Packages changed: desktop-translations (84.87.20190314.58da68e1 -> 84.87.20190409.048e157e) dvd+rw-tools ffmpeg-4 (4.1.2 -> 4.1.3) fwupd gjs (1.54.3 -> 1.56.0) glib-networking (2.60.0.1 -> 2.60.1) gnutls (3.6.6 -> 3.6.7) kernel-source (5.0.6 -> 5.0.7) libbluray (1.1.0 -> 1.1.1) libgnomesu (2.0.2 -> 2.0.3) libopenmpt (0.4.3 -> 0.4.4) purpose python-kiwi (9.17.15 -> 9.17.35) python-pycurl python-rpm-macros (20190402.c88be49 -> 20190408.32abece) vim (8.1.1066 -> 8.1.1137) wget (1.20.2 -> 1.20.3) xawtv === Details === ==== desktop-translations ==== Version update (84.87.20190314.58da68e1 -> 84.87.20190409.048e157e) - Update to version 84.87.20190409.048e157e: * Translated using Weblate (Arabic) * Translated using Weblate (German) * Translated using Weblate (Italian) * Translated using Weblate (Polish) * Translated using Weblate (Slovak) * Translated using Weblate (Spanish) ==== dvd+rw-tools ==== - Add fix-build-with-recent-glibc.patch. - Refresh dvd+rw-tools-buffer.patch - Refresh growisofs-dvd-dl-undersized.patch - Run spec-cleaner ==== ffmpeg-4 ==== Version update (4.1.2 -> 4.1.3) Subpackages: libavcodec58 libavdevice58 libavfilter7 libavformat58 libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5 - Update to version 4.1.3: * Updates and bug fixes for codecs, filters and formats. ==== fwupd ==== Subpackages: fwupd-lang libfwupd2 - Add fwupd-bsc1130056-change-esp-os-name.patch to change the OS directory in ESP (bsc#1130056) - Add fwupd-bsc1130056-change-shim-path.patch to set the default shim binary for openSUSE/SLE (bsc#1130056) - Link fwupd*.efi.signed to fwupd*.efi as requested by fwupd (bsc#1129466) ==== gjs ==== Version update (1.54.3 -> 1.56.0) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 3.32.0: + Stable release version bump. - Update to version 1.55.92: + Possible memory allocation/deallocation bug (possibly in js_free() in GJS). + cairo-context: Special-case 0-sized vector. + Add some more eslint rules. + NMake/libgjs-private: Export all the public symbols there. - Update to version 1.55.91: + The problem of freezing while running the tests using GCC's sanitizers was determined to be a bug in GCC, which was fixed in GCC 9.0.1. + Closed bugs and merge requests: - gnome-sound-recorder crashes deep inside libgjs. - Various maintenance. - wrapperutils: Define $gtype property as non-enumerable. - Update to version 1.55.90: + New JS API: It's now possible to call and implement DBus methods whose parameters or return types include file descriptor lists (type signature 'h'). This involves passing or receiving a Gio.UnixFDList instance along with the parameters or return values. + To call a method with a file descriptor list, pass the Gio.UnixFDList along with the rest of the parameters, in any order, the same way you would pass a Gio.Cancellable or async callback. + For return values, things are a little more complicated, in order to avoid breaking existing code. Previously, synchronously called DBus proxy methods would return an unpacked GVariant. Now, but only if called with a Gio.UnixFDList, they will return [unpacked GVariant, Gio.UnixFDList]. This does not break existing code because it was not possible to call a method with a Gio.UnixFDList before, and the return value is unchanged if not calling with a Gio.UnixFDList. This does mean, unfortunately, that if you have a method with an 'h' in its return signature but not in its argument signatures, you will have to call it with an empty FDList in order to receive an FDList with the return value, when calling synchronously. + On the DBus service side, when receiving a method call, we now pass the Gio.UnixFDList received from DBus to the called method. Previously, sync methods were passed the parameters, and async methods were passed the parameters plus the Gio.DBusInvocation object. Appending the Gio.UnixFDList to those parameters also should not break existing code. + See the new tests in installed-tests/js/testGDBus.js for examples of calling methods with FD lists. + We have observed on the CI server that GJS 1.55.90 will hang forever while running the test suite compiled with GCC 9.0.0 and configured with the --enable-asan and --enable-ubsan arguments. This should be addressed in one of the following 1.55.x releases. + Closed bugs and merge requests: - GDBus proxy overrides should support Gio.DBusProxy.call_with_unix_fd_list(). - Add regression tests for GObject vfuncs. - GjsPrivate: Sources should be C files. - build: Vendor last-good version of AX_CODE_COVERAGE. - Update to version 1.55.4: + Various maintenance. + Boxed copy constructor should not be called, split Boxed into prototype and instance structs. - Update to version 1.55.3: + Manually constructed ByteArray toString segfaults. + signals: Add _signalHandlerIsConnected method. + Various maintenance. - Changes from version 1.55.2: + Gnome-shell crashes on destroying cached param specs. + Various maintenance. + Auto pointers builder. + configure.ac: Update bug link. + SIGSEGV when exiting gnome-shell. + Fix build with --enable-dtrace and create CI job to ensure it doesn't break in the future. + Delay JSString-to-UTF8 conversion. + Annotate return values. + Fix a regression with GError toString(). + GType memleak fixes. + Atoms refactor. + Write a "Code Hospitable" README file. + object: Method lookup repeatedly traverses introspection. + Handler of GtkEditable::insert-text signal is not run. - Changes from version 1.55.1: + object: Implement newEnumerate hook for GObject. + Various maintenance. + ByteArray.toString should stop at null bytes. + Byte arrays that represent encoded strings should be 0-terminated. + context: Defer and therefore batch forced GC runs. + context: use timeout with seconds to schedule a gc trigger. + arg: Add special-case for byte arrays going to C. ==== glib-networking ==== Version update (2.60.0.1 -> 2.60.1) Subpackages: glib-networking-lang - Handle new GnuTLS error GNUTLS_E_CERTIFICATE_REQUIRED + https://gitlab.gnome.org/GNOME/glib-networking/issues/70 + add 0001-gnutls-Handle-new-GNUTLS_E_CERTIFICATE_REQUIRED.patch - Update to version 2.60.1: + Improve reliability of client auth failure tests. + Fix excessive CPU usage after sync handshake. ==== gnutls ==== Version update (3.6.6 -> 3.6.7) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - Trim useless %if..%endif guards that do not affect the build. - Fix language errors in description again. - Update gnutls to 3.6.7 * * libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). * * libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] [bsc#1130681] (CVE-2019-3829) * * libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] [bsc#1130682] (CVE-2019-3836) * * libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). * * libgnutls: the default number of tickets sent under TLS 1.3 was increased to two. This makes it easier for clients which perform multiple connections to the server to use the tickets sent by a default server. * * libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. * * libgnutls: fixed issue preventing sending and receiving from different threads when false start was enabled (#713). * * libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable session, as non-writeable security officer sessions are undefined in PKCS#11 (#721). * * libgnutls: no longer send downgrade sentinel in TLS 1.3. Previously the sentinel value was embedded to early in version negotiation and was sent even on TLS 1.3. It is now sent only when TLS 1.2 or earlier is negotiated (#689). * * gnutls-cli: Added option --logfile to redirect informational messages output. - Disabled dane support in SLE since dane is not shipped there - Changed configure script to hardware guile site directory since command-line option '--with-guile-site-dir=' was removed from the configure script. * * Added gnutls-3.6.6-set_guile_site_dir.patch - Modified gnutls-3.6.0-disable-flaky-dtls_resume-test.patch to fix compilation issues on PPC ==== kernel-source ==== Version update (5.0.6 -> 5.0.7) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms kernel-vanilla - Linux 5.0.7 (bnc#1012628). - ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012628). - CIFS: fix POSIX lock leak and invalid ptr deref (bnc#1012628). - nvme-fc: fix numa_node when dev is null (bnc#1012628). - nvme-loop: init nvmet_ctrl fatal_err_work when allocate (bnc#1012628). - h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012628). - f2fs: fix to adapt small inline xattr space in __find_inline_xattr() (bnc#1012628). - f2fs: fix to avoid deadlock in f2fs_read_inline_dir() (bnc#1012628). - apparmor: fix double free when unpack of secmark rules fails (bnc#1012628). - tracing: kdb: Fix ftdump to not sleep (bnc#1012628). - net/mlx5e: Fix access to non-existing receive queue (bnc#1012628). - net/mlx5: Avoid panic when setting vport rate (bnc#1012628). - net/mlx5: Avoid panic when setting vport mac, getting vport config (bnc#1012628). - xsk: fix to reject invalid flags in xsk_bind (bnc#1012628). - clk: ti: clkctrl: Fix clkdm_name regression for TI_CLK_CLKCTRL_COMPAT (bnc#1012628). - gpio: gpio-omap: fix level interrupt idling (bnc#1012628). - include/linux/relay.h: fix percpu annotation in struct rchan (bnc#1012628). - sysctl: handle overflow for file-max (bnc#1012628). - net: stmmac: Avoid sometimes uninitialized Clang warnings (bnc#1012628). - enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012628). - libbpf: force fixdep compilation at the start of the build (bnc#1012628). - scsi: hisi_sas: Set PHY linkrate when disconnected (bnc#1012628). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bnc#1012628). - iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bnc#1012628). - x86/hyperv: Fix kernel panic when kexec on HyperV (bnc#1012628). - perf c2c: Fix c2c report for empty numa node (bnc#1012628). - mm/sparse: fix a bad comparison (bnc#1012628). - mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012628). - mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012628). - mm, swap: bounds check swap_info array accesses to avoid NULL derefs (bnc#1012628). - docs/core-api/mm: fix user memory accessors formatting (bnc#1012628). - mm,oom: don't kill global init via memory.oom.group (bnc#1012628). - memcg: killed threads should not invoke memcg OOM killer (bnc#1012628). - mm, mempolicy: fix uninit memory access (bnc#1012628). - mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012628). - mm/slab.c: kmemleak no scan alien caches (bnc#1012628). - ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012628). - f2fs: do not use mutex lock in atomic context (bnc#1012628). - f2fs: fix to data block override node segment by mistake (bnc#1012628). - fs/file.c: initialize init_files.resize_wait (bnc#1012628). - page_poison: play nicely with KASAN (bnc#1012628). - kasan: fix kasan_check_read/write definitions (bnc#1012628). - cifs: use correct format characters (bnc#1012628). - dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012628). - f2fs: fix to check inline_xattr_size boundary correctly (bnc#1012628). - cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED (bnc#1012628). - perf beauty msg_flags: Add missing %s lost when adding prefix suppression logic (bnc#1012628). - netfilter: nf_tables: check the result of dereferencing base_chain->stats (bnc#1012628). - PCI: mediatek: Fix memory mapped IO range size computation (bnc#1012628). - netfilter: conntrack: tcp: only close if RST matches exact sequence (bnc#1012628). - iommu/vt-d: Disable ATS support on untrusted devices (bnc#1012628). - jbd2: fix invalid descriptor block checksum (bnc#1012628). - ext4: fix bigalloc cluster freeing when hole punching under load (bnc#1012628). - fs: fix guard_bio_eod to check for real EOD errors (bnc#1012628). - tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012628). - mm/resource: Return real error codes from walk failures (bnc#1012628). - PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bnc#1012628). - wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bnc#1012628). - mt76: fix a leaked reference by adding a missing of_node_put (bnc#1012628). - ath10k: Fix the wrong updation of BW in tx_stats debugfs entry (bnc#1012628). - lockdep/lib/tests: Fix run_tests.sh (bnc#1012628). - crypto: crypto4xx - add missing of_node_put after of_device_is_available (bnc#1012628). - crypto: cavium/zip - fix collision with generic cra_driver_name (bnc#1012628). - tools/bpf: selftests: add map lookup to test_map_in_map bpf prog (bnc#1012628). - usb: chipidea: Grab the (legacy) USB PHY by phandle first (bnc#1012628). - powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bnc#1012628). - scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012628). - kbuild: invoke syncconfig if include/config/auto.conf.cmd is missing (bnc#1012628). - kbuild: make -r/-R effective in top Makefile for old Make versions (bnc#1012628). - btrfs: save drop_progress if we drop refs at all (bnc#1012628). - drm/amd/display: Fix reference counting for struct dc_sink (bnc#1012628). - ath10k: don't report unset rssi values to mac80211 (bnc#1012628). - powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc (bnc#1012628). - coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012628). - serial: 8250_pxa: honor the port number from devicetree (bnc#1012628). - ARM: 8840/1: use a raw_spinlock_t in unwind (bnc#1012628). - ARM: 8845/1: use unified assembler in c files (bnc#1012628). - iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bnc#1012628). - powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bnc#1012628). - net: dsa: mv88e6xxx: Default CMODE to 1000BaseX only on 6390X (bnc#1012628). - ice: fix ice_remove_rule_internal vsi_list handling (bnc#1012628). - perf script: Handle missing fields with -F +. (bnc#1012628). - btrfs: qgroup: Make qgroup async transaction commit more aggressive (bnc#1012628). - btrfs: don't enospc all tickets on flush failure (bnc#1012628). - mmc: omap: fix the maximum timeout setting (bnc#1012628). - net: dsa: mv88e6xxx: Add lockdep classes to fix false positive splat (bnc#1012628). - net: hns3: fix setting of the hns reset_type for rdma hw errors (bnc#1012628). - veth: Fix -Wformat-truncation (bnc#1012628). - e1000e: Fix -Wformat-truncation warnings (bnc#1012628). - mlxsw: spectrum: Avoid -Wformat-truncation warnings (bnc#1012628). - i2c: Allow recovery of the initial IRQ by an I2C client device (bnc#1012628). - platform/x86: ideapad-laptop: Fix no_hw_rfkill_list for Lenovo RESCUER R720-15IKBN (bnc#1012628). - platform/mellanox: mlxreg-hotplug: Fix KASAN warning (bnc#1012628). - loop: set GENHD_FL_NO_PART_SCAN after blkdev_reread_part() (bnc#1012628). - i2c: designware: Do not allow i2c_dw_xfer() calls while suspended (bnc#1012628). - IB/mlx4: Increase the timeout for CM cache (bnc#1012628). - clk: fractional-divider: check parent rate only if flag is set (bnc#1012628). - perf annotate: Fix getting source line failure (bnc#1012628). - powerpc/44x: Force PCI on for CURRITUCK (bnc#1012628). - ASoC: qcom: Fix of-node refcount unbalance in qcom_snd_parse_of() (bnc#1012628). - cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies (bnc#1012628). - efi: cper: Fix possible out-of-bounds access (bnc#1012628). - s390/ism: ignore some errors during deregistration (bnc#1012628). - scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012628). - scsi: fcoe: make use of fip_mode enum complete (bnc#1012628). - drm/amd/display: Clear stream->mode_changed after commit (bnc#1012628). - perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012628). - mwifiex: don't advertise IBSS features without FW support (bnc#1012628). - perf report: Don't shadow inlined symbol with different addr range (bnc#1012628). - SoC: imx-sgtl5000: add missing put_device() (bnc#1012628). - media: ov7740: fix runtime pm initialization (bnc#1012628). - media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: rockchip/rga: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: rockchip/vpu: Correct return type for mem2mem buffer helpers (bnc#1012628). - mt76: usb: do not run mt76u_queues_deinit twice (bnc#1012628). - gpio: of: Apply regulator-gpio quirk only to enable-gpios (bnc#1012628). - xen/gntdev: Do not destroy context while dma-bufs are in use (bnc#1012628). - vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 (bnc#1012628). - HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bnc#1012628). - cgroup, rstat: Don't flush subtree root unless necessary (bnc#1012628). - efi: Fix build error due to enum collision between efi.h and ima.h (bnc#1012628). - drm/sched: Fix entities with 0 rqs (bnc#1012628). - regulator: core: Take lock before applying system load (bnc#1012628). - jbd2: fix race when writing superblock (bnc#1012628). - leds: lp55xx: fix null deref on firmware load failure (bnc#1012628). - tools build: Add -lrt to FEATURE_CHECK_LDFLAGS-libaio (bnc#1012628). - tools build: Add test-reallocarray.c to test-all.c to fix the build (bnc#1012628). - perf beauty waitid options: Fix up prefix showing logic (bnc#1012628). - perf trace: Check if the 'fd' is negative when mapping it to pathname (bnc#1012628). - perf report: Add s390 diagnosic sampling descriptor size (bnc#1012628). - perf coresight: Do not test for libopencsd by default (bnc#1012628). - iwlwifi: pcie: fix emergency path (bnc#1012628). - ACPI / video: Refactor and fix dmi_is_desktop() (bnc#1012628). - =?UTF-8?q?selftests:=20ir:=20fix=20warning:=20"%s"=20dire?= =?UTF-8?q?ctive=20output=20may=20be=20truncated=20=E2=80=99=20directive?= =?UTF-8?q?=20output=20may=20be=20truncated?= (bnc#1012628). - selftests: skip seccomp get_metadata test if not real root (bnc#1012628). - kprobes: Prohibit probing on bsearch() (bnc#1012628). - kprobes: Prohibit probing on RCU debug routine (bnc#1012628). - netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm (bnc#1012628). - ARM: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012628). - ARM: dts: meson8b: fix the Ethernet data line signals in eth_rgmii_pins (bnc#1012628). - ALSA: PCM: check if ops are defined before suspending PCM (bnc#1012628). - ath10k: fix shadow register implementation for WCN3990 (bnc#1012628). - usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bnc#1012628). - sched/topology: Fix percpu data types in struct sd_data & struct s_data (bnc#1012628). - bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012628). - bcache: fix input overflow to sequential_cutoff (bnc#1012628). - bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bnc#1012628). - bcache: improve sysfs_strtoul_clamp() (bnc#1012628). - genirq: Avoid summation loops for /proc/stat (bnc#1012628). - net: marvell: mvpp2: fix stuck in-band SGMII negotiation (bnc#1012628). - iw_cxgb4: fix srqidx leak during connection abort (bnc#1012628). - net: phy: consider latched link-down status in polling mode (bnc#1012628). - fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012628). - cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012628). - drm: rcar-du: add missing of_node_put (bnc#1012628). - drm/amd/display: Don't re-program planes for DPMS changes (bnc#1012628). - bpf: test_maps: fix possible out of bound access warning (bnc#1012628). - x86/kexec: Fill in acpi_rsdp_addr from the first kernel (bnc#1012628). - powerpc/ptrace: Mitigate potential Spectre v1 (bnc#1012628). - drm/amd/display: Disconnect mpcc when changing tg (bnc#1012628). - perf/aux: Make perf_event accessible to setup_aux() (bnc#1012628). - e1000e: fix cyclic resets at link up with active tx (bnc#1012628). - e1000e: Exclude device from suspend direct complete optimization (bnc#1012628). - platform/x86: intel_pmc_core: Fix PCH IP sts reading (bnc#1012628). - i2c: of: Try to find an I2C adapter matching the parent (bnc#1012628). - staging: spi: mt7621: Add return code check on device_reset() (bnc#1012628). - iwlwifi: mvm: fix RFH config command with >=10 CPUs (bnc#1012628). - ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012628). - sched/debug: Initialize sd_sysctl_cpus if !CONFIG_CPUMASK_OFFSTACK (bnc#1012628). - efi/memattr: Don't bail on zero VA if it equals the region's PA (bnc#1012628). - sched/core: Use READ_ONCE()/WRITE_ONCE() in move_queued_task()/task_rq_lock() (bnc#1012628). - drm/vkms: Bugfix racing hrtimer vblank handle (bnc#1012628). - drm/vkms: Bugfix extra vblank frame (bnc#1012628). - ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation (bnc#1012628). - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (bnc#1012628). - soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012628). - drm/msm/dpu: Convert to a chained irq chip (bnc#1012628). - mt7601u: bump supported EEPROM version (bnc#1012628). - ARM: 8830/1: NOMMU: Toggle only bits in EXC_RETURN we are really care of (bnc#1012628). - ARM: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012628). - block, bfq: fix in-service-queue check for queue merging (bnc#1012628). - block, bfq: fix queue removal from weights tree (bnc#1012628). - bpf: fix missing prototype warnings (bnc#1012628). - selftests/bpf: skip verifier tests for unsupported program types (bnc#1012628). - powerpc/64s: Clear on-stack exception marker upon exception return (bnc#1012628). - cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting (bnc#1012628). - backlight: pwm_bl: Use gpiod_get_value_cansleep() to get initial state (bnc#1012628). - tty: increase the default flip buffer limit to 2*640K (bnc#1012628). - powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bnc#1012628). - drm/amd/display: Enable vblank interrupt during CRC capture (bnc#1012628). - ALSA: dice: add support for Solid State Logic Duende Classic/Mini (bnc#1012628). - regulator: mcp16502: Include linux/gpio/consumer.h to fix build error (bnc#1012628). - usb: dwc3: gadget: Fix OTG events when gadget driver isn't loaded (bnc#1012628). - platform/x86: intel-hid: Missing power button release on some Dell models (bnc#1012628). - perf trace: Fixup etcsnoop example (bnc#1012628). - perf script python: Use PyBytes for attr in trace-event-python (bnc#1012628). - perf script python: Add trace_context extension module to sys.modules (bnc#1012628). - media: mt9m111: set initial frame size other than 0x0 (bnc#1012628). - hwrng: virtio - Avoid repeated init of completion (bnc#1012628). - soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012628). - selftests/bpf: suppress readelf stderr when probing for BTF support (bnc#1012628). - HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bnc#1012628). - f2fs: UBSAN: set boolean value iostat_enable correctly (bnc#1012628). - f2fs: fix to initialize variable to avoid UBSAN/smatch warning (bnc#1012628). - hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable (bnc#1012628). - pinctrl: meson: fix G12A ao pull registers base address (bnc#1012628). - pinctrl: sh-pfc: r8a77990: Fix MOD_SEL bit numbering (bnc#1012628). - pinctrl: sh-pfc: r8a77995: Fix MOD_SEL bit numbering (bnc#1012628). - cpu/hotplug: Mute hotplug lockdep during init (bnc#1012628). - dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012628). - dmaengine: qcom_hidma: assign channel cookie correctly (bnc#1012628). - dmaengine: qcom_hidma: initialize tx flags in hidma_prep_dma_* (bnc#1012628). - netfilter: physdev: relax br_netfilter dependency (bnc#1012628). - media: rcar-vin: Allow independent VIN link enablement (bnc#1012628). - media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012628). - PCI: pciehp: Assign ctrl->slot_ctrl before writing it to hardware (bnc#1012628). - audit: hand taken context to audit_kill_trees for syscall logging (bnc#1012628). - regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012628). - pinctrl: meson: meson8b: add the eth_rxd2 and eth_rxd3 pins (bnc#1012628). - drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bnc#1012628). - drm/nouveau: Stop using drm_crtc_force_disable (bnc#1012628). - x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012628). - selinux: do not override context on context mounts (bnc#1012628). - brcmfmac: Use firmware_request_nowarn for the clm_blob (bnc#1012628). - wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012628). - x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012628). - drm/fb-helper: fix leaks in error path of drm_fb_helper_fbdev_setup (bnc#1012628). - clk: meson: clean-up clock registration (bnc#1012628). - ARM: shmobile: Fix R-Car Gen2 regulator quirk (bnc#1012628). - clk: rockchip: fix frac settings of GPLL clock for rk3328 (bnc#1012628). - dmaengine: tegra: avoid overflow of byte tracking (bnc#1012628). - staging: iio: adt7316: fix dac_bits assignment (bnc#1012628). - Input: soc_button_array - fix mapping of the 5th GPIO in a PNP0C40 device (bnc#1012628). - ASoC: simple-card-utils: check "reg" property on asoc_simple_card_get_dai_id() (bnc#1012628). - drm: Reorder set_property_atomic to avoid returning with an active ww_ctx (bnc#1012628). - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012628). - net: stmmac: Avoid one more sometimes uninitialized Clang warning (bnc#1012628). - appletalk: Fix compile regression (bnc#1012628). - gpio: of: Restrict enable-gpio quirk to regulator-gpio (bnc#1012628). - ACPI / video: Extend chassis-type detection with a "Lunch Box" check (bnc#1012628). - bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bnc#1012628). - kbuild: add workaround for Debian make-kpkg (bnc#1012628). - kbuild: skip sub-make for in-tree build with GNU Make 4.x (bnc#1012628). - commit 8f18342 ==== libbluray ==== Version update (1.1.0 -> 1.1.1) - Update to version 1.1.1: + Enable playback without menus when index.bdmv is missing. + Improve error resilience and stability. + Improve BD-J compability. + Fix loading libraries on MacOS / hardened runtime. + Fix resetting user-selected streams when playing without menus. + Fix stack overflow when using Java9+ with debugger connection. + Fix polygon-based BD-J graphics primitives. + Fix loading libmmbd in Windows 64-bit. + Fix loading classes with Windows Java 8. + Fix build with Java 1.6. + Fix pkg-config Libs.private. - Fixed libbluray-pkgconfig.patch. ==== libgnomesu ==== Version update (2.0.2 -> 2.0.3) Subpackages: libgnomesu-lang libgnomesu0 - Update to version 2.0.3: * Make gnomesu honor /etc/default/su settings for PATH (boo#1131339). * Updated translations. - Sync PAM configuration with su. ==== libopenmpt ==== Version update (0.4.3 -> 0.4.4) Subpackages: libmodplug1 libopenmpt0 - Update to version 0.4.4: * [Bug] Channel VU meters were swapped. * Startrekker: Clamp speed to 31 ticks per row. * MTM: Ignore unused Exy commands on import. Command E5x (Set Finetune) is now applied correctly. * MOD: Sample swapping was always enabled since it has been separated from the ProTracker 1/2 compatibility flag. Now it is always enabled for Amiga-style modules and otherwise the old heuristic is used again. ==== purpose ==== Subpackages: libKF5Purpose5 libKF5PurposeWidgets5 purpose-lang - Add knotifications-devel BuildRequires to build kfileitemaction plugin (boo#1131759) ==== python-kiwi ==== Version update (9.17.15 -> 9.17.35) - Bump version: 9.17.34 ? 9.17.35 - Fix regression on kiwi-repart dracut module There was a regression introduced in #1035 (048b5c3e). We mask systemd-fsck-root.service during the repart, but we are not always unmasking it. If the repart is not possible the service is masked but not unmasked, which causes the boot to fail. With this commit after masking the fsck service we trap EXIT and run the unmask command on script exit. This way we ensure the unmask command is always executed. - Doc fix for lex literal_block as xml - Update compression flag for qcow2 format In case of a qcow2 format we store the result uncompressed Since the format conversion only takes the real bytes into account such that the sparseness of the raw disk will not result in the output format and can be taken one by one This Fixes bsc#1128146 In addition the commit includes a refactoring for the evaluation of the compress flag in the runtime config. Instead of the global overwrite, the flag gets evaluated individually at the time the result metadata is created - Add the possibility to disable runtime checks This commit adds runtime configuration parameters to disable the runtime checks. This is specially handy if someone does not want to use the kiwi dracut modules and provide custom ones instead. In orde disable some runtime check consider a runtime config yaml like: runtime_checks: - disable: - check_dracut_module_for_oem_install_in_package_list - check_dracut_module_for_live_iso_in_package_list This commit fixes #893 - Fixup has_rpm method from RpmDataBase class The method checked for the presence of /usr/bin/rpm. But that binary is also provided by another toolkit named busybox. Thus to check if the rpm we are aiming for is present the check has been modified to look for /usr/bin/rpmdb which is exclusively provided by rpm only. This Fixes #1037 - Fixed creation of image metadata files At the end of a build process the metadata information files .packages and .verified are created. On rpm based systems, rpm is invoked as chrooted operation inside the new root tree. For images that gets installed exclusively from the bootstrap phase there is no rpm inside of the image and the call fails. The result are empty metadata files. This patch prevents calling rpm inside of the image root tree if it's not installed and also uses the RpmDataBase interface instead of directly calling rpm. This Fixes #1037 - Bump version: 9.17.33 ? 9.17.34 - kiwi-repart: avoid race between repart and fsck See issue #1034, this fixes non-booting CentOS-7 OEM images that fail during repartition / FS resize. Summary: all parted actions trigger a rescan of partition tables and this repeatedly starts / stops systemd-fsck-root.service until it finally fails. The workaround is to mask systemd-fsck-root.service during repartitioning / FS resize. - Update travis doc building target Disable doc test on travis, we have this in the gitlab-ci pipeline. - Move sphinx config to python3 Disable modules that have not been ported to sphinx 2.0 API - Disable linkcheck/spellcheck The spellcheck plugin has not been moved to the sphinx 2.0 API and there are tons of spelling mistakes reported due to the use of technical terms that are unknown to spellcheck. Also disabled the linkcheck because it just stands more in our way than it reports issues that needs to be fixed. - Bump version: 9.17.32 ? 9.17.33 - Added integration test for bootstrap only builds - Fixed bootstrap only building Image descriptions that define packages in the bootstrap section only don't need a package manager inside of the image. However the code to update the location of the rpm database did not check the presence of rpm and failed on such image descriptions. This Fixes #1030 - Replace @staticmethod with @classmethod when needed @classmethod are used in Python to represent methods that can query and update the class (cls parameter). Is expected to be used for metaprograming, or advanced techniques that require the access to the class itself, before we have an instance. @staticmethod are used to associate a function to a class. It will not be have access to the instance (self) not the class (cls). In other programming languages are known as class methods. This patch replace all the @classmethod with @staticmethod when there is not need to access to the cls parameter, because the intention is to be used as normal functions. - Add intersphinx extension to the docs - New method: Path.access - thin wrapper arround os.access This function calls os.access, but first checks whether the input parameters are sane, instead of simply returning false when the file in question does not exist or an invalid mode was specified. - Added doc chapter on Fstab modifications - Split code_style_plus_unit_test into two jobs for parallel runs - Addapt documentation to changed script calling convention - Only execute scripts via bash when they are not user executable Currently we call scripts directly through bash, which has the unfortunate disadvantage, that the shebang line is completely ignored. Now we instead check whether the owner of the script is allowed to execute it and if yes, we let the OS execute it (which takes the shebang into account) or otherwise call it through bash. - Support optional fstab.patch file In addition to the support for fstab.append, users can now also provide a patch file to change the contents of the fstab file as it got written by kiwi. The feature is probably rarely used but needed in the area of suse's transactional update mechanism. This Fixes bsc#1129566 and Fixes #945 - Add warning about a missing /vagrant/ folder to the documentation - Fix libvirt vagrant box Vagrantfile to use rsync by default The documentation is suggesting that rsync is used by default to synchronize the shared folders, yet the libvirt vagrant boxes used the system default (=nfs). - Bump version: 9.17.31 ? 9.17.32 - relax the live iso root dir permissions The root of the live ISO has permissions 0700, which is inconvenient if you mount it to explore its contents. Relax to 0755 instead. Without this, the mounted ISO FS can only be accessed by root. - Fixed race condition on live overlay mount Make sure to wait for all targets of the overlay mount This Fixes #1015 - Bump version: 9.17.30 ? 9.17.31 - Update the documentation regarding vagrant boxes Extend the documentation on how to build VirtualBox vagrant boxes All this was done by Dan ?ermák - Refactor incremental changelog update The creation of the package changelog is based on a reference file. However that reference file contained log information in a specific timezone which requires to hardcode the region of that timezone in the code to correctly run date/time calculations. This can be done better from a conceptual point of view. This patch changes the handling in a way that the reference file is a git log excerpt including the dates as git log lists them. The dates contains complete numeric time/date/zone information and can be used for calculations. The changelog helper tool converts the result data to match the requirements of rpm changelog files and prints the time/date information localized to the callers timezone or as UTC if the --utc switch is given. By default the user local timezone settings applies. That way the setup of the local timezone is immaterial to the changelog processor and the workaround in the gitlab-ci rpm stage can be deleted too. - Add buildah tool support for OCI and Docker types This commit adds buildah tool support for OCI and Docker types. It requires buildah and skopeo to be installed in the host. The use of umoci (kept as default choice) or buildah is configured using the runtime configuration file; consider the following structure: ``` oci: - archive_tool: buildah ``` - Fix derived docker images build This commit fixes the derived docker images when the base image is a compressed file. After the refactor in #998 the decompression of the base image and the skopeo call to import the decompressed image happened in absolutely independent scopes. NamedTemporaryFile python class by default deletes the created temporary file when the class instance is destroyed, this class is used to decompress the base image. Because of isolated scopes at the time skopeo was called the NamedTemporaryFile instance was not there anymore. This commit makes sure that the temporary file instance is already in memory at the time skopeo is called. - Fixed gitlab-ci rpm stage localtime setup By default the timezone of the container is set to UTC. However the reference changelog entries are created in the CET timezone. The current implementation uses dateutil.parser.parse to parse the reference date/time. That call takes the localtime into account and responds with a warning: + UnknownTimezoneWarning: tzname CET identified but not understood The current code does not convert the CET timezone into the localtime timezone (UTC in this case) and creates a timezone naive datetime object. That object however can't be used to compare with timezone aware datetime objects which causes a runtime exception. The qick fix here is to set the localtime to the timezone used in the reference changes file - Limit scope of virtualbox_guest_additions_present This attribute is only used with the virtualbox provider. Added a schematron rule to limit the scope to the virtualbox provider only. This Fixes #1003 - Bump version: 9.17.29 ? 9.17.30 - Add consistency check to update_changelog Don't take commits into account that are older than the given reference commit. This would destroy the chronological order. Missing commits older than the reference can be incorporated by rebuild_changelog_reference.sh - Fixed reading of container config The additional_tags attribute is optional. If not set the container config hash does not contain this key. Accessing the key without the get() method leads to an unhandled python exception - add rd.kiwi.oem.maxdisk= boot parameter this limits the disks considered for oem deployment to a given size - Abandon the bumpversion helper The bumpversion helper script updated the reference file with changes since the latest date of the existing reference. However even though the two pieces are in chronological order that does not mean that the concatenated version of those is still in chronological order. Thus that helper is deleted and a new helper rebuild_changelog_reference exists. That rebuilds the entire reference file from the history and makes sure it is in chronological order. The tool should only be called if the chronological order of the total changes information is violated which under normal conditions does not happen - Allow --since|--until opts in update_changelog In addition to create changelog information since the latest date of a reference changelog, also allow to create changelog information until the latest data of a reference changelog - Update changelog reference - Bump version: 9.17.28 ? 9.17.29 - Update changelog reference - Fixed bumpversion helper Make sure the commit for the changelog reference update and the commit for the version bump have different timestamps by sleeping 2sec between the two actions - Update API documentation In reference to Refactor OCI images packing the difference between docker and OCI images is just on packing format. Thus the extra docker container subclass is no longer present. - Bump version: 9.17.27 ? 9.17.28 - Update changelog reference - kiwi-dump-image: fix kiwi_oemdevicefilter for rd.debug - Added bumpversion helper Script that also updates the changelog reference file before the version bump. It's optional to use this but it would be handy as the commit would show the rpm changelog differences from one tag to the other - Fixed code smells on completion_generator Also update python interpreter to use for the completion and the changelog helpers - Update gitlab CI config The rpm stage needs python because the changelog script is now written in python - Drop duplicate EPEL7 reference in the test CentOS appliance We already request the standard, update, and extras repos and the EPEL7 repo separately. There's no reason to request the "centos" EPEL7 repo which combines standard+update and EPEL7 repos already. - centos-appliance: reorder repos to fix build EPEL has older package versions of e.g. librepo, which breaks dnf. Re-prioritize to prefer the good CentOS packages instead of bad EPEL. - Update changelog file Fix changelog entries for their encoding, author name and format Also make sure commits are shown in reverse chronological order of the author date. We intentionally don't use the commit date because a commit can be older than the latest entry in the current reference file and would then not be part of the git log information - Introduce better changelog handling The current way of creating the changelog file for the package is based on reading the entire history of the git repository and turns that information into a changelog. The downside of this approach is that any change in the code that creates this changelog information will impact older entries and could cause a conflict on the changes file of the released package. This usually leads to declined package submissions and blocks us in fixing bugs in the changelog generator. This commit changes the process in a way that only changes related to the oldest entry of a reference changelog file compared to the current branch are taken into account. This Fixes #979 - Adding a derived docker image build test - Bump version: 9.17.26 ? 9.17.27 - Use correct GRUB 2 and shim EFI packages for test CentOS 7 appliance CentOS 7 has inherited the changes from Fedora in how its EFI binaries are packaged, so we need to adapt to handle those and build the appliance properly. - Fixed evaluation of @root size setup The @root volume setup allows to specify a size for the root volume in an LVM setup. The size setting was not respected and the root volume was always resized to the rest space available. This patch fixes the read_volume_setup_all_free method on the dracut kiwi library to know if there is root volume setup and respect its contents. This Fixes #983 - Update generated configuration file for DNF The dnf.conf file generated by KIWI contained some obsolete options as well as options that have been renamed. This change updates the options set so that they match what is expected by DNF and configures the appropriate behavior. - Bump version: 9.17.25 ? 9.17.26 - hotfix runtime check for count of fullsize volumes The check did not respect images that do not come up with a systemdisk section. systemdisk is an optional section and the test did not respect this and failed with a stack trace - Bump version: 9.17.24 ? 9.17.25 - Update provider support status in vagrant docs - Rebuild schema docs Create an up to date state of the oxygen schema doc in the repo - Fixed Title underline too short warning in the doc - Fixed permanent redirect links in documentation - Bump version: 9.17.23 ? 9.17.24 - Cleanup example_dot_profile_config.xml Don't use multiple all size volumes - Add different installation methods to the documentation - Check for multiple allsize volumes setup Added runtime check check_volume_setup_defines_multiple_fullsize_volumes which reads the volume setup and counts the number of volumes that define a 'all' volume. Only one is allowed - Complete test coverage on iso tools testing If there is no mkisofs/genisoimage present on the system, the tests based on real example iso files are skipped. The code tested in this case is now covered in a mock style to run through the logic even without the tools in place - Follow up fix for zypper compat link Move the code handling the compat setup of the rpm database to the correct method of the repository API. Call the import of the signing keys only if there are signing keys - Fix suseRemoveYaST to work with set -e When the config.sh is invoked with set -e then suseRemoveYaST causes the whole script to fail when no yast packages are present. The problem is that `grep yast` returns 1 in that case. => Explicitly ignore the return value of grep Furthermore, if no YaST packages were found, we don't want to invoke rpm, as that would fail too (as it is called without any parameters). - Care for update alternatives on rpmdb move In set_database_to_image_path we also have to care for the move of the alternatives path to the new rpmdb location - Fixup zypper/suse link to rpm database The compat code generating the /var/lib/rpm link was only effective if a signing key was specified, however it should be effective in any case - Run cdrtools based unit tests on demand Only if the underlaying system provides legacy cdrtools, run the unit tests which actually reads the test data iso using those tools. - Add GitLab CI pipeline status to README.rst - Improve error messages The error messages for running a build against an undefined image definition as well as the error message to explain why the imageinclude attribute can only be used with public repos has been improved by suggestions from J. Mixer - pxe: use dracut's network code, drop own setup - Extend the GitLab-CI pipeline - build the documentation in the build_doc stage - run tests for all supported Python versions in tox_check - build an RPM for Fedora 29 & OpenSUSE Tumbleweed in RPM stage - Ensure DNF is installed for kiwi itself and the test CentOS 7 appliance In e33f53aa4513c38a42736c82db3ec5e0b9da41d4, we switched to DNF when requesting YUM. This now means we need to ensure DNF is installed for images where we previously used YUM for that. - Add environment for running the unit tests with Python 3.7 to tox Python 3.7 does only appear to be available on Ubuntu Xenial with sudo enabled - Extend documentation about using KIWI to build vagrant images - Extend documentation on how to build inside OBS - Bump required minimum disk space - Extend index.rst by a "advertising" section - Add url to PyPI & use https instead of http - Extend quickstart to be more viable as a stand-alone document - Reorder TOCs so that the most important comes first - (whitespace-cleanup) on doc/source/overview/workflow.rst - Rework package manager selection to use DNF when YUM is requested YUM v3 is no longer developed, having been superseded by DNF for several years. With DNF now available as a usable package manager in Red Hat Enterprise Linux 7 through the Extras channel and SUSE Linux Enterprise 15 through PackageHub, there is no reason for keeping support for YUM v3 around. We are keeping support for requesting YUM because in Red Hat Enterprise Linux 7, DNF is referred to as "YUM v4", and it is simply referred to as "YUM" in Red Hat Enterprise Linux 8. To avoid confusion from people, we're just going to leave it in place as an alias to the DNF package manager. As for why this is happening now, Fedora is retiring YUM v3 in Fedora 31, so we might as well get it over with and cut over now. Reference: https://fedoraproject.org/wiki/Changes/Retire_YUM_3 - Fix some spelling mistakes & sentence order in the docs - GitLab CI integration Run tox targets on demand. With GitLab CI selected containers are small but also limited in their scope. - Fixed iso tools unit test Test was not environment independent and behaved differently compared to which iso tool change is installed. - GitLab CI integration Select 3.6 image to run the test - Fixed shellcheck issue on kiwi-partitions-lib.sh Fixup SC2046: Quote this to prevent word splitting - GitLab CI integration Not so easy to get pip running there. Try standard binary name of after pip ugrade to install the rest of the chain - GitLab CI integration No alternative naming for py3 commands - GitLab CI integration Fixed install of tox on the runner - GitLab CI integration Require tox to be installed on the runner - GitLab CI integration pip not installed by default on the runner - Looks like Travis will go away Try moving CI integration to GitLab - Write sha256sum --check compatible shasum format Change the output format of the bundler shasum file to be compatible with a 'sha256sum --check' call. This fixes bsc#1127173 - Move azure integration test build to Factory repos - Fixed package list of azure integration test - Fixed repo setup from azure integration test - Bump version: 9.17.22 ? 9.17.23 - Allow xdist to run the tests in parallel for the Python 2.7 env This reverts an accidental change that was introduced with 942ed7a8eea65f1c99b5f51a8587cfbeae73b484, which removed the {posargs} from tox.ini for the python 2.7 environment. - Added get_description method to XMLState In preparation to access the contents of the section this pull requests adds a simple method to read the contents. - Update tools from strip list for oemboot For legacy oemboot kiwi descriptions the strip list for tools to keep in the initrd is still active. On s390 required tools for dasd_configure were missing and got added by this commit. This Fixes #963 - Fixed import of signing keys In reference to bsc#1112357 it was required to add the compat symlink /var/lib/rpm such that zypper can read the signing keys. Unfortunately zypper does not use the configured rpmdb from the rpm macro setup. - add rd.kiwi.install.pass.bootparam boot parameter if this boolean is set, most boot parameters are passed on to the kexec kernel on OEM image deployments - Bump version: 9.17.21 ? 9.17.22 - Followup fix for disk detection from root device No matter if one ore more devices are used in a multipath map, if the root device is managed by multipath kiwi has to use the mapped device for all operations, otherwise we run into busy or blocked state inside of the initrd operations. This is related to Issue #954 and bsc#1126283 and bsc#1126318 - Fixed relocation of GPT Simplify the relocation of the GPT to the end of the current disk by using sgdisk -e instead of gdisk. The possitive after effect of this is that the broken return value handling of gdisk in centos will be fixed and did not harm the kiwi deployment anymore. This Fixes #958 - Bump version: 9.17.20 ? 9.17.21 - Speedup the make build target Activated the pytest xdist feature Dan added for the make build target to speedup package creation - Bump version: 9.17.19 ? 9.17.20 - Update vagrant libvirt unit test Take extra config from DiskFormatVagrantLibVirt as base for the test and don't mock that information as it was done before in the base class - Extend the vagrant base class test Take an example for additional vagrant config settings into account - Refactor unit tests for vagrant classes Better use of pytest capabilities, avoid mock rewrite of implementation classes - Fixed DiskFormatVagrantBase docs and behavior Update class docs per review by Dan, also raise on use of methods without proper provider implementation - Fixed create_box_img in DiskFormatVagrantLibVirt The call to create_box_img did not use the given tmpdir parameter but assumes an instance variable to provide this information - fix network failure with "BOOTIF=" parameter If a BOOTIF= parameter (pxelinux "IPAPPEND 2" option) is present, dracut handles the network already *and* overwrites the 90-net.rules that kiwi-*-net-genrules.sh created, thus the interface is not named "lan0" and ifup is destined to fail. Work around the issue by detecting if the interface is already handled by generic dracut code and just skipping the ifup call. Fixes / improves issue #942 - Added some style fixes to the vagrant classes Adapt doc strings to match style on lists. Change variable names not class global to be lowercase. Use 80 chars per line. Don't reach code that potentially uses undefined variables - Refactor vagrant storage subformat In preparation to support other vagrant providers a base class for Vagrant operations has been created. Original Code written by Dan?ermák - Fixed disk detection from root device The method lookup_disk_device_from_root assigns the disk device matching the root device uuid. However in a multipath environment multiple disk devices matches the same root device. The code to assign the multipath map in this case was missing in the dracut code base. This Fixes #954 and Fixes bsc#1126283 and bsc#1126318 - Fixed losetup call due to move in option names util-linux dropped losetup-Add-support-for-setting-logical-blocksize.patch because different implementations exists in the new kernel, and it has a conflicting implementation in util-linux. This caused a change in the option to specify the logical sector size. The option --logical-blocksize was replaced by --sector-size. We adapt this now in kiwi too - Add pytest-xdist to dev-virtualenv to run the unit tests in parallel - fix CLI args not being passed to pytest by tox for unit_py3_4 and unit_py3_6 - enable parallel run on travis - document how to run the unit tests in parallel - s390-test-image: add factory base project (same as on arm) - Add support to build vagrant boxes with the Virtualbox provider This commits adds initial support to build Vagrant boxes with the Virtualbox provider. - The attribute 'provider' of the option now supports the option "virtualbox". - A new boolean attribute 'virtualbox_guest_additions_present' was added to . When set to true, KIWI will assume that guest additions have been installed into the base image and configure the shared folders to use vboxfs, otherwise rsync will be used. This fixes #532 (https://github.com/SUSE/kiwi/issues/532). - Bump version: 9.17.18 ? 9.17.19 - Fixed isolinux fallback path In case isolinux-config failed or does not exist on the distribution a fallback path is called. That code hardlinks the files to the isolinux compiled in standard path. However due to the move of the grub unicode file for iso images the path contains a directory. Directories can't be hardlinked thus this patch uses 'cp -l' instead of the 'ln' command to create the linked target contents. - Bump version: 9.17.17 ? 9.17.18 - Fix location of grub unicode font This is a follow up patch for #f5bac4495d34. The change of the location of the font file was not applied if an iso target, live or install image is being built. This patch completes the change and Fixes bsc#1124885 - Fix handling of zypper return codes The following codes should be handled as errors: 104 - ZYPPER_EXIT_INF_CAP_NOT_FOUND 105 - ZYPPER_EXIT_ON_SIGNAL 106 - ZYPPER_EXIT_INF_REPOS_SKIPPED - Refactor OCI images packing This commit refactors the OCI images support: * added import_container_image and export_container_image methods to oci_tools classes. 'umoci' and 'buildah' consume different formats thus the inital skopeo call to import a container is tool dependent. * use oci-archive transport for packing the OCI images, this causes docker and oci operations to just diverge on transport type. * add_tag method no longer needed in oci_tools/base, skopeo is used for that matter. * container/docker.py class is no longer needed. The difference between docker and OCI images is just on packing format which is just a parameter in skopeo. It does not deserve a dedicated class * system/root_import/docker.py class no longer needed. The difference between OCI and Docker class was just the transport type for the skopeo call. It does not deserve a dedicated class - Sort file and dir entries in iso sortfile - tox: Allow to run a single test using tox -v -e unit_py2_7 -- -vv ./test/unit/iso_tools_cdrtools_test.py - Sort filesystem listings so that kiwi works in a reproducible way in spite of indeterministic filesystem readdir order and http://bugs.python.org/issue30461 See https://reproducible-builds.org/ for why this is good. - Moved azure integration test to Leap15 Factory doesn't resolve well together with Cloud:Tools. I'd like to have stable integration tests and not getting screwed with any change on Factory - Bump version: 9.17.16 ? 9.17.17 - Added new preferences subsection In the preferences section the following optional subsection can be configured: true|false If set to true the default locales POSIX, C, and C.UTF-8 are applied as rpm install_lang macro. If the locale section is configured in addition the list is extended by that information too - Extend the .packages file by the license field For rpm based builds the License field from the rpm metadata is extracted into the .packages file. For Debian based build the license information is in an extra file and not taken into account for the moment. - Bump version: 9.17.15 ? 9.17.16 - Added support for %_install_langs rpm macro During the image build the custom rpm macro %_install_langs is configured with the setup from the KIWI XML description. This allows to filter language specific packages on the rpm level and Fixes #771 - Add API for package manager returncode validation Allow to validate the return code from a package manager operation. In case of zypper the standard UNIX return code validation does not apply. Return codes from zypper which are >= 100 are not treated as an error anymore - Fix Failed to cache rpm database on zypper addrepo Occasionally zypper fails when adding the repo with the rpm error message 'Failed to cache rpm database'. I was not able to find out why this happens and I also could not find a way to reproduce it safely. However this commit adds a workaround that seems to fix the issue when it happens. If the first call of zypper addrepo fails kiwi now issues the exact same call again and only if that fails too an exception is thrown In addition the patch changes the zypper call and avoids the option --type. That option is marked legacy and ignored by zypper but causes a misleading warning message - Handle location of the rpm DB on the macro level The location of the rpm database is no longer a standard path one can trust. Some distributions put it to /var/lib others to /usr/lib. This introduces the problem of dealing with different locations between the bootstrapping (host rpm) phase and the image installation (image rpm) phase. This commit implements a solution based on an intermediate rpm database configuration. KIWI creates the macros.kiwi file inside of the image root which is read by any call of rpm in the inner and outer system. During bootstrap phase the rpm dbpath from the host system is used and later in the install phase the dbpath from the rpm package as it was installed by the target image distribution is used. In case of a dbpath difference the database is automatically moved to the new location by setting the _dbpath_rebuild macro to the correct location. At the end the custom KIWI macro is deleted. As this process allows custom macro defintions during the KIWI run it also serves as the base for a solution to Issue #771 which will be done in a follow up request to this commit. Also the workaround for bsc#1112357 which uses a static dbpath to store an optionally given signing key will be addressed with this commit. The macro setup happens before the import_trusted_keys method which makes any specification for a strict dbpath obsolete. Last the implementation deletes the obsolete dump_reload_package_database code. rpm is able to automatically do the conversion of different db versions such that the code in kiwi is obsolete. In addition that code only worked for rather old db versions. The public API has not changed though, but the method is marked obsolete and does nothing anymore. In addition to the deletion of obsolete code a new API method post_process_install_requests_bootstrap has been introduced to handle actions required after bootstrap and before installing of packages from inside the new image - Add custom partitioning docs This commit adds two new documentation chapters. One covering custom partitioning scheme in KIWI. And another covering setting custom volumes in KIWI ==== python-pycurl ==== Subpackages: python2-pycurl python3-pycurl - bsc#1128355: update to the Factory package to get multibuild and better working tests. - Refreshed patch against the new minor release tarball: - pycurl-libssh.patch - Added patches: - disable_randomly_failing_tests.patch - python-pycurl-7.43.0-tls-backend.patch (from https://src.fedoraproject.org/rpms/python-pycurl/blob/master/f/0002-python-pycurl-7.43.0-tls-backend.patch) ==== python-rpm-macros ==== Version update (20190402.c88be49 -> 20190408.32abece) - Update to version 20190408.32abece bsc#1128323: * Multiline macros don't work correctly on older RPMs. ==== vim ==== Version update (8.1.1066 -> 8.1.1137) Subpackages: gvim vim-data vim-data-common - Updated to version 8.1.1137, fixes the following problems - refreshed disable-unreliable-tests.patch * Cannot get all the information about current completion. * Source README file doesn't look nice on github. * Issue templates are not good enough. * Cannot get composing characters from the screen. * Extending sign and foldcolumn below the text is confusing. * Space in number column is on wrong side with 'rightleft' set. * Python test doesn't wipe out hidden buffer. * Function reference count wrong in Python code. * File for Insert mode is much too big. * reg_executing() is reset by calling input(). * When 'listchars' is set a composing char on a space is wrong. * No need for a separate ScreenLinesUtf8() test function. * When a screendump test fails, moving the file is a hassle. current code page. * "Conceal" match is mixed up with 'hlsearch' match. * Cannot delete a match from another window. (Paul Jolly) * Compiler warning for possibly uninitialized variable. (Tony Mechelynck) * Too many curly braces. * tag stack is incorrect after CTRL-T and then :tag * Height of quickfix window not retained with vertical split. * Tutor does not check $LC_MESSAGES. * Setting 'guifont' when maximized resizes the Vim window. When 'guioptions' contains "k" gvim may open with a tiny window. * Support for outdated tags format slows down tag parsing. * Long line in tags file causes error. * Quickfix code duplication. * The do_tag() function is too long. * Tag file without trailing newline no longer works. (Marco Hinz) * Signals test may fail in the GUI. * Long escape sequences may be split up. * No test for 'writedelay'. * No test for 'visualbell'. * Test for 'visualbell' doesn't work. * Deleted file still in list of distributed files. * Composing chars on space wrong when 'listchars' is set. * It is not easy to check for infinity. * Duplicate code in quickfix file. * Making an autocommand trigger once is not so easy. * Confusing overloaded operator "." for string concatenation. * Cannot build with older C compiler. * Cannot enforce a Vim script style. * Build failure without the +eval feature. * A couple of conditions are hard to understand. * Cannot easily get directory entry matches. * Test for term_gettitle() was disabled. * char2nr() does not handle composing characters. * No way to avoid filtering for autocomplete function, causing flickering of the popup menu. * Insert completion flags are mixed up. * Libvterm does not handle the window position report. * Build failure with +terminal but without tgetent. * When making a new screendump test have to create the file. * Compiler warning for uninitialized struct member. (Yegappan Lakshmanan) * Buffer for quickfix window is reused for another file. * Build failure for small version. (Tony Mechelynck) * Decoding of mouse click escape sequence is not tested. * Xterm mouse wheel escape sequence is not tested. ==== wget ==== Version update (1.20.2 -> 1.20.3) - Upgrade to GNU wget 1.20.3: * Finally fixed the buffer overflow vulnerability [CVE-2019-5953] ==== xawtv ==== Subpackages: pia tv-common v4l-conf - Add fix-build-with-recent-glibc.patch - Run spec-cleaner