- aaa_base
-
- fix (bsc#1194883) - aaa_base: Set net.ipv4.ping_group_range to
allow ICMP ping
- added patches
+ git-40-d004657a244d75b372a107c4f6097b42ba1992d5.patch
- Port change from Thu Sep 30 08:51:55 UTC 2022 forword to
current version which includes a rename of patch
git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
to
git-43-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
as otherwise autopatch macro does not work anymore
- Include all fixes and changes for systemwide inputrc to remove
the 8 bit escape sequence which interfere with UTF-8 multi byte
characters as well as support the vi mode of readline library.
This is done with the patches
* git-41-f00ca2600331602241954533a1b1610d1da57edf.patch
* git-42-f39a8d18719c3b34373e0e36098f0f404121b5c5.patch
before the changed patch
git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
rename it to
git-43-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
and also add the patches
* git-44-425f3e9b44ba9ead865d70ff6690d5f2869442dc.patch
* git-45-bf0a31597d0ed3562bfc5e6be0ade2fe5dc1f7a1.patch
- apache2
-
- modified patches
% apache2-CVE-2022-23943.patch (refreshed)
- security update
- added patches
fix CVE-2022-23943 [bsc#1197098], heap out-of-bounds write in mod_sed
+ apache2-CVE-2022-23943.patch
fix CVE-2022-22720 [bsc#1197095], HTTP request smuggling due to incorrect error handling
+ apache2-CVE-2022-22720.patch
fix CVE-2022-22719 [bsc#1197091], use of uninitialized value of in r:parsebody in mod_lua
+ apache2-CVE-2022-22719.patch
fix CVE-2022-22721 [bsc#1197096], possible buffer overflow with very large or unlimited LimitXMLRequestBody
+ apache2-CVE-2022-22721.patch
- security update
- augeas
-
- support new chrony 4.1 options (jsc#SLE-17334)
augeas-new_options_for_chrony.patch
- avahi
-
- Downgrade python3-Twisted to a Recommends. It is not available
on SLED or PackageHub, and it is only needed by avahi-bookmarks
(bsc#1196282).
- Add avahi-bookmarks-import-warning.patch: fix warning when
twisted is not available.
- Replace avahi-0.6.31-systemd-order.patch with
avahi-add-resolv-conf-to-inotify.patch: re-read configuration
when resolv.conf changes, per discussion on the bug
(boo#1194561).
- Have python3-avahi require python3-dbus-python, not the
python 2 dbus-1-python package (bsc#1195614).
- Reinstate avahi-0.6.31-systemd-order.patch (boo#1194561).
This can probably go away if/when gh#lathiat/avahi#118 is fixed.
- Drop avahi-0.6.32-suppress-resolv-conf-warning.patch: we should
no longer need this given the above patch.
- Move sftp-ssh and ssh services to the doc directory. They allow
a host's up/down status to be easily discovered and should not
be enabled by default (boo#1179060).
- bind
-
- When using forwarders, bogus NS records supplied by, or via, those
forwarders may be cached and used by named if it needs to recurse
for any reason, causing it to obtain and pass on potentially
incorrect answers.
[CVE-2021-25220, bsc#1197135, bind-9.16.27-0001-CVE-2021-25220.patch]
- cloud-init
-
- systemctl location (bsc#1193531)
- Add cloud-init-sysctl-not-in-bin.patch
- The sytemctl executable is not necessarily in '/bin'
- Remove unneeded BuildRequires on python3-nose.
- cloud-regionsrv-client
-
- Update to version 10.0.2
+ Fix name of logfile in error message
+ Fix variable scoping to properly detect registration error
+ Cleanup any artifacts on registration failure
+ Fix latent bug with /etc/hosts population
+ Do not throw error when attemting to unregister a system that is not
registered
+ Skip extension registration if the extension is recommended by the
baseproduct as it gets automatically installed
- Update to version 10.0.1 (bsc#1197113)
+ Provide status feedback on registration, success or failure
+ Log warning message if data provider is configured but no data
can be retrieved
- Update -addon-azure to 1.0.3 follow up fix for (bsc#1195414, bsc#1195564)
+ The repo enablement timer cannot depend on guestregister.service
- crash
-
- Fix module loading (bsc#1190743 ltc#194414).
+ crash-mod-fix-module-object-file-lookup.patch
- expat
-
* (CVE-2022-25236, bsc#1196784) [>=2.4.5] Fix to CVE-2022-25236
breaks biboumi, ClairMeta, jxmlease, libwbxml,
openleadr-python, rnv, xmltodict
- Added expat-CVE-2022-25236-relax-fix.patch
- Security fixes:
- filesystem
-
- Add /lib/modprobe.d (bsc#1196275, jsc#SLE-20639)
- glibc
-
- pthread-rwlock-trylock-stalls.patch: nptl: Fix pthread_rwlock_try*lock
stalls (bsc#1195560, BZ #23844)
- clnt-create-unix-overflow.patch: Buffer overflow in sunrpc clnt_create
for "/unix"/ (CVE-2022-23219, bsc#1194768, BZ #22542)
- svcunix-create-overflow.patch: Buffer overflow in sunrpc svcunix_create
(CVE-2022-23218, bsc#1194770, BZ #28768)
- getcwd-erange.patch: getcwd: Set errno to ERANGE for size == 1
(CVE-2021-3999, bsc#1194640, BZ #28769)
- pop-fail-stack.patch: Assertion failure in pop_fail_stack when executing
a malformed regexp (CVE-2015-8985, bsc#1193625, BZ #21163)
- java-11-openjdk
-
- Update to upstream tag jdk-11.0.14.1+1
* Changes:
+ JDK-8280786: Build failure on Solaris after 8262392
+ JDK-8218546: Unable to connect to https://google.com using
java.net.HttpClient
+ JDK-8281324: Bump update version for OpenJDK: jdk-11.0.14.1
- Update to upstream tag jdk-11.0.14+9 (January 2022 CPU)
* New features
+ JDK-8248238: Implementation: JEP 388: Windows AArch64 Support
* Security fixes
+ JDK-8217375: jarsigner breaks old signature with long lines
in manifest
+ JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if
zip has dir named "/."/ inside
+ JDK-8264934, CVE-2022-21248, bnc#1194926: Enhance cross VM serialization
+ JDK-8268488: More valuable DerValues
+ JDK-8268494: Better inlining of inlined interfaces
+ JDK-8268512: More content for ContentInfo
+ JDK-8268795: Enhance digests of Jar files
+ JDK-8268801: Improve PKCS attribute handling
+ JDK-8268813, CVE-2022-21283, bnc#1194937: Better String matching
+ JDK-8269151: Better construction of EncryptedPrivateKeyInfo
+ JDK-8269944: Better HTTP transport redux
+ JDK-8270386, CVE-2022-21291, bsc#1194925: Better verification
of scan methods
+ JDK-8270392, CVE-2022-21293, bsc#1194935: Improve String
constructions
+ JDK-8270416, CVE-2022-21294, bsc#1194934: Enhance construction
of Identity maps
+ JDK-8270492, CVE-2022-21282, bsc#1194933: Better resolution of
URIs
+ JDK-8270498, CVE-2022-21296, bsc#1194932: Improve SAX Parser
configuration management
+ JDK-8270646, CVE-2022-21299, bsc#1194931: Improved scanning of
XML entities
+ JDK-8270952, CVE-2022-21277, bsc#1194930: Improve TIFF file
handling
+ JDK-8271962: Better TrueType font loading
+ JDK-8271968: Better canonical naming
+ JDK-8271987: Manifest improved manifest entries
+ JDK-8272014, CVE-2022-21305, bsc#1194939: Better array
indexing
+ JDK-8272026, CVE-2022-21340, bsc#1194940: Verify Jar
Verification
+ JDK-8272236, CVE-2022-21341, bsc#1194941: Improve serial forms
for transport
+ JDK-8272272: Enhance jcmd communication
+ JDK-8272462: Enhance image handling
+ JDK-8273290: Enhance sound handling
+ JDK-8273756, CVE-2022-21360, bsc#1194929: Enhance BMP image
support
+ JDK-8273838, CVE-2022-21365, bsc#1194928: Enhanced BMP
processing
+ JDK-8274096, CVE-2022-21366, bsc#1194927: Improve decoding of
image files
+ JDK-8279541: Improve HarfBuzz
* Other changes
+ JDK-6849922: java/awt/Choice/ChoiceKeyEventReaction/
/ChoiceKeyEventReaction.html fails
+ JDK-7105119: [TEST_BUG] [macosx] In test
UIDefaults.toString() must be called with the invokeLater()
+ JDK-7151826: [TEST_BUG] [macosx] The test
javax/swing/JPopupMenu/4966112/bug4966112.java not for mac
+ JDK-7179006: [macosx] Print-to-file doesn't work: printing to
the default printer instead
+ JDK-8015602: [macosx] Test javax/swing/SpringLayout/4726194/
/bug4726194.java fails on MacOSX
+ JDK-8034084: nsk.nsk/jvmti/ThreadStart/threadstart003 Wrong
number of thread end events
+ JDK-8039261: [TEST_BUG]: There is not a minimal security
level in Java Preferences and the TestApplet.html is blocked.
+ JDK-8047218: [TEST_BUG] java/awt/FullScreen/AltTabCrashTest/
/AltTabCrashTest.java fails with exception
+ JDK-8075909: [TEST_BUG] The regression-swing case failed as
it does not have the 'Open' button when select 'subdir' folder
with NimbusLAF
+ JDK-8078219: Verify lack of @test tag in files in java/net
test directory
+ JDK-8080569: java/lang/ProcessBuilder/DestroyTest.java fails
with "/RuntimeException: Process terminated prematurely"/
+ JDK-8081652: [TESTBUG] java/lang/management/ThreadMXBean/
/ThreadMXBeanStateTest.java timed out intermittently
+ JDK-8129310: java/net/Socket/asyncClose/AsyncClose.java fails
intermittently
+ JDK-8131745: java/lang/management/ThreadMXBean/
/AllThreadIds.java still fails intermittently
+ JDK-8136517: [macosx] Test java/awt/Focus/8073453/
/AWTFocusTransitionTest.java fails on MacOSX
+ JDK-8137101: [TEST_BUG] javax/swing/plaf/basic/BasicHTML/
/4251579/bug4251579.java failure due to timing
+ JDK-8143021: [TEST_BUG] Test javax/swing/JColorChooser/
/Test6541987.java fails
+ JDK-8159597: [TEST_BUG] closed/javax/swing/JPopupMenu/4760494/
/bug4760494.java leaves key pressed
+ JDK-8159904: [TEST_BUG] Failure on solaris of
java/awt/Window/MultiWindowApp/MultiWindowAppTest.java
+ JDK-8163086: java/awt/Window/TranslucentJAppletTest/
/TranslucentJAppletTest.java fails
+ JDK-8165828: [TEST_BUG] The reg case: javax/swing/plaf/metal/
/MetalIcons/MetalHiDPIIconsTest.java failed as No Metal Look
and Feel
+ JDK-8169953: JComboBox/8057893: ComboBoxEdited event is not
fired! on Windows
+ JDK-8169954: JFileChooser/8021253: java.lang.RuntimeException:
Default button is not pressed
+ JDK-8169959: javax/swing/JTable/6263446/bug6263446.java:
Table should be editing
+ JDK-8171381: [TEST_BUG] [macos] javax/swing/JPopupMenu/
/7156657/bug7156657.java fails on OS X
+ JDK-8171998: javax/swing/JMenu/4692443/bug4692443.java fails
on Windows
+ JDK-8174819: java/nio/file/WatchService/LotsOfEvents.java
fails intermittently
+ JDK-8179880: Refactor javax/security shell tests to plain
java tests
+ JDK-8180568: Refactor javax/crypto shell tests to plain java
tests
+ JDK-8180569: Refactor sun/security/krb5/ shell tests to plain
java tests
+ JDK-8180571: Refactor sun/security/pkcs11 shell tests to
plain java tests and fix failures
+ JDK-8180573: Refactor sun/security/tools shell tests to plain
java tests
+ JDK-8187649: ArrayIndexOutOfBoundsException in
java.util.JapaneseImperialCalendar
+ JDK-8190753: (zipfs): Accessing a large entry (> 2^31 bytes)
leads to a negative initial size for ByteArrayOutputStream
+ JDK-8195703: BasicJDWPConnectionTest.java: 'App exited
unexpectedly with 2'
+ JDK-8196096: javax/swing/JPopupMenu/6580930/bug6580930.java
fails
+ JDK-8197560: test javax/swing/JTree/8003400/Test8003400.java
fails
+ JDK-8197800: Test java/awt/Focus/NonFocusableWindowTest/
/NoEventsTest.java fails on Windows
+ JDK-8197811: Test java/awt/Choice/PopupPosTest/
/PopupPosTest.java fails on Windows
+ JDK-8198616: java/awt/Focus/6378278/InputVerifierTest.java
fails on mac
+ JDK-8198617: java/awt/Focus/6382144/EndlessLoopTest.java
fails on mac
+ JDK-8198619: java/awt/Focus/FocusTraversalPolicy/
/ButtonGroupLayoutTraversal/ButtonGroupLayoutTraversalTest.java
fails on mac
+ JDK-8198623: java/awt/KeyboardFocusmanager/TypeAhead/
/EnqueueWithDialogButtonTest/EnqueueWithDialogButtonTest.java
fails on mac
+ JDK-8198624: java/awt/KeyboardFocusmanager/TypeAhead/
/SubMenuShowTest/SubMenuShowTest.html fails on mac
+ JDK-8199138: Add RISC-V support to Zero
+ JDK-8199529: javax/swing/text/Utilities/8142966/
/SwingFontMetricsTest.java fails on windows
+ JDK-8201224: Make string buffer size dynamic in
mlvmJvmtiUtils.c
+ JDK-8202342: [Graal] fromTonga/nsk/jvmti/unit/
/FollowReferences/followref003/TestDescription.java fails with
"/Location mismatch"/ errors
+ JDK-8204161: [TESTBUG] auto failed with the "/Applet thread
threw exception: java.lang.UnsupportedOperationException"/
exception
+ JDK-8206085: Refactor
langtools/tools/javac/versions/Versions.java
+ JDK-8207936: TestZipFile failed with java.lang.AssertionError
exception
+ JDK-8208242: Add @requires to vmTestbase/gc/g1 tests
+ JDK-8209611: use C++ compiler for hotspot tests
+ JDK-8210182: Remove macros for C compilation from vmTestBase
but non jvmti
+ JDK-8210198: Clean up JNI_ENV_ARG for
vmTestbase/jvmti/Get[A-F] tests
+ JDK-8210205: build fails on AIX in hotspot cpp tests (for
example getstacktr001.cpp)
+ JDK-8210242: [TESTBUG] vmTestbase/nsk/stress/jni/
/jnistress001.java crashes with EXCEPTION_ACCESS_VIOLATION
on windows-x86
+ JDK-8210353: Move java/util/Arrays/TimSortStackSize2.java
back to tier1
+ JDK-8210385: Clean up JNI_ENV_ARG and factorize the macros
for vmTestbase/jvmti[A-N] tests
+ JDK-8210392: assert(Compile::current()->live_nodes() <
Compile::current()->max_node_limit()) failed: Live Node limit
exceeded limit
+ JDK-8210395: Add doc to SecurityTools.java
+ JDK-8210429: Clean up JNI_ENV_ARG for
vmTestbase/jvmti/Get[G-Z] tests
+ JDK-8210481: Remove #ifdef cplusplus from vmTestbase
+ JDK-8210593: Clean up JNI_ENV_ARG and factorize the macros
for vmTestbase/jvmti[N-R] tests
+ JDK-8210665: Clean up JNI_ENV_ARG and factorize the macros
for vmTestbase/jvmti[R-U] tests
+ JDK-8210689: Remove the multi-line old C style for string
literals
+ JDK-8210700: Clean up JNI_ENV_ARG and factorize the macros
for vmTestbase/jvmti/unit tests
+ JDK-8210726: Fix up a few minor nits forgotten by JDK-8210665
+ JDK-8210920: Native C++ tests are not using CXXFLAGS
+ JDK-8210984: [TESTBUG] hs203t003 fails with "/# ERROR:
hs203t003.cpp, 218: NSK_CPP_STUB2 ( ResumeThread, jvmti,
thread)"/
+ JDK-8211036: Remove the NSK_STUB macros from vmTestbase for
non jvmti
+ JDK-8211131: Remove the NSK_CPP_STUB macros from vmTestbase
for jvmti/[G-I]*
+ JDK-8211148: var in implicit lambdas shouldn't be accepted
for source < 11
+ JDK-8211171: move JarUtils to top-level testlibrary
+ JDK-8211227: Inconsistent TLS protocol version in debug output
+ JDK-8211261: Remove the NSK_CPP_STUB macros from vmTestbase
for jvmti/[A-G]*
+ JDK-8211432: [REDO] Handle JNIGlobalRefLocker.cpp
+ JDK-8211782: Remove the NSK_CPP_STUB macros from vmTestbase
for jvmti/[I-S]*
+ JDK-8211801: Remove the NSK_CPP_STUB macros from vmTestbase
for jvmti/scenarios/[A-E]
+ JDK-8211899: Remove the NSK_CPP_STUB macros from vmTestbase
for jvmti/scenarios/[E-M]
+ JDK-8211905: Remove multiple casts for EM06 file
+ JDK-8211999: Window positioning bugs due to overlapping
GraphicsDevice bounds (Windows/HiDPI)
+ JDK-8212082: Remove the NSK_CPP_STUB macros for remaining
vmTestbase/jvmti/[sS]*
+ JDK-8212083: Handle remaining gc/lock native code and fix two
strings
+ JDK-8212148: Remove remaining NSK_CPP_STUBs
+ JDK-8213110: Remove the use of applets in automatic tests
+ JDK-8213189: Make restricted headers in HTTP Client
configurable and remove Date by default
+ JDK-8213263: fix legal headers in test/langtools
+ JDK-8213296: Fix legal headers in test/jdk/java/net
+ JDK-8213301: Fix legal headers in jdk logging tests
+ JDK-8213305: Fix legal headers in test/java/math
+ JDK-8213306: Fix legal headers in test/java/nio
+ JDK-8213328: Update test copyrights in test/java/util/zip and
test/jdk/tools
+ JDK-8213330: Fix legal headers in i18n tests
+ JDK-8213707: [TEST] vmTestbase/nsk/stress/except/
/except011.java failed due to wrong class name
+ JDK-8214469: [macos] PIT: java/awt/Choice/
/ChoiceKeyEventReaction/ChoiceKeyEventReaction.java fails
+ JDK-8215410: Regression test for JDK-8214994
+ JDK-8215568: Refactor SA clhsdb tests to use ClhsdbLauncher
+ JDK-8215624: Add parallel heap iteration for jmap u2013histo
+ JDK-8215889: assert(!_unloading) failed: This oop is not
available to unloading class loader data with ZGC
+ JDK-8216318: The usage of Disposer in the java.awt.Robot can
be deleted
+ JDK-8216417: cleanup of IPv6 scope-id handling
+ JDK-8217377: javax/swing/JPopupMenu/6583251/bug6583251.java
failed with UnsupportedOperation exception
+ JDK-8217438: Adapt tools//launcher/Test7029048.java for AIX
+ JDK-8217633: Configurable extensions with system properties
+ JDK-8217882: java/net/httpclient/MaxStreams.java failed once
+ JDK-8217903: java/net/httpclient/Response204.java fails with
404
+ JDK-8218483: Crash in
"/assert(_daemon_threads_count->get_value() > daemon_count)
failed: thread count mismatch 5 : 5"/
+ JDK-8219986: Change to Xcode 10.1 for building on Macosx at
Oracle
+ JDK-8220575: Correctly format test URI's that contain a
retrieved IPv6 address
+ JDK-8221259: New tests for java.net.Socket to exercise long
standing behavior
+ JDK-8221305: java/awt/FontMetrics/MaxAdvanceIsMax.java fails
on MacOS + Solaris
+ JDK-8221902: PIT: javax/swing/JRadioButton/FocusTraversal/
/FocusTraversal.java fails on ubuntu
+ JDK-8221903: PIT: javax/swing/RepaintManager/IconifyTest/
/IconifyTest.java fails on ubuntu18.04
+ JDK-8222446: assert(C->env()->system_dictionary_modification_counter_changed())
failed: Must invalidate if TypeFuncs differ
+ JDK-8223137: Rename predicate 'do_unroll_only()' to
'is_unroll_only()'.
+ JDK-8223138: Small clean-up in loop-tree support.
+ JDK-8223139: Rename mandatory policy-do routines.
+ JDK-8223140: Clean-up in 'ok_to_convert()'
+ JDK-8223141: Change (count) suffix _ct into _cnt.
+ JDK-8223400: Replace some enums with static const members in
hotspot/runtime
+ JDK-8223658: Performance regression of XML.validation in
13-b19
+ JDK-8223923: C2: Missing interference with mismatched unsafe
accesses
+ JDK-8224829: AsyncSSLSocketClose.java has timing issue
+ JDK-8225083: Remove Google certificate that is expiring in
December 2021
+ JDK-8226514: Replace wildcard address with loopback or local
host in tests - part 17
+ JDK-8226943: compile error in libfollowref003.cpp with XCode
10.2 on macosx
+ JDK-8228442: DHKeyExchange/LegacyDHEKeyExchange.java failed
due to "/SSLException: An established connection was aborted by
the software in your host machine"/
+ JDK-8228508: [TESTBUG] java/net/httpclient/SmokeTest.java
fails on Windows7
+ JDK-8229935: [TEST_BUG]: bug8132119.java inconsistently
positions text
+ JDK-8230019: [REDO] compiler/types/correctness/* tests fail
with "/assert(recv == __null || recv->is_klass()) failed: wrong
type"/
+ JDK-8230067: Add optional automatic retry when running jtreg
tests
+ JDK-8230228: [TESTBUG] Several runtime/ErrorHandling tests
may fail on some platforms
+ JDK-8231501: VM crash in
MethodData::clean_extra_data(CleanExtraDataClosure*):
fatal error: unexpected tag 99
+ JDK-8233403: Improve verbosity of some httpclient tests
+ JDK-8233550: [TESTBUG] JTree tests fail regularly on MacOS
+ JDK-8233552: [TESTBUG] JTable Test bug7068740.java fails on
MacOS
+ JDK-8233553: [TESTBUG] JSpinner test bug4973721.java fails on
MacOS
+ JDK-8233555: [TESTBUG] JRadioButton tests failing on MacoS
+ JDK-8233556: [TESTBUG] JPopupMenu tests fail on MacOS
+ JDK-8233559: [TESTBUG] TestNimbusOverride.java is failing on
macos
+ JDK-8233560: [TESTBUG] ToolTipManager/Test6256140.java is
failing on macos
+ JDK-8233561: [TESTBUG] Swing text test bug8014863.java fails
on macos
+ JDK-8233562: [TESTBUG] Swing StyledEditorKit test
bug4506788.java fails on MacOS
+ JDK-8233564: [TESTBUG] MouseComboBoxTest.java is failing
+ JDK-8233566: [TESTBUG] KeyboardFocusManager tests failing on
MacoS
+ JDK-8233567: [TESTBUG] FocusSubRequestTest.java fails on macos
+ JDK-8233569: [TESTBUG] JTextComponent test bug6361367.java
fails on macos
+ JDK-8233570: [TESTBUG] HTMLEditorKit test bug5043626.java is
failing on macos
+ JDK-8233634: [TESTBUG] Swing text test bug4278839.java fails
on macos
+ JDK-8233635: [TESTBUG] ProgressMonitorEscapeKeyPress.java
fails on macos
+ JDK-8233637: [TESTBUG] Swing
ActionListenerCalledTwiceTest.java fails on macos
+ JDK-8233638: [TESTBUG] Swing test
ScreenMenuBarInputTwice.java fails on macos
+ JDK-8233641: [TESTBUG] JMenuItem test bug4171437.java fails
on macos
+ JDK-8233642: [TESTBUG] JMenuBar test bug 4750590.java fails
on macos
+ JDK-8233643: [TESTBUG] JMenu test bug4515762.java fails on
macos
+ JDK-8233644: [TESTBUG] JInternalFrame test bug8020708.java is
failing on macos
+ JDK-8233647: [TESTBUG] JColorChooser/Test8051548.java is
failing on macos
+ JDK-8234802: [TESTBUG] Test Right Mouse Button Drag Gesture
Recognition in all the platforms
+ JDK-8234823: java/net/Socket/Timeouts.java testcase
testTimedConnect2() fails on Windows 10
+ JDK-8235784: java/lang/invoke/VarHandles/
/VarHandleTestByteArrayAsInt.java fails due to timeout with
fastdebug bits
+ JDK-8236042: [TESTBUG] serviceability/sa/ClhsdbCDSCore.java
fails with -Xcomp -XX:TieredStopAtLevel=1
+ JDK-8236177: assert(status == 0) failed: error ETIMEDOUT(60),
cond_wait
+ JDK-8236596: HttpClient leaves HTTP/2 sockets in CLOSE_WAIT,
when using proxy tunnel
+ JDK-8237354: Add option to jcmd to write a gzipped heap dump
+ JDK-8237589: Fix copyright header formatting
+ JDK-8238677: java/net/httpclient/ssltest/CertificateTest.java
should not specify TLS version
+ JDK-8239334: Tab Size does not work correctly in JTextArea
with setLineWrap on
+ JDK-8239422: [TESTBUG]
compiler/c1/TestPrintIRDuringConstruction.java failed when C1
is disabled
+ JDK-8239827: The test OpenByUNCPathNameTest.java should be
changed to be manual
+ JDK-8240256: Better resource cleaning for SunPKCS11 Provider
+ JDK-8242044: Add basic HTTP/1.1 support to the HTTP/2 Test
Server
+ JDK-8242526: PIT: javax/swing/JInternalFrame/8020708/
/bug8020708.java fails in mach5 ubuntu system
+ JDK-8242793: Incorrect copyright header in
ContinuousCallSiteTargetChange.java
+ JDK-8243543: jtreg test security/infra/java/security/cert/
/CertPathValidator/certification/BuypassCA.java fails
+ JDK-8244292: Headful clients failing with
- -illegal-access=deny
+ JDK-8245147: Refactor and improve utility of
test/langtools/tools/javac/versions/Versions.java
+ JDK-8245165: Update bug id for
javax/swing/text/StyledEditorKit/4506788/bug4506788.java in
ProblemList
+ JDK-8245665: Test WeakAlg.java should only make sure no
warning for weak signature algorithms by keytool on root CA
+ JDK-8246114: java/net/MulticastSocket/Promiscuous.java fails
after 8241072 (multi-homed systems)
+ JDK-8246807: Incorrect copyright header in
TimeZoneDatePermissionCheck.sh
+ JDK-8247403: JShell: No custom input (e.g. from GUI) possible
with JavaShellToolBuilder
+ JDK-8247510: typo in IllegalHandshakeMessage
+ JDK-8248187: [TESTBUG] javax/swing/plaf/basic/
/BasicGraphicsUtils/8132119/bug8132119.java fails with String
is not properly drawn
+ JDK-8248341: ProblemList java/lang/management/ThreadMXBean/
/ThreadMXBeanStateTest.java
+ JDK-8248500: AArch64: Remove the r18 dependency on Windows
AArch64
+ JDK-8248899: security/infra/java/security/cert/
/CertPathValidator/certification/QuoVadisCA.java fails,
Certificate has been revoked
+ JDK-8249195: Change to Xcode 11.3.1 for building on Macos at
Oracle
+ JDK-8250521: Configure initial RTO to use minimal retry for
loopback connections on Windows
+ JDK-8250810: Push missing parts of JDK-8248817
+ JDK-8250839: Improve test template SSLEngineTemplate with
SSLContextTemplate
+ JDK-8250863: Build error with GCC 10 in NetworkInterface.c
and k_standard.c
+ JDK-8250888: nsk/jvmti/scenarios/general_functions/GF08/
/gf08t001/TestDriver.java fails
+ JDK-8251155: HostIdentifier fails to canonicalize hostnames
starting with digits
+ JDK-8251377: [macos11] JTabbedPane selected tab text is
barely legible
+ JDK-8251570: JDK-8215624 causes assert(worker_id <
_n_workers) failed: Invalid worker_id
+ JDK-8251930: AArch64: Native types mismatch in hotspot
+ JDK-8252049: Native memory leak in ciMethodData ctor
+ JDK-8252051: Make mlvmJvmtiUtils strncpy uses GCC 10.x
friendly
+ JDK-8252114: Windows-AArch64: Enable and test ZGC and
ShenandoahGC
+ JDK-8253015: Aarch64: Move linux code out from generic CPU
feature detection
+ JDK-8253147: The javax/swing/JPopupMenu/7154841/bug7154841.java
fail on big screens
+ JDK-8253497: Core Libs Terminology Refresh
+ JDK-8253682: The AppletInitialFocusTest1.java is unstable
+ JDK-8253763: ParallelObjectIterator should have virtual
destructor
+ JDK-8253866: Security Libs Terminology Refresh
+ JDK-8254802: ThrowingPushPromisesAsStringCustom.java fails in
"/try throwing in GET_BODY"/
+ JDK-8255227: java/net/httpclient/FlowAdapterPublisherTest.java
intermittently failing with TestServer: start exception:
java.io.IOException: Invalid preface
+ JDK-8255264: Support for identifying the full range of IPv4
localhost addresses on Windows
+ JDK-8255716: AArch64: Regression: JVM crashes if manually
offline a core
+ JDK-8255722: Create a new test for rotated blit
+ JDK-8256009: Remove src/hotspot/share/adlc/Test/i486.ad
+ JDK-8256066: Tests use deprecated TestNG API that is no
longer available in new versions
+ JDK-8256152: tests fail because of ambiguous method resolution
+ JDK-8256182: Update qemu-debootstrap cross-compilation recipe
+ JDK-8256201: java/awt/FullScreen/FullscreenWindowProps/
/FullscreenWindowProps.java failed
+ JDK-8256202: Some tweaks for jarsigner tests
PosixPermissionsTest and SymLinkTest
+ JDK-8256372: [macos] Unexpected symbol was displayed on
JTextField with Monospaced font
+ JDK-8256956: RegisterImpl::max_slots_per_register is
incorrect on AMD64
+ JDK-8258457: testlibrary_tests/ctw/JarDirTest.java fails with
InvalidPathException on windows
+ JDK-8258855: Two tests sun/security/krb5/auto/
/ReplayCacheTestProc.java and ReplayCacheTestProcWithMD5.java
failed on OL8.3
+ JDK-8259237: Demo selection changes with left/right arrow
key. No need to press space for selection.
+ JDK-8260571: Add PrintMetaspaceStatistics to print metaspace
statistics upon VM exit
+ JDK-8260690: JConsole User Guide Link from the Help menu is
not accessible by keyboard
+ JDK-8261036: Reduce classes loaded by CleanerFactory
initialization
+ JDK-8261071: AArch64: Refactor interpreter native wrappers
+ JDK-8261075: Create stubRoutines.inline.hpp with SafeFetch
implementation
+ JDK-8261236: C2: ClhsdbJstackXcompStress test fails when
StressGCM is enabled
+ JDK-8261297: NMT: Final report should use scale 1
+ JDK-8261661: gc/stress/TestReclaimStringsLeaksMemory.java
fails because Reserved memory size is too big
+ JDK-8261916: gtest/GTestWrapper.java
vmErrorTest.unimplemented1_vm_assert failed
+ JDK-8262438: sun/security/ssl/SSLLogger/
/LoggingFormatConsistency.java failed with "/SocketException:
Socket is closed"/
+ JDK-8262731: [macOS] Exception from "/Printable.print"/ is
swallowed during "/PrinterJob.print"/
+ JDK-8262844: (fs) FileStore.supportsFileAttributeView might
return false negative in case of ext3
+ JDK-8263059: security/infra/java/security/cert/
/CertPathValidator/certification/ComodoCA.java fails due to
revoked cert
+ JDK-8263068: Rename safefetch.hpp to safefetch.inline.hpp
+ JDK-8263303: C2 compilation fails with assert(found_sfpt)
failed: no node in loop that's not input to safepoint
+ JDK-8263362: Avoid division by 0 in
java/awt/font/TextJustifier.java justify
+ JDK-8263773: Reenable German localization for builds at Oracle
+ JDK-8263897: compiler/c2/aarch64/TestVolatilesSerial.java
failed with "/java.lang.RuntimeException: Wrong method"/
+ JDK-8264526: javax/swing/text/html/parser/Parser/8078268/
/bug8078268.java timeout
+ JDK-8264824: java/net/Inet6Address/B6206527.java doesn't
close ServerSocket properly
+ JDK-8265019: Update tests for additional TestNG test
permissions
+ JDK-8265173: [test] divert spurious log output away from
stream under test in ProcessBuilder Basic test
+ JDK-8265524: Upgrading JSZip from v3.2.2 to v3.6.0
+ JDK-8266182: Automate manual steps listed in the test
jdk/sun/security/pkcs12/ParamsTest.java
+ JDK-8266579: Update test/jdk/java/lang/ProcessHandle/
/PermissionTest.java & test/jdk/java/sql/testng/util/
/TestPolicy.java
+ JDK-8266949: Check possibility to disable OperationTimedOut
on Unix
+ JDK-8267246: -XX:MaxRAMPercentage=0 is unreasonable for jtreg
tests on many-core machines
+ JDK-8267256: Extend minimal retry for loopback connections on
Windows to PlainSocketImpl
+ JDK-8267304: Bump global JTReg memory limit to 768m
+ JDK-8267652: c2 loop unrolling by 8 results in reading memory
past array
+ JDK-8268019: C2: assert(no_dead_loop) failed: dead loop
detected
+ JDK-8268093: Manual Testcase: "/sun/security/krb5/config/
/native/TestDynamicStore.java"/ Fails with NPE
+ JDK-8268555: Update HttpClient tests that use ITestContext to
jtreg 6+1
+ JDK-8268672: C2: assert(!loop->is_member(u_loop)) failed: can
be in outer loop or out of both loops only
+ JDK-8269034: AccessControlException for SunPKCS11 daemon
threads
+ JDK-8269426: Rename test/jdk/java/lang/invoke/t8150782 to
accessClassAndFindClass
+ JDK-8269574: C2: Avoid redundant uncommon traps in
GraphKit::builtin_throw() for JVMTI exception events
+ JDK-8269656: The test test/langtools/tools/javac/versions/
/Versions.java has duplicate test cycles
+ JDK-8269768: JFR Terminology Refresh
+ JDK-8269951: [macos] Focus not painted in JButton when
setBorderPainted(false) is invoked
+ JDK-8269984: [macos] JTabbedPane title looks like disabled
+ JDK-8269993: [Test]: java/net/httpclient/
/DigestEchoClientSSL.java contains redundant @run tags
+ JDK-8270116: Expand ButtonGroupLayoutTraversalTest.java to
run in all LaFs, including Aqua on macOS
+ JDK-8270216: [macOS] Update named used for Java run loop mode
+ JDK-8270280: security/infra/java/security/cert/
/CertPathValidator/certification/LetsEncryptCA.java OCSP
response error
+ JDK-8270290: NTLM authentication fails if HEAD request is used
+ JDK-8270317: Large Allocation in CipherSuite
+ JDK-8270344: Session resumption errors
+ JDK-8270517: Add Zero support for LoongArch
+ JDK-8270533: AArch64: size_fits_all_mem_uses should return
false if its output is a CAS
+ JDK-8270886: Crash in
PhaseIdealLoop::verify_strip_mined_scheduling
+ JDK-8271287: jdk/jshell/CommandCompletionTest.java fails with
"/lists don't have the same size expected"/
+ JDK-8271340: Crash PhaseIdealLoop::clone_outer_loop
+ JDK-8271341: Opcode() != Op_If && Opcode() != Op_RangeCheck)
|| outcnt() == 2 assert failure with Test7179138_1.java
+ JDK-8271459: C2: Missing NegativeArraySizeException when
creating StringBuilder with negative capacity
+ JDK-8271490: [ppc] [s390]: Crash in
JavaThread::pd_get_top_frame_for_profiling
+ JDK-8271560: sun/security/ssl/DHKeyExchange/
/LegacyDHEKeyExchange.java still fails due to "/An established
connection was aborted by the software in your host machine"/
+ JDK-8271567: AArch64: AES Galois CounterMode (GCM)
interleaved implementation using vector instructions
+ JDK-8272180: Upgrade JSZip from v3.6.0 to v3.7.1
+ JDK-8272181: Windows-AArch64:Backport fix of `Backtracing
broken on PAC enabled systems`
+ JDK-8272316: Wrong Boot JDK help message in 11
+ JDK-8272318: Improve performance of HeapDumpAllTest
+ JDK-8272342: [TEST_BUG] java/awt/print/PrinterJob/
/PageDialogMarginTest.java catches all exceptions
+ JDK-8272570: C2: crash in PhaseCFG::global_code_motion
+ JDK-8272574: C2: assert(false) failed: Bad graph detected in
build_loop_late
+ JDK-8272581: sun/security/pkcs11/Provider/MultipleLogins.sh
fails after JDK-8266182
+ JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/
/security/cert/CertPathValidator/certification/BuypassCA.java
no longer needs ocspEnabled
+ JDK-8272720: Fix the implementation of loop unrolling
heuristic with LoopPercentProfileLimit
+ JDK-8272783: Epsilon: Refactor tests to improve performance
+ JDK-8272806: [macOS] "/Apple AWT Internal Exception"/ when
input method is changed
+ JDK-8272828: Add correct licenses to jszip.md
+ JDK-8272836: Limit run time for java/lang/invoke/LFCaching
tests
+ JDK-8272850: Drop zapping values in the Zap* option
descriptions
+ JDK-8272902: Bump update version for OpenJDK: jdk-11.0.14
+ JDK-8272914: Create hotspot:tier2 and hotspot:tier3 test
groups
+ JDK-8272966: test/jdk/java/awt/Robot/FlushCurrentEvent.java
fails by timeout
+ JDK-8273026: Slow LoginContext.login() on multi threading
application
+ JDK-8273229: Update OS detection code to recognize Windows
Server 2022
+ JDK-8273235: tools/launcher/HelpFlagsTest.java Fails on
Windows 32bit
+ JDK-8273308: PatternMatchTest.java fails on CI
+ JDK-8273314: Add tier4 test groups
+ JDK-8273342: Null pointer dereference in
classFileParser.cpp:2817
+ JDK-8273358: macOS Monterey does not have the font Times
needed by Serif
+ JDK-8273373: Zero: Cannot invoke JVM in primordial threads on
Zero
+ JDK-8273498: compiler/c2/Test7179138_1.java timed out
+ JDK-8273541: Cleaner Thread creates with normal priority
instead of MAX_PRIORITY - 2
+ JDK-8273547: [11u] [JVMCI] Partial module-info.java backport
of JDK-8223332
+ JDK-8273606: Zero: SPARC64 build fails with si_band type
mismatch
+ JDK-8273646: Add openssl from path variable also in to
Default System Openssl Path in OpensslArtifactFetcher
+ JDK-8273671: Backport of 8260616 misses one JNF header
inclusion removal
+ JDK-8273790: Potential cyclic dependencies between Gregorian
and CalendarSystem
+ JDK-8273795: Zero SPARC64 debug builds fail due to missing
interpreter fields
+ JDK-8273826: Correct Manifest file name and NPE checks
+ JDK-8273894: ConcurrentModificationException raised every
time ReferralsCache drops referral
+ JDK-8273924: ArrayIndexOutOfBoundsException thrown in
java.util.JapaneseImperialCalendar.add()
+ JDK-8273961: jdk/nio/zipfs/ZipFSTester.java fails if file
path contains '+' character
+ JDK-8273968: JCK javax_xml tests fail in CI
+ JDK-8274056: JavaAccessibilityUtilities leaks JNI objects
+ JDK-8274083: Update testing docs to mention tiered testing
+ JDK-8274293: Build failure on macOS with Xcode 13.0 as vfork
is deprecated
+ JDK-8274326: [macos] Ensure initialisation of sun/lwawt/
/macosx/CAccessibility in JavaComponentAccessibility.m
+ JDK-8274329: Fix non-portable HotSpot code in
MethodMatcher::parse_method_pattern
+ JDK-8274381: missing CAccessibility definitions in JNI code
+ JDK-8274407: (tz) Update Timezone Data to 2021c
+ JDK-8274467: TestZoneInfo310.java fails with tzdata2021b
+ JDK-8274468: TimeZoneTest.java fails with tzdata2021b
+ JDK-8274522: java/lang/management/ManagementFactory/
/MXBeanException.java test fails with Shenandoah
+ JDK-8274642: jdk/jshell/CommandCompletionTest.java fails with
NoSuchElementException after JDK-8271287
+ JDK-8274773: [TESTBUG] UnsafeIntrinsicsTest intermittently
fails on weak memory model platform
+ JDK-8274779: HttpURLConnection: HttpClient and HttpsClient
incorrectly check request method when set to POST
+ JDK-8274840: Update OS detection code to recognize Windows 11
+ JDK-8274860: gcc 10.2.1 produces an uninitialized warning in
sharedRuntimeTrig.cpp
+ JDK-8275051: Shenandoah: Correct ordering of requested gc
cause and gc request flag
+ JDK-8275131: Exceptions after a touchpad gesture on macOS
+ JDK-8275713: TestDockerMemoryMetrics test fails on recent runc
+ JDK-8275766: (tz) Update Timezone Data to 2021e
+ JDK-8275849: TestZoneInfo310.java fails with tzdata2021e
+ JDK-8276066: Reset LoopPercentProfileLimit for x86 due to
suboptimal performance
+ JDK-8276139: TestJpsHostName.java not reliable, better to
expand HostIdentifierCreate.java test
+ JDK-8276157: C2: Compiler stack overflow during escape
analysis on Linux x86_32
+ JDK-8276201: Shenandoah: Race results degenerated GC to enter
wrong entry point
+ JDK-8276536: Update TimeZoneNames files to follow the changes
made by JDK-8275766
+ JDK-8276550: Use SHA256 hash in build.tools.depend.Depend
+ JDK-8276774: Cookie stored in CookieHandler not sent if user
headers contain cookie
+ JDK-8276854: Windows GHA builds fail due to broken Cygwin
+ JDK-8277029: JMM GetDiagnosticXXXInfo APIs should verify
output array sizes
+ JDK-8277224: sun.security.pkcs.PKCS9Attributes.toString()
throws NPE
+ JDK-8277529: SIGSEGV in C2 CompilerThread
Node::rematerialize() compiling Packet::readUnsignedTrint
+ JDK-8277815: Fix mistakes in legal header backports
- Removed patch:
* riscv64-zero.patch
+ integrated upstream
- Modified patch:
* fips.patch
+ rediff to changed context
- libarchive
-
- Fix CVE-2021-36976 use-after-free in copy_string
(CVE-2021-36976, bsc#1188572)
* fix-CVE-2021-36976.patch
- The following issues have already been fixed in this package but
weren't previously mentioned in the changes file:
CVE-2017-5601, bsc#1022528, bsc#1189528
- libtirpc
-
- fix memory leak in client protocol version 2 code (bsc#1193805)
- update: 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
- nfs-utils
-
- Add 0023-cache.c-removed-a-couple-warning.patch
Fix compilation with new glibc (SLE15-SP4)
(bsc#1197788)
- Add 0021-mount.nfs-insert-sloppy-at-beginning-of-the-options.patch
Add 0022-mount.nfs-Fix-the-sloppy-option-processing.patch
Ensure "/sloppy"/ is added correctly for newer kernels. Particularly
required for kernels since 5.6 (so SLE15-SP4), and safe for all kernels.
(boo#1197297)
- openldap2
-
- Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression
reporting is bsc#1197004 causing SSSD to have faults.
- openssh
-
- Add openssh-dbus.sh, openssh-dbus.csh, openssh-dbus.fish: Make ssh
connections update their dbus environment (bsc#1179465).
- openssl-1_1
-
- Security Fix: [bsc#1196877, CVE-2022-0778]
* Infinite loop in BN_mod_sqrt() reachable when parsing certificates
* Add openssl-CVE-2022-0778.patch openssl-CVE-2022-0778-tests.patch
- Fix PAC pointer authentication in ARM [bsc#1195856]
* PAC pointer authentication signs the return address against the
value of the stack pointer, to prevent stack overrun exploits
from corrupting the control flow. The Poly1305 armv8 code got
this wrong, resulting in crashes on PAC capable hardware.
* Add openssl-1_1-ARM-PAC.patch
- Pull libopenssl-1_1 when updating openssl-1_1 with the same
version. [bsc#1195792]
- FIPS: Fix function and reason error codes [bsc#1182959]
* Add openssl-1_1-FIPS-fix-error-reason-codes.patch
- Enable zlib compression support [bsc#1195149]
* Add openssl-fix-BIO_f_zlib.patch to fix BIO_f_zlib: Properly
handle BIO_CTRL_PENDING and BIO_CTRL_WPENDING calls.
- pam
-
- Between allocating the variable "/ai"/ and free'ing them, there are
two "/return NO"/ were we don't free this variable. This patch
inserts freaddrinfo() calls before the "/return NO;"/s.
[bsc#1197024, pam-bsc1197024-free-addrinfo-before-return.patch]
- Define _pam_vendordir as "//%{_sysconfdir}/pam.d"/
The variable is needed by systemd and others.
[bsc#1196093, macros.pam]
- postgresql
-
- Fix the pg_server_requires macro on older rpm versions (SLE-12).
- Avoid a dependency on awk in postgresql-script.
- Move the dependency of llvmjit-devel on clang and llvm to the
implementation packages where we can depend on the correct
versions.
- fix postgresql_has_llvm usage
- First round of changes to make it easier to build extensions for
- add postgresql-llvmjit-devel subpackage:
This package will pull in clang and llvm if the distro has a
recent enough version, otherwise it will just pull
postgresql-server-devel.
- add postgresql macros to the postgresql-server-devel package
those cover all the variables from pg_config and some macros
to remove repitition from the spec files
- Bump version to 14.
- Bump default to 14 on Factory and future SPs.
- procps
-
- Add patch bsc1195468-23da4f40.patch to fix bsc#1195468 that is
ignore SIGURG
- protobuf
-
- Fix incorrect parsing of nullchar in the proto symbol, CVE-2021-22570,
bsc#1195258
* Add protobuf-CVE-2021-22570.patch
- python
-
- Update bundled pip wheel to the latest SLE version patched
against bsc#1186819 (CVE-2021-3572).
- Recover again proper value of %python2_package_prefix
(bsc#1175619).
- BuildRequire rpm-build-python: The provider to inject python(abi)
has been moved there. rpm-build pulls rpm-build-python
automatically in when building anything against python3-base, but
this implies that the initial build of python3-base does not
trigger the automatic installation.
- Older SLE versions should use old OpenSSL.
- Add CVE-2022-0391-urllib_parse-newline-parsing.patch
(bsc#1195396, CVE-2022-0391, bpo#43882) sanitizing URLs
containing ASCII newline and tabs in urlparse.
- Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146,
bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib
not trust the PASV response.
- build against openssl 1.1.x (incompatible with openssl 3.0x)
for now.
- on sle12, python2 modules will still be called python-xxxx until EOL,
for newer SLE versions they will be python2-xxxx
- BuildRequire rpm-build-python: The provider to inject python(abi)
has been moved there. rpm-build pulls rpm-build-python
automatically in when building anything against python3-base, but
this implies that the initial build of python3-base does not
trigger the automatic installation.
- python-base
-
- Update bundled pip wheel to the latest SLE version patched
against bsc#1186819 (CVE-2021-3572).
- Recover again proper value of %python2_package_prefix
(bsc#1175619).
- BuildRequire rpm-build-python: The provider to inject python(abi)
has been moved there. rpm-build pulls rpm-build-python
automatically in when building anything against python3-base, but
this implies that the initial build of python3-base does not
trigger the automatic installation.
- Older SLE versions should use old OpenSSL.
- Add CVE-2022-0391-urllib_parse-newline-parsing.patch
(bsc#1195396, CVE-2022-0391, bpo#43882) sanitizing URLs
containing ASCII newline and tabs in urlparse.
- Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146,
bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib
not trust the PASV response.
- build against openssl 1.1.x (incompatible with openssl 3.0x)
for now.
- on sle12, python2 modules will still be called python-xxxx until EOL,
for newer SLE versions they will be python2-xxxx
- BuildRequire rpm-build-python: The provider to inject python(abi)
has been moved there. rpm-build pulls rpm-build-python
automatically in when building anything against python3-base, but
this implies that the initial build of python3-base does not
trigger the automatic installation.
- python-jsonschema
-
- Add patch to fix build with new webcolors:
* webcolors.patch
- update to version 3.2.0 (jsc#SLE-18756):
* Added a format_nongpl setuptools extra, which installs only format
dependencies that are non-GPL (#619).
- specfile:
* be more explicit in %files section
* require python-importlib-metadata
- update to version 3.1.1:
* Temporarily revert the switch to js-regex until #611 and #612 are
resolved.
- changes from version 3.1.0:
* Regular expressions throughout schemas now respect the ECMA 262
dialect, as recommended by the specification (#609).
- Replace %fdupes -s with plain %fdupes; hardlinks are better.
- Activate more of the test suite
- Remove tests and benchmarking from the runtime package
- Update to v3.0.2
* Fixed a bug where 0 and False were considered equal by
const and enum
- from v3.0.1
* Fixed a bug where extending validators did not preserve their
notion of which validator property contains $id information.
- from v3.0.0
* Support for Draft 6 and Draft 7
* Draft 7 is now the default
* New TypeChecker object for more complex type definitions
(and overrides)
* Falling back to isodate for the date-time format checker is
no longer attempted, in accordance with the specification
- Add non-updating note to the SPEC file
- downgrade to < 3.0.0 again to fix all openstack clients
- Update to 3.0.1:
* Support for Draft 6 and Draft 7
* Draft 7 is now the default
* New TypeChecker object for more complex type definitions (and overrides)
* Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification
- Use %license instead of %doc [bsc#1082318]
- release-notes-susemanager
-
- Update to 4.1.14.1
* CVEs fixed
CVE-2022-22934, CVE-2022-22935, CVE-2022-22936, CVE-2022-22941
* Bugs mentioned
bsc#1197417
- salt
-
- (CVE-2020-22934) (CVE-2020-22935) (CVE-2020-22936) (CVE-2020-22941) (bsc#1197417)
- Added:
* patch_for_cve_bsc1197417.patch
- supportutils
-
- Spec file adjusted for usr-merge
- Changes to version 3.1.20
+ Added command blkid #114
+ Added s390x specific files and output #115
+ Fix for invalid argument during updates (bsc#1193204)
+ Optimized conf_files, conf_files_text and log_cmd functions #118
+ Fixed iscsi initiator name (bsc#1195797)
+ Added rpcinfo -p output #116
+ Included /etc/sssd/conf.d configuration files #100
- Changes to version 3.1.19
+ Made /proc directory and network names spaces configurable (bsc#1193868)
- Changes to version 3.1.19
+ Removed chronyc DNS lookups with -n switch (bsc#1193732)
- Merged Include udev rules in /lib/udev/rules.d/ #113
- Merged Move localmessage/warm logs out of messages.txt to new localwarn.txt #87
- getappcore identifies compressed core files (bsc#1191794)
- Installing to /usr/sbin instead of /sbin (bsc#1191096)
- Added shared memory as a log directory for emergency use (bsc#1190943)
- Fixed cron package for RPM validation (bsc#1190315)
- Updated spec file with correct URL
- Changes to version 3.1.18
+ Added email.txt based on OPTION_EMAIL #108 (bsc#1189028)
+ Include 'multipath -t' output in mpio.txt #105
+ Improved lsblk readability with --ascsi #106
+ Removed duplicate commands in network.txt
+ Remove duplicate firewalld status output #109
- systemd
-
- Import commit 5e7db68eb43ec3733c56e98262973431f57e2265
4f00efadc7 systemd-coredump: allow setting external core size to infinity (bsc#1195899 jsc#SLE-23868 jsc#SLE-23870)
- systemd-rpm-macros
-
- Bump version to 11
- Make %_modprobedir point to /lib/modprobe.d (bsc#1196275 bsc#1196406)
Until SLE15-SP3:QU2, /usr/lib/modprobe.d path was not supported by kmod and
since SLE15-SP4 /etc/modprobe.d/README has references to /lib/modprobe.d...
- timezone
-
- timezone update 2022a (bsc#1177460):
* Palestine will spring forward on 2022-03-27, not -03-26*
* zdump -v now outputs better failure indications
* Bug fixes for code that reads corrupted TZif data
- tomcat
-
- Remove log4j (bsc#1196137)
- Fixed CVEs:
* CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255)
- Added patches:
* tomcat-9.0-CVE-2022-23181.patch
- util-linux
-
- Extend cache in uuid_generate_time_generic() (bsc#1194642#c51,
util-linux-libuuid-extend-cache.patch).
- Prevent root owning of /var/lib/libuuid/clock.txt
(bsc#1194642, util-linux-uuidd-prevent-root-owning.patch).
- Warn if uuidd lock state is not usable (bsc#1194642,
util-linux-uuidd-check-lock-state.patch).
- Fix "/su -s"/ bash completion
(bsc#1172427, util-linux-bash-completion-su-chsh-l.patch).
- util-linux-systemd
-
- Extend cache in uuid_generate_time_generic() (bsc#1194642#c51,
util-linux-libuuid-extend-cache.patch).
- Prevent root owning of /var/lib/libuuid/clock.txt
(bsc#1194642, util-linux-uuidd-prevent-root-owning.patch).
- Warn if uuidd lock state is not usable (bsc#1194642,
util-linux-uuidd-check-lock-state.patch).
- Fix "/su -s"/ bash completion
(bsc#1172427, util-linux-bash-completion-su-chsh-l.patch).
- xstream
-
- Upgrade to 1.4.19
* Security fixes
+ This maintenance release addresses the security vulnerability
CVE-2021-43859, bsc#1195458, when unmarshalling highly
recursive collections or maps causing a Denial of Service.
* API changes
+ Added c.t.x.XStream.COLLECTION_UPDATE_LIMIT and
c.t.x.XStream.COLLECTION_UPDATE_SECONDS.
+ Added c.t.x.XStream.setCollectionUpdateLimit(int).
+ Added c.t.x.core.SecurityUtils.
+ Added c.t.x.security.AbstractSecurityException and
c.t.x.security.InputManipulationException.
+ c.t.x.security.InputManipulationException derives now from
c.t.x.security.AbstractSecurityException.
- yaml-cpp
-
- Fix CVE-2018-20573 The Scanner:EnsureTokensInQueue function in yaml-cpp
allows remote attackers to cause DOS via a crafted YAML file
(CVE-2018-20573, bsc#1121227)
- Fix CVE-2018-20574 The SingleDocParser:HandleFlowMap function in
yaml-cpp allows remote attackers to cause DOS via a crafted YAML file
(CVE-2018-20574, bsc#1121230)
- Fix CVE-2019-6285 The SingleDocParser::HandleFlowSequence function in
cpp allows remote attackers to cause DOS via a crafted YAML file
(CVE-2019-6285, bsc#1122004)
- Fix CVE-2019-6292 An issue was discovered in singledocparser.cpp in
yaml-cpp which cause DOS by stack consumption
(CVE-2019-6292, bsc#1122021)
- Added patch cve-2018-20574.patch
- zlib
-
- CVE-2018-25032: Fix memory corruption on deflate, bsc#1197459
* bsc1197459.patch