Packages changed: cni (0.8.1 -> 1.0.1) cni-plugins (0.9.1 -> 1.1.1) dhcp grub2 kmod libfido2 (1.9.0 -> 1.10.0) lvm2 lvm2-device-mapper open-vm-tools (11.3.5 -> 12.0.0) python-prettytable (2.5.0 -> 3.2.0) python-pyrsistent (0.18.0 -> 0.18.1) qemu rakkess runc (1.1.0 -> 1.1.1) weave === Details === ==== cni ==== Version update (0.8.1 -> 1.0.1) - Update to version v1.0.1: * Rewritten spec + non-List configurations are removed + the version field in the interfaces array was redundant and is removed * libcni improvements - Employ RPM macros.go where feasible - Use vendor tarball - Remove ./build.sh ==== cni-plugins ==== Version update (0.9.1 -> 1.1.1) - Update to version 1.1.1: * ipam/dhcp: Fix client id in renew/release * call ipam.ExceDel after clean up device in netns fix #666 * portmap: fix checkPorts result when chain does not exist * portmap: fix bug that new udp connection deletes all existing conntrack entries * Enhanced dad set to 1 * Add boolean to enable/disable dad * Disable DAD for container side veth * firewall: support ingressPolicy=(open|same-bridge) for isolating bridges as in Docker * Fix host-device gofmt * host-device: Bring interfaces up after moving into container * pkg/ns: use file system magic numbers from golang.org/x/sys/unix * gofmt * go mod tidy * build: bump to go 1.17 * Remove arp notify setting per comment * plugins: replace arping package with arp_notify * fix #685 * Ran go fmt so tests would pass * Fixed DHCP problem that broke when fast retry was added. * dhcp ipam: adjust retry mechanism * add ipam tests for dpdk device * add ipam support for dpdk device * ipvlan: Send Gratuitous ARP after IPs are set * dhcp ipam: fix client id * dhcp ipam: rename inconsistent options among files * dhcp ipam: add more options capable for sending * dhcp ipam: add fast retry * dhcp ipam: support customizing dhcp options * dhcp ipam: truncate client id to 254 bytes * dhcp ipam: print error correctly without format string * dhcp ipam: using full config to regular the code * Allow setting sysctls on a particular interface * dhcp: remove implemented TODO * Don't redundantly filepath.Clean the output of filepath.Join * Use crypto/rand.Read, not crypto.Reader.Read * bridge: Add macspoofchk support * plugins: fix bug where support for CNI version 0.4.0 or 1.0.0 was dropped * vendor: bump to libcni v1.0.1 * static ipam: do not parse the CIDR twice * static ipam: improve error msgs when provisioning invalid CIDR * bump go to 1.16, other misc fixes * vendor: bump all direct dependencies * vendor: bump to libcni v1.0 * docs: Update the CI badge from Travis CI to GitHub Actions * bridge: Fix typo in error message for promiscuous mode * ip: place veth peer in host namspace directly * bridge: Add mac field to specify container iface mac * static ipam: decide wrong cidr error msg * static ipam: stop wrapping net.ParseCIDR errors * static ipam: show confusing error msg * utils, hwaddr: Remove unused package * ip, link_linux: Remove unused SetHWAddrByIP function * plugins: remove flannel * refactor(win-bridge): netconf * refactor(win-bridge): hcn api processing * refactor(win-bridge): hns api processing * chore(win-bridge): location related * chore(win-bridge): text related * Remove Bryan Boreham as maintainer * host-local: support ip/prefix in env args and CNI args * [sbr]: Use different tableID for every ipCfg Check tableID not in use for every ipCfg * Small typo improves in README.md * Allow multiple routes to be added for the same prefix. Enables ECMP * Update to lastest vendor/github.com/vishvananda/netlink * tuning: always update MAC in CNI result * vendor: bump to libcni v1.0-rc1 * tuning: Add support of altering the allmulticast flag * [sbr]: Use different tableID for every ipCfg Move default table routes which match the ipCfg config * Fix nil-pointer check * host-local: support custom IPs allocation through runtime configuration * pkg/ip: introduce a new type `IP` to support formated [/] * go.mod: github.com/j-keck/arping v1.0.1 * go.mod: github.com/buger/jsonparser v1.1.1 * go.mod: github.com/alexflint/go-filemutex v1.1.0 * go.mod github.com/Microsoft/hcsshim v0.8.16 * go.mod: godbus/dbus/v5 v5.0.3, coreos/go-systemd v22.2.0 * go.mod: github.com/mattn/go-shellwords v1.0.11 * go.mod: github.com/sirupsen/logrus v1.8.1 * CI: Install linux-modules-extra for VRF module * Fix broken links to online docs in plugin READMEs * gha: update actions/setup-go@v2 * remove redundant startRange in RangeIter due to overlap check on multi ranges * fix(win-bridge): panic while calling HNS api * portmap: use slashes in sysctl template to support interface names which separated by dots * pkg/ipam: use slash as sysctl separator so interface name can have dot * [macvlan] Stop setting proxy-arp on macvlan interface * tuning: increase test coverage to 1.0.0 and older spec versions * portmap: increase test coverage to 1.0.0 and older spec versions * flannel: increase test coverage to 1.0.0 and older spec versions * firewall: increase test coverage to 1.0.0 and older spec versions * bandwidth: increase test coverage to 1.0.0 and older spec versions * host-local: increase test coverage to 1.0.0 and older spec versions * static: increase test coverage to 1.0.0 and older spec versions * dhcp: increase test coverage to 1.0.0 and older spec versions * dhcp: add -resendmax option to limit lease acquisition time for testcases * vlan: increase test coverage to 1.0.0 and older spec versions * ptp: increase test coverage to 1.0.0 and older spec versions * macvlan: increase test coverage to 1.0.0 and older spec versions * loopback: increase test coverage to 1.0.0 and older spec versions * ipvlan: increase test coverage to 1.0.0 and older spec versions * host-device: increase test coverage to 1.0.0 and older spec versions * bridge: increase test coverage to 1.0.0 and older spec versions * bridge: simplify version-based testcase code * testutils: add test utilities for spec version features * plugins: update to spec version 1.0.0 * vendor: bump CNI to 1.0.0-pre @ 62e54113 - Drop %go_nostrip ==== dhcp ==== Subpackages: dhcp-client - Require hostname binary, not package [bsc#1197087] ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - Fix wrong order in kernel sorting of listing rc before final release (bsc#1197376) * grub2-use-rpmsort-for-version-sorting.patch ==== kmod ==== Subpackages: libkmod2 - add keyring so that gpg validation actually does something ==== libfido2 ==== Version update (1.9.0 -> 1.10.0) - Version 1.10.0 (2022-01-17) * hid_osx: handle devices with paths > 511 bytes; gh#462. * bio: fix CTAP2 canonical CBOR encoding in fido_bio_dev_enroll_*(); gh#480. * winhello: fallback to GetTopWindow() if GetForegroundWindow() fails. * winhello: fallback to hid_win.c if webauthn.dll isn?t available. * New API calls: - fido_dev_info_set; - fido_dev_io_handle; - fido_dev_new_with_info; - fido_dev_open_with_info. * Cygwin and NetBSD build fixes. * Documentation and reliability fixes. * Support for TPM 2.0 attestation of COSE_ES256 credentials. ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - lvm2-monitor.service reported warning messages for udev didn't finish to set up device database (bsc#1197183) + 0025-vgchange-monitor-don-t-use-udev-info.patch ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 - lvm2-monitor.service reported warning messages for udev didn't finish to set up device database (bsc#1197183) + 0025-vgchange-monitor-don-t-use-udev-info.patch ==== open-vm-tools ==== Version update (11.3.5 -> 12.0.0) Subpackages: libvmtools0 - Update to 12.0.0 (build 19345655) (boo#1196803) - jsc#SLE-24097 ECO Update open-vm-tools 12.0.0 + New/Updated features: - Support for managing Salt Minion through guest variables. A new open-vm-tools-salt-minion rpm is added to handle this support. jsc#SLE-24094 Update open-vm-tools 12.0.0 SLES15SP4 jsc#SLE-24095 Update open-vm-tools 12.0.0 SLES15SP3 jsc#SLE-24096 Update open-vm-tools 12.0.0 SLES12SP5 - New ComponentMgr plugin to manage (add, remove, monitor) components on the guest VM. - Patch to fix potential Fail to Build from Source [FTBFS] (boo#1196804). - Build vmhgfs with either libfuse2 or libfuse3. + A number of Coverity and Codacy reported issues have been addressed. + The following issues and pull requests reported on github.com/vmware/open-vm-tools have been addressed: Issue # 128, Issue # 314, Pull # 513, Pull # 544, Pull # 573 - Added patches + gcc_size_t.patch (boo#1196804) ==== python-prettytable ==== Version update (2.5.0 -> 3.2.0) - Update to 3.2.0 * Drop support for EOL Python 3.6 (#152) @hugovk * Use tags to print html table titles (#160) @daibhid * Add colorful tables and themes (#140) @BD103 * Convert None to empty cell or custom value (#164) @av-guy * Resolve "KeyError" issue on _stringify_row (#167) @michal-jagiello-tmpl * Use concrete built-in exceptions instead of Exception base class (#169) @hugovk * Fix width for custom none_format (#174) @av-guy * Enforce max widths for field names (#171) @OlafvdSpek ==== python-pyrsistent ==== Version update (0.18.0 -> 0.18.1) - update to 0.18.1: * Add universal wheels for MacOS, thanks @ntamas for this! * Add support for Python 3.10, thanks @hugovk for this! * Fix #236 compilation errors under Python 3.10. * Drop official support for Python 3.6 since it's EOL since 2021-12-23. * Fix #238, failing doc tests on Python 3.11, thanks @musicinmybrain for this! ==== qemu ==== - Support the SGX feature (bsc#1197807) * Patches added: doc-Add-the-SGX-numa-description.patch numa-Enable-numa-for-SGX-EPC-sections.patch numa-Support-SGX-numa-in-the-monitor-and.patch - Backport CVE-2021-3929 (bsc#1193880) * Patches added: hw-nvme-fix-CVE-2021-3929.patch - The patches from upstream cause testsuit failures (bsc#1197150 bsc#1197528) * Patches added: Revert-python-iotests-replace-qmp-with-a.patch Revert-python-machine-add-instance-disam.patch Revert-python-machine-add-sock_dir-prope.patch Revert-python-machine-handle-fast-QEMU-t.patch Revert-python-machine-move-more-variable.patch Revert-python-machine-remove-_remove_mon.patch - Add missing patch from a PTFs (bsc#1194938) * Patches added: scsi-generic-check-for-additional-SG_IO-.patch - Kill downstream patches around bifmt handling that makes cumbersome to run multi-arch containers, and switch to the upstream behavior, which is well documented and valid on all other distros. This is possible thanks to Linux kernel commit 2347961b11d4 and QEMU commit 6e1c0d7b951e19c53 (so it can only work on Leap/SLE 15.4 and higher). (bsc#1197298) * Patches dropped: qemu-binfmt-conf.sh-allow-overriding-SUS.patch qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch - Fix update_git.sh wiping all the package file of the local checkout while cloning the git repository on demand (in case they don't exist and the user as to do so). - Improve test reliability * Patches added: Fix-the-module-building-problem-for-s390.patch tests-qemu-iotests-040-Skip-TestCommitWi.patch tests-qemu-iotests-testrunner-Quote-case.patch ==== rakkess ==== - Set GOARCH on riscv64 ==== runc ==== Version update (1.1.0 -> 1.1.1) - Update to runc v1.1.1. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.1. * runc run/start can now run a container with read-only /dev in OCI spec, rather than error out. (#3355) * runc exec now ensures that --cgroup argument is a sub-cgroup. (#3403) libcontainer systemd v2 manager no longer errors out if one of the files listed in /sys/kernel/cgroup/delegate do not exist in container's cgroup. (#3387, #3404) * Loosen OCI spec validation to avoid bogus "Intel RDT is not supported" error. (#3406) * libcontainer/cgroups no longer panics in cgroup v1 managers if stat of /sys/fs/cgroup/unified returns an error other than ENOENT. (#3435) ==== weave ==== - Add patch to fix compatibility with runtimes using cni >= 1.0.0 (boo#1197490, gh#weaveworks/weave#3936): * 0001-cni-Add-cniVersion-to-Result.patch