Packages changed: curl (7.73.0 -> 7.74.0) ethtool (5.9 -> 5.10) fuse ipset (7.9 -> 7.10) kernel-firmware kernel-source (5.9.14 -> 5.10.1) libxml2 openldap2 python-Babel (2.8.0 -> 2.9.0) python-certifi (2020.11.8 -> 2020.12.5) python-cffi (1.14.3 -> 1.14.4) python-chardet (3.0.4 -> 4.0.0) python-cryptography (3.3 -> 3.3.1) python-ecdsa (0.16.0 -> 0.16.1) python-jsonpatch (1.26 -> 1.28) python-msgpack (1.0.0 -> 1.0.2) python-requests (2.25.0 -> 2.25.1) snapper (0.8.14 -> 0.8.15) systemd (246.7 -> 246.9) yomi-formula === Details === ==== curl ==== Version update (7.73.0 -> 7.74.0) Subpackages: libcurl4 - Enable zstd and brotli support - Update to 7.74.0 * Changes: hsts: add experimental support for Strict-Transport-Security * Bugfixes: - Inferior OCSP verification [bsc#1179593, CVE-2020-8286] - FTP wildcard stack overflow [bsc#1179399, CVE-2020-8285] - trusting FTP PASV responses [bsc#1179398, CVE-2020-8284] - Revert "multi: implement wait using winsock events" - openssl: free mem_buf in error path - ntlm: avoid malloc(0) on zero length user and domain - ngtcp2: use the minimal version of QUIC supported by ngtcp2 - ngtcp2: advertise h3 ALPN unconditionally - file: avoid duplicated code sequence - openssl: guard against OOM on context creation - docs: document the 8MB input string limit for curl_easy_escape and curl_easy_setopt() - hsts: add read/write callbacks - hsts: add support for Strict-Transport-Security - alt-svc: enable by default - checksrc: warn on empty line before open brace - connect: repair build without ipv6 availability - curl.se: new home - ftp: retry getpeername for FTP with TCP_FASTOPEN - gnutls: fix memory leaks (certfields memory wasn't released) - http: pass correct header size to debug callback for chunked post - libssh2: fix transport over HTTPS proxy - openssl: guard against OOM on context creation - openssl: use OPENSSL_init_ssl() with >= 1.1.0 - Revert "multi: implement wait using winsock events" - socks: check for DNS entries with the right port number - tool_operate: --retry for HTTP 408 responses too - tool_operate: bail out proper on errors during parallel transfers - urlapi: don't accept blank port number field without scheme - urlapi: URL encode a '+' in the query part - vquic/ngtcp2.h: define local_addr as sockaddr_storage - Update check section: * runtests now supports dynamically base64 encoded sections in tests * Replace env interpreter for perl and python3 - Remove curl-use_OPENSSL_config.patch since the OpenSSL initialization has been updated to use OPENSSL_init_ssl() with >= 1.1.0 - Update patches to fix compiling warnings: * curl-disabled-redirect-protocol-message.patch * libcurl-ocloexec.patch - Enable test 1165 ==== ethtool ==== Version update (5.9 -> 5.10) - update to new upstream release 5.10 * infrastructure for JSON output * separate FLAGS in -h output * use policy dumps to check flags support * show pause stats (-a) * pretty printing of policy dumps * improve error message when SFP module is missing * fix use after free in netlink_run_handler() * fix leaked instances of struct nl_socket * improve compatibility between netlink and ioctl (-s) - drop patches present in 5.10 release: * ethtool-Improve-compatibility-between-netlink-and-io.patch * netlink-do-not-send-messages-and-process-replies-in-.patch * netlink-fix-leaked-instances-of-struct-nl_socket.patch * netlink-fix-use-after-free-in-netlink_run_handler.patch ==== fuse ==== - Enable LTO (boo#1133101) and use -ffat-lto-objects. ==== ipset ==== Version update (7.9 -> 7.10) Subpackages: libipset13 - Update to release 7.10 * Fix shift-out-of-bounds in htable_bits() ==== kernel-firmware ==== Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - add banana pi brcm wireless symlinks to extrawhence ==== kernel-source ==== Version update (5.9.14 -> 5.10.1) - drm/amdgpu: only set DP subconnector type on DP and eDP connectors (bsc#1180227). - commit 74c3250 - Update config files. Just to match my env. - commit 588066a - Linux 5.10.1 (bsc#1012628). - Revert "dm raid: fix discard limits for raid1 and raid10" (bsc#1012628). - Revert "md: change mddev 'chunk_sectors' from int to unsigned" (bsc#1012628). - commit bc79fb6 - lpae: disable CONFIG_QCOM_PIL_INFO to fix build on armv7 - commit 0c08c2e - Update to 5.10 final - eliminated 1 patch - patches.suse/revert-mm-filemap-add-static-for-function-__add_to_p.patch - update configs - NFS_V4_2_READ_PLUS=n (recommended default, unsafe feature) - commit ff9060b - config.conf: Reenable armv6hl/armv7hl/arm64 - Update config files: * Settings copied from x86_64 update * arm specific options are =m except if debug or test, =y otherwise - commit cc424ba ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch ==== openldap2 ==== - added openldap2.keyring and source signature file ==== python-Babel ==== Version update (2.8.0 -> 2.9.0) - removed obsolete patches * python383.patch * pytest6.patch - update to 2.9.0 * Improvements - CLDR: Use CLDR 37 ? Aarni Koskela (#734) - Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (#741) - Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (#726) * Bugfixes - Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings ? Aarni Koskela - Import: Simplify iteration code in "import_cldr.py" ? Felix Schwarz - Import: Stop using deprecated ElementTree methods "getchildren()" and "getiterator()" ? Felix Schwarz - Messages: Fix unicode printing error on Python 2 without TTY. ? Niklas Hambüchen - Messages: Introduce invariant that _invalid_pofile() takes unicode line. ? Niklas Hambüchen - Tests: fix tests when using Python 3.9 ? Felix Schwarz - Tests: Remove deprecated 'sudo: false' from Travis configuration ? Jon Dufresne - Tests: Support Py.test 6.x ? Aarni Koskela - Utilities: LazyProxy: Handle AttributeError in specified func ? Nikiforov Konstantin (#724) - Utilities: Replace usage of parser.suite with ast.parse ? Miro Hron?ok - Support Py.test 6 - Aarni Koskela (#747, #750, #752) * Documentation - Update parse_number comments ? Brad Martin (#708) - Add __iter__ to Catalog documentation ? @CyanNani123 ==== python-certifi ==== Version update (2020.11.8 -> 2020.12.5) - update to 2020.12.5 ==== python-cffi ==== Version update (1.14.3 -> 1.14.4) - update to 1.14.4: * no upstream changelog provided ==== python-chardet ==== Version update (3.0.4 -> 4.0.0) - Remove now unnecessary pytest4.patch and python-chardet-rpmlintrc - Update to v4.0.0 See https://github.com/chardet/chardet/compare/3.0.4...4.0.0 ==== python-cryptography ==== Version update (3.3 -> 3.3.1) - update to 3.3.1: * Re-added a legacy symbol causing problems for older ``pyOpenSSL`` use ==== python-ecdsa ==== Version update (0.16.0 -> 0.16.1) - update to to 0.16.1: * `VerifyingKey.precompute()` supports `lazy` argument to delay precomputation to the first time the key is used to verify a signature. * Make created signatures correct when the hash used is bigger than the curve order bit size and the curve order is not a multiple of 8 * Speed up library load time by calculating the generator point multiplication tables the first time the points are used, not when they are initialised. ==== python-jsonpatch ==== Version update (1.26 -> 1.28) - update to 1.28: * Make it possible for from_diff to support custom types (issue #107) * Python 3.9 support ==== python-msgpack ==== Version update (1.0.0 -> 1.0.2) - update to 1.0.2: * Python 3.9 support * bugfixes ==== python-requests ==== Version update (2.25.0 -> 2.25.1) - update to 2.25.1: - Requests now treats `application/json` as `utf8` by default. Resolving inconsistencies between `r.text` and `r.json` output. (#5673) ==== snapper ==== Version update (0.8.14 -> 0.8.15) Subpackages: libsnapper5 - added option to abbreviate columns in table (see gh#openSUSE/snapper#268) - version 0.8.15 - in systemd-helper continue with other configs if one config is broken (gh#openSUSE/snapper#495) - fixed compilation with --disable-btrfs (gh#openSUSE/snapper#505) ==== systemd ==== Version update (246.7 -> 246.9) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit 520e53b6d85087b05892ee637ae93f1b269e7e52 (merge of v246.9) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/2401461e5f0e32922823d954c56106f96344070e...520e53b6d85087b05892ee637ae93f1b269e7e52 - Import commit 2401461e5f0e32922823d954c56106f96344070e 6131548b0f udev: link_update() should fail if the entry in symlink dir couldn't have been created f6cb8c7d79 udev: make algorithm that selects highest priority devlink less susceptible to race conditions (bsc#1084748) fc64e47291 basic/stat-util: make mtime check stricter and use entire timestamp ae91d45d3d test/sys-script.py: add missing DEVNAME entries to uevents 09e3473a7a test/udev_test.pl: add "expected good" count fc89379b5b test/udev-test.pl: suppress umount error message at startup d9e114f10d test/sd-script.py: new helper script for udev testing f2672eae66 test/udev-test.pl: generator for large list of block devices 42b68e43e2 test/udev-test.pl: add repeat count eec8ec375a tests/udev-test.pl: add multiple device test 73b8f3cf93 test/udev-test.pl: count "good" results ee04d70bb6 test/udev-test.pl: merge import parent tests into one 03942c8fbc test/udev-test.pl: merge "space and var with space" tests ec95546189 test/udev-test.pl: remove bogus rules from magic subsys test f704429217 test/udev-test.pl: Make some tests a little harder ce1a877dc0 test/udev-test.pl: last_rule is unsupported 913c72ff2d test/udev-test.pl: fix wrong test descriptions eeb25a1be6 test/udev-test.pl: allow checking multiple symlinks 00ab4292da test/udev-test.pl: test correctness of symlink targets 5b71ee2911 test/udev-test.pl: use computed devnode name 2e04bb9ae8 test/udev-test.pl: allow concurrent additions and removals 8816dd593c test/udev-test.pl: create rules only once 214418632d test/udev-test.pl: allow multiple devices per test 1eb6b23f27 udev-test: do not rely on "mail" group being defined 4a0a4dcf10 udev: Fix sound.target dependency (bsc#1179363) - Enable support for zstd compression systemd-journald will now use zstd for compressing large fields in journal files. systemd-coredump will also use this algorithm to compress coredump files. Please note that systemd older than v246 won't be able to read new journal files as zstd algorithm is not supported by these versions. This incompatible change was actually not the only one introduced by v246 since the hash tables in journal files have been hardened against hash collisions too in an incompatible way with older versions. ==== yomi-formula ==== - Run spec-cleaner - Add temporary and explicit dependency to libudev1