Packages changed: bash chrony filesystem (15.5 -> 84.87) kernel-default-base kmod libqmi (1.28.4 -> 1.28.6) openldap2 (2.4.58 -> 2.4.59) openssh qemu util-linux === Details === ==== bash ==== - Use well defined HOSTTYPE, as well as OS, VENDOR, and MACHTYPE (boo#1186296) ==== chrony ==== Subpackages: chrony-pool-openSUSE - Change to using systemd-sysusers - Remove otherproviders, not needed anymore ==== filesystem ==== Version update (15.5 -> 84.87) - Add /etc/motd.d and /usr/lib/motd.d [bsc#1185897] - Set package version number for Tumbleweed to TW - Add Turkish, Romanian and Indonesian to localized man directories (match up all currently supported languages by man-db) ==== kernel-default-base ==== - Add nfsd for nfs server support (boo#1186363) ==== kmod ==== Subpackages: libkmod2 - Enable support for ZSTD compressed modules ==== libqmi ==== Version update (1.28.4 -> 1.28.6) - Update to version 1.28.6 * New request/responses: - dms: implement "Foxconn Set FCC authentication" request/response. * libqmi-glib: - Fix transport detection in the 'wwan' subsystem. * build: - Fix build with GCC 11 and -Wincompatible-pointer-types. * Several other minor improvements and fixes. ==== openldap2 ==== Version update (2.4.58 -> 2.4.59) - updated to 2.4.59 OpenLDAP 2.4.59 Release (2021/06/03) Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521) Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530) Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295) Fixed slapd-mdb cursor init check (ITS#9526) Fixed slapd-mdb deletion of context entry (ITS#9531) Fixed slapd-mdb off-by-one affecting search scope (ITS#9557) Fixed slapo-pcache locking during expiration (ITS#9529) Contrib Fixed slapo-autogroup to not thrash thread context (ITS#9494) Documentation ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559) ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Change vendor configuration dir from /usr/share/ssh/ to /usr/etc/ssh/. - Remove upgrade enablement hack. This has been fixed in systemd-rpm-macros (bsc#1180083). - Add support for vendor provided configuration files in /usr/share/ssh/ (openssh-8.4p1-vendordir.patch) - Move configuration files from /etc/ssh/ to /usr/share/ssh/ - Drop openssh-7.7p1-allow_root_password_login.patch to prevent login as root via password by default (is also upstream default). Comment indicates that this was a temporary meassure that we now had for five years, time to get rid of it (bsc#1173067) ==== qemu ==== - disable sheepdog, it was dropped upstream ( https://gitlab.com/qemu-project/qemu/-/commit/09ec85176e4095be15f233ebc870d5680123f024) and fails to build with gcc 11 on non-x86 - Fix CVE-2021-3527 in usb/redir: usb-redir-avoid-dynamic-stack-allocation.patch - Fix issues found upstream: hw-block-nvme-consider-metadata-read-aio.patch sockets-update-SOCKET_ADDRESS_TYPE_FD-li.patch vfio-ccw-Permit-missing-IRQs.patch vhost-user-blk-Check-that-num-queues-is-.patch vhost-user-blk-Don-t-reconnect-during-in.patch vhost-user-blk-Fail-gracefully-on-too-la.patch vhost-user-blk-Get-more-feature-flags-fr.patch vhost-user-blk-Make-sure-to-set-Error-on.patch virtio-blk-Fix-rollback-path-in-virtio_b.patch virtio-Fail-if-iommu_platform-is-request.patch virtiofsd-Fix-side-effect-in-assert.patch monitor-qmp-fix-race-on-CHR_EVENT_CLOSED.patch - Brotli VLA error was already fixed in v5.2 but the patches wasn't included in v6.0. This change fixed that - Patches added: brotli-fix-actual-variable-array-paramet.patch hw-rx-rx-gdbsim-Do-not-accept-invalid-me.patch ui-Fix-memory-leak-in-qemu_xkeymap_mappi.patch - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484, CVE-2021-3419, bsc#1182975) ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - login.pamd: use pam_motd to unify motd handling [bsc#1185897]. Else motd snippets of e.g. cockpit will not be shown.