Packages changed: bcache-tools (1.0.9 -> 1.0.8+suse5) conmon e2fsprogs (1.45.2 -> 1.45.3) elfutils (0.176 -> 0.177) gawk (4.2.1 -> 5.0.1) gcc9 (9.1.1+r274111 -> 9.2.1+r274709) installation-images-MicroOS (14.431 -> 14.432) ipset (7.2 -> 7.3) iputils kernel-source (5.2.9 -> 5.2.10) libgpg-error libnftnl (1.1.3 -> 1.1.4) mokutil (0.3.0 -> 0.4.0) nghttp2 (1.39.1 -> 1.39.2) openssh pam-config (1.1 -> 1.2) patterns-containers python-packaging (19.0 -> 19.1) python-pyOpenSSL python-setuptools (41.0.1 -> 41.2.0) read-only-root-fs (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587) rpm-config-SUSE (0.g27 -> 0.g32) sudo suse-module-tools (15.2.4 -> 15.2.5) util-linux (2.33.2 -> 2.34) util-linux-systemd (2.33.2 -> 2.34) === Details === ==== bcache-tools ==== Version update (1.0.9 -> 1.0.8+suse5) - Add a _service file for the tarball from outer space. - Shift the version number to 1.0.8+suse5 because there has never been a 1.0.9 release. ==== conmon ==== - Upstream has an actual description, use it instead of just duplicating the summary again. ==== e2fsprogs ==== Version update (1.45.2 -> 1.45.3) Subpackages: libcom_err2 libext2fs2 - Update to 1.45.3: * Whether or not automatic online scrubbing will be called is now controlled in /etc/e2scrub.conf. * Fix e2fsck handling of filesystems with large_dir and inline directories * Fix e2scrub_all for encrypted LUKS partitions * Fix e2scrub_all volume cleanup * Regression tests cleanups and improvements * Fixed compiler warnings * Translation fixes and updates ==== elfutils ==== Version update (0.176 -> 0.177) Subpackages: libasm1 libdw1 libebl-plugins libelf1 - Update to version 0.177: elfclassify: New tool to analyze ELF objects. readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. libdwelf: Add dwelf_elf_e_machine_string. dwelf_elf_begin now only returns NULL when there is an error reading or decompressing a file. If the file is not an ELF file an ELF handle of type ELF_K_NONE is returned. backends: Add support for C-SKY. - remove fix-bsc-1110929.diff and gcc9-tests-Don-t-printf-a-known-NULL-symname.patch - Use %make_build ==== gawk ==== Version update (4.2.1 -> 5.0.1) - GNU awk 5.0.1: * Sandbox mode now disallows assigning new filename values in ARGV that were not there when gawk was invoked * The new argument "no-ext" to --lint disables "XXX is a gawk extension" lint warnings - possibly incompatible changes in 5.0.0: * Add support for the POSIX standard %a and %A printf formats * Replace regex routines with those from GNULIB * PROCINFO["platform"] yields a string indicating the platform for which gawk was compiled. * Writing to elements of SYMTAB that are not variable names now causes a fatal error * New comment handling in the pretty-printer * Namespaces have been implemented. Files included with -i, read with -f, and command line program segments must all be self- contained syntactic units. * now uses the locale settings for ignoring case in single byte locales, instead of hardwiring in Latin-1 ==== gcc9 ==== Version update (9.1.1+r274111 -> 9.2.1+r274709) Subpackages: libgcc_s1 libstdc++6 - Update gcc9-add-flto=auto.patch by adding backport of upstream revision r274849. - Update to gcc-9-branch head (r274709). - Add gcc9-pr91307.patch to make symbols for aggregated global constructor names stable when using LTO. - Update to gcc-9-branch head (r274311). * Includes GCC 9.2 release. [jsc#SLE-6536, jsc#SLE-6533] - Update nvptx-newlib.tar.xz to official newlib-3.1.0.tar.xz since nvptx support is now upstream. - Add gcc9-add-flto=auto.patch in order to support -flto=auto. ==== installation-images-MicroOS ==== Version update (14.431 -> 14.432) - merge gh#openSUSE/installation-images#327 - add all gpio modules (bsc#1145777) - 14.432 ==== ipset ==== Version update (7.2 -> 7.3) Subpackages: libipset13 - Update to new upstream release 7.3 * Fix rename concurrency with listing, which can result broken list/save results. * ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets. * ipset: Actually allow destination MAC address for hash:ip,mac sets too. ==== iputils ==== - Fix arping -D problem (bsc#1146440) * added arping-revert-partially-fix-sent-vs-received-package.patch (upstream commit 18f14be) ==== kernel-source ==== Version update (5.2.9 -> 5.2.10) Subpackages: kernel-debug kernel-default - Linux 5.2.10 (bnc#1012628). - KEYS: trusted: allow module init if TPM is inactive or deactivated (bnc#1012628). - sh: kernel: hw_breakpoint: Fix missing break in switch statement (bnc#1012628). - seq_file: fix problem when seeking mid-record (bnc#1012628). - mm/hmm: fix bad subpage pointer in try_to_unmap_one (bnc#1012628). - mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE* and MPOL_MF_STRICT were specified (bnc#1012628). - mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind (bnc#1012628). - mm/z3fold.c: fix z3fold_destroy_pool() ordering (bnc#1012628). - mm/z3fold.c: fix z3fold_destroy_pool() race condition (bnc#1012628). - mm/memcontrol.c: fix use after free in mem_cgroup_iter() (bnc#1012628). - mm/usercopy: use memory range to be accessed for wraparound check (bnc#1012628). - mm, vmscan: do not special-case slab reclaim when watermarks are boosted (bnc#1012628). - cpufreq: schedutil: Don't skip freq update when limits change (bnc#1012628). - drm/amdgpu: fix gfx9 soft recovery (bnc#1012628). - drm/nouveau: Only recalculate PBN/VCPI on mode/connector changes (bnc#1012628). - xtensa: add missing isync to the cpu_reset TLB code (bnc#1012628). - arm64: ftrace: Ensure module ftrace trampoline is coherent with I-side (bnc#1012628). - ALSA: hda/realtek - Add quirk for HP Envy x360 (bnc#1012628). - ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term (bnc#1012628). - ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit (bnc#1012628). - ALSA: hda - Apply workaround for another AMD chip 1022:1487 (bnc#1012628). - ALSA: hda - Fix a memory leak bug (bnc#1012628). - ALSA: hda - Add a generic reboot_notify (bnc#1012628). - ALSA: hda - Let all conexant codec enter D3 when rebooting (bnc#1012628). - HID: holtek: test for sanity of intfdata (bnc#1012628). - HID: hiddev: avoid opening a disconnected device (bnc#1012628). - HID: hiddev: do cleanup in failure of opening a device (bnc#1012628). - Input: kbtab - sanity check for endpoint type (bnc#1012628). - Input: iforce - add sanity checks (bnc#1012628). - net: usb: pegasus: fix improper read if get_registers() fail (bnc#1012628). - bpf: fix access to skb_shared_info->gso_segs (bnc#1012628). - netfilter: ebtables: also count base chain policies (bnc#1012628). - riscv: Correct the initialized flow of FP register (bnc#1012628). - riscv: Make __fstate_clean() work correctly (bnc#1012628). - Revert "i2c: imx: improve the error handling in i2c_imx_dma_request()" (bnc#1012628). - blk-mq: move cancel of requeue_work to the front of blk_exit_queue (bnc#1012628). - io_uring: fix manual setup of iov_iter for fixed buffers (bnc#1012628). - RDMA/hns: Fix sg offset non-zero issue (bnc#1012628). - IB/mlx5: Replace kfree with kvfree (bnc#1012628). - clk: at91: generated: Truncate divisor to GENERATED_MAX_DIV + 1 (bnc#1012628). - clk: sprd: Select REGMAP_MMIO to avoid compile errors (bnc#1012628). - clk: renesas: cpg-mssr: Fix reset control race condition (bnc#1012628). - dma-mapping: check pfn validity in dma_common_{mmap,get_sgtable} (bnc#1012628). - platform/x86: pcengines-apuv2: Fix softdep statement (bnc#1012628). - platform/x86: intel_pmc_core: Add ICL-NNPI support to PMC Core (bnc#1012628). - mm/hmm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} (bnc#1012628). - xen/pciback: remove set but not used variable 'old_state' (bnc#1012628). - irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table fail (bnc#1012628). - irqchip/irq-imx-gpcv2: Forward irq type to parent (bnc#1012628). - f2fs: fix to read source block before invalidating it (bnc#1012628). - tools perf beauty: Fix usbdevfs_ioctl table generator to handle _IOC() (bnc#1012628). - perf header: Fix divide by zero error if f_header.attr_size==0 (bnc#1012628). - perf header: Fix use of unitialized value warning (bnc#1012628). - RDMA/qedr: Fix the hca_type and hca_rev returned in device attributes (bnc#1012628). - ALSA: pcm: fix lost wakeup event scenarios in snd_pcm_drain (bnc#1012628). - libata: zpodd: Fix small read overflow in zpodd_get_mech_type() (bnc#1012628). - powerpc/nvdimm: Pick nearby online node if the device node is not online (bnc#1012628). - drm/bridge: lvds-encoder: Fix build error while CONFIG_DRM_KMS_HELPER=m (bnc#1012628). - drm/bridge: tc358764: Fix build error (bnc#1012628). - Btrfs: fix deadlock between fiemap and transaction commits (bnc#1012628). - scsi: hpsa: correct scsi command status issue after reset (bnc#1012628). - scsi: qla2xxx: Fix possible fcport null-pointer dereferences (bnc#1012628). - tracing: Fix header include guards in trace event headers (bnc#1012628). - drm/amdkfd: Fix byte align on VegaM (bnc#1012628). - drm/amd/powerplay: fix null pointer dereference around dpm state relates (bnc#1012628). - drm/amdgpu: fix error handling in amdgpu_cs_process_fence_dep (bnc#1012628). - drm/amdgpu: fix a potential information leaking bug (bnc#1012628). - ata: libahci: do not complain in case of deferred probe (bnc#1012628). - kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules (bnc#1012628). - kbuild: Check for unknown options with cc-option usage in Kconfig and clang (bnc#1012628). - arm64/efi: fix variable 'si' set but not used (bnc#1012628). - riscv: Fix perf record without libelf support (bnc#1012628). - arm64: Lower priority mask for GIC_PRIO_IRQON (bnc#1012628). - arm64: unwind: Prohibit probing on return_address() (bnc#1012628). - arm64/mm: fix variable 'pud' set but not used (bnc#1012628). - arm64/mm: fix variable 'tag' set but not used (bnc#1012628). - IB/core: Add mitigation for Spectre V1 (bnc#1012628). - IB/mlx5: Fix MR registration flow to use UMR properly (bnc#1012628). - RDMA/restrack: Track driver QP types in resource tracker (bnc#1012628). - IB/mad: Fix use-after-free in ib mad completion handling (bnc#1012628). - RDMA/mlx5: Release locks during notifier unregister (bnc#1012628). - drm: msm: Fix add_gpu_components (bnc#1012628). - RDMA/hns: Fix error return code in hns_roce_v1_rsv_lp_qp() (bnc#1012628). - drm/exynos: fix missing decrement of retry counter (bnc#1012628). - arm64: kprobes: Recover pstate.D in single-step exception handler (bnc#1012628). - arm64: Make debug exception handlers visible from RCU (bnc#1012628). - Revert "kmemleak: allow to coexist with fault injection" (bnc#1012628). - ocfs2: remove set but not used variable 'last_hash' (bnc#1012628). - page flags: prioritize kasan bits over last-cpuid (bnc#1012628). - asm-generic: fix -Wtype-limits compiler warnings (bnc#1012628). - arm64: KVM: regmap: Fix unexpected switch fall-through (bnc#1012628). - staging: comedi: dt3000: Fix signed integer overflow 'divider * base' (bnc#1012628). - staging: comedi: dt3000: Fix rounding up of timer divisor (bnc#1012628). - iio: adc: max9611: Fix temperature reading in probe (bnc#1012628). - USB: core: Fix races in character device registration and deregistraion (bnc#1012628). - usb: gadget: udc: renesas_usb3: Fix sysfs interface of "role" (bnc#1012628). - usb: cdc-acm: make sure a refcount is taken early enough (bnc#1012628). - USB: CDC: fix sanity checks in CDC union parser (bnc#1012628). - USB: serial: option: add D-Link DWM-222 device ID (bnc#1012628). - USB: serial: option: Add support for ZTE MF871A (bnc#1012628). - USB: serial: option: add the BroadMobi BM818 card (bnc#1012628). - USB: serial: option: Add Motorola modem UARTs (bnc#1012628). - usb: setup authorized_default attributes using usb_bus_notify (bnc#1012628). - netfilter: conntrack: Use consistent ct id hash calculation (bnc#1012628). - Input: psmouse - fix build error of multiple definition (bnc#1012628). - bnx2x: Fix VF's VLAN reconfiguration in reload (bnc#1012628). - bonding: Add vlan tx offload to hw_enc_features (bnc#1012628). - net: dsa: Check existence of .port_mdb_add callback before calling it (bnc#1012628). - net/mlx4_en: fix a memory leak bug (bnc#1012628). - net/packet: fix race in tpacket_snd() (bnc#1012628). - net: sched: sch_taprio: fix memleak in error path for sched list parse (bnc#1012628). - sctp: fix memleak in sctp_send_reset_streams (bnc#1012628). - sctp: fix the transport error_count check (bnc#1012628). - team: Add vlan tx offload to hw_enc_features (bnc#1012628). - tipc: initialise addr_trail_end when setting node addresses (bnc#1012628). - xen/netback: Reset nr_frags before freeing skb (bnc#1012628). - net/mlx5e: Only support tx/rx pause setting for port owner (bnc#1012628). - bnxt_en: Fix VNIC clearing logic for 57500 chips (bnc#1012628). - bnxt_en: Improve RX doorbell sequence (bnc#1012628). - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails (bnc#1012628). - bnxt_en: Suppress HWRM errors for HWRM_NVM_GET_VARIABLE command (bnc#1012628). - bnxt_en: Use correct src_fid to determine direction of the flow (bnc#1012628). - bnxt_en: Fix to include flow direction in L2 key (bnc#1012628). - net sched: update skbedit action for batched events operations (bnc#1012628). - tc-testing: updated skbedit action tests with batch create/delete (bnc#1012628). - netdevsim: Restore per-network namespace accounting for fib entries (bnc#1012628). - net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (bnc#1012628). - net/mlx5e: Fix false negative indication on tx reporter CQE recovery (bnc#1012628). - net/mlx5e: Remove redundant check in CQE recovery flow of tx reporter (bnc#1012628). - net/mlx5e: Use flow keys dissector to parse packets for ARFS (bnc#1012628). - net/tls: prevent skb_orphan() from leaking TLS plain text with offload (bnc#1012628). - net: phy: consider AN_RESTART status when reading link status (bnc#1012628). - netlink: Fix nlmsg_parse as a wrapper for strict message parsing (bnc#1012628). - Refresh patches.suse/supported-flag. - commit 5878ee6 - iwlwifi: Add support for SAR South Korea limitation (bsc#1142128). - commit 0100738 ==== libgpg-error ==== - Add patch to fix buidling with gawk 5.0 and newer: * gawk5.patch ==== libnftnl ==== Version update (1.1.3 -> 1.1.4) - Update to new upstream release 1.1.4 * Add ct id support, add ct expectation support, add synproxy support. ==== mokutil ==== Version update (0.3.0 -> 0.4.0) - Update to 0.4.0 + Rename export_moks as export_db_keys + Add support for exporting other keys + add new --mok argument + set list-enrolled command as default for some arguments + Add more info to --sb-state: show when we're in SetupMode or with shim validation disabled + Correct help: --set-timeout is really --timeout + generate_hash() / generate_pw_hash(): don't use strlen() for strncpy bounds + Add the type casting to silence the warning + Add a way for mokutil to configure a timeout for MokManager's prompt + list_keys_in_var(): check errno correctly, not ret twice + Fix typo in error message when the system lacks Secure Boot support + Add bash completion file + mokutil: be explicit about file modes in all cases + Make all efi_guid_t const + Don't allow sha1 on the mokutil command line + Build with -fshort-wchar so toggle passwords work right + Fix the 32bit signedness comparison + Fix the potential buffer overflow - Add mokutil-remove-shebang-from-bash-completion-file.patch to remove shebang from bash-completion/mokutil - Drop upstreamed patches + mokutil-constify-efi-guid.patch + mokutil-fix-overflow.patch + mokutil-fshort-wchar.patch + mokutil-set-efi-variable-file-mode.patch - Refresh mokutil-support-revoke-builtin-cert.patch - Install bash-completion/mokutil - Add modhash to calculate the hash of kernel module (SLE-5661) + Also add openssl to Requires since the script needs it ==== nghttp2 ==== Version update (1.39.1 -> 1.39.2) - Require correct library from devel package - boo#1125689 - Update to version 1.39.2 (bsc#1146184, bsc#1146182): * This release fixes CVE-2019-9511 ?Data Dribble? and CVE-2019-9513 ?Resource Loop? vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for details. For nghttpx, additionally limiting inbound traffic by - -read-rate and --read-burst options is quite effective against this kind of attack. * Add nghttp2_option_set_max_outbound_ack API function * nghttpx: Fix request stall ==== openssh ==== - don't install SuSEfirewall2 service on Factory, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html ==== pam-config ==== Version update (1.1 -> 1.2) - Update to version 1.2: - use /usr/etc as second fallback directory ==== patterns-containers ==== - Add hello-kubic-k8s-yaml to kubeadm pattern ==== python-packaging ==== Version update (19.0 -> 19.1) - Remove dependency on attrs Add: 0005-Drop-dependency-on-attrs.patch this fixes bsc#1144506 - Fix a bit the multibuild conversion - Remove the attrs from the deps as they are no longer needed - Enable tests via _multibuild Add patches from https://github.com/pypa/packaging/pull/176: * 0001-Fix-test-failures-test_linux_platforms_manylinux-for.patch * 0002-Fix-check-for-64-bit-OS.patch * 0003-Add-additional-test-to-get-100-branch-coverage.patch * 0004-Fix-test_macos_version_detection-failure-on-32-bit-L.patch (these fix the tests on non-x86 platforms and can be dropped on the next release) - Add Requires:python-attrs as this is a new dependency this fixes bsc#1144506 - update to 19.1: * Add the ``packaging.tags`` module. * Correctly handle two-digit versions in ``python_version`` ==== python-pyOpenSSL ==== - Add fix-compilation-2020.patch to fix tests after 2020 ==== python-setuptools ==== Version update (41.0.1 -> 41.2.0) - Switch to multibuild to enable testsuite - Update to 41.2.0: * #479: Remove some usage of the deprecated imp module. * #1565: Changed html_sidebars from string to list of string as per https://www.sphinx-doc.org/en/master/changes.html#id58 * #1697: Moved most of the constants from setup.py to setup.cfg * #1756: Forse metadata-version >= 1.2. when project urls are present. ==== read-only-root-fs ==== Version update (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587) - Update to version 1.0+git20190607.11f8587: * Determine /@ programmatically - Update to version 1.0+git20190606.e1f756c: * Mount writable /boot subvolume in GRUB environment - Create /boot/writable subvolume to provide a place to store the GRUB environment block or Ignition's firstboot flag on a ro root device ==== rpm-config-SUSE ==== Version update (0.g27 -> 0.g32) - Update to version 0.g32: * find-provides.ksyms, find-requires.ksyms: cleanup kernel version handling (bsc#1145601). * find-requires.ksyms: fix matching of uninstalled files (bsc#1145601). - Update to version 0.g29: * find-requires.ksyms: Move modinfo and modprobe before the ksym dependency code. ==== sudo ==== - Correct typo in sudoers patch ==== suse-module-tools ==== Version update (15.2.4 -> 15.2.5) - Update to version 15.2.5: * remove 'modhash' - moved to mokutil package (jsc#SLE-6094) ==== util-linux ==== Version update (2.33.2 -> 2.34) Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Fix comments and unify look of PAM files (login.pamd, remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd). - Update to version 2.34: * new command hardlink * rewrite of lsblk, now supports --dedup * support for FUSE in umount * support for "--all -o remount" in mount * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH over ENV_ROOTPATH (bsc#1121197), improved --pty * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd * fstrim: do not suppress warnings unless --quiet is used * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add - -caches * logger: merge multiple MESSAGE= lines * libblkid: do not depend on libuuid, supports DRBD9 detection * libsmartcols: support N:M relationships in tree-like output * fstrim and uuidd systemd services: hardening settings to improve security and service isolation * fstrim: trim root filesystem on --fstab, check for read-only filesystems on --all and --fstab (boo#1106214). * fstrim -A: properly de-duplicate sub-volumes (boo#1127701). * Obsoletes util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch and util-linux-login_defs-SYS_UID.patch. * Many Other fixes, see https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes - Provide and obsolete hardlink package. - util-linux-login_defs-check.sh: Update checksum, login now supports LASTLOG_UID_MAX. - Fix /etc/default/su comments and create /etc/default/runuser (bsc#1121197#31). - Remove /etc/default/su migration from coreutils. ==== util-linux-systemd ==== Version update (2.33.2 -> 2.34) - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Fix comments and unify look of PAM files (login.pamd, remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd). - Update to version 2.34: * new command hardlink * rewrite of lsblk, now supports --dedup * support for FUSE in umount * support for "--all -o remount" in mount * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH over ENV_ROOTPATH (bsc#1121197), improved --pty * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd * fstrim: do not suppress warnings unless --quiet is used * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add - -caches * logger: merge multiple MESSAGE= lines * libblkid: do not depend on libuuid, supports DRBD9 detection * libsmartcols: support N:M relationships in tree-like output * fstrim and uuidd systemd services: hardening settings to improve security and service isolation * fstrim: trim root filesystem on --fstab, check for read-only filesystems on --all and --fstab (boo#1106214). * fstrim -A: properly de-duplicate sub-volumes (boo#1127701). * Obsoletes util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch and util-linux-login_defs-SYS_UID.patch. * Many Other fixes, see https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes - Provide and obsolete hardlink package. - util-linux-login_defs-check.sh: Update checksum, login now supports LASTLOG_UID_MAX. - Fix /etc/default/su comments and create /etc/default/runuser (bsc#1121197#31). - Remove /etc/default/su migration from coreutils.