Packages changed: aaa_base (84.87+git20210317.2c04190 -> 84.87+git20210601.8cb043f) alsa (1.2.4 -> 1.2.5) boost-base chrony (3.5.1 -> 4.1) curl (7.76.1 -> 7.77.0) gnutls (3.7.1 -> 3.7.2) helm (3.5.4 -> 3.6.0) kmod (28 -> 29) libX11 libcap libmodulemd (2.12.0 -> 2.12.1) libtasn1 (4.16.0 -> 4.17.0) openssl pcre2 (10.36 -> 10.37) vim (8.2.2850 -> 8.2.2918) wget xen (4.14.1_16 -> 4.15.0_01) yast2 (4.4.5 -> 4.4.9) === Details === ==== aaa_base ==== Version update (84.87+git20210317.2c04190 -> 84.87+git20210601.8cb043f) - Update to version 84.87+git20210601.8cb043f: * Use shell builtins for $HOSTTYPE and others (boo#1186296) ==== alsa ==== Version update (1.2.4 -> 1.2.5) - Update to version 1.2.5 * https://www.alsa-project.org/wiki/Changes_v1.2.4_v1.2.5#alsa-lib - Drop upstream fixed patches * 0001-dlmisc-the-snd_plugin_dir_set-snd_plugin_dir-must-be.patch * 0002-dlmisc-fix-snd_plugin_dir-locking-for-not-DL_ORIGIN_.patch * 0003-pcm-snd_pcm_mmap_readi-fix-typo-in-comment.patch * 0004-topology-use-inclusive-language-for-bclk.patch * 0005-topology-use-inclusive-language-for-fsync.patch * 0006-topology-use-inclusive-language-in-documentation.patch * 0007-pcm-set-the-snd_pcm_ioplug_status-tstamp-field.patch * 0009-pcm-Add-snd_pcm_audio_tstamp_type_t-constants.patch * 0045-pcm-direct-Fix-the-missing-appl_ptr-update.patch * 0019-pcm-fix-__snd_pcm_state-return-value.patch * 0025-pcm-plugin-optimize-sync-in-snd_pcm_plugin_status.patch * 0026-Revert-pcm_plugin-fix-delay.patch * 0014-rawmidi-fix-memory-leak-in-snd_rawmidi_virtual_open.patch * 0037-topology-tplg_decode_pcm-add-missing-log-argument-co.patch * 0040-topology-sort_config-cleanups-use-goto-for-the-error.patch * 0028-pcm-rate-tidy-up-snd_pcm_rate_avail_update.patch * 0046-pcm-ioplug-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_statu.patch * 0030-pcm-rate-use-pcm_frame_diff-in-snd_pcm_rate_playback.patch * 0047-pcm-null-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_status.patch * 0043-pcm-dmix-dshare-delay-calculation-fixes-and-cleanups.patch * 0042-pcm_plugin-set-the-initial-hw_ptr-appl_ptr-from-the-.patch * 0011-pcm-Fix-a-typo-in-SND_PCM_AUDIO_TSTAMP_TYPE_LAST-def.patch * 0017-pcm_multi-remove-dead-assignment-from-_snd_pcm_multi.patch * 0027-pcm-ioplug-fix-the-delay-calculation-in-the-status-c.patch * 0041-conf-USB-add-Xonar-U7-MKII-to-USB-Audio.pcm.iec958_d.patch * 0016-pcm-remove-dead-assignments-from-snd_pcm_rate_-commi.patch * 0035-topology-tplg_pprint_integer-fix-coverity-uninitaliz.patch * 0034-ucm-fix-possible-memory-leak-in-parse_verb_file.patch * 0021-conf-fix-return-code-in-_snd_config_load_with_includ.patch * 0023-pcm-plugin-status-revert-the-recent-changes.patch * 0020-confmisc-fix-memory-leak-in-snd_func_concat.patch * 0029-pcm-ioplug-fix-the-delay-calculation-for-old-plugins.patch * 0039-ucm-uc_mgr_substitute_tree-fix-use-after-free.patch * 0024-pcm-plugin-tidy-snd_pcm_plugin_avail_update.patch * 0010-test-audio_time-Make-use-of-SND_PCM_AUDIO_TSTAMP_TYP.patch * 0033-pcm-rate-fix-the-capture-delay-values.patch * 0015-timer-fix-sizeof-operator-mismatch-in-snd_timer_quer.patch * 0036-topology-tplg_add_widget_object-do-not-use-invalid-e.patch * 0044-topology-fix-parse_tuple_set-remove-dead-condition-c.patch * 0038-topology-parse_tuple_set-remove-dead-condition-code.patch * 0018-conf-fix-get_hexachar-return-value.patch * 0013-ucm-fix-bad-frees-in-get_list0-and-get_list20.patch * 0012-conf-fix-use-after-free-in-_snd_config_load_with_inc.patch * 0031-pcm-plugin-fix-status-code-for-capture.patch * 0048-pcm-share-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_status.patch * 0032-pcm-rate-use-pcm_frame_diff-on-related-places.patch * 0022-pcm-plugin-status-fix-the-return-value-regression.patch ==== boost-base ==== Subpackages: boost-license1_76_0 libboost_thread1_76_0 - Compile boost iostreams with lzma support for reading .xz files ==== chrony ==== Version update (3.5.1 -> 4.1) Subpackages: chrony-pool-openSUSE - Update to 4.1 * Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate) * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certificates * Allow multiple pairs of server keys and certificates * Add copy option to server/pool directive * Increase PPS lock limit to 40% of pulse interval * Perform source selection immediately after loading dump files * Reload dump files for addresses negotiated by NTS-KE server * Update seccomp filter and add less restrictive level * Restart ongoing name resolution on online command * Fix dump files to not include uncorrected offset * Fix initstepslew to accept time from own NTP clients * Reset NTP address and port when no longer negotiated by NTS-KE server - Update clknetsim to snapshot f89702d. - Refresh chrony.keyring from https://chrony.tuxfamily.org/gpgkey-8F375C7E8D0EE125A3D3BD51537E2B76F7680DAC.asc - Ensure the correct pool packages are installed for openSUSE and SLE (bsc#1180689). - Enable syscallfilter unconditionally [boo#1181826]. - drop buildrequires on NSS. We need gnutls for NTS anyway and we can do all the other required crypto via nettle+gnutls. no need for another crypto library. - Update to 4.0 - Enhancements - Add support for Network Time Security (NTS) authentication - Add support for AES-CMAC keys (AES128, AES256) with Nettle - Add authselectmode directive to control selection of unauthenticated sources - Add binddevice, bindacqdevice, bindcmddevice directives - Add confdir directive to better support fragmented configuration - Add sourcedir directive and "reload sources" command to support dynamic NTP sources specified in files - Add clockprecision directive - Add dscp directive to set Differentiated Services Code Point (DSCP) - Add -L option to limit log messages by severity - Add -p option to print whole configuration with included files - Add -U option to allow start under non-root user - Allow maxsamples to be set to 1 for faster update with -q/-Q option - Avoid replacing NTP sources with sources that have unreachable address - Improve pools to repeat name resolution to get "maxsources" sources - Improve source selection with trusted sources - Improve NTP loop test to prevent synchronisation to itself - Repeat iburst when NTP source is switched from offline state to online - Update clock synchronisation status and leap status more frequently - Update seccomp filter - Add "add pool" command - Add "reset sources" command to drop all measurements - Add authdata command to print details about NTP authentication - Add selectdata command to print details about source selection - Add -N option and sourcename command to print original names of sources - Add -a option to some commands to print also unresolved sources - Add -k, -p, -r options to clients command to select, limit, reset data - Bug fixes - Don?t set interface for NTP responses to allow asymmetric routing - Handle RTCs that don?t support interrupts - Respond to command requests with correct address on multihomed hosts - Removed features - Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) - Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x clients using non-MD5/SHA1 keys need to use option "version 3") - Drop support for line editing with GNU Readline - add BuildRequires for gnutls-devel (which also pulls nettle to enable the new features) - drop patches which are included in the update: chrony-test-update-processing-of-packet-log.patch chrony-test-fix-util-unit-test-for-NTP-era-split.patch - refreshed chrony-config.patch - track series file for easier quilt setup - added option to turn off testsuite with osc build --without=testsuite testsuite still runs by default ==== curl ==== Version update (7.76.1 -> 7.77.0) Subpackages: libcurl4 - Update to 7.77.0: [bsc#1186114, CVE-2021-22898] [bsc#1186115, bsc#1185579, CVE-2021-22901] * Security fixes: - CVE-2021-22297: schannel cipher selection surprise - CVE-2021-22298: TELNET stack contents disclosure - CVE-2021-22901: TLS session caching disaster * Changes: - configure: make the TLS library choice(s) explicit - curl: ignore options asking for SSLv2 or SSLv3 - hsts: enable by default - SSL: support in-memory CA certs for some backends - vtls: refuse setting any SSL version * Bugfixes: - configure: provide --with-openssl, deprecate --with-ssl - cookie: CURLOPT_COOKIEFILE set to NULL switches off cookies - curl: include libmetalink version in --version output - data_pending: check only SECONDARY socket for FTP(S) transfers - gnutls: don't allow TLS 1.3 for versions that don't support it - gnutls: make setting only the MAX TLS allowed version work - http2: fix resource leaks in set_transfer_url() and push_promise() - http: limit the initial send amount to used upload buffer size - rustls: only return CURLE_AGAIN when TLS session is fully drained - rustls: use ALPN - schannel: Disable auto credentials; add an option to enable it - schannel: Support strong crypto option - sectransp: allow cipher name to be specified - sockfilt: avoid getting stuck waiting for writable socket ==== gnutls ==== Version update (3.7.1 -> 3.7.2) - Update to version 3.7.2 * Added Linux kernel AF_ALG based acceleration * Fixed timing of early data exchange * The priority string option DISABLE_TLS13_COMPAT_MODE was added to disable TLS 1.3 middlebox compatibility mode * The GNUTLS_NO_EXPLICIT_INIT envvar has been renamed to GNUTLS_NO_IMPLICIT_INIT to reflect the purpose * certtool: * When signing a CSR, CRL distribution point (CDP) is no longer copied from the signing CA by default * When producing certificates and certificate requests, subject DN components that are provided individually will now be ordered by assumed scale - Rework the crypto-policies dependencies in libraries [bsc#1186385] ==== helm ==== Version update (3.5.4 -> 3.6.0) - Update to version 3.6.0: * bump version to v3.6.0 * chore: update testdata to use the new ingress template * feat: add networking.k8s.io/v1 support to ingress template * Moving myself to maintainer emeritus * upgrade to kubernetes 1.21 * Fix capabilities changes leaking into other tests * Add tests for template --kube-version * feat(helm): Support setting --kube-version * fix(ci) update ci to use main branch * Update references to default branch name as it has changed to main * Add ReadyChecker to decouple ready check logic from --wait * chore(deps): Bump github.com/deislabs/oras from v0.10.0 to v0.11.1 and drop replace * Add/update deprecation notices * Wrap validation error instead of recreating * Move default to avoid nil check * Add name validation rules for object kinds * Improve description for version flag. * chore: Spelling (#9410) * chore(deps): Bump k8s.io/klog/v2 from 2.5.0 to 2.8.0 * chore(deps): Bump github.com/containerd/containerd from 1.4.3 to 1.4.4 * chore(deps): Bump github.com/lib/pq from 1.9.0 to 1.10.0 * Bump github.com/spf13/cobra from 1.1.1 to 1.1.3 * Cleanup mpodule dependencies * feat(comp): Uninstall accepts multiple releases * new key for technosophos (#9478) * chore(deps): Bump github.com/sirupsen/logrus from 1.7.0 to 1.8.1 * add flag trimpath in the go build command * stick to 0.20.4 * updated unit tests to conform with helm best practices * corrected order of helm lint coalescing of multiple values files * upgrade to v0.21.0-beta.0 * Fix the example for --time-format flag * Use kube libraries v0.20.4 * Added s390x support to get script * add test to ensure OCIGetter registryClient is set * initialize registry client in oci getter * feat(comp): Add descriptions for output format * feat(comp): Add descriptions for --version comp * feat(comp): Add descriptions for revision comp * feat(comp): Add descriptions for kube-context comp * feat(comp): Add descriptions for plugin completion * feat(comp): Add descriptions for release name comp * feat(comp): Improve completion for plugin commands * fix(cmd): Show that flags can be used for zsh/fish * use relative linking * formatting * more words * keep it concise * docs(CONTRIBUTING): writing a HIP * update test expectation for new template error string * Add darwin/arm64 (Apple Silicon) support * fix windows tests * fix(test): Increase golangci-lint timeout * fix(helm): get/get-helm-3 whitespace support in runAsRoot * fix release sha256 * feat(comp): Completion for the docs --type flag * Bump github.com/jmoiron/sqlx from 1.2.0 to 1.3.1 * Updating golangci-lint to 1.36.0 * chore(go.mod): bump Masterminds/{spring,goutils} and deislabs/oras * fix(*): Validate metadata semver and printable characters * Bump github.com/mitchellh/copystructure from 1.0.0 to 1.1.1 * closes #9312 * Fix-9253: Change the deprecated charts repo URL in release notes * Fix `helm list --offset` cli help string * Define GPG_PUBRING to make pubring configurable * Bump github.com/mattn/go-shellwords from 1.0.10 to 1.0.11 * Bump k8s.io/klog/v2 from 2.4.0 to 2.5.0 * Upgrade to oras v0.9.0 (#9269) * use kube libraries v0.20.2 * print warning message instead of debug message when ~/.config exists but is not accessible * Update default ingress values section to correspond with template * chore(Makefile): add target to generate golden files * Fix dep build with OCI based charts * Fix typo in comment * bump version to * fix(Makefile): rebuild the binary if go.mod has changed * fix(pkg/storage): If storage.Create fails to clean up recent release versions, return an error * test(pkg/storage): Verify that storage.Create returns an error if it fails to clean up least-recent release versions * Bump github.com/containerd/containerd from 1.3.4 to 1.4.3 * Improve the console output for resource policy keep to align with helm2. ==== kmod ==== Version update (28 -> 29) Subpackages: libkmod2 - /usr/lib should override /lib where both are available. Support /usr/lib for depmod.d as well. * Refresh usr-lib-modprobe.patch - Remove test patches included in release 29 - kmod-populate-modules-Use-more-bash-more-quotes.patch - kmod-testsuite-compress-modules-if-feature-is-enabled.patch - kmod-also-test-xz-compression.patch - Update to release 29 * Fix `modinfo -F` not working for built-in modules and certain fields. * Fix a memory leak, overflow and double free on error path. - Drop 0001-Fix-modinfo-F-always-shows-name-for-built-ins.patch, 0001-libkmod-config-revamp-kcmdline-parsing-into-a-state-.patch, 0002-libkmod-config-re-quote-option-from-kernel-cmdline.patch (all merged) ==== libX11 ==== Subpackages: libX11-6 libX11-data - U_Check-for-NULL-strings-before-getting-their-lengths.patch * regression in libX11 1.7.1 (boo#1186643) fixes segfaults for xforms applications like fdesign ==== libcap ==== - Fix a broken symlink. libcap-devel installs libpsx.so but didn't install the library it's pointing to. ==== libmodulemd ==== Version update (2.12.0 -> 2.12.1) - Updated to 2.12.1 This is a bug-fix release fully compatible with the previous 2.12.0 version. Notable changes: Enhancements: - Improve diagnostic messages for compression tests. - Tests performed in a GitHub continues integration are faster. - Use GitHub actions to perform CI tests also on ArchLinux, Mageia, Mandriva, and OpenSUSE. Fixes: - Relax context value up to 13 characters including an underscore character in modulemd v2 format. This reenables scratch-builds in MBS. Migrate Packit tests from a deprecated current_version_command to a newer actions/get-current-version. ==== libtasn1 ==== Version update (4.16.0 -> 4.17.0) - libtasn1 4.17.0: * Print deprecation messages for deprecated macros * Fix some clang issues due to illegal pointers * Restore handling of SIZE nodes * Fix memory leak caught by oss-fuzz * Gtk-doc fixes * Fix bugs unveiled by Static Analysis * Update gnulib files and many build fixes - move tools to -tools packages and clarify licenses - update upstream signing keyring - remove deprecated texinfo packaging macros ==== openssl ==== - Provide openssl(cli) by the meta package: Together with the suggests openssl in the base patterns, any consumer of this symbols should get the openssl meta package as candidate, which allows us to easier change the recommended default version. ==== pcre2 ==== Version update (10.36 -> 10.37) - pcre2 10.37: * removal of the actual POSIX names regcomp etc. from the POSIX wrapper library because these have caused issues for some applications, replacing pcre2-symbol-clash.patch * fix a hypothetical NULL dereference * fix two bugs related to over-large numbers so the behaviour is now the same as Perl * Fix propagation of \K back from the full pattern recursion * Restore single character repetition optimization in JIT ==== vim ==== Version update (8.2.2850 -> 8.2.2918) Subpackages: vim-data-common vim-small - Updated to version 8.2.2918, fixes the following problems * Using mapping on the command line triggers CmdlineChanged. (Naohiro Ono) * Configure can add --as-needed a second time. * Window is not updated after using mapping. * Custom statusline cannot contain % items. * White space after "->" does not give E274. * Get readonly error for device that can't be written to. * Vim9: exception in ISN_INSTR caught at wrong level. * Test fails because of changed error message. * Tcl test fails because of changed error message. * Adding a text property causes the whole window to be redawn. * Vim9: "legacy return" is not recognized as a return statement. * Removing a text property causes the whole window to be redawn. * Removing a text property does not redraw optimally. * Vim9: crash when using inline function. * Skipping over function body fails. * Vim9: memory leak when using inline function. * Build failure. * Vim9: When executing a compiled expression the trylevel at start is changed but not restored. (closes #8214) * Using unified diff is not tested. * CmdlineChange event triggered twice for CTRL-R. * Unnessary VIM_ISDIGIT() calls, badly indented code. * Python tests fail without the channel feature. * Not enough tests for writing buffers. * Cancelling inputlist() after a digit does not return zero. * Configure cannot detect Python 3.10. * Insufficient tests for popup menu rightleft. * Vim9: for loop list unpack only allows for one "_". * File extension .hsig not recognized. * Unified diff fails if actually used. * Various pieces of code not covered by tests. * Vim9: memory leak when lambda has an error. * Not enough cscope code is covered by tests. * searching for \%'> does not match linewise end of line. (Tim Chase) * Various pieces of code not covered by tests. * Crash when passing null string to fullcommand(). * Vim9: "k" command recognized in Vim9 script. * Typo and verbose comment in Makefiles. * Text property duplicated when data block splits. * Cannot build with Perl 5.34. * Error message contains random characters. * Multi-byte text in popup title shows up wrong. * Vim9: random characters appear in some error messages. * Spellfile functionality not fully tested. * Vim9: can use reserved words at the script level. * QuitPre and ExitPre not triggered when GUI window is closed. * Appveyor script does not detect nmake failure. * QuitPre is triggered before :wq writes the file, which is different from other commands. * Some operators not fully tested. * Spellfile functionality not fully tested. * Cursor position wrong on wrapped line with 'signcolumn'. * "g$" causes scroll if half a double width char is visible. * No error when defaults.vim cannot be loaded. * ASAN reports errors for test_startup for unknown reasons. * Memory leak when running out of memory. * Crash when using a terminal popup window from the cmdline window. * Build error with non-Unix system. * Test for cmdline window and terminal fails on MS-Windows. * Pattern "\%V" does not match all of block selection. (Rick Howe) * MS-Windows: most users expect using Unicode. * MS-Windows conpty supports using mouse events. * Cannot paste a block without adding padding. * Operators are not fully tested. * Spellfile functionality not fully tested. * Builtin function can be shadowed by global variable. ==== wget ==== - When running recursively, wget will verify the length of the whole URL when saving the files. This will make it overwrite files with truncated names, throwing the "The name is too long, ... trying to shorten" messages. The patch moves the length check code to a separate function and call it from the append_dir_structure() for each path element. [ bsc#1181173, 0001-src-main.c-Introduce-truncate_filename-option.patch] - If wget for an http URL is redirected to a different site (hostname parts of URLs differ), then any "Authenticate" and "Cookie" header entries are discarded. [bsc#1175551, wget-do-not-propagate-credentials.patch] ==== xen ==== Version update (4.14.1_16 -> 4.15.0_01) - Add xen.sysconfig-fillup.patch to make sure xencommons is in a format as expected by fillup. (bsc#1185682) Each comment needs to be followed by an enabled key. Otherwise fillup will remove manually enabled key=value pairs, along with everything that looks like a stale comment, during next pkg update - Remove init.xen_loop and /etc/modprobe.d/xen_loop.conf The number of loop devices is unlimited since a while - Refresh xenstore-launch.patch to cover also daemon case - Now that SOURCE_DATE_EPOCH is defined and Xen Makefile uses it, drop reproducible.patch - Update to Xen 4.15.0 FCS release xen-4.15.0-testing-src.tar.bz2 * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0. * Xen now supports Viridian enlightenments for guests with more than 64 vcpus. * Xenstored and oxenstored both now support LiveUpdate (tech preview). * Unified boot images * Switched x86 MSR accesses to deny by default policy. * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format. * Support for zstd-compressed dom0 (x86) and domU kernels. * Reduce ACPI verbosity by default. * Add ucode=allow-same option to test late microcode loading path. * Library improvements from NetBSD ports upstreamed. * x86: Allow domains to use AVX-VNNI instructions. * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts. * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend. * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging. * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests. - Dropped patches contained in new tarball 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch 5fedf9f4-x86-hpet_setup-fix-retval.patch 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch 5ff71655-x86-dpci-EOI-regardless-of-masking.patch 5ffc58c4-ACPI-reduce-verbosity-by-default.patch 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch 600999ad-x86-dpci-do-not-remove-pirqs-from.patch 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch 6011bbc7-x86-timer-fix-boot-without-PIT.patch 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch 6013e546-x86-HVM-reorder-domain-init-error-path.patch 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch 602bd768-page_alloc-only-flush-after-scrubbing.patch 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch 60787714-x86-HPET-avoid-legacy-replacement-mode.patch 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch 60410127-gcc11-adjust-rijndaelEncrypt.patch 60422428-x86-shadow-avoid-fast-fault-path.patch 604b9070-VT-d-disable-QI-IR-before-init.patch 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch libxc-bitmap-longs.patch libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch libxl.fix-libacpi-dependency.patch stubdom-have-iovec.patch xenwatchdogd-options.patch ==== yast2 ==== Version update (4.4.5 -> 4.4.9) - AutoYaST: SectionWithAttributes allows to indicate whether an attribute accepts blank values (related to jsc#PM-2620). - 4.4.9 - revert disable of hibernation based on product and virtual machines (bsc#1184470) - 4.4.8 - Improve Yast2::Equatable mixin making the #hash method to be fine tuned easelly (related to bsc#11806082). - 4.4.7 - Added some names to the list of parameters handled by CFA for the login.defs configuration (related to jsc#PM-2620). - 4.4.6