Removed rpms ============ - cura-engine-lulzbot - hdf5_1_10_11-gnu-openmpi2-hpc - hdf5_1_10_11-gnu-openmpi2-hpc-devel - hdf5_1_10_11-gnu-openmpi2-hpc-devel-static - hdf5_1_10_11-gnu-openmpi2-hpc-module - kernel-livepatch-6_4_0-150600_17-default - libKF5Auth5-32bit - libfcitx-4_2_9-32bit - libhdf5_1_10_11-gnu-openmpi2-hpc - libhdf5_cpp_1_10_11-gnu-openmpi2-hpc - libhdf5_fortran_1_10_11-gnu-openmpi2-hpc - libhdf5_hl_1_10_11-gnu-openmpi2-hpc - libhdf5_hl_cpp_1_10_11-gnu-openmpi2-hpc - libhdf5hl_fortran_1_10_11-gnu-openmpi2-hpc - libzrtpcpp-devel - libzrtpcpp4 - rabbitmq-server-bash-completion - rabbitmq-server-zsh-completion - twinkle Added rpms ========== - pipewire-spa-plugins-0_2-jack - registries-conf-default - registries-conf-suse Package Source Changes ====================== OpenBoard +- update to release version 1.7.1 +- remove upstreamed patches + * remove 0830-cmake-community-builds.patch + * remove 9686-cmake-add-shortcut-manager.patch +- update patch to match updated sources + * replace 0686-shortcut-configuration.patch by 0955-shortcut-configuration.patch + bcc +- Fix incorrect offset calculation when consecutive bitfields are + present (bsc#1219096) + * add fix-alignment-issue-on-x86_64-due-to-consecutive-bit.patch + desktop-translations +- Update to version 84.87.20240503.9343de5: + * Update for SLES 15 SP6 RC / Leap 15.6 RC poo#131735 + * Manually remove further invalid character occurances + * Fix Browse C:\ drive incorrect escaping + +- Update to version 84.87.20240502.b932b7c: + * Add download_data_from_download-o-o.sh + * Added translation using Weblate (Latvian) + * Disable appstream and polkit extraction + * Leap 15.6 desktop-file-translations + * Translated using Weblate (Arabic) + * Translated using Weblate (Catalan) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Croatian) + * Translated using Weblate (Czech) + * Translated using Weblate (Dutch) + * Translated using Weblate (English (United Kingdom)) + * Translated using Weblate (Finnish) + * Translated using Weblate (German) + * Translated using Weblate (Greek) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Italian) + * Translated using Weblate (Japanese) + * Translated using Weblate (Latvian) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Polish) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Russian) + * Translated using Weblate (Serbian (latin) (sr@latin)) + * Translated using Weblate (Slovak) + * Translated using Weblate (Swedish) + * Translated using Weblate (Turkish) + +- Update to version 84.87.20230410.dc72281: + * Translated using Weblate (Latvian) + * Translated using Weblate (Latvian) + * Translated using Weblate (German) + * Translated using Weblate (Polish) + * Translated using Weblate (Polish) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Finnish) + * Translated using Weblate (Polish) + * Translated using Weblate (Polish) + * Translated using Weblate (Polish) + * Translated using Weblate (Polish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Persian) + * Translated using Weblate (Persian) + * Translated using Weblate (Czech) + * Translated using Weblate (Czech) + * Translated using Weblate (Czech) + * Translated using Weblate (Czech) + * Translated using Weblate (Czech) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + distrobox +- Update to version 1.7.2.1 + + changes from 1.7.2.1 + * chore(init): Add sudo to Wolfi (#1375) + * Add fedora toolbox 40 to list of compatible images (#1377) + * init: fix setting empty DISPLAY variable, breaking gpg + + changes from 1.7.2 + * all: properly handle env vars and configs in all commands + (#1328) + * chore: bump CI actions, minor fixes to README and other + files (#1345) + * docs: Specify that distrobox is in the extra repo (#1316) + * docs: Support latest alpine (#1341) + * docs: Update copyright in footer (#1365) + * docs: Update useful_tips.md (#1330) + * enter: make log_timestamp date format universally + compatible (#1343) + * export: cancel export when trying to delete (#1340) + * export: consider only absolute candidate icon paths that + exist (#1318) + * init: Support musl variant of Void Linux (#1327) + * init: add explicit creation of /etc/fish/conf.d (#1348) + * init: massively speed up apt/pacman/xbps deps install (#1324) + * install: use more portable install(1) arguments (#1364) + * CI: fix hostname test + * CI: try to ensure enough disk space + * CI: use shell-funcheck + * all: improve function docs + * assemble: add custom hostname support + * create: fix regression with rootless runc 1.20~rc1 (#1359) + * docs: add Slackware 15 (#1357) + * docs: move upgrading instruction a bit more ahead (#1342) + * docs: update xhost command to be silent (#1350) + * enter: Fix support for Active Directory usernames including + backslashes (#1360) + * enter: fix regression in fish shell login with initful + systems + * enter: fix typo in command generation (#1331) + * export: fix duplicate extra_flags (#1311) + * export: use different symbol for IFS (#1351) + * init, create: use $CONTAINER_ID to distinguish container's + prompts. Use host's hostname by default. + * init: ensure fish config is sourced only on interactive + shell (#1292) + * init: fix endless hook append (#1320) + * init: fix performance regression in skel file setup (#1317) + * init: forward wayland display only if it is set + * rm: revert 22bc081, simplify removal of exported + app/bins (#1301) + +- Update to 1.7.1 + * all: ensure no side effects on global variables + * create the binary export path if it doesn't exist (#1291) + * docs: Add info on upgrading package on steamdeck (#1271) + * docs: remove extra ` from xhost command by (#1284) + * enter: Add option to run with clean PATH (#1299) + * fix: missing .fifo logfile in distrobox-enter (#1307) + * init: ignore findmnt error in routine remounting (#1289) (#1296) + * init: mask suspend/hibernate/hybrid-sleep + * init: massively speed up apk deps install by @JamiKettunen in (#1298) + * rm: do not block container removal if we cannot start it + +- Update to current git version in order to include the code that + fixes the problem of ImageMagick not being able to resize the + icons dynamically. This means including the following commits: + * install: fix linting + * assemble: fix regression in file reading + * chore: fix typo (#1283) + * install: fix installation script (#1282) + * install: add fixed resolution png icons for use on desktops (#1280) + * Update install (#1278) + +- Update to 1.7.0.1 + * install: fix version + * distrobox-generate-entry: respect DBX_CONTAINER_MANAGER variable + * distrobox-init: do not fail if locale cannot be set by + * Don't create empty XAUTH* variables. + * Add DISTROBOX_EXPORT_PATH env var for distrobox-export. + * distrobox-init: use "zypper se --match-exact" (instead of "zypper se -x") + * init: better detection of file watching trigger + * enter: fix shell when entering initful container after + * export: fix quotes arount exported binary path + * upgrade: fix execution with new enter behavior + * enter: do not use a shell when executing a custom command + * export: fix execution of binaries with spaces in the name + * rm: do not fail if no exports are found + +- Removed: + * 0001-Fix-systemd-init-container-startup-1069.patch +- Update to 1.7.0 + * added --enter-flags to distrobox-export to specify additional + distrobox flags to use when entering + * added --hostname flag to distrobox-create so you can choose a + different hostname than the box name + * added --unshare-groups to distrobox-create to allow unsharing + user's additional groups inside the container + * better login shell management + * better systemd support for initful containers + * fixed multiple bins and apps exports declaration in assemble + * improved NVidia support + * improved Wolfi container support + * improved rootful containers support for exported graphical apps + * improved terminfo support + * new distrobox-export --list-apps and --list-binaries to show + exported apps and binaries + +- Add flatpak as a dependency, as we need it for distrobox-host-exec + to work properly (bsc#1220037) + +- Add 0001-Fix-systemd-init-container-startup-1069.patch: + * run podman exec command as root since some distros would ask + for user password when using su to login even though the user + has no password in /etc/shadow + * fix pam_systemd not being checked for su + dracut +- Update to version 059+suse.521.g8412a1c0: + * fix(suse-initrd): clean return of installkernel() (bsc#1223467) + +- Update to version 059+suse.519.g3edf43b4: + * chore(suse): remove obsolete fillup template (bsc#1223467) + dtb-aarch64 +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + elixir -- Use pregenerated documentation - -- Switch from %patch0 to %autosetup - -- Update to Elixir 1.15.7: - * Fix build for Erlang 26 - * Changelog available at https://hexdocs.pm/elixir/1.15.7/changelog.html -- Add 0001-Use-PID-valid-for-32-bit-systems-closes-12741.patch: - * Fix build for 32bit -- Add 0001-Use-PID-valid-for-32-bit-systems-followup-to-12741-1.patch: - * Fix build for 32bit - -- Add _multibuild to define 2nd spec file as additional flavor. - Eliminates the need for source package links in OBS. - -- Drop git as a requires and switch buildrequires from git to git-core - * Git is not needed to use Elixir, only to run some tests - (which git-core can accomplish on its own without git) - -- Elixir 1.14.2 - * 1. Enhancements - Elixir - [Code] Add Code.eval_quoted_with_env/4 with support for the :prune_binding option - ExUnit - [ExUnit.Case] Allow test cases to not be registered on use - [ExUnit.DocTest] Include :doctest and :doctest_line as meta tags - [ExUnit.Formatter] Expose ExUnit.Formatter.format_assertion_diff/4 - Mix - [Mix] Mix.install/2 accepts atoms as paths - * 2. Bug fixes - Elixir - [Code.Formatter] Fix size*unit shortcut in bitstring - [Kernel] Generate unique variables for macro expansion of defguard - [Protocol] Expand :for in protocols with the appropriate env - ExUnit - [ExUnit] Do not run duplicate cases on ExUnit.run/1 - Mix - [mix test] Ensure proper error message when there is no test directory -- Elixir 1.14.1 - * 1. Enhancements - Elixir - [Kernel] Perform partial expansion of literals in module attributes - [Kernel] Do not add compile-time dependencies for literals as defaults in Application.compile_env/3 inside module attributes - [Macro] Add Macro.expand_literals/2 and Macro.expand_literals/3 - [System] Add :close_stdin to System.shell/2 - Mix - [mix test] Accept --all-warnings option - * 2. Bug fixes - Elixir - [Kernel] Fix misleading warning when :uniq is given in for comprehensions and the result is unused - [Kernel] Improve error message for when there is a conflicting struct and ignoring module conflict - [Kernel] Do not delete @enforce_keys attribute after defstruct declaration - [Kernel] Do not crash the checker on modules with missing :debug_info chunk - [Macro] Fix error in Macro.to_string/2 when converting an AST with :erlang.binary_to_atom/2 - [String] Fix String.split/3 and String.next_grapheme/1 returning invalid results on invalid UTF-8 encoding - [System] Do not close stdin by default in System.shell/2 - [URI] Do not return uri.port as :undefined in certain cases in URI.new/1 - ExUnit - [ExUnit.DocTest] Do not crash when both :moduledoc and functions are specified in :only - IEx - [CLI] Fix invalid argument handling when --no-pry is given - Mix - [mix format] Do not cache inputs from .formatter.exs so they are properly re-evaluted on every call - -- Elixir 1.14 - * 1. Enhancements - EEx - [EEx] Support multi-line comments to EEx via <%!-- --%> - [EEx] Add EEx.tokenize/2 - Elixir - [Access] Add Access.slice/1 - [Application] Add Application.compile_env/4 and Application.compile_env!/3 to read the compile-time environment inside macros - [Calendar] Support ISO8601 basic format parsing with DateTime.from_iso8601/2 - [Calendar] Add day/hour/minute on add/diff across different calendar modules - [Code] Add :normalize_bitstring_modifiers to Code.format_string!/2 - [Code] Emit deprecation and type warnings for invalid options in on Code.compile_string/2 and Code.compile_quoted/2 - [Code] Warn if an outdated lexical tracker is given on eval - [Code] Add Code.env_for_eval/1 and Code.eval_quoted_with_env/3 - [Code] Improve stacktraces from eval operations on Erlang/OTP 25+ - [Code.Fragment] Add support for __MODULE__ in several functions - [Code.Fragment] Support surround and context suggestions across multiple lines - [Enum] Allow slicing with steps in Enum.slice/2 - [File] Support dereference_symlinks: true in File.cp/3 and File.cp_r/3 - [Float] Do not show floats in scientific notation if below 1.0e16 and the fractional value is precisely zero - [Float] Add Float.min_finite/0 and Float.max_finite/0 - [Inspect] Improve error reporting when there is a faulty implementation of the Inspect protocol - [Inspect] Allow :optional when deriving the Inspect protocol for hiding fields that match their default value - [Inspect] Inspect struct fields in the order they are declared in defstruct - [Inspect] Use expression-based inspection for Date.Range, MapSet, and Version.Requirement - [IO] Support Macro.Env and keywords as stacktrace definitions in IO.warn/2 - [IO] Add IO.ANSI.syntax_colors/0 and related configuration to be shared across IEx and dbg - [Kernel] Add new dbg/0-2 macro - [Kernel] Allow any guard expression as the size of a bitstring in a pattern match - [Kernel] Allow composite types with pins as the map key in a pattern match - [Kernel] Print escaped version of control chars when they show up as unexpected tokens - [Kernel] Warn on confusable non-ASCII identifiers - [Kernel] Add .. as a nullary operator that returns 0..-1//1 - [Kernel] Implement Unicode Technical Standard #39 recommendations. In particular, we warn for confusable scripts and restrict identifiers to single-scripts or highly restrictive mixed-scripts - [Kernel] Automatically perform NFC conversion of identifiers - [Kernel] Add binary_slice/2 and binary_slice/3 - [Kernel] Lazily expand module attributes to avoid compile-time deps - [Kernel] Automatically cascade generated: true annotations on macro expansion - [Keyword] Add Keyword.from_keys/2 and Keyword.replace_lazy/3 - [List] Add List.keysort/3 with support for a sorter function - [Macro] Add Macro.classify_atom/1 and Macro.inspect_atom/2 - [Macro] Add Macro.expand_literal/2 and Macro.path/2 - [Macro.Env] Add Macro.Env.prune_compile_info/1 - [Map] Add Map.from_keys/2 and Map.replace_lazy/3 - [MapSet] Add MapSet.filter/2, MapSet.reject/2, and MapSet.symmetric_difference/2 - [Node] Add Node.spawn_monitor/2 and Node.spawn_monitor/4 - [Module] Support new @after_verify attribute for executing code whenever a module is verified - [PartitionSupervisor] Add PartitionSupervisor that starts multiple isolated partitions of the same child for scalability - [Path] Add Path.safe_relative/1 and Path.safe_relative_to/2 - [Registry] Add Registry.count_select/2 - [Stream] Add Stream.duplicate/2 and Stream.transform/5 - [String] Support empty lookup lists in String.replace/3, String.split/3, and String.splitter/3 - [String] Allow slicing with steps in String.slice/2 - [Task] Add :zip_input_on_exit option to Task.async_stream/3 - [Task] Store :mfa in the Task struct for reflection purposes - [URI] Add URI.append_query/2 - [Version] Add Version.to_string/1 - [Version] Colorize Version.Requirement source in the Inspect protocol - ExUnit - [ExUnit] Add ExUnit.Callbacks.start_link_supervised!/2 - [ExUnit] Add ExUnit.run/1 to rerun test modules - [ExUnit] Colorize summary in yellow with message when all tests are excluded - [ExUnit] Display friendly error when test name is too long - IEx - [IEx] Evaluate --dot-iex line by line - [IEx] Add line-by-line evaluation of IEx breakpoints - [IEx.Autocomplete] Autocomplete bitstrings modifiers (after :: inside <<...>>) - [IEx.Helpers] Allow an atom to be given to pid/1 - [IEx.Helpers] Support sigils in h/1 - Logger - [Logger] Add Logger.put_process_level/2 - Mix - [Mix] Add :config_path and :lockfile options to Mix.install/2 - [mix compile] Add --no-optional-deps to skip optional dependencies to test compilation works without optional dependencies - [mix compile] Include column information on error diagnostics when possible - [mix deps] Mix.Dep.Converger now tells which deps formed a cycle - [mix do] Support --app option to restrict recursive tasks in umbrella projects - [mix do] Allow using + as a task separator instead of comma - [mix format] Support filename in mix format - when reading from stdin - [mix format] Compile if mix format plugins are missing - [mix new] Do not allow projects to be created with application names that conflict with multi-arg Erlang VM switches - [mix profile] Return the return value of the profiled function - [mix release] Make BEAM compression opt-in - [mix release] Let :runtime_config_path accept false to skip the config/runtime.exs - [mix test] Improve error message when suite fails due to coverage - [mix test] Support :test_elixirc_options and default to not generating docs nor debug info chunk for tests - [mix xref] Support --group flag in mix xref graph - * 2. Bug fixes - Elixir - [Calendar] Handle widths with "0" in them in Calendar.strftime/3 - [CLI] Improve errors on incorrect --rpc-eval usage - [CLI] Return proper exit code on Windows - [Code] Do not emit warnings when formatting code - [Enum] Allow slices to overflow on both starting and ending positions - [Kernel] Do not allow restricted characters in identifiers according to UTS39 - [Kernel] Define __exception__ field as true when expanding exceptions in typespecs - [Kernel] Warn if any of True, False, and Nil aliases are used - [Kernel] Warn on underived @derive attributes - [Kernel] Remove compile-time dependency from defimpl :for - [Kernel] Track all arities on imported functions - [Kernel] Fix equality in guards for dynamic ranges without steps - [Module] Fix loop while unifying type variables - [Protocol] Warn if a protocol has no definitions - [Regex] Show list options when inspecting a Regex manually defined with Regex.compile/2 - [String] Allow slices to overflow on both starting and ending positions - [System] Raise non-generic exception on missing env in System.fetch_env!/1 to mirror map operations - ExUnit - [ExUnit] Do not crash when diffing unknown bindings in guards - [ExUnit] Properly print diffs when comparing improper lists with strings at the tail position - [ExUnit] Add short hash to tmp_dir in ExUnit to avoid test name collision - [ExUnit] Do not store logs in the CLI formatter (this reduces memory usage for suites with capture_log) - [ExUnit] Run ExUnit.after_suite/1 callback even when no tests run - [ExUnit] Fix scenario where setup with imported function from within describe failed to compile - IEx - [IEx] Disallow short-hand pipe after matches - [IEx] Fix exports/1 in IEx for long function names - Mix - [mix compile.elixir] Fix --warnings-as-errors when used with --all-warnings - [mix compile.elixir] Ensure semantic recompilation cascades to path dependencies - [mix compile.elixir] Lock the compiler to avoid concurrent usage - [mix format] Do not add new lines if the formatted file is empty - [mix format] Properly compile dependencies on mix format - [mix release] Only set RELEASE_MODE after env.{sh,bat} are executed - [mix release] Allow application mode configuration to cascade to dependencies - [mix xref] Do not emit already consolidated warnings during mix xref trace - [Mix] Do not start apps with runtime: false on Mix.install/2 - * 3. Soft deprecations (no warnings emitted) - Elixir - [File] Passing a callback as third argument to File.cp/3 and File.cp_r/3 is deprecated. - Instead pass the callback the :on_conflict key of a keyword list - EEx - [EEx] Using <%# ... %> for comments is deprecated. Please use <% # ... %> or the new multi-line comments with <%!-- ... --%> - Logger - [Logger] Deprecate Logger.enable/1 and Logger.disable/1 in favor of Logger.put_process_level/2 - Mix - [mix cmd] The --app option in mix cmd CMD is deprecated in favor of the more efficient mix do --app app cmd CMD - * 4. Hard deprecations - Elixir - [Application] Calling Application.get_env/3 and friends in the module body is now discouraged, use Application.compile_env/3 instead - [Bitwise] use Bitwise is deprecated, use import Bitwise instead - [Bitwise] ~~~ is deprecated in favor of bnot for clarity - [Kernel.ParallelCompiler] Returning a list or two-element tuple from :each_cycle is deprecated, return a {:compile | :runtime, modules, warnings} tuple instead - [Kernel] Deprecate the operator <|> to avoid ambiguity with upcoming extended numerical operators - [String] Deprecate passing a binary compiled pattern to String.starts_with?/2 - Logger - [Logger] Deprecate $levelpad on message formatting - Mix - [Mix] Mix.Tasks.Xref.calls/1 is deprecated in favor of compilation tracers - * 5. Backwards incompatible changes - Mix - [mix local.rebar] Remove support for rebar2, which has not been updated in 5 years, and is no longer supported on recent Erlang/OTP versions - -- Elixir 1.13.4 - * 1. Enhancements - Elixir - [Code] Allow iodata to be returned in sigil formatting functions - [Code] Pass opening delimiter information to sigil formatting functions - * 2. Bug fixes - Elixir - [Kernel] Tweak type unification to fix infinite loop with recursive vars - [Kernel] Add compile-time dependencies on require - [Registry] Make Registry send work with named triplets - * 3. Deprecations - Mix - [mix rebar] Deprecate Rebar 2 as it no longer works on Erlang/OTP 25 - -- Elixir 1.13.3 - * 1. Enhancements - Mix - [mix format] Supply file and line to formatter plugins - [mix format] Support embedded Elixir expressions inside formatter plugins - * 2. Bug fixes - Elixir - [Code] Fix duplicate bindings causing errors during evaluation - [Kernel] Make sure signatures stored in the Documentation chunk does not contain newlines - [Kernel] Fix infinite loop when compiling guards with recursive map access - [Macro] Fix error on Macro.to_string/1 when the plain alias Elixir is given - [String] Fix error for certain codepoint combinations in String.split_at/2 - Mix - [mix compile] Recompile project files when exports from dependencies change - [mix test] Fix total coverage always showing in red even when above the threshold - -- Elixir 1.13.2 - * 1. Enhancements - Mix - [mix format] Allow plugins to also format .ex and .exs files - [mix release] Allow bypassing application mode validation in release spec - [mix test] Print a message when the suite fails due to the coverage threshold - * 2. Bug fixes - Elixir - [Code] Do not emit warnings on Code.Fragment.container_cursor_to_quoted/2 - [Kernel] Fix a crash when a for-comprehension with :uniq was used inside another comprehension with :uniq - [Kernel] Ensure env.context_modules is properly set inside optimized defmodule - [Keyword] Deprecate the recently added Keyword.map/2 as it is equivalent to Keyword.new/2 - [Map] Deprecate the recently added Map.map/2 as it is equivalent to Map.new/2 - [Protocol] Warn on zero arity callbacks inside protocols - -- Elixir 1.13.1 - * 1. Bug fixes - Elixir - [Code] Do not show code snippets in `SyntaxError` and `TokenMissingError` if line is empty - [Exception] Do not fail blaming `ArgumentError` for improper lists on `apply/3` - [Macro] Set a max `line_length` for `Macro.to_string/1` - [Macro] Fix formatting of lists on module attributes for `Macro.to_string/1` - [String] Fix incorrect codepoint byte counting in `slice` with negative positions in ranges - [Task] Ensure async streams can be consumed from another process than the one that creates them - [URI] Undeprecate `URI.parse/1` as `URI.new/1` is too strict in many common cases - [URI] Make sure `URI.new/1` returns nil for empty paths - IEx - [IEx] Make sure the `--version` flag halts IEx - Mix - [Mix] Make protocol consolidation part of the `Mix.install/2` cache - -- Elixir 1.13.0 - * Enhancements - EEx - [EEx] Add `:parser_options` to EEx functions - Elixir - [Calendar] Add `c:Calendar.year_of_era/3` to support calendars where the beginning of a new era does not align with - the beginning of a new year - [CLI] Support `--short-version` on the CLI that does not boot the VM - [Code] Add `Code.string_to_quoted_with_comments/2` and `Code.quoted_to_algebra/2` - [Code] Add more `:token_metadata` to aliases and remote calls when parsing strings - [Code] Add `Code.Fragment` module to provide best-effort information from code fragments. - The module currently provides an updated `Code.Fragment.cursor_context/2` with operator support and - `Code.Fragment.surround_context/2` which looks at a given position in a fragment and find its surrounding delimiters - [Code] Allow custom sigil formatting on `Code.format_string!/2` - [Code] Add `{:on_module, bytecode, :none}` trace to compilation tracers - [Enum] Optimize `Enum.concat/1` for lists of lists - [Enum] Add `Enum.slide/3` - [Exception] Better format Elixir exceptions in Erlang - [Inspect] Allow default inspect fun to be set globally with `Inspect.Opts.default_inspect_fun/1` - [IO] Allow `:eof` to be given as limit to `IO.getn/2` - [Kernel] Support the `:sigils` option in `import Mod, only: :sigils` and allow the sigil modifiers to be also digits - [Kernel] Make `get_in` consistently abort and return `nil` when `nil` values are found (previously Elixir would raise - an error in this case). This allows a user to use `get_in` as a safe navigation operator. - [Kernel] Improve compilation times by reducing the amount of copies of the AST across compiler processes - [Kernel] Raise if trying to define a module with a slash in its name - [Kernel] Warn when `?\` is used and there is no need for a escape character - [Kernel] Track structs in typespecs as export deps instead of compile-time deps - [Kernel] Add power operator (`**/2`) - [Keyword] Add `Keyword.validate/2` - [Keyword] Implement `Keyword.filter/2` and `Keyword.map/2` - [List] Add `List.keyfind!/3` - [Macro] Add `Macro.prewalker/1` and `Macro.postwalker/1` - [Macro.Env] Add the following reflection functions: `required?/2`, `lookup_import/2`, `fetch_alias/2`, and `fetch_macro_alias/2` - [Map] Implement `Map.filter/2` and `Map.map/2` - [Module] Support `:nillify_clauses` in `Module.get_definition/3` - [Module] Add `Module.attributes_in/1` and `Module.overridables_in/1` - [OptionParser] Add "did you mean?" suggestions to `OptionParser.ParseError` messages - [Record] Add record reflection via `@__records__` - [Task] Add `Task.completed/1` - [Task] Add `Task.ignore/1` to keep a task running but ignoring all of its results - [Task] Reduce the amount of copying `Task.async*` functions - [URI] Add `URI.new/1` and `URI.new!/1` - ExUnit - [ExUnit] Show hint if comparing different but equivalent strings - [ExUnit.CaptureIO] Add `with_io/3` to return result with captured io - [ExUnit.CaptureLog] Add `with_log/2` to return result with captured logs - IEx - [IEx.Autocomplete] Add path autocompletion whenever when the cursor follows `"./` or `"/` or `"DRIVER:` where - `DRIVER` is a single letter - [IEx.Autocomplete] Add autocompletion for sigils, struct names, and struct fields - [IEx.Helpers] Allow multiple modules to be given to `r/1` - Logger - [Logger] Add `Logger.put_application_level/2` - [Logger] Print all log levels in accordance to Erlang/OTP. This also means `[warn]` is now shown as `[warning]` - Mix - [Mix] Add `MIX_INSTALL_FORCE` environment variable support - [Mix] Support `:config` and `:system_env` in `Mix.install/2` - [Mix] Add `Mix.installed?/0` - [Mix.Shell] Add `:default` option to `Mix.Shell.yes?` - [mix archive.install] Run `loadconfig` before building archive - [mix compile] Move Elixir version check to before deps are compiled, in order to give feedback earlier - [mix compile.elixir] Do not recompile files if their modification time change but their contents are still the same and the .beam files are still on disk - [mix compile.elixir] Do not recompile all Elixir sources when Erlang modules change, only dependent ones - [mix compile.elixir] Do not recompile Elixir files if `mix.exs` changes, instead recompile only files using `Mix.Project` or trigger a recompilation if a compiler option changes - [mix compile.elixir] Only recompile needed files when a dependency is added, updated or removed - [mix compile.elixir] Only recompile needed files when a dependency is configured - [mix deps] Add `:subdir` option to git deps - [mix escript.install] Run `loadconfig` before building escript - [mix format] Support `:plugins` in `mix format` that can hook into custom extensions and sigils - [mix format] Add `Mix.Tasks.Format.formatter_for_file/2` - [mix local.rebar] No longer support `sub_dirs` in Rebar 2 to help migration towards Rebar 3 - [mix local.rebar] Support `--if-missing` option when installing Rebar - [mix local.rebar] Set `REBAR_PROFILE=prod` when compiling Rebar dependencies - [mix test] Support `--profile-require=time` to profile the time loading test files themselves - [mix test] Allow filtering modules from coverage using regex - [mix test] Allow the exit status of ExUnit to be configured and set the default to 2 - [mix test] Exit with a status of 3 when coverage falls below threshold - [mix test] Write failed manifest when suite fails due to --warnings-as-errors - [mix test] Ignore `MIX_TEST_PARTITION` when partitions set to 1 - [mix xref] Support multiple sinks and sources in `mix xref graph` - [mix xref] Add `trace` subcommand to print compilation dependencies between files - [mix xref] Add `--fail-above` option to `mix xref` - [mix xref] Add `--label compile-connected` to `mix xref` - * 2. Bug fixes - EEx - [EEx] Accept comments in EEx between do and the first clause - [EEx] Accept EEx expressions where `->` is followed by newline - Elixir - [Application] Allow any expression as first argument of `compile_env` - [Application] Warn if `Application.compile_env` or `Application.compile_env!` are called without a require - [Code] Make sure `:static_atoms_encoder` in `Code.string_to_quoted/2` also applies to quoted keyword keys - [Code] Ensure bindings with no context are returned as atoms instead of `{binding, nil}` in eval operations - [Inspect] Fix a bug when inspecting a non-binary bitstring with colors - [Kernel] Reject bidirectional formatting characters in strings and comments - [Kernel] Support escaping of terminators in uppercase sigils heredocs for consistency - [Kernel] Raise if `__CALLER__` or `__ENV__` or `__STACKTRACE__` are used in match - [Kernel] Improve error message on invalid argument for `byte_size` from binary concat - [Kernel] Raise when aliasing non-Elixir modules without `:as` - [Kernel] Allow `unquote_splicing` inside `%{...}` without parens - [Kernel] Ensure that waiting on a struct expansion inside a typespec is correctly tracked as waiting time in the compiler - [Kernel] Correctly parse the atom `.` as a keyword list key - [Kernel] Do not leak variables from the first generator in `with` and `for` special forms - [Kernel] Fix column number on strings with NFD characters - [Kernel] Fix a bug where a combination of dynamic line in `quote` with `unquote` of remote calls would emit invalid AST metadata - [OptionParser] Validate switch types/modifiers early on to give more precise feedback - [Protocol] Add `defdelegate` to the list of unallowed macros inside protocols as protocols do not allow function definitions - [Protocol] Warn if `@callback`, `@macrocallback` and `@optional_callbacks` are defined inside protocol - [Protocol] Ensure protocol metadata is deterministic on consolidation - [Range] Always show step when range is descending - [String] Update Unicode database to version 14.0 - [URI] Only percent decode if followed by hex digits (according to https://url.spec.whatwg.org/#percent-decode) - [Version] Ensure proper precedence of `and`/`or` in version requirements - ExUnit - [ExUnit] Fix formatter and counters from `ExUnit.run/0` to consider all tests in a module whenever if a module's `setup_all` fails - [ExUnit] Allow doctests newlines to be terminated by CRLF - IEx - [IEx] Fix the loss of `.iex.exs` context after a pry session - [IEx] Stop evaluator before exiting IEx server to avoid evaluators leaking - Logger - [Logger] Raise clear error message for invalid `:compile_time_purge_matching` configuration - [Logger] Fix a bug where Logger would not reset its discard counter under some scenarios - Mix - [mix compile.elixir] Track transitive runtime dependencies coming from local/path dependencies - [mix compile.elixir] Recompile file if `@external_resource` is deleted - [mix compile.elixir] Print number of compiling files on all compiler cycles. This will make the `Compiling N files (.ex)` show up multiple times if necessary - [mix deps] Raise if local dep is unavailable while compiling - [mix deps.unlock] Fix blank output when unlocking a dependency that is not locked - [mix local.install] Do not respect `MIX_DEPS_PATH` for install commands - [mix release] Improve release scripts by making sure shell errors cascade (this is done by avoiding exporting and defining variables in a single step) - [mix release] Do not boot release if `RELEASE_COOKIE` is empty - [mix release] Allow releases running as a daemon to be restarted - [mix release] Raise proper error message when non-serializable values are in configs - [mix test] Fix coverage engine to also tag `case`, `cond`, and `receive` branches where the right side is a literal - * 3. Soft-deprecations (no warnings emitted) - Elixir - [Code] Environment options in `Code.eval_quoted/3` and `Code.eval_string/3`, such as `:aliases` and `:tracers`, have been deprecated in favor of passing an environment - [IO] `:all` on `IO.getn` is deprecated in favor of `:eof` - [URI] `URI.parse/1` is deprecated in favor of `URI.new/1` and `URI.new!/1` - Mix - [mix format] `Mix.Tasks.Format.formatter_opts_for_file/2` is deprecated in favor of `Mix.Tasks.Format.formatter_for_file/2` - * 4. Hard-deprecations - Elixir - [Code] `Code.cursor_context/2` is deprecated, use `Code.Fragment.cursor_context/2` instead - [Macro] `Macro.to_string/2` is deprecated, use `Macro.to_string/1` instead - [System] `System.get_pid/0` is deprecated, use `System.pid/0` instead - [Version] Using `!` or `!=` in version requirements is deprecated, use `~>` or `>=` instead - Mix - [mix escript.build] `:strip_beam` option is deprecated in favor of `:strip_beams` - [Mix] `:exit_code` in `Mix.raise/2` has been deprecated in favor of `:exit_status` - [Mix.Config] `Mix.Config` is deprecated in favor of `Config` module - Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.13.0 - - Drop 0001-Add-retries-to-tests-that-write-to-stderr-on-Windows.patch: - upstreamed - -- Add 0001-Add-retries-to-tests-that-write-to-stderr-on-Windows.patch: - fix build for Factory - -- Elixir 1.12.3 - * Bug fixes - Elixir - [Code] Make sure that bindings in the default context returned by `Code.eval_*` functions are not returned as tagged tuples - [Kernel] Do not crash when handling ambiguity errors - [Range] Still match on old range patterns throughout the stdlib - IEx - [IEx.Autocomplete] Do not error autocompletion with module attribute - Mix - [Mix] Rename inconsistent `:exit_code` option to `:exit_status` on `Mix.raise/2` - -- Elixir 1.12.2 - * Bug fixes - Elixir - [Kernel] Ensure deprecated macros emit warnings - Mix - [mix deps] Ensure unconstrained rebar deps generate valid mix specifications - * Enhancements - Elixir - [elixirc] Change the output of `--profile time` to make it easier to detect outliers - [Application] Do not add compile time deps on args to `Application.compile_env/2` and `Application.compile_env!/2` - [Enum] Optimize `Enum.into/3` and `Map.new/2` - Mix - [mix compile] Compile most recently changed files first - [mix compile, mix run, mix test] Speed up the time taken to load dependencies. This should make the usage of Mix inside projects quite more responsive - -- Elixir 1.12.1 - * Bug fixes - Elixir - [Code] Make sure `Code.format_string!/2` formats multiline expression inside interpolation on the first run - [Macro] Revert keeping of underscores between digits in camelize - Mix - [Mix] Make sure `Mix.install/2` expand paths for deps - [mix deps.get] Silence false positives on `httpc` warnings - [mix test] Do not run the whole suite when there are no --failed tests as it won't behave as expected inside umbrellas - -- Elixir 1.12 - * Enhancements - EEx - [EEx.Engine] Add `c:EEx.Engine.handle_text/3` callback that receives text metadata - [EEx.Engine] Emit warnings for unused "do" expression in EEx - Elixir - [Code] Add `Code.cursor_context/2` to return the context of a code snippet - [Code] Do not add newlines around interpolation on code formatting. - Note this means formatted code that has interpolation after the line length on Elixir v1.12 won't be considered as formatted on earlier Elixir versions - [Code] Do not add brackets when keywords is used in the access syntax - [Calendar] Support basic datetime format in `Calendar.ISO` parsing functions - [Code] Improve evaluation performance on systems running on Erlang/OTP 24+ - [Date] Support steps via `Date.range/3` - [DateTime] Add `offset` to `DateTime.to_iso8601/2` (now `to_iso8601/3`) - [Enum] Add `Enum.count_until/2` and `Enum.count_until/3` - [Enum] Add `Enum.product/1` - [Enum] Add `Enum.zip_with/2`, `Enum.zip_with/3`, `Enum.zip_reduce/3`, and `Enum.zip_reduce/4` - [Enum] Add support for functions as the second argument of `Enum.with_index/2` - [Exception] Show `error_info` data for exceptions coming from Erlang - [Float] Add `Float.pow/2` - [Integer] Add `Integer.pow/2` and `Integer.extended_gcd/2` - [IO] Add `IO.stream/0` and `IO.binstream/0` which default to STDIO with line orientation - [List] Add default value for `List.first/1` and `List.last/1` - [Kernel] Add `first..last//step` as support for stepped ranges - [Kernel] Also warn for literal structs on `min/2` and `max/2` - [Kernel] Add `Kernel.tap/2` and `Kernel.then/2` - [Kernel] Do not add runtime dependencies to remotes in typespecs - [Kernel] When there is an unused variable warning and there is a variable with the same name previously defined, suggest the user may have wanted to use the pin operator - [Kernel] Improve error messages on invalid character right after a number - [Kernel] Show removal and deprecated tips from Erlang/OTP - [Macro] Add export dependencies on `Macro.struct!/2` - [Macro] Support `:newline` to customize newlines escaping in `Macro.unescape_string/2` - [Module] Raise on invalid `@dialyzer` attributes - [Module] Add `Module.get_definition/2` and `Module.delete_definition/2` - [Module] Allow `@on_load` to be a private function - [Module] Validate `@dialyzer` related module attributes - [Module] Add `Module.reserved_attributes/0` to list all reserved attributes by the language - [Range] Add `Range.new/3` and `Range.size/1` - [Regex] Add offset option to `Regex.scan/3` and `Regex.run/3` - [Registry] Support `:compression` on `Registry` tables - [Registry] Support `Registry.values/3` for reading values under a given key-pid pair - [Stream] Add `Stream.zip_with/2` and `Stream.zip_with/3` - [String] Add `:turkic` mode option to String case functions - [String] Update to Unicode 13.0 - [System] Add `System.trap_signal/3` and `System.untrap_signal/2` - [System] Add `System.shell/2` to invoke a command that is interpreted by the shell - [Tuple] Add `Tuple.sum/1` and `Tuple.product/1` - [URI] Support RFC3986 compliant encoding and decoding of queries via the `:rfc3986` option - ExUnit - [ExUnit] Intercept SIGQUIT (via Ctrl+\\) and show a list of all aborted tests as well as intermediate test results - [ExUnit] Interpolate module attributes in match assertions diffs - [ExUnit] Print how much time is spent on `async` vs `sync` tests - [ExUnit] Improve error messages for doctests - [ExUnit] Compile doctests faster (often by two times) - [ExUnit] Add `ExUnit.async_run/0` and `ExUnit.await_run/1` - IEx - [IEx] Make IEx' parser configurable to allow special commands - [IEx] Show function signature when pressing tab after the opening parens of a function - [IEx] If an IEx expression starts with a binary operator, such as `|>`, automatically pipe in the result of the last expression - Mix - [Mix] Add `Mix.install/2` for dynamically installing a list of dependencies - [Mix] Support `:exit_code` option in `Mix.raise/2` - [Mix] Discard `MIX_ENV` and `MIX_TARGET` values if they are empty strings - [Mix] Print the time taken to execute a task with on `MIX_DEBUG=1` - [mix compile.erlang] Compile multiple files in parallel - [mix escript.build] Deep merge configuration and ensure argv is set when executing `config/runtime.exs` - [mix release] Add `RELEASE_PROG` to releases with the name of the executable starting the release - [mix release] Support `remote.vm.args` to customize how the connecting VM boots - [mix test] Run all available tests if there are no pending `--failed` tests. This provides a better workflow as you no longer need to toggle the `--failed` flag between runs - * Bug fixes - Elixir - [CLI] Ensure `-e ""` (with an empty string) parses correctly on Windows - [Inspect] Do not override user supplied `:limit` option for derived implementations - [Kernel] Allow heredoc inside a heredoc interpolation - [Kernel] Preserve CRLF on heredocs - [Kernel] Public functions without documentation now appear as an empty map on `Code.fetch_docs/1`, - unless they start with underscore, where they remain as `:none`. This aligns Elixir's implementation with EEP48 - [Kernel] Do not crash when complex literals (binaries and maps) are used in guards - [Kernel] Properly parse keywords (such as `end`) followed by the `::` operator - [Kernel] Do not ignore unimplemented signatures from generated functions - [Kernel] Improve error message when an expression follows a keyword list without brackets - [Macro] `Macro.decompose_call/1` now also consider tuples with more than 2 elements to not be valid calls - [Macro] Fix `Macro.to_string/1` double-escaping of escape characters in sigils - [Macro] Fix `Macro.underscore/1` on digits preceded by capitals: "FOO10" now becomes "foo10" instead of "fo_o10" - [Macro] Preserve underscores between digits on `Macro.underscore/1` - [OptionParser] Properly parse when numbers follow-up aliases, for example, `-ab3` is now parsed as `-a -b 3` - [Path] Fix `Path.relative_to/2` when referencing self - [Path] Do not crash when a volume is given to `Path.absname/1`, such as "c:" - [Task] Ensure `Task.async_stream/2` with `ordered: false` discard results as they are emitted, instead of needlessly accumulating inside the stream manager - [Task] Raise if `:max_concurrency` is set to 0 on streaming operations - [URI] Do not discard empty paths on `URI.merge/2` - ExUnit - [ExUnit.Case] Make `@tag tmp_dir` an absolute directory, avoiding inconsistencies if the test changes the current working directory - [ExUnit.Diff] Fix cases where the diffing algorithm would fail to print a pattern correct - IEx - [IEx] Fix auto-completion inside remote shells - Mix - [mix app.config] Do not emit false positive warnings when configured dependencies that have `runtime: false` set - [mix compile.elixir] Ensure that a manifest is generated even with no source code - [mix compile.elixir] Make sure export dependencies trigger recompilation when the dependency is removed as well as when the whole file is removed - [mix compile.elixir] Do not emit false positive warnings when a path dependency adds a module that is then used by the current application in the same `mix compile` cycle - [mix test] Ensure protocols within the current project are consolidated when `--cover` is given - [mix release] Improve compliance of release scripts with stripped down Linux installations - [mix release] Preserve file mode when copying non-beam ebin files - [mix xref] Ensure args are passed to the underlying `mix compile` call - * Soft-deprecations (no warnings emitted) - Elixir - [Kernel] Using `first..last` to match on ranges is soft-deprecated and will warn on future Elixir versions. Use `first..last//step` instead - [Kernel] Using `first..last` to create decreasing ranges is soft-deprecated and will warn on future versions. Use `first..last//-1` instead - * Hard-deprecations - EEx - [EEx.Engine] `use EEx.Engine` is deprecated in favor of explicit delegation - Elixir - [Kernel] The binary operator `^^^` is deprecated. If you are using `Bitwise.^^^/2`, use `Bitwise.bxor/2` instead - [Kernel] Deprecate `@foo()` in favor of `@foo` - [System] Deprecate `System.stacktrace/0` (it was already deprecated outside of catch/rescue and now it is deprecated everywhere) - Mix - [mix compile] The `:xref` compiler is deprecated and it has no effect. Please remove it from your mix.exs file. - Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.12.0 - -- Elixir 1.11.4 - * Enhancements - Elixir - [Kernel] Update formatting when printing warnings and errors from Erlang/OTP 24+ - [Kernel] Support float-16 on bitstrings - Mix - [mix local.rebar] This task will now install rebar3 version 3.14.4, compiled with Erlang/OTP 21 - - Elixir - [Macro] Add Macro.unique_var/2 and Macro.generate_unique_arguments/2 + Elixir + [Macro] Add Macro.unique_var/2 and Macro.generate_unique_arguments/2 - Elixir - [Code] Do not raise when checking for operator ambiguity when :static_atoms_encoder is set in Code.string_to_quoted - [Kernel] Emit undefined function warnings from with - [Kernel] Do not fail type checking when literals are used in guards - [Module] Do not warn for attributes used in @after_compile - [Record] Make sure nested record names do not clobber each other - ExUnit - [ExUnit.Assertions] Do not crash if there are macros and module attributes on the left side of ++ - IEx - [IEx.Helpers] Do not use Unicode chars if ANSI is disabled - Mix - [mix deps.compile] Fix compatibility with rebar v3.14 - [mix release] Do not use private ram_file:compress/1 - [mix xref] Do not crash when retrieving calls for modules in memory + Elixir + [Code] Do not raise when checking for operator ambiguity when :static_atoms_encoder is set in Code.string_to_quoted + [Kernel] Emit undefined function warnings from with + [Kernel] Do not fail type checking when literals are used in guards + [Module] Do not warn for attributes used in @after_compile + [Record] Make sure nested record names do not clobber each other + ExUnit + [ExUnit.Assertions] Do not crash if there are macros and module attributes on the left side of ++ + IEx + [IEx.Helpers] Do not use Unicode chars if ANSI is disabled + Mix + [mix deps.compile] Fix compatibility with rebar v3.14 + [mix release] Do not use private ram_file:compress/1 + [mix xref] Do not crash when retrieving calls for modules in memory - Elixir - [Code] Do not crash when getting docs for missing `erts` appdir - [Kernel] Raise meaningful error if `:erlang.is_record` is used in guards - [Kernel] Prune tracers when fetching `__ENV__` inside functions - Mix - [mix] Fix regression where aliases could not call themselves recursively - [mix compile] Do not discard tracers that are set programatically + Elixir + [Code] Do not crash when getting docs for missing `erts` appdir + [Kernel] Raise meaningful error if `:erlang.is_record` is used in guards + [Kernel] Prune tracers when fetching `__ENV__` inside functions + Mix + [mix] Fix regression where aliases could not call themselves recursively + [mix compile] Do not discard tracers that are set programatically - Elixir - [Code] Ignore tracers if lexical tracker is dead or explicitly nil when evaling code with an environment - [GenServer] Do not show warning when using `super` in `GenServer.child_spec/1` - [Kernel] Do not crash when :reduce is set to `nil` in comprehensions - [Kernel] Fix a scenario where undefined function warnings were not being emitted - IEx - [IEx.Helpers] Properly handle tags inside typespec when showing Erlang docs - Logger - [Logger] Do not deadlock Logger if handler crashes on sync mode - Mix - [Mix] Add inet6 fallback to Mix usage of httpc - [mix compile.app] Do not list apps that do not match the current target + Elixir + [Code] Ignore tracers if lexical tracker is dead or explicitly nil when evaling code with an environment + [GenServer] Do not show warning when using `super` in `GenServer.child_spec/1` + [Kernel] Do not crash when :reduce is set to `nil` in comprehensions + [Kernel] Fix a scenario where undefined function warnings were not being emitted + IEx + [IEx.Helpers] Properly handle tags inside typespec when showing Erlang docs + Logger + [Logger] Do not deadlock Logger if handler crashes on sync mode + Mix + [Mix] Add inet6 fallback to Mix usage of httpc + [mix compile.app] Do not list apps that do not match the current target - EEx - [EEx] Track column information in EEx templates when enabled in the compiler - [EEx] Show column information in EEx error messages - [EEx] Support `:indentation` option when compiling EEx templates for proper column tracking - Elixir - [Access] Add `Access.at!/1` - [Calendar] Add `Calendar.strftime/3` for datetime formatting - [Calendar] Add linear integer representations to Calendar modules: + EEx + [EEx] Track column information in EEx templates when enabled in the compiler + [EEx] Show column information in EEx error messages + [EEx] Support `:indentation` option when compiling EEx templates for proper column tracking + Elixir + [Access] Add `Access.at!/1` + [Calendar] Add `Calendar.strftime/3` for datetime formatting + [Calendar] Add linear integer representations to Calendar modules: - [Calendar] Add `new!` to Date/Time/NaiveDateTime/DateTime (`new` has also been added to `DateTime` for completeness) - [Calendar] Support custom starting day of the week in `Date.day_of_week/2` - [Calendar] Add `Date.beginning_of_month/1` and `Date.end_of_month/1` - [Calendar] Add `Date.beginning_of_week/2` and `Date.end_of_week/2` - [Code] Add `:column` to `Code.string_to_quoted*/2` - [Code] Add `Code.can_await_module_compilation?/0` to check if the parallel compiler is enabled + [Calendar] Add `new!` to Date/Time/NaiveDateTime/DateTime (`new` has also been added to `DateTime` for completeness) + [Calendar] Support custom starting day of the week in `Date.day_of_week/2` + [Calendar] Add `Date.beginning_of_month/1` and `Date.end_of_month/1` + [Calendar] Add `Date.beginning_of_week/2` and `Date.end_of_week/2` + [Code] Add `:column` to `Code.string_to_quoted*/2` + [Code] Add `Code.can_await_module_compilation?/0` to check if the parallel compiler is enabled - [Config] Support `config_env/0` and `config_target/0` in `config` files - [Config] Allow `import_config` to be disabled for some configuration files - [Enum] Allow a sorting function on `Enum.min_max_by/3,4`, including the new `compare/2` conventions - [Kernel] Add `is_struct/2` guard - [Kernel] Add `is_exception/1` and `is_exception/2` guards - [Kernel] Support `map.field` syntax in guards - [Kernel] Add `+++` and `---` with right associativity to the list of custom operators - [Kernel] Warn if a variable that looks like a compiler variable (such as `__MODULE__`) is unused - [Kernel.ParallelCompiler] Report individual file compilation times when `profile: :time` is given - [Kernel.ParallelCompiler] Improve precision of `:long_compilation_threshold` so it takes only compilation times into + [Config] Support `config_env/0` and `config_target/0` in `config` files + [Config] Allow `import_config` to be disabled for some configuration files + [Enum] Allow a sorting function on `Enum.min_max_by/3,4`, including the new `compare/2` conventions + [Kernel] Add `is_struct/2` guard + [Kernel] Add `is_exception/1` and `is_exception/2` guards + [Kernel] Support `map.field` syntax in guards + [Kernel] Add `+++` and `---` with right associativity to the list of custom operators + [Kernel] Warn if a variable that looks like a compiler variable (such as `__MODULE__`) is unused + [Kernel.ParallelCompiler] Report individual file compilation times when `profile: :time` is given + [Kernel.ParallelCompiler] Improve precision of `:long_compilation_threshold` so it takes only compilation times into - [Registry] Add `Registry.delete_meta/2` - [Task] Add `Task.await_many/2` - ExUnit - [ExUnit] Add support for coloring on Windows 10 consoles/shells - [ExUnit] Add `ExUnit.fetch_test_supervisor/0` - [ExUnit] Add `@tag :tmp_dir` support to ExUnit. The temporary directory is automatically created and pruned before each test - [ExUnit] Add file and line to ExUnit's `--trace` - [ExUnit.Assertion] Allow receive timeouts to be computed at runtime - [ExUnit.Case] Add `register_test/6` to speed up compilation of custom tests - [ExUnit.Doctest] Allow users to add tags to doctests - IEx - [IEx] Add support for coloring on Windows 10 consoles/shells - [IEx.Helpers] Show docs from Erlang modules that have been compiled with the docs chunk - Logger - [Logger] Add `notice`, `critical`, `alert`, and `emergency` log levels - [Logger] Support structured logging by logging maps or keyword lists - [Logger] Allow level to be set per module with `Logger.put_module_level/2` - [Logger] Include `erl_level` in Logger's metadata - Mix - [mix] Add `MIX_BUILD_ROOT` to config `_build` dir - [mix] Introduce `MIX_XDG` as a simpler mechanism to opt-in to the XDG specification - [mix] Allow requirements for a Mix task to be listed via the `@requirements` module attribute - [mix] Allow optional dependencies to be defined in `:extra_applications` and `:applications` - [mix app.config] Add new `mix app.config` task that compiles applications and loads runtime configuration - [mix archive.install] Support `--repo` option on Hex packages - [mix compile] Support the `__mix_recompile__?/0` callback for custom behaviour on when Mix should recompile a given + [Registry] Add `Registry.delete_meta/2` + [Task] Add `Task.await_many/2` + ExUnit + [ExUnit] Add support for coloring on Windows 10 consoles/shells + [ExUnit] Add `ExUnit.fetch_test_supervisor/0` + [ExUnit] Add `@tag :tmp_dir` support to ExUnit. The temporary directory is automatically created and pruned before each test + [ExUnit] Add file and line to ExUnit's `--trace` + [ExUnit.Assertion] Allow receive timeouts to be computed at runtime + [ExUnit.Case] Add `register_test/6` to speed up compilation of custom tests + [ExUnit.Doctest] Allow users to add tags to doctests + IEx + [IEx] Add support for coloring on Windows 10 consoles/shells + [IEx.Helpers] Show docs from Erlang modules that have been compiled with the docs chunk + Logger + [Logger] Add `notice`, `critical`, `alert`, and `emergency` log levels + [Logger] Support structured logging by logging maps or keyword lists + [Logger] Allow level to be set per module with `Logger.put_module_level/2` + [Logger] Include `erl_level` in Logger's metadata + Mix + [mix] Add `MIX_BUILD_ROOT` to config `_build` dir + [mix] Introduce `MIX_XDG` as a simpler mechanism to opt-in to the XDG specification + [mix] Allow requirements for a Mix task to be listed via the `@requirements` module attribute + [mix] Allow optional dependencies to be defined in `:extra_applications` and `:applications` + [mix app.config] Add new `mix app.config` task that compiles applications and loads runtime configuration + [mix archive.install] Support `--repo` option on Hex packages + [mix compile] Support the `__mix_recompile__?/0` callback for custom behaviour on when Mix should recompile a given - [mix compile.elixir] Mark modules for path dependencies as "Export dependencies" if they changed but their public + [mix compile.elixir] Mark modules for path dependencies as "Export dependencies" if they changed but their public - [mix compile.elixir] Track application boundaries in the Elixir compiler. + [mix compile.elixir] Track application boundaries in the Elixir compiler. - [mix deps] Sort the dependencies alphabetically before printing - [mix deps] Use `origin/HEAD` as the default Git ref in dependencies - [mix deps] Redact Git `username`/`password` in output log - [mix deps] Support rebar3's `git_subdir` resource type - [mix deps.compile] Allow local deps to be skipped on `mix deps.compile` - {mix deps.unlock] Print which dependencies get unlocked when using the `--unused` flag - [mix escript.install] Support `--repo` option on Hex packages - [mix new] Add `@impl` to application generated by `mix new --sup` - [mix release] Enable overriding `sys.config` location via `RELEASE_SYS_CONFIG` env var - [mix release] Boot a release under configuration in interactive mode and then swap to embedded mode + [mix deps] Sort the dependencies alphabetically before printing + [mix deps] Use `origin/HEAD` as the default Git ref in dependencies + [mix deps] Redact Git `username`/`password` in output log + [mix deps] Support rebar3's `git_subdir` resource type + [mix deps.compile] Allow local deps to be skipped on `mix deps.compile` + {mix deps.unlock] Print which dependencies get unlocked when using the `--unused` flag + [mix escript.install] Support `--repo` option on Hex packages + [mix new] Add `@impl` to application generated by `mix new --sup` + [mix release] Enable overriding `sys.config` location via `RELEASE_SYS_CONFIG` env var + [mix release] Boot a release under configuration in interactive mode and then swap to embedded mode - [mix release] Add `rel_templates_path` to configure the source of template files such as "env.sh.eex", "vm.args.eex" + [mix release] Add `rel_templates_path` to configure the source of template files such as "env.sh.eex", "vm.args.eex" - [mix release] Allow some chunks to be kept in the `:strip_beams` config - [mix test] Allow `:ignore_modules` inside `:test_coverage` option - [mix test.coverage] Add `mix test.coverage` that aggregates coverage results from umbrellas and OS partitioning - [mix xref] Make the `--label` option for `mix xref graph` transitive by default and add `--only-direct` for only + [mix release] Allow some chunks to be kept in the `:strip_beams` config + [mix test] Allow `:ignore_modules` inside `:test_coverage` option + [mix test.coverage] Add `mix test.coverage` that aggregates coverage results from umbrellas and OS partitioning + [mix xref] Make the `--label` option for `mix xref graph` transitive by default and add `--only-direct` for only - [mix xref] Add `--format cycles` support for `mix xref graph` - [mix xref] Add support to `mix xref graph` for using `--source` and `--sink` at the same time + [mix xref] Add `--format cycles` support for `mix xref graph` + [mix xref] Add support to `mix xref graph` for using `--source` and `--sink` at the same time - EEx - [EEx] Make trimming behaviour via the `:trim` option more consistent - Elixir - [Application] Warn if non-atom keys are given to `put_env`, `get_env`, `fetch_env`, and `delete_env` - [Code] Do not send language keyword through the `:static_atoms_encoder` in `Code.string_to_quoted` - [Kernel] Validate values given to `:line` in quote to avoid emitting invalid ASTs - [Kernel] Report the correct line number when raising inside a macro - [Kernel] Fix an issue where `elixirc` would not accept paths with backslash (`\`) separators on Windows - [Kernel] Properly parse `&//2` (i.e. the capture of the division operator) - [Kernel] Raise `CompileError` when trying to define reserved types - [Kernel] Improve compiler error message when using `|` in a `def` signature - [Kernel] Improve error message when trying to use invalid list operators in guards - [Kernel.SpecialForms] Add `|/2` to the list of special forms to avoid inconsistent behaviour on overrides - [Keyword] Enforce keys to be atoms in `Keyword.keys/1` - [Record] Keep lexical ordering when creating records - [Registry] Do not crash when a process with key-value has been registered using `:via` and it fails to start on `init` - [URI] `URI.decode_query/2` emits an empty string for parameters without values, according to + EEx + [EEx] Make trimming behaviour via the `:trim` option more consistent + Elixir + [Application] Warn if non-atom keys are given to `put_env`, `get_env`, `fetch_env`, and `delete_env` + [Code] Do not send language keyword through the `:static_atoms_encoder` in `Code.string_to_quoted` + [Kernel] Validate values given to `:line` in quote to avoid emitting invalid ASTs + [Kernel] Report the correct line number when raising inside a macro + [Kernel] Fix an issue where `elixirc` would not accept paths with backslash (`\`) separators on Windows + [Kernel] Properly parse `&//2` (i.e. the capture of the division operator) + [Kernel] Raise `CompileError` when trying to define reserved types + [Kernel] Improve compiler error message when using `|` in a `def` signature + [Kernel] Improve error message when trying to use invalid list operators in guards + [Kernel.SpecialForms] Add `|/2` to the list of special forms to avoid inconsistent behaviour on overrides + [Keyword] Enforce keys to be atoms in `Keyword.keys/1` + [Record] Keep lexical ordering when creating records + [Registry] Do not crash when a process with key-value has been registered using `:via` and it fails to start on `init` + [URI] `URI.decode_query/2` emits an empty string for parameters without values, according to - [Version] Add defaults and enforce keys in `Version` struct - ExUnit - [ExUnit.CaptureIO] Fix race condition where a dead capture would still be considered as active - [ExUnit.Diff] Do not crash when failing to eval/inspect struct - [ExUnit.Diff] Properly diff numbers in respect to `==` and `===` operators - IEx - [IEx] Fix tokenizer emitting repeated warnings in the REPL - [IEx] Ensure `--dot-iex` is preserved when restarting the evaluator and after shell respawn - [IEx.Pry] Ensure `IEx.pry` can be triggered more than twice when invoked from the same process - Mix - [mix cmd] Fix a bug where only the first --app option would be executed - [mix compile] Fix an issue where new protocol implementations would not propagate when running `mix compile` from + [Version] Add defaults and enforce keys in `Version` struct + ExUnit + [ExUnit.CaptureIO] Fix race condition where a dead capture would still be considered as active + [ExUnit.Diff] Do not crash when failing to eval/inspect struct + [ExUnit.Diff] Properly diff numbers in respect to `==` and `===` operators + IEx + [IEx] Fix tokenizer emitting repeated warnings in the REPL + [IEx] Ensure `--dot-iex` is preserved when restarting the evaluator and after shell respawn + [IEx.Pry] Ensure `IEx.pry` can be triggered more than twice when invoked from the same process + Mix + [mix cmd] Fix a bug where only the first --app option would be executed + [mix compile] Fix an issue where new protocol implementations would not propagate when running `mix compile` from - [mix deps.compile] Use `gmake` instead of `make` when compiling deps on NetBSD/DragonFlyBSD - [mix release] Load `.app` from dependencies path when it is a project dependency - [mix release] Always include "rel/overlays" in the list of overlays directories if available - [mix release] Change `erts/bin/erl` binary mode to `0o755` - [mix test] Compare to test coverage threshold inclusively - Logger - [Logger] Print metadata for all types that implement String.Chars + [mix deps.compile] Use `gmake` instead of `make` when compiling deps on NetBSD/DragonFlyBSD + [mix release] Load `.app` from dependencies path when it is a project dependency + [mix release] Always include "rel/overlays" in the list of overlays directories if available + [mix release] Change `erts/bin/erl` binary mode to `0o755` + [mix test] Compare to test coverage threshold inclusively + Logger + [Logger] Print metadata for all types that implement String.Chars - Elixir - [Exception] `Exception.exception?/1` is deprecated in favor of `Kernel.is_exception/1` - [Regex] `Regex.regex?/1` is deprecated in favor of `Kernel.is_struct/2` - Logger - [Logger] `warn` log level is deprecated in favor of `warning` - Mix - [mix release] `config/releases.exs` is deprecated in favor of a more general purpose `config/runtime.exs` + Elixir + [Exception] `Exception.exception?/1` is deprecated in favor of `Kernel.is_exception/1` + [Regex] `Regex.regex?/1` is deprecated in favor of `Kernel.is_struct/2` + Logger + [Logger] `warn` log level is deprecated in favor of `warning` + Mix + [mix release] `config/releases.exs` is deprecated in favor of a more general purpose `config/runtime.exs` - Elixir - [Supervisor] Deprecate `Supervisor.start_child/2` and `Supervisor.terminate_child/2` in favor of `DynamicSupervisor` - [Supervisor.Spec] Deprecate `Supervisor.Spec.worker/3` and `Supervisor.Spec.supervisor/3` in favor of the new typespecs - [System] Deprecate `System.stacktrace/0` in favor of `__STACKTRACE__` - Mix - [Mix.Project] Deprecate `Mix.Project.compile/2` in favor of `Mix.Task.run("compile", args)` - Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.11.0 + Elixir + [Supervisor] Deprecate `Supervisor.start_child/2` and `Supervisor.terminate_child/2` in favor of `DynamicSupervisor` + [Supervisor.Spec] Deprecate `Supervisor.Spec.worker/3` and `Supervisor.Spec.supervisor/3` in favor of the new typespecs + [System] Deprecate `System.stacktrace/0` in favor of `__STACKTRACE__` + Mix + [Mix.Project] Deprecate `Mix.Project.compile/2` in favor of `Mix.Task.run("compile", args)` + Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.11.0 - Elixir - [Kernel] Fix a bug where custom types were printed as built-in types - [Kernel] Don't add compile-time dependency on defdelegate - [Kernel] Add line numbers to warnings on deprecated imports - [Kernel] Report the correct line number when raising inside a macro - [Task] Include callers in translated Logger metadata for Task - [Task] Fix Task PID and caller in Task Supervisor reports - ExUnit - [ExUnit.Formatter] Avoid crashes when diffing guards when the pattern does not match - [ExUnit.Formatter] Also blame exceptions that come from linked and trapped exits - IEx - [IEx.Helpers] Do not crash when printing a type that cannot be code formatted - Mix - [mix app.start] Fix reading .app file located in archives (.ez files) - [mix local.hex] Provide more guidance when Hex can't be installed - [mix release] Properly encode config in releases + Elixir + [Kernel] Fix a bug where custom types were printed as built-in types + [Kernel] Don't add compile-time dependency on defdelegate + [Kernel] Add line numbers to warnings on deprecated imports + [Kernel] Report the correct line number when raising inside a macro + [Task] Include callers in translated Logger metadata for Task + [Task] Fix Task PID and caller in Task Supervisor reports + ExUnit + [ExUnit.Formatter] Avoid crashes when diffing guards when the pattern does not match + [ExUnit.Formatter] Also blame exceptions that come from linked and trapped exits + IEx + [IEx.Helpers] Do not crash when printing a type that cannot be code formatted + Mix + [mix app.start] Fix reading .app file located in archives (.ez files) + [mix local.hex] Provide more guidance when Hex can't be installed + [mix release] Properly encode config in releases - Elixir - [Code] Return `[{mod, bin}]` from `Code.compile_file/2`, `Code.require_file/2`, `Code.load_file/2` - [Code] Make sure the formatter respects newlines before and after module attributes - [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise in long compilation cycles - [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise if some of the modules being compiled referred to a module that has been loaded directly to memory - [Module] Fix accidental breaking change where bodiless clauses had their body value on `@on_definition` callbacks set to an empty list instead of `nil` - [String] Undeprecate `String.normalize/2` normalize and fix infinite loop caused by certain invalid strings - ExUnit - [ExUnit.Assertions] Fix pattern matching diff when matching on pinned variables - [ExUnit.Assertions] Fix pattern matching diff when matching variable struct names - [ExUnit.Assertions] Fix pattern matching diff when matching on the binary concat operator (`<>`) and the left side is not a literal string - [ExUnit.Assertions] Fix pattern matching diff when matching on pseudo-vars (`__MODULE__`, `__DIR__`, etc) - Mix - [mix release] Respect the `:path` option when creating a `:tar` file for releases + Elixir + [Code] Return `[{mod, bin}]` from `Code.compile_file/2`, `Code.require_file/2`, `Code.load_file/2` + [Code] Make sure the formatter respects newlines before and after module attributes + [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise in long compilation cycles + [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise if some of the modules being compiled referred to a module that has been loaded directly to memory + [Module] Fix accidental breaking change where bodiless clauses had their body value on `@on_definition` callbacks set to an empty list instead of `nil` + [String] Undeprecate `String.normalize/2` normalize and fix infinite loop caused by certain invalid strings + ExUnit + [ExUnit.Assertions] Fix pattern matching diff when matching on pinned variables + [ExUnit.Assertions] Fix pattern matching diff when matching variable struct names + [ExUnit.Assertions] Fix pattern matching diff when matching on the binary concat operator (`<>`) and the left side is not a literal string + [ExUnit.Assertions] Fix pattern matching diff when matching on pseudo-vars (`__MODULE__`, `__DIR__`, etc) + Mix + [mix release] Respect the `:path` option when creating a `:tar` file for releases - Enhancements + Enhancements erlang -- Disable rpmlint tests on SLE-15 where they currently fail - -- This codestream wasn't affected by bsc#1207113 - -- Changes for 26.2.1: - * erts: Removed unnecessary PCRE source tar-ball. - * ssh: With this change (being response to CVE-2023-48795), - ssh can negotiate "strict KEX" OpenSSH extension with - peers supporting it; also - 'chacha20-poly1305@openssh.com' algorithm becomes a - less preferred cipher. - If strict KEX availability cannot be ensured on both - connection sides, affected encryption modes(CHACHA and - CBC) can be disabled with standard ssh configuration. - This will provide protection against vulnerability, but - at a cost of affecting interoperability. See - Configuring algorithms in SSH. (bsc#1218192, CVE-2023-48795) -- Changes for 26.2: - * all: Replaced unintentional Erlang Public License 1.1 - headers in some files with the intended Apache License - 2.0 header. - * otp: The removal of the deprecated slave module, originally - planned for OTP 27, has been postponed to OTP 29. - * asn1: Fix benign warning from gcc 11 about mismatching call - to free(). - * crypto: Enable engine support for OpenSSL versions 3. - * edoc: Emit instead of . -- Disable test suite for now, it has many false positives and - takes a very long time. - -- Changes for 26.1.2: - * erts: If the external term format encoding of an argument list - part of a distributed spawn operation was faulty, the newly - spawned remote process could misbehave. The misbehavior - included hanging or interpret an incoming message as an - argument list to use. This was very unlikely to happen unless - using an alternate implementation of the distribution protocol - which made a faulty encoding of the argument list. The child - process will now detect this error and terminate before - executing the user specified code. - * erts: Fix bugs where if the body of a matchspec would return a - map with a variable ('$1', '$_' etc) as one of the keys or - values and the variable was not an immidiate, the term would - not be copied to the receiving processes heap. This would later - corrupt the term in the table as the GC could place move - markers in it, which in turn would cause the VM to crash. Bug - has been present for since OTP 17.0. - * xmerl: The xmerl version 1.3.32 was released in OTP 26.0.1, but - the incorrect version number of 1.3.31.1 was used for it. This - incorrect version number continued to appear in OTP 26.0.2, OTP - 26.1, and OTP 26.1.1. The actual xmerl code in these OTP - versions however corresponds to xmerl version 1.3.32. -- Changes for 26.1.1: - * wx: The wx application would fail to build on macOS with Xcode - 15. - * compiler: The compiler could become extremely slow for modules - containing huge functions. - * stdlib: Garbage collect the shell process when reducing the - amount of saved history and results. -- Changes for 26.1: - * crypto: Fix VM crash caused by crypto being purged and reloaded - (by init:restart for example) on OS with musl libc (such as - Alpine linux). - * crypto: Improved understanding of LibreSSL versions. Support - chacha20 and chacha20_poly1305 for LibreSSL 3.7. Reflect - removal of support for the DSS/DSA algorithm which was done in - LibreSSL 2.6.1. - * crypto: FIPS supported by crypto for OpenSSL 3.0.* and 3.1.*. - * asn1: The ASN.1 compiler would ignore a constraint such as - (SIZE (1..4), ...), causing incorrect behavior of the encoding - and decoding function for the PER and UPER backends. Corrected - to handle the constraint in the same way as (SIZE (1..4, ...)). - * asn1: The JER backend has been internally refactored in a way - that is compatible for applications that use the documented - API. However, for a group of ASN.1 modules that depend on each - other (for example, S1AP-PDU-Descriptions, S1AP-Contents, and - so on), all modules in the group must be recompiled if on of - the group members is recompiled. - * observer: Closing the trace log window via the menu did not - work. - * erts: maps:put with existing key and identical value was not - optimized as a no-op correctly if having the same 32-bit hash - as another key in the map. In practice very rare and harmless. - * erts: Fixed an issue with truncated crash slogans on failed - emulator start. - * erts: Fixed a bug where the emulator was unable to determine - the current cgroup CPU quota. - * erts: A process optimized for parallel signal delivery could - under some circumstances lose wakeup information. That is, the - processes was not woken up to take care of the signal, so the - signal would not be taken care of until the process was woken - by another signal. Only processes configured with - message_queue_data set to off_heap utilize this optimization. - * erts: Function socket:close/1 could cause a VM crash on - Windows. - * erts: Fixed a bug in the ARM JIT where it could accidentally - add garbage trailing bits when creating bitstrings whose size - wasn't an even multiple of 8 bits. - * erts: Fix erlang:system_info/1 documentation to show correct - types. - * erts: Expanded the documentation about how to use the - standard_io, standard_error and user I/O devices. Added the - types io:standard_io/0, io:standard:error/0 and io:user/0. - * erts: Fix compilation with GNU termcap. - * erts: Delivery time of message signals to a process not - executing any receive expressions could become very long, - potentially infinite. For example, a process checking for - messages using process_info(self(), message_queue_len) or - process_info(self(), messages) and avoiding to execute a - receive expression matching on messages could be very slow in - detecting new messages. Note that you are still discouraged - from using process_info() this way. A process that wants to - check if there are messages available to handle should execute - a receive expression matching on messages. - * erts: On AArch64 (ARM64), when calculating both the quotient - and remainder with a divisor begin a power two, the remainder - could be incorrectly calculated. - * erts: Fix bug causing "magic" references in a compressed ETS - table to not keep the referred object alive. The symptom would - be the referred object being garbage collected prematurely and - the reference appearing stale, not referring to anything. - Examples of such magically referred objects are atomics and NIF - resources. - * erts: Matching out short bitstrings with a fixed size not - divisible by 8 could could lead to the runtime system - terminating with an "Overrun heap and stack" error. - * erts: A constant flow of incoming non-message signals could - prevent a process needing to execute dirty from doing so. - * erts: A BEAM file usually contains a chunk with the tag "Type" - containing type information that can be used by the JIT. The - beam_lib:strip/1 takes care to preserve that chunk, but a - build/release tool that does customized stripping could - accidentally remove the chunk. Loading a BEAM file without the - "Type" chunk could cause incorrect behavior of the loaded code. - * erts: gen_udp:recv/* for Unix Domain Socket in binary mode and - passive mode has been fixed to not crash. - * erts: The cleanup operation of not yet delivered signals to a - terminated process yielded excessively. - * erts: Fixed minor hashing issue with the local option of - term_to_binary()/term_to_iovec(). - * erts: Update gen_tcp_socket and gen_udp_socket to handle - 'completion' (socket on Windows). - * erts: Add support for Unix Domain Sockets (only for STREAM - sockets) on Windows for 'socket'. - * erts: In Erlang/OTP 27, by default escripts will be compiled - before being executed. That means that the compiler application - must be installed. It is possible to force the escript to be - interpreted by adding the directive -mode(interpret). to the - escript file. In Erlang/OTP 28, support for interpreting an - escript will be removed. - * erts: Add basic support for socket ioctl on Windows. - * erts: Removed erts/etc/darwin/Info.plist, as it is no longer - necessary after macos 10.12 - * erts: Add support for (Windows) socket option exclusiveaddruse. - * erts: [socket] Add support for the 'nopush' option. - * erts: Add support for socket option 'BSP STATE'. - * erts: Add tcp socket options 'keepcnt', 'keepidle' and - 'keepintvl'. - * erts: Add support for misc (Windows) socket options - ('max_msg_size' and 'maxdg'). - * compiler: The compiler could run forever when compiling a call - to is_record/3 with a huge positive tuple size. The call - is_record(A, a, 0) would crash the compiler when used in a - function body. When used in a guard the compiler would emit - incorrect code that would accept {a> as a record. - * compiler: Fixed a bug that caused dialyzer to crash when - analyzing bogus code that contained the literal atom undefined - in segment sizes. - * compiler: The compiler would crash when compiling some modules - that contained a call to erlang:load_nif/2. - * compiler: Fixed a bug that caused the compiler to crash on - legal code. - * compiler: The compiler could crash when attempting to compile a - call to is_list/1 in a complex expression. - * compiler: A complex guard expression using the or operator - could succeed when it was supposed to fail. - * compiler: Compiling nested try/catch and catch expression could - result in an internal compiler error. - * compiler: Using the bnot operator in a complex expression could - cause the compiler to terminate with an internal consistency - failure diagnostic. - * compiler: Fixed a bug that caused the compiler to crash in a - binary optimization pass. - * compiler: The compiler could terminate with an internal error - when attempting to compile a binary pattern that could not - possibly match. - * compiler: Fixed various performance issues related to the alias - optimization pass. - * erl_docgen: Expanded the documentation about how to use the - standard_io, standard_error and user I/O devices. Added the - types io:standard_io/0, io:standard:error/0 and io:user/0. - * mnesia: Do not delete old backup file if the new backup fails. - * megaco: Make megaco transports handle gen_tcp | gen_udp with - socket backend on Windows (completion). - * common_test: With this change, ct_hooks manual refers to CTH - execution order section in user guide. - * common_test: With this change, Config data from - pre_end_per_testcase hook is delivered to post_end_per_testcase - callback in case of testcase timetrap or linked process crash. - * common_test: With this change, remaining references to not - supported vts tool in ct_run are removed (mainly relates to - docs and ct_run help message). - * common_test: With this change, prompt search functionality in - ct_telnet handles unicode input. - * common_test: Expanded the documentation about how to use the - standard_io, standard_error and user I/O devices. Added the - types io:standard_io/0, io:standard:error/0 and io:user/0. - * stdlib: The compiler could run forever when compiling a call to - is_record/3 with a huge positive tuple size. The call - is_record(A, a, 0) would crash the compiler when used in a - function body. When used in a guard the compiler would emit - incorrect code that would accept {a> as a record. - * stdlib: Fix bug in ets:tab2file that could make it fail if - another Erlang process created the same file at the same time. - * stdlib: An {else_clause,Value} exception will now be reported - nicely in the shell. - * stdlib: Correct return value for error case, so that it matches - the documented and intended return value {error, - {already_started, pid()} when local registered names are used. - * stdlib: sys:get_state/1,2 and sys:replace_state/2,3 has been - corrected to handle a state named error as a state name, not as - a failed system callback. For the standard server behaviours - this was an issue only for gen_statem (and gen_fsm) when the - state name was error, and for gen_server if the complete state - was {error,_}. - * stdlib: Multiple problems were fixed in - filelib:safe_relative_path/2. If its second argument was a path - that contained symbolic links, an incorrect result patch could - be returned. Also, paths were sometimes falsely considered - unsafe. - * stdlib: Fix deadlock when erl.exe is used as part of a pipe on - Windows and trying to set the encoding of the standard_io - device. - * stdlib: Expanded the documentation about how to use the - standard_io, standard_error and user I/O devices. Added the - types io:standard_io/0, io:standard:error/0 and io:user/0. - * stdlib: Fix h/2,3 to properly render multi-clause - documentation. - * stdlib: Timers created by timer:apply_after/4, - apply_interval/4, and apply_repeatedly/4 would silently fail to - do the apply if it was not possible to spawn a process when the - timer expired. This has now been corrected, and if the spawn - fails, the system will be taken down producing a crash dump. - * stdlib: When an Erlang source file lacked a module definition, - there would be a spurious "module name must not be empty" - diagnostic for each spec in the file. - * stdlib: The argument descriptions for option types in argparse - have been made less ambiguous. - * stdlib: Clarified the documentation of normal shutdown reason - on gen_server:call/2,3 - * stdlib: Pattern matching and equivalence (=:=, =/=) comparisons - on 0.0 will now raise a warning, as it will no longer be - considered equivalent to -0.0 in OTP 27. If a match on 0.0 - specifically is desired (distinct from -0.0), the warning can - be suppressed by writing +0.0 instead. The arithmetic - comparison operators are unaffected, including arithmetic - equality (==). *** POTENTIAL INCOMPATIBILITY *** - * stdlib: The semantics of the gen_{server,statem,event} - behaviour's synchronous start behaviour introduced in OTP-26.0 - with OTP-18471, has been clarified in the documentation. - * stdlib: Added functionality to set a custom multiline prompt. - * stdlib: A warning for (accidental use of) Triple-Quoted Strings - has been implemented as per EEP 64. *** POTENTIAL - INCOMPATIBILITY *** - * stdlib: The keyboard shortcuts for the shell are now - configurable. - * kernel: Fixed an issue with truncated crash slogans on failed - emulator start. - * kernel: Fix shell:start_interactive function specification. - * kernel: Fix code:get_doc/1 to return missing, when it can't - find erts instead of crashing. - * kernel: Function socket:close/1 could cause a VM crash on - Windows. - * kernel: Fix deadlock when erl.exe is used as part of a pipe on - Windows and trying to set the encoding of the standard_io - device. - * kernel: Expanded the documentation about how to use the - standard_io, standard_error and user I/O devices. Added the - types io:standard_io/0, io:standard:error/0 and io:user/0. - * kernel: Fix logger's overload protection mechanism to only - fetch memory used by messages when needed. - * kernel: Fixed a number of socket-related issues causing - incompatibilities with gen_tcp and gen_udp respectively. - * kernel: gen_tcp:connect with socket address and socket (inet-) - backend fails because of missing callback function. - * kernel: The DNS RR cache used by `inet_res` has been fixed to - preserve insert order, which is beneficial when the DNS server - returns RRs in some specific order for e.g load balancing - purposes. - * kernel: The options `reuseport`, `reuseport_lb` and - `exclusiveaddruse` were accidentally not allowed for e.g - `gen_udp:open/1,2`, which has now been corrected. - * kernel: gen_udp:recv/* for Unix Domain Socket in binary mode - and passive mode has been fixed to not crash. - * kernel: Fixed issue where cursor would not be placed at the end - of the expression when navigating shell history. - * kernel: Update gen_tcp_socket and gen_udp_socket to handle - 'completion' (socket on Windows). - * kernel: Add support for Unix Domain Sockets (only for STREAM - sockets) on Windows for 'socket'. - * kernel: Add basic support for socket ioctl on Windows. - * kernel: The file:location/0 type is now exported. - * kernel: Add support for (Windows) socket option - exclusiveaddruse. - * kernel: [socket] Add support for the 'nopush' option. - * kernel: Add support for socket option 'BSP STATE'. - * kernel: Add tcp socket options 'keepcnt', 'keepidle' and - 'keepintvl'. - * kernel: Add support for misc (Windows) socket options - ('max_msg_size' and 'maxdg'). - * kernel: The keyboard shortcuts for the shell are now - configurable. - * kernel: Optimized code_server to reduce repeated work when - loading the same module concurrently. - * debugger: The call int:no_break(Module) did not remove any - breakpoints. - * debugger: The maybe expression is now supported in the - Debugger. - * debugger: The maybe expression is now supported in the - Debugger. - * debugger: The call int:no_break(Module) did not remove any - breakpoints. - * ssl: Avoid function clause error in ssl:getopts/2 by handling - that inet:getopts may return an empty list during some - circumstances, such as the socket being in a closing state. - * ssl: The API function `ssl:recv/3` has been tightened to - disallow negative length, which has never been documented to - work, but was passed through and caused strange errors. - * ssl: When a client initiated renegotiation was rejected and the - client socket was in active mode the expected error message to - the controlling process was not sent. - * ssl: Add some guidance for signature algorithms configuration - in ssl applications users guide. - * snmp: Make snmp handle gen_udp with socket backend on Windows - (completion). - * public_key: Country name comparison shall be case insensitive - * public_key: Add check to disallow duplicate certs in a path - * inets: With this change, re_write httpd works as expected and - does not return error. - * inets: Fixed a bug so httpd does not crash when stopped at the - wrong time during TLS connection negotiation, or any other - theoretically as slow connection setup. - * inets: Enhance error handling and avoid that the HTTP client - hangs on headers provided on the wrong format. - * inets: With this change, error report generated by httpd during - connection setup contains socket type information. - * inets: Stop and restart of the httpd server in the Inets - application has been refactored to a more synchronous and OTP - supervisor friendly approach. This should increase stability - and for example avoid a supervisor report from - httpd_connection_sup about killed child process(es) in some - cases when stopping or restarting httpd. - * dialyzer: Fixed a bug that caused dialyzer to crash when - analyzing bogus code that contained the literal atom undefined - in segment sizes. - * dialyzer: Dialyzer could crash when attempting to analyze a - module that defined a type called product/. -- Changes for 26.0.2: - * erts: Fix using the IME (Input Method Editor) to enter text in - cmd.exe and powershell.exe on Windows. - * erts: Multiple socket:accept calls issue. When making multiple - accept calls, only the last call is active. - * erts: Fix the shell to ignore terminal delay when the terminal - capabilities report that they should be used. - * erts: Fix "oldshell" to echo characters while typing on - Windows. - * erts: On Windows, a call to the function socket:close, when - there are waiting active calls to read, write or accept - functions, could hang. - * erts: Fix issues when reading or configuring standard_io on - Windows when erl.exe is started using -noshell flag. - * erts: The following functions are now much faster when given a - long list or binary: - * erts: On AArch64 (ARM64), equality and non-equality tests with - literal bitstrings could succeed when they should fail and vice - versa. - * compiler: Fixed a type handling bug that would cause an - internal consistence failure for correct code. - * compiler: Fixed a bug that could cause the stack trace of throw - exceptions to be erroneously optimized out. - * compiler: Complex guard expression using 'or' were not always - fully evaluated, making guards that were supposed to fail - succeed. - * stdlib: Fix bug where when you entered Alt+Enter in the - terminal, the cursor would move to the last line, instead of - moving to the next line. - * stdlib: Fix eof handling when reading from stdin when erlang is - started using -noshell. - * stdlib: Fixed problem where output would disappear if it was - received after a prompt was written in the shell. - * stdlib: The following functions are now much faster when given - a long list or binary: - * kernel: Fix bug where when you entered Alt+Enter in the - terminal, the cursor would move to the last line, instead of - moving to the next line. - * kernel: Fix so that the shell does not crash on startup when - termcap is not available. - * kernel: Multiple socket:accept calls issue. When making - multiple accept calls, only the last call is active. - * kernel: Fix the shell to ignore terminal delay when the - terminal capabilities report that they should be used. - * kernel: Fix "oldshell" to echo characters while typing on - Windows. - * kernel: Fix eof handling when reading from stdin when erlang is - started using -noshell. - * kernel: On Windows, a call to the function socket:close, when - there are waiting active calls to read, write or accept - functions, could hang. - * kernel: Fix issues when reading or configuring standard_io on - Windows when erl.exe is started using -noshell flag. - * kernel: gen_udp:connect with inet_backend = socket fails when - the Address is a hostname (string or atom). - * kernel: Fixed problem which would cause shell to crash if - particular escape sequence was written to stdout. - * kernel: Fixed problem where output would disappear if it was - received after a prompt was written in the shell. - * kernel: Fix a crash where the location of erts could not be - found in rebar3 dev builds. - * kernel: Introduce the KERNEL application parameter - standard_io_encoding that can be used to set the default - encoding for standard_io. This option needs to be set to latin1 - if the application wants to treat all input data as bytes - rather than utf-8 encoded characters. - * ssl: Added keylog information to all protocol versions in - ssl:connection_information/2. - * ssl: Add RFC-6083 considerations for DTLS to enable gen_sctp - based callback for the transport. - * ssh: Added multiline editing support to ssh clients connected - through OTP ssh daemon. - -- Changes for 26.0.1: - * erts: Build of the socket nif failed on Solaris 11. - * erts: Fixed two reduction-counting bugs relating to binaries. - * erts: Constructing a binary segment not aligned with a byte - boundary, with a size not fitting in 31 bits, and with a value - not fitting in a 64-bit word could crash the runtime system. - * erts: When a binary construction failed because of bad size for - a segment, the error information was not always correct. - * erts: Fixed a crash when calling a fun that was defined in a - module that had been upgraded. - * kernel: The POSIX error exdev was sometimes incorrectly - described as "cross domain link" in some error messages. - * kernel: Corrected the socket send function description (send - with Timeout = nowait). The send function(s) could not return - {ok, {RestData, SelectInfo}} - * stdlib: The POSIX error exdev was sometimes incorrectly - described as "cross domain link" in some error messages. - * ssl: Make sure that selection of client certificates handle - both TLS-1.3 and TLS-1.2 names correctly. Could cause valid - client certificate to not be selected, and an empty client - certificate message to be sent to server. - * ssl: Improved ssl:format_error/1 to handle more error tuples. - * ssl: Fixed hanging ssl:connect when ssl application is not - started. - * ssl: Correct handling of retransmission timers, current - behavior could cause unwanted delays. - * inets: Do not make the default ssl options by calling - httpc:ssl_verify_host_options(true) if ssl options are supplied - by the user. - * xmerl: New options to xmerl_scan and xmerl_sax_parser so one - can limit the behaviour of the parsers to avoid some XML - security issues. xmerl_scan gets one new option: - xmerl_sax_parser gets the following options: The old option - skip_external_dtd is still valid and the same as - {external_entities, none} and {fail_undeclared_ref, false} but - just affects DTD's and not other external references. - * compiler: Fixed a bug where a failing bsl expression in a guard - threw an exception instead of causing the guard to fail. - * compiler: Fixed a bug that would case the validator to reject - legal code. - * compiler: The compiler could re-order clauses matching binaries - so that the incorrect clause would match. That could only - happen for code that used the option {error_location,line} or - for code without line or column number information (e.g. - generated by a parse transform). - * compiler: Complex guard expression using the or operator and - guard BIFs that can fail could sometimes be miscompiled so that - the guard would succeed even if a call to a guard BIF failed. - * compiler: With optimizations disabled, a try/catch construct - could return an incorrect value. - * compiler: In rare circumstance, a combination of binary - construction and binary_part/3 would cause the compiler to - generate unsafe code that would crash the runtime system. - * compiler: The compiler could be very slow when compiling guards - with multiple guard tests separated with 'or' or ';'. - * compiler: Complex guard expressions using 'or' and map updates - could succeed even if the map update failed. - -- Version 26.0: - * Leex has been extended with optional column number support. - * The family of enumeration functions in module lists has been - extended with enumerate/3 that allows a step value to be - supplied. - * Update Unicode to version 15.0.0. - * proc_lib:start*/* has become synchronous when the started - process fails. This requires that a failing process use a new - function proc_lib:init_fail/2,3, or exits, to indicate failure. All - OTP behaviours have been fixed to do this. - * auto-complete of variables, record names, record fields names, - map keys, function parameter types and filenames. - * Open external editor in the shell to edit the current - expression. - * defining records (with types), functions, specs and types in - the shell. - * Creation and matching of binaries with segments of fixed sizes - have been optimized. - * Creation and matching of UTF-8 segments have been optimized. - * Appending to binaries has been optimized. - * The compiler and JIT now generate better code for creation of - small maps where all keys are literals known at compile time. - * Thanks to the optimizations above the performance of the base64 - module has been significantly improved. For example, on an - x86_64 system with the JIT both encode and decode are almost - three times faster than in Erlang/OTP 25. - * Map comprehensions as suggested in EEP 58 has now been - implemented. - * Some map operations have been optimized by changing the - internal sort order of atom keys. This changes the - (undocumented) order of how atom keys in small maps are printed - and returned by maps:to_list/1 and maps:next/1. The new order - is unpredictable and may change between different invocations - of the Erlang VM. - * Introducing the new function maps:iterator/2 for creating an - interator that return the map elements in a deterministic - order. There are also new modifiers k and K for the format - string in io:format() to support printing map elements ordered. - * Added the new built-in type dynamic() introduced in EEP 61, PR - introducing EEP 61 improving support for gradual type checkers. - * Dialyzer has a new incremental mode that be invoked by giving - the --incremental option when running Dialyzer. This new - incremental mode is likely to become the default in a future - release. - * Multi time warp mode is now enabled by default. This assumes - that all code executing on the system is time warp safe. - * Support for UTF-8 atoms and strings in the NIF interface - including new functions enif_make_new_atom, - enif_make_new_atom_len and enif_get_string_length. - * The BIFs min/2 and max/2 are now allowed to be used in guards - and match specs. - * Improved the selective receive optimization, which can now be - enabled for references returned from other functions. This - greatly improves the performance of gen_server:send_request/3, - gen_server:wait_response/2, and similar functions. - * It is no longer necessary to enable a feature in the runtime - system in order to load modules that are using it. It is - sufficient to enable the feature in the compiler when compiling - it. - * inet:setopts/2 has got 3 new options: reuseport, reuseport_lb - and exclusiveaddruse. - * Fix so that -fno-omit-frame-pointer is applied to all of the - Erlang VM when using the JIT so that tools, such as perf, can - crawl the process stacks. - * In the lists module, the zip family of functions now takes - options to allow handling lists of different lengths. - * Added the zip:zip_get_crc32/2 function to retrieve the CRC32 - checksum from an opened ZIP archive. gen_server optimized by - caching callback functions - * The modules Erlang DNS resolver inet_res and helper modules - have been updated for RFC6891; to handle OPT RR with DNSSEC OK - (DO) bit. - * Introduced application:get_supervisor/1. - * Cache OTP boot code paths, to limit how many folders that are - being accessed during a module lookup. Can be disabled with - - cache_boot_path false. - * Support for Kernel TLS (kTLS), has been added to the SSL - application, for TLS distribution (-proto_dist inet_tls), the - SSL option {ktls, true}. - * Improved error checking and handling of ssl options. - * Mitigate memory usage from large certificate chains by lowering - the maximum handshake size. This should not effect the common - cases, if needed it can be configured to a higher value. - * For security reasons the SHA1 and DSA algorithms are no longer - among the default values. - * Add encoding and decoding of use_srtp hello extension to - facilitate for DTLS users to implement SRTP functionality. - -- Changes for 25.3.2.2: - * compiler: The compiler could be very slow when compiling guards - with multiple guard tests separated with 'or' or ';'. -- Changes for 25.3.2.1: - * xmerl: New options to xmerl_scan and xmerl_sax_parser so one - can limit the behaviour of the parsers to avoid some XML - security issues. xmerl_scan gets one new option: - xmerl_sax_parser gets the following options: The old option - skip_external_dtd is still valid and the same as - {external_entities, none} and {fail_undeclared_ref, false} but - just affects DTD's and not other external references. - * erts: Fixed a crash during tracing on certain platforms that - cannot use the machine stack for Erlang code (mainly OpenBSD - and Linux with musl). - * erts: Constructing a binary segment not aligned with a byte - boundary, with a size not fitting in 31 bits, and with a value - not fitting in a 64-bit word could crash the runtime system. - * erts: Further robustify implementation of large maps (> 32 - keys). Keys that happen to have same internal 32-bit hash - values are now put in collision nodes which are traversed with - linear search. This removes the demand for the internal hash - function when salted to eventually produce different hashes for - all possible pairs of unequal terms. - * stdlib: Static supervisors are very idle processes after they - have started so they will now be hibernated after start to - improve resource management. - * compiler: Fixed a bug where a failing bsl expression in a guard - threw an exception instead of causing the guard to fail. - * compiler: Complex guard expression using the or operator and - guard BIFs that can fail could sometimes be miscompiled so that - the guard would succeed even if a call to a guard BIF failed. - -- Changes for 25.3.2: - * compiler: Fixed type handling bugs that could cause an internal - error in the compiler for correct code. - * os_mon: Avoid error report from failing erlang:port_close at - shutdown of cpu_sup and memsup. Bug exists since OTP 25.3 - (os_mon-2.8.1). - * erts: If a runtime system which was starting the distribution - already had existing pids, ports, or references referring to a - node with the same nodename/creation pair that the runtime - system was about to use, these already existing pids, ports, or - references would not work as expected in various situations - after the node had gone alive. This could only occur if the - runtime system was communicated such pids, ports, or references - prior to the distribution was started. That is, it was - extremely unlikely to happen unless the distribution was - started dynamically and was even then very unlikely to happen. - The runtime system now checks for already existing pids, ports, - and references with the same nodename/creation pair that it is - about to use. If such are found another creation will be chosen - in order to avoid these issues. -- Changes for 25.3.1: - * snmp: Attempts to minimize the number of the error reports - during a failed agent init. - * compiler: When a map update such as #{}#{key:=value} that - should fail with an exception was unused, the exception would - be lost. - * compiler: Fixed bug in the validator that made it reject valid - code. - * crypto: With this change, random errors are fixed for - crypto:generate_key calls with OpenSSL 3. - * erts: Fixed a bug in the loader that prevented certain modules - compiled with no_ssa_opt from being loaded. - * erts: Implementations of the call() driver callback that - returned a faulty encoded result could cause a memory leak and - could cause invalid data on the heap of the processes calling - erlang:port_call/3. - * erts: Fixed a memory corruption issue when upgrading code. The - bug was introduced in OTP 25.3 - * erts: Fixed configure tests for a few ARM-specific - instructions, which prevented the emulator from being built on - some platforms. - * erts: Aliases created in combination with a monitor using the - {alias, explicit_unalias} option stopped working from remote - nodes when a 'DOWN' signal had been received due to the monitor - or if the monitor was removed using the erlang:demonitor() BIF. - This bug was introduced in OTP 24.3.4.10 and OTP 25.3. - * erts: In rare circumstances, bit syntax matching of an invalid - code point for a utf32 would crash the runtime system. - * erts: Building the runtime system failed when native atomic - support was missing. Note that execution on such systems have - only been rudimentary tested. - * erl_interface: Fixed configure tests for a few ARM-specific - instructions, which prevented the emulator from being built on - some platforms. - * eldap: Added a new function eldap:info/1 that returns the - socket and the transport protocol for the eldap connection. - * inets: Correct timing related pipelining/keepalive queue bug, - that could result in unexpected "socket_remotly_closed" errors. - * inets: With this change, upon remote socket closure current - request is added to a retried queue (either pipeline or - keep_alive, but not both). - * ssl: With this change, ssl:connection_information/2 returns - correct keylog data after TLS1.3 key update. - * ssl: Client signature algorithm list input order is now honored - again , it was accidently reversed by a previous fix. - * stdlib: The type specs in the erl_parse module has been updated - to include the maybe construct and the ! operator. - * wx: Improve debug prints from the nifs. Some minor fixes for - wxWidgets-3.2. Fixed OpenGL debug functions. - -- Changes for 25.3: - * reltool: Fixed a bug that would cause analysis to crash. - * stdlib: Fixed a bug that would cause analysis to crash. - * stdlib: Fixed a crash when formatting stack traces for error - reports. - * stdlib: Instead of crashing, the list_to_integer/1 and - list_to_integer/2 BIFs now raise the system_limit exception for - overlong lists that can't be converted to integers. Similarly, - the string:to_integer/1 BIF now returns {error,system_limit} - for overlong lists. - * stdlib: Removal of non-necessary undefined types added to the - state's supervisor record. - * compiler: Fixed a bug that would cause the compiler to hang. - * compiler: Fixed a crash when compiling code that contained - maybe expressions. - * compiler: Constructing a binary with an explicit size of all - for a binary segment would crash the compiler. - * compiler: The compiler would generate incorrect code for the - following type of expression: Pattern = BoundVar1 = . . . = - BoundVarN = Expression An exception should be raised if any of - the bound variables have different values than Expression. The - compiler would generate code that would cause the bound - variables to be bound to the value of Expressionwhether the - value matched or not. - * xmerl: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * megaco: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * debugger: Fixed a bug that would cause analysis to crash. - * erts: Fixed a bug on Windows where file:read_file_info/1 would - fail for files with corrupt metadata. - * erts: Fix process_info(_, binary) to again include "writable - binaries" which were lost in OTP-25.0. Writable binaries are an - optimization used when binaries are appended upon in a loop. - * erts: Fix rare race when receiving fragmented messages on a - terminating connection. Could potentially cause memory leaks as - well as double free crashes. Bug exists since OTP 22.0. - * erts: Fixed bug that could maybe cause problems when a file - descriptor number is closed by a linked in driver and then - opened (reused) and passed to enif_select by a NIF. No actual - symptoms seen, only failed internal assertions in debug build. - * erts: The runtime system could crash when tracing a process - executing on a dirty scheduler. - * erts: In the binary syntax, attempting to match out integers - with size exceeding 2 GiB could crash the runtime system. - * erts: Fixed edge case in floating-point negation where A = 0.0, - B = -A did not produce B = -0.0 on x86_64 JIT. - * erts: Fixed an issue in the JIT that could crash the emulator - on some platforms. - * erts: Added meta data to the windows installer. - * erts: Fixed ETS insertion order into bag and duplicate_bag of - tuples with identical keys when passed in a list to - ets:insert/2. The insert order has been head-to-tail but was - accidentally changed in OTP 23.0. For bag it was reverted - (tail-to-head), while for duplicate_bag it was sometimes - reverted depending on the length of the list and number of - "reductions" left for the calling process. This fix changes the - insert order of ets:insert/2 back to always be head-to-tail of - the list argument. - * erts: With the JIT for AArch64 (AMD64), calling bxor in with - non-integer arguments in a guard would crash the runtime - system. - * erts: Fix bug regarding process flag max_heap_size. Could cause - strange behavior when a process was killed due to exceeding the - limit. - * erts: Fixed binary comprehensions to be similar to other - creation of binary data with respect to its contribution of - triggering garbage collection. - * erts: In rare circumstances, when a process exceeded its - allowed heap size set by option max_heap_size, it would not be - killed as it should be, but instead enter a kind of zombie - state it would never get out of. - * erts: Instead of crashing, the list_to_integer/1 and - list_to_integer/2 BIFs now raise the system_limit exception for - overlong lists that can't be converted to integers. Similarly, - the string:to_integer/1 BIF now returns {error,system_limit} - for overlong lists. - * erts: Active process aliases of a process at its termination - leaked memory. - * erts: Support for fully asynchronous distributed signaling - where send operations never block. This functionality is by - default disabled and can be enabled per process. For more - information see the documentation of process_flag(async_dist, - Bool). - * erts: Added the +JPperf no_fp option to explicitly disable - Erlang frame pointers otherwise added when using the +JPperf - map option. - * erl_interface: Accept connection setup from OTP 23 and 24 nodes - that are not using epmd. - * erl_interface: The ei API for decoding/encoding terms is not - fully 64-bit compatible since terms that have a representation - on the external term format larger than 2 GB cannot be handled. - * syntax_tools: erl_syntax_lib:annotate_bindings/1,2 will now - properly annotate named functions and their arguments. - * kernel: Fixed a bug on Windows where file:read_file_info/1 - would fail for files with corrupt metadata. - * kernel: Accept connection setup from OTP 23 and 24 nodes that - are not using epmd. - * public_key: As different solutions of verifying certificate - revocation exists move the decode of 'CRLDistributionPoints' so - that it will only be decode. When it is actually used in the - verification process. This would enable interoperability with - systems that use certificates with an invalid empty - CRLDistributionPoints extension that they want to ignore and - make verification by other means. - * public_key: public_key:pkix_path_validation validates - certificates expiring after 2050 - * public_key: Do not leave exit message in message queue after - calling cacerts_load() on MacOS. - * public_key: Replace size/1 with either tuple_size/1 or - byte_size/1 The size/1 BIF is not optimized by the JIT, and its - use can result in worse types for Dialyzer. When one knows that - the value being tested must be a tuple, tuple_size/1 should - always be preferred. When one knows that the value being tested - must be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * ssl: Fixed that new dtls connections from the same client ip - port combination works. If there is a process waiting for - accept the new connection will connect to that, otherwise it - will try to re-connect to the old server connection. - * ssl: When shutting down a node that uses SSL distribution - (-proto_dist inet_tls), a confusing error message about an - unexpected process exit was printed. This particular message is - no longer generated. - * ssl: fixes the type spec for ssl:format_error/1 - * ssl: Replace size/1 with either tuple_size/1 or byte_size/1 The - size/1 BIF is not optimized by the JIT, and its use can result - in worse types for Dialyzer. When one knows that the value - being tested must be a tuple, tuple_size/1 should always be - preferred. When one knows that the value being tested must be a - binary, byte_size/1 should be preferred. However, byte_size/1 - also accepts a bitstring (rounding up size to a whole number of - bytes), so one must make sure that the call to byte_size/ is - preceded by a call to is_binary/1 to ensure that bitstrings are - rejected. Note that the compiler removes redundant calls to - is_binary/1, so if one is not sure whether previous code had - made sure that the argument is a binary, it does not harm to - add an is_binary/1 test immediately before the call to - byte_size/1. - * jinterface: Accept connection setup from OTP 23 and 24 nodes - that are not using epmd. - * os_mon: The port programs used by cpu_sup and memsup are now - gracefully shut down when cpu_sup and memsup are shut down. - * eunit: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * crypto: A user defined runtime library path configured using - - -with-ssl-rpath= could fail to be enabled. - * crypto: Ensure that configure fails if a user defined runtime - library path has been passed by the user, but cannot set. - * mnesia: Improved consistency for dirty writes when a table was - added with add_table_copy/3. Fixed a problem with sticky write, - which could lead to inconsistent data. - * mnesia: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * common_test: Renamed undocumented macro CT_PEER/3 to - CT_PEER_REL/3. - * ssh: With this change, PKCS8 formatted private key file is - properly decoded and SSH daemon with such key can be started. - * ssh: Replace size/1 with either tuple_size/1 or byte_size/1 The - size/1 BIF is not optimized by the JIT, and its use can result - in worse types for Dialyzer. When one knows that the value - being tested must be a tuple, tuple_size/1 should always be - preferred. When one knows that the value being tested must be a - binary, byte_size/1 should be preferred. However, byte_size/1 - also accepts a bitstring (rounding up size to a whole number of - bytes), so one must make sure that the call to byte_size/ is - preceded by a call to is_binary/1 to ensure that bitstrings are - rejected. Note that the compiler removes redundant calls to - is_binary/1, so if one is not sure whether previous code had - made sure that the argument is a binary, it does not harm to - add an is_binary/1 test immediately before the call to - byte_size/1. - * inets: With this change, handling of URI to a folder, with - missing trailing / and a query component present is fixed. - * inets: Adds more type information to the inets app, thus - improving the errors that static analysis tools can detect. The - addition of type information to records and the updates to - function heads help static analysis tools to understand that - some values in the records cannot be 'undefined', thus making - static tools to type check correctly more modules in the inets - app - * inets: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * snmp: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * ftp: Replace size/1 with either tuple_size/1 or byte_size/1 The - size/1 BIF is not optimized by the JIT, and its use can result - in worse types for Dialyzer. When one knows that the value - being tested must be a tuple, tuple_size/1 should always be - preferred. When one knows that the value being tested must be a - binary, byte_size/1 should be preferred. However, byte_size/1 - also accepts a bitstring (rounding up size to a whole number of - bytes), so one must make sure that the call to byte_size/ is - preceded by a call to is_binary/1 to ensure that bitstrings are - rejected. Note that the compiler removes redundant calls to - is_binary/1, so if one is not sure whether previous code had - made sure that the argument is a binary, it does not harm to - add an is_binary/1 test immediately before the call to - byte_size/1. - * dialyzer: Fixed a bug that would cause analysis to crash. - * dialyzer: Replace size/1 with either tuple_size/1 or - byte_size/1 The size/1 BIF is not optimized by the JIT, and its - use can result in worse types for Dialyzer. When one knows that - the value being tested must be a tuple, tuple_size/1 should - always be preferred. When one knows that the value being tested - must be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. - * tftp: Replace size/1 with either tuple_size/1 or byte_size/1 - The size/1 BIF is not optimized by the JIT, and its use can - result in worse types for Dialyzer. When one knows that the - value being tested must be a tuple, tuple_size/1 should always - be preferred. When one knows that the value being tested must - be a binary, byte_size/1 should be preferred. However, - byte_size/1 also accepts a bitstring (rounding up size to a - whole number of bytes), so one must make sure that the call to - byte_size/ is preceded by a call to is_binary/1 to ensure that - bitstrings are rejected. Note that the compiler removes - redundant calls to is_binary/1, so if one is not sure whether - previous code had made sure that the argument is a binary, it - does not harm to add an is_binary/1 test immediately before the - call to byte_size/1. -- Changes for 25.2.3: - * erts: Comparisons between small numbers and pids or ports would - in some edge cases say that the number was greater than the pid - or port, violating the term order. - * erts: process_info(Pid, status) when Pid /= self() could return - an erroneous result. - * ssl: Maximize compatibility by ignoring change_cipher_spec - during handshake even if middle_box_mode is not negotiated - (mandated by client) - * ssl: Move assert of middlebox message after an - hello_retry_request to maximize interoperability. Does not - changes semantics of the protocol only allows unexpected - message delay from server. - * ssh: With this change, ssh application does not crash when - formatting some of info reports for unsuccessful connections. - * ssh: With this change, ssh does not log extensively long - messages. - * inets: Ensure graceful shutdown - * inets: Return type of the type specification for function - httpc:cookie_header/{1,2,3} has been fixed from -spec - cookie_header(url()) -> [{ field(), value() }] | {error, - Reason} to -spec cookie_header(url()) -> { field(), value() } | - {error, Reason} -- Changes for 25.2.2: - * ftp: Fixes calls to ftp:nlist/2 returning {error, epath} when - the file / folder exists -- Changes for 25.2.1: - * compiler: Fixed a bug that could cause legal code to fail - validation. - * compiler: Eliminated a rare crash in the beam_types module. - * erts: Fixed a bug in selective receive optimization that could - crash 32-bit emulators. - * erts: A race condition which was very rarely triggered could - cause the signal queue of a process to become inconsistent - causing the runtime system to crash. - * kernel: The tcp connect option 'bind_to_device' could not be - used with inet_backend = 'socket'. 'inet' requires value type - binarry() and 'socket' requires value type 'string()'. - * kernel: Minor issue processing options when calling - gen_tcp:connect with a sockaddr() and inet_backend = socket. - * common_test: Change timeout to infinity for gen_server calls in - cth_log_redirect - * inets: fixes a missing case of the type specification for - httpd:info/2/3/4 - * snmp: Single threaded agent crash when vacm table not properly - initiated. - -- Changes for 25.2: - * erts: Fix perf/gdb JIT symbols to not contain CodeInfoPrologue - for the JIT internal module erts_beamasm. - * erts: Fixed minor memory leaks. - * erts: Fix bugs in ets:insert and ets:insert_new when called - with a list of tuples to insert while a concurrent process - either deletes or renames the table. The table deletion could - be done with ets:delete/1 or be caused by termination of the - table owning process. Symptoms are either VM crash or strange - incorrect behavior from the insert operation. The risk of - triggering the bugs increases with the length of the list of - tuple to insert. Bugs exist since OTP 23.0. - * erts: Boost execution of scheduled thread progress jobs. This - to prevent memory exhaustion in extremely rapid - allocation/deallocation scenarios, such as repeated ETS table - creations/deletions. - * erts: Fix segv crash during crash dumping an ETS table doing - ets:delete_all_objects. - * erts: Spec for function net:if_names/0 incorrect - * erts: Fix bug in binary_to_term decoding a binary term 2Gbyte - or larger. - * erts: Documentation of erlang:module_loaded/1 has been - adjusted: - * erts: Fix list_to_atom/1 for negative code points. Could either - return with a positive code point or fail with an incorrect - exception. - * erts: Fix rare bug causing VM crash when sending to a pid of a - spawning process returned from erlang:processes/0. Only seen - when provoked by system process literal_area_collector, - triggered by a module purge operation, on a VM started with - +Meamin (no customized allocators). - * erts: gen_udp:open/2 with option(s) add_membership or - drop_membership would drop earlier options. - * erts: The inet:setopts/2 {reuseaddr, true} option will now be - ignored on Windows unless the socket is an UDP socket. For more - information see the documentation of the reuseaddr option part - of the documentation of inet:setopts/2. Prior to OTP 25 the - {reuseaddr, true} option was ignored for all sockets on - Windows, but as of OTP 25.0 this was changed so that it was not - ignored for any sockets. *** POTENTIAL INCOMPATIBILITY *** - * erts: Fix bug in binary_to_term decoding a list of length 1G or - longer. - * erts: Fix bug in binary_to_term (and distributed receive) when - decoding a large map (>32 keys) with unsorted small maps (<= - 32) as keys of the large map. This was only a problem if the - term was encoded by erl_interface, jinterface or otherwise, as - the VM itself always encodes small maps with sorted keys. The - "binary_to_term" would appear as successful but the created - large map was internally inconsistent. The smaller key-maps - could not be found with maps:get and friends. Other operations - such as map compare and merge could probably also give - incorrect results. - * erts: Fix Windows bug in open_port({spawn, Command}, ..) when - Command is found via the OS search PATH and that directory path - contains white spaces. The port program would start but the - command line arguments to it could be incorrect. - * ftp: fix unexpected result ok when calling ftp:nlist repeatedly - * inets: This change allows body requests to httpc:request/5 be - an iolist() - * inets: addition of type specs in httpc.erl - * inets: httpc: Add support for HTTP 308 status code - * dialyzer: Dialyzer would crash when attempting to analyze a bit - syntax segment size having an literal non-integer size such as - []. - * dialyzer: Dialyzer could crash when trying to analyze a - convoluted nested expression involving funs, - * kernel: Fixed shutdown crash in gen_tcp socket backend, when - the other end closed the socket. - * kernel: erl_tar can now read gzip-compressed tar files that are - padded. There is a new option compressed_one for file:open/2 - that will read a single member from a gzip file, - * kernel: Fix os:cmd to not translate all exceptions thrown to - badarg. For example emfile from erlang:open_port was translated - to badarg. This bug has existed since Erlang/OTP 24. - * kernel: Spec for function net:if_names/0 incorrect - * kernel: Missing ctrl option name transation for TOS and TTL (on - FreeBSD) when using gen_udp with the 'socket' inet_backend. - * kernel: gen_udp:open/2 with option(s) add_membership or - drop_membership would drop earlier options. - * kernel: The inet:setopts/2 {reuseaddr, true} option will now be - ignored on Windows unless the socket is an UDP socket. For more - information see the documentation of the reuseaddr option part - of the documentation of inet:setopts/2. Prior to OTP 25 the - {reuseaddr, true} option was ignored for all sockets on - Windows, but as of OTP 25.0 this was changed so that it was not - ignored for any sockets. *** POTENTIAL INCOMPATIBILITY *** - * kernel: The distribution socket option handling in - inet_tcp_dist has been cleaned up to clarify which were - mandatory and which just had default values. - * kernel: Improve warning message format for gen_tcp_socket. - * snmp: Explicitly close the socket(s) when terminating - (default-) net-if process. - * stdlib: erl_tar can now read gzip-compressed tar files that are - padded. There is a new option compressed_one for file:open/2 - that will read a single member from a gzip file, - * stdlib: A concurrent call to ets:rename could cause - ets:delete_all_objects to fail halfway through with badarg. - * stdlib: It is not allowed to call functions from guards. The - compiler failed to reject a call in a guard when done by - constructing a record with a default initialization expression - that called a function. - * stdlib: The compiler could crash when using a record with - complex field initialization expression as a filter in a list - comprehension. - * stdlib: unicode:characters_to_binary() could build - unnecessarily large call stack. - * stdlib: Improve error message for ets:new/2 name clash. Say - "name already exists" instead of less specific "invalid - options". - * mnesia: Fixed crash which could happen during startup if too - many decisions where sent from remote nodes. - * os_mon: The disk_space_check_interval configuration parameter - of disksup can now be set to values smaller than a minute. - * ssh: graceful shutdown of ssh_conection_handler when connection - is closed by peer - * common_test: Fix starting of peer nodes on old releases when - the compile server was active and the current Erlang - installation contained non-latin1 characters in its path. - * public_key: Disregard LDAP URIs when HTTP URIs are expected. - * ssl: With this change, tls_sender process is hibernated after - sufficient inactivity. - * ssl: Correct handling of legacy schemes so that ECDSA certs - using sha1 may be used for some TLS-1.3 configurations. - * ssl: With this change, tls_sender does not cause logger crash - upon key update. - * ssl: Enhance warning message - * ssl: Provide server option to make certificate_authorities - extension in the TLS-1.3 servers certificate request optional. - This will allow clients to send incomplete chains that may be - reconstructable and thereby verifiable by the server, but that - would not adhere to the certificate_authorities extension. - * ssl: If the verify_fun handles four arguments the DER cert will - be supplied as one of the arguments. - * megaco: A very minor improvement to the measurement tool. - * observer: A WX event race could causes a crash in when handling - socket or port info. - * observer: Improve the nodes menu to include more nodes. - * compiler: Line number in compiler messages would be truncated - to 4 digits for line numbers greater than 9999. - * compiler: In rare circumstance, matching a binary as part of a - receive clause could cause the compiler to terminate because of - an internal consistency check failure. - * compiler: Compiling a function with complex bit syntax matching - such as f(<>, <>) -> ok. could crash the - compiler. - * compiler: It is not allowed to call functions from guards. The - compiler failed to reject a call in a guard when done by - constructing a record with a default initialization expression - that called a function. - * compiler: The compiler could crash when using a record with - complex field initialization expression as a filter in a list - comprehension. - * wx: Added environment variable WX_MACOS_NON_GUI_APP to allow - user to override OSXIsGUIApplication behavior. - -- Changes for 25.1.2: - * mnesia: Don't fill the logs if mnesia can't connect to all - nodes, due to partitioned network. - * erts: Add abandon carrier free utilization limit (+Muacful) - option to erts_alloc. This option allows the user to mark - unused segments in a memory carrier as re-useable by the OS if - needed. This functionality was a non-configurable default - before Erlang/OTP 25, but removed due to performance issues. - -- Changes for 25.1.1: - * dialyzer: Dialyzer could crash when analyzing Elixir code that - used intricate macros. - * dialyzer: The --input_list_file option has been added. - * ssl: Fixes handling of symlinks in cacertfile option. - * eunit: With this change, eunit exact_execution option works - with application primitive. - * stdlib: peer nodes failed to halt when the process supervising - the control connection crashed. When an alternative control - connection was used, this supervision process also quite - frequently crashed when the peer node was stopped by the node - that started it which caused the peer node to linger without - ever halting. - * asn1: For the per and uper ASN.1 encoding rules, encoding and - decoding the SEQUENCE OF and SET OF constructs with 16384 items - or more is now supported. - * erts: Listen sockets created with the socket module, leaked - (erlang-) monitors. - * erts: Notifications about available distribution data sent to - distribution controller processes could be lost. Distribution - controller processes can be used when implementing an - alternative distribution carrier. The default distribution over - tcp was not effected and the bug was also not present on - x86/x86_64 platforms. - * kernel: Listen sockets created with the socket module, leaked - (erlang-) monitors. - * kernel: peer nodes failed to halt when the process supervising - the control connection crashed. When an alternative control - connection was used, this supervision process also quite - frequently crashed when the peer node was stopped by the node - that started it which caused the peer node to linger without - ever halting. -- Changes for 25.1: - * dialyzer: Two bugs have been fixed in Dialyzer's checking of - behaviors: When a mandatory callback function is present but - not exported, Dialyzer would not complain about a missing - callback. When an optional callback function was not exported - and had incompatible arguments and/or the return values were - incompatible, Dialyzer would complain. This has been changed to - suppress the warning, because the function might not be - intended to be a callback function, for instance if a release - added a new optional callback function (such as format_status/1 - for the gen_server behaviour added in OTP 25). - * dialyzer: The no_extra_return and no_missing_return warnings - can now be suppressed through -dialyzer directives in source - code. - * jinterface: Fix javadoc build error by adding option -encoding - UTF-8. - * diameter: There is a new configure option, --enable- - deterministic-build, which will apply the deterministic - compiler option when building Erlang/OTP. The deterministic - option has been improved to eliminate more sources of non- - determinism in several applications. - * crypto: Fix configure with --with-ssl and --disable-dynamic- - ssl-lib on Windows. - * crypto: Remove all references correctly in the garbage - collection if an engine handle was not explicit unloaded. - * crypto: Changed the behaviour of the engine load/unload - functions The engine load/unload functions have got changed - semantics to get a more consistent behaviour and work correct - when variables are garbage collected. The load functions now - don't register the methods for the engine to replace. That will - now be handled with the new functions - engine_register/engine_unregister if needed. Some functions are - removed from the documentation and therefor the API, but they - are left in the code for compatibility. *** POTENTIAL - INCOMPATIBILITY *** - * crypto: Fixed a naming bug for AES-CFB and Blowfish-CFB/OFB - when linked with OpenSSL 3.0 cryptolib. - * crypto: Sign/verify does now behave as in OTP-24 and earlier - for eddsa. - * crypto: Pass elliptic curve names from crypto.erl to crypto's - nif. - * crypto: The configure option --disable-deprecated-warnings is - removed. It was used for some releases when the support for - OpenSSL 3.0 was not completed. It is not needed in OTP 25. - * crypto: Crypto is now considered to be usable with the OpenSSL - 3.0 cryptolib for production code. ENGINE and FIPS are not yet - fully functional. - * crypto: Do not exit if the legacy provider is missing in - libcrypto 3.0. - * ssl: Reject unexpected application data in all relevant places - for all TLS versions. Also, handle TLS-1.3 middlebox - compatibility with more care. This will make malicious - connections fail early and further, mitigate possible DoS - attacks, that would be caught by the handshake timeout. Thanks - to Aina Toky Rasoamanana and Olivier Levillain from Télécom - SudParis for alerting us of the issues in our implementation. - * ssl: With this change, value of cacertfile option will be - adjusted before loading certs from the file. Adjustments - include converting relative paths to absolute and converting - symlinks to actual file path. Thanks to Marcus Johansson - * ssl: In TLS-1.3, if chain certs are missing (so server auth - domain adherence can not be determined) send peer cert and hope - the server is able to recreate a chain in its auth domain. - * ssl: Make sure periodical refresh of CA certificate files - repopulates cache properly. - * ssl: Correct internal CRL cache functions to use internal - format consistently. - * ssl: Incorrect handling of client middlebox negotiation for - TLS-1.3 could result in that a TLS-1.3 server would not use - middlebox mode although the client was expecting it too and - failing the negotiation with unexpected message. - * ssl: If the "User" process, the process starting the TLS - connection, gets killed in the middle of spawning the dynamic - connection tree make sure we do not leave any processes behind. - * ssl: A vulnerability has been discovered and corrected. It is - registered as CVE-2022-37026 "Client Authentication Bypass". - Corrections have been released on the supported tracks with - patches 23.3.4.15, 24.3.4.2, and 25.0.2. The vulnerability - might also exist in older OTP versions. We recommend that - impacted users upgrade to one of these versions or later on the - respective tracks. OTP 25.1 would be an even better choice. - Impacted are those who are running an ssl/tls/dtls server using - the ssl application either directly or indirectly via other - applications. For example via inets (httpd), cowboy, etc. Note - that the vulnerability only affects servers that request client - certification, that is sets the option {verify, verify_peer}. - (bsc#1205318) - * eunit: With this change, Eunit can optionally not try to - execute related module with "_tests" suffix. This might be used - for avoiding duplicated executions when source and test modules - are located in the same folder. - * erl_docgen: Update DTD to allow XML tag em under pre. - * inets: Add httpc:ssl_verify_host_options/1 to help setting - default ssl options for the https client. - * inets: This change fixes dialyzer warnings generated for - inets/httpd examples (includes needed adjustment of spec for - ssh_sftp module). - * inets: Remove documentation of no longer supported callback. - * stdlib: Fixed inconsistency bugs in global due to - nodeup/nodedown messages not being delivered before/after - traffic over connections. Also fixed various other - inconsistency bugs and deadlocks in both global_group and - global. As building blocks for these fixes, a new BIF - erlang:nodes/2 has been introduced and - net_kernel:monitor_nodes/2 has been extended. The -hidden and - - connect_all command line arguments did not work if multiple - instances were present on the command line which has been - fixed. The new kernel parameter connect_all has also been - introduced in order to replace the -connect_all command line - argument. - * stdlib: Fix the public_key:ssh* functions to be listed under - the correct release in the Removed Functionality User's Guide. - * stdlib: The type spec for format_status/1 in gen_statem, - gen_server and gen_event has been corrected to state that the - return value is of the same type as the argument (instead of - the same value as the argument). - * stdlib: If the timer server child spec was already present in - kernel_sup but it was not started, the timer server would fail - to start with an {error, already_present} error instead of - restarting the server. - * stdlib: When changing callback module in gen_statem the - state_enter calls flag from the old module was used in for the - first event in the new module, which could confuse the new - module and cause malfunction. This bug has been corrected. With - this change some sys debug message formats have been modified, - which can be a problem for debug code relying on the format. - * ** POTENTIAL INCOMPATIBILITY *** - * stdlib: There is a new configure option, --enable- - deterministic-build, which will apply the deterministic - compiler option when building Erlang/OTP. The deterministic - option has been improved to eliminate more sources of non- - determinism in several applications. - * stdlib: The rfc339_to_system_time/1,2 functions now allows the - minutes part to be omitted from the time zone. - * stdlib: The receive statement in gen_event has been optimized - to not use selective receive (which was never needed, and could - cause severe performance degradation under heavy load). - * stdlib: Add new API function erl_features:configurable/0 - * parsetools: There is a new configure option, --enable- - deterministic-build, which will apply the deterministic - compiler option when building Erlang/OTP. The deterministic - option has been improved to eliminate more sources of non- - determinism in several applications. - * public_key: Support more Linux distributions in cacerts_load/0. - * public_key: Correct asn1 typenames available in type - pki_asn1_type() - * public_key: Sign/verify does now behave as in OTP-24 and - earlier for eddsa. - * snmp: Improved the get-bulk response max size calculation. Its - now possible to configure 'empty pdu size', see appendix c for - more info. - * snmp: Fix various example dialyzer issues - * ssh: Handling rare race condition at channel close. - * ssh: New ssh option no_auth_needed to skip the ssh - authentication. Use with caution! - * ssh: This change fixes dialyzer warnings generated for - inets/httpd examples (includes needed adjustment of spec for - ssh_sftp module). - * ssh: The new function ssh:daemon_replace_options/2 makes it - possible to change the Options in a running SSH server. - Established connections are not affected, only those created - after the call to this new function. - * ssh: Add a timeout as option max_initial_idle_time. It closes a - connection that does not allocate a channel within the timeout - time. For more information about timeouts, see the Timeouts - section in the User's Guide Hardening chapter. - * observer: Fixed units in gui. - * xmerl: There is a new configure option, --enable-deterministic- - build, which will apply the deterministic compiler option when - building Erlang/OTP. The deterministic option has been improved - to eliminate more sources of non-determinism in several - applications. - * asn1: There is a new configure option, --enable-deterministic- - build, which will apply the deterministic compiler option when - building Erlang/OTP. The deterministic option has been improved - to eliminate more sources of non-determinism in several - applications. - * erts: Fixed inconsistency bugs in global due to nodeup/nodedown - messages not being delivered before/after traffic over - connections. Also fixed various other inconsistency bugs and - deadlocks in both global_group and global. As building blocks - for these fixes, a new BIF erlang:nodes/2 has been introduced - and net_kernel:monitor_nodes/2 has been extended. The -hidden - and -connect_all command line arguments did not work if - multiple instances were present on the command line which has - been fixed. The new kernel parameter connect_all has also been - introduced in order to replace the -connect_all command line - argument. - * erts: Fixed IPv6 multicast_if and membership socket options. - * erts: Accept funs (NEW_FUN_EXT) with incorrectly encoded size - field. This is a workaround for a bug (OTP-18104) existing in - OTP 23 and 24 that could cause incorrect size fields in certain - cases. The emulator does not use the decoded size field, but - erl_interface still does and is not helped by this workaround. - * erts: Fixed issue with inet:getifaddrs hanging on pure IPv6 - Windows - * erts: Fix faulty distribution encoding of terms with either The - symptom could be failed decoding on the receiving side leading - to aborted connection. Fix OTP-18093 is a workaround for theses - bugs that makes the VM accepts such faulty encoded funs. The - first encoding bug toward pending connection exists only in OTP - 23 and 24, but the second one exists also on OTP 25. - * erts: Fixed emulator crash that could happen during crashdump - generation of ETS tables with options ordered_set and - {write_concurrency,true}. - * erts: Retrieval of monotonic and system clock resolution on - MacOS could cause a crash and/or erroneous results. - * erts: Fix bug where the max allowed size of erl +hmax was lower - than what was allowed by process_flag. - * erts: On computers with ARM64 (AArch64) processors, the JIT - could generate incorrect code when more than 4095 bits were - skipped at the tail end of a binary match. - * erts: In rare circumstances, an is_binary/1 guard test could - succeed when given a large integer. - * erts: Fix bug causing ets:info (and sometimes ets:whereis) to - return 'undefined' for an existing table if a concurrent - process were doing ets:insert with a long list on the same - table. - * erts: Fix writing and reading of more than 2 GB in a single - read/write operation on macOS. Before this fix attempting to - read/write more than 2GB would result in {error,einval}. - * erts: Fix bug sometimes causing emulator crash at node shutdown - when there are pending connections. Only seen when running duel - distribution protocols, inet_drv and inet_tls_dist. - * erts: Yield when adjusting large process message queues due to - The message queue adjustment work will now be interleaved with - all other types of work that processes have to do, even other - message queue adjustment work. - * erts: Add rudimentary debug feature (option) for the inet- - driver based sockets, such as gen_tcp and gen_udp. - * erts: Introduced the hidden and dist_listen options to - net_kernel:start/2. Also documented the -dist_listen command - line argument which was erroneously documented as a kernel - parameter and not as a command line argument. - * erts: New documentation chapter "Debugging NIFs and Port - Drivers" under Interoperability Tutorial. - * erts: Add new API function erl_features:configurable/0 - * kernel: Fixed inconsistency bugs in global due to - nodeup/nodedown messages not being delivered before/after - traffic over connections. Also fixed various other - inconsistency bugs and deadlocks in both global_group and - global. As building blocks for these fixes, a new BIF - erlang:nodes/2 has been introduced and - net_kernel:monitor_nodes/2 has been extended. The -hidden and - - connect_all command line arguments did not work if multiple - instances were present on the command line which has been - fixed. The new kernel parameter connect_all has also been - introduced in order to replace the -connect_all command line - argument. - * kernel: Fixed IPv6 multicast_if and membership socket options. - * kernel: Fixed issue with inet:getifaddrs hanging on pure IPv6 - Windows - * kernel: The type specifications for inet:getopts/2 and - inet:setopts/2 have been corrected regarding SCTP options. - * kernel: The type specifications for inet:parse_* have been - tightened. - * kernel: Fix gen_tcp:connect/3 spec to include the inet_backend - option. - * kernel: Fix bug where using a binary as the format when calling - logger:log(Level, Format, Args) (or any other logging function) - would cause a crash or incorrect logging. - * kernel: Add rudimentary debug feature (option) for the inet- - driver based sockets, such as gen_tcp and gen_udp. - * kernel: Introduced the hidden and dist_listen options to - net_kernel:start/2. Also documented the -dist_listen command - line argument which was erroneously documented as a kernel - parameter and not as a command line argument. - * kernel: Scope and group monitoring have been introduced in pg. - For more information see the documentation of - pg:monitor_scope(), pg:monitor(), and pg:demonitor(). - * kernel: A new function global:disconnect/0 has been introduced - with which one can cleanly disconnect a node from all other - nodes in a cluster of global nodes. - * compiler: The compiler will now forbid using the empty atom '' - as module name. Also forbidden are modules names containing - control characters, and module names containing only spaces and - soft hyphens. - * compiler: The bin_opt_info and recv_opt_info options would - cause the compiler to crash when attempting to compile - generated code without location information. - * compiler: In rare circumstances involving floating point - operations, the compiler could terminate with an internal - consistency check failure. - * compiler: In rare circumstances when doing arithmetic - instructions on non-numbers, the compiler could crash. - * compiler: In rare circumstances, complex boolean expressions in - nested cases could cause the compiler to crash. - * compiler: Expression similar to #{assoc:=V} = #key=>self()}, V - would return the empty map instead of raising an exception. - * compiler: Eliminated a crash in the beam_ssa_bool pass of the - compiler when compiling a complex guard expression. - * compiler: In rare circumstances, the compiler could crash with - an internal consistency check failure. - * compiler: When compiling with the option inline_list_funcs, the - compiler could produce a nonsensical warning. - * compiler: When given the no_ssa_opt option, the compiler could - terminate with an internal consistency failure diagnostic when - compiling map matching. - * compiler: Made warnings for existing atoms being keywords in - experimental features more precise, by not warning about quoted - atoms. - * compiler: There is a new configure option, --enable- - deterministic-build, which will apply the deterministic - compiler option when building Erlang/OTP. The deterministic - option has been improved to eliminate more sources of non- - determinism in several applications. - * megaco: Fixed various dialyzer related issues in the examples - and the application proper. - * megaco: There is a new configure option, --enable- - deterministic-build, which will apply the deterministic - compiler option when building Erlang/OTP. The deterministic - option has been improved to eliminate more sources of non- - determinism in several applications. - * common_test: Fix cth_surefire to handle when a suite is not - compiled with debug_info. This bug has been present since - Erlang/OTP 25.0. - * common_test: Common Test now preserves stack traces for throws. - -- Changes for 25.0.4: - * kernel: A call to net_kernel:setopts(new, Opts) at the same - time as a connection was being set up could cause a deadlock - between the net_kernel process and the process setting up the - connection. - * erts: The monitor/3 BIF did not apply options to the created - monitor if the target process or port did not exist. That is, - the corresponding down message would get a `DOWN` tag even if a - custom tag had been set, and the returned reference was not an - alias even if the alias option had been passed. - * erts: The erlang:monotonic_time/1, erlang:system_time/1, - erlang:time_offset/1, and os:system_time/1 BIFs erroneously - failed when passed the argument native. - -- Changes for 25.0.3: - * erts: Distributed exit signals could be lost under the - following conditions: - * erts: A race could cause process_info(Pid, message_queue_len) - on other processes to return invalid results. - * erts: Fixed reduction counting for handling process system - tasks. - * erts: Priority elevation of terminating processes did not work - which could cause execution of such processes to be delayed. - * erts: An unlink operation made by a process that terminated - before the unlink operation completed, i.e., before it had - received an unlink-ack signal from the linked process, caused - an exit signal to erroneously be sent from the terminating - process to the process being unlinked. This exit signal would - most often be ignored by the receiver, but if the receiver of - the exit signal concurrently set up a new link, it could - receive the exit signal with the actual exit reason of the - terminating process instead of a noproc exit reason. It is - however very hard to detect that this has happened and has no - obvious negative consequences, so it should be considered - harmless. A distributed unlink-ack signal received by a - terminating process was also not properly removed which could - cause a minor memory leak. - * ssl: The link to crypto:engine_load refered the function with - wrong arity. - -- Changes for 25.0.2: - * ssl: Improved handling of unexpected messages during the - handshake, taking the right action for unexpected messages. - * erts: On computers with the ARM64 (AArch64) architecture (such - as Apple Silicon Macs) a rem expression followed by a div - expression with the same operands could evaluate to the wrong - result if the result of the rem expression was unused. -- Changes for 25.0.1: - * ssl: When a TLS-1.3 enabled client tried to talk to a TLS-1.2 - server that coalesces TLS-1.2 handshake message over one TLS - record, the connection could fail due to some message being - handled in the wrong state, this has been fixed. - * ssl: Correctly handles supported protocol version change from - default to something else by sni_fun supplied to - ssl:handshake/[2,3] together with a TCP-socket (so called - upgrade). - * ssl: Also, TLS-1.3 should respond with a protocol version alert - if previous versions, that are supported but not configured, - are attempted. - * kernel: The DNS resolver inet_res has been fixed to ignore - trailing dot difference in the request domain between the sent - request and the received response, when validating a response. - * kernel: A bug in inet_res has been fixed where a missing - internal {ok,_} wrapper caused inet_res:resolve/* to return a - calculated host name instead of an `{ok,Msg} tuple, when - resolving an IP address or a host name that is an IP address - string. - * kernel: The erlang:is_alive() BIF could return true before - configured distribution service was available. This bug was - introduced in OTP 25.0 ERTS version 13.0. The - erlang:monitor_node() and erlang:monitor() BIFs could - erroneously fail even though configured distribution service - was available. This occurred if these BIFs were called after - the distribution had been started using dynamic node name - assignment but before the name had been assigned. - * kernel: Added the missing mandatory address/0 callback in the - gen_tcp_dist example. - * erts: A spawn_reply signal from a remote node could be delayed - and be delivered after other signals from the newly spawned - process. When this bug triggered, the connection to the node - where the process was spawned sometimes could be taken down due - to the bug. The following error message would then be logged if - this happened: Missing 'spawn_reply' signal from the node - detected by on the node . The - node probably suffers from the bug with ticket id - OTP-17737. This bug only affected processes which had enabled - off_heap message_queue_data and parallel reception of signals - had been automatically enabled. This bug was introduced in OTP - 25.0, ERTS version 13.0. - * erts: Fixed type spec of erlang:system_info(dist_ctrl). - * erts: The zlib built in to the runtime system has been updated - to version 1.2.12. (Note that on most platforms, the platform's - own zlib is used.) - * erts: The erlang:is_alive() BIF could return true before - configured distribution service was available. This bug was - introduced in OTP 25.0 ERTS version 13.0. The - erlang:monitor_node() and erlang:monitor() BIFs could - erroneously fail even though configured distribution service - was available. This occurred if these BIFs were called after - the distribution had been started using dynamic node name - assignment but before the name had been assigned. - * crypto: Note in the documentation that MODP (rfc3526) groups - and OpenSSL 3.0 can give an error if a call to - crypto:generate_key/2 specifies a key length, and that length - is to small. - * crypto: The cmac now uses only the 3.0 API - * crypto: Documentation is now updated with which OpenSSL - cryptolib versions that OTP currently is tested. - * dialyzer: Fixed the documentation for the missing_return and - extra_return options. - * mnesia: Fixed add_table_copy which could leave a table lock if - the receiving node went down during the operation. - * ssh: Binaries can be limited in logs with the parameter - max_log_item_len. The default value is 500 bytes. - * stdlib: In the initial release of Erlang/OTP 25, the expression - bound to the _ pseudo-field in a record initialization would - always be evaluated once, even if all other fields in the - record were explicitly initialized. That would break the use - case of binding the expression error(...) to _ in order to get - an exception if not all fields were initialized. The behavior - of binding to _ has been reverted to the pre-OTP 25 behavior, - that is, to not evaluate the expression if all fields have been - bound to explicit values. - -- Version 25.0: - - stdlib - * New function filelib:ensure_path/1 will ensure that all - directories for the given path exists - * New functions groups_from_list/2 and groups_from_list/3 in - the maps module - * New functions uniq/1 uniq/2 in the lists module - * New PRNG added to the rand module, for fast pseudo-random - numers. - - compiler, kernel, stdlib, syntax_tools: - * Added support for selectable features as described in EEP-60. - Features can be enabled/disabled during compilation with - options (ordinary and +term) to erlc as well as with - directives in the file. Similar options can be used to erl - for enabling/disabling features allowed at runtime. The new - maybe expression EEP-49 is fully supported as the feature - maybe_expr. - - erts & JIT: - * The JIT now works for 64-bit ARM processors. - * The JIT now does type-based optimizations based on type - information in the BEAM files. - * Improved the JIT’s support for external tools like perf and - gdb, allowing them to show line numbers and even the original - Erlang source code when that can be found. - - erts, stdlib, kernel: - * Users can now configure ETS tables with the - {write_concurrency, auto} option. This option forces tables - to automatically change the number of locks that are used at - run-time depending on how much concurrency is detected. The - {decentralized_counters, true} option is enabled by default - when {write_concurrency, auto} is active. - * Benchmark results comparing this option with the other ETS - optimization options are available here: benchmarks. - * To enable more optimizations, BEAM files compiled with OTP 21 - and earlier cannot be loaded in OTP 25. - * The signal queue of a process with the process flag - message_queue_data=off_heap has been optimized to allow - parallel reception of signals from multiple processes. This - can improve performance when many processes are sending in - parallel to one process. See benchmark. - * The Erlang installation directory is now relocatable on the - file system given that the paths in the installation’s - RELEASES file are paths that are relative to the - installations root directory. - * A new option called short has been added to the functions - erlang:float_to_list/2 and erlang:float_to_binary/2. This - option creates the shortest correctly rounded string - representation of the given float that can be converted back - to the same float again. - * Introduction of quote/1 and unquote/1 functions in the - uri_string module - a replacement for the deprecated - functions http_uri:encode and http_uri:decode. - * The new module peer supersedes the slave module. The slave - module is now deprecated and will be removed in OTP 27. - * global will now by default prevent overlapping partitions due - to network issues. This is done by actively disconnecting - from nodes that reports that they have lost connections to - other nodes. This will cause fully connected partitions to - form instead of leaving the network in a state with - overlapping partitions. - * It is possible to turn off the new behavior by setting the - the kernel configuration parameter - prevent_overlapping_partitions to false. Doing this will - retain the same behavior as in OTP 24 and earlier. - * The format_status/2 callback for gen_server, gen_statem and - gen_event has been deprecated in favor of the new - format_status/1 callback. - * The new callback adds the possibility to limit and change - many more things than the just the state. - * The timer module has been modernized and made more efficient, - which makes the timer server less susceptible to being - overloaded. The timer:sleep/1 function now accepts an - arbitrarily large integer. - - compiler: - * The maybe ... end construction as proposed in EEP-49 has been - implemented. It can simplify complex code where otherwise - deeply nested cases would have to be used. - * To enable maybe, give the option {enable_feature,maybe_expr} - to the compiler. The exact option to use will change in a - coming release candidate and then it will also be possible to - use from inside the module being compiled. - * When a record matching or record update fails, a {badrecord, - ExpectedRecordTag} exception used to be raised. In this - release, the exception has been changed to {badrecord, - ActualValue}, where ActualValue is the value that was found - instead of the expected record. - * Add compile attribute -nifs() to empower compiler and loader - with information about which functions may be overridden as - NIFs by erlang:load_nif/2. - * Improved and more detailed error messages when binary - construction with the binary syntax fails. This applies both - for error messages in the shell and for - erl_error:format_exception/3,4. - * Change format of feature options and directives for better - consistency. Options to erlc and the -compile(..) directive - now has the format {feature, feature-name, enable | disable}. - The -feature(..) now has the format -feature(feature-name, - enable | disable). - - crypto: - * Add crypto:hash_equals/2 which is a constant time comparision - of hashvalues. - - ssl: - * Introducing a new (still experimental) option - {certs_keys,[cert_key_conf()]}. With this a list of a - certificates with their associated key may be used to - authenticate the client or the server. The certificate key - pair that is considered best and matches negotiated - parameters for the connection will be selected. - - public_key: - * Functions for retrieving OS provided CA-certs added. - - dialyzer: - * Optimize operations in the erl_types module. Parallelize the - Dialyzer pass remote. - * Added the missing_return and extra_return options to raise - warnings when specifications differ from inferred types. - These are similar to, but not quite as verbose as overspecs - and underspecs. - * Dialyzer now better understands the types for min/2, max/2, - and erlang:raise/3. Because of that, Dialyzer can potentially - generate new warnings. In particular, functions that use - erlang:raise/3 could now need a spec with a no_return() - return type to avoid an unwanted warning. - -- Fix build for Factory. Currently, any Java version - is fine for Erlang. - -- Changes for 24.3.2: - * erl_interface: Fix compile error regarding gethostbyaddr_r on - Android. Error introduced in OTP 24.3. - * kernel: Fix failed accepted connection setup after previous - established connection from same node closed down silently. - * kernel: Fixed a problem where typing Ctrl-R in the shell could - hang if there were some problem with the history log file. -- Changes for 24.3.1: - * dialyzer: There could be spurious warnings for unknown types - when a type was a subtype of an existing type that was a - subtype of an unknown type. - * ssl: Client certification could fail for TLS-1.3 servers that - did not include the certificat_authorties extension in its - certificate request message. -- Changes for 24.3: - * megaco: The compilation time is no longer recorded in BEAM - files. There remained several undocumented functions that - attempted to retrieve compilation times. Those have now been - removed. - * megaco: Update the performance and debug chapters of the megaco - user's guide. Also some updates to the meas tools. - * compiler: The expression <<0/native-float>>=Bin would always - fail to match, while <<0/float-native>>=Bin would match - (provided that Bin contained the binary representation of 0.0) - * compiler: The compiler will now compile huge functions with - straight-line code faster. - * erl_interface: Add --enable-ei-dynamic-lib configure option - that will make erl_interface also release a dynamic library - version of libei. - * erl_interface: The ei API for decoding/encoding terms is not - fully 64-bit compatible since terms that have a representation - on the external term format larger than 2 GB cannot be handled. - * sasl: Fix bug in systools:make_script/1 documentation. - * inets: The compilation time is no longer recorded in BEAM - files. There remained several undocumented functions that - attempted to retrieve compilation times. Those have now been - removed. - * inets: Documentation fix for inets:services_info/0, which now - describes that Info might be a Reason term() in case when - {error, Reason} is returned as service info. - * crypto: The crypto app in OTP can since OTP-24.2 be compiled, - linked and used with the new OpenSSL 3.0 cryptolib. The crypto - app has 3.0 support has been improved, but is still *not - recommended* for other usages than experiments and alpha - testing. There are not yet any guaranties that it works, not - even together with other OTP applications like for example SSL - and SSH, although there are no known errors. Since the previous - release, OTP-24.2, the following improvements have been done: - - It has been tested during nearly every nightly test on the OTP - lab - The hash algorithms md4 and ripemd160 have been enabled - with OpenSSL 3.0. - The ciphers blowfish_cbc, blowfish_ecb, - des_cbc, des_cfb, des_ecb, rc2_cbc and rc4 have been enabled - with OpenSSL 3.0. Disabled or unsupported with OpenSSL 3.0 are - still: - ENGINE support - FIPS mode - Other providers than the - built-in ones - Compiling and linking with OpenSSL 3.0 - cryptolib in compatibility modes (for example to behave as - 1.1.1) and, the ciphers blowfish_cfb64 and blowfish_ofb64 are - not supported and will not be either. Deprecated functions in - the OpenSSL 3.0 cryptolib must not be disabled as OTP/crypto - still uses some of the deprecated API functions. The gcc flag - - Wno-deprecated-declarations is set to prevent deprecation - warnings to be printed when compiling. - * crypto: Crypto is adapted to LibreSSL 3.5.0 on OpenBSD. - * crypto: New configure option ( --disable-otp-test-engine) to - prohibit the build of the OTP test engine used in some test - suites. The reason is that the test engine could be hard to - compile on for instance LibreSSL 3.5.0. For that particular - cryptolib version (or higher), this configure option is set - automatically. - * jinterface: Fix bug in OtpOutputStream.write_pid/4 and - write_ref/3 causing faulty encodig. Bug exists since OTP 23.0. - * wx: Removed the static_data option from wxImage creation - functions, as it was broken and could lead to crashes. Now - image data is always copied to wxWidgets as was the default - behavior. Removed some non working wxGridEvent event types, - which have there own events in newer wxWidgets versions, and - added a couple of event types that where missing in wx. - * asn1: Add support for the maps option in combination with the - jer backend. - * snmp: The compilation time is no longer recorded in BEAM files. - There remained several undocumented functions that attempted to - retrieve compilation times. Those have now been removed. - * snmp: [agent] Remove expectation of socket being a port. - * common_test: OTP internal test fix. - * runtime_tools: Fixed bug in scheduler:utilization(Seconds) that - would leave the scheduler_wall_time system flag incorrectly - enabled. - * runtime_tools: Add scheduler:get_sample/0 and get_sample_all/0. - Also clarify scheduler module documentation about how it - depends on system flag scheduler_wall_time. - * erts: Fixed a bug in the x86 JIT that might cause floating - point instructions to wrongly throw an exception. - * erts: Preserve correct nodedown_reason if supervised - distribution controller processes exit with {shutdown, Reason}. - * erts: Handling of send_timeout for gen_tcp has been corrected - so that the timeout is honored also when sending 0 bytes. - * erts: By default global does not take any actions to restore a - fully connected network when connections are lost due to - network issues. This is problematic for all applications - expecting a fully connected network to be provided, such as for - example mnesia, but also for global itself. A network of - overlapping partitions might cause the internal state of global - to become inconsistent. Such an inconsistency can remain even - after such partitions have been brought together to form a - fully connected network again. The effect on other applications - that expects that a fully connected network is maintained may - vary, but they might misbehave in very subtle hard to detect - ways during such a partitioning. In order to prevent such - issues, we have introduced a prevent overlapping partitions fix - which can be enabled using the prevent_overlapping_partitions - kernel(6) parameter. When this fix has been enabled, global - will actively disconnect from nodes that reports that they have - lost connections to other nodes. This will cause fully - connected partitions to form instead of leaving the network in - a state with overlapping partitions. Note that this fix has to - be enabled on all nodes in the network in order to work - properly. Since this quite substantially changes the behavior, - this fix is currently disabled by default. Since you might get - hard to detect issues without this fix you are, however, - strongly advised to enable this fix in order to avoid issues - such as the ones described above. As of OTP 25 this fix will - become enabled by default. - * erts: Corrected the type specification of erlang:seq_trace/2. - * erts: Fix memory leak when tracing on running on a process that - only handle system tasks or non-message signals (for example - process_info requests). - * erts: Add support for using socket:sockaddr_in() and - socket:sockaddr_in6() when using gen_sctp, gen_tcp and gen_udp. - This will make it possible to use Link Local IPv6 addresses. - * erts: Show on_load failure reasons in embedded mode. - * erts: Compile date saved in the Erlang VM executable has been - removed. - * erts: Improve documentation for the dynamic node name feature. - * ssh: Fix makefile dependency bugs. - * ssh: Fixed faulty OpenSSH decoding of Ed25519/Ed448 keys in the - OpenSSH format openssh_key_v1. - * ssh: Correction of ssh_file typing, specially for the - experimental openssh-key-v1 encoding. - * ssh: Improper tag for private ED keys when encoding with - ssh:encode/2. The tuple had ed_priv as first element, but - should have had ed_pri. This is now corrected. *** POTENTIAL - INCOMPATIBILITY *** - * ssh: Add support for Ed25519/Ed448 SSH host keys in the RFC - 4716 format ("-----BEGIN EC PRIVATE KEY-----") generated by for - example openssl or via Erlang functions (i.e. - public_key:generate_key({namedCurve, ed25519})). Ed25519 SSH - host keys generated by ssh-keygen was, and are still, - supported. - * kernel: Handling of send_timeout for gen_tcp has been corrected - so that the timeout is honored also when sending 0 bytes. - * kernel: By default global does not take any actions to restore - a fully connected network when connections are lost due to - network issues. This is problematic for all applications - expecting a fully connected network to be provided, such as for - example mnesia, but also for global itself. A network of - overlapping partitions might cause the internal state of global - to become inconsistent. Such an inconsistency can remain even - after such partitions have been brought together to form a - fully connected network again. The effect on other applications - that expects that a fully connected network is maintained may - vary, but they might misbehave in very subtle hard to detect - ways during such a partitioning. In order to prevent such - issues, we have introduced a prevent overlapping partitions fix - which can be enabled using the prevent_overlapping_partitions - kernel(6) parameter. When this fix has been enabled, global - will actively disconnect from nodes that reports that they have - lost connections to other nodes. This will cause fully - connected partitions to form instead of leaving the network in - a state with overlapping partitions. Note that this fix has to - be enabled on all nodes in the network in order to work - properly. Since this quite substantially changes the behavior, - this fix is currently disabled by default. Since you might get - hard to detect issues without this fix you are, however, - strongly advised to enable this fix in order to avoid issues - such as the ones described above. As of OTP 25 this fix will - become enabled by default. - * kernel: Fix bug where logger would crash when logging a report - including improper lists. - * kernel: Make erlang:set_cookie work for dynamic node names. - * kernel: Add support for using socket:sockaddr_in() and - socket:sockaddr_in6() when using gen_sctp, gen_tcp and gen_udp. - This will make it possible to use Link Local IPv6 addresses. - * kernel: A net_tickintensity kernel parameter has been - introduced. It can be used to control the amount of ticks - during a net_ticktime period. A new net_kernel:start/2 function - has also been introduced in order to make it easier to add new - options. The use of net_kernel:start/1 has been deprecated. - * kernel: Improve documentation for the dynamic node name - feature. - * erl_docgen: Fix css for large tables and images on small - screens - * erl_docgen: Fix bug with codeinclude tag that caused it to not - include the code if used in a correct, but unexpected way. - * observer: Calculate the display width in etop, instead of hard- - coding it to 89 characters. - * debugger: Fix record index matching, it was broken and could - never match. - * ssl: Improved error handling. - * ssl: Before this change, net_kernel used with TLS distribution - might be leaking processes in case of connectivity issues. - * ssl: Fix makefile dependency bugs. - * ssl: Make sure the TLS sender process handles explicit calls to - erlang:disconnect_node properly, avoiding potential hanging - problems in net_kernel. - * ssl: Add support for TLS-1.3 certificate_authorities extension. - And process certificate_authorities field in pre-TLS-1.3 - certificate requests. - * ssl: Support password fun for protected keyfiles in ssl:connect - function. - * ssl: Add in some cases earlier detection of possible DoS - attacks by malicious clients sending unexpected TLS messages - instead of the client hello. Note that such attacks are already - mitigated by providing a timeout for the TLS handshake. - * eldap: Fix eldap extensibleMatch dnAttributes option. According - to the ldap ASN1 the dnAttributes should be a bool, instead it - was generated as a string. - * eldap: Implemented paged searches according to https://www.rfc- - editor.org/rfc/rfc2696.txt - * public_key: Support password fun for protected keyfiles in - ssl:connect function. - * stdlib: The compilation time is no longer recorded in BEAM - files. There remained several undocumented functions that - attempted to retrieve compilation times. Those have now been - removed. - * mnesia: Reduce the number of locks taken during table copying, - should reduce the startup time on large systems. - * diameter: The compilation time is no longer recorded in BEAM - files. There remained several undocumented functions that - attempted to retrieve compilation times. Those have now been - removed. - -- Changes for 24.2.2: - * inets: Avoid intermediate ungraceful shutdown of the HTTP - server. - * ssh: The ssh sever parallel_login option was missing in OTP-24 - -- Changes for 24.2.1: - * ssl: Improve SNI (server name indication) handling so that - protocol version can be selected with regards to SNI. Also, - make sure that ssl:connection_information/1 returns the correct - SNI value. - * ssl: Fixed cipher suite listing functions so that the listing - of all cipher suites will be complete. Another fix for cipher - suite handling in OTP-24.1 accidentally excludes a few cipher - suites from the listing of all cipher suites. - * ssl: Reenable legacy cipher suite TLS_RSA_WITH_3DES_EDE_CBC_SHA - for explicit configuration in TLS-1.2, not supported by - default. - * ssl: Avoid unnecessary logs by better adjusting the tls_sender - process to the new supervisor structure in OTP-24.2 - * erts: Fixed a memory leak in file:read_file_info/2 and - file:read_file/1 on Windows. - * erts: Fix GC emulator crash when spawn_request was used when - message tracing was enabled. - -- Changes for 24.2: - * compiler: When the compiler is invoked by Dialyzer, it will no - longer apply an optimization of binary patterns that would turn - the pattern <<"bar">> into <<6447474:24>>, which would be very - confusing when printed out by Dialyzer. - * compiler: The compiler would replace known failing calls (such - as atom_to_list(42)) with a call to error(badarg). With the - extended error information introduced in OTP 24 (EEP 54), those - "optimized" calls would not have extended error information. To - ensure that as much extended error information as possible is - available, the compiler now keeps the original call even when - it is known to fail. - * sasl: Make release_handler even more resilient against exiting - processes during upgrade. Same kind of bug fix as OTP-16744 - released in sasl-4.0.1 (OTP 23.1). - * ssl: Allow re-connect on DTLS sockets Can happen when a - computer reboots and connects from the same client port without - the server noticing should be allowed according to RFC. - * ssl: Fix tls and non-tls distribution to use - erl_epmd:address_please to figure out if IPv4 or IPv6 addresses - should be used when connecting to the remote node. Before this - fix, a dns lookup of the remote node hostname determined which - IP version was to be used which meant that the hostname had to - resolve to a valid ip address. - * ssl: Use supervisor significant child to manage tls connection - process and tls sender process dependency. - * ssl: Random generation adjustment for TLS1.3 - * ssl: Allow any {03,XX} TLS record version in the client hello - for maximum interoperability - * mnesia: Documentation and minor code cleanup. - * common_test: Before this change, group handling grammar was - ambiguous and also group paths did not support test specs. - * common_test: Before this change, it was not possible to link to - a particular header entry in Common Test log. Change adds right - aligned anchor icons in HTML test logs. - * parsetools: The default parser include file for yecc (yeccpre) - will no longer crash when attempting to print tokens when - reporting an error. - * tools: Erlang-mode fixed for newer versions of xref using CL- - Lib structures instead of EIEIO classes. - * inets: Correct HTTP server URI handling to fully rely on - uri_string. The server could mistreat some URI paths that in - turn could result in incorrect responses being generated. - * inets: Extend header values to httpc:request/5 to allow - binary() as well. Make error detection of invalid arguments to - httpc:request/5 be more precise so an error is returned in more - cases instead of causing a hang or function_clause. Be more - precise in documentation regarding the types of arguments being - accepted. - * crypto: Fixed the C-warning "implicit declaration of function - 'OpenSSL_version_num'" if compiling with an early LibreSSL - version. - * crypto: FIPS availability was not checked correctly for AEAD - ciphers. - * crypto: Fixed that cipher aliases (like aes_cbc etc) could be - present even if the aliased cipher(s) (like aes_128_cbc, - aes_256_cbc,... etc) was missing. - * crypto: The crypto app in OTP can now be compiled, linked and - used with the new OpenSSL 3.0 cryptolib. It has not yet been - extensively tested and is in this release *not recommended* for - other usages than experiments and alpha testing. There are not - yet any guaranties that it works, not even together with other - OTP applications like for example SSL and SSH, although there - are no known errors. Compiling and linking with OpenSSL 3.0 - cryptolib in compatibility modes (for example to behave as - 1.1.1) are not tested. It is not tested with external - providers. The support for FIPS mode does not yet work, and is - disabled when compiled with OpenSSL 3.0. Deprecated functions - in the OpenSSL 3.0 cryptolib must not be disabled as OTP/crypto - still uses some of the deprecated API functions. The gcc flag - - Wno-deprecated-declarations is set to prevent deprecation - warnings to be printed when compiling. The hash algorithms md4 - and ripemd160 are disabled temporarily when compiled with - OpenSSL 3.0. The ciphers blowfish_cbc, blowfish_cfb64, - blowfish_ecb, blowfish_ofb64, des_cbc, des_cfb, des_ecb, - rc2_cbc and rc4 are disabled temporarily when compiled with - OpenSSL 3.0. - * crypto: The error handling in crypto is partly refactored using - the new error reporting support. Errors earlier propagated like - exceptions are still so, but when the failing function is - called from the terminal - for example during failure hunting - - a more descriptive text is produced. - * crypto: A new function crypto:info/0 which presents some data - about the compilation and linkage of the crypto nif is added. - * crypto: Added the pbkdf2_hmac/5 function to the crypto module. - It calls the PKCS5_PBKDF2_HMAC function which implements PBKD2 - with HMAC in an efficient way. - * stdlib: Fix rendering of nbsp on terminals that do not support - unicode. - * stdlib: Improved the erl_error printout for when re fails to - compile a regular expression to also print hints about why the - compilation failed. - * stdlib: Fixed spec for supervisor_bridge:start_link(). - * stdlib: Added missing shutdown clauses in supervisor which - could cause erroneous error reports. - * stdlib: Add the no_auto_import_types to erl_lint to allow a - module to define types of the same name as a predefined type. - * erts: When matching and constructing utf16 segments in the - binary syntax, the native flag would be ignored. That is, the - endian would always be big endian even on a little-endian - computer (almost all modern computers). - * erts: Fix the help printout of +JPperf. - * erts: Fix bug that could cause Erlang to deadlock during - creation of an Erlang crash dump. - * erts: Fixed C++ build errors on some aarch64 platforms. - * erts: For macOS, the Info.plist file embedded in the runtime - system now only contains the absolute minimum amount of - information needed for the web view in wx to work towards - localhost. The other fields have been removed, allowing an - application packaged in a bundle to specify the application - name and other parameter in its own Info.plist file. - * erts: Fix bug in internal stacks (WSTACK and ESTACK) used by - term_to_binary/2 to encode terms. The bug could cause a - segfault if a very very large map was to be encoded with the - deterministic option given. - * erts: Improve the error printout when open_port/2 fails because - of invalid arguments. - * erts: Fix bug in crash dumps where the stackframe of a process - would be printed using an incorrect format. Crash dump viewer - has also been fixed to be able read the broken stack format. - The bug has existed since Erlang/OTP 23.0. - * erts: An option for enabling dirty scheduler specific allocator - instances has been introduced. By default such allocator - instances are disabled. For more information see the - documentation of the +Mdai erl command line argument. - * erts: Minor optimization of receive markers in message queues. - * erts: All predefined types have been added to the erlang module - together with documentation. Any reference to a predefined type - now links to that documentation so that the user can view it. - * erts: Suppress a code checker warning caused by debug builds of - YCF. YCF tries to get a conservative estimate of the bottom of - the stack by reading and returning a call stack allocated - variable. - * erts: Add file and product properties to erl.exe and werl.exe. - * erts: Micro optimization in bitstring append operations. - * erts: Responsiveness of processes executing on normal or low - priority could suffer due to code purging or literal area - removal on systems with a huge amount of processes. This since - during these operations all processes on the system were - scheduled for execution at once. This problem has been fixed by - introducing a limit on outstanding purge and copy literal - requests in the system. By default this limit is set to twice - the amount of schedulers on the system. This will ensure that - schedulers will have enough work scheduled to perform these - operations as quickly as possible at the same time as other - work will be interleaved to a much higher degree. Performance - of these operations will however be somewhat degraded due to - the overhead of enforcing this limit compared to when using a - very large limit. This limit can be set by passing the +zosrl - command line argument to erl, or by calling - erlang:system_flag(outstanding_system_requests_limit, - NewLimit). - * kernel: socket:which_sockets( pid() ) uses wrong keyword when - looking up socket owner ('ctrl' instead of 'owner'). - * kernel: In epmd_ntop, the #if defined(EPMD6) conditional was - inverted and it was only including the IPv6-specific code when - EPMD6 was undefined. This was causing IPv6 addrs to be - interpreted as IPv4 addrs and generating nonsense IPv4 - addresses as output. Several places were incorrectly using - 'num_sockets' instead of 'i' to index into the iserv_addr array - during error logging. This would result in a read into - uninitialized data in the iserv_addr array. Thanks to John - Eckersberg for providing this fix. - * kernel: Minor fix of the erl_uds_dist distribution module - example. - * kernel: A bug has been fixed for the legacy TCP socket adaption - module gen_tcp_socket where it did bind to a socket address - when given a file descriptor, but should not. - * kernel: Improve the error printout when open_port/2 fails - because of invalid arguments. - * kernel: Calling socket:monitor/1 on an already closed socket - should succeed and result in an immediate DOWN message. This - has now been fixed. - * kernel: Fix the configuration option logger_metadata to work. - * kernel: Fix tls and non-tls distribution to use - erl_epmd:address_please to figure out if IPv4 or IPv6 addresses - should be used when connecting to the remote node. Before this - fix, a dns lookup of the remote node hostname determined which - IP version was to be used which meant that the hostname had to - resolve to a valid ip address. - * kernel: Add logger:reconfigure/0. - * kernel: Add socket function ioctl/2,3,4 for socket device - control. - * kernel: Add simple support for socknames/1 for gen_tcp_socket - and gen_udp_socket. - * kernel: The types for callback result types in gen_statem has - bee augmented with arity 2 types where it is possible for a - callback module to specify the type of the callback data, so - the callback module can get type validation of it. - * erl_docgen: Fix codeinclude tag to correctly respect the type - attribute. - * erl_docgen: The HTML documentation has been updated to collapse - better on small screens. - * erl_docgen: All predefined types have been added to the erlang - module together with documentation. Any reference to a - predefined type now links to that documentation so that the - user can view it. - * snmp: Handling of test config flag when starting "empty". - * snmp: Add support for new authentication algorithms (SHA-224, - SHA-256, SHA-384 and SHA-512), according to RFC 7860. - * snmp: Improve debug info for (snmp) manager. - * wx: Fix crash in cleanup code when a gui application is - exiting. Fix errors in the OpenGL wrapper that could cause - crashes and improve the documentation. - * edoc: Add option link_predefined_types that is used to create - links to erlang predefined types. This is mainly to be used by - erl_docgen when creating the Erlang/OTP documentation. - * dialyzer: Fixed a crash when opaque types contained certain - unicode characters. - * dialyzer: When the compiler is invoked by Dialyzer, it will no - longer apply an optimization of binary patterns that would turn - the pattern <<"bar">> into <<6447474:24>>, which would be very - confusing when printed out by Dialyzer. - * observer: Fix bug in crash dumps where the stackframe of a - process would be printed using an incorrect format. Crash dump - viewer has also been fixed to be able read the broken stack - format. The bug has existed since Erlang/OTP 23.0. - * ssh: The value of the connect_timeout option is now used as - default value for the negotiation timeout. - * ssh: Add better error handling in connect/2,3,4. Detect - incorrect arguments and return an informative error tuple - instead of throwing a function_clause or similar. - * ssh: Make ssh algorithm selection better handle dynamic changes - changes in crypto fips mode. - * megaco: [megaco_tcp] When connect fails, include more info in - the error reason. -- Changes for 24.1.7: - * ssh: Fixed a race condition in the acceptor loop: if a client - disconnected immediately after the tcp connect, the server - could cease handling connection on that address:port. -- Changes for 24.1.6: - * ssl: Correct typo of ECC curve name in signature algorithm - handling. Will make the signature algorithm - ecdsa_secp521r1_sha512 succeed. - * ssl: Suppress authenticity warning when option verify_none is - explicitly supplied. -- Changes for 24.1.5: - * erts: The runtime system could call select() with a too large - timeout value when executing on MacOS. This could in turn cause - the runtime system to crash. - * erts: The fix for Linux's behaviour when reconnecting an UDP - socket in PR-5120 released in OTP-24.1.2 has been refined to - only dissolve the socket's connection before a connect if the - socket is already connected, that is: only for a reconnect. - This allows code to open a socket with an ephemeral port, get - the port number and connect; without the port number changing - (on Linux). This turned out to have at least one valid use case - (besides test cases). Should one reconnect the socket then the - port number may change, on Linux; it is a known quirk, which - can be worked around by binding to a specific port number when - opening the socket. If you can do without an ephemeral port, - that is... - * erts: Certain distributed signals that for various reasons must - to be forced into the distribution buffer even when it is full - would instead be lost if the distribution buffer was full when - sent. The effected signals: - * kernel: The internal, undocumented, but used, module inet_dns - has been fixed to handle mDNS high bit usage of the Class - field. Code that uses the previously obsolete, undocumented and - unused record field #dns_rr.func will need to be updated since - that field is now used as a boolean flag for the mDNS high - Class bit. Code that uses the also undocumented record - [#]dns_query will need to be recompiled since a boolean field - [#]dns_query.unicast_response has been added for the mDNS high - Class bit. *** POTENTIAL INCOMPATIBILITY *** - * kernel: The fix for Linux's behaviour when reconnecting an UDP - socket in PR-5120 released in OTP-24.1.2 has been refined to - only dissolve the socket's connection before a connect if the - socket is already connected, that is: only for a reconnect. - This allows code to open a socket with an ephemeral port, get - the port number and connect; without the port number changing - (on Linux). This turned out to have at least one valid use case - (besides test cases). Should one reconnect the socket then the - port number may change, on Linux; it is a known quirk, which - can be worked around by binding to a specific port number when - opening the socket. If you can do without an ephemeral port, - that is... -- Changes for 24.1.4: - * erts: Fix bug where a gen_tcp write error that happened during - a delayed_send would cause a use after free segfault. - * erts: Fix x86 JIT bug where a rem instruction could cause a - segfault if given values that would cause an badarith - exception. -- Changes for 24.1.3: - * ssl: Fix TLS-1.2 RSA-PSS negotiation and also fix broken - certificate request message for pre-TLS-1.3 servers. - * ssl: Fix CRL issuer verification that under some circumstances - could fail with a function_clause error. - * erts: Reduction counter was not updated before and after doing - apply operations on the runtime system with the jit enabled. - This caused reduction counting to get out of sync if a garbage - collection was made as part of the apply operation. - * erts: This fixes a bug in erts_factory_undo that caused the - heap to not be reset correctly. The erts_factory_undo function - is, for example, called when a binary_to_term/1 call fails to - reset the heap to its state before the binary_to_term/1 call. - This can cause the heap to contain invalid terms which - potentially can cause issues (e.g., crashes) when the whole - heap is scanned. - * erts: When attempting to construct a binary with an segment - having an illegal type for the size (e.g. an atom), there could - be an unnecessary memory allocation (and subsequent - deallocation) before the operation failed. Amended to fail - before allocating any memory for the binary. - * erts: Fix bug in persistent_term when a key-value pair contains - a magic reference that is referred more than once. Magic - references are NIF resources or returned from BIFs like - ets:new, atomics:new. The bug could cause the memory of the - referred resource to be prematurely deallocated. The bug also - apply to magic references in message passing on a runtime built - with configure option --enable-sharing-preserving. Bug exist - for 64-bit since OTP-24.0 and for 32-bit since OTP-20.0. - * erts: Fixed a crash when inspecting the stack trace of an - exception raised at a very high line number. This bug was - introduced in OTP 24. - * erts: The following two bugs that caused erlang:demonitor() to - behave erroneously have been fixed. The bugs were only - triggered if the monitor that was removed by demonitor() had - previously been created simultaneously as a monitor and as an - alias. - -- Changes for 24.1.2: - * kernel: The undocumented DNS encode/decode module inet_dns has - been cleaned up to handle the difference between "symbolic" and - "raw" records in a more consistent manner. PR-5145/OTP-17584 - introduced a change that contributed to an already existing - confusion, which this correction should remedy. - * erts: The python scripts that existed in - erts/lib_src/yielding_c_fun/lib/tiny_regex_c/scripts had a - license that was incompatible with Erlang/OTP's license. This - ticket removes these scripts that were not used by us. - * ssl: Before that change, TLS downgrade could occasionally fail - when data intended for downgraded socket were delivered - together with CLOSE_NOTIFY alert to ssl app. - * ssl: Avoid re-encoding of decoded certificates. This could - cause unexpected failures as some subtle encoding errors can be - tolerated when decoding but hence creating another sequence of - bytes if the decoded value is re-encoded. - * ssl: Fix possible process leak when the process doing - ssl:transport_accept dies before initiating the TLS handshake. - * ssl: Fix dtls memory leak, the replay window code was broken. - * public_key: Avoid re-encoding of decoded certificates. This - could cause unexpected failures as some subtle encoding errors - can be tolerated when decoding but hence creating another - sequence of bytes if the decoded value is re-encoded. - * crypto: Fixed minor memory leak at crypto module purge. - * crypto: Fix possible inconsistency in fips mode when linking - with some cryptolibs. -- Changes for 24.1.1: - * kernel: Add more info about the socket 'type' ('socket' or - 'port') for the DOWN message when monitoring sockets. - * stdlib: Fixed a bug that could cause a child to become orphaned - when a supervisor died between unlinking and sending the - shutdown signal to this child. There was also a possibility for - erratic supervisor reports caused by a race between a - supervisor shutting down a child and that child exiting by - itself at the same time. - * erts: A race between an exiting port and handling of - simultaneously received signals to that port could cause a - runtime system crash. The effected signals are link, monitor - and demonitor. On OTP 22 a similiar race could also cause a - memory leak when receiving an unlink signal. - * erts: A user defined tag on a monitor message could cause the - runtime system to crash when the monitor message had been - received. - * erts: A call to erlang:demonitor(Ref) where the reference Ref - referred to an active alias, but not an active monitor, caused - the runtime system to crash. - * erts: The message queue of a process entered an inconsistent - state after a receive expression with an invalid timeout value - was executed. If the exception raised due to the invalid - timeout value was caught, the following receive expression - executed by the process could fail to match messages already - present in the message queue. On OTP 24 this could also cause - the whole runtime system to crash. - * erts: Sending a Port ! {PortOwner, close} signal from a process - other than the port owner could erroneously trigger a badsig - exit signal being sent to the port owner process even though - the correct PortOwner had been passed in the signal. - * snmp: Sockets are monitored, but the handling of the 'DOWN' - message expected a new style socket ('socket'), old style - (port) was not handled. -- Changes for 24.1: - * kernel: The extended error information has been corrected and - improved for the following BIFs: binary_to_existing_atom/2, - list_to_existing_atom/1, erlang:send_after/{3,4}, and - erlang:start_timer/{3,4}. - * kernel: Fixed rare bug that could cause net_kernel process to - hang for ever. Have seen to happen with massive number of TLS - connections while remote nodes are restarting. Bug exists since - OTP-22.0. - * kernel: Improve handling of closed sockets for inet:info/1. - * kernel: This change fixes a performance problem introduced in - pull-request #2675. Pull-request #2675 made so the system tried - to start children of already started applications which is - unnecessary. This change fixes this performance problem. - * kernel: Fix code:get_doc/1 to not crash when module is located - in an escript. - * kernel: Parsing of the result value in the native DNS resolver - has been made more defensive against incorrect results. - * kernel: A bug in the option handling for the legacy socket - adaptor, that is; when using inet_backend = socket, has been - fixed. Now socket options are set before the bind() call so - options regarding, for example address reuse have the desired - effect. - * kernel: inet:ntoa/1 has been fixed to not accept invalid - numerical addresses. - * kernel: Parsing of DNS records has been improved for records of - known types to not accept and present malformed ones in raw - format. - * kernel: The ip_mreq() type for the {ip,add_membership} and - {ip,drop_membership} socket options has been corrected to have - an interface field instead of, incorrectly, an address field. - * kernel: Add simple utility function to display existing sockets - i the erlang shell (socket:i/0). - * kernel: gen_udp can now be configured to use the socket inet- - backend (in the same way as gen_tcp). - * kernel: Functions erlang:set_cookie(Cookie) and - erlang:get_cookie(Node) have been added for completeness and to - facilitate configuring distributed nodes with different - cookies. The documentation regarding distribution cookies has - been improved to be less vague. - * kernel: A workaround has been implemented for Linux's quirky - behaviour to not adjust the source IP address when connecting a - connected (reconnecing) UDP socket. The workaround is to, on - Linux, always dissolve any connection before connecting an UDP - socket. - * kernel: Documented our recommendation against opening NFS- - mounted files, FIFOs, devices, and similar using file:open/2. - * debugger: Improve record handling, print known records with - record syntax. - * observer: Atoms with Unicode code points greater than 255 (for - example Greek or Cyrillic characters) would not be displayed - correctly by crashdump_viewer. - * observer: Fix the crashdump_viewer to be able to parse - monitor_node/2 monitors correctly. - * observer: Observer now has a sectiion for new socket. - * observer: Added a trace all button to the trace window. - * parsetools: Fix a bug in Leex which caused the Erlang Compiler - to generate warnings. - * parsetools: Fix a bug in Yecc which caused the Erlang Compiler - to generate warnings. - * mnesia: Fixed that index keys was deleted for set tables when - mnesia:delete_object/1 tried to delete a non-existing record. - * mnesia: Optimized table loading and added max_transfer_size - configuration parameter. - * stdlib: Fix io:format with ~p to no longer interpret floats as - printable characters. - * stdlib: Fix specs for base64 encode/decode functions to also - include 0. - * stdlib: The failing call io:format("~p\n") would result in a - warning for line number 0 instead of the correct line and - column numbers. This has been corrected, and all warnings for - failing calls to io:format() has been rephrased to make it - clearer exactly what the problem is. - * stdlib: When the options warn_missing_spec and export_all were - given, there would only be warnings for missing specs for - functions that had been explicitly exported using an -export - attribute. - * stdlib: Calling c:ls/1 with an atom whose contents is the the - name of a file (as opposed to a directory) would crash. - * stdlib: The MODULE and MODULE_STRING macros would always appear - to be defined (when tested by -ifdef), even though no -module() - declaration had been seen yet. Changed so that -ifdef ?MODULE. - will not consider ?MODULE defined if -module() has not been - previously seen. - * stdlib: Fix bug with rendering of missing types and callbacks - in shell_docs. - * stdlib: When the deterministic option was given to the - compiler, the ?FILE macro would be expanded to full path of the - source file before the first include directive and to base part - of the filename after include directive. - * stdlib: Fixed broken win32reg:delete_key and fixed - win32reg:value for default value. - * stdlib: Fixed error information for the call maps:get(some_key, - [#]{}). - * stdlib: Most output functions in the io module now print extra - error information when provided with invalid arguments. The - functions are: io:format, io:fwrite, io:put_chars, io:nl and - io:write. - * stdlib: EEP-54 (Provide more information about errors) now - includes two new return values for the format_error callback, - general and reason. Multi-line error descriptions returned from - a format_error callback are now correctly indented. The - documentation for erl_error, error/3 and Errors and Error - Handling in the Erlang Reference Manual have been extended. - * stdlib: In the documentation for the lists module, it has been - clarified that predicate funs must return a boolean. - * stdlib: The documentation for c:c/1, c:c/2, and c:c/3 has been - clarified. - * tools: The cover tool would not work on modules compiled with - the tuple_calls option. - * common_test: Float allowed as multiply_timetraps parameter. - * common_test: Remove usage of legacy API macro and functions. - * erts: Atoms with Unicode code points greater than 255 (for - example Greek or Cyrillic characters) would not be displayed - correctly by crashdump_viewer. - * erts: Fix rare minor memory leak related to jit code loading. - * erts: The extended error information has been corrected and - improved for the following BIFs: binary_to_existing_atom/2, - list_to_existing_atom/1, erlang:send_after/{3,4}, and - erlang:start_timer/{3,4}. - * erts: Fix bug provoked when building with gcc 10 and link time - optimization (-flto), causing Erlang compiler to crash. Bug - exists since OTP-24.0. - * erts: Corrected bugs where builds were not reducible even when - the deterministic option was given. In particular, modules with - map literals with more than 32 elements could cause this - problem. As part of this fix, the term_to_binary BIF now - accepts the option deterministic. - * erts: After an exception has been caught in a process, the - stack trace would be kept in the process longer than necessary. - * erts: Fix rare race bug in memory management of distribution - entries. Have been seen to cause VM crash when massive number - of repeated concurrent failing connection attempts. - * erts: The configure test for --disable-esock-socket-registry - has been corrected so disabling now works. - * erts: init:stop() no longer unloads loaded code before - terminating the runtime system. On systems with slow CPUs (such - as Raspberry PI Zero), that can significantly speed up - termination of the runtime system. - * erts: Fixed match specifications that use maps in either the - guard or the body to work properly. With this fix both keys and - values in maps can be expressions. Various other crashes and - bugs when using maps in match specifications have also been - fixed. - * erts: Parsing of the result value in the native DNS resolver - has been made more defensive against incorrect results. - * erts: When binary_to_term/2 failed, the extended error - information would always blame the second argument even if the - actual error was in the first argument. - * erts: On 32-bit computers, binary_to_term/1,2 is now more - resilient against corrupted binaries containing maps in the - external format. - * erts: A call to process_info(Pid, status) could erroneously - report the status running when it should have reported waiting. - This occurred when the calling process was executing on a - higher priority than the process being inspected. This bug has - been present since OTP 21.0 (erts version 10.0). - * erts: Optimize memory usage of erts internal processes used - during code loading/purging by hibernating them after a long - time of inactivity. - * erts: Add the type erlang:stacktrace/0. - * erts: The arity argument of error/2,3 can now be none to - indicate that the calling functions arity should be used. - * erts: Optimize match spec compiler for immediate (single word) - constant terms. - * erts: Functions erlang:set_cookie(Cookie) and - erlang:get_cookie(Node) have been added for completeness and to - facilitate configuring distributed nodes with different - cookies. The documentation regarding distribution cookies has - been improved to be less vague. - * erts: A workaround has been implemented for Linux's quirky - behaviour to not adjust the source IP address when connecting a - connected (reconnecing) UDP socket. The workaround is to, on - Linux, always dissolve any connection before connecting an UDP - socket. - * erts: The internal documentation for how to use Yielding C Fun - (YCF) has been updated to contain text about best practices for - using YCF for ERTS. - * erts: Optimize garbage collection for processes with large - number of binaries, funs and/or external pids/ports/refs. - * erl_docgen: Fix codeinclude tags to work as part of reference - manual documentation. - * erl_docgen: Fix creation of link elements with anchors in - EEP-48 style documentation. - * dialyzer: Do not crash if a PLT file no longer exists. - * dialyzer: Fix bug in erl_types related to maps. - * dialyzer: Fix bugs in erl_types regarding improper lists. - * dialyzer: The underspecs and overspecs options will now - generate correct warnings for misused opaque types. - * eunit: In an eunit test, when a test case times out, include a - stacktrace. - * snmp: It is now possible to configure the built-in net-if - processes (both agent and manager) to use the new (gen_udp-) - option 'inet_backend'. - * asn1: A parameterized type with a SEQUENCE with extension - ("...") made the compiler backend to crash. The previous fix - for this in GH-4514 was not complete. - * wx: Fix crash when closing an application. - * wx: Some functions with overloaded color arguments could not be - used. For example the copy constructor wxTextAttr:new(TextAttr) - did not work. - * wx: Added the Microsoft Edge WebView loader dll to the - installer on windows. - * wx: Handle specific Mac gui application events. - * erl_interface: erl_call now prints an error when the arguments - cannot be parsed. - * erl_interface: The ei API for decoding/encoding terms is not - fully 64-bit compatible since terms that have a representation - on the external term format larger than 2 GB cannot be handled. - * edoc: Fix broken documentation link in edoc_extract:file/4. - * ssl: Fix Makefile dependency generation to work no matter what - the ERL_TOP folder is called. - * ssl: If trying to downgrade a TLS-1.3 connection to a plain TCP - connection, possible TLS-1.3 session ticket messages will be - ignored in the "downgrade" state while waiting for the close - notify alert. - * ssl: Corrected error handling to correctly generate an - insufficient security alert when there are no suitable groups - that can be negotiated in TLS-1.3 instead of crashing resulting - in an internal error alert. - * ssl: Properly handle default session data storage. When a - client tries to reuse an expired session the default server - storage handling would crash loosing other session data. This - would cause a error report and possible loss of abbreviated - handshakes. - * ssl: Add support for RSA-PSS-PSS signatures and - signature_algorithms_cert in TLS-1.2. This is a TLS-1.3 RFC - requirement to backport this functionality. - * ssl: Use inet:monitor/1 to monitor listen-sockets so that we - are compatible with the new socket backend for gen_tcp. - * ssl: Enhance ssl:prf/4 handling and testing - * ssl: Enhanced cipher suite filtering functionality, making sure - TLS-1.3 and TLS-1.2 cipher suites can be supported correctly - together even when TLS-1.2 anonymous ciphers are included. - * ssl: Enhance gracefulness especially in TLS-1.3 - * os_mon: On a Mac with Apple Silicon, memsup:get_os_wordsize/0 - would return 32 instead of 64. - * ssh: Fixed that a slow start (>30s) of a client subsystem could - cause a log entry with the password. - * ssh: Fixed an error when running as an sftp server and a client - requests a directory contents listing. The fix is to handle the - error code {error, eacces} as {error, enoent} in the - ssh_sftpd:get_attrs/5 internal function; that is, just skip it. - * ssh: The "Key exchange failed" Info Report is now more - informative. - * inets: Before this change hrefs in dir listing page contained - percentage encoded forward slashes which did not work properly - with httpd. - * inets: Restored HTTP headers handling in inets/mod_esi. - * inets: inets/httpd dir listing icons and other improvements - * inets: httpc: Improve performance by removing redundant URI - handling - * compiler: If a parse transform raised an exception using - throw/1 or exit/1, the compiler would report that as an - internal compiler error, which would be confusing. Amended to - report that the parse transform failed. - * compiler: The failing call io:format("~p\n") would result in a - warning for line number 0 instead of the correct line and - column numbers. This has been corrected, and all warnings for - failing calls to io:format() has been rephrased to make it - clearer exactly what the problem is. - * compiler: When the options warn_missing_spec and export_all - were given, there would only be warnings for missing specs for - functions that had been explicitly exported using an -export - attribute. - * compiler: In rare circumstances, the compiler could emit an - incorrect warning for a term that was constructed but never - used. - * compiler: Corrected bugs where builds were not reducible even - when the deterministic option was given. In particular, modules - with map literals with more than 32 elements could cause this - problem. As part of this fix, the term_to_binary BIF now - accepts the option deterministic. - * compiler: The MODULE and MODULE_STRING macros would always - appear to be defined (when tested by -ifdef), even though no - - module() declaration had been seen yet. Changed so that -ifdef - ?MODULE. will not consider ?MODULE defined if -module() has not - been previously seen. - * compiler: In a guard, not (X =:= true) would incorrectly - evaluate to false for non-boolean values of X. - * compiler: When the deterministic option was given to the - compiler, the ?FILE macro would be expanded to full path of the - source file before the first include directive and to base part - of the filename after include directive. - * public_key: public_key:pkix_sign/2 now honors the salt length - from the provided input parameters. Earlier this could result - in incorrect signatures if not using recommended defaults. - * public_key: When decoding an 'ECPrivateKey' unwrap the private - key. For more precise information see RFC 8410, section 7. - * runtime_tools: Observer now has a sectiion for new socket. - * runtime_tools: The dbg docs have been expanded to include the - meaning of all the function name acronyms. - * megaco: It is now possible to configure the built-in transports - (megaco_tcp and megaco udp) to use the new (gen_udp- and - gen_tcp-) option 'inet_backend'. - * crypto: Fix bug in crypto:ensure_engine_unloaded. Also fixed - minor memory leak related to engine unloading. - * crypto: Fixes that FIPS enable and disable (or vice versa) on - Windows sometimes leads to core dump at the time of process - exit. - * crypto: Disable fips if cryptolib < 1.0.1 and OTP/crypto is - configured with --enable-fips If not, there could be compiling - or loading problems with antique OpenSSL versions. - * jinterface: Fixed rare race bug that could cause - NullPointerException on local close of connection. -- Changes for 24.0.6: - * erts: A call to the process_info() BIF could end up hanging for - ever due to a bug introduced when the new selective receive - optimization was introduced in OTP 24.0. Note that this bug - only effects process_info(). - * erts: Fix buffer overrun problem in the tty driver. The problem - happens on some platforms when using the CTRL+R functionality - of newshell with very long strings in the history. - * erts: Fix race-condition that could cause a crash when tracing - scheduling or garbage collections on a process that was running - on a dirty scheduler. - * erts: Fix rare bug where re:run would crash/return invalid - results when given a subbinary as subject. This bug has existed - since Erlang/OTP 20.0. - * erts: binary_to_term/1,2 is now more resilient against - corrupted binaries containing maps in the external format. - -- Added hardening to systemd service(s) (bsc#1181400). Modified: - * epmd.service - -- Changes for 24.0.5: - * kernel: For gen_tcp:connect/3,4 it is possible to specify a - specific source port, which should be enough to bind the socket - to an address with that port before connecting. Unfortunately - that feature was lost in OTP-17216 that made it mandatory to - specify the source address to get an address binding, and - ignored a specified source port if no source address was - specified. That bug has now been corrected. -- Changes for 24.0.4: - * stdlib: Fix a bug that could cause a crash when formatting - tuples using the control sequences p or P and limiting the - output with the option chars_limit. - * ssl: Handle cross-signed root certificates when old root - expired as reported in GH-4877. - * ssl: The signature selection algorithm has been changed to also - verify if the client supports signatures using the elliptic - curve of the server's public/private key pair. This change - fixes #4958. - * ssl: Slight optimization of certificate decoding. - * public_key: Handle cross-signed root certificates when old root - expired as reported in GH-4877. - * common_test: An incoming NETCONF notification received before a - call to ct_netconfc:create_subscription/* caused the connection - process to fail with badarg. Unexpected notifications are now - logged in the same way as other unexpected messages. - * common_test: Add 'receiver' option to ct_netconfc To allow a - destination for incoming NETCONF notifications to be specified - at sessions creation. Previously, a caller of - create_subscription/* became the destination, but RFC 5277 - create-subscription is no longer the only way in which NETCONF - notifications can be ordered. - -- Fix more directories not owned by the package (boo#1187546) - -- Changes for 24.0.3: - * erts: A call to erlang:cancel_timer(_, [{info, false}]) could - cause the calling process to block forever in the call. Note - that only the synchronous version of the call (that is, the - async option is false) in combination with the info option set - to false was effected by this bug. - * erts: Microstate accounting (msacc) and os:perf_counter() - unintentionally used system time instead of monotonic time for - time measurements on a lot of systems. These systems were all - non x86/x86_64 systems or x86/x86_64 systems without a reliable - and constant rdtsc instruction. The lock counting (lcnt) built - runtime system also unintentionally used system time instead of - monotonic time for time measurements on all systems. - * erts: Simultaneous calls to - erlang:system_flag(schedulers_online, _) could cause callers to - end up in a suspended state forever. - * dialyzer: Do not expose line number 0 in messages if there are - other locations to use. - * dialyzer: In rare circumstances, Dialyzer could crash analyzing - code with a list comprehension whose value was ignored. (Thanks - to Ulf Wiger for reporting this bug.) - * ssh: Filter out sensitive data (passwords etc) from progress - reports and supervisor reports. - * inets: Improved user input handling in inets/mod_esi preventing - unnecessary atom creation. - * compiler: A compiler optimization pass could crash when given - odd but legal code using throw/1. -- Changes for 24.0.2: - * kernel: Fix a race condition in Global. - * kernel: After a node restart with init:restart/0,1, the module - socket was not usable because supporting tables had been - cleared and not re-initialized. This has now been fixed. - Handling of the "." domain as a search domain was incorrect and - caused a crash in the DNS resolver inet_res, which has now been - fixed. - * kernel: Handling of combinations of the fd option and binding - to an address has been corrected, especially for the local - address family. - * kernel: Bug fixes and code cleanup for the new socket - implementation, such as: Assertions on the result of - demonitoring has been added in the NIF code, where appropriate. - Internal state handling for socket close in the NIF code has - been reviewed. Looping over close() for EINTR in the NIF code - has been removed, since it is strongly discouraged on Linux and - Posix is not clear about if it is allowed. The inet_backend - temporary socket option for legacy gen_tcp sockets has been - documented. The return value from net:getaddrinfo/2 has been - corrected: the protocol field is now an atom(), instead of, - incorrectly, list(atom()). The documentation has also been - corrected about this return type. Deferred close of a - socket:sendfile/* file was broken and has been corrected. Some - debug code, not enabled by default, in the socket NIF has been - corrected to not accidentally core dump for debug printouts of - more or less innocent events. - * stdlib: Fix a bug that could cause a loop when formatting terms - using the control sequences p or P and limiting the output with - the option chars_limit. - * erts: Not yet handled alias-message signals in the signal queue - at the time when a garbage collection was performed could cause - a memory corruption which in turn could result in a crash of - the runtime system. This bug was introduced in OTP 24.0. - * erts: Fixed bug when using external pids/ports in keys of big - maps (> 32). Could cause runtime crash. Bug exists since OTP - 24.0. - * erts: After a node restart with init:restart/0,1, the module - socket was not usable because supporting tables had been - cleared and not re-initialized. This has now been fixed. - Handling of the "." domain as a search domain was incorrect and - caused a crash in the DNS resolver inet_res, which has now been - fixed. - * erts: A call to port_command() could cause a scheduler to end - up in an eternal loop if the port was busy and the calling - process had incoming signals at the time of the call. This bug - was introduced in OTP 23.3.2 (ERTS version 11.2.1), OTP - 22.3.4.18 (ERTS version 10.7.2.10), and OTP 21.3.8.23 (ERTS - version 10.3.5.18). - * erts: Bug fixes and code cleanup for the new socket - implementation, such as: Assertions on the result of - demonitoring has been added in the NIF code, where appropriate. - Internal state handling for socket close in the NIF code has - been reviewed. Looping over close() for EINTR in the NIF code - has been removed, since it is strongly discouraged on Linux and - Posix is not clear about if it is allowed. The inet_backend - temporary socket option for legacy gen_tcp sockets has been - documented. The return value from net:getaddrinfo/2 has been - corrected: the protocol field is now an atom(), instead of, - incorrectly, list(atom()). The documentation has also been - corrected about this return type. Deferred close of a - socket:sendfile/* file was broken and has been corrected. Some - debug code, not enabled by default, in the socket NIF has been - corrected to not accidentally core dump for debug printouts of - more or less innocent events. - * erts: Dirty execution of a process in combination with an - unlink signal from a port to the process could cause the signal - queue of the process to enter into an inconsistent state. The - result of the inconsistency typically caused a crash of the - runtime system. This bug was introduced in OTP 23.3 (ERTS - version 11.2). - * erl_docgen: Fix links generated in specs to types in other - applications to point to the correct place. This bug was - introduced in Erlang/OTP 24.0. - * ssl: Fix cache invalidation problem for CA certs provided by - the cacertfile option. - * ssh: Avoid an extra blank line in the ssh known_hosts file - * compiler: Fixed a bug that could cause after blocks to be - ignored when erlang:raise/3 was used in a catch block. - * compiler: Fixed a bug in the validation pass that could cause - it to reject valid code. - * crypto: EC keys are now zero-padded to the expected length if - needed. - -- Use sysusers-tools to provide epmd user -- Fix directories not owned by the package (boo#1187546) - -- Install RPM macros file to %{_rpmmacrodir} (boo#1185667) - -- Changes for 24.0.1: - * erl_interface: Commit of generated configure script. - * wx: Fix build problems when wxWidgets are built with -enable- - std. - * wx: Commit of generated configure script. - * crypto: Removed a risk for coredump. - * crypto: Fixed and documented the DED_LDFLAGS_CONFTEST - configuration variable in $ERL_TOP/HOWTO/INSTALL.md. - * crypto: Commit of generated configure script. - * common_test: Commit of generated configure script. - * ssh: Add missing known_hosts and authorized_keys file types to - ssh_file:decode/2 and ssh_file:encode/2. - * erts: Commit of generated configure script. - * snmp: Commit of generated configure script. - * megaco: Commit of generated configure script. - * odbc: Commit of generated configure script. - -- Version 24.0: - - Highlights compiler: - * The compiler will now inline funs that are used only once - immediately after their definition. - * Compiler warnings and errors now include column numbers in - addition to line numbers. - * Variables bound between the keywords 'try' and 'of' can now - be used in the clauses following the 'of' keyword (that is, - in the success case when no exception was raised). - * Generators in list and binary comprehensions will now raise a - {bad_generator,Generator} exception if the generator has an - incorrect type Similarly, when a filter does not evaluate to - a boolean, a {bad_filter,Filter} exception will be raised. - * Warnings for expressions whose result was ignored that could - be suppressed by using the anonymous variable '_' can now be - suppressed with a variable beginning with '_'. - * Selective receive optimization will now be applied much more - often. The new recv_opt_info compile flag can be used to - print diagnostics relating to this optimization. You can read - more about the selective receive optimization in the - Efficiency Guide. - - erts, kernel, stdlib: - * hex encoding and decoding functions added in the binary module - * The BeamAsm JIT-compiler has been added to Erlang/OTP and - will give a significant performance boost for many - applications. The JIT-compiler is enabled by default on most - x86 64-bit platforms that have a C++ compiler that can - compile C++17. To verify that a JIT enabled emulator is - running you can use erlang:system_info(emu_flavor). - * A compatibility adaptor for gen_tcp to use the new socket API - has been implemented (gen_tcp_socket). - * Extended error information for failing BIF calls as proposed - in EEP 54 has been implemented. - * Process aliases as outlined by EEP 53 has been introduced. - * Implementation of EEP 56 in supervisor. It adds the concept - of significant children as well as the auto_shutdown - supervisor flag. See the supervisor manual page for more - information. - - ftp: - * Add support for FTPES (explicit FTP over TLS). - - ssl: - * Make TLS handshakes in Erlang distribution concurrent. - * TLS connections now support EdDSA certificates. - - wx: - * The application has been completely rewritten in order to use - wxWidgets version 3 as its base. - * Added support for wxWebView. - - edoc: - * EDoc is now capable of emitting EEP-48 doc chunks. This means - that, with some configuration, community projects can now - provide documentation for shell_docs the same way that OTP - libraries did since OTP 23.0. - -- Pack doc/chunks into %{_libdir} (boo#1184492) - -- Use wxWidgets < 3.1 (boo#1180488) - -- Changes for 23.2.2: - * crypto: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure - script sources. - * odbc: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure - script sources. - * snmp: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure - script sources. - * erts: The suspend_process() and resume_process() BIFs did not - check their arguments properly which could cause an emulator - crash. - * erts: The runtime system would get into an infinite loop if the - runtime system was started with more than 1023 file descriptors - already open. - * megaco: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure - script sources. - * erl_interface: Integers outside of the range [-(1 bsl 32) - 1, - (1 bsl 32) -1] were previously intended to be printed in an - internal bignum format by ei_print_term() and - ei_s_print_term(). Unfortunately the implementation has been - buggy since OTP R13B02 and since then produced results with - random content which also could crash the calling program. This - fix replaces the printing of the internal format with printing - in hexadecimal form and extend the range for printing in - decimal form. Currently integers in the range [-(1 bsl 64), (1 - bsl 64)] are printed in decimal form and integers outside of - this range in Erlang hexadecimal form. - * erl_interface: The ei API for decoding/encoding terms is not - fully 64-bit compatible since terms that have a representation - on the external term format larger than 2 GB cannot be handled. - * ssl: Fix CVE-2020-35733 this only affects ssl-10.2 (OTP-23.2). - This vulnerability could enable a man in the middle attack - using a fake chain to a known trusted ROOT. Also limits - alternative chain handling, for handling of possibly extraneous - certs, to improve memory management. - * ssl: Add support for AES CCM based cipher suites defined in RFC - 7251 Also Correct cipher suite name conversion to OpenSSL - names. A few names where corrected earlier in OTP-16267 For - backwards compatible reasons we support usage of openSSL names - for cipher suites. Mostly anonymous suites names where - incorrect, but also some legacy suites. -- Changes for 23.2.1: - * erts: Fix emulator crash when sending small bit-strings over - Erlang distribution while the connection is being setup. The - fault was introduced in OTP-23.0 -- Changes for 23.2: - * erl_docgen: Fix links in titles to github and anchors to work. - * erl_docgen: Fix some typing errors on variable names in - documentation examples. - * mnesia: Avoid potential performance issue, if the input queue - to mnesia_tm is long. - * crypto: Build the supported curves cache in the NIF when crypto - is loaded, no matter how it is loaded. This prevents a possible - problem with different processes starting the crypto - application concurrently. - * crypto: It is now possible to build with crypto and openssl - gprof-enabled and statically link them into the VM. - * crypto: Fixed performance loss in HMAC when using older OpenSSL - due to mutex issues. A workaround is implemented to allow - fallback from using the EVP API for HMAC operations. On some - architectures this may improve the performance, especially with - old OpenSSL versions. This fallback to low-level functions is - always enabled for openssl versions before 1.0.2. - * kernel: The apply call's in logger.hrl are now called with - erlang prefix to avoid clashed with local apply/3 functions. - * kernel: Fix memory leak in pg. - * kernel: Fix crash in logger_proxy due to stray gen_server:call - replies not being handled. The stray replies come when logger - is under heavy load and the flow control mechanism is reaching - its limit. - * kernel: Fixed a bug in erl_epmd:names() that caused it to - return the illegal return value noport instead of {error, - Reason} where Reason is the actual error reason. This bug also - propagated to net_adm:names(). This bug was introduced in - kernel version 7.1 (OTP 23.1). - * kernel: Add export of some resolver documented types. - * kernel: Add configurable retry timeout for resolver lookups. - * kernel: gen_server:multi_call() has been optimized in the - special case of only calling the local node with timeout set to - infinity. - * public_key: Corrected dialyzer spec for pkix_path_validation/3 - * snmp: If an attempt was made to send a v1 trap on a IPv6 - transport this could cause a master agent crash (if the agent - was *not* multi-threaded). - * snmp: The deprecation info for a couple of the deprecated MIB - compiler functions where incorrect. Referred to functions in - the 'snmpa' module instead of 'snmpc'. - * snmp: Make it possible for the agent to configure separate - transports (sockets) for request-responder and trap-sender. - * snmp: The mib server cache handling has been improved. First, - the default gclimit has been changed from 100 to infinity (to - ensure the size is as small as possible). Also, the method of - removing old elements has been optimized. - * snmp: It is now possible to configure the agent in such a way - that the order of outgoing notifications are processed in order - in the agent. What happens after the notification message has - left the agent (been sent) is of course still out of our - control. - * snmp: Improve handling of the udp_error message. Basically an - improved error/warning message. - * wx: Add popup menu callback to wxTaskBarIcon:new/1. - * dialyzer: Clarify warning option -Wunmatched_returns in - dialyzer(3). - * tools: Correct the Xref analysis exports_not_used to not report - internally generated behaviour_info/1. - * syntax_tools: In the syntax_tools application, the igor module - and all functions in erl_tidy except file/2 have been - deprecated. - * compiler: Several minor compiler bugs have been fixed: - Constructing a binary with a list as a size of a binary segment - could generate a BEAM file that could not be loaded. When - matching a binary segment of type float and ignoring the - matched out value, the match would always succeed, even if the - size was invalid or the value of the float was NaN or some - other non-numeric float value. Attempting to construct an - invalid external fun (e.g. fun m:f:bad) is supposed to raise a - 'badarg' exception, but if the value was never used, no - exception would be raised. - * compiler: Fixed multiple bugs in the validator that could cause - it to reject valid code. - * compiler: The compiler could crash when a binary comprehension - had a generator that depended on another generator. - * compiler: Fixed a bug in the type optimization pass that could - yield incorrect values or cause the wrong clauses to be - executed. - * erts: Fixed bug which could cause VM crash when a NIF is loaded - at the same time as the Erlang implementation of the NIF is - called. Bug exists since OTP 23.0. - * erts: Fixed enif_make_map_* functions in debug build when given - environment from enif_alloc_env. - * erts: Fixed broken configuration option --disable-pie. - * erts: Fixed rare distribution bug in race between received - signal (link/monitor/spawn_request/spawn_reply) and - disconnection. Symptom: VM crash. Since: OTP 21.0. - * erts: Fixed a performance issue when extremely many items were - stored in the process dictionary. (Fixing this bug also - eliminates a compiler warning emitted by the latest version of - Clang.) - * erts: Remove -ftree-copyrename from flags passed to compiler - when building erts. The flag is not used by modern gcc's and is - not supported by clang. - * erts: Modules using complicated nested binary comprehensions - could fail to load. - * erts: Fixed a race in file:read_file/1 were an incomplete file - could be returned if another OS process swapped the file out - while reading. - * erts: The call list_to_integer("10", true) would return 4 - instead of raising an exception. Certain other atoms would also - be interpreted as a number base. - * erts: On macOS 11 (Big Sur), erl would not start if the maximum - number of file descriptors were unlimited (ulimit -n - unlimited). - * erts: Add manifest to all executables and dynamic libraries. - * xmerl: Corrected namespace and expanded name in the old dom - backend example module. - * xmerl: Corrected a bug that in some cases didn't allow - unresolved references when skip_external_dtd option used. - * ssh: Fixed problems in the ssh cli/shell handling. Most - important are: 1) the ssh:shell function did sometimes cause - the input to be echoed twice, 2) the ssh:shell function didn't - transfer the LANG and LC_ALL shell variables to the connected - server which sometimes made Unicode handling erroneous, 3) - Unicode was not always transferred correctly to and from the - peer. - * ssh: The SSH protocol message SSH_MSG_DISCONNECT was sometimes - sent instead of SSH_MSG_CHANNEL_FAILURE - * ssh: The ssh_cli module now always sends the exit-status to - connected clients so they can use that to check for successful - command execution. - * ssh: A new option pk_check_user enables checking of the - client's user name in the server when doing public key - authentication. - * stdlib: This change fixes the handling of deep lists in the - path component when using uri_string:recompose/1. - * stdlib: Fix shell_docs to clear shell decorations - (bold/underline) when paginating output. Fix various small - renderings issues when integrating shell_docs with edoc. - * stdlib: Improved the API and documentation of the uri_string - module. Added a new chapter to the Users Guide about Uniform - Resource Identifiers and their handling with the new API. Added - two new API functions: uri_string:allowed_characters/0 and - uri_string:percent_decode/1. This change has been marked as - potentially incompatible as uri_string:normalize/2 used to - decode percent-encoded character triplets that corresponded to - characters not in the reserved set. After this change, - uri_string:normalize/2 will only decode those percent-encoded - triplets that correspond to characters in the unreserved set - (ALPHA / DIGIT / "-" / "." / "_" / "~"). *** POTENTIAL - INCOMPATIBILITY *** - * stdlib: The shell_docs module has been expanded with the - possibility to configure unicode, ansi and column size for the - rendered text. - * megaco: Empty statistics descriptor (now) allowed in both - encode and decode for version 3. - * ssl: SSL's Erlang Distribution Protocol modules inet_tls_dist - and inet6_tls_dist lacked a callback function, so the start - flag "-dist_listen false" did not work, which has now been - fixed. - * ssl: Correct OpenSSL names for newer cipher suites using DHE in - their name that accidentally got the wrong value when fixing - other older names using EDH instead. - * ssl: This change improves the handling of DTLS listening - dockets, making it possible to open multiple listeners on the - same port with different IP addresses. - * ssl: Fix a bug that causes cross-build failure. This change - excludes the ssl.d dependency file from the source tarballs. - * ssl: This change fixes ssl:peername/1 when called on a DTLS - client socket. - * ssl: Retain emulation of active once on a closed socket to - behave as before 23.1 - * ssl: Corrected server session cache entry deletion pre TLS-1.3. - May increase session reuse. - * ssl: Handle extraneous certs in certificate chains as well as - chains that are incomplete but can be reconstructed or - unordered chains. The cert and certfile options will now accept - a list of certificates so that the user may specify the chain - explicitly. Also, the default value of the depth option has - been increased to allow longer chains by default. - * ssl: This change implements optional NSS-style keylog in - ssl:connection_information/2 for debugging purposes. The keylog - contains various TLS secrets that can be loaded in Wireshark to - decrypt TLS packets. - * ssl: Use new gen_statem feature of changing callback mode to - improve code maintainability. - * ssl: The handling of Service Name Indication has been aligned - with RFC8446. - * ssl: Add explicit session reuse option to TLS clients for pre - TLS-1.3 sessions. Also, add documentation to Users Guide for - such sessions. - * inets: Fix an issue about HTML-escaped filename in inets. - * common_test: Add behaviour for test suites -- Changes for 23.1.5: - * ssh: An ssh-client can take an accepted socket from a listening - socket and do an ssh:connect/2 on it. Multiple clients on - sockets accepted from the same listening socket had stopped - working. This is corrected now. -- Changes for 23.1.4: - * ssh: The inet option raw was not passed on from the ssh option - list to inet. - -- Changes for 23.1.3: - * erts: Fixed a crash when exceptions were thrown during call - time tracing. - * ssh: A supervisor sub-tree could be left if the connection - handler process is brutally killed. This will make the - max_sessions checking option to count the existing sessions - erroneously and could finally block further sessions. -- Changes for 23.1.2: - * compiler: Fixed a bug in the boolean optimization pass that - caused the compiler to confuse different clauses. - * erts: Fixed bugs causing issues when enabling the ERTS internal - allocators on a system built with the undocumented and - unsupported SMALL_MEMORY feature. - * erts: The inet driver used to use 16 as maximum elements in an - I/O vector passed to writev() (and WSASend() on Windows). When - the data to send contained lots of elements, this caused a - performance degradation since repeated calls to writev() had to - be made to a much larger extent. The inet driver now looks up - actual maximum amount of elements that can be used on the - system, instead of just assuming 16. On most systems this will - result in a maximum amount of I/O vector elements of 1024. As - of OTP 23.0 the term encoding of signals to send over the - distribution are encoded into I/O vectors of buffers instead of - into a single buffer. Reference counted binaries are referred - to directly from the I/O vector instead of being copied into - the single buffer. That is, Erlang signals containing huge - amounts of reference counted binaries was effected by this - performance degradation. - * erts: In the distributed case, a faulty reply option in a call - to the spawn_request() BIF erroneously caused a badarg - exception instead of a badopt error message reply. - -- Changes for 23.1.1: - * erts: inet:setopts([{active,once}]) wakes up IO polling thread - unnecessarily, leading to lock contention and visibly higher - CPU utilization. - * erts: Two bugs in the ERTS internal thread wakeup functionality - have been fixed. These bugs mainly hit when all threads in the - system tried to go to sleep. When the bugs were triggered, - certain operations were delayed until a thread woke up due to - some other reason. Most important operations effected were code - loading, persistent term updates, and memory deallocation. - * erts: Fixed bug in ets:select_replace/2 on compressed tables - that could produce faulty results or VM crash. Bug exists since - OTP 20. - * erts: When compiling Erlang/OTP on macOS using Xcode 12, the - performance of the BEAM interpreter would be degraded. - * erts: As of OTP 22, the allocator specific memory carrier pools - were replaced by a node global carrier pool. This unfortunately - caused substantial memory fragmentation in some cases due to - long lived data being spread into carriers used by allocators - mainly handling short lived data. A new command line argument - +Mcp has been introduced with which one can enable the old - behavior as well as configuring other behaviors for the carrier - pools. In order to configure the old behavior, with allocator - specific carrier pools for all allocators, pass +Mucp : - (including the colon character) as a command line argument to - erl when starting the Erlang system. The default configuration - for carrier pools will be changed to +Mucp : some time in the - future, but not in this patch. - * os_mon: The configuration parameter - memsup_improved_system_memory_data has been introduced. It can - be used to modify the result returned by - memsup:get_system_memory_data(). For more information see the - memsup documentation. Note that the configuration parameter is - intended to be removed in OTP 24 and the modified result is - intended to be used as of OTP 24. - * ssh: Fix decoder bug. - * compiler: Fixed a performance bug that could be triggered by - tuple matching in very large functions. - * public_key: Fix the issue that pem_decode will crash with an - invalid input. -- Changes for 23.1: - * kernel: A fallback has been implemented for file:sendfile when - using inet_backend socket - * kernel: Make default TCP distribution honour option backlog in - inet_dist_listen_options. - * kernel: Raw option handling for the experimental gen_tcp_socket - backend was broken so that all raw options were ignored by for - example gen_tcp:listen/2, a bug that now has been fixed. - Reported by Jan Uhlig. - * kernel: Accept fails with inet-backend socket. - * kernel: Fixed various minor errors in the socket backend of - gen_tcp. - * kernel: Correct disk_log:truncate/1 to count the header. Also - correct the documentation to state that disk_log:truncate/1 can - be used with external disk logs. - * kernel: Fix erl_epmd:port_please/2,3 type specs to include all - possible error values. - * kernel: Fix erl -erl_epmd_port to work properly. Before this - fix it did not work at all. - * kernel: Fix typespec for internal function - erlang:seq_trace_info/1 to allow term() as returned label. This - in turn fixes so that calls to seq_trace:get_token/1 can be - correctly analyzer by dialyzer. - * kernel: Fix erroneous double registration of processes in pg - when distribution is dynamically started. - * kernel: Make (use of) the socket registry optional (still - enabled by default). Its now possible to build OTP with the - socket registry turned off, turn it off by setting an - environment variable and controlling in runtime (via function - calls and arguments when creating sockets). - * kernel: erl -remsh nodename no longer requires the hostname to - be given when used together with dynamic nodenames. - * observer: Fix graph windows flickering on windows. - * mnesia: FIx mnesia delete object handling in transaction - storage. In a transaction mnesia:read/1 could indicate that - exiting objects did not exist after another object was deleted. - * mnesia: Fixed crash during startup, which could happen if a - table was deleted on another node. - * stdlib: The functions digraph:in_edges/2 and - digraph:out_edges/2 would return false edges if called for a - vertex that had a '_' atom in its name term. - * stdlib: filelib:wildcard("not-a-directory/..") should return an - empty list. On Windows it returned "not-a-directory/..". - * stdlib: Fix the typespec of shell_docs:render to use the - correct type for an MFA. - * stdlib: Fix uri_string:recompose/1 when host is present but - input path is not absolute. This change prevents the recompose - operation to change the top level domain of the host when the - path does not start with a slash. - * stdlib: The epp module would return a badly formed error term - when an 'if' preprocessor directive referenced an undefined - symbol. epp:format_error/1 would crash when called with the bad - error term. - * stdlib: lists:sublist(List, Start, Len) failed with an - exception if Start > length(List) + 1 even though it is - explicitly documented that "It is not an error for Start+Len to - exceed the length of the list". - * tools: Correct the Xref analysis locals_not_used to find - functions called exclusively from on_load functions. - * erts: Update the documentation of the abstract format to use - ANNO instead of LINE. - * erts: The emulator will no longer revert to the default number - of schedulers when running under a CPU quota lower than 1 CPU. - * erts: Fixed a problem with crash dumps. When a process that - contained reference to literals internally created by the - runtime system (such as the tuple returned by os:type/0), the - literal would not be included in the crash dump and the - crashdump viewer would complain about the heap being - incomplete. - * erts: Fix configure detection of PGO for clang. - * erts: The to_erl program has been fixed to correctly interpret - newline as only newline and not newline+return. This bug would - cause the terminal to behave strangely when using lines longer - than the terminal size. - * erts: A race condition when changing process priority by - calling process_flag(priority, Prio) could cause elevation of - priority for a system task to be ignored. This bug hit if the - system task was scheduled on the process calling process_flag() - at the same time as the priority was changed. The bug is quite - harmless and should hit very seldom if ever. - * erts: Adjust /bin/sh to /system/bin/sh in scripts when - installing on Android. - * erts: In rare circumstances, when loading a BEAM file generated - by an alternative code generator (not the Erlang compiler in - OTP) or from handwritten or patched BEAM code, the loader could - do an unsafe optimization. - * erts: A memory and file descriptor leak in socket has been - fixed. (When a newly opened socket that had not entered the fd - into the VM's poll set (neither received, sent, accepted nor - connected) was abandoned without closing (process died), after - assigning a different controlling process, then a memory block - and the file descriptor could be leaked.) - * erts: The documentation of statistics(run_queue) erroneously - stated that it returns the total length of all normal run - queues when it is the total length of all normal and dirty CPU - run queues that is returned. The documentation has been updated - to reflect the actual behavior. - * erts: Changes in order to build on the Haiku operating system. - Thanks to Calvin Buckley - * erts: When building the inet driver on Windows, there where - many compiler warnings regarding type casting (used when - calling the debug macro). This has now been resolved. - * erts: Make (use of) the socket registry optional (still enabled - by default). Its now possible to build OTP with the socket - registry turned off, turn it off by setting an environment - variable and controlling in runtime (via function calls and - arguments when creating sockets). - * erts: Change default filename encoding on android to UTF-8. - * erts: Clarification of the format of the atom cache header used - by the distribution. - * erl_docgen: Repaired lost function "since" versions in the - right margin of the module reference HTML documentation. - * erl_docgen: Remove erlang compilation warnings and trailing - whitespaces. - * ftp: Avoid timing issue when setting active once on a socket - that is being closed by the peer. - * ftp: Avoid timing issue when setting active once on a socket - that is being closed by the peer. - * dialyzer: In rare circumstance, dialyzer wold crash when - analyzing a list comprehension. - * eunit: Fixed compiler warning. - * snmp: For agent fix PrivParams for SNMPv3 USM with AES privacy, - as earlier fixed for the manager in OTP_16541. - * snmp: The SNMP Agent missed to re-activate datagram reception - in an odd timeout case and went deaf. This bug has been fixed. - * snmp: Use of deprecated functions in example 2 has been removed - (no more compiler warnings). - * snmp: A file descriptor leak has been plugged. When calling the - reconfigure function of a mib, it opened the config file(s) but - never closed them on successful read. - * asn1: Changes in order to build on the Haiku operating system. - Thanks to Calvin Buckley - * syntax_tools: Minor documentation fix of erl_syntax:operator/1. - * erl_interface: Fix erl_interface on windows to be compiled with - correct flags to make internal primitives reentrant. - * erl_interface: Fixed ei_get_type to set *size to zero for - floats, pids, port and refs according to documentation. - * erl_interface: Fix ei_connect when using a dynamic node name to - force usage of distribution version 6. This bug caused erl_call - - R -address to not work properly. - * erl_interface: Changes in order to build on the Haiku operating - system. Thanks to Calvin Buckley - * erl_interface: The ei API for decoding/encoding terms is not - fully 64-bit compatible since terms that have a representation - on the external term format larger than 2 GB cannot be handled. - * ssl: If a passive socket is created, ssl:recv/2,3 is never - called and then the peer closes the socket the controlling - process will no longer receive an active close message. - * ssl: Data deliver with ssl:recv/2,3 could fail for when using - packet mode. This has been fixed by correcting the flow control - handling of passive sockets when packet mode is used. - * ssl: This change fixes a potential man-in-the-middle - vulnerability when the ssl client is configured to - automatically handle session tickets ({session_tickets, auto}). - * ssl: Fix the internal handling of options 'verify' and - 'verify_fun'. This change fixes a vulnerability when setting - the ssl option 'verify' to verify_peer in a continued handshake - won't take any effect resulting in the acceptance of expired - peer certificates. - * ssl: This change fixes the handling of stateless session - tickets when anti-replay is enabled. - * ssl: Fix a crash due to the faulty handling of stateful session - tickets received by servers expecting stateless session - tickets. This change also improves the handling of - faulty/invalid tickets. - * ssl: Correct flow ctrl checks from OTP-16764 to work as - intended. Probably will not have a noticeable affect but will - make connections more well behaved under some circumstances. - * ssl: Distribution over TLS could exhibit livelock-like - behaviour when there is a constant stream of distribution - messages. Distribution data is now chunked every 16 Mb to avoid - that. - * ssl: Implement the cookie extension for TLS 1.3. - * ssl: Experimental OCSP client support. - * ssl: TLS 1.0 -TLS-1.2 sessions tables now have a absolute max - value instead of using a shrinking mechanism when reaching the - limit. To avoid out of memory problems under heavy load - situations. Note that this change infers that implementations - of ssl_session_cache_api needs to implement the size function - (introduce in OTP 19) for session reuse to be optimally - utilized. - * os_mon: memsup now returns the correct amount of system memory - on macOS. - * os_mon: Fix memsup:get_os_wordsize/0 to return the current size - on aarch64. - * ssh: Fixed a bug when a message to ssh-agent was divided into - separate packets. - * ssh: Fix a bug that could crash the cli server if a too large - cli-window was requested from the client. - * ssh: Increased test coverage. - * ssh: A chapter about hardening the OTP SSH is added to the - User's Guide. - * ssh: The internal Diffie-Hellman high level API for key - generation was slow in old and by OpenSSL now unsupported - cryptolib versions (1.0.1 and earlier). If such a cryptolib is - used anyhow, the low-level API is used internally in the crypto - application. - * ssh: A new timeout is defined for daemons: hello_timeout. The - timeout is supposed to be used as a simple DoS attack - protection. It closes an incoming TCP-connection if no valid - first SSH message is received from the client within the - timeout limit after the TCP initial connection setup. The - initial value is 30s by compatibility reasons, but could be - lowered if needed, for example in the code or in a config file. - * inets: Clarify the handling of percent encoded characters in - http client. - * inets: fix crash for undefined port in uri. - * inets: Avoid timing issue when setting active once on a socket - that is being closed by the peer. - * inets: Handle message body of response with 1XX status code as - next http message. - * inets: Fix a crash in http server when setopts is called on a - socket closed by the peer. - * inets: A vulnerability in the httpd module (inets application) - regarding directory traversal that was introduced in OTP 22.3.1 - and corrected in OTP 22.3.4.6. It was also introduced in OTP - 23.0 and corrected in OTP 23.1 The vulnerability is registered - as CVE-2020-25623 (boo#1177354) The vulnerability is only exposed - if the http server (httpd) in the inets application is used. The - vulnerability makes it possible to read arbitrary files which - the Erlang system has read access to with for example a - specially prepared http request. - * inets: Add support of PATCH method in mod_esi. - * compiler: If the update of a map with the 'Map#{Key := Value}' - syntax failed, the line number in the stack backtrace could be - incorrect. - * compiler: Fixed a performance bug that slowed down compilation - of modules with deeply nested terms. - * compiler: The compiler could in rare circumstances do an an - unsafe optimization that would result in a matching of a nested - map pattern would fail to match. - * compiler: Fixed a bug in the validator that caused it to reject - valid code. - * public_key: Fixed an insignificant whitespace issue when - decoding PEM file. - * public_key: Experimental OCSP client support. - * public_key: Use user returned path validation error for - selfsigned cert. It allows users of the ssl application to - customize the generated TLS alert, within the range of defined - alerts. - * public_key: add API function to retrieve the subject-ID of an - X509 certificate - * runtime_tools: Fixed a crash in appmon_info triggered by trying - to read port info from a port that was in the process of - terminating. appmon_info is used by observer to get information - from the observed node. - * megaco: The expected number of warnings when (yecc) generating - v2 and v3 (text) parser's was incorrect. - * hipe: Fixed a warning issued when building the hipe - application. - * odbc: Changes in order to build on the Haiku operating system. - Thanks to Calvin Buckley - * crypto: Fix type spec bug in crypto for crypto_init and - crypto:one_time - * crypto: The deprecation message for crypto:rand_uniform/2 - indicated a non-existent function. The correct one - (rand:uniform/1) is now suggested. - * crypto: Implemented a workaround to allow fallback from using - the EVP API for Diffie-Hellman key generation - * crypto: The internal Diffie-Hellman high level API for key - generation was slow in old and by OpenSSL now unsupported - cryptolib versions (1.0.1 and earlier). If such a cryptolib is - used anyhow, the low-level API is used internally in the crypto - application. - * sasl: Make release_handler more resilient against exiting - processes during upgrade. -- Changes for 23.0.4: - * stdlib: When a temporary child of a simple_one_for_one - supervisor died, the internal state of the supervisor would be - corrupted in a way that would cause the supervisor to retain - the start arguments for subsequent children started by the - supervisor, causing unnecessary growth of the supervisor's - heap. There state corruption could potentially cause other - problems as well. - * erts: The ERTS internal I/O poll implementation could get into - an inconsistent state causing input events to be ignored. - * megaco: The v2 and v3 parsers could not properly decode some - IPv6 addresses. - -- Changes for 23.0.3: - * erts: Fixed bug in erlang:load_nif/2 that could cause it to - throw badarg exception if a concurrent code change operation - was in progress. Bug existed since OTP 23.0. - * erts: Minor fix of debug compiled VM. - * erts: An unintentional reuse of an already used emulator - internal event object could cause a wakeup signal to a thread - to be lost. In worst case this could cause the runtime system - to hang. This hang was however quite rare. - * erts: NIF threads and driver threads on non-Linux systems - leaked internal resources when terminating. On Windows these - resources were one event per thread. On most other systems one - mutex and one condition variable per thread. On these other - systems that also lacked pthread_cond_timedwait() also a pipe - with its file descriptors was leaked. - * compiler: When calls to is_map_key were repeated, the compiler - could terminate with an internal consistency failure. - * compiler: Fixed a bug in the type inference pass that could - cause the compiler to hang. - -- Changes for 23.0.2: - * erts: Fixed bug when sending an export fun (eg lists:reverse/1) - on a not yet established connection. It could cause VM crash. - Bug exists since OTP 23.0. - * megaco: The mini parser could not properly decode some IPv6 - addresses. -- Changes for 23.0.1: - * erts: The functionality utilized by BIFs for temporary - disabling of garbage collection while yielding could cause - system task queues to become inconsistent on a process - executing such a BIF. Process system tasks are for example - utilized when purging code, garbage collecting literal data, - and when issuing an ordinary garbage collection from another - process. The bug does not trigger frequently. Multiple code - purges in direct sequence makes it more likely that this bug is - triggered. In the cases observed, this has resulted in a - hanging code purge operation. - * erts: SCTP and UDP recv/2,3 hangs indefinitely if socket is - closed while recv is called (socket in passive mode). - * compiler: In rare circumstances, a guard using 'not' could - evaluate to the wrong boolean value. - * compiler: A guard expression that referenced a variable bound - to a boolean expression could evaluate to the wrong value. - -- Version 23.0: -- Potential Incompatibilities: - * SSL:Support for SSL 3.0 is completely removed. TLS 1.3 is added - to the list of default supported versions. - * erl_interface: Removed the deprecated parts of erl_interface - (erl_interface.h and essentially all C functions with prefix - erl_). - * The deprecated erlang:get_stacktrace/0 BIF now returns an empty - list instead of a stacktrace. erlang:get_stacktrace/0 is - scheduled for removal in OTP 24. -- Improvements and new features: - * ssh: OpenSSH 6.5 introduced a new file representation of keys - called openssh-key-v1. This is now supported with the exception - of handling encrypted keys. - * Algorithm configuration could now be done in a .config file. This - is useful for example to enable an algorithm that is disabled by - default without need to change the code. - * SSL: Support for the middlebox compatibility mode makes the TLS - 1.3 handshake look more like a TLS 1.2 handshake and increases - the chance of successfully establishing TLS 1.3 connections - through legacy middleboxes. - * Add support for key exchange with Edward curves and PSS-RSA - padding in signature verification - * The possibility to run Erlang distribution without relying on - EPMD has been extended. - * A first EXPERIMENTAL socket backend to gen_tcp and inet has been - implemented. gen_udp and gen_sctp will follow. - * Putting {inet_backend, socket} as first option to listen() or - connect() makes it easy to try this for existing code - * A new module erpc in kernel which implements an enhanced subset - of the operations provided by the rpc module. Enhanced in the - sense that it makes it possible to distinguish between returned - value, raised exceptions and other errors. erpc also has better - performance and scalability than the original rpc implementation. - This by utilizing the newly introduced spawn_request() BIF. Also - the rpc module benefits from these improvements by utilizing erpc - when possible. - * Scalability and performance Improvements plus new functionality - regarding distributed spawn operations. - * In binary matching, the size of the segment to be matched is now - allowed to be a guard expression (EEP-52) - * When matching with maps the keys can now be guard expressions - (EEP-52). - * ssh: support for TCP/IP port forwarding, a.k.a tunnelling a.k.a - as tcp-forward/direct-tcp is implemented. In the OpenSSH client, - this corresponds to the options -L and -R. - * Allow underscores in numeric literals to improve readability. - Examples: 123_456_789, 16#1234_ABCD. - * New functions in the shell for displaying documentation for - Erlang modules, functions and types. - * kernel: The module pg with a new implementation of distributed - named process groups is introduced. The old module pg2 is - deprecated and scheduled for removal in OTP 24. +- negotiate "strict KEX" OpenSSH feature, when negotiated between + peers apply strict KEX(bsc#1218192, CVE-2023-48795) + * fix-CVE-2023-48795.patch + +- Update to 23.3.4.19 to completely fix (CVE-2022-37026, + bsc#1205318, jira#PED-6209) + * This Removes SSL support but adds TLS 1.3 + * Other minor fixes and features especially in the ssh area. + * Remove the following patches included upstream + * fix-upstream-CVE-2022-37026.patch + * feature-upstream-ocsp.patch + * feature-upstream-ocsp-2.patch + * feature-upstream-ocsp-3.patch + * Remove the following patches not in use + * feature-upstream-testsuite-enhancement.patch + * feature-upstream-testsuite-enhancement-2.patch + +- Fix a regression in bsc#1205318 CVE-2022-37026-client-auth-bypass.patch + (bsc#1207113) + * Removed + * CVE-2022-37026-client-auth-bypass.patch + * Added + * feature-upstream-ocsp.patch + * feature-upstream-ocsp-2.patch + * feature-upstream-ocsp-3.patch + * fix-upstream-CVE-2022-37026.patch +- Make testsuite run for just ssl but leave it commented out for + production + * feature-upstream-testsuite-enhancement.patch + * feature-upstream-testsuite-enhancement-2.patch + +- Add CVE-2022-37026-client-auth-bypass.patch to fix Client + Authorization Bypass (CVE-2022-37026, bsc#1205318). Patches + gh#erlang/otp@cd5024867e7b and gh#erlang/otp@6a1baa36e4e6). ffmpeg-4 +- Add ffmpeg-CVE-2023-50010.patch: + Backporting e4d2666b from upstream, fixes the out of array access. + (CVE-2023-50010 bsc#1223256) + gh +- Update to version 2.49.2: + * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2 + * Add further docs to Option type + * Comment further on config changes + * Remove unnecessary config list variable + * Fix mistaken find and replace for Option type + * Fix repo fork to use remote protocol if none configured + * Avoid reconstructing config Options on each use + * Make config list less fallible + * Provide more type safety around config values + * Move config interfaces into gh package (#9060) + * Fix typos + * Creating doc to capture Codespace usage guidance + * Fix test function name + * Add test to verify JSON fields section is rendered in Markdown + * Output `JSON Fields` section in Markdown + * Add test to verify JSON fields section is rendered + * Add `jsonCmd` test command variable + * Output `JSON Fields` section + * Output `JSON FIELDS` + * Add tests to verify proper `help:json-fields` annotations + * Add `help:json-fields` annotation + * Add `FormatSlice` function + * Add --latest=false example to `release create` command + * Update create.go + * Add --latest=false to `gh release create` docs + +- Reenable all tests + https://github.com/cli/cli/issues/8928 looks resolved. +- Update to version 2.49.1: + * Fix `attestation verify` source repository check bug + * Fix unused params across project + * Add support for jobs with long filenames + * Run `attestation` command set integration tests separately + * build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 + * Adjust short and long to be the same + * Do not mutate headers when initialising tableprinter + * Document relationship between host and active account + +- Update to version 2.49.0: + * Document repo clone protocol behaviour + * whitespace aligment for inspect/inspect.go + * whitespace alignment in attestation/attestation.go + * Added tweaked note to tuf-root-verify + * Tweaked gh attestation help strings to generate nicer cli manual site. + * Update attestation's beta designation + * Update cli/go-gh to v2.9.0 + * Add beta designation on attestation command set + * Test `gh at verify -b` does not require auth + * Use ghinstance package for attestation host checks + * Test cmdutil.IsAuthCheckEnabled cases + * Fix issue with closing pager stream (#9020) + * Support long URLs in `gh repo clone` (#9008) + * check for enterprise host + * Add missing title field for projectv2 + * Match query fields with `ProjectV2` type + * Include `URL` in `ProjectV2` type + * Include `projectsV2` in GraphQL query + * Remove unnecessary defensive check + * Test verification failures when attestations are bad + * Rework sigstore tests for easier maintenance + * Make error more obvious when bundle has wrong extension + * Add colon at the end of secret prompts (#9004) + * Use cmdutil.ExactArgs instead of MinimumArgs; also add tests + * proof of concept for flag-level disable auth check + * remove hidden flag from attestation command (#8998) + * Update `gh attestation verify` output (#8991) + * Just base verification policy on trusted root, not bundle + * Support offline mode for `gh attestation verify` + * build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2 + * `gh attestation tuf-root-verify` offline test fix (#8975) + * Update `sigstore-go` dependency to v0.3.0 (#8977) + * build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 + * Make it clearer that job flag is meant to be an ID + * Ignore run-id when providing also job for rerun + +- Update to version 2.48.0: + * Update install_linux.md (#8950) + * Remove unnecessary --help comment + * Fix `go` directive in `go.mod` (#8956) + * Use `filepath.Join` to support different platforms + * Run `go mod tidy` + * Refactor into table tests + * Explain `--skip-ssh-key` usage in long doc + * Tidy `go.mod` + * Fix cache contention in Go CI jobs + * Fix `attestation` cmd offline unit test failure (#8933) + * Change subcommands default to be more user friendly + * Add unit test, update naming, ensure DSSE envelope is in-toto + * Updates from linter feedback + * Add support to `attestation` command for more predicate types. + * Close zip file in run view tests + * Ensure run log cache creates cache dir if it doesn't exist + * Test `--skip-ssh-key` is captured correctly + * Add test to verify skipped SSH key prompts + * Add `--skip-ssh-key` to options + * Add `SkipSSHKey` field to `LoginOptions` + * Add tests for non-happy field paths + * Fix api cache test + * Use testify in git url tests + * Ensure cache dir is always available in RunLogCache + * Remove RunLogCache interface + * Use real Run Log Cache in run view tests + * Capture error on Run Log Cache Exists + * Rework Run Log Cache so that cache dir is injected + * Expose CacheDir on Config + * Minorly refactor scheme normalization in git ParseURL + * Test for parsing error in git ParseURL + * Remove naked returns from git ParseURL + * Fix parsing IPv6 remote URLs (#8893) + * Add codeowners entry for the GitHub TUF root included in the `attestation` command set (#8919) + * Add comment to explain `showSelectedReposInfo` assignment + * Rename const to avoid CodeQL error + * Add tests to verify `numSelectedRepos` is populated when necessary + * Populate `numSelectedRepos` only if needed + * build(deps): bump google.golang.org/grpc from 1.61.1 to 1.61.2 + * Run defers in queue + * Resolve PR comments + * Wrap JSON arrays, objects in array with --slurp + * Resolve PR comments + * Clarify --merge-pages docs + * Replace --paginate-all with --merge-pages + * Resolve test issues + * Add more JSON merge tests + * Move jsonmerge package to internal + * Merge JSON responses from `gh api` + * Add tests for `FindByRepo` + * Apply suggestions from code review + * Improve error message returned by `FindByRepo` + * Add test cases to verify exported JSON has non-zero `numSelectedRepos` + * Populate `numSelectedRepos` in non-interactive mode, if explicitly selected + * Anchor the log filename to the start + * Add pr url pattern + * Test pr url lock + * update example for deeply nested array update + * allow multiple items in nested array + +- Update to version 2.47.0: + * Bump go-gh to v2.8.0 and go mod tidy + * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1 + * Bump glamour to v0.7.0 and go mod tidy + * build(deps): bump github.com/google/go-containerregistry + * build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 + * build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 + * Rely on go.mod go version in all workflows (#8911) + * Upgrade to Go 1.22 (#8836) + * build(deps): bump github.com/docker/docker + * build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 + * gh-attestation cmd integration (#8698) + * fix segfault in `gh repo rename` + * Bump go-gh to 2.7.0 + * Fix typo in auth switch help example + +- Update to version 2.46.0: + * Include draft ID in project item list JSON (#8754) + * build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 + * Document run watch and view not supporting fine grained PATs + * Document auth switch behaviour for two or more accounts + * Improve discovery of `gh auth status` + * grammar: avoid e.g.+etc. together + * Fix the description of `gh release upload` + * Bump go-keyring to fix race condition + * feat: support `dry-run` in gh `pr create` (#8376) + * build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.33.0 + * fixed doc string + * remove repetitive word + * Fix breaking test for PR/issue # change + * Enhance 2nd round of issue and PR number output + * Apply first round of owner/repo#number consistency + * fix: format files + * feat(merge): add owner/repo in prompt + +- Update to version 2.45.0: + * Bump cli/go-gh v2.6.0 for tenant using GH_TOKEN (#8787) + * Support `project view --web` with TTY (#8773) + * Handle case: some system set 600 mod for new file. + * Clarify helptext for `gh search issues` and `gh search repos` regarding archived repos + * Make minor cache list ref flag adjustments + * Update incorrect regex comment for client Commits + * Use regex to split apart the git client Commit logs + * Use null byte separators when fetching comments from git + * Add new tests to git client Commits + * Remove unnecessary split conditional from client Commits + * Extract new test helper for git client Commits + * redirect users to the `gh environment` command + * Revert "make comments in the default config file more informative" + * make comments in the default config file more informative + * fixed whitespace + * Clarify helptext for search prs regarding archived repos + * bug: fixed the result.Operation variable prior to patchRepoVariable being called in the setVariable function. + * Remove mainLoop label from garden + * feat: Add `ref` option to `gh cache list` + * chore: simplify parameter `owner` + * Support for `[HOST/]OWNER/REPO` format + * Replace `assert` with `require` in testing + * Simplify install command for Debian & Ubuntu + * Remove `--format` flag and add description for not specifying `--repo` and `--team` flag + * Fix printed project number + * Support for directory based repo and `GH_REPO` env variable + * Change the output of link` and `unlink` + * Refactor `OrganizationTeam` + * Replace `httpmock` with `gock` in testing + * handle flags with `cmdutil.MutuallyExclusive`, and move mutation methods to `queries.go` + * fix wording, move conditional blocks to functions, and add api to retrieve the ID of a team + * Fix wording + * Add testing for link and unlink + * Support for team + * Support for unlink + * Remove support for team + * Link Project to Repository or Team Command + +- Update to version 2.44.1: + * Fix PR create regression around title and body when there is only one commit by @williammartin in #8707 +- Update to version 2.44.0: + * Feature: added Order flag for release list command by @leevic31 in #8632 + * autofill with body by @guerinoni in #8423 + * Add default values to web manual and man pages by @zsloane in #8395 + * build(deps): bump microsoft/setup-msbuild from 1.3.2 to 2.0.0 by @dependabot in #8648 + * Documentation for built-in aliases by @Rebeccasun31 in #8367 + * Add more detail to fork failure message by @chrisroat in #8614 + * feat: Add cache key option to gh cache list by @toshimaru in #8667 + +- Update to version 2.43.1: + * Avoid parsing create or update label http response + * go mod tidy + * Upgrade cli/go-gh to v2.5.0 for home-manager fix + * Fix linting error + * Parse SSH args before creating the shell + * Send activity signals during non-interactive codespace SSH command + * build(deps): bump microsoft/setup-msbuild from 1.3.1 to 1.3.2 + * Specify refspec to push to the correct branch in the event of a conflicting tag + * Update Arch repo to [extra] + * added URL for newly created repo (#8574) + * build(deps): bump actions/cache from 3 to 4 (#8594) + * Add force flag to setup-git command (#8552) + * fix: Prevent nil dereference in `pr view`. (#8566) + * search repos command add usage example for --archived=false (#8391) + * Add --json export flags to release list command (#8474) + * Add json export flags to variable list command (#8516) + * build(deps): bump actions/download-artifact from 3 to 4 (#8466) + * build(deps): bump actions/upload-artifact from 3 to 4 (#8467) + * Remove project JSON formatting objects (#8541) + * Fix some typos raised by codespell + * Add Webi as an option for installation (#8555) + * Align devcontainer Go version with go.mod (#8570) + * Move create codespace permission opt out behind `else` to fix token permissions + * chore: Unify calling gh in examples (#8560) + * Mark-up `gh-config` settings with backticks + +- Update to version 2.42.1: + * Add Webi as an option for installation (#8555) + * Align devcontainer Go version with go.mod (#8570) + * Move create codespace permission opt out behind `else` to fix token permissions + * chore: Unify calling gh in examples (#8560) + +- Update to version 2.42.0: + * Prevent downloading releases with assets that match windows reserved filenames (#8517) + * Support template, jq flags with standard format flag (#7832) + * Mark-up `gh-config` settings with backticks + +- Update to version 2.41.0: + * Update deployment.yml + * Update pkg/cmd/browse/browse.go + * build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#8473) + * Ensure Windows sign script fails based on signtool + * Update deployment workflow for final HSM solution + * Fix signtool invocation + * Fix sign script fail conditions + * Fix HSM goreleaser calling sign script + * Fix HSM Windows signing + * Fix issue sourcing signtool for Windows signing + * build(deps): bump github/codeql-action from 2 to 3 + * Verify the downloaded zip for `gh run view --log` + * Add missing PowerShell file from previous commit + * Unify Windows sign process on signtool + * Add more help message to browse command + glibc +- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue + for _start routine (bsc#1221940) + +- nscd-netgroup-cache-timeout.patch: Use time_t for return type of + addgetnetgrentX (CVE-2024-33602, bsc#1223425) +- Also add libc_nonshared.a workaround to 32-bit x86 compat package + (bsc#1221482) + - (CVE-2024-33599, bsc#1223423) + (CVE-2024-33599, bsc#1223423, BZ #31677) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - CVE-2024-33602, bsc#1223425) + CVE-2024-33602, bsc#1223425, BZ #31680) glibc:i686 +- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue + for _start routine (bsc#1221940) + +- nscd-netgroup-cache-timeout.patch: Use time_t for return type of + addgetnetgrentX (CVE-2024-33602, bsc#1223425) +- Also add libc_nonshared.a workaround to 32-bit x86 compat package + (bsc#1221482) + - (CVE-2024-33599, bsc#1223423) + (CVE-2024-33599, bsc#1223423, BZ #31677) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - CVE-2024-33602, bsc#1223425) + CVE-2024-33602, bsc#1223425, BZ #31680) glibc:utils +- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue + for _start routine (bsc#1221940) + +- nscd-netgroup-cache-timeout.patch: Use time_t for return type of + addgetnetgrentX (CVE-2024-33602, bsc#1223425) +- Also add libc_nonshared.a workaround to 32-bit x86 compat package + (bsc#1221482) + - (CVE-2024-33599, bsc#1223423) + (CVE-2024-33599, bsc#1223423, BZ #31677) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - (CVE-2024-33600, bsc#1223424) + (CVE-2024-33600, bsc#1223424, BZ #31678) - CVE-2024-33602, bsc#1223425) + CVE-2024-33602, bsc#1223425, BZ #31680) guestfs-tools +- Add Requires on libguestfs which will pull in + libguestfs-appliance and all its dependencies. (bsc#1223444) + guestfs-tools.spec + +- Upstream bug fixes + Update-virt-customize-generated-files.patch + Initialise-bar-fp-as-NULL.patch + installation-images:openSUSE +- merge gh#openSUSE/installation-images#713 +- refresh ssh_host_rsa_key (jsc#PED-129) +- 16.59.13 + +- merge gh#openSUSE/installation-images#712 +- increase XZ compression level for initrd (bsc#1223982) +- support ZSTD compression for initrd +- 16.59.12 + jeos-firstboot +- Update to version 1.3.0.8: + * Resolve cycle w.r.t. wicked (bsc#1223391) + kernel-64kb +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-azure +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + +- Update kabi files: updated for post-PublicRC +- commit f978f5f + +- Update + patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch + (git-fixes CVE-2024-26890 bsc#1223192). +- Update + patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch + (jsc#PED-3311 CVE-2024-26907 bsc#1223203). +- Update + patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch + (git-fixes CVE-2024-26916 bsc#1223137). +- Update + patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch + (git-fixes CVE-2024-26877 bsc#1223140). +- Update + patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch + (git-fixes CVE-2024-26880 bsc#1223188). +- Update + patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch + (git-fixes CVE-2024-26913 bsc#1223204). +- Update + patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch + (git-fixes CVE-2024-26914 bsc#1223205). +- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch + (git-fixes CVE-2024-26915 bsc#1223207). +- Update + patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch + (git-fixes CVE-2024-26893 bsc#1223196). +- Update + patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch + (bsc#1221858 CVE-2024-26582 bsc#1220214). +- Update + patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch + (git-fixes CVE-2024-26897 bsc#1223323). +- Update + patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch + (git-fixes CVE-2024-26892 bsc#1223195). +- Update + patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch + (git-fixes CVE-2024-26895 bsc#1223197). +- commit d9b565f + +- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing + Adv Monitor (bsc#1219216). +- commit 81c5485 + +- Update + patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch + (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). +- Update + patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch + (git-fixes CVE-2024-26891 bsc#1223037). +- Update + patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch + (git-fixes CVE-2024-26894 bsc#1223043). +- Update + patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch + (git-fixes CVE-2024-26799 bsc#1222415). +- Update + patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch + (git-fixes CVE-2024-26801 bsc#1222413). +- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch + (git-fixes CVE-2024-26886 bsc#1223044). +- Update + patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch + (git-fixes CVE-2024-26839 bsc#1222975). +- Update + patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch + (git-fixes CVE-2024-26838 bsc#1222974). +- Update + patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch + (git-fixes CVE-2024-26872 bsc#1223115). +- Update + patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch + (git-fixes CVE-2024-26848 bsc#1223030). +- Update + patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch + (git-fixes CVE-2024-26736 bsc#1222586). +- Update + patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch + (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). +- Update + patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch + (bsc#1220265 CVE-2024-26840 bsc#1222976). +- Update + patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch + (bsc#1221391 CVE-2024-26689 bsc#1222503). +- Update + patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch + (git-fixes CVE-2024-26879 bsc#1223066). +- Update + patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch + (git-fixes CVE-2024-26824 bsc#1223081). +- Update + patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch + (git-fixes CVE-2024-26788 bsc#1222783). +- Update + patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch + (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). +- Update + patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch + (git-fixes CVE-2024-26700 bsc#1222870). +- Update + patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch + (git-fixes CVE-2024-26833 bsc#1223036). +- Update + patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch + (git-fixes CVE-2024-26729 bsc#1222552). +- Update + patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch + (git-fixes CVE-2024-26797 bsc#1222425). +- Update + patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch + (git-fixes CVE-2024-26876 bsc#1223119). +- Update + patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch + (git-fixes CVE-2024-26911 bsc#1223055). +- Update + patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch + (git-fixes CVE-2024-26874 bsc#1223048). +- Update + patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch + (git-fixes CVE-2024-26912 bsc#1223064). +- Update + patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch + (git-fixes CVE-2024-26843 bsc#1223014). +- Update + patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch + (git-fixes CVE-2024-26798 bsc#1222798). +- Update + patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch + (git-fixes CVE-2024-26830 bsc#1223012). +- Update + patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch + (git-fixes CVE-2024-26711 bsc#1222420). +- Update + patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch + (git-fixes CVE-2024-26755 bsc#1222529). +- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch + (git-fixes CVE-2024-26829 bsc#1223027). +- Update + patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch + (git-fixes CVE-2024-26875 bsc#1223118). +- Update + patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch + (git-fixes CVE-2024-26820 bsc#1223078). +- Update + patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch + (bsc#1215322 CVE-2024-26859 bsc#1223049). +- Update + patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch + (git-fixes CVE-2024-26803 bsc#1222788). +- Update + patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch + (git-fixes CVE-2024-26825 bsc#1223065). +- Update + patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch + (git-fixes CVE-2024-26697 bsc#1222550). +- Update + patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch + (git-fixes CVE-2024-26696 bsc#1222549). +- Update + patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch + (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 + bsc#1222418). +- Update + patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch + (bsc#1215199 CVE-2024-26710 bsc#1222419). +- Update + patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch + (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). +- Update + patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch + (bsc#1215199 CVE-2024-26847 bsc#1223026). +- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes + CVE-2024-26675 bsc#1222379). +- Update + patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch + (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). +- Update + patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch + (git-fixes CVE-2024-26693 bsc#1222451). +- Update + patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch + (git-fixes CVE-2024-26779 bsc#1222772). +- Update + patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch + (git-fixes CVE-2024-26896 bsc#1223042). +- Update + patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch + (git-fixes CVE-2024-26687 bsc#1222435). +- commit a69636a + +- Update + patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch + (git-fixes CVE-2023-52643 bsc#1222960). +- Update + patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch + (git-fixes CVE-2023-52642 bsc#1223031). +- Update + patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch + (git-fixes CVE-2023-52644 bsc#1222961). +- commit 2c2d37f + +- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) +- commit 9436142 + +- nvme-tcp: strict pdu pacing to avoid send stalls on TLS + (bsc#1221858). +- tls: fix peeking with sync+async decryption (bsc#1221858). +- tls: don't skip over different type records from the rx_list + (bsc#1221858). +- tls: stop recv() if initial process_rx_list gave us non-DATA + (bsc#1221858). +- tls: break out of main loop when PEEK gets a non-data record + (bsc#1221858). +- net: tls: fix returned read length with async decrypt + (bsc#1221858). +- net: tls: fix use-after-free with partial reads and async + (bsc#1221858). +- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). +- commit 9d8d293 + kernel-debug +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-default +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-docs +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-kvmsmall +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-obs-build +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-obs-qa +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-source +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-source-azure +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + +- Update kabi files: updated for post-PublicRC +- commit f978f5f + +- Update + patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch + (git-fixes CVE-2024-26890 bsc#1223192). +- Update + patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch + (jsc#PED-3311 CVE-2024-26907 bsc#1223203). +- Update + patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch + (git-fixes CVE-2024-26916 bsc#1223137). +- Update + patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch + (git-fixes CVE-2024-26877 bsc#1223140). +- Update + patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch + (git-fixes CVE-2024-26880 bsc#1223188). +- Update + patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch + (git-fixes CVE-2024-26913 bsc#1223204). +- Update + patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch + (git-fixes CVE-2024-26914 bsc#1223205). +- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch + (git-fixes CVE-2024-26915 bsc#1223207). +- Update + patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch + (git-fixes CVE-2024-26893 bsc#1223196). +- Update + patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch + (bsc#1221858 CVE-2024-26582 bsc#1220214). +- Update + patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch + (git-fixes CVE-2024-26897 bsc#1223323). +- Update + patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch + (git-fixes CVE-2024-26892 bsc#1223195). +- Update + patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch + (git-fixes CVE-2024-26895 bsc#1223197). +- commit d9b565f + +- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing + Adv Monitor (bsc#1219216). +- commit 81c5485 + +- Update + patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch + (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). +- Update + patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch + (git-fixes CVE-2024-26891 bsc#1223037). +- Update + patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch + (git-fixes CVE-2024-26894 bsc#1223043). +- Update + patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch + (git-fixes CVE-2024-26799 bsc#1222415). +- Update + patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch + (git-fixes CVE-2024-26801 bsc#1222413). +- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch + (git-fixes CVE-2024-26886 bsc#1223044). +- Update + patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch + (git-fixes CVE-2024-26839 bsc#1222975). +- Update + patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch + (git-fixes CVE-2024-26838 bsc#1222974). +- Update + patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch + (git-fixes CVE-2024-26872 bsc#1223115). +- Update + patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch + (git-fixes CVE-2024-26848 bsc#1223030). +- Update + patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch + (git-fixes CVE-2024-26736 bsc#1222586). +- Update + patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch + (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). +- Update + patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch + (bsc#1220265 CVE-2024-26840 bsc#1222976). +- Update + patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch + (bsc#1221391 CVE-2024-26689 bsc#1222503). +- Update + patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch + (git-fixes CVE-2024-26879 bsc#1223066). +- Update + patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch + (git-fixes CVE-2024-26824 bsc#1223081). +- Update + patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch + (git-fixes CVE-2024-26788 bsc#1222783). +- Update + patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch + (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). +- Update + patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch + (git-fixes CVE-2024-26700 bsc#1222870). +- Update + patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch + (git-fixes CVE-2024-26833 bsc#1223036). +- Update + patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch + (git-fixes CVE-2024-26729 bsc#1222552). +- Update + patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch + (git-fixes CVE-2024-26797 bsc#1222425). +- Update + patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch + (git-fixes CVE-2024-26876 bsc#1223119). +- Update + patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch + (git-fixes CVE-2024-26911 bsc#1223055). +- Update + patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch + (git-fixes CVE-2024-26874 bsc#1223048). +- Update + patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch + (git-fixes CVE-2024-26912 bsc#1223064). +- Update + patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch + (git-fixes CVE-2024-26843 bsc#1223014). +- Update + patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch + (git-fixes CVE-2024-26798 bsc#1222798). +- Update + patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch + (git-fixes CVE-2024-26830 bsc#1223012). +- Update + patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch + (git-fixes CVE-2024-26711 bsc#1222420). +- Update + patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch + (git-fixes CVE-2024-26755 bsc#1222529). +- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch + (git-fixes CVE-2024-26829 bsc#1223027). +- Update + patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch + (git-fixes CVE-2024-26875 bsc#1223118). +- Update + patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch + (git-fixes CVE-2024-26820 bsc#1223078). +- Update + patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch + (bsc#1215322 CVE-2024-26859 bsc#1223049). +- Update + patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch + (git-fixes CVE-2024-26803 bsc#1222788). +- Update + patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch + (git-fixes CVE-2024-26825 bsc#1223065). +- Update + patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch + (git-fixes CVE-2024-26697 bsc#1222550). +- Update + patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch + (git-fixes CVE-2024-26696 bsc#1222549). +- Update + patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch + (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 + bsc#1222418). +- Update + patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch + (bsc#1215199 CVE-2024-26710 bsc#1222419). +- Update + patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch + (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). +- Update + patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch + (bsc#1215199 CVE-2024-26847 bsc#1223026). +- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes + CVE-2024-26675 bsc#1222379). +- Update + patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch + (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). +- Update + patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch + (git-fixes CVE-2024-26693 bsc#1222451). +- Update + patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch + (git-fixes CVE-2024-26779 bsc#1222772). +- Update + patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch + (git-fixes CVE-2024-26896 bsc#1223042). +- Update + patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch + (git-fixes CVE-2024-26687 bsc#1222435). +- commit a69636a + +- Update + patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch + (git-fixes CVE-2023-52643 bsc#1222960). +- Update + patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch + (git-fixes CVE-2023-52642 bsc#1223031). +- Update + patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch + (git-fixes CVE-2023-52644 bsc#1222961). +- commit 2c2d37f + +- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) +- commit 9436142 + +- nvme-tcp: strict pdu pacing to avoid send stalls on TLS + (bsc#1221858). +- tls: fix peeking with sync+async decryption (bsc#1221858). +- tls: don't skip over different type records from the rx_list + (bsc#1221858). +- tls: stop recv() if initial process_rx_list gave us non-DATA + (bsc#1221858). +- tls: break out of main loop when PEEK gets a non-data record + (bsc#1221858). +- net: tls: fix returned read length with async decrypt + (bsc#1221858). +- net: tls: fix use-after-free with partial reads and async + (bsc#1221858). +- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). +- commit 9d8d293 + kernel-syms +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + kernel-syms-azure +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + +- Update kabi files: updated for post-PublicRC +- commit f978f5f + +- Update + patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch + (git-fixes CVE-2024-26890 bsc#1223192). +- Update + patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch + (jsc#PED-3311 CVE-2024-26907 bsc#1223203). +- Update + patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch + (git-fixes CVE-2024-26916 bsc#1223137). +- Update + patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch + (git-fixes CVE-2024-26877 bsc#1223140). +- Update + patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch + (git-fixes CVE-2024-26880 bsc#1223188). +- Update + patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch + (git-fixes CVE-2024-26913 bsc#1223204). +- Update + patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch + (git-fixes CVE-2024-26914 bsc#1223205). +- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch + (git-fixes CVE-2024-26915 bsc#1223207). +- Update + patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch + (git-fixes CVE-2024-26893 bsc#1223196). +- Update + patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch + (bsc#1221858 CVE-2024-26582 bsc#1220214). +- Update + patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch + (git-fixes CVE-2024-26897 bsc#1223323). +- Update + patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch + (git-fixes CVE-2024-26892 bsc#1223195). +- Update + patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch + (git-fixes CVE-2024-26895 bsc#1223197). +- commit d9b565f + +- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing + Adv Monitor (bsc#1219216). +- commit 81c5485 + +- Update + patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch + (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). +- Update + patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch + (git-fixes CVE-2024-26891 bsc#1223037). +- Update + patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch + (git-fixes CVE-2024-26894 bsc#1223043). +- Update + patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch + (git-fixes CVE-2024-26799 bsc#1222415). +- Update + patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch + (git-fixes CVE-2024-26801 bsc#1222413). +- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch + (git-fixes CVE-2024-26886 bsc#1223044). +- Update + patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch + (git-fixes CVE-2024-26839 bsc#1222975). +- Update + patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch + (git-fixes CVE-2024-26838 bsc#1222974). +- Update + patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch + (git-fixes CVE-2024-26872 bsc#1223115). +- Update + patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch + (git-fixes CVE-2024-26848 bsc#1223030). +- Update + patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch + (git-fixes CVE-2024-26736 bsc#1222586). +- Update + patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch + (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). +- Update + patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch + (bsc#1220265 CVE-2024-26840 bsc#1222976). +- Update + patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch + (bsc#1221391 CVE-2024-26689 bsc#1222503). +- Update + patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch + (git-fixes CVE-2024-26879 bsc#1223066). +- Update + patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch + (git-fixes CVE-2024-26824 bsc#1223081). +- Update + patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch + (git-fixes CVE-2024-26788 bsc#1222783). +- Update + patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch + (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). +- Update + patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch + (git-fixes CVE-2024-26700 bsc#1222870). +- Update + patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch + (git-fixes CVE-2024-26833 bsc#1223036). +- Update + patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch + (git-fixes CVE-2024-26729 bsc#1222552). +- Update + patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch + (git-fixes CVE-2024-26797 bsc#1222425). +- Update + patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch + (git-fixes CVE-2024-26876 bsc#1223119). +- Update + patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch + (git-fixes CVE-2024-26911 bsc#1223055). +- Update + patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch + (git-fixes CVE-2024-26874 bsc#1223048). +- Update + patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch + (git-fixes CVE-2024-26912 bsc#1223064). +- Update + patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch + (git-fixes CVE-2024-26843 bsc#1223014). +- Update + patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch + (git-fixes CVE-2024-26798 bsc#1222798). +- Update + patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch + (git-fixes CVE-2024-26830 bsc#1223012). +- Update + patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch + (git-fixes CVE-2024-26711 bsc#1222420). +- Update + patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch + (git-fixes CVE-2024-26755 bsc#1222529). +- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch + (git-fixes CVE-2024-26829 bsc#1223027). +- Update + patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch + (git-fixes CVE-2024-26875 bsc#1223118). +- Update + patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch + (git-fixes CVE-2024-26820 bsc#1223078). +- Update + patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch + (bsc#1215322 CVE-2024-26859 bsc#1223049). +- Update + patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch + (git-fixes CVE-2024-26803 bsc#1222788). +- Update + patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch + (git-fixes CVE-2024-26825 bsc#1223065). +- Update + patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch + (git-fixes CVE-2024-26697 bsc#1222550). +- Update + patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch + (git-fixes CVE-2024-26696 bsc#1222549). +- Update + patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch + (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 + bsc#1222418). +- Update + patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch + (bsc#1215199 CVE-2024-26710 bsc#1222419). +- Update + patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch + (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). +- Update + patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch + (bsc#1215199 CVE-2024-26847 bsc#1223026). +- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes + CVE-2024-26675 bsc#1222379). +- Update + patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch + (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). +- Update + patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch + (git-fixes CVE-2024-26693 bsc#1222451). +- Update + patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch + (git-fixes CVE-2024-26779 bsc#1222772). +- Update + patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch + (git-fixes CVE-2024-26896 bsc#1223042). +- Update + patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch + (git-fixes CVE-2024-26687 bsc#1222435). +- commit a69636a + +- Update + patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch + (git-fixes CVE-2023-52643 bsc#1222960). +- Update + patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch + (git-fixes CVE-2023-52642 bsc#1223031). +- Update + patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch + (git-fixes CVE-2023-52644 bsc#1222961). +- commit 2c2d37f + +- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) +- commit 9436142 + +- nvme-tcp: strict pdu pacing to avoid send stalls on TLS + (bsc#1221858). +- tls: fix peeking with sync+async decryption (bsc#1221858). +- tls: don't skip over different type records from the rx_list + (bsc#1221858). +- tls: stop recv() if initial process_rx_list gave us non-DATA + (bsc#1221858). +- tls: break out of main loop when PEEK gets a non-data record + (bsc#1221858). +- net: tls: fix returned read length with async decrypt + (bsc#1221858). +- net: tls: fix use-after-free with partial reads and async + (bsc#1221858). +- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). +- commit 9d8d293 + kernel-zfcpdump +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + +- btrfs: qgroup: always free reserved space for extent records + (bsc#1216196). +- commit 5a30b4d + +- Update + patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch + (git-fixes CVE-2024-26927 bsc#1223525). +- commit d3c5f91 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch + (bsc#1219485 bsc#1219451 git-fixes). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes). +- commit 73a9e98 + +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() + (CVE-2024-26852 bsc#1223057) +- commit 9474f59 + +- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) +- commit 689bcfa + libcontainers-common +- Introduce new subpackage that ships registries.conf that uses + registry.suse.com as the only unqualified registry while pulling images on + SL Micro and SP6. (jsc#SMO-376, jsc#PED-8289) + +- Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556) + + 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch +- Fallback to podman's default capabilities and journal driver via containers.conf +- New release 20240408 +- bump bundled c/common to 0.58.0 +- bump bundled c/image to 5.30.0 +- bump bundled c/storage to 1.53.0 + +- reenable SUSE registry key validation for new key. + +- disable the SUSE registry key validation temporary to switch the key on + registry.suse.com. + +- New release 20240206 +- bump bundled c/common to 0.57.4 +- bump bundled c/image to 0.29.2 +- conditionally require libcontainers-sles-mounds for product(SLE-Micro) as well + (SLE Micro 6.0 now no longer provides product(SUSE_SLE) and instead only + provides product(SLE-Micro)), fixes bsc#1216443 + +- New release 20231204 +- bump c/common to 0.57.0 + * Bump to v0.56.0 by + * Fix typo in comment + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 + * Fix specification of unix:///run + * libimage/layer_tree: if parent is empty and a manifest list then ignore check. + * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.12.1 + * Split up util package into pkg/password, pkg/copy, pkg/version + * Remove ActiveDestination method to move into podman + * Default machine CPUs to Cores/2 + * pkg/config: do NOT set StaticDir and VolumeDir + * Implement negated label match function + * chore: import packages only once + * CoC: fix email link +- bump c/storage to 1.51.0 + * Bump to v1.50.2 + * overlay, composefs: mount loop device RO + * Run codespell on code + * fix(deps): update module github.com/klauspost/compress to v1.17.0 + * store: serialize container deletion + * pkg/system: reduce retry timeout for EnsureRemoveAll + * overlay, composefs: use data-only lower layers + * store: call RecordWrite() before graphDriver Cleanup() + * fix(deps): update module golang.org/x/sys to v0.13.0 +- bump c/image to 5.29.0 + * Bump to v5.28.0 + * fix(deps): update module github.com/containers/storage to v1.50.2 + * Run codespell on code + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 + * Use constants and types from opencontainers/image-spec/specs-go/v1 + * progress: set Current before Refill + * copy: fix nil pointer dereference when checking compression algorithm + * fix(deps): update module github.com/klauspost/compress to v1.17.0 + * fix(deps): update module github.com/sylabs/sif/v2 to v2.14.0 + * ociarchive: Add new ArchiveFileNotFoundError + libguestfs +- Set Recommends on zerofree and ntfsprogs for libguestfs-appliance + +- Switch Recommends to Requires for several packages in the + libguestfs-appliance which is where the tools from these + packages are used. (bsc#1223444) + +- Require ntfs-3g for libguestfs-winsupport + libguestfs.spec + +- Upstream bug fixes + Split-chown-parameter-on-character.patch + Initialise-bar-fp-as-NULL.patch + +- bsc#1206361 - SLES 15 SP5 Beta2 - virt-customize ssh-inject fails + (s390x/kvm/libvirt) (-> Server-Applications module) + use-rtc-driftfix-slew-for-x86-only.patch + +- BuildRequire pkgconfig(libzstd) additionaly to zstd: we need the + devel package. In the past, it was pulled in by indirect deps. + +- Copy sorted packagelist to packages during supermin appliance + setup. (bsc#1215586) + libguestfs.spec + libnvme +- Update to version 1.8+26.gc96fbe8: + * fabrics: keyring is a long (bsc#1216982) + * config-schema.json.in: tls keys and keyrings are strings (bsc#1216982) + * linux: Add nvme_scan_tls_keys() (bsc#1216982) + * json: dump TLS key data in PSK interchange format (bsc#1216982) + * json: import TLS key from PSK interchange format (bsc#1216982) + * json: export TLS key in PSK interchange format (bsc#1216982) + * tree: read TLS key in nvme_configure_ctrl() (bsc#1216982) + * linux: rework nvme_insert_tls_key_versioned() (bsc#1216982) + * linux: add nvme_import_tls_key() (bsc#1216982) + * linux: add nvme_export_tls_key() (bsc#1216982) + * crc32: Add CRC32 algorithm (bsc#1216982) + * linux: add nvme_update_key() (bsc#1216982) + * linux: add nvme_read_key() (bsc#1216982) + * linux: allow for NULL argument in nvme_lookup_keyring() (bsc#1216982) + * tree: use strtou32 to read lba_size + * tree: fix lba_count size calculation + * libnvme : record the nvme pci adapter physical slot (bsc#1223208) + * tree: fix mem leak in nvme_ns_init() (bsc#1223331) + nvme-cli +- Update to version2.8+19.g47882bb: + * nvme: fix mem leak in multiple key related functions (bsc#1223331) + * fabrics: fix mem leak in nvmf_check_hostid_and_hostnqn() (bsc#1223331) + * nvme: check-tls-key fails despite having hostnqn file (bsc#1223331) + * nvme: print retained key for gen-tls-key's -i option too (bsc#1223331) + * nvme-print: print more details in ns-descs verbose output (bsc#1223331) + * nvme: use library functions for importing and exporting TLS keys (bsc#1216982) + * nvme: Fix to cleanup free raw_secret memory allocated + openssl-1_1 +- Security fix: [bsc#1222548, CVE-2024-2511] + * Fix unconstrained session cache growth in TLSv1.3 + * Add openssl-CVE-2024-2511.patch + openssl-3 +- Security fix: [bsc#1222548, CVE-2024-2511] + * Fix unconstrained session cache growth in TLSv1.3 + * Add openssl-CVE-2024-2511.patch + opensuse-welcome +- Update to version 0.1.9+git.55.08b0379: + * Update README.md + * Refresh README with build instructions + * adding donate button to allow donations to the Geeko Foundation + * Translated using Weblate (Macedonian) + * Translated using Weblate (Russian) + +- remove dependency on /usr/bin/python3 using + %python3_fix_shebang_path macro, [bsc#1212476] + osinfo-db +- bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS + version should be SL Micro 6.0 + add-slm6.0-support.patch + Drop add-slem6.0-support.patch + ovmf +- Add the following patches from edk2-stable202402 for CVE-2022-36763: + - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch + 1ddcb9fc6b41 SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml + - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch + 4776a1b39ee0 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 + - ovmf-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch + 224446543206 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 + (bsc#1218678, CVE-2022-36763) +- Add the following patches from edk2-stable202402 for CVE-2022-36764: + - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch + 8f6d343ae639 SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml + - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch + 0d341c01eeab SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 + - ovmf-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch + c7b279442181 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 + (bsc#1218679, CVE-2022-36764) +- All the above patches for CVE-2022-36763 and CVE-2022-36764 need the + following patches. We also backported them: + - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch + 264636d8e698 SecurityPkg: : Updating SecurityFixes.yaml after symbol rename + - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch + 326db0c90720 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename + - ovmf-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch + 40adbb7f628d SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename + (bsc#1218678, CVE-2022-36763)(bsc#1218679, CVE-2022-36764) + package-translations +- Update to version 89.87.20240323.9bdb784: + * Update for Leap 15.6 RC poo#131735 + * Translated using Weblate (Catalan) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (English (United Kingdom)) + * Translated using Weblate (Finnish) + * Translated using Weblate (French) + * Translated using Weblate (German) + * Translated using Weblate (Japanese) + * Translated using Weblate (Russian) + * Translated using Weblate (Ukrainian) + pam_pkcs11 +- Fix for bsc#1221255: + * Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch + -- Updated to version 0.6.6: - * Compatible with pcsc-lite-1.6. - * New mapper API. - * Minor fixes. - * Translaton updates. - patterns-base +- Cherry-pick SLE change + * Enhanced base system: drop recommendation of openssh-server-config-rootlogin + * Latest openssh in SP6 restores the previous behaviour of previous + Service Packs by default, and drops the package. + This essentially reverts the previous change. A new package, + openssh-server-config-disallow-rootlogin can be installed to set + PermitRootLogin to prohibit-password (bsc#1223486). + patterns-server +- kvm and xen: drop recommendation of openssh-server-config-rootlogin + * Latest openssh in SP6 restores the previous behaviour of previous + Service Packs by default, and drops the package. + This essentially reverts the previous change. A new package, + openssh-server-config-disallow-rootlogin can be installed to set + PermitRootLogin to prohibit-password (bsc#1223486). + pipewire +- Update to version 1.0.5+git36.60deeb2 to fix several crashes, + NULL checks, format strings and other issues: + * spa: libcamera: fix RGB mappings + * pw-dump: destroy all objects not just those matching the pattern + * pw-dump: fix string memory leak on error + * json: fix high surrogate escapes + * core: handle import errors better + * gst/src: fix crash when current_caps is NULL + * gst/src: Avoid unnecessary renegotiations during streaming + * gst/src: Cleanups for src_negotiate() + * pw-mon: fix type confusion in core event handler + * gst: fix stream params memory leak + * gst: handle some more errors + * treewide: fix errno assignments + * alsa-pcm: don't force quantum for iec958 formats + * journal: prepend code location to messages at debug log levels + * module-rt: fix compiler warning + * filter-chain: fix arguments of calloc + * combine-stream tag forward + * Add album to tag metadata + * impl-node: avoid bitfield races + * treewide: fix some format string issues + * conf: warn when match actions are missing + * module-protocol-simple: handle 'node.name' property + * module-ffado: only start after ports are configured + * context: fill basic properties early + * combine-stream: fix latency-compensate with resample.disabled=true + * profiler: remove unused data-loop + * v4l2: fix printf format + * spa: v4l2: encode device id into a json array + * spa: libcamera: encode device ids into a json array + * impl-port: avoid doing work when the port is destroyed + * impl-port: use 0 size when clearing IO + * stream: log a warning when media.class and direction mismatch + * module-loopback: only enable delay with valid rate and channels + * alsa: fix race when updating the eventfd + * audioconvert: also clamp monitor volume to min/max + * combine-stream: actually make use of resample.disable + +- Update to version 1.0.5: + * Highlights + - pw_stream can now report timestamps on buffers and the + expected amount of samples for the resampler. + - The GStreamer element now has more correct timestamps using + the new pw_stream timestamps as a fallback. + - The FFADO module now handles suspend and resume better. + - A regression in v4l2 was fixed when parsing malformed + filters. + - A potential memory/fd leak was fixed in client-node. + - Many more small bugfixes and improvements. + * PipeWire + - pw_stream now reports the expected resampler input or output + size in the pw_time structure. (#3750) + - pw_stream now also adds a time field to the buffer, which + contains the time of the graph when the buffer was received + in the stream. + - Fix a compiler error when compiling with -Werror=shadow. + (#3915) + - The config parser will warn when invalid config is detected. + * Modules + - The FFADO module now opens and closes when suspending. This + fixes some problems when FFADO properties are changed while + suspended. (#3558) + - Filter-chain will now warn when invalid config is detected. + - Echo-cancel will now handle manage the state of the + echo-cancel plugin better, making sure run() is not called + after deactivate(). + - Fix some potential memory/fd leaks in client-node. + * SPA + - Improve reading the bound ALSA controls. + - The resampler can now also report the number of expected + output samples. + - The ALSA ACP device objects have some more properties like + the card.id and alsa.components. (#3912) + - Fix a potential string corruption when parsing JSON strings. + - V4l2 now sets the latency on the port. (#3910) + - alsa-udev now has an option to expose the device even if + busy. (#3914) + - Improve null-audio-sink channel handling. (#3931) + - v4l2 will now drop the first frame because it often contains + wrong timestamps or garbage. (#3910) + - A regression in v4l2 was fixed where invalid/empty properties + in the filter would make it error early. (#3959) + * GStreamer + - The source now falls back to the new pw_buffer time for the + timestamps. + * Docs + - Sync with the master branch. + +- Move the jack spa plugin from the pipewire-spa-plugins-0_2 + package to a new pipewire-spa-plugins-0_2-jack package. This + allows to not Suggest the pipewire-libjack package from + pipewire-spa-plugins-0_2 since that's only used to connect + pipewire as a client to a jack server which is not common at all + (boo#1222253). + +- Avoid %if %{pkg_vcmp gcc < 8}, instead replicate the condition + from the BuildRequires section. + product-builder +- 1.2.17 + * fix PowerPC build failure introduced in 1.2.16 (bsc#1224010) + +- 1.2.16 + * PowerPC: no more -part partitions (bsc#1206021) + python-Django -- Import fix-safemimetext-set_payload.patch from the Factory version, fixes - tests on python 3.11.9+ (gh#django/django@b231bcd19e57, bsc#1222880) +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) -- Add CVE-2024-27351.patch patch (CVE-2024-27351, bsc#1220358) +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. python3-sip4 +- Rename the macros.python_all-sip4 file to macros.python3_all-sip4 + so it doesn't conflict with the file from python311-sip4-common + and also rename the macro defined within from %python_sip_api_ver + to %python3_sip_api_ver in case the sip api version of one of the + packages changes in the future (bsc#1224000) + rabbitmq-server -- Sync Factory version (3.12.11) Into SLE-15-SP6 -- The following bugs were fixed in upstream updates rather then - via patching. - * CVE-2021-22116 - * CVE-2021-32718 - * CVE-2021-32719 - * CVE-2022-31008 - * CVE-2023-46118 - * bsc#1186203 - * bsc#1187818 - * bsc#1187819 - * bsc#1199431 - * bsc#1205267 - * bsc#1216582 -- The following patches are no longer needed - * bsc1199431.patch - * fix-CVE-2021-22116.patch - * fix-CVE-2021-32718.patch - * fix-CVE-2021-32719.patch - * fix-CVE-2022-31008-0.patch - * fix-CVE-2022-31008-1.patch - * fix-CVE-2022-31008-2.patch - * fix-CVE-2022-31008-3.patch - * fix-CVE-2023-46118-0.patch - * fix-CVE-2023-46118-1.patch -- The following are the dropped changelog entries minus datestamps -- Simon Lees - Danilo Spinella + - Danilo Spinella + - Danilo Spinella + -- update to 3.12.11: - * Quorum queue declared when one of cluster nodes was down - could trigger connection exceptions. - * Avoids a rare exception that could stop TCP socket writes on - a client connection. - * `queue_deleted` and `queue_created` internal events now - include queue type as a module name, and not an inconsistent - (with the other queue and stream types) value `classic`. - * Definition files that are virtual host-specific cannot be - imported on boot. Such files will now be detected early and - the import process will terminate after logging a more - informative message. - * Several AMQP 1.0 application properties are now more - correctly converted to AMQP 0-9-1 headers by - cross-protocol Shovels. - * The priority property now populates an AMQP 1.0 header with - the same name, per AMQP 1.0 spec. - * Metric label values now escape certain non-ASCII characters. - * Avoids an exception when an MQTT client that used a QoS 0 - subscription reconnects and its original connection node - is down. - * Avoids an exception when an MQTT client connection was force- - closed via the HTTP API. - * Certain CLI commands could not be run in a shell script loop, - unless the script explicitly redirected standard input. - * `rabbitmq-diagnostics cluster_status` now responds much - quicker when a cluster node has gone down, were shut down, - or otherwise has become unreachable by the rest of the cluster. - * Reverted a change to `DELETE /api/queues/{vhost}/{name}` that - allowed removal of exclusive queues and introduced - unexpected side effects. - * `DELETE /api/policies/{vhost}/{policy}` returned a 500 - response instead of a 404 one when target virtual host did - not exist. - * Avoid log noise when an HTTP API request is issued against a - booting or very freshly booted node. - * HTTP API endpoints that involves contacting multiple nodes - now respond much quicker when a cluster node - has gone down, were shut down, or otherwise has become - unreachable by the rest of the cluster - * Definition exported for just one virtual host cannot be - imported at node boot time. - * Now such files are detected early with a clear log message - and immediate node boot process termination. - * To obtain source code of the entire distribution, please - download the archive named `rabbitmq-server-3.12.11.tar.xz` - instead of the source tarball produced by GitHub. - -- update to 3.12.10: - * Avoids two Shovels being started after an upgrade from 3.12.6 - or older versions. - * When a topic permission was deleted, an internal event of type - permission.deleted was emitted in some cases, instead of - topic.permission.deleted. - * Shovels on 3.12.8 nodes failed during a rolling cluster upgrade - due to internal identifier format changes. - * Avoids an unnecessary warning in the logs. - * avoids a potential exception in the autoheal partition handler. - * raft.segment_max_entries is now validated to prevent the value - from overflowing its 16-bit segment file field. Maximum - supported value is now 65535. - -- update to 3.12.7: - * Stream replication connections configured to use exclusively - TLSv1.3 failed. - * On startup, stream replicas will handle one more potential - case of segment file corruption after an unclean shutdown. - * `default_policies.*.queue_pattern` definition in - `rabbitmq.conf` was incorrectly parsed. - * Avoid log noise when inter-node connections frequently fail - and recover. - * Optimized stream index scans. Longer scans could result in - some replicas stopping with a timeout. - * Classic queue storage version is now a supported key for - operator policies. - * Queue length limit overflow behavior now can be configured - via operator policies. - * Several `list_stream_*` commands (available via both - `rabbitmq-diagnostics` and `rabbitmq-streams`) commands now - can display replica node in addition to other fields. - * `rabbitmqctl add_user` now can accept a pre-generated salted - password instead of a plain text password, both as a - positional argument and via standard input: - * Message consumption with the "Nack message, requeue: true" - option did not actually requeue deliveries. - * HTTP API request body size is now limited to 10 MiB by - default. - * Two endpoints, one that accepts messages for publishing - (note: publishing over the HTTP API is greatly discouraged) - * and another for definition import, - * will now reject larger transfers with a `400 Bad Request` - response. - * `DELETE /api/queues/{vhost}/{name}` now can delete exclusive - queues. - * Key supported by operator policies are now grouped by queue - type in the UI. - * Improved data safety for confirms in environments where the - plugin uses classic queues. - * Avoid an exception when a not fully established MQTT-over- - WebSockets connection terminated. - * Recovery of bindings of durable queues bound to a transient - JMS topic exchange failed. - * Recovery of bindings of durable queues bound to a transient - `x-modulo-hash` exchange failed. - * Recovery of bindings of durable queues bound to a transient - recent history exchange failed. - * `osiris` has been upgraded to `1.6.9` - * Queue recovery on node restart in certain conditions could - run into an exception - * `file_handle_cache` operations are now safer when handling - non-existent keys. - * Fixed a potential resource leak in at-least-once dead - lettering from quorum queues. - * AMQP 1.0 clients that try to publish in a way that results in - the message not being routed anywhere are now notified with - a more sensible settlement status. - * Prometheus scraping API endpoints now support optional - authentication. - * The plugin now filters out values that are `undefined` or - `NaN`, simply excluding them from the API endpoint response. - Previously, if a metric was not computed for any reason (e.g. - free disk space monitor was disabled on the node), - its value could end up being rendered as `undefined` or `NaN`, - two values that Prometheus scrapers cannot handle (for - * The plugin will now enforce maximum STOMP frame size. Frames - larger than that size will be rejected. The default maximum - size is 4 MiB. It can be increased or decreased: - * ``` ini - * # increase maximum supported STOMP frame size to 10 MiB - * stomp.max_frame_size = 10485760 - * ``` - * To reduce it from the default 4 MiB to 2 MiB: - * ``` ini - * # 2 MiB - * stomp.max_frame_size = 2097152 - * ``` - * Shovel will gracefully stop when its destination (target) - does not exist. - * Such shovels will then be periodically restarted to retry. - * It is now possible to opt in to deactivate file handle cache - use in the plugin: - * ``` ini - * web_mqtt.use_file_handle_cache = false - * ``` - * It is now possible to opt in to deactivate file handle cache - use in the plugin: - * ``` ini - * web_stomp.use_file_handle_cache = false - * ``` - * `ra` was upgraded to `2.6.3` - * Declaration of a classic queue could run into an exception. - * Classic queues v1 (CQv1) that had a backlog of messages - stored by 3.9 and earlier versions could run into an exception - during queue index recovery after an upgrade to 3.10.x or any - later series. - * Nodes that had a large number of quorum queues could observe - accumulation of Erlang processes under significant load. - * Feature flag discovery on a newly added node could discover - an incomplete inventory of feature flags. - * Feature flag discovery operations will now be retried - multiple times in case of network failures. - * Nodes in clusters that had quorum queues and non-mirrored - classic queues on stopped (or failed) nodes could run into an - exception. - * The same exception could affect `rabbitmqctl list_queues`. - * Proxy Protocol v2 LOCAL packets were not supported. - * When a quorum queue does not find its local replica data - files on boot, it will now log a warning. - * An attempt to clear limits of a non-existent virtual host - failed with a 500 status code. - * The "Queues" tab in the UI was renamed to "Queue and Streams" - to better reflect its contents. - * New HTTP API endpoints for quorum queue replica management, - equivalent to the `rabbitmq-queues` commands that manage replicas. - * ``` - * POST /api/queues/quorum/{vhost}/{name}/replicas/add - * DELETE /api/queues/quorum/{vhost}/{name}/replicas/remove - * POST /api/queues/quorum/replicas/on/{node}/grow - * DELETE /api/queues/quorum/replicas/on/{node}/shrink - * ``` - * Stream client connections that authenticated using x.509 - certificates failed. - * Only set OAuth 2 client's CA certificate file setting when it - is defined. - * The plugin will now accept JWT tokens without a `scope`. Such - tokens would only be useful when the plugin is used exclusively - for authentication and not authorization. - * `oauth2` is now an accepted alias for the OAuth 2 - authentication and authorization backend: - * ``` - * auth_backends.1 = oauth2 - * ``` - * Previously the only option for OAuth 2 was using a full - module name, `rabbit_auth_backend_oauth2`. - * STOMP plugin log entries had an extra line feed character. - * `ra` was upgraded to `2.6.2` - -- Improve erlang-rabbitmq-client Provides: - The package provides two erlang applications: amqp_client and rabbit_common - which are expected to be Required as erlang-%{appname} - -- Update to 3.12.0 - * Optimizations for both quorum and classic queues: improved throughput, - lower throughput variability, lower latency, lower memory footprint - * More mature and efficient implementation of (non-mirrored) classic - queues v2 (CQv2) - * Classic queue lazy and non-lazy modes no longer apply: classic - queues v2 always behave very similarly - * to the lazy mode in earlier release series: moving data to disk - aggressively and only keeping a subset of data in memory - * Significantly reduced MQTT and Web MQTT memory footprint per connection - * OAuth 2, OIDC, IDP support - * Even more configurability of the OAuth 2 plugin -- More bugfixes and enhancements: - https://www.rabbitmq.com/changelog.html - -- Update to 3.11.3 - + Core Server - * Stream unsubscription leaked metric counters. - * Stream could become unavailable in certain node or network - failure scenarios. - * It is now possible to pre-configure virtual host limits for - groups of virtual hosts. - * Quorum queue replicas no longer try to contact their unreachable - peers for metrics. - + CLI Tools - * rabbitmq-diagnostics status now handles server responses where - free disk space is not yet computed. - * All enabled (explicitly or as a dependency) plugins are scanned. - * rabbitmq-diagnostics memory_breakdown now returns results much - faster in environments with a large number of quorum queues. - -- Update to version 3.10.10: - + Core Server - * Partially reverts an unsafe inter-node communication - optimization that could affect classic mirrored queue - operation ordering. - * Classic mirrored queue leader replica issued to much credit - to follower replicas, resulting in an uneven load and - memory footprint between them. - * Intra-cluster communication link metric collector could run - into an exception when peer connection has just been - re-established, e.g. after a peer node restart. - + MQTT Plugin - * When a node was put into maintenance mode, it closed all MQTT - client connections cluster-wide instead of just local client - connections. -- For updates between 3.10.5 and 3.10.9, please see - https://www.rabbitmq.com/changelog.html - -- Update to 3.10.5 - * Quorum queue could run into an exception when dead lettering a message - under certain conditions. -- Changes from 3.10.4 - * Avoid seeding default user in old clusters that still use the deprecated - management.load_definitions option. - * Streams could run into an exception or fetch stale stream position - data in some scenarios. - * rabbitmqctl set_log_level did not have any effect on logging via - amq.rabbitmq.log - -- Update to 3.10.2 - * Default log level used a four-character severity abbreviation - instead of more common longer format, for example, warn instead - of warning. - * Fix CLI tools failed to run on Erlang 25 - -- add upstream signing key and verify source signature - -- Update to 3.10.0 - * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.10.x/release-notes/3.10.0.md - for the full changelog. - * Potentially breaking changes - - Messages delivered by a quorum queue and negatively acknowledged - with a requeue will be added to the back of the queue until the - queue has redelivery limit set. With a redelivery limit, requeueing - will use the original position of the message if possible. - - idle_since field now uses RFC 3339 format. - -- Update to 3.9.14 - * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.9.x/release-notes/3.9.14.md - for the full changelog. - * Build time compatibility with Elixir 1.13 (gh#rabbitmq/rabbitmq-server#4019) - - Drop Elixir-1.13-OptionParser-no-longer-supports-atom-val.patch - - Drop Support-Elixir-1.13.patch - * Adapt to a breaking Erlang 24.3 LDAP client change. - -- Add zsh BuildRequires to fix "directories not owned by a package" - in zsh-completion. - -- Update to 3.9.13 - * Core Server Bug Fixes and Enhancements - - Disk space monitor now correctly parses output on (at least - some) systems where non-ASCII characters are used in paths. - - Stream leader election is now deterministic when cluster is - undergoing a rolling upgrade. - - Queue and binding definition import can be delayed until a - moment when at least N nodes (e.g. three) have joined the - cluster. -- Allow building with Elixir 1.13.x - * Support-Elixir-1.13.patch - * Elixir-1.13-OptionParser-no-longer-supports-atom-val.patch - -- Update to 3.9.12 - * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.9.x/release-notes/3.9.12.md - for the full changelog. - * Core Server Bug Fixes and Enhancements - - (Fix) Authentication and authorization backend exceptions - could potentially leak user-provided credentials to node log. - - Unnamed parameters and policies in definition files will now - be rejected as invalid. - -- Update to 3.9.11 - * Core Server Bug Fixes - - When a TLS-enabled listener failed to stop, it logged all of - its settings which could contain sensitive values. - * Core Server Enhancements - - Quorum queues now store commands for enqueued messages in a - more compact format on disk (some derivative data has been dropped). - - queue.declare-ok response to AMQP 0-9-1 clients operating on - a stream could return a ready-for-delivery message count - value that was out of sync with the stream leader replica. - - Classic queues now deliver more efficiently on channels that - had global QoS changed during consumer operation. - * Prometheus Plugin Enhancements - - New optional metrics provided by the GET /metrics/detailed - endpoint. These metrics are cluster-wide, and therefore must - not be aggregated. - * Management Agent Plugin Enhancements - - Disabling the plugin will stop metric collection performed - periodically by queues, streams, connections, et cetera. -- Changes in 3.9.10: - * Core Server Bug Fixes - - Make stream coordinator more defensive to rapid declaration - and deletion cycles. - * Core Server Enhancements - - Several inter-node communication listener settings are now - exposed to rabbitmq.conf: - + distribution.listener.port_range.min = 25675 - + distribution.listener.port_range.max = 25675 - + distribution.listener.interface = 192.168.0.1 - * OAuth 2 Plugin Bug Fixes - - Signing keys specified in rabbitmq.conf were not translated - correctly, resulting in exceptions during permission checks. -- Drop upstreamed patch - * harden_rabbitmq-server.service.patch: https://github.com/rabbitmq/rabbitmq-server/pull/3770 - -- Update to 3.9.9: - * Core Server Bug Fixes - - Fixed an issue where node monitor could produce a false network - partition when one of the cluster members was restarted. - - Message store resiliency improvements. - - Reduced log noise in certain scenarios where a new queue leader - is elected. - - Queue leader rebalancing now logs less. - * Prometheus Plugin Bug Fixes - - TLS-enabled Prometheus endpoint listener port was not correctly - stored internally. - * Management Plugin Bug Fixes - - Persistent message count is now displayed correctly on - individual queue pages. - - Restore compatibility with IE 11. - * Consistent Hashing Exchange Plugin Bug Fixes - - Corrected deletion of duplicate bindings between an exchange - and a queue. - * Enhancements - - Core Server: cluster_formation.target_cluster_size_hint is a - new configuration setting that can be used to specify expected - initial cluster size. - - Prometheus Plugin: Metric rendering efficiency improvements - (mostly latency). -- Don't install the (now gone) OCF script. -- Refreshed patch: - * harden_rabbitmq-server.service.patch - -- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): - * harden_rabbitmq-server.service.patch - Modified: - * rabbitmq-server.service - -- Update to 3.9.8: - * Core Server Bug Fixes - - When the mandatory flag was used when publishing to classic - queues, but publisher confirms were not, channels memory - usage would grow indefinitely. - - rabbitmq-diagnostics memory_breakdown failed to read memory - of connection reader, writer and channel processes. - - In some environments, Stream replicas advertised IP - addresses that could not be reached by cluster peers. - RabbitMQ node hostnames are now advertised as well so that - other peers can resolve them to get an externally visible IP - address. - * Prometheus Plugin Enhancements - - More data is exposed via the GET /metrics/detailed endpoint. - * Management Plugin Bug Fixes - - When setting topic permissions, the list of exchanges in the - UI now honors the currently selected virtual host. - * AWS Peer Discovery Plugin Enhancements - - The plugin now logs more details for failed AWS API - requests. - * Web STOMP Plugin Enhancements - - STOMP-over-WebSockets connections now can consume from - streams. - -- Update to 3.9.7: - + All Components - * All bytecode is now compiled using the +deterministic - compiler flag. This should eliminate the capture of some - irrelevant build environment attributes in produced - artifacts, improve consistency between builds, and reduce the - file level diff between release artifacts. - + Core Server - * Enhancements - - Classic queue shutdown now uses a much higher timeout (up - to 10 minutes instead of 30 seconds). - - In environments with many queues (especially mirrored - queues) and many consumers this means that the chance of - queue indices rebuilding after node restart is now - substantially lower. - * Bug Fixes - - Quorum queues no longer leak memory and disk space when a - consumer is repeatedly added and cancelled on an empty - queue. - + Prometheus Plugin - * Enhancements - - More configurability for metrics exposed via the Prometheus - endpoint. - + Shovel Plugin - * Bug Fixes - - Shovel URIs could be logged with credentials in some - scenarios. - + Dependency Upgrades - * observer_cli has been upgraded from 1.6.2 to 1.7.1 - -- Update to 3.9.6: - + Core Server - * Bug Fixes - - TLS information delivered in Proxy protocol header is now - attached to connection metrics as if it was provided by a - non-proxying client. - - max_message_size had a one-off error in the validator. - - mirroring_sync_batch_size was incorrectly validated as if - it represented batch size in bytes. - + Stream Plugin - * Bug Fixes - - Offset parameters were not stored correctly in some cases. - - Partitions list order is now stable. - - When stream clients close connections abruptly, publisher - and consumer metrics get cleaned up correctly. - + Management Plugin - * Enhancements - - Stream publishers are now listed on the individual stream - page. - - Counters have been added to the tiles of several sections - on detail pages. - + Dependency Upgrades - * Osiris was upgraded to 1.2.0 - * Ranch was upgraded to 2.1.0 -- Removes socat dependency from specs. - (gh#rabbitmq/rabbitmq-packaging#8) -- Fix rpmlint errors: - * E: script-without-shebang for autocomplete scripts - * E: dir-or-file-in-run /run/rabbitmq - -- Update to 3.9.5: - + Core Server - * Bug Fixes - - Virtual host metadata (description, tags) was not imported - from definitions. - - Reduced unnecessary debug logging from streams. - + AWS Peer Discovery Plugin - * Enhancements - - AWS API calls are now retried multiple times. - + Management Plugin - * Enhancements - - PUT /api/vhosts/{name} now can update metadata (tags and - descriptions) for existing virtual hosts. - -- Add install-bin and install-man to make target, and install into - /usr/lib instead of /usr/lib64 on 64-bit platforms (boo#1189784). -- Add deps/rabbit/docs/set_rabbitmq_policy.sh.example to %doc. - -- Separate autocomplete files into individual packages. - -- Update to 3.9.4: - * Bug fixes, see https://www.rabbitmq.com/changelog.html -- Major changes from 3.9.0: - * Streams: a new messaging abstraction complementary to queues - * Support for Erlang 24 - * Kubernetes Cluster Operator and Messaging Topology Operator - * Minimum required Erlang version is now 23.2 -- Fix spec file to align with gh#rabbitmq/rabbitmq-packaging/RPMS/Fedora/rabbitmq-server.spec. -- Update rabbitmq-server.service and rabbitmq-server.logrotate. -- Remove unused sources: - + Already in source: - * advanced.config.example - * rabbitmq-script-wrapper - * rabbitmq.conf.example - * rabbitmq.config.example - + Deprecated: - * rabbitmq-server.init - * rabbitmq-server.sysconfig - -- Use /run instead of deprecated /var/run in tmpfiles.conf - (bsc#1185075) - -- Update to RabbitMQ 3.8.16 - * This is the first release to drop support for Erlang 22.3 and - introduce support for the upcoming Erlang 24 release - * AWS Peer Discovery Plugin was unintentionally excluded from the - distribution in 3.8.15 and has now been added back. - * Management Plugin: Messaging polling HTTP API endpoint leaked - temporary connections it used in case of a polling timeout. - -- Update to RabbitMQ 3.8.15 - * Fixed quorum queues did not take snapshots as frequently as they - are expected to with some configurations. - * Fixed quorum queue name was unintentionally limited: the length - of virtual host and actual queue name was limited to 254 characters - * Fixed deleting a quorum queue would leave some of its internal - metrics data around. - * Client destination address is now obtained w.r.t. the Proxy - protocol settings. - * Full changes: - https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.15 -- Update to RabbitMQ 3.8.14 - * Fixed direct reply-to failed witn an exception on Erlang 22.3 -- Update to RabbitMQ 3.8.13 - * Fixed nodes that had an unusually long name could overflow - message property lengths with the direct reply-to identifier - they generated. -- Update to RabbitMQ 3.8.12 - * Maintenance mode no longer transfers leaders of classic mirrored - queue. - * Exclusive queues that happen to be matched by classic queue - mirroring policies will no longer be considered for rebalancing - operations since they are not actually mirrored - * Default replica count for quorum queues was using an incorrect - configuration key name. The default value is now 3, so in a - cluster of five or seven nodes, only three will host replicas - for newly declared quorum queues. - * Default runtime busy waiting settings were changed to none by - default, which reduces CPU footprint on nodes that are mostly idle. - * Definition import now imports runtime parameters after exchanges, - queues, and bindings to reduce the likelihood of starting dynamic - Shovels from racing with topology imports. - * Fixed memory monitor could run into an exception if queried very - early on node boot before it was fully initialized. - rshim +- Update to 2.0.29.1 (jsc#PED-6843 jsc#PED-6979) + * Output SECURE_NIC_MODE in /dev/rshim/misc + * Allow remote installation via bfb-install + * Make DROP_MODE more robust + * Avoid race in bfb push when accessing from BMC and rshim tool in parallel + * Fix handshake between NIC F and rshim over PCIe + suseconnect-ng -- Allow "--rollback" flag to run on readonly filesystem (bsc#1220679) +- Update to version 1.9.0 + * Fix certificate import for Yast when using a registration proxy with + self-signed SSL certificate (bsc#1223107) + +- Update to version 1.8.0 + * Allow "--rollback" flag to run on readonly filesystem (bsc#1220679) systemd +- Restore the gpt-auto generator. The workaround is not needed anymore as commit + d317008225 (see below) should fix the issue reported in bsc#1218671. + +- Import commit e8d77af4240894da620de74fbc7823aaaa448fef + d317008225 gpt-auto-generator: be more defensive when checking the presence of ESP in fstab + fed117d448 journalctl: explicitly check < 0 for error + 41d9e82099 journalctl: make --until work again with --after-cursor and --lines (bsc#1221906) + tpm2 +- Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote + did not check whether the magic number in the attest is equal to + TPM2_GENERATED_VALUE, which might allow a malicious actor to generate + arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038). +- Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch: + tpm2_checkquote did not compare the --pcr parameter passed to the tool with + the attest. A malicious actor might thus be able to fake a valid + attestation (bsc#1223689, CVE-2024-29039). + tpm2-0-tss +- add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes + CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in + Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary + quote data, which would not be detected by Fapi_VerifyQuote(). + trousers +- fix runtime requirements for stat and udevadm (bsc#1221770). On minimal + systems this can cause the %pretrans or %post scriptlets to fail because of + missing tools. + -- trousers-wrap_large_key_overflow.patch: Do not wrap keys larger than - 2048 bit, as the space on the TPM is limited to that amount. (bnc#868933) - virt-manager +- bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS + version should be SL Micro 6.0 + virtinst-add-slm-detection-support.patch + +- Disable mdev tests with introduction of libvirt 10.1.0 + virt-manager.spec + virt-v2v +- bsc#1223444 - New virt-v2v dependency on btrfsprogs causes error + with zypper dup on systems without btrfs installed + Drop Requires on the following packages and move them into + libguestfs-appliance + btrfsprogs, curl, dhcp-client, e2fsprogs, gptfdisk + ntfsprogs, xfsprogs + wireplumber +- Better fix for (bsc#1223916) that basically turns the main + profile into the (to be in 0.5.3) video-only profile unless + wireplumber-audio is installed which now turns the main profile + into exactly upstream's main profile. + +- Add patch from upstream to fix a json log issue: + * 0001-lua-json-fix-error-ouput.patch +- Add patch from upstream to add a method to merge json containers: + * 0002-lua-json-add-method-to-merge-json-containers.patch +- Add patch from upstream to fix merging a particular case + of configuration options: + * 0003-json-utils-fix-overriding-of-non-container-values-when.patch +- Fix wireplumber not starting successfully when audio support is + not enabled since the main profile now requires it. The best + option would be to use a video-only profile but it's too late + to change the way wireplumber is started in SLE/Leap, so the + solution just makes audio/bluetooth optional for now + (bsc#1223916) + * split-config-file.py + +- Update to version 0.5.2: + * Highlights: + - Added support for loading configuration files other than the + default wireplumber.conf within Lua scripts (!629) + - Added support for loading single-section configuration files, + without fragments (!629) + - Updated the node.software-dsp script to be able to load + filter-chain graphs from external configuration files, which + is needed for Asahi Linux audio DSP configuration (!629) + * Fixes: + - Fixed destroying camera nodes when the camera device is + removed (#627, !631) + - Fixed an issue with Bluetooth BAP device set naming (!632) + - Fixed an issue caused by the pipewire event loop not being + "entered" as expected (!634, #638) + - A false positive warning about no modules being loaded is + now suppressed when using libpipewire >= 1.0.5 (#620) + - Default nodes can now be selected using priority.driver when + priority.session is not set (#642) + * Changes: + - The library version is now generated following pipewire's + versioning scheme: libwireplumber-0.5.so.0.5.2 becomes + libwireplumber-0.5.so.0.0502.0 (!633) +- Remove patches from upstream that are already in 0.5.2: + * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch + * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch + * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch + +- Add patch from upstream to silence a warning on pipewire + (since 1.0.5): + * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch +- Add patch from upstream to fix a dangling reference to a device: + * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch +- Add patch from upstream to fix BAP node naming: + * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch + yast2 +- Properly close nested progress callbacks (bsc#1223281) +- 4.6.8 + yast2-trans +- Update to version 84.87.20240428.f3ddce30c5: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Hungarian) + * Translated using Weblate (Hungarian) + * Translated using Weblate (Japanese) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + +- Update to version 84.87.20240421.63804708b7: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Czech) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * New POT for text domain 'storage'. + * New POT for text domain 'docker'. + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + +- Update to version 84.87.20240414.d73f60d6af: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + +- Update to version 84.87.20240407.b46e9ca4fd: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Czech) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * New POT for text domain 'bootloader'. + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + +- Update to version 84.87.20240331.90b1d91d29: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (Catalan) + * Translated using Weblate (Czech) + * Translated using Weblate (Japanese) + * New POT for text domain 'rmt'. + * New POT for text domain 'control'. + +- Update to version 84.87.20240324.ae2a0736e6: + * Translated using Weblate (Romanian) + * Translated using Weblate (Romanian) + * New POT for text domain 'gtk'. + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (German) + * Translated using Weblate (Swedish) + * Translated using Weblate (German) + +- Update to version 84.87.20240317.9b1b5b2b95: + * Translated using Weblate (Catalan) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Japanese) + * New POT for text domain 'bootloader'. + * New POT for text domain 'registration'. + * New POT for text domain 'packager'. + * Translated using Weblate (French) + * Added translation using Weblate (French) + * Translated using Weblate (Catalan) + +- Update to version 84.87.20240309.6826dab25a: + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Lithuanian) + * New POT for text domain 'storage'. + * Translated using Weblate (Czech) + * Translated using Weblate (Czech) + * Translated using Weblate (Japanese) + * New POT for text domain 'xpram'. + * New POT for text domain 's390'. + * New POT for text domain 'sap-installation-wizard'. + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (French) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Italian) + * Translated using Weblate (German) + +- Update to version 84.87.20240304.419739cb87: + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Slovak) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Japanese) + * Translated using Weblate (Spanish) + * Translated using Weblate (Catalan) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Italian) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Dutch) + * Translated using Weblate (German) + * New POT for text domain 'bootloader'. + * Translated using Weblate (Russian) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Russian) + * Translated using Weblate (Russian) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + +- Update to version 84.87.20240224.f7ab2886c1: + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Spanish) + +- Update to version 84.87.20240219.f6e4117fe0: + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * Translated using Weblate (Czech) + * New POT for text domain 'packager'. + * New POT for text domain 'installation'. + * New POT for text domain 'hana-ha'. + * New POT for text domain 'control'. + +- Update to version 84.87.20240210.1383f689ba: + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Czech) + * New POT for text domain 'control'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Czech) + * Translated using Weblate (Catalan) + +- Update to version 84.87.20240205.897f2593b3: + * New POT for text domain 'control'. + * Translated using Weblate (Russian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * Translated using Weblate (Georgian) + * New POT for text domain 'installation'. + +- Update to version 84.87.20240126.9c7185e3f6: + * New POT for text domain 'installation'. + * New POT for text domain 'base'. + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * New POT for text domain 'sap-installation-wizard'. + +- Update to version 84.87.20240120.54f4b9f06a: + * New POT for text domain 'sap-installation-wizard'. + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + +- Update to version 84.87.20240112.f631673f01: + * Translated using Weblate (Russian) + * New POT for text domain 'packager'. + * New POT for text domain 'users'. + * New POT for text domain 'proxy'. + * New POT for text domain 'nis'. + * New POT for text domain 'network'. + * New POT for text domain 'installation'. + * New POT for text domain 'firewall'. + +- Update to version 84.87.20240105.ae431f155e: + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (Romanian) + +- Update to version 84.87.20231230.7bdda36766: + * New POT for text domain 'security'. + * New POT for text domain 'pam'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'add-on'. + * Translated using Weblate (Georgian) + * New POT for text domain 'installation'. + * New POT for text domain 'autoinst'. + * Translated using Weblate (Czech) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + +- Update to version 84.87.20231224.d98b72cc24: + * Translated using Weblate (Japanese) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * New POT for text domain 'update'. + * New POT for text domain 'firstboot'. + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * New POT for text domain 'installation'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + * Translated using Weblate (Macedonian) + +- Update to version 84.87.20231216.c47de7a4bf: + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Czech) + * Translated using Weblate (Catalan) + * New POT for text domain 'pam'. + * New POT for text domain 'control'. + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Czech) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) + * Translated using Weblate (Swedish) +