Packages changed:
ImageMagick (7.1.1.26 -> 7.1.1.29)
bash
bluez
fillup
glibc
gmp
google-noto-fonts (20240101 -> 20240301)
gpm
gzip
libao
libmpd
libnscd
liboauth
librepository
libserializer
libstorage-ng (4.5.193 -> 4.5.196)
libunwind (1.8.0 -> 1.8.1)
lomoco
lv
mc (4.8.30 -> 4.8.31)
openssl-3
openssl
pcsc-lite
perl-IPC-Run3 (0.048 -> 0.49.0)
perl-LWP-Protocol-https (6.110.0 -> 6.130.0)
perl-URI (5.210.0 -> 5.270.0)
perl-libwww-perl (6.720.0 -> 6.760.0)
phalanx
presage
procinfo
procmail
procps
projectM
psmisc
pwgen
python-cffi
python-kiwi (9.25.19 -> 9.25.22)
python-pygit2 (1.14.0 -> 1.14.1)
python311
python311-core
slang
susefirewall2-to-firewalld
time
unbound (1.19.0 -> 1.19.1)
update-alternatives
=== Details ===
==== ImageMagick ====
Version update (7.1.1.26 -> 7.1.1.29)
Subpackages: ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.29
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- Use %patch -P N instead of deprecated %patchN.
- version update to 7.1.1.28
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- version update to 7.1.1.27
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- only one configuration again, based on upstream 'secure' policy
- other upstream policies packaged in documentation
- use correct policy.xml
- Fix incomplete removal of update-alternatives for config
- Replace obsolete 'otherproviders(imagick-%{config_spec})' with
'Conflicts: imagick-%{config_spec}'
==== bash ====
Subpackages: bash-doc bash-lang bash-sh
- Harden bash to be compiled with gcc 14 (boo#1220564)
* Modify patch bash-4.2-nscdunmap.dif to include <sys/mman.h>
* Port bash-5.2.dif to the former change
* Add patch bash-5.2-gcc14.patch
==== bluez ====
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3
- Add necessary Supplements (gnome-bluetooth, blueman, bluedevil5)
to bluez-obexd, so that file transfer features of the applications
can be used by default (bsc#1209153).
- Update the description of bluez-obexd.
==== fillup ====
- Use %patch -P N instead of deprecated %patchN.
==== glibc ====
Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd
- nsswitch.conf: Add systemd also for shadow lookups, use merge
strategy for group lookups
- s390-clone-error-clobber-r7.patch: S390: Do not clobber r7 in clone (BZ
[#31402])
==== gmp ====
Subpackages: libgmp10 libgmp10-32bit
- Use %patch -P N instead of deprecated %patchN.
==== google-noto-fonts ====
Version update (20240101 -> 20240301)
- Update to 20240301
* Fixes to Balinese, Sans Canadian Aboriginal, Sans Georgian
and Kufi Arabic
- Remove fonttools build requires
- Delete old specfile constructs.
==== gpm ====
Subpackages: libgpm2
- Use %patch -P N instead of deprecated %patchN.
==== gzip ====
- Use %patch -P N instead of deprecated %patchN.
==== libao ====
Subpackages: libao-plugins4 libao4
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
==== libmpd ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
==== libnscd ====
Subpackages: libnscd1 libnscd1-32bit
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
==== liboauth ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
==== librepository ====
- Use %patch -P N instead of deprecated %patchN.
==== libserializer ====
- Use %patch -P N instead of deprecated %patchN.
==== libstorage-ng ====
Version update (4.5.193 -> 4.5.196)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Portuguese (Brazil)) (bsc#1149754)
- 4.5.196
- Translated using Weblate (Italian) (bsc#1149754)
- merge gh#openSUSE/libstorage-ng#989
- simplify memory handling in SystemCmd class
- 4.5.195
- Translated using Weblate (German) (bsc#1149754)
- 4.5.194
==== libunwind ====
Version update (1.8.0 -> 1.8.1)
- Update to 1.8.1:
* Fix issue #713 by @cshung in #717
* Add do-release script by @bregma in #725
* Backport dotnet-runtime fixes to the 1.8 branch by @bregma in #726
* [v1.8] Make tests installable by @bregma in #722
* Bump version to 1.8.1 by @bregma in #727
==== lomoco ====
- Use %patch -P N instead of deprecated %patchN.
==== lv ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
==== mc ====
Version update (4.8.30 -> 4.8.31)
Subpackages: mc-lang
- Use %patch -P N instead of deprecated %patchN.
- Update to 4.8.31
- Core
* Minimal version of GLib is 2.32.0.
- VFS
* fish: drop support of native FISH server and protocol. Rename VFS to shell (#4232)
* extfs;
- uc1541 extfs: update up to 3.6 version (#4511)
- s3+: port to Python3 (#4324)
* Support for LZO/LZOP compression format (#4509)
- Misc
* Skins: add color for non-printable characters in editor (#4433)
- Fixes
* FTBFS on FreeBSD with ext2fs attribute support (#4493)
* Broken stickchars (-a) mode (#4498)
* Wrong timestamp after resuming of file copy operation (#4499)
* Editor: wrong deletion of marked column (#3761)
* Diff viewer: segfault when display of line numbers is enabled (#4500)
* Tar VFS: broken handling of hard links (#4494)
* Sftp VFS: failure establishing SSH session due hashed host names in ~/.ssh/known_hosts (#4506)
* Shell VFS: incorrect file names with cyrillic or diacritic symbols (#4507)
* mc.ext.ini: incorrect description of of how multiple sections and keys with same names are processed (#4497)
* mc.ext.ini: unescaped backslash \ is treated as invalid escape sequence in glib-2.77.3 and glib-2.79 (#4502)
* mc.ext.ini: file "Makefile.zip" is handled as Makefile not as zip-arhive (#4419)
- Rebase mc-ext-audio.patch, mc-extd-xdg.patch and
mc-vfs-fish-deleted_source_file.patch
==== openssl-3 ====
Subpackages: libopenssl3 libopenssl3-32bit libopenssl3-x86-64-v3
- Build the 32bit flavor of libopenssl-3-fips-provider [bsc#1220232]
* Update baselibs.conf
==== openssl ====
- Build the 32bit flavor of libopenssl-fips-provider [bsc#1220232]
* Update baselibs.conf
==== pcsc-lite ====
Subpackages: libpcsclite1
- Use %patch -P N instead of deprecated %patchN.
==== perl-IPC-Run3 ====
Version update (0.048 -> 0.49.0)
- updated to 0.049
see /usr/share/doc/packages/perl-IPC-Run3/Changes
0.049 2024-01-20
- avoid some uninitialized warnings in ProfLogReader
- improve errno handling on Windows (thanks, Graham Ollis)
- avoid leaking fds (thanks, Dan Book)
- fix typos in docs (thanks, Yoshikazu Sawa and Jakub Wilk)
==== perl-LWP-Protocol-https ====
Version update (6.110.0 -> 6.130.0)
- updated to 6.13
see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes
6.13 2024-02-06 01:00:50Z
- Fix ssl upgrade for regular host names (GH#77) (Axel Burri)
6.12 2024-01-22 17:51:31Z
- Enable MultiHomed for IO::Socket::SSL (GH#61) (â„•icolas â„.)
- Making it possible to use IPv6 in https call through https proxy
environment (in case of using CONNECT method to create a tunnel) (GH#74)
(Dmitriy Shamatrin)
==== perl-URI ====
Version update (5.210.0 -> 5.270.0)
- updated to 5.27
see /usr/share/doc/packages/perl-URI/Changes
5.27 2024-02-09 15:01:24Z
- Add missing NAME section to POD of URI::geo (GH#142) (gregor herrmann)
5.26 2024-02-02 19:04:40Z
- Add URI::geo (GH#141) (david-dick)
5.25 2024-01-27 16:11:41Z
- cache scheme so it never attempt to load it again (GH#55) (mschae94)
5.24 2024-01-26 04:36:32Z
- Really revert "use Scalar::Util::reftype instead of ref to check for
ARRAY" (GH#136) (Olaf Alders)
5.23 2024-01-25 21:02:18Z
- Revert the reftype change introduced in 5.22 as it causes warnings.
(GH#134) (Olaf Alders)
5.22 2024-01-25 15:22:54Z
- Use Scalar::Util::reftype instead of ref to check for ARRAY (GH#132)
(Jacques Deguest)
==== perl-libwww-perl ====
Version update (6.720.0 -> 6.760.0)
- updated to 6.76
see /usr/share/doc/packages/perl-libwww-perl/Changes
6.76 2024-01-25 18:31:25Z
- Simplify code slightly for Perl v5.8+ (GH#455) (James Raspass)
- Move HTTP::CookieJar::LWP to test requires (GH#453) (Olaf Alders)
6.75 2024-01-24 14:29:17Z
- Update lwp-request to suport PATCH HTTP method (GH#452) (Javier Puche)
6.74 2024-01-22 17:48:18Z
- Making it possible to use IPv6 in https call through https proxy
environment (in case of using CONNECT method to create a tunnel) (GH#450)
(Dmitriy Shamatrin)
6.73 2024-01-13 20:19:09Z
- Fix no_proxy subdomain matching (GH#447) (Axel Burri)
==== phalanx ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
==== presage ====
Subpackages: libpresage1 presage-data
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
==== procinfo ====
- Use %patch -P N instead of deprecated %patchN.
==== procmail ====
- Use %patch -P N instead of deprecated %patchN.
==== procps ====
Subpackages: libprocps8 procps-lang
- Use %patch -P N instead of deprecated %patchN.
==== projectM ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
==== psmisc ====
Subpackages: psmisc-lang
- Use %patch -P N instead of deprecated %patchN.
==== pwgen ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
==== python-cffi ====
- drop unnecessary buildrequire python-py
==== python-kiwi ====
Version update (9.25.19 -> 9.25.22)
- Fix activation of luks pool in the initrd
kiwi called systemd-cryptsetup directly which does not take
the settings available in /etc/crypttab into account. This
commit changes the activation procedure in a way that the
generator created unit file systemd-cryptsetup@... is used
This Fixes bsc#1219009
- Add changelog fix file for commit 31deb0
The commit used a wrong e-mail address which should not
land in the created changes file for the packaging
- Apply changelog fixes by glob
Does not require Makefile changes when maintaining branches
- Add changelog fix file for commit deb6ca
The commit used a wrong e-mail address which should not
land in the created changes file for the packaging
- Set default output console to gfxterm for grub
If no console setting is done in the image description for grub
the default output console is set to: gfxterm and the default
input console is set to: console. This Fixes bsc#1219074
- Allow terminal emulation setup from the cmdline
Using rd.kiwi.term will export the TERM variable into the initrd
environment. In case the default value for the terminal emulation
is not appropriate rd.kiwi.term can be used to overwrite the default.
The environment is also passed to the systemd unit which calls
dialog based programs in kiwi dracut code, such that the TERM
setting will be effective there too. For example:
rd.kiwi.term=vt100
This is related to bsc#1218095
- Followup fix for .profile.extra
Allow to source .profile.extra such that it is possible to
read and act on e.g cmdline parameters. This is related to
bsc#1218095
- Include partprobe in initrd for s390
This commit includes partprobe, in addition to parted, on
s390 based systems. Otherwise partx is used and apparently
it does not properly support s390.
Fixes bsc#1219798
Signed-off-by: David Cassany <dcassany@suse.com>
- Add support for reading .profile.extra in initrd
If there is the file /.profile.extra available in the
initrd, kiwi will import this additional environment file
after the import of the standard /.profile file.
This is related to bsc#1218095
- Follow up fix for drop of hybrid boot snippets
The following is left over code from the drop of the hybrid
boot templates.
- Drop hybrid boot snippets from the GRUB 2 configuration template
Sometime between GRUB 2.04 and GRUB 2.06, it became no longer
necessary to use "linuxefi"+"initrdefi" for UEFI boot. The
standard "linux"+"initrd" stanzas work for both legacy BIOS boot
and modern UEFI boot.
Some distributions no longer support "linuxefi"+"initrdefi" at all
anymore, so let's just use "linux"+"initrd" for everything now.
- Disable workflow runs from master
The following github actions will be disabled from master
because they are expected to run from main:
- ci-publish-pages.yml
- ci-publish-to-pypi.yml
- ci-update-build-tests.yml
- Bump version: 9.25.21 → 9.25.22
- Fixed regression in GRUB_SERIAL_COMMAND setup
The condition to write the serial line setup was broken.
This commit fixes it. Related to Issue #2419
- Fixed grub terminal setup
The grub terminal setup is divided into the setting for the output
and the input console. For both settings different parameters exists.
So far kiwi did not differentiate between the two parts of the
console setup and that could lead to a wrong setting if only one
value is provided in kiwi's console= attribute which lead to the
grub setting, GRUB_TERMINAL=value. If value is set to e.g gfxterm
grub takes this for both input and output and it's obviously
wrong for the input. To make this less error prune the kiwi code
changes with this commit to set GRUB_TERMINAL_INPUT and
GRUB_TERMINAL_OUTPUT rather than GRUB_TERMINAL and also runs sanity
checks on the provided values if they are applicable. The information
for setting up the console in the schema stays untouched though.
That's because it's used for all bootloaders and also because grub
supports multiple values for the console in/out setting in one
GRUB_TERMINAL variable even though kiwi does no longer use it.
To make this clear for the users also the documentation for the
console attribute setup has been updated. If we want to wish two
distinct attributes for input and output console settings a schema
change and also differentiation between bootloaders is needed and
that I only see for the kiwi-10 branch if at all. This Fixes #2419
- Fix tox.ini
python 3.12 unit target did not specify a 3.12 interpreter
- Fix overwrite of kiwi_oemunattended
In case rd.kiwi.oem.installdevice is set, there is an overwrite
of the kiwi_oemunattended setting. However the variable was set
in local scope of a function and therefore the change was not
effective in other methods which also evaluates this variable.
This commit fixes it such that the overwrite happens in the early
initialize method which provides the environment for all code
running in the dracut module. This is related to jira#PED-7180
- Ensure setfiles is detected inside the image-root
We do not actually use setfiles from the host, we use it from the
image root we create for the image build. Thus, we should look in
the image root instead of on the host system.
This prevents us from incorrectly detecting that setfiles is not
available for setting SELinux contexts.
... changelog too long, skipping 42 lines ...
with this PR
==== python-pygit2 ====
Version update (1.14.0 -> 1.14.1)
- update to 1.14.1:
* Now `Object.filemode` returns `enums.FileMode` and
`Reference.type` returns `enums.ReferenceType`
* Fix tests on Fedora 40
* Deprecate `ReferenceType.OID`, use `ReferenceType.DIRECT`
* Deprecate `ReferenceType.LISTALL`, use `ReferenceType.ALL`
==== python311 ====
Subpackages: python311-curses python311-dbm python311-x86-64-v3
- (bsc#1219666, CVE-2023-6597) Add
CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
gh#python/cpython!99930) fixing symlink bug in cleanup of
tempfile.TemporaryDirectory.
- Remove double definition of /usr/bin/idle%%{version} in
%%files.
==== python311-core ====
Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3
- (bsc#1219666, CVE-2023-6597) Add
CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
gh#python/cpython!99930) fixing symlink bug in cleanup of
tempfile.TemporaryDirectory.
- Remove double definition of /usr/bin/idle%%{version} in
%%files.
==== slang ====
- Drop slsh/lib/test/test_timestamp.sl: Do not test timestamps but
trust on upstream (calculations in leap years are off in the
test).
==== susefirewall2-to-firewalld ====
- Use %autosetup macro. Allows to eliminate the usage of deprecated
PatchN.
==== time ====
- Use %patch -P N instead of deprecated %patchN.
==== unbound ====
Version update (1.19.0 -> 1.19.1)
Subpackages: libunbound8 unbound-anchor
- Update to 1.19.1:
* Bug Fixes: [bsc#1219823, CVE-2023-50387][bsc#1219826, CVE-2023-50868]
- Fix CVE-2023-50387, DNSSEC verification complexity can be
exploited to exhaust CPU resources and stall DNS resolvers.
- Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
==== update-alternatives ====
- Prepare for RPM 4.20.