Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.2&build=501.1&groupid=50
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.2
When you reply to discuss some issues, make sure to change the subject.
Please use the test plan at
https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m...
to record your testing efforts and use bugzilla to report bugs.
Packages changed:
Mesa
Mesa-drivers
SDL2
binutils (2.31 -> 2.32)
chromium (77.0.3865.75 -> 77.0.3865.90)
djvulibre
ghostscript (9.26a -> 9.27)
grub2
ipmitool
kernel-source (5.3.0 -> 5.3.1)
kvm_stat (4.12.14 -> 5.3.1)
libcdio
libnetfilter_conntrack (1.0.6 -> 1.0.7)
libopenmpt (0.3.9 -> 0.3.17)
libosinfo (1.2.0 -> 1.6.0)
nghttp2 (1.31.1 -> 1.39.2)
open-vm-tools (10.3.10 -> 11.0.0)
osinfo-db (20190504 -> 20190905)
patterns-base
permissions (20181116 -> 20190830)
polkit-default-privs (13.2 -> 13.2+20190905.0016c47)
python-numpy (1.14.0 -> 1.16.1)
qpdf (9.0.0 -> 9.0.1)
remmina (1.3.4 -> 1.3.6)
strace (5.2 -> 5.3)
ucode-intel (20190618 -> 20190918)
virt-manager (2.1.0 -> 2.2.1)
virt-viewer (7.0 -> 8.0)
webkit2gtk3 (2.24.2 -> 2.24.4)
yast2 (4.2.21 -> 4.2.23)
yast2-country (4.2.4 -> 4.2.5)
yast2-installation (4.2.13 -> 4.2.14)
yast2-packager (4.2.25 -> 4.2.27)
yast2-storage-ng (4.2.38 -> 4.2.41)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Mesa-libEGL-devel needs Mesa-KHR-devel (bsc#1117365)
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2
- Mesa-libEGL-devel needs Mesa-KHR-devel (bsc#1117365)
==== SDL2 ====
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading
a crafted bmp file (boo#1141844 CVE-2019-13616).
- Add CVE-2019-13626.patch: add safeguards to the wav parser to
prevent crashes (boo#1142031 CVE-2019-13626).
- Drop CVE-2019-7572.patch, CVE-2019-7574.patch,
CVE-2019-7575.patch, CVE-2019-7577.patch, and
CVE-2019-7578.patch: these are handled by the new code added in
CVE-2019-13626.patch.
==== binutils ====
Version update (2.31 -> 2.32)
- Update to current 2.32 branch @7b468db3 adding
binutils-2.32-branch.diff.gz [jsc#ECO-368].
- Includes fixes for these CVEs:
bsc#1109412 aka CVE-2018-17358 aka PR23686
bsc#1109413 aka CVE-2018-17359 aka PR23686
bsc#1109414 aka CVE-2018-17360 aka PR23685
bsc#1111996 aka CVE-2018-18309 aka PR23770
bsc#1112534 aka CVE-2018-18484 aka GCC PR87636
bsc#1112535 aka CVE-2018-18483 aka PR23767
bsc#1113247 aka CVE-2018-18607 aka PR23805
bsc#1113252 aka CVE-2018-18606 aka PR23806
bsc#1113255 aka CVE-2018-18605 aka PR23804
bsc#1116827 aka CVE-2018-17985 aka GCC PR87335
bsc#1118830 aka CVE-2018-19932 aka PR23932
bsc#1118831 aka CVE-2018-19931 aka PR23942
bsc#1120640 aka CVE-2018-1000876 aka PR23994
bsc#1121034 aka CVE-2018-20651 aka PR24041
bsc#1121035 aka CVE-2018-20623 aka PR24049
bsc#1121056 aka CVE-2018-20671 aka PR24005
bsc#1142772 aka CVE-2019-1010180 aka PR23657
- Refresh s390-biarch.diff and
binutils-revert-plt32-in-branches.diff .
- For the SLE12 package this also removes patches
binutils-z13-1.diff, binutils-z13-2.diff,
binutils-z13-3.diff, binutils-z13-4.diff and binutils-z13-5.diff .
- enable xtensa architecture (Tensilica lc6 and related)
- Fix SUSE typo in README package name
- Use -ffat-lto-objects in order to provide assembly for static libs
(boo#1141913).
Fake entry for SLE12 package variant only:
- Add support for new z13 instructions. [fate#327074, jsc#SLE-6206,
bsc#1137271]
Adds patches binutils-z13-1.diff, binutils-z13-2.diff,
binutils-z13-3.diff, binutils-z13-4.diff and binutils-z13-5.diff .
- Add binutils-pr24486.patch: fix for PR24486 (boo#1133131 boo#1133232).
- Add rx-gas-padding-pr24464.patch: fix for PR24464.
- riscv-abi-check.patch: Don't check ABI flags if no code section
- Add binutils.keyring and verify signature.
- Add disk and RAM (for ppc, ppc64 and ppc64le) constraint with _constraints.
- Update to binutils 2.32:
* The binutils now support for the C-SKY processor series.
* The x86 assembler now supports a -mvexwig=[0|1] option to control
encoding of VEX.W-ignored (WIG) VEX instructions.
It also has a new -mx86-used-note=[yes|no] option to generate (or
not) x86 GNU property notes.
* The MIPS assembler now supports the Loongson EXTensions R2 (EXT2),
the Loongson EXTensions (EXT) instructions, the Loongson Content
Address Memory (CAM) ASE and the Loongson MultiMedia extensions
Instructions (MMI) ASE.
* The addr2line, c++filt, nm and objdump tools now have a default
limit on the maximum amount of recursion that is allowed whilst
demangling strings. This limit can be disabled if necessary.
* Objdump's --disassemble option can now take a parameter,
specifying the starting symbol for disassembly. Disassembly will
continue from this symbol up to the next symbol or the end of the
function.
* The BFD linker will now report property change in linker map file
when merging GNU properties.
* The BFD linker's -t option now doesn't report members within
archives, unless -t is given twice. This makes it more useful
when generating a list of files that should be packaged for a
linker bug report.
* The GOLD linker has improved warning messages for relocations that
refer to discarded sections.
- Remove binutils-2.31-branch.diff.gz, fix-pr23919-1.diff,
fix-pr23919-2.diff, fix-pr23919-3.diff,
gold-depend-on-opcodes.diff and s390-relro.diff.
- Refresh binutils-skip-rpaths.patch, s390-biarch.diff, cross-avr-size.patch
and binutils-revert-plt32-in-branches.diff.
==== chromium ====
Version update (77.0.3865.75 -> 77.0.3865.90)
- update to chromium 77.0.3865.90 boo#1151229:
* CVE-2019-13685: Use-after-free in UI
* CVE-2019-13688: Use-after-free in media
* CVE-2019-13687: Use-after-free in media
* CVE-2019-13686: Use-after-free in offline pages
==== djvulibre ====
- security update
- added patches
CVE-2019-15142 [bsc#1146702]
+ djvulibre-CVE-2019-15142.patch
CVE-2019-15143 [bsc#1146569]
+ djvulibre-CVE-2019-15143.patch
CVE-2019-15144 [bsc#1146571]
+ djvulibre-CVE-2019-15144.patch
CVE-2019-15145 [bsc#1146572]
+ djvulibre-CVE-2019-15145.patch
do not segfault when libtiff encounters corrupted TIFF (upstream issue #295)
+ djvulibre-invalid-tiff.patch
==== ghostscript ====
Version update (9.26a -> 9.27)
Subpackages: ghostscript-x11
- Port latest ghostscript 9.27 from factory including latest
security patches to SLES15/SLES12
* Port patch CVE-2019-10216.patch to 9.27 which is the orignal
upstream commit now
* Drop patch CVE-2019-3838.patch as now part of 9.27
- Add patch gs-CVE-2019-14811-885444fc.patch to fix bsc#1146882
for CVE-2019-14811,CVE-2019-14812,CVE-2019-14813
- Add patch gs-CVE-2019-14817-cd1b1cac.patch to fix bsc#1146884
for CVE-2019-14817
- Add patch openjpeg4gs-CVE-2018-6616-8ee33522.patch to fix bsc#1140359
for CVE-2019-12973
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi
- Fix fallback embed doesn't work when no post mbr gap at all (boo#1142229)
* Refresh grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch
==== ipmitool ====
- Enable USB interface by explicit passing --enable-intf-usb (jira#SLE-7780)
- Enable free interface by adding freeipmi-devel package to
build requires
==== kernel-source ====
Version update (5.3.0 -> 5.3.1)
- Delete patches.suse/squashfs-3.4.patch.
Deprecate squashfs-3.4 legacy fs format support (jsc#SLE-9416)
- commit e1d0aab
- config: Enable dual-role modes for DWC on arm64 as well
- CONFIG_USB_DWC2_DUAL_ROLE=y and CONFIG_USB_DWC3_DUAL_ROLE=y
- Previously that was only enabled on armv6/armv7
- commit a9c5486
- supported.conf: cleanup
- drop obsolete mask sound/oss/*
- drop removed module nf_conntrack_slp
- commit 30def80
- config.conf: disable vanilla flavour
As was discussed on the labs conf 2019, vanilla flavour is barely
used. Given we are not going to use stable patches when building
kernel-vanilla, it becomes a yet bit more useless. So disable it for
now only. If nobody cares, we can drop also the configs later.
- commit 4223115
- Linux 5.3.1 (bnc#1151927 5.3.1).
- ovl: fix regression caused by overlapping layers detection
(bnc#1151927 5.3.1).
- xen-netfront: do not assume sk_buff_head list is empty in
error handling (bnc#1151927 5.3.1).
- net: stmmac: Hold rtnl lock in suspend/resume callbacks
(bnc#1151927 5.3.1).
- ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit (bnc#1151927
5.3.1).
- udp: correct reuseport selection with connected sockets
(bnc#1151927 5.3.1).
- net_sched: let qdisc_put() accept NULL pointer (bnc#1151927
5.3.1).
- net: dsa: Fix load order between DSA drivers and taggers
(bnc#1151927 5.3.1).
- net/sched: fix race between deactivation and dequeue for NOLOCK
qdisc (bnc#1151927 5.3.1).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
(bnc#1151927 5.3.1).
- firmware: google: check if size is valid when decoding VPD data
(bnc#1151927 5.3.1).
- phy: qcom-qmp: Correct ready status, again (bnc#1151927 5.3.1).
- phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in
over-current (bnc#1151927 5.3.1).
- serial: sprd: correct the wrong sequence of arguments
(bnc#1151927 5.3.1).
- tty/serial: atmel: reschedule TX after RX was started
(bnc#1151927 5.3.1).
- USB: usbcore: Fix slab-out-of-bounds bug during device reset
(bnc#1151927 5.3.1).
- KVM: coalesced_mmio: add bounds checking (bnc#1151927 5.3.1).
- media: tm6000: double free if usb disconnect while streaming
(bnc#1151927 5.3.1).
- media: technisat-usb2: break out of loop at end of buffer
(bnc#1151927 5.3.1).
- floppy: fix usercopy direction (bnc#1151927 5.3.1).
- Documentation: sphinx: Add missing comma to list of strings
(bnc#1151927 5.3.1).
- Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}"
(bnc#1151927 5.3.1).
- commit af71771
- enable VFIO-CCW and CCW IOMMU (bsc#1151192 jsc#SLE-6138)
- config changes (s390x only)
- VFIO_CCW=m
- S390_CCW_IOMMU=y
- supported.conf: add vfio_ccw as externally supported (by IBM)
supported.conf: Add vfio_ccw (bsc#1151192 jsc#SLE-6138).
- commit bbfc15f
- powerpc/64s/radix: Fix memory hotplug section page table
creation (bsc#1065729).
- commit 431bc28
- powerpc/pseries: Fix cpu_hotplug_lock acquisition in
resize_hpt() (bsc#1065729).
- commit e574522
- powerpc/xive: Implement get_irqchip_state method for XIVE to
fix shutdown race (bsc#1065729).
- commit a9647b9
- tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for
interrupts (bsc#1082555).
- commit d3b1602
- powerpc/64s/radix: Fix memory hot-unplug page table split
(bsc#1065729).
- powerpc/powernv/ioda: Fix race in TCE level allocation
(bsc#1061840).
- KVM: PPC: Book3S HV: Don't lose pending doorbell request on
migration on P9 (bsc#1061840).
- KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual
cores (bsc#1061840).
- KVM: PPC: Book3S HV: Don't push XIVE context when not using
XIVE device (bsc#1061840).
- KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation
interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before
disabling the VP (bsc#1061840).
- commit 3411cdc
- iommu/dma: Fix for dereferencing before null checking
(bsc#1151674).
- iommu/iova: Avoid false sharing on fq_timer_on (bsc#1151675).
- iommu/vt-d: Fix wrong analysis whether devices share the same
bus (bsc#1151679).
- iommu/ipmmu-vmsa: Move IMTTBCR_SL0_TWOBIT_* to restore sort
order (bsc#1151676).
- iommu/mediatek: Fix VLD_PA_RNG register backup when suspend
(bsc#1151678).
- iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
(bsc#1151677).
- commit 6809156
- powerpc/64s/exception: reduce page fault unnecessary loads
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Remove pointless KVM handler name
bifurcation (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: program check handler do not branch
into a macro (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: move interrupt entry code above the
common handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: INT_COMMON add DAR, DSISR, reconcile
options (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Expand EXCEPTION_PROLOG_COMMON_1 and
2 into caller (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Expand EXCEPTION_COMMON macro into caller
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Add INT_COMMON gas macro to generate
common exception code (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Merge EXCEPTION_PROLOG_COMMON_2/3
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: KVM_HANDLER reorder arguments to match
other macros (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Add INT_KVM_HANDLER gas macro
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: INT_HANDLER support HDAR/HDSISR and
use it in HDSI (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Add the virt variant of the denorm
interrupt handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: remove EXCEPTION_PROLOG_0/1, rename _2
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exceptions: Use keyword params to shorten arg lists
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Replace PROLOG macros and EXC helpers
with a gas macro (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: remove 0xb00 handler (jsc#PM-1334
jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Fix performance monitor virt handler
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Add EXC_HV_OR_STD, which selects HSRR
if HVMODE (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: move head-64.h exception code to
exception-64s.S (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: Fix DAR load for handle_page_fault
error case (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check improve labels and comments
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: untangle early machine check handler
branch (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check move unrecoverable handling
out of line (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: simplify machine check early path
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check move tramp code
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check restructure to reuse
common macros (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check pseries should skip
the late handler for kernel MCEs (jsc#PM-1334 jsc#SLE-9246
jsc#SLE-9251).
- powerpc/64s/pseries: machine check convert to use common event
code (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/powernv: machine check dump SLB contents
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check use correct cfar for late
handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check remove
machine_check_pSeries_0 branch (jsc#PM-1334 jsc#SLE-9246
jsc#SLE-9251).
- powerpc/64s/exception: machine check pseries should always
run the early handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check adjust RFI target
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check fix KVM guest test
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check remove bitrotted comment
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- powerpc/64s/exception: machine check fwnmi remove HV case
(jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251).
- commit 0e08ffb
- kexec_elf: support 32 bit ELF files (jsc#PM-1333 jsc#SLE-9255
jsc#SLE-9527).
- kexec_elf: remove unused variable in kexec_elf_load()
(jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527).
- kexec_elf: remove Elf_Rel macro (jsc#PM-1333 jsc#SLE-9255
jsc#SLE-9527).
- kexec_elf: remove PURGATORY_STACK_SIZE (jsc#PM-1333 jsc#SLE-9255
jsc#SLE-9527).
- kexec_elf: remove parsing of section headers (jsc#PM-1333
jsc#SLE-9255 jsc#SLE-9527).
- kexec_elf: change order of elf_*_to_cpu() functions (jsc#PM-1333
jsc#SLE-9255 jsc#SLE-9527).
- kexec: add KEXEC_ELF (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527).
- new config options:
- KEXEC_ELF=y (ppc64le only, autoselected)
- commit 2985288
- powerpc/fadump: support holes in kernel boot memory area
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: remove RMA_START and RMA_END macros (jsc#PM-1318
jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: update documentation about option to release
opalcore (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: consider f/w load area (jsc#PM-1318 jsc#SLE-9099
jsc#SLE-9176).
- powerpc/opalcore: provide an option to invalidate
/sys/firmware/opal/core file (jsc#PM-1318 jsc#SLE-9099
jsc#SLE-9176).
- powerpc/opalcore: export /sys/firmware/opal/core for analysing
opal crashes (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- new config options:
- OPAL_CORE=n (ppc64le only)
- powerpc/fadump: update documentation about
CONFIG_PRESERVE_FA_DUMP (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: add support to preserve crash data on FADUMP
disabled kernel (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: improve how crashed kernel's memory is reserved
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: consider reserved ranges while releasing memory
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: make crash memory ranges array allocation
generic (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: process architected register state data provided
by firmware (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: make use of memblock's bottom up allocation mode
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: Update documentation about OPAL platform support
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: handle invalidation of crashdump and
re-registraion (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: Warn before processing partial crashdump
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: process the crashdump by exporting it as
/proc/vmcore (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: support copying multiple kernel boot memory
regions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: define OPAL register/un-register callback
functions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: reset metadata address during clean up
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: register kernel metadata address with opal
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: improve fadump_reserve_mem() (jsc#PM-1318
jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: add fadump support on powernv (jsc#PM-1318
jsc#SLE-9099 jsc#SLE-9176).
- powerpc/opal: add MPIPL interface definitions (jsc#PM-1318
jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: use FADump instead of fadump for how it is
pronounced (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- pseries/fadump: move out platform specific support from generic
code (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch.
- powerpc/fadump: release all the memory above boot memory size
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: add source info while displaying region contents
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- pseries/fadump: define RTAS register/un-register callback
functions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch.
- powerpc/fadump: introduce callbacks for platform specific
operations (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: move rtas specific definitions to platform code
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: use helper functions to reserve/release cpu
notes buffer (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: Improve fadump documentation (jsc#PM-1318
jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: declare helper functions in internal header file
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- powerpc/fadump: add helper functions (jsc#PM-1318 jsc#SLE-9099
jsc#SLE-9176).
- powerpc/fadump: move internal macros/definitions to a new header
(jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176).
- commit deefc64
- Refresh sorted section.
- Refresh patches.suse/powerpc-dump-kernel-log-before-carrying-out-fadump-o.patch with upstream status.
- commit 9991920
==== kvm_stat ====
Version update (4.12.14 -> 5.3.1)
- Fix our patching for Leap 15.1 (boo#1140899)
- Detect SLE15-SP2 / Leap 15.2 and patch accordingly
- Adjust a patch that no longer applies due to upstream (non-code)
changes
- Add python3 tweak to be compatible with v5.0 kernel source
(bsc#1116822)
+ 0050-tools-kvm_stat-switch-python-reference-again.patch
==== libcdio ====
- Add libcdio-LE-BE-sizemismatch.patch: Fix warning when BigEndian
and LittleEndian sizes do not match. Use LE as authorative
information (workaround for boo#1094761).
- Add libcdio-more-relaxed-from_733.patch: Switch to using the more
relaxed from_733 in _iso9660_dir_to_statbuf: Done so that libcdio
doesn't bail out when processing non-compliant ISOs such as
openSUSE ISO files.
==== libnetfilter_conntrack ====
Version update (1.0.6 -> 1.0.7)
- Update to new upstream release 1.0.7
* new synproxy support
* don't crash on NULL labelmap
* expose a copy of nf_conntrack_common.h
==== libopenmpt ====
Version update (0.3.9 -> 0.3.17)
Subpackages: libmodplug1 libopenmpt0
- Update to 0.3.17:
* Update to latest release to get all the security fixes:
+ bsc#1143581 CVE-2018-20860
+ bsc#1143578 CVE-2018-20861
+ bsc#1143582 CVE-2019-14382
+ bsc#1143584 CVE-2019-14383
==== libosinfo ====
Version update (1.2.0 -> 1.6.0)
Subpackages: libosinfo-1_0-0 libosinfo-lang typelib-1_0-Libosinfo-1_0
- Update to version 1.6.0
Changes in this release include:
* Add API to get the kernel URL argument for an OsinfoOs
* Improve detection of PPC ISOs
* Add API to create an OsinfoMedia from location using OsinfoMediaDetectFlags
* Add API to get whether a media is bootable or not
* Add OsinfoTree treeinfo properties
* Add API to identify an OsinfoTree
* Deprecate API to guess an OsinfoOs from OsinfoTree
* Add --config-file to osinfo-install-script tool
* Deprecate --config usage for user & admin passwords on osinfo-install-script tool
* Add API to generate an install-script and its command-line for OsinfoTree
* Use libsoup for "http://" & "https://" requests for creating both OsinfoMedia & OsinfoTree
* Drop GVFS dependency
* Add OsinfoOs property to OsinfoTree
- Drop
CVE-2019-13313-add-new-option-so-users-can-set-config-from-file.patch
CVE-2019-13313-pass-username-password-via-config-file.patch
- bsc#1140749 - VUL-1: CVE-2019-13313: libosinfo: osinfo-install-
script option leaks password via command line argument
CVE-2019-13313-add-new-option-so-users-can-set-config-from-file.patch
CVE-2019-13313-pass-username-password-via-config-file.patch
- Update to version 1.5.0
Changes in this release include:
* Add API to get an OS from OsinfoTrees & OsinfoImages
* Add API to set an OS to OsinfoTrees & OsinfoImages
* Add API to get the OS variants from OsinfoTrees & OsinfoImages
* Add API to set the installation URL to a OsinfoInstallConfig
* Add API to get all short-ids from an OsinfoProduct
* Improve OsinfoLoader in order to fully support multiple short-ids values on
an OsinfoProduct
* Improve osinfo-detect tool's help wording
* Improve osinfo-detect tool, making it aware of OsinfoTree's OS variants
* Fix the loading of the architecture value of OsinfoImages
* Fix usage of application id on media detection
* Accept "all" as a valid fallback architecture for OsinfoTrees & OsinfoMedias
* Improve treeinfo check by checking for both ".treeinfo" and "treeinfo" files
* Explicitly set GVFS as a requirement in the project spec file
* Move osinfo-db related tests to osinfo-db project
- Drop
0001-media-Fix-usage-of-application-id.patch
0002-loader-Properly-load-the-arch-value-for-images.patch
- Upstream bug fixes from Fabiano Fidêncio
0001-media-Fix-usage-of-application-id.patch
0002-loader-Properly-load-the-arch-value-for-images.patch
- Update to version 1.4.0
Changes in this release include:
* Add isodata test files for more distros
* Refreshed translations from Zanata
* Drop deprecated gnome-common and intltool
* Fix test cases checking for medias, trees and images URIs due to
libcurl issues when reusing the curl handler
* Fix media identification when its identifiers have the maximum
allowed size
* Fix filling up the media properties when identifying it
* Improvements in the tests in order to reduce code duplication
* Add one test case per OS for medias, trees and images URIs tests
* Add OSINFO_RELEASE_STATUS_ROLLING release status
* Add API to add an installer script to a media
* Add API to get all the installer scripts from a media
- Use noun phrase in summaries.
- Update to version 1.3.0
Changes in this release include:
* Add isodata test files for many more distros
* Refreshed translations from Zanata
* Refuse to load data files which do not follow the
documented directory layout and file naming conventions
introduced in version 0.3.0
* Avoid warnings when setting GError objects with new glib
* Remove outdated FSF address from source file headers
* Make several test suites collect & report all errors
before exiting with failure for easy diagnosis
* Avoid misc memory leaks
* Add support for reporting maximum resource settings
* Add support for reporting network installer resource settings
* Fix data returned for osinfo_devicelinklist_get_devices
* Support removal of devices during inheritance processing
* Support inheritance of resources settings
* Add OsinfoImage class & related APIs for reporting
pre-installed disk images
* Add API to determine if treeinfo metadata is provided
* Add API to determine if media supports installer scripts
* Add API to determine preferred install script injection
methods
* Add support for detecting if PPC ISO images are bootable
==== nghttp2 ====
Version update (1.31.1 -> 1.39.2)
Subpackages: libnghttp2-14 libnghttp2-14-32bit
- Require correct library from devel package - boo#1125689
- Update to version 1.39.2 (bsc#1146184, bsc#1146182):
* This release fixes CVE-2019-9511 ?Data Dribble? and CVE-2019-9513
?Resource Loop? vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2
frames cause Denial of Service by consuming CPU time. Check out
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-p...
for details. For nghttpx, additionally limiting inbound traffic by
- -read-rate and --read-burst options is quite effective against
this kind of attack.
* Add nghttp2_option_set_max_outbound_ack API function
* nghttpx: Fix request stall
- Update to version 1.39.1:
* This release fixes the bug that log-level is not set with
cmd-line or configuration file. It also fixes FPE with default
backend.
- Changes for version 1.39.0:
* libnghttp2 now ignores content-length in 200 response to
CONNECT request as per RFC 7230.
* mruby has been upgraded to 2.0.1.
* libnghttp2-asio now supports boost-1.70.
* http-parser has been replaced with llhttp.
* nghttpx now ignores Content-Length and Transfer-Encoding in 1xx
or 200 to CONNECT.
- Drop no longer needed boost170.patch
- Update to 1.38.0:
* This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry.
* It also fixes the bug that HTTP/1.1 chunked request stalls.
* Now nghttpx does not log authorization request header field value with -LINFO.
* This release fixes possible backend stall when header and request body are sent in their own packets.
* The backend option gets weight parameter to influence backend selection.
* This release fixes compile error with BoringSSL.
- Add patch from upstream to build with new boost bsc#1134616:
* boost170.patch
- Update to 1.36.0
* build: disable shared library if ENABLE_SHARED_LIB is off
* third-party: use http-parser to v2.9.0 (GH-1294)
* third-party: Update mruby to 2.0.0
* nghttpx: Pool h1 backend connection per address (GH-1292)
* nghttpx: Randomize backend address round robin order per thread
(GH-1291)
* nghttpx: Fix getting long SNs for openssl < 1.1 (GH-1287)
* h2load: add an option to write per-request logs (GH-1256)
* asio: added access to # of the current server port (GH-1257)
- Use multibuild to not pull in python3 in first build, nghttp2
is low in the system
- Update to version 1.35.1:
* nghttpx: Fix broken trailing slash handling (GH-1276)
- Changes for version 1.35:
* build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238)
* lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222)
* src: Require C++14 language feature
* nghttpx: Write mruby send_info early
* nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend
* h2load: Handle HTTP/1 non-final response (GH-1259)
* h2load: Clarify that time for connect includes TLS handshake
- Update to version 1.34.0: (bsc#1112438, FATE#326776)
* lib: Implement RFC 8441 :protocol support
* nghttpx: Add read/write-timeout parameters to backend option
* nghttpx: Fix mruby parameter validation in backend option
* nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2
* nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues
* nghttpx: Update mruby 1.4.1
* nghttpx: Add mruby env.tls_handshake_finished
* nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
* nghttpx: Add RFC 8470 Early-Data header field support
* nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support
- Update to version 1.33.0:
* lib: Tweak nghttp2_session_set_stream_user_data
* lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS.
* lib: Implement ORIGIN frame
* asio: support definition of local endpoint for cleartext
client session
* integration: Remove remaining SPDY code from the integration tests
* nghttpx: Fix worker process crash with neverbleed write error
* nghttpx: Support per-backend mruby script
* nghttpx: Fix stream reset if data from client is arrived before
dconn is attached
- Update to version 1.32.0:
* lib: Ignore all input after calling session_terminate_session
* lib: Fix treatment of padding
* lib: Don't allow 101 HTTP status code because HTTP/2 removes
HTTP Upgrade
* build: add ENABLE_STATIC_LIB option to build static lib
* third-party: Upgrade neverbleed to the latest master
* asio: Support client side SNI
* src: Compile with libressl 2.7.2
* src: Allow building without NPN
* h2load: -r and --duration are mutually exclusive
==== open-vm-tools ====
Version update (10.3.10 -> 11.0.0)
Subpackages: libvmtools0 open-vm-tools-desktop
- Update to 11.0.0 (build 14549424) (boo#1151523)
+ Added appInfo to publish information about running applications inside the
guest.
+ Provided sample tool.conf for ease of administration.
- Updated spec file to build 11.0.0
- Removed libgrabbitmqProxy.so, vmware-guestproxycerttool, and
guestproxy-ssl.conf
- Added %config(noreplace) %{_sysconfdir}/vmware-tools/tools.conf.example
- Drop unnecessary patch:
- gcc9-warnings.patch
==== osinfo-db ====
Version update (20190504 -> 20190905)
- Update database to version 20190905
osinfo-db-20190905.tar.xz
- Update database to version 20190805
osinfo-db-20190805.tar.xz
- Add support for SLE15-SP2
add-sle15sp2-support.patch
- Update database to version 20190726
osinfo-db-20190726.tar.xz
- Drop add-sle15sp1-support.patch
- Update database to version 20190611
osinfo-db-20190611.tar.xz
- Drop add-sle12sp4-support.patch
==== patterns-base ====
Subpackages: patterns-base-32bit patterns-base-apparmor patterns-base-apparmor-32bit patterns-base-apparmor_opt patterns-base-base patterns-base-base-32bit patterns-base-basesystem patterns-base-console patterns-base-enhanced_base patterns-base-enhanced_base-32bit patterns-base-enhanced_base_opt patterns-base-minimal_base patterns-base-minimal_base-32bit patterns-base-sw_management patterns-base-sw_management-32bit patterns-base-transactional_base patterns-base-update_test patterns-base-x11 patterns-base-x11-32bit patterns-base-x11_enhanced patterns-base-x11_enhanced-32bit patterns-base-x11_opt
- Need to explicitly have glibc-locale-base in patterns to make
32bit pattern have it too (boo#1142156).
==== permissions ====
Version update (20181116 -> 20190830)
- Update to version 20190830:
* dumpcap: remove 'other' executable bit because of capabilities (boo#1148788, CVE-2019-3687)
- Update to version 20190829:
* add one more missing slash for icinga2
* fix more missing slashes for directories
- Update to version 20190820:
* cron directory permissions: add slashes
- Update to version 20190711:
* iputils: Add capability permissions for clockdiff (bsc#1140994)
- Update to version 20190710:
* iputils/ping: Drop effective capability
* iputils/ping6: Remove definitions
==== polkit-default-privs ====
Version update (13.2 -> 13.2+20190905.0016c47)
- Update to version 13.2+20190905.0016c47:
* whitelist new systemd-resolved actions (bnc#1149216)
- Update to version 13.2+20190827.0cc2a82:
* make new systemd rules more restrictive (boo#1146300,
boo#1145639)
- Update to version 13.2+20190823.a5f89c3:
* systemd-networkd (boo#1146300)
* systemd-portabled (boo#1145639)
- Update to version 13.2+20190806.841a06b:
* libvirt polkit actions: Additional no:no:no action (bsc#1144077)
- Update to version 13.2+20190801.f0c6234:
* calamares: whitelist pkexec run as root in X11 action
* mousepad: whitelisting of pkexec action (bsc#1143216)
==== python-numpy ====
Version update (1.14.0 -> 1.16.1)
- (jsc#SLE-8532, bsc#1149203) Update to 1.16.1:
- The NumPy 1.16.1 release fixes bugs reported against the
1.16.0 release, and also backports several enhancements from
master that seem appropriate for a release series that is the
last to support Python 2.7. The wheels on PyPI are linked
with OpenBLAS v0.3.4+, which should fix the known threading
issues found in previous OpenBLAS versions.
- Specifically:
- Experimental (opt-in only) support for overriding numpy
functions, see __array_function__ below.
- The matmul function is now a ufunc. This provides better
performance and allows overriding with __array_ufunc__.
- Improved support for the ARM and POWER architectures.
- Improved support for AIX and PyPy.
- Improved interop with ctypes.
- Improved support for PEP 3118.
- Also includes all improvements to 1.15.*, namely:
- NumPy has switched to pytest for testing.
- A new numpy.printoptions context manager.
- Many improvements to the histogram functions.
- Support for unicode field names in python 2.7.
- Improved support for PyPy.
- Fixes and improvements to numpy.einsum.
- Removed CVE-2019-6446_numpy_load.patch, which is included into
the upstream release.
- numpy-1.9.0-remove-__declspec.patch has been refreshed to fit
the current upstream tarball.
==== qpdf ====
Version update (9.0.0 -> 9.0.1)
- Update to version 9.0.1
* Upstream fixed bsc#1150151, removed explicit -fsigned-chars
from CXXFLAGS
* See included ChangeLog file for the complete changelog
==== remmina ====
Version update (1.3.4 -> 1.3.6)
Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp
- Update to new upstream release 1.3.6 (jsc#SLE-9616)
* Fix fullscreen switching
* Fullscreen fixes
* rdpr channel initialization for special devices sharing. Closes #1955
* Fixing remminamain destroy issues
* Makes Rmnews modal to avoid that it steals input to the RCW
* Make some cmake targets optional to avoid packaging isssues
* SNAP fixing dependencies for the plugin WWW
* Updating Remmna icon to the yaru/suru icon set.
* Adding harfbuzz headers, closes #1941
* New stats
* *.md: typo corrections
* Remove G+ from documents
- Removed dependency to NX for remmina-plugin-kwallet.
- Update to new upstream release 1.3.5
* Configurable, human readable profile file names
* A KDE Wallte plugin, that can be used instead of the GNOME Keyring
* Many notable and subtle bugs fixed by Giovanni Panozzo.
* Null pointer reference, RDP issues, remmina connection window fixes and refactoring and many more!!
* Remmina news (and announcements) widget
* Periodically (sporadically) a widget will be shown with news and announcements related to your Remmina version.
* Master password, to protect settings and profiles from unauthorized modifications
* WWW plugin (web browser with authentication for Remmina)
* New color schemes for the SSH plugin.
* Preferences cleaning
* Profile saving bug fixed
* Remmina main UI improvements
* Typographic and wording corrections
- Removed broken telepathy plugin
- New kwallet plugin will be built only on openSUSE and SLE backport
releases.
==== strace ====
Version update (5.2 -> 5.3)
- Update to strace 5.3
* Improvements
* Implemented usage of seccomp-bpf for stopping tracees only for filtered
syscalls. Use --seccomp-bpf option to enable.
* Implemented decoding of pidfd_open and clone3 syscalls.
* Enhanced decoding of io_cancel, io_submit, s390_sthyi, and syslog syscalls.
* Enhanced decoding of NETLINK_ROUTE protocol.
* Implemented decoding of UNIX_DIAG_UID netlink attribute.
* Implemented decoding of WDIOC_* ioctl commands.
* Enchanced syscall count statistics: overhead is now applied per-call,
added ability for sorting on errors field.
* Syscall delay injection and overhead values can now be supplied with
time measure unit suffix and provided in IEEE 754 floating point format.
* Updated lists of AUDIT_*, BPF_*, ETH_*, KEYCTL_*, KVM_*, MAP_*, SO_*, TCP_*, V4L2_*,
XDP_*, and *_MAGIC constants.
* Updated lists of ioctl commands from Linux 5.3.
* Enhanced manual page.
* Bug fixes
* Fixed syscall tampering on arc, avr32, csky, ia64, m68k, metag, mips,
nios2, or1k, riscv, s390, s390x, sparc, sparc64, and tile architectures
when PTRACE_GET_SYSCALL_INFO is in use.
* Fixed decoding of sockaddr_hci (AF_BLUETOOTH) addresses that lack
hci_channel field.
* Fixed evdev ioctl bitset decoding.
* Fixed tests on alpha with Linux kernel headers 5.1+.
* Portability
* Removed support for decoding syscalls in range [1024...1079] on AArch64
architecture as this range has never been implemented in mainline kernel
releases.
==== ucode-intel ====
Version update (20190618 -> 20190918)
- Updated to 20190918 bugfix release (bsc#1151232 bsc#1138185)
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
- --- updated platforms ------------------------------------
BDW-U/Y E0/F0 6-3d-4/c0 0000002d->0000002e Core Gen5
HSX-EX E0 6-3f-4/80 00000014->00000016 Xeon E7 v3
BDW-H/E3 E0/G0 6-47-1/22 00000020->00000021 Core Gen5
BDX-ML B0/M0/R0 6-4f-1/ef 0b000036->0b000038 Xeon E5/E7 v4; Core i7-69xx/68xx
BDX-DE V1 6-56-2/10 0000001a->0000001c Xeon D-1520/40
BDX-DE V2/3 6-56-3/10 07000017->07000019 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
BDX-DE Y0 6-56-4/10 0f000015->0f000017 Xeon D-1557/59/67/71/77/81/87
BDX-NS A0 6-56-5/10 0e00000d->0e00000f Xeon D-1513N/23/33/43/53
SKX-SP H0/M0/U0 6-55-4/b7 0200005e->00000064 Xeon Scalable
SKX-D M1 6-55-4/b7 0200005e->00000064 Xeon D-21xx
CLX-SP B1 6-55-7/bf 05000021->0500002b Xeon Scalable Gen2
==== virt-manager ====
Version update (2.1.0 -> 2.2.1)
Subpackages: virt-install virt-manager-common
- Upstream bug fixes (bsc#1027942)
0c223ab2-guest-Dont-set-default-uefi-if-firmware-is-set.patch
414ffa5e-virt-install-Use-minutes-instead-of-seconds-on-get_time_string.patch
53245827-urlfetcher-Force-a-flush-after-writing-to-a-file.patch
3009888a-urlfetcher-Dont-override-fullurl-when-its-explicitly-set.patch
- bsc#1143315 - virt-manager: Fix detection for SLE15
virtinst-add-sle15-detection-support.patch
virtinst-add-caasp-support.patch
virtinst-detect-oes-distros.patch
virtinst-add-pvh-support.patch
virtinst-s390x-disable-graphics.patch
virtinst-set-qemu-emulator.patch
- Upstream bug fix (bsc#1027942)
3c6e8537-guest-fix-warning-message-when-machine-type-is-changed-for-secure-boot.patch
- Update to virt-manager 2.2.1 (fate#326786)
virt-manager-2.2.1.tar.bz2
* CVE-2019-10183: Replace ?unattended user-password and admin-password with user-password-file and admin-password-file (Fabiano Fidêncio)
* Consistent ?memballoon default across non-x86 (Andrea Bolognani)
* virt-install: add ?numatune memnode.* (Athina Plaskasoviti)
* Drop hard dep on gtksourceview4, gtksourceview3 is fine as well
- Drop patches no longer needed
033e9702-xmleditor-Handle-gtksourceview3-as-well-as-gtksourceview4.patch
51d28f04-unattended-Dont-log-user-admin-passwords.patch
5312a961-virt-install-Revive-wait-0-as-alias-for-noautoconsole.patch
58c68764-unattended-Read-the-passwords-from-a-file.patch
- bsc#1140211 - VUL-1: CVE-2019-10183: virt-manager: unattended
option leaks password via command line argument
58c68764-unattended-Read-the-passwords-from-a-file.patch
51d28f04-unattended-Dont-log-user-admin-passwords.patch
- Upstream bug fix (bsc#1027942)
5312a961-virt-install-Revive-wait-0-as-alias-for-noautoconsole.patch
- Update to virt-manager 2.2.0 (fate#326786)
virt-manager-2.2.0.tar.bz2
* libvirt XML viewing and editing UI for new and existing domain, pools, volumes, networks
* virt-install: libosinfo ?unattended support (Fabiano Fidêncio, Cole Robinson)
* Improve CPU model security defaults (Pavel Hrdina)
* virt-install: new ?install option. Ex: virt-install ?install fedora29
* virt-install: new ?install kernel=,initrd=
* virt-install: ?disk, ?memory, ?name defaults from libosinfo (Fabiano Fidêncio, Cole Robinson)
* virt-install: add device suboption aliases which consistently match libvirt XML naming
* virt-xml: new ?start, ?no-define options (Marc Hartmayer)
* virt-install: Add driver_queues argument to ?controller (Vasudeva Kamath)
* RISC-V support (Andrea Bolognani)
* Device default improvements for non-x86 KVM (Andrea Bolognani)
* Redesigned ?New Network? wizard
* libguestfs inspection improvements (Pino Toscano)
* virt-install: Add support for xenbus controller (Jim Fehlig)
* cli: Add ?disk wwn=,rawio= (Athina Plaskasoviti)
* cli: Add ?memballoon autodeflate=,stats.period= (Athina Plaskasoviti)
* cli: Add ?iothreads (Athina Plaskasoviti)
* cli: Add ?numatune memory.placement (Athina Plaskasoviti)
* cli: Add ?launchSecurity option (Erik Skultety)
* cli: Fill in ?memorybacking options
* cli: ?smartcard: support database= and certificate[0-9]*=
* cli: ?sysinfo: Add chasis suboptions
* cli: ?metadata: add genid= and genid_enable=
* cli: ?vcpus: add vcpus.vcpu[0-9]* config
* cli: fill in all common char source options for ?serial, ?parellel, ?console, ?channel, ?smartcard, ?rng, ?redirdev
033e9702-xmleditor-Handle-gtksourceview3-as-well-as-gtksourceview4.patch
virtman-dont-specify-gtksource-version.patch
- Drop patches no longer needed
f7508d02-addhardware-Fix-setting-optimal-default-net-model.patch
1018ab44-inspection-handle-failures-in-application-listing.patch
ae8a4f3d-engine-Fix-first-run-startup-error.patch
57db4185-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch
26a433fc-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch
4f66c423-cloner-Handle-nonsparse-for-qcow2-images.patch
a02fc0d0-virtManager-clone-build-default-clone-path-if-we-know-how.patch
1856c1fa-support-Fix-minimum-version-check.patch
001-adf30349-cli-refactor-get_prop.patch
002-60c7e778-xmlapi-add-set_prop.patch
003-5bad22e8-tests-Use-get-set_prop.patch
004-ee5f3eab-support-Add-SUPPORT_CONN_DEVICE_BOOT_ORDER.patch
005-7768eb17-cli-Add-check-if-device-boot-order-is-supported.patch
006-ecc0861c-tests-xmlparse-refactor-method-for-generating-out-file-path.patch
007-c9d070da-guest-Add-reorder_boot_order-method.patch
008-1b535940-tests-Add-test-case-for-reorder_boot_order-method.patch
009-b83a0a61-cli-Use-reorder_boot_order-for-setting-the-boot-order.patch
010-c896d19d-tests-cli-Add-boot.order-tests.patch
011-29f9f2ac-virt-xml-Add-no-define-argument.patch
012-c2bff509-tests-cli-Add-test-case-for-no-define-argument.patch
013-90b1a3ab-virt-xml-Add-support-for-starting-the-domain.patch
014-908b8e8d-tests-virt-xml-Add-test-cases-for-start-option.patch
5bc847eb-virt-install-Do-not-warn-about-consoles-on-s390x.patch
74bbc3db-urldetect-Check-also-for-treeinfo.patch
708af01c-osdict-Add-supports_virtioinput.patch
f23b01be-guest-Add-VirtIO-input-devices-to-s390x-guests-with-graphics.patch
7afbb90b-virt-xml-Handle-VM-names-that-look-like-id-uuid.patch
8d9743d6-virt-install-Add-support-for-xenbus-controller.patch
a0ca387a-cli-Fix-pool-default-when-path-belongs-to-another-pool.patch
578451fe-urldetect-Dont-run-regex-against-None-SUSE-product-name.patch
virtman-default-guest-from-host-os.patch
virtman-prevent-double-click-starting-vm-twice.patch
- bsc#1138110 - XEN guest can not be restored from virt-manager
after it is saved
virtman-fix-restore-vm-menu-selection.patch
- Upstream bug fix (bsc#1027942)
578451fe-urldetect-Dont-run-regex-against-None-SUSE-product-name.patch
- Make sure the old qemu-dm is not used for installing VMs. It
can't handle direct kernel boot. (bsc#1125725)
virtinst-set-qemu-emulator.patch
- jsc#SLE-6262, fate#327048: KVM: Boot Configuration Override
001-adf30349-cli-refactor-get_prop.patch
002-60c7e778-xmlapi-add-set_prop.patch
003-5bad22e8-tests-Use-get-set_prop.patch
004-ee5f3eab-support-Add-SUPPORT_CONN_DEVICE_BOOT_ORDER.patch
005-7768eb17-cli-Add-check-if-device-boot-order-is-supported.patch
006-ecc0861c-tests-xmlparse-refactor-method-for-generating-out-file-path.patch
007-c9d070da-guest-Add-reorder_boot_order-method.patch
008-1b535940-tests-Add-test-case-for-reorder_boot_order-method.patch
009-b83a0a61-cli-Use-reorder_boot_order-for-setting-the-boot-order.patch
010-c896d19d-tests-cli-Add-boot.order-tests.patch
011-29f9f2ac-virt-xml-Add-no-define-argument.patch
012-c2bff509-tests-cli-Add-test-case-for-no-define-argument.patch
013-90b1a3ab-virt-xml-Add-support-for-starting-the-domain.patch
014-908b8e8d-tests-virt-xml-Add-test-cases-for-start-option.patch
- Drop unneeded 0003-virtinst-python3-avoid-using-long-type.patch
Drop Requires on python3-six
==== virt-viewer ====
Version update (7.0 -> 8.0)
- Update to 8.0:
- Fix warnings with latest GCC versions
- More strictly filter out non-ISO images in ovirt menu
- Require libgovirt >= 0.3.3
- Require librest >= 0.8
- Support UNIX and TLS URI schemes for spice
- Fix full screen monitor placement under wayland
- Fix command line encoding on Windows
- Ensure VM name is set in window title
- Support unix-path in .vv files
- Support text console windows via VTE
- Add machine power control menu options
- Record full build env in MSI installer
- update virtview-desktop.patch
==== webkit2gtk3 ====
Version update (2.24.2 -> 2.24.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles
- Update to version 2.24.4 (boo#1148931):
+ Updated the user agent string to make happy certain websites
which would claim that the browser being used was unsupported.
+ Improve loading of multimedia streams to avoid memory
exhaustion due to excessive caching.
+ Fix display of documents with MIME type application/xml in the
Web Inspector, when loaded using XmlHttpRequest.
+ Fix a hang while scrolling certain websites which include HLS
video content (Twitter, for example).
+ Fix rounding artifacts in volume levels for media playback.
+ Fix several crashes and rendering issues.
+ Fix the build with video track support disabled.
+ Fix the build with OpenGL support disabled.
+ Fix build issue which would cause media controls to disappear
when Python 3.x was used during the build process.
+ Security fixes: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658,
CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8688.
- Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream.
- Add webkit2gtk3-bwo197558-hang.patch for hang (bwo#197558)
- Drop webkit2gtk3-boo1088932-a11y-state-set.patch: fixed upstream.
- Update to version 2.24.3:
+ Deprecate WebSQL APIs.
+ Make Previous/Next gesture work in RTL mode.
+ Fix content disappearing when using CSS transforms.
+ Fix rendering artifacts in youtube volume button.
+ Fix trapezoid artifact in github comment box.
+ Fix video pause that sometimes caused to skip to finish.
+ Fix volume level changes when playing a video.
+ Fix HLS streams being slow to start.
+ Fix some radio streams that could not be played.
+ Fix the build with older versions of GStreamer.
+ Fix the build with video and audio disabled.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2019-8666, CVE-2019-8673, CVE-2019-8676,
CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690.
+ Updated translations.
- Drop upstream fixed patches:
+ webkit2gtk3-bug196440-build-fix.patch.
+ webkit2gtk3-bug198080-build-fix.patch.
==== yast2 ====
Version update (4.2.21 -> 4.2.23)
Subpackages: yast2-logs
- Use "display_name" tag for the product label, "label" marks a
translatable text (jsc#SLE-7214)
- 4.2.23
- Added support for reading products from control.xml file
(jsc#SLE-7104)
- 4.2.22
==== yast2-country ====
Version update (4.2.4 -> 4.2.5)
Subpackages: yast2-country-data
- Add missing Persian/Farsi language and keyboard layout
(bsc#1092920).
- 4.2.5
==== yast2-installation ====
Version update (4.2.13 -> 4.2.14)
- Support for the online installation medium (jsc#SLE-7214)
- 4.2.14
==== yast2-packager ====
Version update (4.2.25 -> 4.2.27)
- Support for the online installation medium (jsc#SLE-7214)
- 4.2.27
- Properly initialize the used base product name at upgrade
(bsc#1150856)
- 4.2.26
==== yast2-storage-ng ====
Version update (4.2.38 -> 4.2.41)
- Partitioner: allows encrypting volumes using pervasive
encryption (jsc#SLE-7376).
- 4.2.41
- Partitioner: allow creating encrypted swap with random
password (bsc#1088641).
- Partitioner: allow importing mount points from encrypted swap
with random password.
- Storage: fix an encryption type inconsistency (bsc#1151079).
- 4.2.40
- add warning if /boot is on a LUKS2 encrypted partition
- 4.2.39