Packages changed: apparmor cni-plugins (0.7.4 -> 0.8.1) libcontainers-common libgcrypt patterns-microos tallow update-checker vim (8.1.1330 -> 8.1.1467) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751) ==== cni-plugins ==== Version update (0.7.4 -> 0.8.1) - Updated plugins to v0.8.1: + Bugs: * bridge: fix ipMasq setup to use correct source address * fix compilation error on 386 * bandwidth: get bandwidth interface in host ns through container interface + Improvements: * Release: bump go to v1.12 * host-device: add pciBusID property - Drop patches merged upstream: + 0001_use_Go_facilities_to_get_a_socket.patch - Updated plugins to v0.8.0: + New plugins: * bandwidth - limit incoming and outgoing bandwidth * firewall - add containers to firewall rules * sbr - convert container routes to source-based routes * static - assign a fixed IP address * win-bridge, win-overlay: Windows plugins + Plugin features / changelog: * CHECK Support * macvlan: - Allow to configure empty ipam for macvlan - Make master config optional * bridge: - Add vlan tag to the bridge cni plugin - Allow the user to assign VLAN tag - L2 bridge Implementation. * dhcp: - Include Subnet Mask option parameter in DHCPREQUEST - Add systemd unit file to activate socket with systemd - Add container ifName to the dhcp clientID, making the clientID value * flannel: - Pass through runtimeConfig to delegate * host-local: - host-local: add ifname to file tracking IP address used * host-device: - Support the IPAM in the host-device - Handle empty netns in DEL for loopback and host-device * tuning: - adds 'ip link' command related feature into tuning + Bug fixes & minor changes * Correctly DEL on ipam failure for all plugins * Fix bug on ip revert if cmdAdd fails on macvlan and host-device * host-device: Ensure device is down before rename * Fix -hostprefix option * some DHCP servers expect to request for explicit router options * bridge: release IP in case of error * change source of ipmasq rule from ipn to ip + Build fixes: * test: add coveralls support * plugins: correctly output build version, cosmetic cleanups * Move Windows tests to Travis - from version v0.7.5: + This release takes a minor change to the portmap plugin: * Portmap: append, rather than prepend, entry rules + This fixes a potential issue where firewall rules may be bypassed by port mapping - Include patch to fix the build on i586: + 0001_use_Go_facilities_to_get_a_socket.patch - Use new build_linux.sh script instead of removed build.sh ==== libcontainers-common ==== - Add util-linux and grep as Requires(post) to ensure btrfs config gets made correctly ==== libgcrypt ==== - do not try to open /dev/urandom if getrandom() works * Added libgcrypt-1.8.4-getrandom.patch - Drop libgcrypt-init-at-elf-load-fips.patch obsoleted by libgcrypt-1.8.3-fips-ctor.patch - Restored libgcrypt-binary_integrity_in_non-FIPS.patch sans section that was partially causing bsc#1131183. - Fixed race condition in multi-threaded applications by allowing a FSM state transition to the current state. This means some tests are run twice. * Added libgcrypt-1.8.4-allow_FSM_same_state.patch - Fixed an issue in malloc/free wrappers so that memory created by the malloc() wrappers will be destroyed using the free() wrappers. * Added libgcrypt-1.8.4-use_xfree.patch - removed libgcrypt-binary_integrity_in_non-FIPS.patch since it was breaking libotr. bsc#1131183 - libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests are invoked as well as the state transition, adjust the code so a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) * update libgcrypt-binary_integrity_in_non-FIPS.patch - Enforce the minimal RSA keygen size in fips mode (bsc#1125740) * add libgcrypt-fips_rsa_no_enforced_mode.patch - Don't run full self-tests from constructor (bsc#1097073) * Don't call global_init() from the constructor, _gcry_global_constructor() from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary integrity check instead. * Only the binary checksum will be verified, the remaining self-tests will be run upon the library initialization - Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch - Drop libgcrypt-init-at-elf-load-fips.patch and libgcrypt-fips_run_selftest_at_constructor.patch obsoleted by libgcrypt-1.8.3-fips-ctor.patch - Skip all the self-tests except for binary integrity when called from the constructor (bsc#1097073) * Added libgcrypt-1.8.3-fips-ctor.patch from Fedora ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Add bcache-tools to DVD [bsc#1136815] ==== tallow ==== - Add PreRequires for systemd macros ==== update-checker ==== - Add coreutils PreRequires for systemd service macros ==== vim ==== Version update (8.1.1330 -> 8.1.1467) Subpackages: vim-data-common - Updated to version 8.1.1467, fixes the following problems * Test 29 is old style. * Cannot flush change listeners without also redrawing. The line numbers in the list of changes may become invalid. * Text properties don't always move after changes. * When buffer is hidden "F" in 'shortmess' is not used. * Listener callback is called after inserting text. * Some eval functionality is not covered by tests. * Get empty text prop when splitting line just after text prop. * Hang when concealing the '>' shown for a wide char that doesn't fit in the last cell. * Installer needs to product name et al. * Attributes from 'cursorline' overwrite textprop. * Text properties are lost when joining lines. * Using freed memory when joining line with text property. * Text properties not adjusted for Visual block mode delete. * Coverity complains about possibly using a NULL pointer and copying a string into a fixed size buffer. * Stuck in sandbox with ":s/../\=Function/gn". * Error for Python exception does not show useful info. * Fractional scroll position not restored after closing window. * Running tests may cause the window to move. * If writing runs into a conversion error the backup file is deleted. * "W" for wrapping not shown when more than 99 matches. * Text property wrong after :substitute. * Undofile() reports wrong name. (Francisco Giordano) * Undo test fails on Mac. * Getting a list of text lines is clumsy. * Obvious mistakes are accepted as valid expressions. * Some text in heredoc assignment ends the text. (Ozaki Kiichi) * Test 37 is old style. * Cannot enter character with a CSI byte. * Text property wrong after :substitute with backslash. * Buffer left 'nomodifiable' after :substitute. (Ingo Karkat) * Python setuptools don't work with Python 3. * Code and data in tests can be hard to read. * ":vert options" does not make a vertical split. * Design for popup window support needs more details. * Source command doesn't check for the sandbox. CVE-2019-12735 boo#1137443 * Using expressions in a modeline is unsafe. * can set 'modelineexpr' in modeline. * Modeline test fails with python but without pythonhome. * Get E484 when using system() during GUI startup. * Not using the new github feature for donations. * Cannot recover from a swap file. * When evaluating 'statusline' the current window is unknown. (Daniel Hahler) * "[p" in Visual mode puts in wrong line. * Check for file changed triggers too often. * Without "TS" in 'shortmess' get a hit-enter prompt often. * Warnings for size_t/int mixups. * MS-Windows GUI uses wrong shell command for bash. (Robert Bogomip) * Delete() can not handle a file name that looks like a pattern. * Filechanged test hangs. * MS-Windows building VIMDLL with MSVC: SUBSYSTEM is not set. * MS-Windows: missing build dependency. * Error when editing test file. * Warning for size_t/int mixup. * Using "int" for alloc() often results in compiler warnings. * Signed/unsigned compiler warning. * Unessesary type casts for lalloc(). * Calling prop_add() in an empty buffer doesn't work. (Dominique Pelle) * Errors when calling prop_remove() for an unloaded buffer. * Changes are not flushed when end and start overlap. (Paul Jolly) * Search stats are off when using count or offset. * No popup window support. * Build failure in tiny version. * Unnecessary type casts. * Not restoring t_F2 in registers test. * Saving for undo may access invalid memory. (Dominique Pelle) * 'wincolor' does not apply to lines below the buffer. * Build fails in tiny version. * Duplicate line in MSVC build file. * Popup windows not adjusted when switching tabs. * Using global pointer for tab-local popups is clumsy. * Misspelled mkspellmem as makespellmem. * "timer" option of popup windows not supported. * Cannot build without the timer feature. * Cannot change the patch level when building with NSIS. * "highlight" option of popup windows not supported. * popup_hide() and popup_show() not implemented yet. * Popup_create() does not support text properties. * PFL_HIDDEN conflicts with system header file. * Coverity warns for using uninitialized memory. * Popup_move() is not implemented yet. * Coverity warns for divide by zero. * Test 30 is old style. * Error when the drive of the swap file was disconnected. * Alloc() returning "char_u *" causes a lot of type casts. * Build error in MS-Windows GUI. * Popup_getposition() not implemented yet. * MS-Windows: resolve() does not resolve all components of the path. * Win_execute() is not implemented yet. * Listener callbacks may be called recursively. * Popup window size only uses first line length. * Drawing "~" line in popup window. * Popup_getoptions() not implemented yet. * Popup windows use options from current window and buffer. * Crash when popup menu is deleted while waiting for char. * Win_execute() does not set window pointers properly. * No test for syntax highlight in popup window. * Popup window screenshot test fails. * Popup_atcursor() not implemented yet. * "pos" option of popup window not supported yet. * Popup window option "wrap" not supported. * Popup window listed as "Scratch". * Can't build with eval feature. * Win_execute() may leave popup window focused, eventually leading to a crash. * Test 3 is old style. * Memory usage test is a bit too flaky. * Writefile test fails when run under /tmp. * Code to handle callbacks is duplicated. * Some commands cause trouble in a popup window. * Json_encode() is very slow for large results. * Win_execute() test fails. * Popup window filter not yet implemented. * Popup windows not considered when the Vim window is resized. * Popup window padding and border not implemented yet. * Not using double line characters for popup border. * Popup window border highlight not implemented yet. * Popup window callback not implemented yet. * Not allowed to create an empty popup. * Statusline is sometimes drawn on top of popup. * Popup text truncated at end of screen. * Popup window positioning wrong when using padding or borders. * CTRL-L does not clear screen with a popup window. * Line and col property of popup windows not properly checked. * Popup window "moved" property not implemented yet. * Build failure without the conceal feature. * Popup_atcursor() not completely implemented. * WinBar not redrawn after scrolling one line. * Cannot reuse a buffer when loading a screen dump. * Crash when using gtags. (issue #4102) * Popup window border looks bad when 'ambiwidth' is "double". * Popup window border characters may be wrong. * Tests do not run or are not reliable on some systems. * MS-Windows: using special character requires quoting. * Gcc warns for uninitialized variable. * Only 4-digit rgb termresponse is recognized. * Allocating wrong amount of memory. (Yegappan Lakshmanan) * Not updating priority on existing sign. * Cscope test fails.