Packages changed: aaa_base (84.87+git20191017.bf0a315 -> 84.87+git20191120.98f1524) ca-certificates-mozilla dracut (049+git114.058e566c -> 049+git115.c2d8d6fb) findutils glib2 (2.62.2 -> 2.62.3) growpart hyper-v libtirpc (1.0.3 -> 1.1.4) lzo mozilla-nss (3.46.1 -> 3.47.1) pam-config patterns-containers pcre2 (10.33 -> 10.34) perl (5.28.1 -> 5.30.1) sed shared-mime-info xen (4.13.0_02 -> 4.13.0_03) === Details === ==== aaa_base ==== Version update (84.87+git20191017.bf0a315 -> 84.87+git20191120.98f1524) - Update to version 84.87+git20191120.98f1524: * merged PR 65 * dash fixes * handle /usr/etc/login.defs for wsl ==== ca-certificates-mozilla ==== - export correct p11kit trust attributes so Firefox detects built in certificates (boo#1154871). Courtesy of Fedora. ==== dracut ==== Version update (049+git114.058e566c -> 049+git115.c2d8d6fb) Subpackages: dracut-ima - Update to version 049+git115.c2d8d6fb: * suse: Remove incorrect usage of %_libexecdir (boo#1155785) ==== findutils ==== - Add disable-null-ptr-test.patch in order to fix boo#1157342. ==== glib2 ==== Version update (2.62.2 -> 2.62.3) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Update to version 2.62.3: + Use `poll()` in `g_spawn_sync()` rather than `select()`, which is subject to FD limits. + Fix undefined behaviour with `g_utf8_find_prev_char()`. + Bugs fixed: glgo#GNOME/GLib#954, glgo#GNOME/GLib#1318, glgo#GNOME/GLib#1897, glgo#GNOME/GLib#1903, glgo#GNOME/GLib#1916, glgo#GNOME/GLib#1917, glgo#GNOME/GLib!1174, glgo#GNOME/GLib!1184, glgo#GNOME/GLib!1194, glgo#GNOME/GLib!1203, glgo#GNOME/GLib!1207, glgo#GNOME/GLib!1215, glgo#GNOME/GLib!1219, glgo#GNOME/GLib!1222, glgo#GNOME/GLib!1228. ==== growpart ==== - Clean growpart.spec: * Drop obsolete tags * Use install instead of mkdir+cp+chmod * Fix build on SLE 12 SP4 - Replaced hardcoded systemd paths with macros in spec file - Reference entry for maintenance Tracker bug for the submission set to: bsc#1154357 - Deleted rootgrow source and sub-package build rootgrow is provided on github: https://github.com/SUSE-Enceladus/rootgrow and builds a standalone package now ==== hyper-v ==== - Update lsvmbus interpreter from python(1) to python3(1) again because only SLE12 lacked proper python3 support (bsc#1093910) - async name resolution in kvp_daemon (bsc#1100758) - kvp: eliminate 'may be used uninitialized' warning (89eb4d8d) - fix typos in toolchain (2d35c660) - fixed Python pep8/flake8 warnings for lsvmbus (5912e791) - Replace GPLv2 boilerplate/reference with SPDX (43aa3132) - Fix a warning of buffer overflow with gcc 8.0.1 (4fcba780) ==== libtirpc ==== Version update (1.0.3 -> 1.1.4) Subpackages: libtirpc-netconfig libtirpc3 - Fix previous version: - actually delete 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch - use 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch - use 0002-man-rpc_secure.3t-Fix-typo-in-manpage.patch (renamed from 0003-man-rpc_secure.3t-Fix-typo-in-manpage.patch) - use 0003-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch (renamed from 0004-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch) - Updated to libtirpc 1.1.5 rc2 (this includes changes in 1.1.4 release) - add libtirpc-1-1-5-rc1.patch and libtirpc-1-1-5-rc2.patch to reflect upstream changes after 1.1.4 release - remove /etc/bindresvport.blacklist as it's still supported by glibc although it's not compiled with --enable-obsolete-rpc - Drop patches accepted in previous releases or not needed - 000-bindresvport_blacklist.patch (accepted in 5b037cc9, libtirpc 1.1.4) - 001-new-rpcbindsock-path.patch (not needed, rpcbind now uses /var/run directory) - 002-revert-binddynport.patch (fixed in 2802259, libtirpc-1-0-4-rc1) - 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch (backport of 25d38d7, libtirpc-1-0-4-rc1) - 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch (backport of 145272c, libtirpc-1-0-4-rc2) - Add fixes from upcomming release - 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch - 0003-man-rpc_secure.3t-Fix-typo-in-manpage.patch - 0004-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch ==== lzo ==== - Disable strict aliasing due to its violation (boo#1157271). ==== mozilla-nss ==== Version update (3.46.1 -> 3.47.1) - update to NSS 3.47.1 * CVE-2019-11745 - EncryptUpdate should use maxout, not block size * Fix a crash that could be caused by client certificates during startup (bmo#1590495) * Fix compile-time warnings from uninitialized variables in a perl script (bmo#1589810) - update to NSS 3.47 * required by Firefox 71.0 Notable changes * Support AES HW acceleration on ARMv8 (bmo#1152625) * Allow per-socket run-time ordering of the cipher suites presented in ClientHello (bmo#1267894) * Add CMAC to FreeBL and PKCS #11 libraries (bmo#1570501) Bugfixes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes - requires NSPR 4.23 ==== pam-config ==== - Prevent systemd-user to call pam_mount when opening/closing a (PAM) session as it drops privileges in between and so when closing it may be unable to undo things set up during opening. [bsc#1153630, bsc1153630-prevent-systemd-pam_mount.patch] ==== patterns-containers ==== - Add k9s to kubernetes utilities pattern ==== pcre2 ==== Version update (10.33 -> 10.34) - Enable JIT on aarch64 - pcre2 10.34: * implement the documented maximum number of capturing subpatterns of 65535 * Improve the invalid utf32 support of the JIT compiler * Add support for matching in invalid UTF strings to the pcre2_match() * Give more error detail for invalid UTF-8 when detected in pcre2grep * support for invalid UTF-8 to pcre2grep. * Adjust the limit for "must have" code unit searching, in particular, * increase it substantially for non-anchored patterns. * Allow (*ACCEPT) to be quantified, because an ungreedy quantifier with a zero minimum is potentially useful. * Some changes to the way the minimum subject length is handled * Check for integer overflow when computing lookbehind lengths * Implement non-atomic positive lookaround assertions * Upgraded to Unicode 12.1.0 * Make pcre2test -C show if libreadline or libedit is supported * Various bug fixes and improvements ==== perl ==== Version update (5.28.1 -> 5.30.1) Subpackages: perl-base - update to perl-5.30.1 * unicode 12.1 is supported * turkic UTF-8 locales are now seamlessly supported * assigning non-zero to $[ is fatal * some formerly deprecated uses of an unescaped left brace "{" in regular expression patterns are now illegal * previously deprecated sysread()/syswrite() on :utf8 handles is now fatal * my() in false conditional prohibited * remove File::Glob::glob() * various performance enhancements - updated patches: * perl-5.22.0_wrong_rpm_provides.diff * perl-gdbm-test-no-mmap.diff * perl-fix2020.patch * perl-reproducible2.patch - dropped patches: * perl-revert-caretx.diff * perl-regexp-refoverflow.diff ==== sed ==== - Add disable-null-ptr-argument.patch in order to fix boo#1157218. ==== shared-mime-info ==== - Drop no longer required PreReq's, obsolete with switch to file trigger based pre/post scripts. ==== xen ==== Version update (4.13.0_02 -> 4.13.0_03) - Update to Xen 4.13.0 RC3 release xen-4.13.0-testing-src.tar.bz2 - Drop python38-build.patch