Packages changed: cryptsetup ebtables (2.0.10.4 -> 2.0.11) installation-images-MicroOS (14.447 -> 14.450) libcap libcontainers-common (20190923 -> 20191211) libselinux-bindings podman (1.6.2 -> 1.6.4) procps (3.3.15 -> 3.3.16) sudo wicked (0.6.60 -> 0.6.61) === Details === ==== cryptsetup ==== Subpackages: libcryptsetup12 - Create a weak dependency cycle between libcryptsetup and libcryptsetup-hmac to make sure they are installed together (bsc#1090768) ==== ebtables ==== Version update (2.0.10.4 -> 2.0.11) - add ebtables.keyring as a Source - Update to release 2.0.11 * Add --noflush command line support for ebtables-restore * Do not print IPv6 mask if it is all ones * Allow RETURN target rules in user defined chains * ebt_ip: add support for matching ICMP type and code * ebt_ip: add support for matching IGMP type * extensions: Add string filter to ebtables * Print IPv6 prefixes in CIDR notation * extensions: Add AUDIT target * Fix incorrect IPv6 prefix formatting - Drop ebtables-v2.0.8-makefile.diff (no longer needed) - Drop ebtables-v2.0.8-initscript.diff, include-linux-if.patch (not applicable) - Drop ebtables-v2.0.10-4-audit.patch, 0001-fix-compilation-warning.patch, 0001-Use-flock-for-concurrent-option.patch, 0002-Fix-locking-if-LOCKDIR-does-not-exist.patch (merged) ==== installation-images-MicroOS ==== Version update (14.447 -> 14.450) - merge gh#openSUSE/installation-images#347 - prepare for syslinux 6.x setup (jsc#SLE-2969) - use gfxboot script from repo, not the installed one - 14.450 - merge gh#openSUSE/installation-images#346 - etc: module.config, fix build on i586 with 5.4 kernel - 14.449 - merge gh#openSUSE/installation-images#345 - etc: update module.config to match 5.4-final - 14.448 ==== libcap ==== - Remove pam_cap (bsc#1150522) since this PAM module is a bad idea, security wise. ==== libcontainers-common ==== Version update (20190923 -> 20191211) - Update to image 5.0.0 - Clean up various imports primarily so that imports of packages that aren't in the standard library are all in one section. - Update to major version v5 - return resp error message - copy.Image(): select the CopySystemImage image using the source context - Add manifest list support - docker: handle http 429 status codes - allow for .dockercfg files to reside in non-home directories - Use the correct module path in (make test-skopeo) - Update to libpod 1.6.3 - Handling of the libpod.conf configuration file has seen major changes. Most significantly, rootless users will no longer automatically receive a complete configuration file when they first use Podman, and will instead only receive differences from the global configuration. - Initial support for the CNI DNS plugin, which allows containers to resolve the IPs of other containers via DNS name, has been added - Podman now supports anonymous named volumes, created by specifying only a destination to the -v flag to the podman create and podman run commands - Named volumes now support uid and gid options in --opt o=... to set UID and GID of the created volume - Update to storage 1.15.3 - overlay: allow storing images with more than 127 layers - Lazy initialize the layer store - tarlogger: drop state mutex ==== libselinux-bindings ==== - Added swig4_moduleimport.patch to prevent import errors due to SWIG 4 ==== podman ==== Version update (1.6.2 -> 1.6.4) Subpackages: podman-cni-config - Update podman to v1.6.4 - Remove winsz FIFO on container restart to allow use with Conmon 2.03 and higher - Ensure volumes reacquire locks on system restart, preventing deadlocks when starting containers - Suppress spurious log messages when running rootless Podman - Update vendored containers/storage to v1.13.6 - Fix a deadlock related to writing events - Do not use the journald event logger when it is not available - Remove obsolete patch container-start-fix.patch ==== procps ==== Version update (3.3.15 -> 3.3.16) - Update to procps-ng-3.3.16 * library: Increment to 8:2:0 No removals or functions Internal changes only, so revision is incremented. Previous version should have been 8:1:0 not 8:0:1 * docs: Use correct symbols for -h option in free.1 Debian #898774 * docs: ps.1 now warns about command name length issue #101 * docs: install translated man pages issue #146 * pgrep: Match on runstate issue #109, Debian #919381 * snice: Fix matching on pid merge #89 * top: can now exploit 256-color terminals issue #96 * top: preserves 'other filters' in configuration file issue #99 * top: can now collapse/expand forest view children issue #99 * top: parent %CPU time includes collapsed children * top: improve xterm support for vim navigation keys issue #135 * top: avoid segmentation fault at program termination Redhat #1737552 - Port patches (mostly changed offsets of the hunks) * procps-ng-3.3.10-fdleak.dif * procps-ng-3.3.10-large_pcpu.patch * procps-ng-3.3.10-slab.patch * procps-ng-3.3.10-xen.dif * procps-ng-3.3.8-bnc634840.patch * procps-ng-3.3.8-petabytes.patch * procps-ng-3.3.8-readeof.patch * procps-ng-3.3.8-tinfo.dif * procps-ng-3.3.8-vmstat-terabyte.dif * procps-v3.3.3-read-sysctls-also-from-boot-sysctl.conf-kernelversion.diff - Delete patches now upstream * procps-ng-3.3.15-typo.patch * procps-ng-3.3.8-top.1.diff - Add aptch procps-ng-3.3.16-comm_len.patch * "ps -C" does not allow anymore an argument longer than 15 characters (bsc#1158830) ==== sudo ==== - Move pam.d/sudo* files to /usr/etc ==== wicked ==== Version update (0.6.60 -> 0.6.61) Subpackages: wicked-service - version 0.6.61 - dracut: add initial cmdline parsing as a config source - address: don't check hwaddr length if parsing as ARPHRD_VOID - utils: added find and insert var array utils, cleanup - client: add show-policy command calling policy generation - client: initial support to generate a basic policy directly - client: cleanup convert and show-config commands