Packages changed: MozillaFirefox autoyast2 (4.5.11 -> 4.5.12) curl (7.86.0 -> 7.87.0) openssh rubygem-d-installer (0.6 -> 0.6.2) util-linux (2.37.4 -> 2.38.1) util-linux-systemd (2.37.4 -> 2.38.1) === Details === ==== MozillaFirefox ==== Subpackages: MozillaFirefox-translations-common - add mozilla-bmo1805809.patch to fix build for x86-32 (boo#1206600) ==== autoyast2 ==== Version update (4.5.11 -> 4.5.12) Subpackages: autoyast2-installation - Added XSLT transformation for easy conversion of the data types in the AutoYaST XML profiles between the old and the new format. This allows to convert a new profile to the format accepted in SLE15-SP2 or older (bsc#1206597) - 4.5.12 ==== curl ==== Version update (7.86.0 -> 7.87.0) Subpackages: libcurl4 - Update to 7.87.0: * Security fixes: - CVE-2022-43551, bsc#1206308: another HSTS bypass via IDN - CVE-2022-43552, bsc#1206309: HTTP Proxy deny use-after-free * Changes - curl: add --url-query - CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit - lib: add CURL_WRITEFUNC_ERROR to signal write callback error - openssl: reduce CA certificate bundle reparsing by caching - version: add a feature names array to curl_version_info_data * Bugfixes - altsvc: fix rejection of negative port numbers - aws_sigv4: consult x-%s-content-sha256 for payload hash - aws_sigv4: fix typos in aws_sigv4.c - base64: better alloc size - base64: encode without using snprintf - base64: faster base64 decoding - build: assume assert.h is always available - build: assume errno.h is always available - c-hyper: CONNECT respones are not server responses - c-hyper: fix multi-request mechanism - CI: Change FreeBSD image from 12.3 to 12.4 - CI: LGTM.com will be shut down in December 2022 - ci: Remove zuul fuzzing job as it's superseded by CIFuzz - cmake: check for cross-compile, not for toolchain - CMake: fix build with `CURL_USE_GSSAPI` - cmake: really enable warnings with clang - cmake: set the soname on the shared library - cmdline-opts/gen.pl: fix the linkifier - cmdline-opts/page-footer: remove long option nroff formatting - config-mac: define HAVE_SYS_IOCTL_H - config-mac: fix typo: size_T -> size_t - config-mac: remove HAVE_SYS_SELECT_H - config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW - configure: require fork for NTLM-WB - contributors.sh: actually use $CURLWWW instead of just setting it - cookie: compare cookie prefixes case insensitively - cookie: expire cookies at once when max-age is negative - cookie: open cookie jar as a binary file - curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS - curl-rustls.m4: on macOS, rustls also needs the Security framework - curl.h: include on SerenityOS - curl.h: name all public function parameters - curl.h: reword comment to not use deprecated option - curl: override the numeric locale and set "C" by force - curl: timeout in the read callback - curl_endian: remove Curl_write64_le from header - curl_get_line: allow last line without newline char - curl_path: do not add '/' if homedir ends with one - curl_url_get.3: remove spurious backtick - curl_url_set.3: document CURLU_DISALLOW_USER - curl_url_set.3: fix typo - CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE - CURLOPT_COOKIEFILE.3: advice => advise - CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example - CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" - CURLOPT_POST.3: Explain setting to 0 changes request type - docs/curl_ws_send: Fixed typo in websocket docs - docs/EARLY-RELEASE.md: how to determine an early release - docs/examples: spell correction ('Retrieve') - docs/INSTALL.md: expand on static builds - docs/WEBSOCKET.md: explain the URL use - docs: add missing parameters for --retry flag - docs: add more "SEE ALSO" links to CA related pages - docs: explain the noproxy CIDR notation support - docs: extend the dump-header documentation - docs: remove performance note in CURLOPT_SSL_VERIFYPEER - examples/10-at-a-time: fix possible skipped final transfers - examples: update descriptions - ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH - gen.pl: do not generate CURLHELP bitmask lines > 79 characters - GHA: clarify workflows permissions, set least possible privilege - GHA: NSS use clang instead of clang-9 - gnutls: use common gnutls init and verify code for ngtcp2 - headers: add endif comments - HTTP-COOKIES.md: mention that http://localhost is a secure context - HTTP-COOKIES.md: update the 6265bis link to draft-11 - http: do not send PROXY more than once - http: fix the ::1 comparison for IPv6 localhost for cookies - http: set 'this_is_a_follow' in the Location: logic - http: use the IDN decoded name in HSTS checks - hyper: classify headers as CONNECT and 1XX - hyper: fix handling of hyper_task's when reusing the same address - idn: remove Curl_win32_ascii_to_idn - INSTALL: update operating systems and CPU archs - KNOWN_BUGS: remove eight entries - lib1560: add some basic IDN host name tests - lib: connection filters (cfilter) addition to curl: - lib: feature deprecation warnings in gcc >= 4.3 - lib: fix some type mismatches and remove unneeded typecasts - lib: parse numbers with fixed known base 10 - lib: remove bad set.opt_no_body assignments - lib: rewind BEFORE request instead of AFTER previous - lib: sync guard for Curl_getaddrinfo_ex() definition and use - lib: use size_t or int etc instead of longs - libcurl-errors.3: remove duplicate word - libssh2: return error when ssh_hostkeyfunc returns error - limit-rate.d: see also --rate - log2changes.pl: wrap long lines at 80 columns ... changelog too long, skipping 66 lines ... - x509asn1: avoid freeing unallocated pointers ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Adapt OpenSSH to build with OpenSSL 3, use new KDF API (bsc#1205042) Add openssh-openssl-3.patch ==== rubygem-d-installer ==== Version update (0.6 -> 0.6.2) - Implement the ImportGpgKey libzypp callback (gh#yast/d-installer#371) - Version 0.6.2 - Implement AcceptUnsignedFile and MediaChange libzypp callbacks (gh#yast/d-installer#369). - Switch the SELinux policy for ALP to "enforcing" (gh#yast/d-installer#360). - Fix generic questions handling (gh#yast/d-installer#362) - Version 0.6.1 - Removed previous temporary setting "olaf_luks2_password" and all the code supporting it. - Added new temporary setting "tpm_luks_open" to try to configure TPM-based unlocking of the LUKS devices during the first system boot (gh#yast/d-installer#363). ==== util-linux ==== Version update (2.37.4 -> 2.38.1) Subpackages: libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid1 libuuid1-32bit util-linux-lang - restore lsblk and lslogins as well - reinstanciate logger - Fix /usr/bin/findmnt to be in only one package (bsc#1206347) - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - Add util-linux-fix-tests-when-at-symbol-in-path.patch - Convert the build back to per-parts build, just use multibuild. - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). - Do not set SUID permissions for util-linux-mini. - Fix pam directory for the staging package. - Add util-linux-rpmlintrc removing unneeded warnings. - Update to version 2.38.1: * column: fix buffer overflow when -l specified, fix greedy mode on -l * dmesg: fix --since and --until * libmount: when moving a mount point, all sub mount entries in utab should also be updated (bsc#1198731) * libuuid: improve cache handling (bsc#1201959, PED-1150) * lsblk: fix JSON output when without --bytes * lsfd:fix crash triggered by an empty filter expression * sulogin: fix includes (obsoletes linux-fs.patch) * Many other fixes, improvements and code cleanup. For the complete list see https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38.1-ReleaseNotes - Fix some rpmlintrc warnings and remove util-linux-rpmlintrc. - Update to version 2.38: * first release with translated util-linux man-pages * mount: new options --mkdir as shortcut for X-mount.mkdir * mount, libmount: new mount options X-mount.subdir= * lsfd: new command * dmesg: new option --json to print kernel log in JSON format * libfdisk: improved to set correct CHS addresses in MBR * fstrim: ignores all /ect/fstab entries with X-fstrim.notrim (jsc#SLE-17942) * hardlink: now supports reflinks and new option --method= * hwclock: new command line options --param-get and --param-set * irqtop: new option --cpu-stat * libblkid: supports zoned disks for btrfs * lsblk: new options --noempty to ignore all devices with zero size, and --zoned to print information about zones * mkswap: new option --quiet * nsenter: new option --wdns to change working directory within namespace * rename: new options --all and --last to replace all or last occurrences of expression rather than the first one * su: now resets RLIMIT_AS, RLIMIT_{NICE,RTPRIO}, RLIMIT_FSIZE and RLIMIT_NOFILE reourse limits. * unshare: new options --map-users= and --map-groups= to map block of group IDs; new option --map-auto to map the first block of user IDs owned by the effective user from /etc/subuid * wdctl: new options --setpregovernor to set pre-timeout governor name, and --setpretimeout to set watchdog pre-timeout in seconds * Many other new features and fixes. For the complete list see https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38-ReleaseNotes - Changed packaging style from multi spec build to multibuild with python multi-flavor build (PED-1007). Advantages: * Easily prevents bootstrap build loops. * No artificial package splitting needed any more. * Less complicated spec file. * Can run full test suite. * python*-libmount available for more python versions. * Enable asciidoctor to build documentation. * Enable support for libmagic. * Turn technically incorrect Recommends to Requires. - Fix rpmling warning by setting attr for clock.txt ghost file. - Drop upstreamed util-linux-sulogin4bsc1175514.patch ==== util-linux-systemd ==== Version update (2.37.4 -> 2.38.1) - restore lsblk and lslogins as well - reinstanciate logger - Fix /usr/bin/findmnt to be in only one package (bsc#1206347) - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - Add util-linux-fix-tests-when-at-symbol-in-path.patch - Convert the build back to per-parts build, just use multibuild. - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). - Do not set SUID permissions for util-linux-mini. - Fix pam directory for the staging package. - Add util-linux-rpmlintrc removing unneeded warnings. - Update to version 2.38.1: * column: fix buffer overflow when -l specified, fix greedy mode on -l * dmesg: fix --since and --until * libmount: when moving a mount point, all sub mount entries in utab should also be updated (bsc#1198731) * libuuid: improve cache handling (bsc#1201959, PED-1150) * lsblk: fix JSON output when without --bytes * lsfd:fix crash triggered by an empty filter expression * sulogin: fix includes (obsoletes linux-fs.patch) * Many other fixes, improvements and code cleanup. For the complete list see https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38.1-ReleaseNotes - Fix some rpmlintrc warnings and remove util-linux-rpmlintrc. - Update to version 2.38: * first release with translated util-linux man-pages * mount: new options --mkdir as shortcut for X-mount.mkdir * mount, libmount: new mount options X-mount.subdir= * lsfd: new command * dmesg: new option --json to print kernel log in JSON format * libfdisk: improved to set correct CHS addresses in MBR * fstrim: ignores all /ect/fstab entries with X-fstrim.notrim (jsc#SLE-17942) * hardlink: now supports reflinks and new option --method= * hwclock: new command line options --param-get and --param-set * irqtop: new option --cpu-stat * libblkid: supports zoned disks for btrfs * lsblk: new options --noempty to ignore all devices with zero size, and --zoned to print information about zones * mkswap: new option --quiet * nsenter: new option --wdns to change working directory within namespace * rename: new options --all and --last to replace all or last occurrences of expression rather than the first one * su: now resets RLIMIT_AS, RLIMIT_{NICE,RTPRIO}, RLIMIT_FSIZE and RLIMIT_NOFILE reourse limits. * unshare: new options --map-users= and --map-groups= to map block of group IDs; new option --map-auto to map the first block of user IDs owned by the effective user from /etc/subuid * wdctl: new options --setpregovernor to set pre-timeout governor name, and --setpretimeout to set watchdog pre-timeout in seconds * Many other new features and fixes. For the complete list see https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38-ReleaseNotes - Changed packaging style from multi spec build to multibuild with python multi-flavor build (PED-1007). Advantages: * Easily prevents bootstrap build loops. * No artificial package splitting needed any more. * Less complicated spec file. * Can run full test suite. * python*-libmount available for more python versions. * Enable asciidoctor to build documentation. * Enable support for libmagic. * Turn technically incorrect Recommends to Requires. - Fix rpmling warning by setting attr for clock.txt ghost file. - Drop upstreamed util-linux-sulogin4bsc1175514.patch - Use %_pam_vendordir