Packages changed:
audit
audit-secondary
containers-systemd (0.0+git20201208.1b4413e -> 0.0+git20201220.ed8a6b2)
glib2 (2.66.3 -> 2.66.4)
glibc
gmp
libcap (2.43 -> 2.44)
ncurses (6.2.20201031 -> 6.2.20201205)
readline
xen (4.14.0_12 -> 4.14.1_02)
=== Details ===
==== audit ====
Subpackages: libaudit1 libauparse0
- Enable Aarch64 processor support. (bsc#1179515 bsc#1179806)
==== audit-secondary ====
Subpackages: audit python3-audit
- Enable Aarch64 processor support. (bsc#1179515 bsc#1179806)
==== containers-systemd ====
Version update (0.0+git20201208.1b4413e -> 0.0+git20201220.ed8a6b2)
- Update to version 0.0+git20201220.ed8a6b2:
* Add default for FETCHMAILRC
- Update to version 0.0+git20201220.0fae7ba:
* Add service for fetchmail container
- Update to version 0.0+git20201220.69a11d7:
* Document spamassassin support
* Add support for a spamassassin container
- LDAP_MAIL_READER_PASSWORD was renamed to LDAP_BIND_PASSWORD
- Update to version 0.0+git20201217.a84253d:
* Allow to overwrite TLS key location
==== glib2 ====
Version update (2.66.3 -> 2.66.4)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.66.4:
+ Fix some issues in parsing floating point seconds in
`GDateTime`
+ Fix some issues in handling invalid UTF-8 when parsing for
`GDate`
+ Bugs fixed: glgo#GNOME/GLib#2264, glgo#GNOME/GLib!1774,
glgo#GNOME/GLib!1790, glgo#GNOME/GLib!1793,
glgo#GNOME/GLib!1799, glgo#GNOME/GLib!1805.
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- aarch64-static-pie.patch: fix static PIE start code for BTI
(bsc#1179450, BZ #27068)
- iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in
IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224)
- iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop
bounds (CVE-2020-29562, bsc#1179694, BZ #26923)
- printf-long-double-non-normal.patch: x86: Harden printf against
non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649)
- get-nprocs-cpu-online-parsing.patch: Fix parsing of
/sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
==== gmp ====
- Add gmp-6.2.1-arm64-invert_limb.patch [bsc#1179751]
==== libcap ====
Version update (2.43 -> 2.44)
- update to 2.44:
Generally, this is a release to help package builders: no functional change
to any of the generated code just documentation and make related fixes.
==== ncurses ====
Version update (6.2.20201031 -> 6.2.20201205)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20201205
+ amend build-fixes for gnat 10 to work with certain systems lacking
gprbuild (cf: 20200627).
+ eliminate an additional strlen and wsclen.
+ eliminate an unnecessary strlen in waddnstr() (suggested by Benjamin
Abendroth).
+ modify inopts manpage, separating the items for nodelay and notimeout
(patch by Benno Schulenberg).
+ correct mlterm3 kf1-kf4 (Debian #975322) -TD
+ add flash to mlterm3 -TD
- Add ncurses patch 20201128
+ add Smulx to alacritty (Christian Duerr).
+ add rep to PuTTY -TD
+ add putty+keypad -TD
+ add another fflush(stdout) in _nc_flush() to handle time-delays in
the middle of strings such as flash when the application uses
low-level calls rather than curses (cf: 20161217).
+ modify configure check for c89/c99 aliases of clang to use its
- std option instead, because some platforms, in particular macOS,
do not provide workable c89/c99 aliases.
- Add ncurses patch 20201121
+ fix some compiler-warnings in experimental Windows-10 driver.
+ add the definitions needed in recent configure-check for clang
(report by Steven Pitman).
- Add ncurses patch 20201114
+ fix some compiler-warnings in experimental Windows-10 driver.
+ modify a check for parameters in terminfo capabilities to handle the
special case where short extended capability strings were not
converted from terminfo to termcap format.
+ modify CF_MIXEDCASE_FILENAMES macro, adding darwin as special case
when cross-compiling (report by Eli Rykoff).
- Add ncurses patch 20201107
+ update kitty+common -TD
+ add putty+screen and putty-screen (suggested by Alexandre Montaron).
+ explain in ncurses.3x that functions in the tinfo library do not rely
upon wide-characters (prompted by discussion with Reuben Thomas).
==== readline ====
- get rid of /lib hack and install readline in /usr. Bash is already there
anyways (boo#1029961)
- remove deprecated %install_info
==== xen ====
Version update (4.14.0_12 -> 4.14.1_02)
- Update to Xen 4.14.1 bug fix release (bsc#1027519)
xen-4.14.1-testing-src.tar.bz2
Contains the following recent security fixes
bsc#1179516 XSA-359 - CVE-2020-29571
bsc#1179514 XSA-358 - CVE-2020-29570
bsc#1179513 XSA-356 - CVE-2020-29567
bsc#1178963 XSA-355 - CVE-2020-29040
bsc#1178591 XSA-351 - CVE-2020-28368
bsc#1179506 XSA-348 - CVE-2020-29566
bsc#1179502 XSA-325 - CVE-2020-29483
bsc#1179501 XSA-324 - CVE-2020-29484
bsc#1179498 XSA-322 - CVE-2020-29481
bsc#1179496 XSA-115 - CVE-2020-29480
- Dropped patches contained in new tarball
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-64bit-segbase-consistency.patch
5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
5f5b6b7a-hypfs-fix-custom-param-writes.patch
5f607915-x86-HVM-more-consistent-IO-completion.patch
5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
5f6a008e-x86-MSI-drop-read_msi_msg.patch
5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
5f6a00c4-evtchn-relax-port_is_valid.patch
5f6a00df-x86-PV-avoid-double-exception-injection.patch
5f6a00f4-evtchn-add-missing-barriers.patch
5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
5f6a0178-evtchn-address-races-with-evtchn_reset.patch
5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
5f71a21e-x86-S3-fix-shadow-stack-resume.patch
5f76ca65-evtchn-Flask-prealloc-for-send.patch
5f76caaf-evtchn-FIFO-use-stable-fields.patch
5f897c25-x86-traps-fix-read_registers-for-DF.patch
5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
xsa351-1.patch
xsa351-2.patch
xsa351-3.patch
xsa355.patch
- bsc#1178736 - allow restart of xenwatchdogd, enable tuning of
keep-alive interval and timeout options via XENWATCHDOGD_ARGS=
add xenwatchdogd-options.patch
add xenwatchdogd-restart.patch
- bsc#1177112 - Fix libxc.sr.superpage.patch
The receiving side may punch holes incorrectly into optimistically
allocated superpages. Also reduce overhead in bitmap handling.
add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
add libxc-bitmap-long.patch
add libxc-bitmap-longs.patch
- boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin
xen-destdir.patch
Drop tmp_build.patch
- bsc#1176782 - L3: xl dump-core shows missing nr_pages during
core. If maxmem and current are the same the issue doesn't happen
5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch
- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change
(XSA-355)
xsa355.patch
- Fix build error with libxl.fix-libacpi-dependency.patch
- Enhance libxc.migrate_tracking.patch
Hide SUSEINFO messages from pause/unpause/resume from xl command.
They are intended for libvirt logging, but lacked info about
execution context.
Remove extra logging about dirty pages in each iteration, the
number of transferred pages + protocol overhead is already
reported elsewhere.
- Remove libxl.libxl__domain_pvcontrol.patch
It is already part of 4.14.0-rc1