Packages changed: installation-images-MicroOS (17.81 -> 17.86) libcontainers-common libgudev libverto libxmlb (0.3.10 -> 0.3.11) libzypp (17.31.10 -> 17.31.11) makedumpfile (1.7.2 -> 1.7.3) perl-Bootloader (0.941 -> 1.0) postfix (3.7.4 -> 3.8.0) protobuf systemd xdpyinfo (1.3.3 -> 1.3.4) zbar === Details === ==== installation-images-MicroOS ==== Version update (17.81 -> 17.86) - merge gh#openSUSE/installation-images#644 - fix minor usrmerge issue - 17.86 - merge gh#openSUSE/installation-images#643 - usrmerge fixes in module config creation - allow firmware file names with spaces - add qrtr* kernel modules (bsc#1209965) - 17.85 - merge gh#openSUSE/installation-images#642 - adjust module config for kernel 6.3 - 17.84 - merge gh#openSUSE/installation-images#641 - add cpio-mt to spec file - 17.83 - merge gh#openSUSE/installation-images#640 - add mt to rescue system (bsc#1188998) - 17.82 ==== libcontainers-common ==== - Own /etc/containers/systemd and /usr/share/containers/systemd, useful for podman quadlet. ==== libgudev ==== - Add 2 upstream bug fix patches: * 71b2fda04dd71c637361e8ead103980ad6f27ed5.patch: gudev: Fix newline stripping by always reading using udev. * 4216ecd4513bd4c8af73543817a51d6f72f166cc.patch: build: let meson handle gir, vala, gtk-doc dependencies - Use ldconfig_scriptlets macro. ==== libverto ==== - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== libxmlb ==== Version update (0.3.10 -> 0.3.11) - update to 0.3.11: * Add limited support for XPath 1.0 'in' (Richard Hughes) * Add support for zstd (Richard Hughes) * Do not assert() when decompressing invalid LZMA (Richard Hughes) ==== libzypp ==== Version update (17.31.10 -> 17.31.11) - MediaCurl: Fix endless loop if wrong credentials are stored in credentials.cat (bsc#1210870) Since libzypp-17.31.7 wrong credentials stored in credentials.cat may lead to an endless loop. Rather than asking for the right credentials, the stored ones are used again and again. - zypp.conf: Introduce 'download.connect_timeout' [60 sec.] (bsc#1208329) Maximum time in seconds that you allow the connection phase to the server to take. This only limits the connection phase, it has no impact once it has connected. (see also CURLOPT_CONNECTTIMEOUT) - commit: Try to provide /dev fs if not present (fixes #444) - fix build with boost 1.82. - version 17.31.11 (22) - fix build with boost 1.82 ==== makedumpfile ==== Version update (1.7.2 -> 1.7.3) - update to 1.7.3: * Support kernels up to v6.3 (x86_64) * Support sadump with 5-level paging - temporarily disable eppic until v5.0 branch can be supported ==== perl-Bootloader ==== Version update (0.941 -> 1.0) - merge gh#openSUSE/perl-bootloader#143 - adjust Makefile for usrmerge and legacy package split - move obs spec file to git repo - split off old perl code to perl-Bootloader-legacy package - remove legacy part completely - 1.0 - merge gh#openSUSE/perl-bootloader#142 - use fw_platform_size to distinguish between 32 bit and 64 bit UEFI platforms (bsc#1208003) - 0.942 ==== postfix ==== Version update (3.7.4 -> 3.8.0) - update to 3.8.0 * Support to look up DNS SRV records in the Postfix SMTP/LMTP client, Based on code by Tomas Korbar (Red Hat). For example, with "use_srv_lookup = submission" and "relayhost = example.com:submission", the Postfix SMTP client will look up DNS SRV records for _submission._tcp.example.com, and will relay email through the hosts and ports that are specified with those records. * TLS obsolescence: Postfix now treats the "export" and "low" cipher grade settings as "medium". The "export" and "low" grades are no longer supported in OpenSSL 1.1.1, the minimum version required in Postfix 3.6.0 and later. Also, Postfix default settings now exclude deprecated or unused ciphers (SEED, IDEA, 3DES, RC2, RC4, RC5), digest (MD5), key exchange algorithms (DH, ECDH), and public key algorithm (DSS). * Attack resistance: the Postfix SMTP server can now aggregate smtpd_client_*_rate and smtpd_client_*_count statistics by network block instead of by IP address, to raise the bar against a memory exhaustion attack in the anvil(8) server; Postfix TLS support unconditionally disables TLS renegotiation in the middle of an SMTP connection, to avoid a CPU exhaustion attack. * The PostgreSQL client encoding is now configurable with the "encoding" Postfix configuration file attribute. The default is "UTF8". Previously the encoding was hard-coded as "LATIN1", which is not useful in the context of SMTP. * The postconf command now warns for #comment in or after a Postfix parameter value. Postfix programs do not support #comment after other text, and treat that as input. - rebase/refresh patches * pointer_to_literals.patch * postfix-linux45.patch * postfix-master.cf.patch * postfix-ssl-release-buffers.patch * set-default-db-type.patch ==== protobuf ==== Subpackages: libprotobuf-lite3_21_12 libprotobuf3_21_12 python310-protobuf - Mention the rpmlintrc file in the spec. - Make possible to build on older systems, like SLE12 that miss some of the used macros. ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc systemd-lang udev - Re-add back 'arabic' keymap mapping as YaST needs more time than expected to cope with this change. - systemd.spec: don't call %systemd_{pre,post} on units shipped by the main package since they don't have any effect during installation (systemctl is not yet installed when %pre script is executed). This is actually the reason why it's handled by the %%posttrans scripts of systemd-presets-common-SUSE. - kbd-model-map.legacy: 'arabic' vc keymap has been renamed 'ara' (bsc#1210702) - add some green to systemd-boot menu - kbd-model-map.legacy: drop some entries no longer needed by YaST (related to bsc#1194609) - tmpfiles-suse.conf (jsc#PED-3144): - Remove lastlog entry, replaced by lastlog2 - Remove btmp entry, not Y2038 safe ==== xdpyinfo ==== Version update (1.3.3 -> 1.3.4) - Update to version 1.3.4 * This release stops compiling support for the XF86-Misc extension by default, and thus stops linking with the deprecated libXxf86misc library by default. This support can still be enabled for now by passing --with-xf86misc to the configure script, but as the server side of this extension was removed in the xserver-1.6.0 release in 2008 there is little reason to do so, and the support may be removed entirely in a future release of xdpyinfo. - we have xorg-server >= 1.6 since sle11-sp1, so we are on the safe side with our customers ==== zbar ==== - add py311.patch to fix build against python 3.11