Packages changed:
chrony
etcd (3.4.3 -> 3.4.10)
fuse3 (3.9.2 -> 3.9.3)
libevent (2.1.11 -> 2.1.12)
python38 (3.8.4 -> 3.8.5)
python38-core (3.8.4 -> 3.8.5)
shim-leap (14 -> 15+git47)
sssd
vim (8.2.1253 -> 8.2.1412)
=== Details ===
==== chrony ====
Subpackages: chrony-pool-openSUSE
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
==== etcd ====
Version update (3.4.3 -> 3.4.10)
- Update to version 3.4.10 [CVE-2020-15106][boo#1174951]:
* version: 3.4.10
* Documentation: note on data encryption
* etcdserver: change protobuf field type from int to int64 (#12000)
* pkg: consider umask when use MkdirAll
* etcdmain: let grpc proxy warn about insecure-skip-tls-verify
* etcdmain: fix shadow error
* pkg/fileutil: print desired file permission in error log
* pkg: Fix dir permission check on Windows
* auth: Customize simpleTokenTTL settings.
* mvcc: chanLen 1024 is to biger,and it used more memory. 128 seems to be enough. Sometimes the consumption speed is more than the production speed.
* auth: return incorrect result 'ErrUserNotFound' when client request without username or username was empty.
* etcdmain: fix shadow error
* doc: add TLS related warnings
* etcdserver:FDUsage set ticker to 10 minute from 5 seconds. This ticker will check File Descriptor Requirements ,and count all fds in used. And recorded some logs when in used >= limit/5*4. Just recorded message. If fds was more than 10K,It's low performance due to FDUsage() works. So need to increase it.
* clientv3: cancel watches proactively on client context cancellation
* wal: check out of range slice in "ReadAll", "decoder"
* etcdctl, etcdmain: warn about --insecure-skip-tls-verify options
* Documentation: note on the policy of insecure by default
* etcdserver: don't let InternalAuthenticateRequest have password
* auth: a new error code for the case of password auth against no password user
* Documentation: note on password strength
* etcdmain: best effort detection of self pointing in tcp proxy
* Discovery: do not allow passing negative cluster size
* wal: fix panic when decoder not set
* embed: fix compaction runtime err
* pkg: check file stats
* etcdserver, et al: add --unsafe-no-fsync flag
* version: 3.4.9
* wal: add TestValidSnapshotEntriesAfterPurgeWal testcase
* wal: fix crc mismatch crash bug
* rafthttp: log snapshot download duration
* version: 3.4.8
* rafthttp: improve snapshot send logging
* *: make sure snapshot save downloads SHA256 checksum
* etcdserver/api/snap: exclude orphaned defragmentation files in snapNames
* etcdserver: continue releasing snap db in case of error
* etcdserver,wal: fix inconsistencies in WAL and snapshot
* cherry pick of #11564 (#11880)
* mvcc: fix deadlock bug
* auth: optimize lock scope for CheckPassword
* auth: ensure RoleGrantPermission is compatible with older versions
* etcdserver: print warn log when failed to apply request
* auth: cleanup saveConsistentIndex in NewAuthStore
* auth: print warning log when error is ErrAuthOldRevision
* auth: add new metric 'etcd_debugging_auth_revision'
* tools/etcd-dump-db: add auth decoder, optimize print format
* *: fix auth revision corruption bug
* etcdserver: watch stream got closed once one request is not permitted (#11708)
* version: 3.4.7
* wal: add "etcd_wal_writes_bytes_total"
* pkg/ioutil: add "FlushN"
* test: auto detect branch when finding merge base
* mvcc/kvstore:when the number key-value is greater than one million, compact take too long and blocks other requests
* version: 3.4.6
* lease: fix memory leak in LeaseGrant when node is follower
* version: 3.4.5
* words: whitelist "racey"
* Revert "version: 3.4.5"
* words: whitelist "hasleader"
* version: 3.4.5
* etcdserver/api/v3rpc: handle api version metadata, add metrics
* clientv3: embed api version in metadata
* etcdserver/api/etcdhttp: log server-side /health checks
* proxy/grpcproxy: add return on error for metrics handler
* etcdctl: fix member add command
* version: 3.4.4
* etcdserver: fix quorum calculation when promoting a learner member
* etcdserver: corruption check via http
* mvcc/backend: check for nil boltOpenOptions
* mvcc/backend: Delete orphaned db.tmp files before defrag
* auth: correct logging level
* e2e: test curl auth on onoption user
* auth: fix NoPassWord check when add user
* auth: fix user.Options nil pointer
* mvcc/kvstore:fixcompactbug
* mvcc: update to "etcd_debugging_mvcc_total_put_size_in_bytes"
* mvcc: add "etcd_mvcc_put_size_in_bytes" to monitor the throughput of put request.
* clientv3: fix retry/streamer error message
* etcdserver: wait purge file loop during shutdown
* integration: disable TestV3AuthOldRevConcurrent
* etcdserver: remove auth validation loop
* scripts/release: list GPG key only when tagging is needed
==== fuse3 ====
Version update (3.9.2 -> 3.9.3)
- Update to version 3.9.3
* Minor bugfixes, documentation updates
==== libevent ====
Version update (2.1.11 -> 2.1.12)
- Update to 2.1.12 stable
* buffer: do not pass NULL to memcpy() from evbuffer_pullup()
* http: fix undefined-shift in EVUTIL_IS*_ helpers
* Check error code of evhttp_add_header_internal() in
evhttp_parse_query_impl()
* http: fix EVHTTP_CON_AUTOFREE in case of timeout
* evdns: Add additional validation for values of dns options
* Fix memory corruption in EV_CLOSURE_EVENT_FINALIZE with debug enabled
* increase segment refcnt only if evbuffer_add_file_segment() succeeds
* evdns: fix a crash when evdns_base with waiting requests is freed
* event_base_once: fix potential null pointer threat
* http: do not assume body for CONNECT
* evbuffer_add_file: fix freeing of segment in the error path
* Fix checking return value of the evdns_base_resolv_conf_parse()
* Support EV_CLOSED on linux for poll(2)
* Parse IPv6 scope IDs.
* evutil_time: detect and use _gmtime64_s()/_gmtime64()
* bufferevent: allow setting priority on socket and openssl type
* Fix EV_CLOSED detection/reporting
* Revert "Warn if forked from the event loop during event_reinit()"
==== python38 ====
Version update (3.8.4 -> 3.8.5)
- Update to version 3.8.5:
- bpo-39603: Prevent http header injection by rejecting control
characters in http.client.putrequest(?).
- bpo-41295: Resolve a regression in CPython 3.8.4 where defining
?__setattr__? in a multi-inheritance setup and calling up the
hierarchy chain could fail if builtins/extension types were
involved in the base types.
- bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the
C implementation raises now UnpicklingError instead of
crashing.
- bpo-39017: Avoid infinite loop when reading specially crafted
TAR files using the tarfile module (CVE-2019-20907, bsc#1174091).
- bpo-37703: Updated Documentation to comprehensively elaborate
on the behaviour of gather.cancel()
- bpo-41302: Enable building Python 3.8 with libmpdec-2.5.0 to
ease maintenance for Linux distributions. Patch by Felix Yan.
- bpo-41300: Save files with non-ascii chars. Fix regression
released in 3.9.0b4 and 3.8.4.
- Few minor fixes for the non-primary-interpreter option found
in py3.9
==== python38-core ====
Version update (3.8.4 -> 3.8.5)
Subpackages: libpython3_8-1_0 python38-base
- Update to version 3.8.5:
- bpo-39603: Prevent http header injection by rejecting control
characters in http.client.putrequest(?).
- bpo-41295: Resolve a regression in CPython 3.8.4 where defining
?__setattr__? in a multi-inheritance setup and calling up the
hierarchy chain could fail if builtins/extension types were
involved in the base types.
- bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the
C implementation raises now UnpicklingError instead of
crashing.
- bpo-39017: Avoid infinite loop when reading specially crafted
TAR files using the tarfile module (CVE-2019-20907, bsc#1174091).
- bpo-37703: Updated Documentation to comprehensively elaborate
on the behaviour of gather.cancel()
- bpo-41302: Enable building Python 3.8 with libmpdec-2.5.0 to
ease maintenance for Linux distributions. Patch by Felix Yan.
- bpo-41300: Save files with non-ascii chars. Fix regression
released in 3.9.0b4 and 3.8.4.
- Few minor fixes for the non-primary-interpreter option found
in py3.9
==== shim-leap ====
Version update (14 -> 15+git47)
- Update shim to 15+git47-lp152.4.3.1 from openSUSE Leap 15.2
+ Version: 15+git47 "Fri Jul 31 07:41:26 UTC 2020"
+ Use shim-install in the rpm package
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Build sssd's KCM.
==== vim ====
Version update (8.2.1253 -> 8.2.1412)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.1412, fixes the following problems
- refreshed vim-7.4-highlight_fstab.patch
* CTRL-K in Insert mode gets <CursorHold> inserted. (Roland Puntaier)
* MS-Windows: regexp test may fail if 'iskeyword' set wrongly.
* Cannot use a lambda with quickfix functions.
* Vim9: type wrong after getting dict item in lambda.
* Vim9: list unpack doesn't work at the script level.
* CursorHold does not work well.a (Shane-XB-Qian)
* Empty group in 'tabline' may cause using an invalid pointer.
* There is no good test for CursorHold.
* Vim9: common type of function not tested.
* src/ex_cmds.c file is too big.
* Vim9: comperators use 'ignorecase' in Vim9 script.
* Terminal getwinpos() test is a bit flaky.
* Crash with EXITFREE when split() fails.
* Makefile preferences were accidentally included.
* Vim9: no error for using double quote comment after :func or :def.
* Language and locale code spread out.
* Vim9: not skipping over function type declaration with only a return type.
* Vim9: Error for Funcref function argument type.
* Vim9: type not checked if declaration also assigns value.
* Vim9: no error for missing white space in assignment at script level.
* Vim9: compiler warning for buffer size.
* Tests on Travis do not run with EXITFREE.
* Vim9: line break after "->" only allowed in :def function.
* Some tests on Travis have EXITFREE duplicated.
* Ex command error cannot contain an argument.
* The "trailing characters" error can be hard to understand.
* Vim9: crash when using CheckScriptFailure() in
Test_vim9script_call_fail_decl().
* Vim9: error for misplaced -> lacks argument.
* Vim9: skipping over type includes following white space, leading to an
error for missing white space.
* Vim9: argument types are not checked on assignment.
* Vim9: No error when using a type to a window variable
* Vim9: crash when using an imported function.
* Vim9: cannot use mark in range.
* Crash when using a custom completion function.
* Vim9: cannot replace a global function.
* Vim9: type of varargs items is not checked.
* AIDL filetype not recognized.
* Vim9: :execute mixes up () expression and function call.
* Vim9: error when using vim9script in TextYankPost.
* Tests 44 and 99 are old style.
* Some part of using 'smarcase' was not tested.
* When a test fails it's often not easy to see what the call stack is.
* Compiler warning for unused argument in small version.
* Compiler warning for using size_t for int and void pointer.
* Vim9: optional argument type not parsed properly.
* Vim9: varargs argument type not parsed properly.
* Vim9: varargs arg after optional arg does not work
* Calling popup_setoptions() resets 'signcolumn'.
* Debug backtrace isn't tested much.
* Some tests are still old style.
* Checking for first character of dict key is inconsistent.
* popup window width does not include number, fold of sign column width.
* Vim9: accidentally using "x" causes Vim to exit.
* Build failure with tiny version.
* Configure with Xcode 12 fails to check for tgetent.
* Test failures with legacy Vim script.
* Vim9 script: cannot assign to environment variable.
* Vim9: rule for comment after :function is confusing.
* Vim9: cannot declare some single letter variables.
* Vim9: method on double quoted string doesn't work.
* Vim9: invalid operators only rejected in :def function.
* Vim9: line break after "=" does not work.
* Vim9: using Vim9 script for autaload not tested.
* Vim9: skipping over white space after list.
* No space allowed before comma in list.
* Vim9: cannot define global function inside :def function.
* Vim9: :echo with two lists doesn't work.
* Vim9: memory leak when using nested global function.
* Vim9: memory leak when using nested global function.
* Github workflow timeout needs tuning
* CTRL-C in the GUI doesn't interrupt. (Sergey Vlasov)
* Build failure on non-Unix systems.
* Vim9: cannot use empty key in dict assignment.
* Vim9: assigning to script-local variable doesn't check type.
* Vim9: assigning to global dict variable doesn't work.
* Some tests fail on Cirrus CI and/or with FreeBSD.
* Build failures.
* Vim9: accidentally using "x" gives a confusing error.
* Vim9: cannot find global function when using g: when local function with
the same name exists.
* Vim9: No test for trying to redefine global function.
* Redraw error when using visual block and scroll.
* Small build fails.
* Cannot easily get the script ID.
* Build failure without the eval feature.
* Vim9: can define a function with the name of an import.
* Vim9: no test for error message when redefining function.
* Vim9: no proper error if using namespace for nested function.
* Vim9: no error for shadowing a script-local function by a nested function.
* Crash when drawing double-wide character in terminal window. (Masato
Nishihata)
* Vim9: no error using :let for options and registers.
* Vim9: cannot get the percent register.
* Vim9: cannot assign to / register.
* Vim9: test fails with +dnd is not available.
* Vim9: cannot assign to / register in Vim9 script.
* Stray error for white space after expression.
* Error for white space after expression in assignment.
* Last entry of ":set term=xxx" overwritten by error message when 'cmdheight'
is two or more. (Tony Mechelynck)
* Test trying to run terminal when it is not supported.
* Invalid memory access when searching for raw string.
* Vim9: no error for missing white space around operator.
* Test 49 is old style.
* Vim9: no error for missing white space around operator.
* Vim9: no error for assigning to non-existing script var.
* Vim9: error for assigning empty list to script variable.
* Vim9: method name with digit not accepted.
* Vim9: expression mapping causes error for using :import.
* Triggering the ATTENTION prompt causes typeahead to be messed up.
* Cannot put space between function name and paren.
* Curly braces expression ending in " }" does not work.
* Vim9: return type of getreg() is always a string.
* Vim9: using :import in filetype plugin gives an error.
* Test 49 is old style.
* No ATTENTION prompt for :vimgrep first match file.
* No testing on ARM.
* Backslash not removed afer space in option with space in 'isfname'.
* Vim9: cannot assign to single letter variable with type.
* Vim9: += only works for numbers.
* File missing from the distribution.
* Vim9: type error after storing an option value.
* Vim9: no error for shadowing a script function.
* Vim9: error line number incorrect after skipping over comment lines.
* Insufficient testing for script debugging.
* Vim9: compiling a function interferes with command modifiers.
* Vim9: no error if declaring a funcref with a lower case letter.
* Vim9: no error for unexpectedly returning a value.
* Vim9: return type of maparg() not adjusted for fourth argument.
* Autoload script sourced twice if sourced directly.
* Vim9: may find imported item in wrong script.
* Vim9: test does not delete written files.
* Cannot jump to the last used tabpage.
* s390x tests always fail.
* Vim9: Vim highlighting fails in cmdline window if it uses Vim9 commands.
* Vim9: script test fails in the GUI.
* Vim9: vim9compile.c is getting too big.
* Popupwindow lacks scrollbar if no "maxheight" is used.
* Vim9: type of list and dict only depends on first item.
* Vim9: type casting not supported.
* Nmpmrc and php.ini filetypes not recognized.
* Adding compiler plugin requires test change.
* when splitting a window localdir is copied but prevdir is not.
* Vim: not operator does not result in boolean.