Weekly portage-stable package updates 2024-07-01

[github-actions]

CI (with SDK) 🟢: http://jenkins.infra.kinvolk.io:8080/job/container/job/sdk/1556/cldsv/

Closes flatcar/Flatcar#1383
Closes flatcar/Flatcar#1446
Closes flatcar/Flatcar#1447
Closes flatcar/Flatcar#1452
Closes flatcar/Flatcar#1454
Closes flatcar/Flatcar#1456
Closes flatcar/Flatcar#1457

---

• app-arch/libarchive: [PROD] [DEV]

  • from 3.7.2-r3 to 3.7.4
  • fixes CVE-2024-26256, CVE-2024-37407
    • update: libarchive Flatcar#1457
  • release notes: https://github.com/libarchive/libarchive/releases/tag/v3.7.4 https://github.com/libarchive/libarchive/releases/tag/v3.7.3

• app-arch/zstd: [PROD] [DEV]

  • from 1.5.5-r1 to 1.5.6
  • release notes: https://github.com/facebook/zstd/releases/tag/v1.5.6

• app-containers/containers-common:

  • from 0.58.0-r1 to 0.59.1
  • release notes: https://github.com/containers/common/releases/tag/v0.59.1

• app-containers/containers-image:

  • still at 5.30.0
  • block on app-containers/containers-common <= 0.57.0 (we have updated to 0.59.1)

• app-crypt/ccid:

  • still at 1.5.4
  • reconfigure sources from scratch (to rerun libtoolize and bring in new libtool patches)

• app-crypt/gnupg: [PROD] [DEV]

  • from 2.4.4-r1 to 2.4.5-r1
  • release notes: https://lists.gnupg.org/pipermail/gnupg-announce/2024q1/000482.html

• app-crypt/mit-krb5: [PROD] [DEV]

  • from 1.21.2 to 1.21.3
  • bumped python compat to 3.11..13
  • still unstable on arm64, so added accept keywords to overlay profiles
  • dropped threads USE flag - threads support is enabled unconditionally now
  • fixes CVE-2024-26461, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371
    • update: mit-krb5 Flatcar#1383
  • release notes: https://web.mit.edu/kerberos/krb5-1.21/README-1.21.3.txt

• app-crypt/pinentry: [PROD] [DEV]

  • from 1.2.1-r4 to 1.2.1-r7
  • nothing interesting

• app-crypt/tpm2-tools: [PROD] [DEV]

  • from 5.5 to 5.6.1
  • fixes CVE-2024-29038, CVE-2024-29039, CVE-2024-29040
    • update: tpm2-{tools,tss} Flatcar#1454
  • release notes: https://github.com/tpm2-software/tpm2-tools/releases/tag/5.6.1 https://github.com/tpm2-software/tpm2-tools/releases/tag/5.6

• app-crypt/tpm2-tss: [PROD] [DEV]

  • from 4.0.1 to 4.0.2-r1
  • fixes CVE-2024-29038, CVE-2024-29039, CVE-2024-29040
    • update: tpm2-{tools,tss} Flatcar#1454
  • release notes: https://github.com/tpm2-software/tpm2-tss/releases/tag/4.0.2

• app-editors/vim: [PROD] [DEV]

  • from 9.0.2167 to 9.1.0366
  • release notes: https://github.com/vim/vim/commits/v9.1.0366/ https://www.vim.org/vim-9.1-released.php

• app-editors/vim-core: [PROD] [DEV]

  • from 9.0.2167 to 9.1.0366-r1
  • release notes: https://github.com/vim/vim/commits/v9.1.0366/ https://www.vim.org/vim-9.1-released.php

• app-emulation/qemu:

  • from 8.1.5 to 8.2.3
  • release notes: https://wiki.qemu.org/ChangeLog/8.2

• app-emulation/qemu-guest-agent: [PROD] [DEV]

  • from 8.0.3 to 8.2.0
  • bumped python compat to 3.10..13
  • added a keyword for arm64, can be pulled into arm64 production images too later
  • fixed a cross-compilation issue
  • release notes: https://wiki.qemu.org/ChangeLog/8.2#Guest_agent

• app-eselect/eselect-pinentry:

  • from 0.7.3 to 0.7.4
  • release notes: https://gitweb.gentoo.org/repo/gentoo.git/commit/app-eselect/eselect-pinentry?id=fe64d8bd46d8e8859d6442e34766bf423121fc11

• app-portage/elt-patches:

  • from 20240315 to 20240512
  • release notes: https://gitweb.gentoo.org/proj/elt-patches.git/log/?h=20240512

• app-portage/gentoolkit:

  • still at 0.6.5
  • stop fixing shebangs in library files

• app-portage/getuto: [DEV]

  • from 1.10.2 to 1.13
  • release notes: https://github.com/projg2/getuto/commits/getuto-1.13/

• app-shells/bash: [PROD] [DEV]

  • from 5.2_p26 to 5.2_p26-r6
  • became stable, so dropped accept keywords from overlay profiles
  • lots of reformatting in the ebuild
  • split bashrc into bashrc.d files
  • fixed support for eprefix in bashrc.d files
    • the files in bashrc.d must have .sh or .bash suffix

• app-shells/bash-completion: [DEV]

  • from 2.11 to 2.14.0
  • added block on app-text/tree < 2.1.1-r1
    • we don't even have this package anyway
  • release notes: https://github.com/scop/bash-completion/releases/tag/2.14.0 https://github.com/scop/bash-completion/releases/tag/2.13.0 https://github.com/scop/bash-completion/releases/tag/2.12.0

• app-shells/gentoo-bashcomp: [DEV]

  • from 20230313 to 20240625
  • release notes: https://gitweb.gentoo.org/proj/gentoo-bashcomp.git/log/?h=gentoo-bashcomp-20240625

• dev-cpp/gtest:

  • from 1.13.0 to 1.14.0-r1
  • bumped python compat to 3.10..13
  • release notes: https://github.com/google/googletest/releases/tag/v1.14.0

• dev-db/sqlite: [PROD] [DEV]

  • from 3.45.1-r1 to 3.45.3
  • release notes: https://www.sqlite.org/releaselog/3_45_3.html

• dev-lang/perl:

  • from 5.38.2-r2 to 5.38.2-r3
  • replaced debug, ithreads and quadmath IUSE flags with perl_features_* counterparts
    • this is made to work with the new PERL_FEATURES expand variable.
    • not relevant really to us, since we didn't use any of those so far

• dev-lang/python: [DEV]

  • from 3.11.9 to 3.11.9-r1
  • became stable, so dropped accept keywords from overlay profiles
  • added dependency on dev-libs/mpdecimal

• dev-lang/swig:

  • from 4.1.1-r1 to 4.2.1
  • release notes: https://sourceforge.net/p/swig/news/2024/02/swig-421-released/ https://sourceforge.net/p/swig/news/2023/12/swig-420-released/

• dev-libs/cJSON: [DEV]

  • from 1.7.17 to 1.7.18
  • EAPI 8
  • release notes: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.18

• dev-libs/cyrus-sasl:

  • still at 2.1.28-r4
  • added some fix for LTO builds

• dev-libs/glib: [PROD] [DEV]

  • from 2.78.3 to 2.78.6
  • bumped python compat to 3.10..12
  • added a build dependency on dev-python/packaging
  • fixes CVE-2024-34397
    • update: glib Flatcar#1456
  • release notes: https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.6 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.5 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.4

• dev-libs/libassuan: [PROD] [DEV]

  • from 2.5.6 to 2.5.7
  • release notes: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libassuan.git;a=blob;f=NEWS;h=047f12b7c3ee0c8c1718a2da8b5a6bb9dd541fd8;hb=cc2f776904e0b5e56e2b81b2672ca98d7787ed1b

• dev-libs/libdnet:

  • from 1.16.4 to 1.18.0-r1
  • bumped python compat to 3.10..12
  • became stable, so dropped accept keywords from overlay
  • release notes: https://github.com/ofalk/libdnet/releases/tag/libdnet-1.18.0

• dev-libs/libgpg-error: [PROD] [DEV]

  • from 1.47-r1 to 1.49
  • added running of libtoolize to made sure that the new libtool patches are applied
  • release notes: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=NEWS;h=8ac4bf36113fe9254a361e2bc8d0ed52383839ce;hb=faed9c271ad22bbd2ed265d8e11badb53b7a2f32

• dev-libs/libnl: [PROD] [DEV]

  • from 3.8.0 to 3.9.0
  • bumped python compat to 3.10..12
  • release notes: none

• dev-libs/libpcre2: [PROD] [DEV]

  • from 10.42-r2 to 10.43
  • EAPI 8
  • release notes: https://github.com/PCRE2Project/pcre2/blob/pcre2-10.43/NEWS

• dev-libs/libpwquality: [PROD] [DEV]

  • from 1.4.5-r1 to 1.4.5-r2
  • bumped python compat to 3.10..12

• dev-libs/libsodium: [PROD] [DEV]

  • from 1.0.19-r2 to 1.0.19_p20240117
  • this is a stable snapshot, possibly to bring a fix in one of the header files

• dev-libs/libusb: [PROD] [DEV]

  • from 1.0.26 to 1.0.27-r1
  • EAPI 8
  • stopped inheriting usr-ldscript, helping us to move closer to removal of the eclass from portage-stable
  • regenerate build system to bring possible libtool patches
  • release notes: https://github.com/libusb/libusb/blob/v1.0.27/ChangeLog

• dev-libs/libxml2: [PROD] [DEV]

  • from 2.12.5 to 2.12.7
  • fixes CVE-2024-34459
    • update: libxml2 Flatcar#1447
  • release notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7 https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.6

• dev-libs/nettle: [PROD] [DEV]

  • from 3.9.1 to 3.9.1-r1
  • some powerpc fix, not relevant

• dev-libs/opensc:

  • from 0.24.0 to 0.25.1
  • became stable so dropped accept keywords from overlay profiles
  • release notes: https://github.com/OpenSC/OpenSC/releases/tag/0.25.0

• dev-libs/yajl:

  • still at 2.1.0-r5
  • this package is unstable so added accept keywords to overlay profiles
    • an artifact of a not clean import from Gentoo

• dev-python/crcmod:

  • still at 1.7-r5
  • bumped python compat to 3.10..13

• dev-python/cython:

  • still at 3.0.10
  • bumped python compat to 3.10..13
  • became stable, so dropped accept keywords from overlay profiles

• dev-python/distro:

  • still at 1.9.0
  • bumped python compat to 3.10..13

• dev-python/docutils:

  • from 0.20.1-r1 to 0.21.2
  • bumped python compat to 3.10..13
  • added a dependency on dev-python/pillow
  • release notes: https://docutils.sourceforge.io/RELEASE-NOTES.html#release-0-21-2-2024-04-23

• dev-python/editables:

  • still at 0.5
  • bumped python compat to 3.10..13

• dev-python/ensurepip-setuptools: [DEV]

  • from 69.2.0 to 70.0.0
  • release notes: https://github.com/pypa/setuptools/releases/tag/v70.0.0

• dev-python/fasteners:

  • still at 0.19
  • bumped python compat to 3.10..13

• dev-python/gpep517:

  • from 15 to 16
  • EAPI 8
  • bumped python compat to 3.10..13
  • changed license from MIT to GPL-2+
  • release notes: https://github.com/projg2/gpep517/commits/v16/

• dev-python/hatchling:

  • from 1.22.5-r1 to 1.24.2
  • bumped python compat to 3.10..13
  • bumped dev-python/packaging dependency to >=23.2
  • release notes: https://github.com/pypa/hatch/releases/tag/hatchling-v1.24.2

• dev-python/installer:

  • still at 0.7.0
  • bumped python compat to 3.10..13

• dev-python/jaraco-context:

  • from 5.1.0 to 5.3.0
  • bumped python compat to 3.10..13
  • added runtime dependency on dev-python/backports-tarfile
  • release notes: https://github.com/jaraco/jaraco.context/blob/v5.3.0/NEWS.rst

• dev-python/jaraco-functools:

  • from 4.0.0 to 4.0.1
  • bumped python compat to 3.10..13
  • release notes: https://github.com/jaraco/jaraco.functools/blob/v4.0.1/NEWS.rst

• dev-python/jaraco-text:

  • still at 3.12.0
  • bumped python compat to 3.10..13

• dev-python/jinja:

  • from 3.1.3 to 3.1.4
  • bumped python compat to 3.10..13
  • dropped examples USE flag
    • I guess examples are not installed any more?
  • release notes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• dev-python/lazy-object-proxy:

  • still at 1.10.0
  • bumped python compat to 3.10..13

• dev-python/lxml:

  • from 5.2.1 to 5.2.2
  • bumped python compat to 3.10..13
  • release notes: https://lxml.de/5.2/changes-5.2.2.html

• dev-python/markupsafe:

  • still at 2.1.5
  • bumped python compat to 3.10..13

• dev-python/more-itertools:

  • from 10.2.0 to 10.3.0
  • bumped python compat to 3.10..13
  • release notes: https://github.com/more-itertools/more-itertools/releases/tag/v10.3.0

• dev-python/ordered-set:

  • still at 4.1.0
  • bumped python compat to 3.10..13

• dev-python/packaging:

  • from 24.0 to 24.1
  • bumped python compat to 3.10..13
  • release notes: https://github.com/pypa/packaging/releases/tag/24.1

• dev-python/pathspec:

  • still at 0.12.1
  • bumped python compat to 3.10..13

• dev-python/platformdirs:

  • from 4.2.0 to 4.2.2
  • bumped python compat to 3.10..13
  • release notes: https://github.com/platformdirs/platformdirs/releases/tag/4.2.2

• dev-python/pluggy:

  • from 1.4.0 to 1.5.0
  • bumped python compat to 3.10..13
  • release notes: https://github.com/pytest-dev/pluggy/blob/1.5.0/CHANGELOG.rst

• dev-python/pygments:

  • from 2.17.2 to 2.18.0
  • bumped python compat to 3.10..13
  • release notes: https://github.com/pygments/pygments/releases/tag/2.18.0

• dev-python/setuptools:

  • from 69.2.0-r1 to 70.0.0
  • bumped python compat to 3.10..13
  • hard block on dev-python/setuptools-rust <1.8.0
    • we don't have it anyway
  • bumped dev-python/packaging depdendency to >=24
  • dropped dependency on dev-python/tomli
    • this allowed us to drop the package from Flatcar
  • release notes: https://github.com/pypa/setuptools/releases/tag/v70.0.0

• dev-python/six:

  • still at 1.16.0-r1
  • bumped python compat to 3.10..13

• dev-python/snakeoil:

  • still at 0.10.8
  • bumped python compat to 3.10..13

• dev-python/trove-classifiers:

  • from 2024.3.25 to 2024.5.22
  • bumped python compat to 3.10..13
  • release notes: https://github.com/pypa/trove-classifiers/releases/tag/2024.5.22

• dev-python/wheel:

  • still at 0.43.0
  • bumped python compat to 3.10..13

• dev-util/bpftool: [PROD] [DEV]

  • from 6.7.6-r1 to 6.8.2
  • release notes: https://kernelnewbies.org/Linux_6.8#Tracing.2C_perf_and_BPF

• dev-util/gdbus-codegen:

  • from 2.78.3 to 2.78.6
  • added a dependency on dev-python/packaging
  • release notes: https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.6 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.5 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.4

• dev-util/glib-utils:

  • from 2.78.3 to 2.78.6
  • release notes: https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.6 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.5 https://gitlab.gnome.org/GNOME/glib/-/releases/2.78.4

• dev-util/pkgconf: [PROD] [DEV]

  • from 2.1.1 to 2.2.0
  • release notes: https://github.com/pkgconf/pkgconf/blob/pkgconf-2.2.0/NEWS

• dev-util/re2c:

  • still at 2.2
  • bumped python compat to 3.10..13

• dev-vcs/git: [PROD] [DEV]

  • from 2.43.2 to 2.44.2
  • fixes CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465
    • update: git Flatcar#1446
  • release notes: https://github.com/git/git/blob/v2.44.2/Documentation/RelNotes/2.44.2.txt

• eclass/acct-group.eclass:

  • allow ACCT_GROUP_NAME to be overridden in overlays

• eclass/acct-user.eclass:

  • allow ACCT_USER_NAME to be overridden in overlays

• eclass/alternatives.eclass:

  • support EAPI 8

• eclass/autotools.eclass:

  • made dependency on sys-devel/gnuconfig optional

• eclass/dist-kernel-utils.eclass:

  • pull in mount-boot-utils eclass
  • move mount boot check into this eclass

• eclass/distutils-r1.eclass:

  • bunch of boring changes around testing and stuff, yawn
  • bumped dev-python/scikit-build-core dep to >=0.9.4
    • we don't even have this package in Flatcar
  • added support for reusing Python wheels

• eclass/edo.eclass:

  • made edob function to log output of noisy commands

• eclass/elisp-common.eclass:

  • silenced some warnings made by Emacs

• eclass/flag-o-matic.eclass:

  • TODO: allow -mevex512 and -mno-evex512

• eclass/gnuconfig.eclass:

  • dropped support for EAPI 5
  • made dependency on sys-devel/gnuconfig optional

• eclass/java-utils-2.eclass:

  • java stuff, who cares, something with ant and runtime jars, yadda yadda

• eclass/linux-info.eclass:

  • improved binpkg handling

• eclass/ltprune.eclass:

  • marked as dead

• eclass/meson.eclass:

  • replaced "meson compile" with a direct call to eninja

• eclass/mount-boot-utils.eclass:

  • added from Gentoo

• eclass/mount-boot.eclass:

  • dropped support for EAPI 6
  • moved parts of the eclass into mount-boot-utils

• eclass/python-r1.eclass:

  • some fixes for subphases

• eclass/python-utils-r1.eclass:

  • added python 3.13

• eclass/readme.gentoo-r1.eclass:

  • doc fixes

• eclass/toolchain.eclass:

  • added some fixes for rust and ada

• eclass/unpacker.eclass:

  • added from Gentoo

• eclass/xorg-3.eclass:

  • made autotools dependencies optional

• licenses:

  • dropped Code-Synthesis-ODB, FFSL, GFL, OFL, PDB, bluez-firmware, ipw3945
  • added OFL-1.0, Unicode-3.0, microsoft-azurevpnclient

• net-analyzer/nmap: [PROD] [DEV]

  • from 7.94 to 7.95
  • bumped python compat to 3.10..12
  • replaced dev-libs/libpcre dependency with dev-libs/libpcre2
  • note: this package is planned to be dropped
  • release notes: https://nmap.org/changelog.html#7.95

• net-dns/c-ares: [PROD] [DEV]

  • from 1.27.0 to 1.28.1
  • became stable, so dropped accept keywords from overlay profiles
  • release notes: https://github.com/c-ares/c-ares/releases/tag/cares-1_28_1 https://github.com/c-ares/c-ares/releases/tag/cares-1_28_0

• net-dns/libidn2:

  • still at 2.3.7
  • regenerate build system to get possible libtool patches

• net-firewall/ipset: [PROD] [DEV]

  • from 7.21 to 7.21-r1
  • some new openrc init file
    • not relevant in Flatcar

• net-libs/gnutls: [PROD] [DEV]

  • from 3.8.5 to 3.8.5-r1
  • still unstable, so updated accept keywords in overlay profiles
  • added a patch to fix wireshark

• net-misc/curl: [PROD] [DEV]

  • from 8.7.1-r3 to 8.7.1-r4
  • became stable, so dropped accept keywords from overlay profiles
  • added a patch to fix git clone

• net-misc/passt:

  • from 2024.03.26 to 2024.05.10
  • release notes: https://archives.passt.top/passt-user/20240510225714.6aa8e6c0@elisabeth/T/#u

• net-misc/rsync: [PROD] [DEV]

  • from 3.2.7-r4 to 3.3.0
  • bumped python compat to 3.10..12
  • release notes: https://github.com/RsyncProject/rsync/blob/v3.3.0/NEWS.md

• net-misc/wget: [PROD] [DEV]

  • from 1.21.4 to 1.24.5
  • bumped python compat to 3.10..12
  • added libproxy USE flag
    • pulls in net-libs/libproxy as a dependency
    • we don't enable it
  • release notes: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00002.html

• net-misc/whois: [PROD] [DEV]

  • from 5.5.20 to 5.5.21
  • release notes: https://github.com/rfc1036/whois/blob/v5.5.21/debian/changelog

• net-nds/openldap: [PROD] [DEV]

  • from 2.6.4-r1 to 2.6.4-r3
  • EAPI 8
  • dropped ipv6 USE flag - ipv6 is enabled unconditionally
  • added dependency on dev-libs/libevent for non-minimal builds
    • Flatcar uses minimal builds
  • build a standalone load balancer

• profiles:

  • Gentoo defaults to python 3.12 now, we still keep using 3.11
  • added python 3.13
  • deprecated the 17.1 profiles that we are currently using, so we will be getting the annoying long message everytime we run emerge, until we update to profile 23.0
  • masked systemd 256, ho ho ho, apparently refuses to boot if initramfs was built with an older version systemd that enabled cgroups v1
    • unlikely to be relevant for us, we will need to remove the mask if we update to 256
  • masked sys-libs/ncurses-6.5
    • we could consider unmasking it ourselves to test it
  • rewrote a >=5.4.3 mask for app-arch/xz-utils to potentially allow 5.4.7 if it gets released
  • dropped sourceforge 3rd party mirror

• sec-policy/selinux-base: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sec-policy/selinux-base-policy: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sec-policy/selinux-container: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sec-policy/selinux-dbus: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sec-policy/selinux-sssd: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sec-policy/selinux-unconfined: [PROD] [DEV]

  • from 2.20240226-r1 to 2.20240226-r2
  • this seems to be pulling in a new version of Gentoo patch (something about policies for firewalld)

• sys-apps/attr:

  • still at 2.5.2-r1
  • added a patch for musl

• sys-apps/file:

  • still at 5.45-r4
  • bumped python compat to 3.10..12

• sys-apps/findutils:

  • still at 4.9.0-r2
  • bumped python compat to 3.10..12

• sys-apps/grep: [PROD] [DEV]

  • from 3.11 to 3.11-r1
  • added a patch fixing grepping over directories with a large amount of files (>100k)

• sys-apps/hwdata: [PROD] [DEV]

  • from 0.376 to 0.382
  • release notes: https://github.com/vcrhonek/hwdata/commits/v0.382

• sys-apps/i2c-tools: [DEV]

  • from 4.3 to 4.3-r2
  • bumped python compat to 3.10..12
  • license changed from GPL-2 to LGPL-2.1+ GPL-2+ (+GPL-2 if python is enabled)

• sys-apps/iproute2: [PROD] [DEV]

  • from 6.6.0-r3 to 6.8.0-r2
  • release notes: https://lwn.net/Articles/965125/

• sys-apps/kexec-tools: [PROD] [DEV]

  • from 2.0.24 to 2.0.28
  • release notes: https://github.com/horms/kexec-tools/commits/v2.0.28/

• sys-apps/kmod: [PROD] [DEV]

  • from 31 to 32-r2
  • dropped python USE flag
    • these were for python bindings, upstream dropped them
  • release notes: https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/tree/NEWS?h=v32

• sys-apps/lshw: [PROD] [DEV]

  • from 02.19.2b_p20220831-r1 to 02.20.2b-r1
  • release notes: https://www.ezix.org/project/wiki/HardwareLiSter#Changes

• sys-apps/man-db: [DEV]

  • from 2.12.0 to 2.12.1
  • regenerate build system to pick up libtool patches
  • release notes: https://gitlab.com/man-db/man-db/-/releases/2.12.1

• sys-apps/man-pages:

  • still at 6.06
  • optimized unpacking

• sys-apps/nvme-cli: [PROD] [DEV]

  • from 2.8 to 2.9.1
  • still unstable for arm64, so updated accept keywords in overlay profiles
  • release notes: https://github.com/linux-nvme/nvme-cli/releases/tag/v2.9.1 https://github.com/linux-nvme/nvme-cli/releases/tag/v2.9

• sys-apps/pciutils: [PROD] [DEV]

  • from 3.10.0 to 3.12.0
  • release notes: https://github.com/pciutils/pciutils/blob/v3.12.0/ChangeLog

• sys-apps/pcsc-lite:

  • from 2.0.1 to 2.0.1-r1
  • bumped python compat to 3.10..12

• sys-apps/portage: [DEV]

  • from 3.0.61-r1 to 3.0.63-r1
  • release notes: https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.63

• sys-apps/pv:

  • from 1.8.5 to 1.8.9
  • release notes: https://codeberg.org/a-j-wood/pv/releases/tag/v1.8.9

• sys-apps/sed: [PROD] [DEV]

  • from 4.9 to 4.9-r1
  • regenerate build system to pick up libtool patches

• sys-apps/usbutils:

  • still at 017
  • bumped python compat to 3.10..12

• sys-block/parted: [PROD] [DEV]

  • from 3.6-r1 to 3.6-r2
  • disabled the use of static analyzer when building

• sys-devel/binutils: [DEV]

  • from 2.41-r5 to 2.42-r1
  • release notes: https://sourceware.org/pipermail/binutils/2024-January/132213.html

• sys-devel/gcc:

  • still at 13.2.1_p20240210
  • bumped python compat to 3.10..12

• sys-firmware/intel-microcode: [PROD] [DEV]

  • from 20240312_p20240312 to 20240514_p20240514
  • became stable, so dropped accept keywords from overlay profiles
  • initramfs USE flag was made to be enabled by default, so disable it in overlay profiles
  • fixes CVE-2023-45733, CVE-2023-45745, CVE-2023-46103, CVE-2023-47855
    • update: intel-microcode Flatcar#1452
  • release notes: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514

• sys-fs/multipath-tools: [PROD] [DEV]

  • from 0.9.7-r1 to 0.9.8
  • release notes: https://github.com/opensvc/multipath-tools/blob/0.9.8/NEWS.md

• sys-fs/xfsprogs: [PROD] [DEV]

  • from 6.4.0 to 6.6.0-r1
  • dropped user patches, issues were fixed upstream
  • release notes: https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/tree/doc/CHANGES?h=v6.6.0

• sys-fs/zfs:

  • from 2.2.2-r1 to 2.2.3
  • bumped python compat to 3.10..12
  • release notes: https://github.com/openzfs/zfs/releases/tag/zfs-2.2.3

• sys-fs/zfs-kmod:

  • from 2.2.2 to 2.2.3
  • release notes: https://github.com/openzfs/zfs/releases/tag/zfs-2.2.3

• sys-libs/binutils-libs: [PROD] [DEV]

  • from 2.41-r5 to 2.42-r1
  • release notes: https://sourceware.org/pipermail/binutils/2024-January/132213.html

• sys-libs/cracklib:

  • still at 2.9.11
  • bumped python compat to 3.10..12

• sys-libs/ldb:

  • still at 2.7.2
  • bumped python compat to 3.10..12

• sys-libs/libcap: [PROD] [DEV]

  • from 2.69-r1 to 2.70
  • release notes: https://sites.google.com/site/fullycapable/release-notes-for-libcap?authuser=0#h.hde102t8xd0v

• sys-libs/libcap-ng: [PROD] [DEV]

  • from 0.8.4-r1 to 0.8.5
  • release notes: https://github.com/stevegrubb/libcap-ng/releases/tag/v0.8.5

• sys-libs/libnvme: [PROD] [DEV]

  • from 1.8 to 1.9
  • release notes: https://github.com/linux-nvme/libnvme/releases/tag/v1.9

• sys-libs/libseccomp:

  • still at 2.5.5-r1
  • regenerate build system to pick up libtool patches

• sys-libs/libunwind: [PROD] [DEV]

  • from 1.7.2 to 1.8.1
  • regenerate build system to pick up libtool patches
  • release notes: https://github.com/libunwind/libunwind/releases/tag/v1.8.1 https://github.com/libunwind/libunwind/releases/tag/v1.8.0

• sys-libs/ncurses: [PROD] [DEV]

  • from 6.4_p20230527 to 6.4_p20240414
  • became stable, so dropped accept keywords from overlay profiles

• sys-libs/readline:

  • still at 8.2_p10
  • became stable, so dropped accept keywords from overlay profiles

• sys-libs/talloc: [PROD] [DEV]

  • from 2.4.0 to 2.4.1
  • added test USE flag
  • release notes: https://gitlab.com/samba-team/samba/-/commit/791e2817e13182344447590313f7e372a27c1d48

• sys-libs/tdb: [PROD] [DEV]

  • from 1.4.8 to 1.4.9
  • bumped python compat to 3.10..12
  • added test USE flag
  • release notes: https://gitlab.com/samba-team/samba/-/commit/b649c7d3c2b1e13e900c80ff7a20959a70b1c528

• sys-libs/tevent: [PROD] [DEV]

  • from 0.14.1 to 0.15.0
  • bumped python compat to 3.10..12
  • added test USE flag
  • release notes: https://gitlab.com/samba-team/samba/-/commit/6a80d170bca0c938f78ab12e37481b52792a9d83

• sys-libs/zlib: [PROD] [DEV]

  • from 1.3-r4 to 1.3.1-r1
  • release notes: https://github.com/madler/zlib/releases/tag/v1.3.1

• sys-process/audit: [PROD] [DEV]

  • from 3.1.1 to 3.1.2
  • bumped python compat to 3.10..12
  • release notes: https://github.com/linux-audit/audit-userspace/releases/tag/v3.1.2

• sys-process/procps: [PROD] [DEV]

  • from 4.0.4 to 4.0.4-r1
  • became stable, so dropped accept keywords from overlay profiles
  • dropped the use of usr-ldscript eclass

• sys-process/psmisc: [DEV]

  • from 23.6 to 23.7
  • release notes: https://gitlab.com/psmisc/psmisc/-/releases/v23.7

• virtual/perl-Carp:

  • from 1.540.0 to 1.540.0-r1
  • add support for perl 5.40

• virtual/perl-ExtUtils-MakeMaker:

  • from 7.700.0 to 7.700.0-r1
  • add support for perl 5.40

• virtual/perl-File-Temp:

  • from 0.231.100 to 0.231.100-r1
  • EAPI 8
  • add support for perl 5.40

• virtual/perl-Unicode-Collate:

  • from 1.310.0-r1 to 1.310.0-r2
  • add support for perl 5.40

--

• changelog
• image diff

[dongsupark]

Looks good.

A minor issue below:

[dongsupark]

A missing link.

- libnl ([3.9.0](http://lists.infradead.org/pipermail/libnl/2023-December/002436.html))

[tormath1]

Good catch. I seen it in the image changes but I thought the link was just not existing as it happens a few times.

[dongsupark]

A missing CVE, manually added to release notes draft:

- wget ([CVE-2024-38428](https://nvd.nist.gov/vuln/detail/CVE-2024-38428))