Packages changed: busybox-links cilium kernel-source (5.6.14 -> 5.7.1) kubernetes (1.18.2 -> 1.18.3) kubernetes1.17 (1.17.5 -> 1.17.6) kubernetes1.18 (1.18.2 -> 1.18.3) util-linux util-linux-systemd weave (2.6.2 -> 2.6.4) === Details === ==== busybox-links ==== Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-xz - Create own busybox-adduser sub-package ==== cilium ==== - add 0002-bpf-re-add-a-proper-types.h-mapper.patch - add 0001-build-Avoid-using-git-if-not-in-a-git-repo.patch - add 0001-datapath-Switch-to-upstream-bpftool-remove-additiona.patch - build BPF_SRCFILES to get the list of bpf files to install ==== kernel-source ==== Version update (5.6.14 -> 5.7.1) - syscalls: fix offset type of ksys_ftruncate (bsc#1172699). - commit 8d4977c - armv7/ararch64: Update config files. Enable IOMMU_DEFAULT_PASSTHROUGH; per jsc#SLE-5568 this should be on by default, like on x86_64. - commit bb34387 - Refresh patches.suse/jbd2-avoid-leaking-transaction-credits-when-unreserv.patch. Update upstream status. - commit c3ae43f - KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904). - KVM: x86: only do L1TF workaround on affected processors (bsc#1171904). - commit 16721c7 - Linux 5.7.1 (bnc#1012628). - airo: Fix read overflows sending packets (bnc#1012628). - net: dsa: mt7530: set CPU port to fallback mode (bnc#1012628). - media: staging: ipu3-imgu: Move alignment attribute to field (bnc#1012628). - media: Revert "staging: imgu: Address a compiler warning on alignment" (bnc#1012628). - mmc: fix compilation of user API (bnc#1012628). - kernel/relay.c: handle alloc_percpu returning NULL in relay_open (bnc#1012628). - crypto: api - Fix use-after-free and race in crypto_spawn_alg (bnc#1012628). - mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter (bnc#1012628). - p54usb: add AirVasT USB stick device-id (bnc#1012628). - HID: i2c-hid: add Schneider SCL142ALM to descriptor override (bnc#1012628). - HID: multitouch: enable multi-input as a quirk for some devices (bnc#1012628). - HID: sony: Fix for broken buttons on DS3 USB dongles (bnc#1012628). - mm: Fix mremap not considering huge pmd devmap (bnc#1012628). - media: dvbdev: Fix tuner->demod media controller link (bnc#1012628). - commit cc2f849 - config: refresh with gcc10 gcc10 is default in Tumbleweed now. - commit 0b1e86b - Revert "Update config files." This reverts commit 34be040b91701c047e592935bc2dbb46a3947a56. We now have a fix (previous commit) in place, so change the configuration back (bsc#1156053). - commit f4546fe - usercopy: mark dma-kmalloc caches as usercopy caches (bsc#1156053). - commit d3b5ce7 - jbd2: avoid leaking transaction credits when unreserving handle (bnc#1169774). - commit 8599ef4 - jbd2: avoid leaking transaction credits when unreserving handle (bnc#1169774). - Delete patches.suse/Revert-ext4-make-dioread_nolock-the-default.patch. Replace revert by the upstream fix. - commit bfa465b - Refresh patches.suse/drm-nouveau-Fix-regression-by-audio-component-transition.patch. Update upstream status. - commit 3000ce5 - config: enable DEBUG_INFO_BTF This was disabled when the option was introduced in 5.2-rc1 but it turned out there are interesting use cases for having it enabled. Add pahole to build time dependencies as it is used to extracth the BTF data. Once we figure out how to make it conditional (only if DEBUG_INFO_BTF exists and is enabled), it should be done in packaging branch. - commit 9ddab66 - Updated to 5.7 final - refresh configs - commit 7cd0da5 - Update config files. - commit 6dba057 - Revert "virtio-balloon: Revert "virtio-balloon: Switch back to OOM handler for VIRTIO_BALLOON_F_DEFLATE_ON_OOM"" (virtio fix). - commit fe7831e - Linux 5.6.15 (bnc#1012628). - blacklist.conf: remove one entry - sched/fair: Fix enqueue_task_fair() warning some more (bnc#1012628). - sched/fair: Fix reordering of enqueue/dequeue_task_fair() (bnc#1012628). - sched/fair: Reorder enqueue/dequeue_task_fair path (bnc#1012628). - bpf: Prevent mmap()'ing read-only maps as writable (bnc#1012628). - rxrpc: Fix ack discard (bnc#1012628). - rxrpc: Trace discarded ACKs (bnc#1012628). - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks (bnc#1012628). - flow_dissector: Drop BPF flow dissector prog ref on netns cleanup (bnc#1012628). - s390/kexec_file: fix initrd location for kdump kernel (bnc#1012628). - tpm: check event log version before reading final events (bnc#1012628). - rxrpc: Fix a memory leak in rxkad_verify_response() (bnc#1012628). - rxrpc: Fix the excessive initial retransmission timeout (bnc#1012628). - iio: imu: st_lsm6dsx: unlock on error in st_lsm6dsx_shub_write_raw() (bnc#1012628). - z3fold: fix use-after-free when freeing handles (bnc#1012628). - sparc32: fix page table traversal in srmmu_nocache_init() (bnc#1012628). - sparc32: use PUD rather than PGD to get PMD in srmmu_nocache_init() (bnc#1012628). - sh: include linux/time_types.h for sockios (bnc#1012628). - kasan: disable branch tracing for core runtime (bnc#1012628). - rapidio: fix an error in get_user_pages_fast() error handling (bnc#1012628). - device-dax: don't leak kernel memory to user space after unloading kmem (bnc#1012628). - s390/kaslr: add support for R_390_JMP_SLOT relocation type (bnc#1012628). - s390/pci: Fix s390_mmio_read/write with MIO (bnc#1012628). - ipack: tpci200: fix error return code in tpci200_register() (bnc#1012628). - mei: release me_cl object reference (bnc#1012628). - tty: serial: add missing spin_lock_init for SiFive serial console (bnc#1012628). - misc: rtsx: Add short delay after exit from ASPM (bnc#1012628). - driver core: Fix handling of SYNC_STATE_ONLY + STATELESS device links (bnc#1012628). - driver core: Fix SYNC_STATE_ONLY device link implementation (bnc#1012628). - iio: adc: ti-ads8344: Fix channel selection (bnc#1012628). - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' (bnc#1012628). - iio: sca3000: Remove an erroneous 'get_device()' (bnc#1012628). - iio: adc: stm32-dfsdm: fix device used to request dma (bnc#1012628). - iio: adc: stm32-adc: fix device used to request dma (bnc#1012628). - staging: greybus: Fix uninitialized scalar variable (bnc#1012628). - staging: kpc2000: fix error return code in kp2000_pcie_probe() (bnc#1012628). - staging: wfx: unlock on error path (bnc#1012628). - staging: iio: ad2s1210: Fix SPI reading (bnc#1012628). - kbuild: Remove debug info from kallsyms linking (bnc#1012628). - tools/bootconfig: Fix apply_xbc() to return zero on success (bnc#1012628). - Revert "driver core: platform: Initialize dma_parms for platform devices" (bnc#1012628). - virtio-balloon: Revert "virtio-balloon: Switch back to OOM handler for VIRTIO_BALLOON_F_DEFLATE_ON_OOM" (bnc#1012628). - Revert "gfs2: Don't demote a glock until its revokes are written" (bnc#1012628). - drm/i915: Propagate error from completed fences (bnc#1012628). - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance (bnc#1012628). - vsprintf: don't obfuscate NULL and error pointers (bnc#1012628). - dmaengine: owl: Use correct lock in owl_dma_get_pchan() (bnc#1012628). - dmaengine: idxd: fix interrupt completion after unmasking (bnc#1012628). - dmaengine: dmatest: Restore default for channel (bnc#1012628). - drm/etnaviv: Fix a leak in submit_pin_objects() (bnc#1012628). - dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' (bnc#1012628). - apparmor: Fix aa_label refcnt leak in policy_update (bnc#1012628). - apparmor: fix potential label refcnt leak in aa_change_profile (bnc#1012628). - apparmor: Fix use-after-free in aa_audit_rule_init (bnc#1012628). - pinctrl: qcom: Add affinity callbacks to msmgpio IRQ chip (bnc#1012628). - drm/etnaviv: fix perfmon domain interation (bnc#1012628). - powerpc/64s: Disable STRICT_KERNEL_RWX (bnc#1012628). - arm64: Fix PTRACE_SYSEMU semantics (bnc#1012628). - scsi: target: Put lun_ref at end of tmr processing (bnc#1012628). - scsi: qla2xxx: Do not log message when reading port speed via sysfs (bnc#1012628). - ALSA: hda/realtek - Add more fixup entries for Clevo machines (bnc#1012628). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme (bnc#1012628). - ALSA: pcm: fix incorrect hw_base increase (bnc#1012628). - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option (bnc#1012628). - bpf: Add bpf_probe_read_{user, kernel}_str() to do_refine_retval_range (bnc#1012628). - bpf: Restrict bpf_probe_read{, str}() only to archs where they work (bnc#1012628). - Update config files. - ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 (bnc#1012628). - ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 (bnc#1012628). - ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 (bnc#1012628). - ALSA: hda/realtek: Add quirk for Samsung Notebook (bnc#1012628). - ALSA: hda/realtek - Add HP new mute led supported for ALC236 (bnc#1012628). - ALSA: hda/realtek - Add supported new mute Led for HP (bnc#1012628). - scripts/gdb: repair rb_first() and rb_last() (bnc#1012628). - tools/bootconfig: Fix resource leak in apply_xbc() (bnc#1012628). - ARM: futex: Address build warning (bnc#1012628). - KVM: selftests: Fix build for evmcs.h (bnc#1012628). - drm/amd/display: Prevent dpcd reads with passive dongles (bnc#1012628). - drm/amd/display: fix counter in wait_for_no_pipes_pending (bnc#1012628). - iommu/amd: Call domain_flush_complete() in update_domain() (bnc#1012628). - iommu/amd: Do not loop forever when trying to increase address space (bnc#1012628). - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA (bnc#1012628). - USB: core: Fix misleading driver bug report (bnc#1012628). - stmmac: fix pointer check after utilization in stmmac_interrupt (bnc#1012628). - ceph: fix double unlock in handle_cap_export() (bnc#1012628). - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock (bnc#1012628). - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (bnc#1012628). - x86/apic: Move TSC deadline timer debug printk (bnc#1012628). - selftests: fix kvm relocatable native/cross builds and installs (bnc#1012628). - ftrace/selftest: make unresolved cases cause failure if - -fail-unresolved set (bnc#1012628). - ibmvnic: Skip fatal error reset after passive init (bnc#1012628). - HID: i2c-hid: reset Synaptics SYNA2393 on resume (bnc#1012628). - scsi: ibmvscsi: Fix WARN_ON during event pool release (bnc#1012628). - net/ena: Fix build warning in ena_xdp_set() (bnc#1012628). - component: Silence bind error on -EPROBE_DEFER (bnc#1012628). - aquantia: Fix the media type of AQC100 ethernet controller in the driver (bnc#1012628). - vhost/vsock: fix packet delivery order to monitoring devices (bnc#1012628). - configfs: fix config_item refcnt leak in configfs_rmdir() (bnc#1012628). - scsi: qla2xxx: Delete all sessions before unregister local nvme port (bnc#1012628). - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV (bnc#1012628). - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead (bnc#1012628). - HID: alps: Add AUI1657 device ID (bnc#1012628). - HID: logitech: Add support for Logitech G11 extra keys (bnc#1012628). - HID: multitouch: add eGalaxTouch P80H84 support (bnc#1012628). - gcc-common.h: Update for GCC 10 (bnc#1012628). - net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() (bnc#1012628). - kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check (bnc#1012628). - iommu: Fix deferred domain attachment (bnc#1012628). - mtd: Fix mtd not registered due to nvmem name collision (bnc#1012628). - afs: Don't unlock fetched data pages until the op completes successfully (bnc#1012628). - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file (bnc#1012628). - i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' (bnc#1012628). - evm: Fix a small race in init_desc() (bnc#1012628). - iommu/amd: Fix get_acpihid_device_id() (bnc#1012628). - iommu/amd: Fix over-read of ACPI UID from IVRS table (bnc#1012628). - i2c: fix missing pm_runtime_put_sync in i2c_device_probe (bnc#1012628). - ubifs: remove broken lazytime support (bnc#1012628). - pipe: Fix pipe_full() test in opipe_prep() (bnc#1012628). - fix multiplication overflow in copy_fdtable() (bnc#1012628). - mtd: spinand: Propagate ECC information to the MTD structure (bnc#1012628). - ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive (bnc#1012628). - ubifs: fix wrong use of crypto_shash_descsize() (bnc#1012628). - ovl: potential crash in ovl_fid_to_fh() (bnc#1012628). - ima: Fix return value of ima_write_policy() (bnc#1012628). - evm: Check also if *tfm is an error pointer in init_desc() (bnc#1012628). - ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() (bnc#1012628). - ARC: [plat-hsdk]: fix USB regression (bnc#1012628). - i2c: dev: Fix the race between the release of i2c_dev and cdev (bnc#1012628). - commit 5afc154 - Update config files. Remove ACPI_PROCFS_POWER This should all be in sysfs nowadays. If this is in Tumbleweed for a while, a patch to totally remove this code will be sent mainline. Related to bsc#1160977 - commit 96731f2 - rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073). - commit 6524463 - Update to 5.7-rc7 - refresh configs (ARCH_HAS_STRICT_KERNEL_RWX=n on ppc64/ppc64le) - commit 67f7fb5 ==== kubernetes ==== Version update (1.18.2 -> 1.18.3) Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet - Bump to kubernetes 1.18.3 and 1.17.6 ==== kubernetes1.17 ==== Version update (1.17.5 -> 1.17.6) - Add reproducible-buildid.patch to make package build reproducible - Remove %{?_smp_mflags} to make build more reliable [boo#1172744] - Update to version 1.17.6: * Azure: support non-VMSS instances removal * deps: Use debian-base:v2.1.0 and debian-iptables:v12.1.0 * build: Add build-image OWNERS to debian-{base,iptables} and pause dirs * count no nodes scheduling failure as unschedulable instead of error * base-images: Update to kube-cross:v1.13.9-5 * build: Alpha-sort dependencies.yaml * Work-around for missing metrics on CRI-O exited containers * fix: azure disk dangling attach issue * fix: ACR auth fails in private azure clouds * Restore cache-control header filter * bugfix: initcontainer wasn't considered when calculate resource request * fix: azure file csi migration failure * Fix flaws in Azure CSI translation * Update CHANGELOG/CHANGELOG-1.17.md for v1.17.5 * Move PSP tests behind a feature tag * Fix code for 1.17 * kube-openapi bump to release-1.17 * Do not reset managedFields in status update strategy * Use discovery to test apply all status * Preserve int/float distinction when decoding raw values * All check for instanceID * Fix AWS eventual consistency of AttachDisk * fix: update max azure disk max count * Fix cherry-pick errors * Fix CSINodeInfo startup * Wait for APIServer 'ok' forever during CSINode initialization during Kubelet init - Add ConditionPathExists=/var/lib/kubelet/config.yaml to kubelet.service [boo#1146372] ==== kubernetes1.18 ==== Version update (1.18.2 -> 1.18.3) Subpackages: kubernetes1.18-client kubernetes1.18-kubeadm kubernetes1.18-kubelet kubernetes1.18-kubelet-common - Remove %{?_smp_mflags} to make build more reliable [boo#1172744] - Add reproducible-buildid.patch to make package build reproducible - Update to version 1.18.3: * Move nfs-provisioner from quay.io/kubernetes_incubator to staging-csi * Use staging-csi to work around quay.io availability * Azure: support non-VMSS instances removal * deps: Use debian-base:v2.1.0 and debian-iptables:v12.1.0 * build: Add build-image OWNERS to debian-{base,iptables} and pause dirs * count no nodes scheduling failure as unschedulable instead of error * kubeadm: fix flakes when performing etcd MemberAdd on slower setups * base-images: Update to kube-cross:v1.13.9-5 * build: Alpha-sort dependencies.yaml * fix: azure disk dangling attach issue * kube-proxy: increase the session affinity timeout to ensure that the test passes in ipvs mode * cluster: ipvs conntrack module vs kernel version * allow k8s.io/kubernetes/third_party/forked/ipvs in e2e test framework import restrictions (transitive dep from pkg/kubemark) * add license headers for third_party/forked/ipvs * third_party/forked/ipvs: check the address family if the netlink address family attribute is not set * run hack/update-vendor.sh to remove github.com/docker/libnetwork * remove github.com/docker/libnetwork from go.mod * update pkg/util/ipvs to use third_party/forked/ipvs * move github.com/docker/libnetwork/ipvs to third_party/forked * fix backoff manager timer initialization race * fix: ACR auth fails in private azure clouds * Restore cache-control header filter * kube-scheduler: compatibility with ServerSideApply * bugfix: initcontainer wasn't considered when calculate resource request * fix: azure file csi migration failure * Fix flaws in Azure CSI translation * Revert "stop defaulting kubeconfig to http://localhost:8080" * Update CHANGELOG/CHANGELOG-1.18.md for v1.18.2 * Fix Node initialization for GCP cloud provider * Simplify unregistration of csiplugin * Unregister csiplugin even if socket path is gone * Move PSP tests behind a feature tag * kube-openapi bump to release-1.18 * Preserve int/float distinction when decoding raw values * Check Annotations map against nil for ConfigMapLock#Update() * Fix CSINodeInfo startup * Wait for APIServer 'ok' forever during CSINode initialization during Kubelet init - Add ConditionPathExists=/var/lib/kubelet/config.yaml to kubelet.service [boo#1146372] ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Add patch to fix sfdisk not reading its own scripts: * libfdisk-script-accept-sector-size.patch - Use %autopatch - Fix verification of mount, su and umount (bsc#1166948) ==== util-linux-systemd ==== - Add patch to fix sfdisk not reading its own scripts: * libfdisk-script-accept-sector-size.patch - Use %autopatch - Fix verification of mount, su and umount (bsc#1166948) ==== weave ==== Version update (2.6.2 -> 2.6.4) - Update to version 2.6.4 - Improve the iptables rule to block just the Weave Net control port, and avoid blocking other uses of 127.0.0.1. #3811 - Update to version 2.6.3 - Block non-local traffic to the Weave control port #3805 - Tell Linux not to accept router advisory messages #3801 - NPC: add a metric to show errors while operating #3804 - NPC: don't treat named port as a fatal error #3790