exiting (bnc#1012628). - block, bfq: handle NULL return value by bfq_init_rq() (bnc#1012628). - perf ftrace: Fix failure to set cpumask when only one cpu is present (bnc#1012628). - perf cpumap: Fix writing to illegal memory in handling cpumap mask (bnc#1012628). - perf pmu-events: Fix missing "cpu_clk_unhalted.core" event (bnc#1012628). - dt-bindings: riscv: fix the schema compatible string for the HiFive Unleashed board (bnc#1012628). - KVM: arm64: Don't write junk to sysregs on reset (bnc#1012628). - KVM: arm: Don't write junk to CP15 registers on reset (bnc#1012628). - selftests: kvm: Adding config fragments (bnc#1012628). - iwlwifi: mvm: disable TX-AMSDU on older NICs (bnc#1012628). - HID: wacom: correct misreported EKR ring values (bnc#1012628). - HID: wacom: Correct distance scale for 2nd-gen Intuos devices (bnc#1012628). - Revert "KVM: x86/mmu: Zap only the relevant pages when removing a memslot" (bnc#1012628). - Revert "dm bufio: fix deadlock with loop device" (bnc#1012628). - clk: socfpga: stratix10: fix rate caclulationg for cnt_clks (bnc#1012628). - ceph: clear page dirty before invalidate page (bnc#1012628). - ceph: don't try fill file_lock on unsuccessful GETFILELOCK reply (bnc#1012628). - libceph: fix PG split vs OSD (re)connect race (bnc#1012628). - drm/amdgpu/gfx9: update pg_flags after determining if gfx off is possible (bnc#1012628). - drm/nouveau: Don't retry infinitely when receiving no data on i2c over AUX (bnc#1012628). - scsi: ufs: Fix NULL pointer dereference in ufshcd_config_vreg_hpm() (bnc#1012628). - gpiolib: never report open-drain/source lines as 'input' to user-space (bnc#1012628). - Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE (bnc#1012628). - userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx (bnc#1012628). - x86/retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386 (bnc#1012628). - x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h (bnc#1012628). - x86/boot: Save fields explicitly, zero out everything else (bnc#1012628). - x86/boot: Fix boot regression caused by bootparam sanitizing (bnc#1012628). - IB/hfi1: Unsafe PSN checking for TID RDMA READ Resp packet (bnc#1012628). - IB/hfi1: Add additional checks when handling TID RDMA READ RESP packet (bnc#1012628). - IB/hfi1: Add additional checks when handling TID RDMA WRITE DATA packet (bnc#1012628). - IB/hfi1: Drop stale TID RDMA packets that cause TIDErr (bnc#1012628). - psi: get poll_work to run when calling poll syscall next time (bnc#1012628). - dm kcopyd: always complete failed jobs (bnc#1012628). - dm dust: use dust block size for badblocklist index (bnc#1012628). - dm btree: fix order of block initialization in btree_split_beneath (bnc#1012628). - dm integrity: fix a crash due to BUG_ON in __journal_read_write() (bnc#1012628). - dm raid: add missing cleanup in raid_ctr() (bnc#1012628). - dm space map metadata: fix missing store of apply_bops() return value (bnc#1012628). - dm table: fix invalid memory accesses with too high sector number (bnc#1012628). - dm zoned: improve error handling in reclaim (bnc#1012628). - dm zoned: improve error handling in i/o map code (bnc#1012628). - dm zoned: properly handle backing device failure (bnc#1012628). - genirq: Properly pair kobject_del() with kobject_add() (bnc#1012628). - mm/z3fold.c: fix race between migration and destruction (bnc#1012628). - mm, page_alloc: move_freepages should not examine struct page of reserved memory (bnc#1012628). - mm: memcontrol: flush percpu vmstats before releasing memcg (bnc#1012628). - mm: memcontrol: flush percpu vmevents before releasing memcg (bnc#1012628). - mm, page_owner: handle THP splits correctly (bnc#1012628). - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely (bnc#1012628). - mm/zsmalloc.c: fix race condition in zs_destroy_pool (bnc#1012628). - mm/kasan: fix false positive invalid-free reports with CONFIG_KASAN_SW_TAGS=y (bnc#1012628). - xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (bnc#1012628). - IB/hfi1: Drop stale TID RDMA packets (bnc#1012628). - dm zoned: fix potential NULL dereference in dmz_do_reclaim() (bnc#1012628). - io_uring: fix potential hang with polled IO (bnc#1012628). - io_uring: don't enter poll loop if we have CQEs pending (bnc#1012628). - io_uring: add need_resched() check in inner poll loop (bnc#1012628). - powerpc: Allow flush_(inval_)dcache_range to work across ranges >4GB (bnc#1012628). - rxrpc: Fix local endpoint refcounting (bnc#1012628). - rxrpc: Fix read-after-free in rxrpc_queue_local() (bnc#1012628). - rxrpc: Fix local endpoint replacement (bnc#1012628). - rxrpc: Fix local refcounting (bnc#1012628). - commit 6385110 - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814,bsc#1146512,CVE-2019-14815,bsc#1146514,CVE-2019-14816,bsc#1146516). - commit 05e68fe - rpm: raise required disk space for binary packages Current disk space constraints (10 GB on s390x, 25 GB on other architectures) no longer suffice for 5.3 kernel builds. The statistics show ~30 GB of disk consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB in general and 14 GB on s390x. - commit 527cb66 - Refresh patches.suse/x86-apic-Handle-missing-global-clockevent-gracefully.patch. Update to the upstreamed patch. - commit bb236c2 - Update reference for ath6kl fix (CVE-2019-15290,bsc#1146543). - commit 6f03484 - Fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe (CVE-2019-15098,bsc#1146378). - Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe (CVE-2019-15099,bsc#1146368). - commit 8c61e43 - Fix a double free bug in rsi_91x_deinit (bnc#1147116 CVE-2019-15504). - commit 5009555 ==== libsolv ==== Version update (0.7.5 -> 0.7.6) - Fix repository priority handling for multiversion packages - Make code compatible with swig 4.0, remove obj0 instances - repo2solv: support zchunk compressed data - bump version to 0.7.6 ==== microos-tools ==== Version update (1.0+git20190611.6211f74 -> 1.0+git20190812.97ca0ee) - Remove create_autoyast_profile from sources - Update to version 1.0+git20190812.97ca0ee: * Add create_autoyast_profile to caasp section for reference ==== multipath-tools ==== Version update (0.8.2+11+suse.0f6a649 -> 0.8.2+26+suse.d884195) Subpackages: kpartx libmpath0 - Update to version 0.8.2+26+suse.d884195: - Don't activate NVMe native multipath support by default * multipath.conf.5: document foreign library support * multipath.conf: add "enable_foreign" parameter (bsc#1139837) * Set default for "enable_foreign" to "NONE" (bsc#1139837) added libmultipath-set-enable_foreign-to-NONE-by-default.patch - Added reviewed upstream patches (marginal path patch set from Red Hat) * add "marginal_pathgroups" config option * deprecate "delay_wait_checks" and "delay_watch_checks"; they are now automatically mapped to eqivalent "san_path_err_..." settings. ==== podman ==== Version update (1.5.0 -> 1.5.1) Subpackages: podman-cni-config - Update podman to v1.5.1 * Features - The hostname of pods is now set to the pod's name * Bugfixes - Fixed a bug where podman run and podman create did not honor the --authfile option (#3730) - Fixed a bug where containers restored with podman container restore - -import would incorrectly duplicate the Conmon PID file of the original container - Fixed a bug where podman build ignored the default OCI runtime configured in libpod.conf - Fixed a bug where podman run --rm (or force-removing any running container with podman rm --force) were not retrieving the correct exit code (#3795) - Fixed a bug where Podman would exit with an error if any configured hooks directory was not present - Fixed a bug where podman inspect and podman commit would not use the correct CMD for containers run with podman play kube - Fixed a bug created pods when using rootless Podman and CGroups V2 (#3801) - Fixed a bug where the podman events command with the --since or --until options could take a very long time to complete * Misc - Rootless Podman will now inherit OCI runtime configuration from the root configuration (#3781) - Podman now properly sets a user agent while contacting registries (#3788) - Add zsh completion for podman commands ==== python-more-itertools ==== Version update (5.0.0 -> 7.2.0) - Place a mildly useful text in the %description section. - update to version 7.2.0 * new itertools: distinct_combinations, set_partitions, filter_except, map_except, ichunked, only, time_limited, partitions, substrings_indexes * Python 2.7 is no longer supported. All future releases will target the active versions of Python 3. * The six library is no longer a dependency. * collapse now treats bytes objects the same as str objects. * numeric_range now supports ranges specified by datetime.datetime and datetime.timedelta objects ==== slirp4netns ==== Version update (0.3.2 -> 0.4.1) - Update to 0.4.1 * Support specifying netns path (slirp4netns --netns-type=path PATH TAPNAME) * Support specifying --userns-path * Vendor https://gitlab.freedesktop.org/slirp/libslirp (QEMU v4.1+) * Bring up loopback device when --configure is specified * Support sandboxing by creating a mount namespace (--enable-sandbox) * Support seccomp (--enable-seccomp) - Add new build dependencies libcap-devel and libseccomp-devel - Update to 0.3.3 * Fix use-after-free in libslirp ==== vim ==== Subpackages: vim-data-common - By default do not put group in specfile as it is optional