Packages changed: bcache-tools cryptsetup fuse3 gcc10 (10.2.1+git872 -> 10.2.1+git958) hwinfo (21.70 -> 21.71) ipset (7.6 -> 7.9) lz4 (1.9.2 -> 1.9.3) nvme-cli pam (1.4.0 -> 1.5.0) perl system-users systemd-default-settings (0.4 -> 0.5) === Details === ==== bcache-tools ==== - Makefile: install bcache-status (jsc#SLE-9807, bsc#1178725) 0018-Makefile-install-bcache-status.patch - bcache-tools.spec: add '_sbindir/bcache-status' for the new added bcache-status python script (jsc#SLE-9807, bsc#1178725) ==== cryptsetup ==== Subpackages: libcryptsetup12 - prepare usrmerge (boo#1029961) ==== fuse3 ==== - Drop /sbin links; they do not seem to be used from anywhere. - Package "permission" is required in %post, not %pre. - Update descriptions. ==== gcc10 ==== Version update (10.2.1+git872 -> 10.2.1+git958) Subpackages: libgcc_s1 libgomp1 libstdc++6 - Add gcc10-amdgcn-llvm-as.patch to fix build of amdgcn offload compiler with llvm11. - Update to gcc-10 branch head (98ba03ffe0b9f37b4916ce6238), git958. * Includes fix for memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Fix 32bit libgnat.so link. [bsc#1178675] ==== hwinfo ==== Version update (21.70 -> 21.71) - merge gh#openSUSE/hwinfo#89 - rework network device detection on aarch64 (bsc#1177600, bsc#1177261) - 21.71 ==== ipset ==== Version update (7.6 -> 7.9) Subpackages: libipset13 - Update to release 7.9 * Enable memory accounting for ipset allocations * Expose the initval hash parameter to userspace * Add bucketsize parameter to all hash types * Support the -exist flag with the destroy command ==== lz4 ==== Version update (1.9.2 -> 1.9.3) - Update to release 1.9.3 * api: LZ4_decompress_safe_partial() now supports unknown compressed size * api: improved LZ4F_compressBound() with automatic flushing * cli: multiple files are compressed now using the legacy format ==== nvme-cli ==== - Drop '-f' option with %service_del_postun This option shouldn't be needed besides very few special cases. But this package doesn't seem to belong to this category. ==== pam ==== Version update (1.4.0 -> 1.5.0) - Update to 1.5.0 - obsoletes pam-bsc1178727-initialize-daysleft.patch - Multiple minor bug fixes, portability fixes, and documentation improvements. - Extended libpam API with pam_modutil_check_user_in_passwd function. - pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660. - pam_motd: read motd files with target user credentials skipping unreadable ones. - pam_pwhistory: added a SELinux helper executable. - pam_unix, pam_usertype: implemented avoidance of certain timing attacks. - pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails. - pam_env: Reading of the user environment is deprecated and will be removed at some point in the future. - libpam: pam_modutil_drop_priv() now correctly sets the target user's supplementary groups, allowing pam_motd to filter messages accordingly - Refresh pam-xauth_ownership.patch - pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package - pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package - pam_cracklib: added code to check whether the password contains a substring of of the user's name of at least characters length in some form. This is enabled by the new parameter "usersubstr=" See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch] - pam_xauth.c: do not free() a string which has been (successfully) passed to putenv(). [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch] - Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft" to avoid spurious (and misleading) Warning: your password will expire in ... days. fixed upstream with commit db6b293046a [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch] - Enable pam_faillock [bnc#1171562] - /usr/bin/xauth chokes on the old user's $HOME being on an NFS file system. Run /usr/bin/xauth using the old user's uid/gid Patch courtesy of Dr. Werner Fink. [bsc#1174593, pam-xauth_ownership.patch] - pam-login_defs-check.sh: Fix the regexp to get a real variable list (boo#1164274). - Revert the previous change [SR#815713]. The group is not necessary for PAM functionality but used only during testing. The test system should therefore create this group. [bsc#1171016, pam.spec] - Add requirement for group "wheel" to spec file. [bsc#1171016, pam.spec] ==== perl ==== - Correct perl license According to https://dev.perl.org/licenses/ perl is licensed under the artistic license or the GPL 1.0 or later ==== system-users ==== Subpackages: system-group-hardware system-user-nobody - Add qemu user to kvm group - Add system account and groups for kvm, qemu, and libvirt (jsc#SLE-11629) New files: system-group-kvm.conf, system-group-libvirt.conf, system-user-qemu.conf ==== systemd-default-settings ==== Version update (0.4 -> 0.5) Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Issue a daemon-reload in %post of the main package - Import 0.5 0c5e241 SLE: turn off RemoveIPC by default for logind (fate#320125) cb6914f SLE: restore ProtectHostname=no for udevd (bsc#1178374) 7e332a6 Add a header in all each drop-ins 465e1c7 Makefile: simplify 'archive' target