Packages changed:
ed (1.19 -> 1.20)
kernel-source (6.6.11 -> 6.7.1)
ncurses (6.4.20240113 -> 6.4.20240120)
pam (1.5.3 -> 1.6.0)
pam-full-src (1.5.3 -> 1.6.0)
=== Details ===
==== ed ====
Version update (1.19 -> 1.20)
- update to 1.20:
* New command-line options for jumping to a line number or match
* Improved handling of file names containing control characters
* Tweak workflow for fewer 'buffer modified' warnings
* Tilde expansion is now performed on file names
* Warn on modifying a buffer from a read-only file
* Create missing intermediate directories when writing to a file
* Documentation updates
- drop obsolete makeinfo marcos
==== kernel-source ====
Version update (6.6.11 -> 6.7.1)
- Linux 6.7.1 (bsc#1012628).
- mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval
(bsc#1012628).
- docs: kernel_feat.py: fix potential command injection
(bsc#1012628).
- scripts/decode_stacktrace.sh: optionally use LLVM utilities
(bsc#1012628).
- coresight: etm4x: Fix width of CCITMIN field (bsc#1012628).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (bsc#1012628).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate
(bsc#1012628).
- parport: parport_serial: Add Brainboxes device IDs and geometry
(bsc#1012628).
- parport: parport_serial: Add Brainboxes BAR details
(bsc#1012628).
- uio: Fix use-after-free in uio_open (bsc#1012628).
- binder: fix comment on binder_alloc_new_buf() return value
(bsc#1012628).
- binder: fix trivial typo of binder_free_buf_locked()
(bsc#1012628).
- binder: fix use-after-free in shinker's callback (bsc#1012628).
- binder: use EPOLLERR from eventpoll.h (bsc#1012628).
- Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
(bsc#1012628).
- ksmbd: free ppace array on error in parse_dacl (bsc#1012628).
- ksmbd: don't allow O_TRUNC open on read-only share
(bsc#1012628).
- drm/amd/display: Pass pwrseq inst for backlight and ABM
(bsc#1012628).
- bus: moxtet: Add spi device table (bsc#1012628).
- bus: moxtet: Mark the irq as shared (bsc#1012628).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
(bsc#1012628).
- ALSA: hda: cs35l41: Support more HP models without _DSD
(bsc#1012628).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360
13-ay0xxx (bsc#1012628).
- ALSA: hda/realtek: enable SND_PCI_QUIRK for Lenovo Legion Slim
7 Gen 8 (2023) serie (bsc#1012628).
- ALSA: hda: Add driver properties for cs35l41 for Lenovo Legion
Slim 7 Gen 8 serie (bsc#1012628).
- ALSA: hda: cs35l41: Prevent firmware load if SPI speed too low
(bsc#1012628).
- ALSA: hda: cs35l41: Support additional Dell models without _DSD
(bsc#1012628).
- ALSA: hda/realtek: Add quirks for Dell models (bsc#1012628).
- f2fs: explicitly null-terminate the xattr list (bsc#1012628).
- commit b2e8ed6
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c)
(fix build and make it faster).
- Delete
patches.rpmify/Revert-minmax-allow-comparisons-of-int-against-unsig.patch.
- Delete
patches.rpmify/Revert-minmax-allow-min-max-clamp-if-the-arguments-h.patch.
- Delete
patches.rpmify/Revert-minmax-fix-indentation-of-__cmp_once-and-__cl.patch.
- Delete
patches.rpmify/Revert-minmax-relax-check-to-allow-comparison-betwee.patch.
Replace the reverts by an upstream workaround.
- commit 9bff21f
- mm: huge_memory: don't force huge page alignment on 32 bit
(bsc#1218841).
- Delete
patches.suse/Revert-mm-align-larger-anonymous-mappings-on-THP-bou.patch.
Replace the revert by an upstream fix.
- commit d54abef
- Update patches.suse/futex-Avoid-reusing-outdated-pi_state.patch
(bsc#1218801).
Update to v2.
- commit eeba83a
- Revert "mm: align larger anonymous mappings on THP boundaries"
(bsc#1218841).
- commit 69537e9
- futex: Avoid reusing outdated pi_state (bsc#1218841).
- commit 9859079
==== ncurses ====
Version update (6.4.20240113 -> 6.4.20240120)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20240120
+ improve formatting/style of manpages (patches by Branden Robinson).
+ amend discussion of aliases in tput.1
+ use ansi+sgrbold, ansi+sgrdim, ansi+sgrso, ansi+sgrul, ansi+tabs
ecma+color, ecma+sgr, vt100+4bsd, vt100+pfkeys, vt220+pcedit
xterm+256color, xterm+acs, xterm+nopcfkeys, xterm+pcf2 to trim -TD
+ modify configure scripts/makefiles to omit KEY_RESIZE if the
corresponding SIGWINCH feature is disabled.
==== pam ====
Version update (1.5.3 -> 1.6.0)
- Add post 1.6.0 release fixes for pam_env and pam_unix:
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-fix_vendordir.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
- Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
- build: fixed build outside of the source tree.
- libpam: added use of getrandom(2) as a source of randomness if available.
- libpam: fixed calculation of fail delay with very long delays.
- libpam: fixed potential infinite recursion with includes.
- libpam: implemented string to number conversions validation when parsing
controls in configuration.
- pam_access: added quiet_log option.
- pam_access: fixed truncation of very long group names.
- pam_canonicalize_user: new module to canonicalize user name.
- pam_echo: fixed file handling to prevent overflows and short reads.
- pam_env: added support of '\' character in environment variable values.
- pam_exec: allowed expose_authtok for password PAM_TYPE.
- pam_exec: fixed stack overflow with binary output of programs.
- pam_faildelay: implemented parameter ranges validation.
- pam_listfile: changed to treat \r and \n exactly the same in configuration.
- pam_mkhomedir: hardened directory creation against timing attacks.
- Please note that using *at functions leads to more open file handles
during creation.
- pam_namespace: fixed potential local DoS (CVE-2024-22365).
- pam_nologin: fixed file handling to prevent short reads.
- pam_pwhistory: helper binary is now built only if SELinux support is
enabled.
- pam_pwhistory: implemented reliable usernames handling when remembering
passwords.
- pam_shells: changed to allow shell entries with absolute paths only.
- pam_succeed_if: fixed treating empty strings as numerical value 0.
- pam_unix: added support of disabled password aging.
- pam_unix: synchronized password aging with shadow.
- pam_unix: implemented string to number conversions validation.
- pam_unix: fixed truncation of very long user names.
- pam_unix: corrected rounds retrieval for configured encryption method.
- pam_unix: implemented reliable usernames handling when remembering
passwords.
- pam_unix: changed to always run the helper to obtain shadow password
entries.
- pam_unix: unix_update helper binary is now built only if SELinux support
is enabled.
- pam_unix: added audit support to unix_update helper.
- pam_userdb: added gdbm support.
- Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
- The following patches are obsolete with the update:
- pam_access-doc-IPv6-link-local.patch
- pam_access-hostname-debug.patch
- pam_shells-fix-econf-memory-leak.patch
- pam_shells-fix-econf-memory-leak.patch
- disable-examples.patch
- pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS
is no longer used.
==== pam-full-src ====
Version update (1.5.3 -> 1.6.0)
- Add post 1.6.0 release fixes for pam_env and pam_unix:
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-fix_vendordir.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
- Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
- build: fixed build outside of the source tree.
- libpam: added use of getrandom(2) as a source of randomness if available.
- libpam: fixed calculation of fail delay with very long delays.
- libpam: fixed potential infinite recursion with includes.
- libpam: implemented string to number conversions validation when parsing
controls in configuration.
- pam_access: added quiet_log option.
- pam_access: fixed truncation of very long group names.
- pam_canonicalize_user: new module to canonicalize user name.
- pam_echo: fixed file handling to prevent overflows and short reads.
- pam_env: added support of '\' character in environment variable values.
- pam_exec: allowed expose_authtok for password PAM_TYPE.
- pam_exec: fixed stack overflow with binary output of programs.
- pam_faildelay: implemented parameter ranges validation.
- pam_listfile: changed to treat \r and \n exactly the same in configuration.
- pam_mkhomedir: hardened directory creation against timing attacks.
- Please note that using *at functions leads to more open file handles
during creation.
- pam_namespace: fixed potential local DoS (CVE-2024-22365).
- pam_nologin: fixed file handling to prevent short reads.
- pam_pwhistory: helper binary is now built only if SELinux support is
enabled.
- pam_pwhistory: implemented reliable usernames handling when remembering
passwords.
- pam_shells: changed to allow shell entries with absolute paths only.
- pam_succeed_if: fixed treating empty strings as numerical value 0.
- pam_unix: added support of disabled password aging.
- pam_unix: synchronized password aging with shadow.
- pam_unix: implemented string to number conversions validation.
- pam_unix: fixed truncation of very long user names.
- pam_unix: corrected rounds retrieval for configured encryption method.
- pam_unix: implemented reliable usernames handling when remembering
passwords.
- pam_unix: changed to always run the helper to obtain shadow password
entries.
- pam_unix: unix_update helper binary is now built only if SELinux support
is enabled.
- pam_unix: added audit support to unix_update helper.
- pam_userdb: added gdbm support.
- Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
- The following patches are obsolete with the update:
- pam_access-doc-IPv6-link-local.patch
- pam_access-hostname-debug.patch
- pam_shells-fix-econf-memory-leak.patch
- pam_shells-fix-econf-memory-leak.patch
- disable-examples.patch
- pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS
is no longer used.