Packages changed: MicroOS-release (20240911 -> 20240912) containerd (1.7.21 -> 1.7.22) curl (8.9.1 -> 8.10.0) libbpf (1.4.5 -> 1.4.6) python-greenlet (3.0.3 -> 3.1.0) selinux-policy (20240905 -> 20240912) suse-module-tools (16.0.50 -> 16.0.51) zypp-boot-plugin (0.0.11 -> 0.0.12) === Details === ==== MicroOS-release ==== Version update (20240911 -> 20240912) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== containerd ==== Version update (1.7.21 -> 1.7.22) - Update to containerd v1.7.22. Upstream release notes: - Bump minimum Go version to 1.22. - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch ==== curl ==== Version update (8.9.1 -> 8.10.0) Subpackages: libcurl4 - Update to version 8.10.0: * Security fixes: - [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS * Changes: - curl: make --rate accept "number of units" - curl: make --show-headers the same as --include - curl: support --dump-header % to direct to stderr - curl: support embedding a CA bundle and --dump-ca-embed - curl: support repeated use of the verbose option; -vv etc - curl: use libuv for parallel transfers with --test-event - vtls: stop offering alpn http/1.1 for http2-prior-knowledge * Bugfixes: - curl: allow 500MB data URL encode strings - curl: warn on unsupported SSL options - Curl_rand_bytes to control env override - curl_sha512_256: fix symbol collisions with nettle library - dist: fix reproducible build from release tarball - http2: fix GOAWAY message sent to server - http2: improve rate limiting of downloads - INSTALL.md: MultiSSL and QUIC are mutually exclusive - lib: add eos flag to send methods - lib: make SSPI global symbols use Curl_ prefix - lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name - lib: remove the final strncpy() calls - lib: remove use of RANDOM_FILE - Makefile.mk: fixup enabling libidn2 - max-filesize.md: mention zero disables the limit - mime: avoid inifite loop in client reader - ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks - openssl quic: fix memory leak - openssl: certinfo errors now fail correctly - openssl: fix the data race when sharing an SSL session between threads - openssl: improve shutdown handling - POP3: fix multi-line responses - pop3: use the protocol handler ->write_resp - progress: ratelimit/progress tweaks - rand: only provide weak random when needed - sectransp: fix setting tls version - setopt: make CURLOPT_TFTP_BLKSIZE accept bad values - sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL - sigpipe: init the struct so that first apply ignores - smb: convert superflous assign into assert - smtp: add tracing feature - spnego_gssapi: implement TLS channel bindings for openssl - src: delete `curlx_m*printf()` aliases - ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) - tool_operhlp: fix "potentially uninitialized local variable 'pc' used" - tool_paramhlp: bump maximum post data size in memory to 16GB - transfer: skip EOS read when download done - url: fix connection reuse for HTTP/2 upgrades - urlapi: verify URL *decoded* hostname when set - urldata: introduce `data->mid`, a unique identifier inside a multi - vtls: add SSLSUPP_CIPHER_LIST - vtls: fix static function name collisions between TLS backends - vtls: init ssl peer only once - websocket: introduce blocking sends - ws: flags to opcodes should ignore CURLWS_CONT flag - x509asn1: raise size limit for x509 certification information * Remove curl-sigpipe.patch upstream * Rebase curl-secure-getenv.patch ==== libbpf ==== Version update (1.4.5 -> 1.4.6) - update to 1.4.6: * BPF skeleton forward compatibility fix (f6f2402); * BTF endianness inheritance bug fix (fe28fae). ==== python-greenlet ==== Version update (3.0.3 -> 3.1.0) - Update to 3.1.0 * Adds support for Python 3.13. * Greatly reduce the chances for crashes during interpreter shutdown. * Support for the following platforms was contributed by the community. Note that they are untested by this project's continuous integration services. + Hitachi's SuperH CPU + NetBSD on PowerPC + RISC-V with -fno-omit-frame-pointer - Drop port-to-python313.patch, merged upstream ==== selinux-policy ==== Version update (20240905 -> 20240912) Subpackages: selinux-policy-targeted - Update to version 20240912: * Allow systemd_ibft_rule_generator_t to create udev_rules_t dirs (bsc#1230011) * Allow systemd_udev_trigger_generator_t list and read sysctls (bsc#1230315) * Initial policy for udev-trigger-generator (bsc#1230315) - Update to version 20240910: * Allow init_t mount syslog socket (bsc#1230134) * Allow init_t create syslog files (bsc#1230134) * Introduce initial policy for btrfs-soft-reboot-generator (bsc#1230134) ==== suse-module-tools ==== Version update (16.0.50 -> 16.0.51) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.51: * Improve handling of /boot/vmlinuz and /boot/initrd symlinks (boo#1207703) * Add preliminary support for mkosi-initrd * spec file: remove redundant dependency on sdbootutil ==== zypp-boot-plugin ==== Version update (0.0.11 -> 0.0.12) - Update to version 0.0.12: * Added selinux-policy and systemd-boot to hard reboot list.