Packages changed:
cloud-init
cryptsetup (2.3.1 -> 2.3.3)
gptfdisk (1.0.4 -> 1.0.5)
haproxy (2.1.4+git0.3cfc2f1d9 -> 2.1.5+git0.36e14bd31)
haveged (1.9.4 -> 1.9.8)
irqbalance (1.6.0+git20190711.f7fdebb -> 1.6.0+git20200317.0348a3b)
kmod (26 -> 27)
libsolv (0.7.13 -> 0.7.14)
libzypp (17.23.4 -> 17.23.5)
lvm2
lvm2-device-mapper
open-vm-tools
=== Details ===
==== cloud-init ====
- bsc#1170154: rsyslog warning, '~' is deprecated
+ replace deprecated syntax '& ~' by '& stop'
for more information please see https://www.rsyslog.com/rsyslog-error-2307/
==== cryptsetup ====
Version update (2.3.1 -> 2.3.3)
Subpackages: libcryptsetup12
- Update to 2.3.3:
* Fix BitLocker compatible device access that uses native 4kB
sectors
* Support large IV count (--iv-large-sectors) cryptsetup option
for plain device mapping
* Fix a memory leak in BitLocker compatible handling
* Allow EBOIV (Initialization Vector algorithm) use
* LUKS2: Require both keyslot cipher and key size option, do
not fail silently
- includes changes from 2.3.2:
* Add option to dump content of LUKS2 unbound keyslot
* Add support for discards (TRIM) for standalone dm-integrity
devices (Kernel 5.7) via --allow-discards, not for LUKS2
* Fix cryptsetup-reencrypt to work on devices that do not allow
direct-io device access.
* Fix a crash in the BitLocker-compatible code error path
* Fix Veracrypt compatible support for longer (>64 bytes)
passphrases
==== gptfdisk ====
Version update (1.0.4 -> 1.0.5)
- Update to 1.0.5
* Changed number of columns in type code output ("sgdisk -L"
and equivalents in gdisk and cgdisk) from 3 to 2, since some
descriptions are long enough that they are ambiguous with
three columns.
* You can now put the 0xEE partition last in a hybrid MBR using
sgdisk. (Previously, this was possible with gdisk but not
with sgdisk.) See the sgdisk man page for details.
* Added numerous type codes for Container Linux, Veracrypt, and
Freedesktop.org's Discoverable Partitions Specification
* Partition type name searches are now case-insensitive.
* It is now possible to quit out of partition type name
searches by typing "q".
* When changing a partition type code, the default is now the
current type code, not a platform-specific type code.
==== haproxy ====
Version update (2.1.4+git0.3cfc2f1d9 -> 2.1.5+git0.36e14bd31)
- Update to version 2.1.5+git0.36e14bd31:
* [RELEASE] Released version 2.1.5
* BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
* BUG/MINOR: lua: Add missing string length for lua sticktable lookup
* BUG/MEDIUM: logs: fix trailing zeros on log message.
* REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
* BUG/MINOR: logs: prevent double line returns in some events.
* DOC: SPOE is no longer experimental
* DOC/MINOR: halog: Add long help info for ic flag
* DOC: retry-on can only be used with mode http
* BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
* BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
* BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
* BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
* BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
* BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
* BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
* BUILD: select: only declare existing local labels to appease clang
* BUG/MINOR: soft-stop: always wake up waiting threads on stopping
* BUG/MINOR: pollers: remove uneeded free in global init
* BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
* BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
* BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
* BUG/MINOR: http-ana: fix NTLM response parsing again
* BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
* BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
* BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
* BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
* BUG/MINOR: sample: Set the correct type when a binary is converted to a string
* CLEANUP: connections: align function declaration
* BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
* BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
* BUG/MEDIUM: connections: force connections cleanup on server changes
* BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
* BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
* BUG/MINOR: checks: Remove a warning about http health checks
* BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks
* BUG/MINOR: checks/server: use_ssl member must be signed
* Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections"
* Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY connections"
* REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script
* REGTEST: ssl: test the client certificate authentication
* BUILD: Makefile: add linux-musl to TARGET
* BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
* BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
* MINOR: debug: dump the whole trace if we can't spot the starting point
* MINOR: debug: use our own backtrace function on clang+x86_64
* MINOR: debug: improve backtrace() on aarch64 and possibly other systems
* MINOR: debug: report the number of entries in the backtrace
* MINOR: wdt: do not depend on USE_THREAD
* BUILD: Makefile: include librt before libpthread
* MINOR: debug: call backtrace() once upon startup
* MEDIUM: debug: add support for dumping backtraces of stuck threads
* MINOR: cli: make "show fd" rely on resolve_sym_name()
* MINOR: debug: use resolve_sym_name() to dump task handlers
* MINOR: tools: add resolve_sym_name() to resolve function pointers
* MINOR: tools: add new function dump_addr_and_bytes()
* MINOR: haproxy: export run_poll_loop
* MINOR: stream: report the list of active filters on stream crashes
* BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
* BUG/MEDIUM: shctx: really check the lock's value while waiting
* BUG/MINOR: debug: properly use long long instead of long for the thread ID
* MINOR: threads: export the POSIX thread ID in panic dumps
* BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
* BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
* BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
* BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
* BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
* BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
* BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
* BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
* BUG/MINOR: checks: chained expect will not properly wait for enough data
* BUG/MEDIUM: server/checks: Init server check during config validity check
* BUG/MINOR: checks: Respect the no-check-ssl option
* MINOR: checks: Add a way to send custom headers and payload during http chekcs
* BUG/MINOR: check: Update server address and port to execute an external check
* MINOR: contrib: make the peers wireshark dissector a plugin
* MEDIUM: memory: make pool_gc() run under thread isolation
* DOC: option logasap does not depend on mode
* BUG/MINOR: http: make url_decode() optionally convert '+' to SP
* BUG/MINOR: tools: fix the i386 version of the div64_32 function
* BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
* BUG/MINOR: ssl: default settings for ssl server options are not used
* DOC: Improve documentation on http-request set-src
* MINOR: version: Show uname output in display_version()
* DOC: hashing: update link to hashing functions
* BUG/MINOR: peers: Incomplete peers sections should be validated.
* BUG/MINOR: connection: always send address-less LOCAL PROXY connections
* BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
* BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
* MINOR: ssl: improve the errors when a crt can't be open
* BUG/MINOR: protocol_buffer: Wrong maximum shifting.
==== haveged ====
Version update (1.9.4 -> 1.9.8)
Subpackages: libhavege1
- Update to version 1.9.8:
* Fix for Unresolved symbol error_exit in libhavege #20 by pld-gitsync [Jirka Hladky]
* order after systemd-tmpfiles-setup-dev.service (origin/pr/21) [Christian Hesse]
* use systemd security features [Christian Hesse]
* do not run in container [Christian Hesse]
* do not use carriage return in line break [Christian Hesse]
* Fixed invalid UTF-8 codes in ChangeLog [Jirka Hladky]
- Changes for version 1.9.5:
* Added test for /dev/random symlink [Jirka Hladky]
* Update to automake 1.16 [Jirka Hladky]
* Fix segv at start [Andrew]
* Fixed built issue on Cygwin [jbaker6953]
* Fix segfault on arm machines (origin/pr/7) [Natanael Copa]
* init.d/Makefile.am - add missing dependency [Jackie Huang]
* service.redhat - update PIDFile [Pierre-Jean Texier]
* Fix type mismatch in get_poolsize [Andreas Schwab]
* Fixup upstream changelog [Nicolas Braud-Santoni]
* Remove support for CPUID on ia64 (origin/pr/19) [Jeremy Bobbio]
* Output some progress during CUSUM and RANDOM EXCURSION test [Sven Hartge]
* Diagnostics capture mode now works correctly [Ethan Rahn]
- Drop upstream patches:
* f2193587.patch
* get-poolsize.patch
==== irqbalance ====
Version update (1.6.0+git20190711.f7fdebb -> 1.6.0+git20200317.0348a3b)
- Update to latest git HEAD version 0348a3b.
There has been no version update for quite some time, but some
restructuring and fixes we want to have included.
D install-man-pages.patch
==== kmod ====
Version update (26 -> 27)
Subpackages: kmod-compat libkmod2
- Update to release 27
* Link to libcrypto rather than requiring openssl.
* Use PKCS#7 instead of CMS for parsing module signature to be
compatible with LibreSSL and OpenSSL < 1.1.0.
* Teach modinfo to parse modules.builtin.modinfo. When using
Linux kernel >= v5.2~rc1, it is possible to get module
information from this new file.
==== libsolv ====
Version update (0.7.13 -> 0.7.14)
- Support blacklisted packages in solver_findproblemrule()
[bnc#1172135]
- Support rules with multiple negative literals in choice rule
generation
- bump version to 0.7.14
==== libzypp ====
Version update (17.23.4 -> 17.23.5)
- Enable zchunk on SLE-15-SP2.
- Older kernel-devel packages are not properly purged (bsc#1171224)
- doc: enhance service plugin example.
- version 17.23.5 (22)
==== lvm2 ====
Subpackages: liblvm2cmd2_03
- removing LVM cache with cache volume does not remove the cache volume (bsc#1171907)
+ bug-1171907-lvremove-remove-attached-cachevol-with-removed-LV.patch
==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03
- removing LVM cache with cache volume does not remove the cache volume (bsc#1171907)
+ bug-1171907-lvremove-remove-attached-cachevol-with-removed-LV.patch
==== open-vm-tools ====
Subpackages: libvmtools0
- While updating to 11.1.0 (build 16036546) (boo#1171764) hold off on
producing the open-vm-tools-sdmp (boo#1171765 Service Discover plugin)
until it has gone through the ECO process. Once approved, will resubmit
to include the plugin.