Packages changed: libX11 sssd (2.3.0 -> 2.3.1) transactional-update (2.22 -> 2.23) xorg-x11-server === Details === ==== libX11 ==== Subpackages: libX11-6 libX11-data libX11-xcb1 - U_006-Fix-size-calculation-in-_XimAttributeToValue.patch: * Regression fix in previous XIM client head overflow fixes (CVE-2020-14344, bsc#1174628) - U_001-ChangeTheData_lenParameterOf_XimAttributeToValueToCARD16.patch, U_002-FixIntegerOverflowsIn_XimAttributeToValue.patch, U_003-FixMoreUncheckedLengths.patch, U_004-FixSignedLengthValuesIn_XimGetAttributeID.patch, U_005-ZeroOutBuffersInFunctions.patch, * XIM client heap overflows (CVE-2020-14344, bsc#1174628) ==== sssd ==== Version update (2.3.0 -> 2.3.1) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to release 2.3.1 * Domains can be now explicitly enabled or disabled using enable option in domain section. This can be especially used in configuration snippets. * New configuration options memcache_size_passwd, memcache_size_group, memcache_size_initgroups that can be used to control memory cache size. * Fixed several regressions in GPO processing introduced in sssd-2.3.0 * Fixed regression in PAM responder: failures in cache only lookups are no longer considered fatal. * Fixed regression in proxy provider: pwfield=x is now default value only for sssd-shadowutils target. - sssd-wbclient is obsolete and no longer shipped ==== transactional-update ==== Version update (2.22 -> 2.23) Subpackages: transactional-update-zypp-config - Version 2.23 - Add "run" command to be able to execute a single command in a new snapshot - Add "--drop-if-no-change" option to discard snapshots if no changes were perfomed (BETA, required for Salt integration) - Removed previous CaaSP Salt support (gh#openSUSE/transactional-update#33) - Avoid "file not found" message on systems without /var subvol ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-wayland - U_FixForZDI-11426.patch * Leak of uninitialized heap memory form the X server to clients on pixmap allocation (ZDI-CAN-11426, CVE-2020-14347, bsc#1174633)