Packages changed: busybox-links gdbm (1.18.1 -> 1.19) kernel-firmware (20201130 -> 20201218) kernel-source (5.10.1 -> 5.10.3) kustomize (3.9.0 -> 3.9.1) libproxy (0.4.15 -> 0.4.17) oath-toolkit (2.6.2 -> 2.6.5) python-pytz (2020.4 -> 2020.5) system-users === Details === ==== busybox-links ==== Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed - busybox-sendmail also conflicts with the postfix-bdb flavor. ==== gdbm ==== Version update (1.18.1 -> 1.19) Subpackages: libgdbm6 libgdbm_compat4 - version update to 1.19 * Pre-read the memory mapped regions on systems that support it. This speeds up operations on big databases. * gdbmtool: tagged initialization of structured data Initializers for structured data can be given in tagged form, e.g.: store somekey { status=2, id={a,u,x}, name="foo" } * Bugfixes: * * Preserve locking type during database reorganization - modified patches % gdbm-no-build-date.patch (refreshed) - deleted patches - gdbm-no-common.patch (upstreamed) ==== kernel-firmware ==== Version update (20201130 -> 20201218) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20201218 (git commit 646f159690e2): * make AP6212 in bananpi m2 plus/zero work * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: add firmware for Lontium LT9611UXC DSI to HDMI bridge * mediatek: update MT8173 VPU firmware to v1.1.6 * QCA : Updated firmware files for WCN3991 - Remove the already upstreamed extrawhence entry - Update topic entry for lt9611uxc - Update aliases from 5.10.x kernels ==== kernel-source ==== Version update (5.10.1 -> 5.10.3) - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (bsc#1180117). - commit b9a0c5f - iwlwifi: dbg: Don't touch the tlv data (bsc#1180344). - commit cd8100a - Linux 5.10.3 (bsc#1012628). - md: fix a warning caused by a race between concurrent md_ioctl()s (bsc#1012628). - nl80211: validate key indexes for cfg80211_registered_device (bsc#1012628). - crypto: af_alg - avoid undefined behavior accessing salg_name (bsc#1012628). - media: msi2500: assign SPI bus number dynamically (bsc#1012628). - fs: quota: fix array-index-out-of-bounds bug by passing correct argument to vfs_cleanup_quota_inode() (bsc#1012628). - quota: Sanity-check quota file headers on load (bsc#1012628). - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (bsc#1012628). - f2fs: prevent creating duplicate encrypted filenames (bsc#1012628). - ext4: prevent creating duplicate encrypted filenames (bsc#1012628). - ubifs: prevent creating duplicate encrypted filenames (bsc#1012628). - fscrypt: add fscrypt_is_nokey_name() (bsc#1012628). - fscrypt: remove kernel-internal constants from UAPI header (bsc#1012628). - serial_core: Check for port state when tty is in error state (bsc#1012628). - HID: i2c-hid: add Vero K147 to descriptor override (bsc#1012628). - scsi: megaraid_sas: Check user-provided offsets (bsc#1012628). - f2fs: init dirty_secmap incorrectly (bsc#1012628). - f2fs: fix to seek incorrect data offset in inline data file (bsc#1012628). - coresight: etm4x: Handle TRCVIPCSSCTLR accesses (bsc#1012628). - coresight: etm4x: Fix accesses to TRCPROCSELR (bsc#1012628). - coresight: etm4x: Fix accesses to TRCCIDCTLR1 (bsc#1012628). - coresight: etm4x: Fix accesses to TRCVMIDCTLR1 (bsc#1012628). - coresight: etm4x: Skip setting LPOVERRIDE bit for qcom, skip-power-up (bsc#1012628). - coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf() (bsc#1012628). - coresight: tmc-etr: Fix barrier packet insertion for perf buffer (bsc#1012628). - coresight: tmc-etr: Check if page is valid before dma_map_page() (bsc#1012628). - coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf() (bsc#1012628). - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU (bsc#1012628). - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 (bsc#1012628). - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (bsc#1012628). - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (bsc#1012628). - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (bsc#1012628). - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (bsc#1012628). - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (bsc#1012628). - USB: gadget: f_acm: add support for SuperSpeed Plus (bsc#1012628). - USB: serial: option: add interface-number sanity check to flag handling (bsc#1012628). - usb: mtu3: fix memory corruption in mtu3_debugfs_regset() (bsc#1012628). - soc/tegra: fuse: Fix index bug in get_process_id (bsc#1012628). - exfat: Avoid allocating upcase table using kcalloc() (bsc#1012628). - x86/split-lock: Avoid returning with interrupts enabled (bsc#1012628). - net: ipconfig: Avoid spurious blank lines in boot log (bsc#1012628). - commit 246b3e0 - reset: raspberrypi: Don't reset USB if already up (bsc#1180336). - commit cbfc03c - series.conf: cleanup - update upstream reference and move to "almost mainline" section: patches.suse/clk-bcm-dvp-add-module_device_table.patch - commit 24deb54 - config: refresh - drop USB_SISUSBVGA_CON (no longer accessible) - commit c403c88 - Linux 5.10.2 (bsc#1012628). - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (bsc#1012628). - ALSA: pcm: oss: Fix potential out-of-bounds shift (bsc#1012628). - USB: sisusbvga: Make console support depend on BROKEN (bsc#1012628). - USB: UAS: introduce a quirk to set no_write_same (bsc#1012628). - xhci-pci: Allow host runtime PM as default for Intel Maple Ridge xHCI (bsc#1012628). - xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (bsc#1012628). - usb: xhci: Set quirk for XHCI_SG_TRB_CACHE_SIZE_QUIRK (bsc#1012628). - xhci: Give USB2 ports time to enter U3 in bus suspend (bsc#1012628). - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (bsc#1012628). - ALSA: usb-audio: Fix potential out-of-bounds shift (bsc#1012628). - USB: add RESET_RESUME quirk for Snapscan 1212 (bsc#1012628). - USB: dummy-hcd: Fix uninitialized array use in init() (bsc#1012628). - USB: legotower: fix logical error in recent commit (bsc#1012628). - ktest.pl: Fix the logic for truncating the size of the log file for email (bsc#1012628). - ktest.pl: If size of log is too big to email, email error message (bsc#1012628). - ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() (bsc#1012628). - commit 0c7d1c1 - clk: bcm: dvp: Add MODULE_DEVICE_TABLE() (bsc#1180260). - commit fa7a177 ==== kustomize ==== Version update (3.9.0 -> 3.9.1) - Update to verison 3.9.1 - Pin to api/v0.7.1 (--enableKyaml=true) - Pin to api/v0.6.8 - Pin to cmd/confg v0.8.7 - Pin to kyaml v0.10.5 - Pin to gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c - In module replacements, drop specific version numbers. - Unpin kyaml - Unpin api module. - describe the format of image tag that is allowed - Unpin api - Refresh vendor.tar.xz ==== libproxy ==== Version update (0.4.15 -> 0.4.17) - Update to version 0.4.17: + python bindings: fix "TypeError: argtypes must be a sequence of types". - Drop 147.patch: fixed upstream. - Add 147.patch: python bindings: fix "TypeError: _argtypes_ must be a sequence of types". - Update to version 0.4.16: + Port to, and require, SpiderMonkey 6. + Use closesocket() instead of close() on Windows. + Add symbol versions - be ready to introduce new APIs as needed. + Add public px_proxy_factory_free_proxies function. + Add PacRunner config backend (largely untested; feedback welcome!). + Small performance improvements. + pxgsettings: use the correct syntax to connect to the changed signal (silences annoying output on console). + Support python3 up to version 3.9. + Fix buffer overflow when PAC is enabled (CVE-2020-26154). + Rewrite url::recvline to be nonrecursive (CVE-2020-25219). + Remove nonfunctional and crashy pacrunner caching. + Never use system libmodman (no other consumers, not maintained). - Drop upstream merged patches: + libproxy-python3.7.patch + libproxy-pxgsettings.patch + libproxy-CVE-2020-25219.patch libproxy-fix-pac-buffer-overflow.patch - Create new sub-package libproxy1-config-pacrunner. ==== oath-toolkit ==== Version update (2.6.2 -> 2.6.5) Subpackages: liboath0 oath-toolkit-xml - Update to version 2.6.5 * oathtool: Support for reading KEY and OTP from standard input or filename. KEY and OTP may now be given as '-' to mean stdin, or @FILE to read from a particular file. This is recommended on multi-user systems, since secrets as command line parameters leak. * pam_oath: Fix unlikely logic fail on out of memory conditions. * Doc fixes. - Update to version 2.6.4 * libpskc: New --with-xmlsec-crypto-engine to hard-code crypto engine. Use it like --with-xmlsec-crypto-engine=gnutls or - -with-xmlsec-crypto-engine=openssl if the default dynamic loading fails because of runtime linker search path issues. * oathtool --totp --verbose now prints TOTP hash mode. * oathtool: Hash names (e.g., SHA256) for --totp are now upper case. Lower/mixed case hash names are supported for compatibility. * pam_oath: Fail gracefully for missing users. This allows you to incrementally add support for OATH authentication instead of forcing it on all users. * Fix libpskc memory corruption bug. * Fix man pages. * Build fixes. - Update to version 2.6.3 * pam_oath: Fix self-tests. - Drop not longer needed patches: * 0001-Fix-no-return-in-nonvoid-function-errors-reported-by.patch * 0003-pam_oath-assign-safe-default-to-alwaysok-config-memb.patch * 0002-update_gnulibs_files.patch * gnulib-libio.patch - Use source verification - Use proper source URLs ==== python-pytz ==== Version update (2020.4 -> 2020.5) - update to 2020.5: * update to IANA 2020e timezone release ==== system-users ==== Subpackages: system-group-hardware system-group-kvm system-user-nobody - Add system-user-vscan subpackage with vscan user and group and /var/spool/amavis as home directory