May 2014 - openSUSE Commits - openSUSE Mailing Lists

commit libreoffice for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package libreoffice for openSUSE:Factory checked in at 2014-05-02 13:53:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libreoffice (Old) and /work/SRC/openSUSE:Factory/.libreoffice.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libreoffice" Changes: -------- --- /work/SRC/openSUSE:Factory/libreoffice/libreoffice.changes 2014-04-16 07:26:49.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libreoffice.new/libreoffice.changes 2014-05-02 13:53:35.000000000 +0200 @@ -1,0 +2,5 @@ +Fri Apr 25 11:42:31 UTC 2014 - tchvatal(a)suse.com + +- After dict redesign depend on correct dict packages. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libreoffice.spec ++++++ --- /var/tmp/diff_new_pack.J99kJl/_old 2014-05-02 13:53:40.000000000 +0200 +++ /var/tmp/diff_new_pack.J99kJl/_new 2014-05-02 13:53:40.000000000 +0200 @@ -694,7 +694,7 @@ # i: additional language added to this package # L: internal (LibreOffice) language code, used in file names # l: language code, e.g., cs -# Mm: mythes dependency +# Mm: myspell dependency # n: language name, e.g., Czech # p: Provides: of libreoffice-l10n # r: comma-separated list of additional requires @@ -705,8 +705,8 @@ # Xx: has autotext definitions # # Example: -# libreoffice-l10n-cs: langpack for Czech lang. Requiring libreoffice-thesaurus-cs: -# %%langpack -l cs -n Czech -m cs +# libreoffice-l10n-cs: langpack for Czech lang. Requiring myspell-cs_CZ: +# %%langpack -l cs -n Czech -m cs_CZ %define langpack(c:Ei:L:l:Mm:n:p:r:S:s:TXx:) \ %define project LibreOffice \ %define lang %{-l:%{-l*}}%{!-l:%{error:Language code not defined}} \ @@ -724,7 +724,7 @@ Requires(postun,): %{name} = %{version} \ Provides: locale(libreoffice:%{lang}) \ BuildArch: noarch \ -%{-m:Requires: libreoffice-thesaurus-%{-m*}}%{!-m:%{-M:Requires: libreoffice-thesaurus-%{lang}}} \ +%{-m:Requires: myspell-%{-m*}}%{!-m:%{-M:Requires: myspell-%{lang}}} \ %{-r:Requires: %{-r*}} \ %{-p:Provides: %{name}-l10n-%{-p*}} \ %{-T: \ @@ -754,80 +754,80 @@ %{expand:%%_link_noarch_files %{pkgname}} \ %{nil} -%langpack -l af -n Afrikaans -%langpack -l ar -n Arabic -s ctl +%langpack -l af -n Afrikaans -m af_ZA +%langpack -l ar -n Arabic -s ctl -m ar %langpack -l as -n Assamese -%langpack -l bg -n Bulgarian -M -T -X -%langpack -l bn -n Bengali -T -%langpack -l br -n Breton -%langpack -l ca -n Catalan -M -T -%langpack -l cs -n Czech -M -T -X +%langpack -l bg -n Bulgarian -T -X -m bg_BG +%langpack -l bn -n Bengali -T -m bn_BD +%langpack -l br -n Breton -m br_FR +%langpack -l ca -n Catalan -T -M +%langpack -l cs -n Czech -T -X -m cs_CZ %langpack -l cy -n Welsh -%langpack -l da -n Danish -M -T -X -%langpack -l de -n German -M -T -X +%langpack -l da -n Danish -T -X -m da_DK +%langpack -l de -n German -T -X -M %langpack -l dz -n Dzongkha -s ctl -T -%langpack -l el -n Greek -M -T -%langpack -l en -n English -m en-US -L en-US -T -X -p en-GB -p en-ZA +%langpack -l el -n Greek -T -m el_GR +%langpack -l en -n English -L en-US -T -X -p en-GB -p en-ZA -M %langpack -l es -n Spanish -M -T -X -%langpack -l et -n Estonian -T +%langpack -l et -n Estonian -T -m et_EE %langpack -l eu -n Basque -T %langpack -l fa -n Farsi -s ctl %langpack -l fi -n Finnish -r libreoffice-voikko -T -%langpack -l fr -n French -M -T -X -%langpack -l ga -n Irish -M -%langpack -l gl -n Galician -T -%langpack -l gu -n Gujarati -s ctl -T -p gu-IN -%langpack -l he -n Hebrew -s ctl -T -%langpack -l hi -n Hindi -s ctl -T -p hi-IN -%langpack -l hr -n Croatian -T -%langpack -l hu -n Hungarian -M -T -X -%langpack -l it -n Italian -M -T -X +%langpack -l fr -n French -T -X -m fr_FR +%langpack -l ga -n Irish +%langpack -l gl -n Galician -T -M +%langpack -l gu -n Gujarati -s ctl -T -p gu-IN -m gu_IN +%langpack -l he -n Hebrew -s ctl -T -m he_IL +%langpack -l hi -n Hindi -s ctl -T -p hi-IN -m hi_IN +%langpack -l hr -n Croatian -T -m hr_HR +%langpack -l hu -n Hungarian -T -X -m hu_HU +%langpack -l it -n Italian -T -X -m it_IT %langpack -l ja -n Japanese -s cjk -T -X %langpack -l kk -n Kazakh %langpack -l kn -n Kannada %langpack -l ko -n Korean -s cjk -T -c korea -X -%langpack -l lt -n Lithuanian -%langpack -l lv -n Latvian +%langpack -l lt -n Lithuanian -m lt_LT +%langpack -l lv -n Latvian -m lv_LV %langpack -l mai -n Maithili %langpack -l ml -n Malayalam %langpack -l mr -n Marathi -%langpack -l nb -n Bokmal -M -T -%langpack -l nl -n Dutch -T -X -%langpack -l nn -n Nynorsk -T +%langpack -l nb -n Bokmal -M -T -m no +%langpack -l nl -n Dutch -T -X -m nl_NL +%langpack -l nn -n Nynorsk -T -m no %define langpack_lang Southern Ndebele %langpack -l nr -n %{langpack_lang} %define langpack_lang Northern Sotho %langpack -l nso -n %{langpack_lang} %langpack -l or -n Odia -s ctl %langpack -l pa -n Punjabi -s ctl -L pa-IN -p pa-IN -%langpack -l pl -n Polish -M -T -X +%langpack -l pl -n Polish -T -X -m pl_PL %define langpack_lang Brazilian Portuguese -%langpack -l pt-BR -n %{langpack_lang} -m pt -p pt_BR -T -X -%langpack -l pt-PT -n Portuguese -m pt -T -L pt -x pt +%langpack -l pt-BR -n %{langpack_lang} -m pt_BR -p pt_BR -T -X +%langpack -l pt-PT -n Portuguese -m pt_PT -T -L pt -x pt %langpack -l ro -n Romanian -M -%langpack -l ru -n Russian -M -T -X -%langpack -l si -n Sinhalese -S ctl -T -%langpack -l sk -n Slovak -M -T -X -%langpack -l sl -n Slovenian -M -T -X -%langpack -l sr -n Serbian -i sr-Latn +%langpack -l ru -n Russian -T -X -m ru_RU +%langpack -l si -n Sinhalese -S ctl -T -m si_LK +%langpack -l sk -n Slovak -T -X -m sk_SK +%langpack -l sl -n Slovenian -T -X -m sl_SI +%langpack -l sr -n Serbian -i sr-Latn -M %langpack -l ss -n Swati %define langpack_lang Southern Sotho %langpack -l st -n %{langpack_lang} -%langpack -l sv -n Swedish -M -T -X +%langpack -l sv -n Swedish -T -X -m sv_SE %langpack -l ta -n Tamil -s ctl -%langpack -l te -n Telugu -%langpack -l th -n Thai -s ctl -c ctlseqcheck_th +%langpack -l te -n Telugu -m te_IN +%langpack -l th -n Thai -s ctl -c ctlseqcheck_th -m th_TH %langpack -l tn -n Tswana %langpack -l tr -n Turkish -T -X %langpack -l ts -n Tsonga -%langpack -l uk -n Ukrainian -T +%langpack -l uk -n Ukrainian -T -m uk_UA %langpack -l ve -n Venda %langpack -l xh -n Xhosa %define langpack_lang Simplified Chinese %langpack -l zh-Hans -n %{langpack_lang} -p zh-CN -s cjk -T -L zh-CN -x zh-CN %define langpack_lang Traditional Chinese %langpack -l zh-Hant -n %{langpack_lang} -p zh-TW -s cjk -T -L zh-TW -x zh-TW -%langpack -l zu -n Zulu +%langpack -l zu -n Zulu -m zu_ZA %undefine langpack_lang %prep -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit patchinfo.2756 for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package patchinfo.2756 for openSUSE:13.1:Update checked in at 2014-05-02 13:52:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.2756 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.2756.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.2756" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo> <issue id="873351" tracker="bnc">VUL-1: CVE-2010-5298: openssl: Use-after-free race condition,in OpenSSL's read buffer</issue> <issue id="CVE-2010-5298" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>shawn2012</packager> <description>A use-after-free race condition in OpenSSL's read buffer was fixed that could cause connections to drop (CVE-2010-5298). </description> <summary>OpenSSL: Fixed a use-after-free race condition in OpenSSL's read buffer. </summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit openssl for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package openssl for openSUSE:13.1:Update checked in at 2014-05-02 13:52:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/openssl (Old) and /work/SRC/openSUSE:13.1:Update/.openssl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "openssl" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ --- /var/tmp/diff_new_pack.i9hxxA/_old 2014-05-02 13:52:16.000000000 +0200 +++ /var/tmp/diff_new_pack.i9hxxA/_new 2014-05-02 13:52:16.000000000 +0200 @@ -1 +1 @@ -<link package='openssl.2741' cicount='copy' /> +<link package='openssl.2756' cicount='copy' /> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit openssl.2756 for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package openssl.2756 for openSUSE:13.1:Update checked in at 2014-05-02 13:52:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/openssl.2756 (Old) and /work/SRC/openSUSE:13.1:Update/.openssl.2756.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "openssl.2756" Changes: -------- New Changes file: --- /dev/null 2014-04-28 00:21:37.460033756 +0200 +++ /work/SRC/openSUSE:13.1:Update/.openssl.2756.new/openssl.changes 2014-05-02 13:52:14.000000000 +0200 @@ -0,0 +1,1587 @@ +------------------------------------------------------------------- +Wed Apr 23 06:11:35 UTC 2014 - citypw(a)gmail.com + +- Fixed bug[ bnc#873351] CVE-2010-5298: openssl: Use-after-free race condition,in OpenSSL's read buffer + Add file: CVE-2010-5298.patch + +------------------------------------------------------------------- +Thu Apr 10 11:16:41 UTC 2014 - shchang(a)suse.com + +- Upgrade to 1.0.1g: + * TLS heartbeat read overrun (CVE-2014-0160) + * Fixed: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2014-0076, CVE-2014-0160 + + Add files: openssl-1.0.1g.tar.gz, openssl-1.0.1g.tar.gz.asc + Delete files: openssl-1.0.1e.tar.gz, openssl-1.0.1e.tar.gz.asc, CVE-2013-4353.patch, + CVE-2013-6449.patch, CVE-2013-6450.patch, CVE-2014-0076.patch, bug-861384-crash_webrtc.patch, + CVE-2014-0160.patch, SSL_get_certificate-broken.patch, openssl-1.0.1e-bnc822642.patch + +------------------------------------------------------------------- +Tue Apr 8 05:20:52 UTC 2014 - shchang(a)suse.com + +- Fixed bug[ bnc#872299] CVE-2014-0160: openssl: missing bounds checks for heartbeat messages + Add file: CVE-2014-0160.patch + +------------------------------------------------------------------- +Tue Mar 25 05:18:20 UTC 2014 - shchang(a)suse.com + +- Fix bug[ bnc#869945] CVE-2014-0076: openssl: Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack + Add file: CVE-2014-0076.patch + +------------------------------------------------------------------- +Sun Jan 26 14:20:30 UTC 2014 - shchang(a)suse.com + +- Fixed bnc#861384, update to openssl-1.0.1e-11.14.1 broke WebRTC functionality in FreeSWITCH + Add file: bug-861384-crash_webrtc.patch +------------------------------------------------------------------- +Wed Jan 8 07:06:36 UTC 2014 - shchang(a)suse.com + +- Fixed bnc#857640, openssl: TLS record tampering issue can lead to OpenSSL crash + Add file: CVE-2013-4353.patch + +------------------------------------------------------------------- +Thu Jan 2 17:13:11 UTC 2014 - shchang(a)suse.com + +- Fixed bnc#857203, openssl: crash in DTLS renegotiation after packet loss + Add file: CVE-2013-6450.patch + +------------------------------------------------------------------- +Sun Dec 22 08:16:16 UTC 2013 - shchang(a)suse.com + +- Fixed bnc#856687, openssl: crash when using TLS 1.2 + Add file: CVE-2013-6449.patch + +------------------------------------------------------------------- +Tue Dec 17 13:57:40 UTC 2013 - meissner(a)suse.com + +- compression_methods_switch.patch: setenv might not be successful + if a surrounding library or application filters it, like e.g. sudo. + As setenv() does not seem to be useful anyway, remove it. + bnc#849377 + +------------------------------------------------------------------- +Fri Sep 27 10:26:43 UTC 2013 - dmacvicar(a)suse.de + +- VPN openconnect problem (DTLS handshake failed) + (git 9fe4603b8, bnc#822642, openssl ticket#2984) + +------------------------------------------------------------------- +Wed Sep 4 18:56:38 UTC 2013 - guillaume(a)opensuse.org + +- Fix armv6l arch (armv7 was previously used to build armv6 which + lead to illegal instruction when used) + +------------------------------------------------------------------- +Mon Aug 12 06:05:03 UTC 2013 - shchang(a)suse.com + +- Fix bug[ bnc#832833] openssl ssl_set_cert_masks() is broken + modify patch file: SSL_get_certificate-broken.patch + +------------------------------------------------------------------- +Fri Aug 9 23:24:14 UTC 2013 - crrodriguez(a)opensuse.org + +- Via padlock is only found in x86 and x86_64 CPUs, remove + the shared module for other archs. + +------------------------------------------------------------------- +Wed Aug 7 18:30:45 UTC 2013 - crrodriguez(a)opensuse.org + +- Cleanup engines that are of no use in a modern linux distro +- The following engines stay: +* libcapi.so --> usable in case you have third party /dev/crypto +* libgmp.so --> may help to doing some maths using GMP +* libgost.so --> implements the GOST block cipher +* libpadlock.so --> VIA padlock support +- Al other are removed because they require third party propietary + shared libraries nowhere to be found or that we can test. + +------------------------------------------------------------------- +Wed Aug 7 18:30:23 UTC 2013 - crrodriguez(a)opensuse.org + +- openssl-pkgconfig.patch: Here we go.. For applications +to benefit fully of features provided by openSSL engines +(rdrand, aes-ni..etc) either builtin or in DSO form applications +have to call ENGINE_load_builtin_engines() or OPENSSL_config() +unfortunately from a total of 68 apps/libraries linked to libcrypto +in a desktop system, only 4 do so, and there is a sea of buggy +code that I dont feel like fixing. +Instead we can pass -DOPENSSL_LOAD_CONF in the pkgconfig files +so the needed operation becomes implicit the next time such apps +are recompiled, see OPENSSL_config(3) +Unfortunately this does not fix everything, because there are apps +not using pkgconfig or using it incorrectly, but it is a good start. + +------------------------------------------------------------------- +Wed Aug 7 09:33:55 UTC 2013 - dmueller(a)suse.com + +- add openssl-1.0.1c-default-paths.patch: + Fix from Fedora for openssl s_client not setting + CApath by default + +------------------------------------------------------------------- +Sat Aug 3 21:15:07 UTC 2013 - crrodriguez(a)opensuse.org + +- 0005-libssl-Hide-library-private-symbols.patch: hide + private symbols, this *only* applies to libssl where + it is straightforward to do so as applications should + not be using any of the symbols declared/defined in headers + that the library does not install. + A separate patch MAY be provided in the future for libcrypto + where things are much more complicated and threfore requires + careful testing. + +------------------------------------------------------------------- +Mon Jul 29 08:06:48 UTC 2013 - meissner(a)suse.com + +- compression_methods_switch.patch: Disable compression by default to + avoid the CRIME attack (CVE-2012-4929 bnc#793420) + + Can be override by setting environment variable + OPENSSL_NO_DEFAULT_ZLIB=no + +------------------------------------------------------------------- +Tue Jul 2 09:02:59 UTC 2013 - lnussel(a)suse.de + +- Don't use the legacy /etc/ssl/certs directory anymore but rather + the p11-kit generated /var/lib/ca-certificates/openssl one + (fate#314991, openssl-1.0.1e-truststore.diff) + +------------------------------------------------------------------- +Sat Jun 29 22:47:54 UTC 2013 - crrodriguez(a)opensuse.org + +- Build enable-ec_nistp_64_gcc_128, ecdh is many times faster + but only works in x86_64. + According to the openSSL team +"it is superior to the default in multiple regards (speed, and also +security as the new implementations are secure against timing +attacks)" +It is not enabled by default due to the build system being unable +to detect if the compiler supports __uint128_t. + +------------------------------------------------------------------- +Thu Jun 20 07:58:33 UTC 2013 - coolo(a)suse.com + +- pick openssl-fix-pod-syntax.diff out of the upstream RT to fix + build with perl 5.18 + +------------------------------------------------------------------- +Sat May 25 10:10:07 UTC 2013 - i(a)marguerite.su + +- add %if tag for BuildArch. sles may also need latest openssl. + +------------------------------------------------------------------- +Fri Feb 22 16:00:16 UTC 2013 - dmueller(a)suse.com + +- disable fstack-protector on aarch64 + +------------------------------------------------------------------- +Tue Feb 12 00:08:06 UTC 2013 - hrvoje.senjan(a)gmail.com + +- Update to 1.0.1e + o Bugfix release (bnc#803004) +- Drop openssl-1.0.1d-s3-packet.patch, included upstream + +------------------------------------------------------------------- +Sun Feb 10 20:33:51 UTC 2013 - hrvoje.senjan(a)gmail.com + +- Added openssl-1.0.1d-s3-packet.patch from upstream, fixes + bnc#803004, openssl ticket#2975 + +------------------------------------------------------------------- +Tue Feb 5 16:00:17 UTC 2013 - meissner(a)suse.com + +- update to version 1.0.1d, fixing security issues + o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. + o Include the fips configuration module. + o Fix OCSP bad key DoS attack CVE-2013-0166 + o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 ++++ 1390 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.openssl.2756.new/openssl.changes New: ---- 0005-libssl-Hide-library-private-symbols.patch CVE-2010-5298.patch README.SuSE VIA_padlock_support_on_64systems.patch baselibs.conf bug610223.patch compression_methods_switch.patch merge_from_0.9.8k.patch openssl-1.0.0-c_rehash-compat.diff openssl-1.0.1c-default-paths.patch openssl-1.0.1e-truststore.diff openssl-1.0.1g.tar.gz openssl-1.0.1g.tar.gz.asc openssl-fix-pod-syntax.diff openssl-ocloexec.patch openssl-pkgconfig.patch openssl.changes openssl.spec openssl.test ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ # # spec file for package openssl # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: openssl BuildRequires: bc BuildRequires: ed BuildRequires: pkg-config BuildRequires: zlib-devel %define ssletcdir %{_sysconfdir}/ssl #%define num_version %(echo "%{version}" | sed -e "s+[a-zA-Z]++g; s+_.*++g") %define num_version 1.0.0 Provides: ssl # bug437293 %ifarch ppc64 Obsoletes: openssl-64bit %endif Version: 1.0.1g Release: 0 Summary: Secure Sockets and Transport Layer Security License: OpenSSL Group: Productivity/Networking/Security Url: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.gz Source42: http://www.%{name}.org/source/%{name}-%{version}.tar.gz.asc # to get mtime of file: Source1: openssl.changes Source2: baselibs.conf Source10: README.SuSE Patch0: merge_from_0.9.8k.patch Patch1: openssl-1.0.0-c_rehash-compat.diff Patch2: bug610223.patch Patch3: openssl-ocloexec.patch Patch4: VIA_padlock_support_on_64systems.patch # PATCH-FIX-UPSTREAM http://rt.openssl.org/Ticket/Attachment/WithHeaders/20049 Patch5: openssl-fix-pod-syntax.diff Patch6: openssl-1.0.1e-truststore.diff Patch7: compression_methods_switch.patch Patch8: 0005-libssl-Hide-library-private-symbols.patch Patch9: openssl-1.0.1c-default-paths.patch Patch10: openssl-pkgconfig.patch Patch11: CVE-2010-5298.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. Derivation and License OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get it and to use it for commercial and noncommercial purposes. %package -n libopenssl1_0_0 Summary: Secure Sockets and Transport Layer Security Group: Productivity/Networking/Security Recommends: openssl-certs # bug437293 %ifarch ppc64 Obsoletes: openssl-64bit %endif # %description -n libopenssl1_0_0 The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. Derivation and License OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get it and to use it for commercial and noncommercial purposes. %package -n libopenssl-devel Summary: Include Files and Libraries mandatory for Development Group: Development/Libraries/C and C++ Obsoletes: openssl-devel < %{version} Requires: %name = %version Requires: libopenssl1_0_0 = %{version} Requires: zlib-devel Provides: openssl-devel = %{version} # bug437293 %ifarch ppc64 Obsoletes: openssl-devel-64bit %endif # %description -n libopenssl-devel This package contains all necessary include files and libraries needed to develop applications that require these. %package doc Summary: Additional Package Documentation Group: Productivity/Networking/Security %if 0%{?suse_version} >= 1140 BuildArch: noarch %endif %description doc This package contains optional documentation provided in addition to this package's base documentation. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 cp -p %{S:10} . echo "adding/overwriting some entries in the 'table' hash in Configure" # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::' cat <<EOF_ED | ed -s Configure /^); - i # # local configuration added from specfile # ... MOST of those are now correct in openssl's Configure already, # so only add them for new ports! # #config-string, $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib #"linux-elf", "gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG \${x86_gcc_des} \${x86_gcc_opts}:\${x86_elf_asm}:$DSO_SCHEME:", #"linux-ia64", "gcc:-DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:\${ia64_asm}: $DSO_SCHEME:", #"linux-ppc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:", #"linux-ppc64", "gcc:-DB_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", "linux-elf-arm","gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:", "linux-mips", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:", "linux-sparcv7","gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:\${no_asm}: $DSO_SCHEME:", #"linux-sparcv8","gcc:-DB_ENDIAN -DBN_DIV2W -mv8 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::::: $DSO_SCHEME:", #"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", #"linux-s390", "gcc:-DB_ENDIAN ::(unknown): :-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:", #"linux-s390x", "gcc:-DB_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", "linux-parisc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL DES_RISC1:\${no_asm}: $DSO_SCHEME:", . wq EOF_ED # fix ENGINESDIR path sed -i 's,/lib/engines,/%_lib/engines,' Configure # Record mtime of changes file instead of build time CHANGES=`stat --format="%y" %SOURCE1` sed -i -e "s|#define DATE $.*$.LC_ALL.*date.|#define DATE \1$CHANGES|" crypto/Makefile %build %ifarch armv5el armv5tel export MACHINE=armv5el %endif %ifarch armv6l armv6hl export MACHINE=armv6l %endif ./config --test-sanity # config_flags="threads shared no-rc5 no-idea \ %ifarch x86_64 enable-ec_nistp_64_gcc_128 \ %endif enable-camellia \ zlib \ --prefix=%{_prefix} \ --libdir=%{_lib} \ --openssldir=%{ssletcdir} \ $RPM_OPT_FLAGS -std=gnu99 \ -Wa,--noexecstack \ -fomit-frame-pointer \ -DTERMIO \ -DPURIFY \ -DSSL_FORBID_ENULL \ -D_GNU_SOURCE \ $(getconf LFS_CFLAGS) \ %ifnarch hppa aarch64 -Wall \ -fstack-protector " %else -Wall " %endif # #%{!?do_profiling:%define do_profiling 0} #%if %do_profiling # # generate feedback # ./config $config_flags # make depend CC="gcc %cflags_profile_generate" # make CC="gcc %cflags_profile_generate" # LD_LIBRARY_PATH=`pwd` make rehash CC="gcc %cflags_profile_generate" # LD_LIBRARY_PATH=`pwd` make test CC="gcc %cflags_profile_generate" # LD_LIBRARY_PATH=`pwd` apps/openssl speed # make clean # # compile with feedback # # but not if it makes a cipher slower: # #find crypto/aes -name '*.da' | xargs -r rm # ./config $config_flags %cflags_profile_feedback # make depend # make # LD_LIBRARY_PATH=`pwd` make rehash # LD_LIBRARY_PATH=`pwd` make test #%else # OpenSSL relies on uname -m (not good). Thus that little sparc line. ./config \ %ifarch sparc64 linux64-sparcv9 \ %endif $config_flags make depend make LD_LIBRARY_PATH=`pwd` make rehash %ifnarch armv4l LD_LIBRARY_PATH=`pwd` make test %endif #%endif # show settings make TABLE echo $RPM_OPT_FLAGS eval $(egrep PLATFORM='[[:alnum:]]' Makefile) grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE %install rm -rf $RPM_BUILD_ROOT make MANDIR=%{_mandir} INSTALL_PREFIX=$RPM_BUILD_ROOT install install -d -m755 $RPM_BUILD_ROOT%{ssletcdir}/certs ln -sf ./%{name} $RPM_BUILD_ROOT/%{_includedir}/ssl mkdir $RPM_BUILD_ROOT/%{_datadir}/ssl mv $RPM_BUILD_ROOT/%{ssletcdir}/misc $RPM_BUILD_ROOT/%{_datadir}/ssl/ # ln -s %{ssletcdir}/certs $RPM_BUILD_ROOT/%{_datadir}/ssl/certs # ln -s %{ssletcdir}/private $RPM_BUILD_ROOT/%{_datadir}/ssl/private # ln -s %{ssletcdir}/openssl.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf # # avoid file conflicts with man pages from other packages # pushd $RPM_BUILD_ROOT/%{_mandir} # some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check. # replace spaces by underscores #for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) } for i in man?/*; do if test -L $i ; then LDEST=`readlink $i` rm -f $i ${i}ssl ln -sf ${LDEST}ssl ${i}ssl else mv $i ${i}ssl fi case `basename ${i%.*}` in asn1parse|ca|config|crl|crl2pkcs7|crypto|dgst|dhparam|dsa|dsaparam|enc|gendsa|genrsa|nseq|openssl|passwd|pkcs12|pkcs7|pkcs8|rand|req|rsa|rsautl|s_client|s_server|smime|spkac|ssl|verify|version|x509) # these are the pages mentioned in openssl(1). They go into the main package. echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist;; *) # the rest goes into the openssl-doc package. echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;; esac done popd # # check wether some shared library has been installed # ls -l $RPM_BUILD_ROOT%{_libdir} test -f $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version} test -f $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version} test -L $RPM_BUILD_ROOT%{_libdir}/libssl.so test -L $RPM_BUILD_ROOT%{_libdir}/libcrypto.so # # see what we've got # cat > showciphers.c <<EOF #include <openssl/err.h> #include <openssl/ssl.h> int main(){ unsigned int i; SSL_CTX *ctx; SSL *ssl; SSL_METHOD *meth; meth = SSLv23_client_method(); SSLeay_add_ssl_algorithms(); ctx = SSL_CTX_new(meth); if (ctx == NULL) return 0; ssl = SSL_new(ctx); if (!ssl) return 0; for (i=0; ; i++) { int j, k; SSL_CIPHER *sc; sc = (meth->get_cipher)(i); if (!sc) break; k = SSL_CIPHER_get_bits(sc, &j); printf("%s\n", sc->name); } return 0; }; EOF gcc $RPM_OPT_FLAGS -I${RPM_BUILD_ROOT}%{_includedir} -c showciphers.c gcc -o showciphers showciphers.o -L${RPM_BUILD_ROOT}%{_libdir} -lssl -lcrypto LD_LIBRARY_PATH=${RPM_BUILD_ROOT}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true cat AVAILABLE_CIPHERS # Do not install demo scripts executable under /usr/share/doc find demos -type f -perm /111 -exec chmod 644 {} \; #process openssllib mkdir $RPM_BUILD_ROOT/%{_lib} mv $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/ mv $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/ mv $RPM_BUILD_ROOT%{_libdir}/engines $RPM_BUILD_ROOT/%{_lib}/ cd $RPM_BUILD_ROOT%{_libdir}/ ln -sf /%{_lib}/libssl.so.%{num_version} ./libssl.so ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so for engine in 4758cca atalla nuron sureware ubsec cswift chil aep; do rm %{buildroot}/%{_lib}/engines/lib$engine.so done %ifnarch %{ix86} x86_64 rm %{buildroot}/%{_lib}/engines/libpadlock.so %endif %clean if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi %post -n libopenssl1_0_0 -p /sbin/ldconfig %postun -n libopenssl1_0_0 -p /sbin/ldconfig %files -n libopenssl1_0_0 %defattr(-, root, root) /%{_lib}/libssl.so.%{num_version} /%{_lib}/libcrypto.so.%{num_version} /%{_lib}/engines %files -n libopenssl-devel %defattr(-, root, root) %{_includedir}/%{name}/ %{_includedir}/ssl %exclude %{_libdir}/libcrypto.a %exclude %{_libdir}/libssl.a %{_libdir}/libssl.so %{_libdir}/libcrypto.so %_libdir/pkgconfig/libcrypto.pc %_libdir/pkgconfig/libssl.pc %_libdir/pkgconfig/openssl.pc %files doc -f filelist.doc %defattr(-, root, root) %doc doc/* demos %doc showciphers.c %files -f filelist %defattr(-, root, root) %doc CHANGE* INSTAL* AVAILABLE_CIPHERS %doc LICENSE NEWS README README.SuSE %dir %{ssletcdir} %dir %{ssletcdir}/certs %config (noreplace) %{ssletcdir}/openssl.cnf %attr(700,root,root) %{ssletcdir}/private %dir %{_datadir}/ssl %{_datadir}/ssl/misc %{_bindir}/c_rehash %{_bindir}/%{name} %changelog ++++++ 0005-libssl-Hide-library-private-symbols.patch ++++++ >From 89d5aecbc62842651cf22e48c405eb435feb0df3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez(a)opensuse.org> Date: Wed, 24 Jul 2013 23:29:05 -0400 Subject: [PATCH 5/5] libssl: Hide library private symbols This patch only contains the libssl part (the easy one) patch to libcrypto will follow after it is complete and good enough. It hides all the library symbols that are not part of the public API/ABI when GCC 4 or later is used. --- ssl/kssl_lcl.h | 9 +++++++++ ssl/ssl_locl.h | 8 ++++++++ 2 files changed, 17 insertions(+) Index: openssl-1.0.1g/ssl/kssl_lcl.h =================================================================== --- openssl-1.0.1g.orig/ssl/kssl_lcl.h +++ openssl-1.0.1g/ssl/kssl_lcl.h @@ -61,6 +61,10 @@ #include <openssl/kssl.h> +#if defined(__GNUC__) && __GNUC__ >= 4 +#pragma GCC visibility push(hidden) +#endif + #ifndef OPENSSL_NO_KRB5 #ifdef __cplusplus @@ -84,4 +88,9 @@ int kssl_tgt_is_available(KSSL_CTX *kssl } #endif #endif /* OPENSSL_NO_KRB5 */ + +#if defined(__GNUC__) && __GNUC__ >= 4 +#pragma GCC visibility pop +#endif + #endif /* KSSL_LCL_H */ Index: openssl-1.0.1g/ssl/ssl_locl.h =================================================================== --- openssl-1.0.1g.orig/ssl/ssl_locl.h +++ openssl-1.0.1g/ssl/ssl_locl.h @@ -165,6 +165,10 @@ #include <openssl/ssl.h> #include <openssl/symhacks.h> +#if defined(__GNUC__) && __GNUC__ >= 4 +#pragma GCC visibility push(hidden) +#endif + #ifdef OPENSSL_BUILD_SHLIBSSL # undef OPENSSL_EXTERN # define OPENSSL_EXTERN OPENSSL_EXPORT @@ -1174,4 +1178,8 @@ void tls_fips_digest_extra( const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx, const unsigned char *data, size_t data_len, size_t orig_len); +#if defined(__GNUC__) && __GNUC__ >= 4 +#pragma GCC visibility pop +#endif + #endif ++++++ CVE-2010-5298.patch ++++++ Index: openssl-1.0.1g/ssl/s3_pkt.c =================================================================== --- openssl-1.0.1g.orig/ssl/s3_pkt.c +++ openssl-1.0.1g/ssl/s3_pkt.c @@ -1055,7 +1055,7 @@ start: { s->rstate=SSL_ST_READ_HEADER; rr->off=0; - if (s->mode & SSL_MODE_RELEASE_BUFFERS) + if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) ssl3_release_read_buffer(s); } } ++++++ README.SuSE ++++++ Please note that the man pages for the openssl libraries and tools have been placed in a package on its own right: openssl-doc Please install the openssl-doc package if you need the man pages, HTML documentation or sample C programs. The C header files and static libraries have also been extracted, they can now be found in the openssl-devel package. Your SuSE Team. ++++++ VIA_padlock_support_on_64systems.patch ++++++ Index: openssl-1.0.1c/engines/e_padlock.c =================================================================== --- openssl-1.0.1c.orig/engines/e_padlock.c +++ openssl-1.0.1c/engines/e_padlock.c @@ -101,7 +101,10 @@ compiler choice is limited to GCC and Microsoft C. */ #undef COMPILE_HW_PADLOCK #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM) -# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \ +# if (defined(__GNUC__) && __GNUC__>=2 && \ + (defined(__i386__) || defined(__i386) || \ + defined(__x86_64__) || defined(__x86_64)) \ + ) || \ (defined(_MSC_VER) && defined(_M_IX86)) # define COMPILE_HW_PADLOCK # endif @@ -304,6 +307,7 @@ static volatile struct padlock_cipher_da * ======================================================= */ #if defined(__GNUC__) && __GNUC__>=2 +#if defined(__i386__) || defined(__i386) /* * As for excessive "push %ebx"/"pop %ebx" found all over. * When generating position-independent code GCC won't let @@ -383,21 +387,6 @@ padlock_available(void) return padlock_use_ace + padlock_use_rng; } -#ifndef OPENSSL_NO_AES -/* Our own htonl()/ntohl() */ -static inline void -padlock_bswapl(AES_KEY *ks) -{ - size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); - unsigned int *key = ks->rd_key; - - while (i--) { - asm volatile ("bswapl %0" : "+r"(*key)); - key++; - } -} -#endif - /* Force key reload from memory to the CPU microcode. Loading EFLAGS from the stack clears EFLAGS[30] which does the trick. */ @@ -456,11 +445,130 @@ static inline void *name(size_t cnt, \ return iv; \ } + +#endif + +#elif defined(__x86_64__) || defined(__x86_64) + +/* Load supported features of the CPU to see if + the PadLock is available. */ + static int +padlock_available(void) +{ + char vendor_string[16]; + unsigned int eax, edx; + + /* Are we running on the Centaur (VIA) CPU? */ + eax = 0x00000000; + vendor_string[12] = 0; + asm volatile ( + "cpuid\n" + "movl %%ebx,(%1)\n" + "movl %%edx,4(%1)\n" + "movl %%ecx,8(%1)\n" + : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx"); + if (strcmp(vendor_string, "CentaurHauls") != 0) + return 0; + + /* Check for Centaur Extended Feature Flags presence */ + eax = 0xC0000000; + asm volatile ("cpuid" + : "+a"(eax) : : "rbx", "rcx", "rdx"); + if (eax < 0xC0000001) + return 0; + + /* Read the Centaur Extended Feature Flags */ + eax = 0xC0000001; + asm volatile ("cpuid" + : "+a"(eax), "=d"(edx) : : "rbx", "rcx"); + + /* Fill up some flags */ + padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); + padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); + + return padlock_use_ace + padlock_use_rng; +} + +/* Force key reload from memory to the CPU microcode. + Loading EFLAGS from the stack clears EFLAGS[30] + which does the trick. */ + static inline void +padlock_reload_key(void) +{ + asm volatile ("pushfq; popfq"); +} + +#ifndef OPENSSL_NO_AES +/* + * This is heuristic key context tracing. At first one + * believes that one should use atomic swap instructions, + * but it's not actually necessary. Point is that if + * padlock_saved_context was changed by another thread + * after we've read it and before we compare it with cdata, + * our key *shall* be reloaded upon thread context switch + * and we are therefore set in either case... + */ + static inline void +padlock_verify_context(struct padlock_cipher_data *cdata) +{ + asm volatile ( + "pushfq\n" + " btl $30,(%%rsp)\n" + " jnc 1f\n" + " cmpq %2,%1\n" + " je 1f\n" + " popfq\n" + " subq $8,%%rsp\n" + "1: addq $8,%%rsp\n" + " movq %2,%0" + :"+m"(padlock_saved_context) + : "r"(padlock_saved_context), "r"(cdata) : "cc"); +} + +/* Template for padlock_xcrypt_* modes */ +/* BIG FAT WARNING: + * The offsets used with 'leal' instructions + * describe items of the 'padlock_cipher_data' + * structure. + */ +#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \ + static inline void *name(size_t cnt, \ + struct padlock_cipher_data *cdata, \ + void *out, const void *inp) \ +{ void *iv; \ + asm volatile ( "leaq 16(%0),%%rdx\n" \ + " leaq 32(%0),%%rbx\n" \ + rep_xcrypt "\n" \ + : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ + : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ + : "rbx", "rdx", "cc", "memory"); \ + return iv; \ +} +#endif + +#endif /* cpu */ + +#ifndef OPENSSL_NO_AES + + /* Generate all functions with appropriate opcodes */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */ + +/* Our own htonl()/ntohl() */ +static inline void +padlock_bswapl(AES_KEY *ks) +{ + size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); + unsigned int *key = ks->rd_key; + + while (i--) { + asm volatile ("bswapl %0" : "+r"(*key)); + key++; + } +} #endif /* The RNG call itself */ @@ -491,8 +599,8 @@ padlock_xstore(void *addr, unsigned int static inline unsigned char * padlock_memcpy(void *dst,const void *src,size_t n) { - long *d=dst; - const long *s=src; + size_t *d=dst; + const size_t *s=src; n /= sizeof(*d); do { *d++ = *s++; } while (--n); Index: openssl-1.0.1c/engines/e_padlock.c =================================================================== --- openssl-1.0.1c.orig/engines/e_padlock.c +++ openssl-1.0.1c/engines/e_padlock.c @@ -457,30 +457,33 @@ padlock_available(void) { char vendor_string[16]; unsigned int eax, edx; + size_t scratch; /* Are we running on the Centaur (VIA) CPU? */ eax = 0x00000000; vendor_string[12] = 0; asm volatile ( + "movq %%rbx,%1\n" "cpuid\n" - "movl %%ebx,(%1)\n" - "movl %%edx,4(%1)\n" - "movl %%ecx,8(%1)\n" - : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx"); + "movl %%ebx,(%2)\n" + "movl %%edx,4(%2)\n" + "movl %%ecx,8(%2)\n" + "movq %1,%%rbx" + : "+a"(eax), "=&r"(scratch) : "r"(vendor_string) : "rcx", "rdx"); if (strcmp(vendor_string, "CentaurHauls") != 0) return 0; /* Check for Centaur Extended Feature Flags presence */ eax = 0xC0000000; - asm volatile ("cpuid" - : "+a"(eax) : : "rbx", "rcx", "rdx"); + asm volatile ("movq %%rbx,%1; cpuid; movq %1,%%rbx" + : "+a"(eax), "=&r"(scratch) : : "rcx", "rdx"); if (eax < 0xC0000001) return 0; /* Read the Centaur Extended Feature Flags */ eax = 0xC0000001; - asm volatile ("cpuid" - : "+a"(eax), "=d"(edx) : : "rbx", "rcx"); + asm volatile ("movq %%rbx,%2; cpuid; movq %2,%%rbx" + : "+a"(eax), "=d"(edx), "=&r"(scratch) : : "rcx"); /* Fill up some flags */ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); @@ -536,12 +539,15 @@ padlock_verify_context(struct padlock_ci struct padlock_cipher_data *cdata, \ void *out, const void *inp) \ { void *iv; \ - asm volatile ( "leaq 16(%0),%%rdx\n" \ + size_t scratch; \ + asm volatile ( "movq %%rbx,%4\n" \ + " leaq 16(%0),%%rdx\n" \ " leaq 32(%0),%%rbx\n" \ rep_xcrypt "\n" \ - : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ + " movq %4,%%rbx" \ + : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp), "=&r"(scratch) \ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ - : "rbx", "rdx", "cc", "memory"); \ + : "rdx", "cc", "memory"); \ return iv; \ } #endif ++++++ baselibs.conf ++++++ libopenssl1_0_0 obsoletes "openssl-<targettype> <= <version>" libopenssl-devel requires -libopenssl-<targettype> requires "libopenssl1_0_0-<targettype> = <version>" ++++++ bug610223.patch ++++++ Index: openssl-1.0.1g/Configure =================================================================== --- openssl-1.0.1g.orig/Configure +++ openssl-1.0.1g/Configure @@ -1804,7 +1804,8 @@ while (<IN>) } elsif (/^#define\s+ENGINESDIR/) { - my $foo = "$prefix/$libdir/engines"; + #my $foo = "$prefix/$libdir/engines"; + my $foo = "/$libdir/engines"; $foo =~ s/\\/\\\\/g; print OUT "#define ENGINESDIR \"$foo\"\n"; } ++++++ compression_methods_switch.patch ++++++ Index: openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod =================================================================== --- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod +++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod @@ -41,6 +41,24 @@ of compression methods supported on a pe The OpenSSL library has the compression methods B<COMP_rle()> and (when especially enabled during compilation) B<COMP_zlib()> available. +And, there is an environment variable to switch the compression +methods off and on. In default the compression is off to mitigate +the so called CRIME attack ( CVE-2012-4929). If you want to enable +compression again set OPENSSL_NO_DEFAULT_ZLIB to "no". + +The variable can be switched on and off at runtime; when this variable +is set "no" compression is enabled, otherwise no, for example: + +in shell 'export OPENSSL_NO_DEFAULT_ZLIB=no' +or in C to call +int setenv(const char *name, const char *value, int overwrite); and +int unsetenv(const char *name); + +Note: This reverts the behavior of the variable as it was before! + +And pay attention that this freaure is temporary, it maybe changed by +the following updates. + =head1 WARNINGS Once the identities of the compression methods for the TLS protocol have Index: openssl-1.0.1e/ssl/ssl_ciph.c =================================================================== --- openssl-1.0.1e.orig/ssl/ssl_ciph.c +++ openssl-1.0.1e/ssl/ssl_ciph.c @@ -452,10 +452,16 @@ static void load_builtin_compressions(vo if (ssl_comp_methods == NULL) { SSL_COMP *comp = NULL; + const char *nodefaultzlib; MemCheck_off(); ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp); - if (ssl_comp_methods != NULL) + + /* The default is "no" compression to avoid CRIME/BEAST */ + nodefaultzlib = getenv("OPENSSL_NO_DEFAULT_ZLIB"); + if ( ssl_comp_methods != NULL && + nodefaultzlib && + strncmp( nodefaultzlib, "no", 2) == 0) { comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); if (comp != NULL) ++++++ merge_from_0.9.8k.patch ++++++ Index: openssl-1.0.1g/Configure =================================================================== --- openssl-1.0.1g.orig/Configure +++ openssl-1.0.1g/Configure @@ -933,7 +933,7 @@ PROCESS_ARGS: } else { - die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + warn "target already defined - $target (offending arg: $_)\n" if ($target ne ""); $target=$_; } @@ -1206,7 +1206,7 @@ if ($target =~ /^mingw/ && `$cc --target my $no_shared_warn=0; my $no_user_cflags=0; -if ($flags ne "") { $cflags="$flags$cflags"; } +if ($flags ne "") { $cflags="$cflags $flags"; } else { $no_user_cflags=1; } # Kerberos settings. The flavor must be provided from outside, either through Index: openssl-1.0.1g/config =================================================================== --- openssl-1.0.1g.orig/config +++ openssl-1.0.1g/config @@ -573,7 +573,8 @@ case "$GUESSOS" in options="$options -arch%20${MACHINE}" OUT="iphoneos-cross" ;; alpha-*-linux2) - ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo` + #ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo` + ISA=EV56 case ${ISA:-generic} in *[678]) OUT="linux-alpha+bwx-$CC" ;; *) OUT="linux-alpha-$CC" ;; @@ -593,7 +594,8 @@ case "$GUESSOS" in echo " You have about 5 seconds to press Ctrl-C to abort." (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 fi - OUT="linux-ppc" + # we have the target and force it here + OUT="linux-ppc64" ;; ppc-*-linux2) OUT="linux-ppc" ;; ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;; @@ -614,10 +616,10 @@ case "$GUESSOS" in sparc-*-linux2) KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo` case ${KARCH:-sun4} in - sun4u*) OUT="linux-sparcv9" ;; - sun4m) OUT="linux-sparcv8" ;; - sun4d) OUT="linux-sparcv8" ;; - *) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; +# sun4u*) OUT="linux-sparcv9" ;; +# sun4m) OUT="linux-sparcv8" ;; +# sun4d) OUT="linux-sparcv8" ;; + *) OUT="linux-sparcv8" ;; esac ;; parisc*-*-linux2) # 64-bit builds under parisc64 linux are not supported and @@ -636,7 +638,11 @@ case "$GUESSOS" in # PA8500 -> 8000 (2.0) # PA8600 -> 8000 (2.0) - CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8.00/8000/'` + # CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8?00/8000/'` + # lets have CPUSCHEDULE for 1.1: + CPUSCHEDULE=7100LC + # we want to support 1.1 CPUs as well: + CPUARCH=1.1 # Finish Model transformations options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH" ++++++ openssl-1.0.0-c_rehash-compat.diff ++++++ >From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <ludwig.nussel(a)suse.de> Date: Wed, 21 Apr 2010 15:52:10 +0200 Subject: [PATCH] also create old hash for compatibility --- tools/c_rehash.in | 8 +++++++- 1 files changed, 7 insertions(+), 1 deletions(-) diff --git a/tools/c_rehash.in b/tools/c_rehash.in index bfc4a69..f8d0ce1 100644 --- a/tools/c_rehash.in +++ b/tools/c_rehash.in @@ -83,6 +83,7 @@ sub hash_dir { next; } link_hash_cert($fname) if($cert); + link_hash_cert_old($fname) if($cert); link_hash_crl($fname) if($crl); } } @@ -116,8 +117,9 @@ sub check_file { sub link_hash_cert { my $fname = $_[0]; + my $hashopt = $_[1] || '-subject_hash'; $fname =~ s/'/'\\''/g; - my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`; + my ($hash, $fprint) = `"$openssl" x509 $hashopt -fingerprint -noout -in "$fname"`; chomp $hash; chomp $fprint; $fprint =~ s/^.*=//; @@ -147,6 +149,10 @@ sub link_hash_cert { $hashlist{$hash} = $fprint; } +sub link_hash_cert_old { + link_hash_cert($_[0], '-subject_hash_old'); +} + # Same as above except for a CRL. CRL links are of the form <hash>.r<n> sub link_hash_crl { -- 1.6.4.2 ++++++ openssl-1.0.1c-default-paths.patch ++++++ Index: openssl-1.0.1g/apps/s_client.c =================================================================== --- openssl-1.0.1g.orig/apps/s_client.c +++ openssl-1.0.1g/apps/s_client.c @@ -1174,12 +1174,19 @@ bad: if (!set_cert_key_stuff(ctx,cert,key)) goto end; - if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(ctx))) + if (CAfile == NULL && CApath == NULL) { - /* BIO_printf(bio_err,"error setting default verify locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ + if (!SSL_CTX_set_default_verify_paths(ctx)) + { + ERR_print_errors(bio_err); + } + } + else + { + if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) + { + ERR_print_errors(bio_err); + } } #ifndef OPENSSL_NO_TLSEXT Index: openssl-1.0.1g/apps/s_server.c =================================================================== --- openssl-1.0.1g.orig/apps/s_server.c +++ openssl-1.0.1g/apps/s_server.c @@ -1572,13 +1572,21 @@ bad: } #endif - if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(ctx))) + if (CAfile == NULL && CApath == NULL) { - /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ + if (!SSL_CTX_set_default_verify_paths(ctx)) + { + ERR_print_errors(bio_err); + } + } + else + { + if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) + { + ERR_print_errors(bio_err); + } } + if (vpm) SSL_CTX_set1_param(ctx, vpm); @@ -1629,8 +1637,11 @@ bad: else SSL_CTX_sess_set_cache_size(ctx2,128); - if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(ctx2))) + if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) + { + ERR_print_errors(bio_err); + } + if (!SSL_CTX_set_default_verify_paths(ctx2)) { ERR_print_errors(bio_err); } Index: openssl-1.0.1g/apps/s_time.c =================================================================== --- openssl-1.0.1g.orig/apps/s_time.c +++ openssl-1.0.1g/apps/s_time.c @@ -373,12 +373,19 @@ int MAIN(int argc, char **argv) SSL_load_error_strings(); - if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(tm_ctx))) + if (CAfile == NULL && CApath == NULL) { - /* BIO_printf(bio_err,"error setting default verify locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ + if (!SSL_CTX_set_default_verify_paths(tm_ctx)) + { + ERR_print_errors(bio_err); + } + } + else + { + if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) + { + ERR_print_errors(bio_err); + } } if (tm_cipher == NULL) ++++++ openssl-1.0.1e-truststore.diff ++++++ Don't use the legacy /etc/ssl/certs directory anymore but rather the p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991) Index: openssl-1.0.1e/crypto/cryptlib.h =================================================================== --- openssl-1.0.1e.orig/crypto/cryptlib.h +++ openssl-1.0.1e/crypto/cryptlib.h @@ -81,7 +81,7 @@ extern "C" { #ifndef OPENSSL_SYS_VMS #define X509_CERT_AREA OPENSSLDIR -#define X509_CERT_DIR OPENSSLDIR "/certs" +#define X509_CERT_DIR "/var/lib/ca-certificates/openssl" #define X509_CERT_FILE OPENSSLDIR "/cert.pem" #define X509_PRIVATE_DIR OPENSSLDIR "/private" #else ++++++ openssl-fix-pod-syntax.diff ++++++ >From jaenicke(a)openssl.net Thu May 30 09:46:58 2013 CC: Jonathan Liu <net147(a)gmail.com> Resent-Date: Thu, 30 May 2013 09:46:58 +0200 X-Spam-Status: No, score=-2.3 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_TO_NO_BRKTS_FREEMAIL autolearn=ham version=3.3.2 X-Mailer: git-send-email 1.8.3 Message-ID: <1369887573-10819-1-git-send-email-net147(a)gmail.com> X-Received: by 10.68.65.134 with SMTP id x6mr5859535pbs.219.1369886755138; Wed, 29 May 2013 21:05:55 -0700 (PDT) Resent-To: rt-i12(a)openssl.net Received: by openssl.net (Postfix, from userid 29209) id 1548C1E0128; Thu, 30 May 2013 09:46:58 +0200 (CEST) Received: by openssl.net (Postfix, from userid 65534) id 852471E12CB; Thu, 30 May 2013 06:14:07 +0200 (CEST) Received: by openssl.net (Postfix, from userid 30009) id 6FF4D1E12CF; Thu, 30 May 2013 06:14:07 +0200 (CEST) Received: from master.openssl.org (openssl.org [194.97.152.144]) by openssl.net (Postfix) with ESMTP id B4F491E12CB for <rt(a)openssl.net>; Thu, 30 May 2013 06:14:00 +0200 (CEST) Received: by master.openssl.org (Postfix) id 53CEF1337D; Thu, 30 May 2013 06:14:00 +0200 (CEST) Received: from mail-pd0-f180.google.com (mail-pd0-f180.google.com [209.85.192.180]) by master.openssl.org (Postfix) with ESMTP id BD43A1337C for <rt(a)openssl.org>; Thu, 30 May 2013 06:13:59 +0200 (CEST) Received: by mail-pd0-f180.google.com with SMTP id 14so7525333pdc.39 for <rt(a)openssl.org>; Wed, 29 May 2013 21:13:58 -0700 (PDT) Received: from 60-242-179-244.static.tpgi.com.au (60-242-179-244.static.tpgi.com.au. [60.242.179.244]) by mx.google.com with ESMTPSA id gh9sm39937623pbc.37.2013.05.29.21.05.52 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 29 May 2013 21:05:54 -0700 (PDT) Delivered-To: rt-i12(a)openssl.net Subject: [PATCH] Fix POD errors with pod2man from Perl 5.18. Resent-From: Lutz Jaenicke <jaenicke(a)openssl.net> Return-Path: <jaenicke(a)openssl.net> X-Original-To: rt-i12(a)openssl.net X-Original-To: jaenicke@localhost X-Original-To: rt(a)openssl.net Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:x-mailer; bh=7+ASUI5nk0djFCejseoyvHdfe1CBnwkjfwtKd/NZiyk=; b=Z8nPd4yIaqDTqC2lMbn6p2B4+cFrVY1CLkKn7W9dJucX5NWdr9xJFx3uBZgzONU48L 24eHjFUMScQtRepL0UbNbWOeUlLsTFicuSlx9FaEyK7ZY7zVzmdESmGeedInheWRaaz1 A818XmhAGYTO09kxRTrt8lswyegygIMna7vvjV5vP7wdRPLBejxvtSj24xz+b6bEub51 CvG+wjG+5SZt3XYdGtE3Rff49BaZg4zjpcH92H64bPsKClFx0dOYP849mEMuMzDsrcAO /2ZtXsPfkOHXSJAgGvvxEo7KQTUJol5+VtHzNjY7rRnrpKmS7U0+U8sasp4yetFIuXSZ U+eg== Date: Thu, 30 May 2013 14:19:33 +1000 X-Spam-Level: X-Greylist: delayed 483 seconds by postgrey-1.33 at master.openssl.org; Thu, 30 May 2013 06:13:59 CEST X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on openssl Resent-Message-ID: <20130530074658.GA13997(a)openssl.net> To: rt(a)openssl.org From: Jonathan Liu <net147(a)gmail.com> X-RT-Original-Encoding: ascii content-type: text/plain; charset="utf-8" Content-Length: 12835 --- doc/apps/cms.pod | 12 ++++++------ doc/apps/smime.pod | 12 ++++++------ doc/apps/ts.pod | 6 +++--- doc/crypto/OPENSSL_ia32cap.pod | 4 ++++ doc/crypto/rand.pod | 14 +++++++------- doc/ssl/SSL_COMP_add_compression_method.pod | 4 ++-- doc/ssl/SSL_CTX_add_session.pod | 4 ++-- doc/ssl/SSL_CTX_load_verify_locations.pod | 4 ++-- doc/ssl/SSL_CTX_set_client_CA_list.pod | 4 ++-- doc/ssl/SSL_CTX_set_session_id_context.pod | 4 ++-- doc/ssl/SSL_CTX_set_ssl_version.pod | 4 ++-- doc/ssl/SSL_CTX_use_psk_identity_hint.pod | 2 +- doc/ssl/SSL_accept.pod | 4 ++-- doc/ssl/SSL_clear.pod | 4 ++-- doc/ssl/SSL_connect.pod | 4 ++-- doc/ssl/SSL_do_handshake.pod | 4 ++-- doc/ssl/SSL_read.pod | 2 +- doc/ssl/SSL_session_reused.pod | 4 ++-- doc/ssl/SSL_set_fd.pod | 4 ++-- doc/ssl/SSL_set_session.pod | 4 ++-- doc/ssl/SSL_set_shutdown.pod | 2 +- doc/ssl/SSL_shutdown.pod | 6 +++--- doc/ssl/SSL_write.pod | 2 +- 23 files changed, 59 insertions(+), 55 deletions(-) Index: openssl-1.0.1g/doc/apps/cms.pod =================================================================== --- openssl-1.0.1g.orig/doc/apps/cms.pod +++ openssl-1.0.1g/doc/apps/cms.pod @@ -450,28 +450,28 @@ remains DER. =over 4 -=item 0 +=item Z<>0 the operation was completely successfully. -=item 1 +=item Z<>1 an error occurred parsing the command options. -=item 2 +=item Z<>2 one of the input files could not be read. -=item 3 +=item Z<>3 an error occurred creating the CMS file or when reading the MIME message. -=item 4 +=item Z<>4 an error occurred decrypting or verifying the message. -=item 5 +=item Z<>5 the message was verified correctly but an error occurred writing out the signers certificates. Index: openssl-1.0.1g/doc/apps/smime.pod =================================================================== --- openssl-1.0.1g.orig/doc/apps/smime.pod +++ openssl-1.0.1g/doc/apps/smime.pod @@ -308,28 +308,28 @@ remains DER. =over 4 -=item 0 +=item Z<>0 the operation was completely successfully. -=item 1 +=item Z<>1 an error occurred parsing the command options. -=item 2 +=item Z<>2 one of the input files could not be read. -=item 3 +=item Z<>3 an error occurred creating the PKCS#7 file or when reading the MIME message. -=item 4 +=item Z<>4 an error occurred decrypting or verifying the message. -=item 5 +=item Z<>5 the message was verified correctly but an error occurred writing out the signers certificates. Index: openssl-1.0.1g/doc/apps/ts.pod =================================================================== --- openssl-1.0.1g.orig/doc/apps/ts.pod +++ openssl-1.0.1g/doc/apps/ts.pod @@ -58,19 +58,19 @@ time. Here is a brief description of the =over 4 -=item 1. +=item Z<>1. The TSA client computes a one-way hash value for a data file and sends the hash to the TSA. -=item 2. +=item Z<>2. The TSA attaches the current date and time to the received hash value, signs them and sends the time stamp token back to the client. By creating this token the TSA certifies the existence of the original data file at the time of response generation. -=item 3. +=item Z<>3. The TSA client receives the time stamp token and verifies the signature on it. It also checks if the token contains the same hash Index: openssl-1.0.1g/doc/crypto/OPENSSL_ia32cap.pod =================================================================== --- openssl-1.0.1g.orig/doc/crypto/OPENSSL_ia32cap.pod +++ openssl-1.0.1g/doc/crypto/OPENSSL_ia32cap.pod @@ -20,6 +20,8 @@ toolkit initialization, but can be manip crypto library behaviour. For the moment of this writing six bits are significant, namely: +=over 4 + 1. bit #28 denoting Hyperthreading, which is used to distiguish cores with shared cache; 2. bit #26 denoting SSE2 support; @@ -29,6 +31,8 @@ significant, namely: pathes; 6. bit #4 denoting presence of Time-Stamp Counter. +=back + For example, clearing bit #26 at run-time disables high-performance SSE2 code present in the crypto library. You might have to do this if target OpenSSL application is executed on SSE2 capable CPU, but under Index: openssl-1.0.1g/doc/crypto/rand.pod =================================================================== --- openssl-1.0.1g.orig/doc/crypto/rand.pod +++ openssl-1.0.1g/doc/crypto/rand.pod @@ -74,16 +74,16 @@ First up I will state the things I belie =over 4 -=item 1 +=item Z<>1 A good hashing algorithm to mix things up and to convert the RNG 'state' to random numbers. -=item 2 +=item Z<>2 An initial source of random 'state'. -=item 3 +=item Z<>3 The state should be very large. If the RNG is being used to generate 4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). @@ -93,13 +93,13 @@ carried away on this last point but it d a bad idea to keep quite a lot of RNG state. It should be easier to break a cipher than guess the RNG seed data. -=item 4 +=item Z<>4 Any RNG seed data should influence all subsequent random numbers generated. This implies that any random seed data entered will have an influence on all subsequent random numbers generated. -=item 5 +=item Z<>5 When using data to seed the RNG state, the data used should not be extractable from the RNG state. I believe this should be a @@ -108,12 +108,12 @@ data would be a private key or a passwor not be disclosed by either subsequent random numbers or a 'core' dump left by a program crash. -=item 6 +=item Z<>6 Given the same initial 'state', 2 systems should deviate in their RNG state (and hence the random numbers generated) over time if at all possible. -=item 7 +=item Z<>7 Given the random number output stream, it should not be possible to determine the RNG state or the next random number. Index: openssl-1.0.1g/doc/ssl/SSL_COMP_add_compression_method.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_COMP_add_compression_method.pod +++ openssl-1.0.1g/doc/ssl/SSL_COMP_add_compression_method.pod @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may re =over 4 -=item 0 +=item Z<>0 The operation succeeded. -=item 1 +=item Z<>1 The operation failed. Check the error queue to find out the reason. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_add_session.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_add_session.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_add_session.pod @@ -52,13 +52,13 @@ The following values are returned by all =over 4 -=item 0 +=item Z<>0 The operation failed. In case of the add operation, it was tried to add the same (identical) session twice. In case of the remove operation, the session was not found in the cache. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_load_verify_locations.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_load_verify_locations.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_load_verify_locations.pod @@ -100,13 +100,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed because B<CAfile> and B<CApath> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_client_CA_list.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_client_CA_list.pod @@ -66,13 +66,13 @@ values: =over 4 -=item 0 +=item Z<>0 A failure while manipulating the STACK_OF(X509_NAME) object occurred or the X509_NAME could not be extracted from B<cacert>. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_session_id_context.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_session_id_context.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_session_id_context.pod @@ -64,13 +64,13 @@ return the following values: =over 4 -=item 0 +=item Z<>0 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error is logged to the error stack. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_ssl_version.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_ssl_version.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_ssl_version.pod @@ -42,11 +42,11 @@ and SSL_set_ssl_method(): =over 4 -=item 0 +=item Z<>0 The new choice failed, check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_CTX_use_psk_identity_hint.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod +++ openssl-1.0.1g/doc/ssl/SSL_CTX_use_psk_identity_hint.pod @@ -96,7 +96,7 @@ data to B<psk> and return the length of connection will fail with decryption_error before it will be finished completely. -=item 0 +=item Z<>0 PSK identity was not found. An "unknown_psk_identity" alert message will be sent and the connection setup fails. Index: openssl-1.0.1g/doc/ssl/SSL_accept.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_accept.pod +++ openssl-1.0.1g/doc/ssl/SSL_accept.pod @@ -44,13 +44,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. Index: openssl-1.0.1g/doc/ssl/SSL_clear.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_clear.pod +++ openssl-1.0.1g/doc/ssl/SSL_clear.pod @@ -56,12 +56,12 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The SSL_clear() operation could not be performed. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The SSL_clear() operation was successful. Index: openssl-1.0.1g/doc/ssl/SSL_connect.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_connect.pod +++ openssl-1.0.1g/doc/ssl/SSL_connect.pod @@ -41,13 +41,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. Index: openssl-1.0.1g/doc/ssl/SSL_do_handshake.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_do_handshake.pod +++ openssl-1.0.1g/doc/ssl/SSL_do_handshake.pod @@ -45,13 +45,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. Index: openssl-1.0.1g/doc/ssl/SSL_read.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_read.pod +++ openssl-1.0.1g/doc/ssl/SSL_read.pod @@ -86,7 +86,7 @@ The following return values can occur: The read operation was successful; the return value is the number of bytes actually read from the TLS/SSL connection. -=item 0 +=item Z<>0 The read operation was not successful. The reason may either be a clean shutdown due to a "close notify" alert sent by the peer (in which case Index: openssl-1.0.1g/doc/ssl/SSL_session_reused.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_session_reused.pod +++ openssl-1.0.1g/doc/ssl/SSL_session_reused.pod @@ -27,11 +27,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 A new session was negotiated. -=item 1 +=item Z<>1 A session was reused. Index: openssl-1.0.1g/doc/ssl/SSL_set_fd.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_set_fd.pod +++ openssl-1.0.1g/doc/ssl/SSL_set_fd.pod @@ -35,11 +35,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed. Check the error stack to find out why. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_set_session.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_set_session.pod +++ openssl-1.0.1g/doc/ssl/SSL_set_session.pod @@ -37,11 +37,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed; check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. Index: openssl-1.0.1g/doc/ssl/SSL_shutdown.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_shutdown.pod +++ openssl-1.0.1g/doc/ssl/SSL_shutdown.pod @@ -92,19 +92,19 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The shutdown is not yet finished. Call SSL_shutdown() for a second time, if a bidirectional shutdown shall be performed. The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. -=item 1 +=item Z<>1 The shutdown was successfully completed. The "close notify" alert was sent and the peer's "close notify" alert was received. -=item -1 +=item Z<>-1 The shutdown was not successful because a fatal error occurred either at the protocol level or a connection failure occurred. It can also occur if Index: openssl-1.0.1g/doc/ssl/SSL_write.pod =================================================================== --- openssl-1.0.1g.orig/doc/ssl/SSL_write.pod +++ openssl-1.0.1g/doc/ssl/SSL_write.pod @@ -79,7 +79,7 @@ The following return values can occur: The write operation was successful, the return value is the number of bytes actually written to the TLS/SSL connection. -=item 0 +=item Z<>0 The write operation was not successful. Probably the underlying connection was closed. Call SSL_get_error() with the return value B<ret> to find out, ++++++ openssl-ocloexec.patch ++++++ Index: crypto/bio/b_sock.c =================================================================== --- crypto/bio/b_sock.c.orig +++ crypto/bio/b_sock.c @@ -735,7 +735,7 @@ int BIO_get_accept_socket(char *host, in } again: - s=socket(server.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); + s=socket(server.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { SYSerr(SYS_F_SOCKET,get_last_socket_error()); @@ -784,7 +784,7 @@ again: } else goto err; } - cs=socket(client.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); + cs=socket(client.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (cs != INVALID_SOCKET) { int ii; Index: crypto/bio/bss_conn.c =================================================================== --- crypto/bio/bss_conn.c.orig +++ crypto/bio/bss_conn.c @@ -209,7 +209,7 @@ static int conn_state(BIO *b, BIO_CONNEC c->them.sin_addr.s_addr=htonl(l); c->state=BIO_CONN_S_CREATE_SOCKET; - ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + ret=socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (ret == INVALID_SOCKET) { SYSerr(SYS_F_SOCKET,get_last_socket_error()); Index: crypto/bio/bss_dgram.c =================================================================== --- crypto/bio/bss_dgram.c.orig +++ crypto/bio/bss_dgram.c @@ -1032,7 +1032,7 @@ static int dgram_sctp_read(BIO *b, char msg.msg_control = cmsgbuf; msg.msg_controllen = 512; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (msg.msg_controllen > 0) { @@ -1593,7 +1593,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK| MSG_CMSG_CLOEXEC); if (n <= 0) { if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK)) @@ -1616,7 +1616,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (n <= 0) { if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK)) @@ -1677,7 +1677,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) fcntl(b->num, F_SETFL, O_NONBLOCK); } - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC); if (is_dry) { @@ -1721,7 +1721,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b) sockflags = fcntl(b->num, F_GETFL, 0); fcntl(b->num, F_SETFL, O_NONBLOCK); - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC); fcntl(b->num, F_SETFL, sockflags); /* if notification, process and try again */ @@ -1742,7 +1742,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b) msg.msg_control = NULL; msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (data->handle_notifications != NULL) data->handle_notifications(b, data->notification_context, (void*) &snp); Index: crypto/bio/bss_file.c =================================================================== --- crypto/bio/bss_file.c.orig +++ crypto/bio/bss_file.c @@ -120,6 +120,10 @@ BIO *BIO_new_file(const char *filename, { BIO *ret; FILE *file=NULL; + size_t modelen = strlen (mode); + char newmode[modelen + 2]; + + memcpy (mempcpy (newmode, mode, modelen), "e", 2); #if defined(_WIN32) && defined(CP_UTF8) int sz, len_0 = (int)strlen(filename)+1; @@ -162,7 +166,7 @@ BIO *BIO_new_file(const char *filename, file = fopen(filename,mode); } #else - file=fopen(filename,mode); + file=fopen(filename,newmode); #endif if (file == NULL) { @@ -275,7 +279,7 @@ static long MS_CALLBACK file_ctrl(BIO *b long ret=1; FILE *fp=(FILE *)b->ptr; FILE **fpp; - char p[4]; + char p[5]; switch (cmd) { @@ -392,6 +396,8 @@ static long MS_CALLBACK file_ctrl(BIO *b else strcat(p,"t"); #endif + strcat(p, "e"); + fp=fopen(ptr,p); if (fp == NULL) { Index: crypto/rand/rand_unix.c =================================================================== --- crypto/rand/rand_unix.c.orig +++ crypto/rand/rand_unix.c @@ -262,7 +262,7 @@ int RAND_poll(void) for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) && (n < ENTROPY_NEEDED); i++) { - if ((fd = open(randomfiles[i], O_RDONLY + if ((fd = open(randomfiles[i], O_RDONLY | O_CLOEXEC #ifdef O_NONBLOCK |O_NONBLOCK #endif Index: crypto/rand/randfile.c =================================================================== --- crypto/rand/randfile.c.orig +++ crypto/rand/randfile.c @@ -136,7 +136,7 @@ int RAND_load_file(const char *file, lon #ifdef OPENSSL_SYS_VMS in=vms_fopen(file,"rb",VMS_OPEN_ATTRS); #else - in=fopen(file,"rb"); + in=fopen(file,"rbe"); #endif if (in == NULL) goto err; #if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO) @@ -209,7 +209,7 @@ int RAND_write_file(const char *file) #endif /* chmod(..., 0600) is too late to protect the file, * permissions should be restrictive from the start */ - int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600); + int fd = open(file, O_WRONLY|O_CREAT|O_BINARY|O_CLOEXEC, 0600); if (fd != -1) out = fdopen(fd, "wb"); } @@ -240,7 +240,7 @@ int RAND_write_file(const char *file) out = vms_fopen(file,"wb",VMS_OPEN_ATTRS); #else if (out == NULL) - out = fopen(file,"wb"); + out = fopen(file,"wbe"); #endif if (out == NULL) goto err; ++++++ openssl-pkgconfig.patch ++++++ Index: openssl-1.0.1g/Makefile.org =================================================================== --- openssl-1.0.1g.orig/Makefile.org +++ openssl-1.0.1g/Makefile.org @@ -367,7 +367,7 @@ libcrypto.pc: Makefile echo 'Requires: '; \ echo 'Libs: -L$${libdir} -lcrypto'; \ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc + echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc libssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -381,7 +381,7 @@ libssl.pc: Makefile echo 'Requires: '; \ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc + echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc openssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -395,7 +395,7 @@ openssl.pc: Makefile echo 'Requires: '; \ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc + echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc Makefile: Makefile.org Configure config @echo "Makefile is older than Makefile.org, Configure or config." ++++++ openssl.test ++++++ openssl autmatically tests iteslf, no further testing needed -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit openssl for openSUSE:12.3:Update
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package openssl for openSUSE:12.3:Update checked in at 2014-05-02 13:52:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/openssl (Old) and /work/SRC/openSUSE:12.3:Update/.openssl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "openssl" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ --- /var/tmp/diff_new_pack.2Vw90k/_old 2014-05-02 13:52:13.000000000 +0200 +++ /var/tmp/diff_new_pack.2Vw90k/_new 2014-05-02 13:52:13.000000000 +0200 @@ -1 +1 @@ -<link package='openssl.2741' cicount='copy' /> +<link package='openssl.2756' cicount='copy' /> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit Test-DVD-x86_64 for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package Test-DVD-x86_64 for openSUSE:Factory checked in at 2014-05-02 13:51:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/Test-DVD-x86_64 (Old) and /work/SRC/openSUSE:Factory/.Test-DVD-x86_64.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "Test-DVD-x86_64" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.uDjFVo/_old 2014-05-02 13:51:18.000000000 +0200 +++ /var/tmp/diff_new_pack.uDjFVo/_new 2014-05-02 13:51:18.000000000 +0200 @@ -5,4 +5,5 @@ <size unit="G">8</size> </disk> </hardware> + <hostlabel>LARGE_CACHE</hostlabel> </constraints> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit xfce4-branding-openSUSE for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package xfce4-branding-openSUSE for openSUSE:Factory checked in at 2014-05-02 10:53:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xfce4-branding-openSUSE (Old) and /work/SRC/openSUSE:Factory/.xfce4-branding-openSUSE.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xfce4-branding-openSUSE" Changes: -------- --- /work/SRC/openSUSE:Factory/xfce4-branding-openSUSE/xfce4-branding-openSUSE.changes 2013-10-31 10:13:20.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.xfce4-branding-openSUSE.new/xfce4-branding-openSUSE.changes 2014-05-02 10:53:55.000000000 +0200 @@ -1,0 +2,6 @@ +Sun Apr 27 21:59:54 UTC 2014 - gber(a)opensuse.org + +- remove support for openSUSE < 12.3 +- add custom theme for xfce4-notifyd + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xfce4-branding-openSUSE.spec ++++++ --- /var/tmp/diff_new_pack.XTz0Tk/_old 2014-05-02 10:53:56.000000000 +0200 +++ /var/tmp/diff_new_pack.XTz0Tk/_new 2014-05-02 10:53:56.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package xfce4-branding-openSUSE # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -51,10 +51,8 @@ BuildRequires: wallpaper-branding # owns %%{_datadir}/xfce/applications/defaults.list symlink target Requires: libgio-2_0-0 -%if 0%{?suse_version} > 1220 # for regenerating defaults.list BuildRequires: desktop-file-utils -%endif BuildRequires: thunar-volman BuildRequires: xfce4-notifyd BuildRequires: xfce4-panel @@ -99,10 +97,8 @@ Group: System/GUI/XFCE # owns %%{_datadir}/xfce/applications/defaults.list symlink target Requires: libgio-2_0-0 -%if 0%{?suse_version} > 1220 # for regenerating defaults.list Requires: desktop-file-utils -%endif Conflicts: otherproviders(xfce4-session-branding) Provides: xfce4-session-branding = %{xfce4_session_version} Supplements: packageand(xfce4-session:branding-openSUSE) @@ -356,6 +352,7 @@ %dir %{_sysconfdir}/xdg/xfce4/xfconf %dir %{_sysconfdir}/xdg/xfce4/xfconf/xfce-perchannel-xml %config %{_sysconfdir}/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml +%{_datadir}/themes/openSUSE-Xfce %files -n %{libexo_libname}-branding-openSUSE %defattr(-,root,root) ++++++ xfce4-branding-openSUSE-4.10.0.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/1220/etc/xfce_defaults.conf new/xfce4-branding-openSUSE-4.10.0/1220/etc/xfce_defaults.conf --- old/xfce4-branding-openSUSE-4.10.0/1220/etc/xfce_defaults.conf 2012-10-04 15:06:48.000000000 +0200 +++ new/xfce4-branding-openSUSE-4.10.0/1220/etc/xfce_defaults.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,73 +0,0 @@ -# Xfce Default Applications Source -# /etc/xfcer_defaults.conf -# -# After any change of this file run -# suse-update-mime-defaults -# -# This list is a source for defaults.list. -# -# If application in this list is installed, it is used as default in GNOME. -# It works in following way: -# 1. Read this file. -# 2. Collect all available desktop files. -# 3. Go through all declared MIME types and search for default application -# for defaults.list in following order: -# 3.1 Installed application listed here for certain MIME type. -# 3.2 Installed application listed here as preferred default. -# 3.3 Installed application listed here as default. -# 3.4 Installed application with GNOME in Categories. -# 3.5 Installed application with GTK in Categories. -# 3.6 Installed application. -# If there are more applications in the same order, it uses pseudo-randomly -# one of them (last in aplhabetical order). -# -# Syntax: -# Use xxx as default for all MIME types it declares (see 3.3): -# xxx.desktop -# Use xxx as preferred default for all MIME types it declares (see 3.2): -# !xxx.desktop -# Use xxx as default for mime/type (see 3.1): -# mime/type=xxx.desktop - -# URI schemes -x-scheme-handler/http=firefox.desktop -x-scheme-handler/https=firefox.desktop -x-scheme-handler/ftp=firefox.desktop -x-scheme-handler/mailto=thunderbird.desktop -# All URI schemes declared by yelp -yelp.desktop - -# Prefer totem for multimedia where possible -!totem.desktop - -# Prefer Install Software over file-roller -application/x-rpm=package-manager.desktop -!gpk-install-file.desktop - -# Xfce default applications -ristretto.desktop -evince.desktop -leafpad.desktop -file-roller.desktop -# file-roller supports iso, but most people will prefer brasero: -application/x-cd-image=brasero.desktop -Thunar-folder-handler.desktop -# evince supports multi-page tiff, but most people will prefer ristretto: -image/tiff=ristretto.desktop -# evince supports odp, but we really want OOo -application/vnd.sun.xml.impress=impress.desktop -application/vnd.oasis.opendocument.presentation=impress.desktop - -# Firefox -firefox.desktop - -# OpenOffice -base.desktop -calc.desktop -draw.desktop -impress.desktop -math.desktop -web.desktop -writer.desktop -# Do not prefer writer for text/plain: -text/plain=leafpad.desktop diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/1220/usr/share/xfce/applications/defaults.list new/xfce4-branding-openSUSE-4.10.0/1220/usr/share/xfce/applications/defaults.list --- old/xfce4-branding-openSUSE-4.10.0/1220/usr/share/xfce/applications/defaults.list 2014-05-02 10:53:56.000000000 +0200 +++ new/xfce4-branding-openSUSE-4.10.0/1220/usr/share/xfce/applications/defaults.list 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -symbolic link to /var/cache/gio-2.0/xfce-defaults.list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/1230/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml new/xfce4-branding-openSUSE-4.10.0/1230/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml --- old/xfce4-branding-openSUSE-4.10.0/1230/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml 2013-01-31 21:28:59.000000000 +0100 +++ new/xfce4-branding-openSUSE-4.10.0/1230/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml 1970-01-01 01:00:00.000000000 +0100 @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<channel name="xfce4-panel" version="1.0"> - <property name="configver" type="int" value="2"/> - <property name="panels" type="array"> - <value type="int" value="1"/> - <property name="panel-1" type="empty"> - <property name="position" type="string" value="p=10;x=0;y=0"/> - <property name="length" type="uint" value="100"/> - <property name="position-locked" type="bool" value="true"/> - <property name="size" type="uint" value="24"/> - <property name="length-adjust" type="bool" value="false"/> - <property name="plugin-ids" type="array"> - <value type="int" value="1"/> - <value type="int" value="2"/> - <value type="int" value="3"/> - <value type="int" value="4"/> - <value type="int" value="5"/> - <value type="int" value="6"/> - <value type="int" value="7"/> - <value type="int" value="8"/> - <value type="int" value="9"/> - <value type="int" value="10"/> - <value type="int" value="11"/> - <value type="int" value="12"/> - </property> - </property> - </property> - <property name="plugins" type="empty"> - <property name="plugin-1" type="string" value="applicationsmenu"> - <property name="button-icon" type="string" value="xfce4-opensuse-dark"/> - <property name="button-title" type="string" value="openSUSE"/> - <property name="show-tooltips" type="bool" value="true"/> - </property> - <property name="plugin-2" type="string" value="separator"/> - <property name="plugin-3" type="string" value="showdesktop"/> - <property name="plugin-4" type="string" value="tasklist"/> - <property name="plugin-5" type="string" value="separator"> - <property name="expand" type="bool" value="true"/> - <property name="style" type="uint" value="0"/> - </property> - <property name="plugin-6" type="string" value="mixer"/> - <property name="plugin-7" type="string" value="systray"> - <property name="show-frame" type="bool" value="false"/> - </property> - <property name="plugin-8" type="string" value="pager"/> - <property name="plugin-9" type="string" value="separator"> - <property name="style" type="uint" value="0"/> - </property> - <property name="plugin-10" type="string" value="clock"> - <property name="show-frame" type="bool" value="false"/> - </property> - <property name="plugin-11" type="string" value="separator"> - <property name="style" type="uint" value="0"/> - </property> - <property name="plugin-12" type="string" value="actions"> - <property name="items" type="array"> - <value type="string" value="+lock-screen"/> - <value type="string" value="+switch-user"/> - <value type="string" value="+logout-dialog"/> - <value type="string" value="+separator"/> - <value type="string" value="+suspend"/> - <value type="string" value="+hibernate"/> - <value type="string" value="+separator"/> - <value type="string" value="+restart"/> - <value type="string" value="+shutdown"/> - <value type="string" value="-separator"/> - <value type="string" value="-logout"/> - </property> - <property name="appearance" type="uint" value="1"/> - </property> - </property> -</channel> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/1230/etc/xfce_defaults.conf new/xfce4-branding-openSUSE-4.10.0/1230/etc/xfce_defaults.conf --- old/xfce4-branding-openSUSE-4.10.0/1230/etc/xfce_defaults.conf 2012-10-04 15:06:48.000000000 +0200 +++ new/xfce4-branding-openSUSE-4.10.0/1230/etc/xfce_defaults.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,73 +0,0 @@ -# Xfce Default Applications Source -# /etc/xfcer_defaults.conf -# -# After any change of this file run -# suse-update-mime-defaults -# -# This list is a source for defaults.list. -# -# If application in this list is installed, it is used as default in GNOME. -# It works in following way: -# 1. Read this file. -# 2. Collect all available desktop files. -# 3. Go through all declared MIME types and search for default application -# for defaults.list in following order: -# 3.1 Installed application listed here for certain MIME type. -# 3.2 Installed application listed here as preferred default. -# 3.3 Installed application listed here as default. -# 3.4 Installed application with GNOME in Categories. -# 3.5 Installed application with GTK in Categories. -# 3.6 Installed application. -# If there are more applications in the same order, it uses pseudo-randomly -# one of them (last in aplhabetical order). -# -# Syntax: -# Use xxx as default for all MIME types it declares (see 3.3): -# xxx.desktop -# Use xxx as preferred default for all MIME types it declares (see 3.2): -# !xxx.desktop -# Use xxx as default for mime/type (see 3.1): -# mime/type=xxx.desktop - -# URI schemes -x-scheme-handler/http=firefox.desktop -x-scheme-handler/https=firefox.desktop -x-scheme-handler/ftp=firefox.desktop -x-scheme-handler/mailto=thunderbird.desktop -# All URI schemes declared by yelp -yelp.desktop - -# Prefer totem for multimedia where possible -!totem.desktop - -# Prefer Install Software over file-roller -application/x-rpm=package-manager.desktop -!gpk-install-file.desktop - -# Xfce default applications -ristretto.desktop -evince.desktop -leafpad.desktop -file-roller.desktop -# file-roller supports iso, but most people will prefer brasero: -application/x-cd-image=brasero.desktop -Thunar-folder-handler.desktop -# evince supports multi-page tiff, but most people will prefer ristretto: -image/tiff=ristretto.desktop -# evince supports odp, but we really want OOo -application/vnd.sun.xml.impress=impress.desktop -application/vnd.oasis.opendocument.presentation=impress.desktop - -# Firefox -firefox.desktop - -# OpenOffice -base.desktop -calc.desktop -draw.desktop -impress.desktop -math.desktop -web.desktop -writer.desktop -# Do not prefer writer for text/plain: -text/plain=leafpad.desktop diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/1230/usr/share/xfce/applications/defaults.list new/xfce4-branding-openSUSE-4.10.0/1230/usr/share/xfce/applications/defaults.list --- old/xfce4-branding-openSUSE-4.10.0/1230/usr/share/xfce/applications/defaults.list 2014-05-02 10:53:56.000000000 +0200 +++ new/xfce4-branding-openSUSE-4.10.0/1230/usr/share/xfce/applications/defaults.list 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -symbolic link to /var/cache/gio-2.0/xfce-defaults.list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml new/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml --- old/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml 2012-06-05 09:48:42.000000000 +0200 +++ new/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml 2014-04-28 08:12:23.000000000 +0200 @@ -2,4 +2,6 @@ <channel name="xfce4-notifyd" version="1.0"> <property name="notify-location" type="uint" value="3"/> + <property name="theme" type="string" value="openSUSE-Xfce"/> + <property name="initial-opacity" type="double" value="0.920000"/> </channel> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml new/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml --- old/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml 2013-01-31 19:32:57.000000000 +0100 +++ new/xfce4-branding-openSUSE-4.10.0/base/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml 2013-01-31 21:28:59.000000000 +0100 @@ -44,11 +44,15 @@ <property name="show-frame" type="bool" value="false"/> </property> <property name="plugin-8" type="string" value="pager"/> - <property name="plugin-9" type="string" value="separator"/> + <property name="plugin-9" type="string" value="separator"> + <property name="style" type="uint" value="0"/> + </property> <property name="plugin-10" type="string" value="clock"> <property name="show-frame" type="bool" value="false"/> </property> - <property name="plugin-11" type="string" value="separator"/> + <property name="plugin-11" type="string" value="separator"> + <property name="style" type="uint" value="0"/> + </property> <property name="plugin-12" type="string" value="actions"> <property name="items" type="array"> <value type="string" value="+lock-screen"/> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/base/etc/xfce_defaults.conf new/xfce4-branding-openSUSE-4.10.0/base/etc/xfce_defaults.conf --- old/xfce4-branding-openSUSE-4.10.0/base/etc/xfce_defaults.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/xfce4-branding-openSUSE-4.10.0/base/etc/xfce_defaults.conf 2012-10-04 15:06:48.000000000 +0200 @@ -0,0 +1,73 @@ +# Xfce Default Applications Source +# /etc/xfcer_defaults.conf +# +# After any change of this file run +# suse-update-mime-defaults +# +# This list is a source for defaults.list. +# +# If application in this list is installed, it is used as default in GNOME. +# It works in following way: +# 1. Read this file. +# 2. Collect all available desktop files. +# 3. Go through all declared MIME types and search for default application +# for defaults.list in following order: +# 3.1 Installed application listed here for certain MIME type. +# 3.2 Installed application listed here as preferred default. +# 3.3 Installed application listed here as default. +# 3.4 Installed application with GNOME in Categories. +# 3.5 Installed application with GTK in Categories. +# 3.6 Installed application. +# If there are more applications in the same order, it uses pseudo-randomly +# one of them (last in aplhabetical order). +# +# Syntax: +# Use xxx as default for all MIME types it declares (see 3.3): +# xxx.desktop +# Use xxx as preferred default for all MIME types it declares (see 3.2): +# !xxx.desktop +# Use xxx as default for mime/type (see 3.1): +# mime/type=xxx.desktop + +# URI schemes +x-scheme-handler/http=firefox.desktop +x-scheme-handler/https=firefox.desktop +x-scheme-handler/ftp=firefox.desktop +x-scheme-handler/mailto=thunderbird.desktop +# All URI schemes declared by yelp +yelp.desktop + +# Prefer totem for multimedia where possible +!totem.desktop + +# Prefer Install Software over file-roller +application/x-rpm=package-manager.desktop +!gpk-install-file.desktop + +# Xfce default applications +ristretto.desktop +evince.desktop +leafpad.desktop +file-roller.desktop +# file-roller supports iso, but most people will prefer brasero: +application/x-cd-image=brasero.desktop +Thunar-folder-handler.desktop +# evince supports multi-page tiff, but most people will prefer ristretto: +image/tiff=ristretto.desktop +# evince supports odp, but we really want OOo +application/vnd.sun.xml.impress=impress.desktop +application/vnd.oasis.opendocument.presentation=impress.desktop + +# Firefox +firefox.desktop + +# OpenOffice +base.desktop +calc.desktop +draw.desktop +impress.desktop +math.desktop +web.desktop +writer.desktop +# Do not prefer writer for text/plain: +text/plain=leafpad.desktop diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/base/usr/share/themes/openSUSE-Xfce/xfce-notify-4.0/gtkrc new/xfce4-branding-openSUSE-4.10.0/base/usr/share/themes/openSUSE-Xfce/xfce-notify-4.0/gtkrc --- old/xfce4-branding-openSUSE-4.10.0/base/usr/share/themes/openSUSE-Xfce/xfce-notify-4.0/gtkrc 1970-01-01 01:00:00.000000000 +0100 +++ new/xfce4-branding-openSUSE-4.10.0/base/usr/share/themes/openSUSE-Xfce/xfce-notify-4.0/gtkrc 2014-04-28 12:17:45.000000000 +0200 @@ -0,0 +1,29 @@ +style "notification_window" +{ + bg[NORMAL] = @tooltip_bg_color + + XfceNotifyWindow::border-radius = 10.0 + XfceNotifyWindow::border-width = 0.0 + XfceNotifyWindow::border-width-hover = 0.0 +} + +style "notification_body" +{ + fg[NORMAL] = @tooltip_fg_color + base[PRELIGHT] = @tooltip_bg_color + base[ACTIVE] = shade (1.2, @tooltip_bg_color) + + GtkWidget::link-color = @tooltip_fg_color + GtkWidget::visited-link-color = shade (0.8, @tooltip_fg_color) +} + +style "notification_summary" +{ + fg[NORMAL] = @tooltip_fg_color + + font_name = "Bold" +} + +class "XfceNotifyWindow" style "notification_window" +widget "XfceNotifyWindow.*.summary" style "notification_summary" +widget "XfceNotifyWindow.*.body" style "notification_body" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xfce4-branding-openSUSE-4.10.0/base/usr/share/xfce/applications/defaults.list new/xfce4-branding-openSUSE-4.10.0/base/usr/share/xfce/applications/defaults.list --- old/xfce4-branding-openSUSE-4.10.0/base/usr/share/xfce/applications/defaults.list 1970-01-01 01:00:00.000000000 +0100 +++ new/xfce4-branding-openSUSE-4.10.0/base/usr/share/xfce/applications/defaults.list 2014-04-28 00:06:55.000000000 +0200 @@ -0,0 +1,447 @@ +# generated by suse-update-mime-defaults from /etc/xfce_defaults.conf +[Default Applications] +application/csv=calc.desktop +application/excel=calc.desktop +application/msexcel=calc.desktop +application/mspowerpoint=impress.desktop +application/msword=writer.desktop +application/mxf=totem.desktop +application/ogg=totem.desktop +application/oxps=evince.desktop +application/pdf=evince.desktop +application/pkcs10=gcr-viewer.desktop +application/pkcs10+pem=gcr-viewer.desktop +application/pkcs12=gcr-viewer.desktop +application/pkcs12+pem=gcr-viewer.desktop +application/pkcs7-mime=gcr-viewer.desktop +application/pkcs7-mime+pem=gcr-viewer.desktop +application/pkcs8=gcr-viewer.desktop +application/pkcs8+pem=gcr-viewer.desktop +application/pkix-cert=gcr-viewer.desktop +application/pkix-cert+pem=gcr-viewer.desktop +application/pkix-crl=gcr-viewer.desktop +application/pkix-crl+pem=gcr-viewer.desktop +application/postscript=evince.desktop +application/ram=totem.desktop +application/rtf=writer.desktop +application/sdp=totem.desktop +application/smil=totem.desktop +application/smil+xml=totem.desktop +application/tab-separated-values=calc.desktop +application/vnd.apple.mpegurl=totem.desktop +application/vnd.corel-draw=draw.desktop +application/vnd.lotus-1-2-3=calc.desktop +application/vnd.lotus-wordpro=writer.desktop +application/vnd.mozilla.xul+xml=firefox.desktop +application/vnd.ms-cab-compressed=file-roller.desktop +application/vnd.ms-excel=calc.desktop +application/vnd.ms-excel.sheet.binary.macroenabled.12=calc.desktop +application/vnd.ms-excel.sheet.macroenabled.12=calc.desktop +application/vnd.ms-excel.template.macroenabled.12=calc.desktop +application/vnd.ms-powerpoint=impress.desktop +application/vnd.ms-powerpoint.presentation.macroenabled.12=impress.desktop +application/vnd.ms-powerpoint.slideshow.macroEnabled.12=impress.desktop +application/vnd.ms-powerpoint.template.macroenabled.12=impress.desktop +application/vnd.ms-publisher=draw.desktop +application/vnd.ms-word=writer.desktop +application/vnd.ms-word.document.macroenabled.12=writer.desktop +application/vnd.ms-word.template.macroenabled.12=writer.desktop +application/vnd.ms-works=writer.desktop +application/vnd.ms-wpl=totem.desktop +application/vnd.ms-xpsdocument=evince.desktop +application/vnd.oasis.opendocument.chart=calc.desktop +application/vnd.oasis.opendocument.chart-template=calc.desktop +application/vnd.oasis.opendocument.database=base.desktop +application/vnd.oasis.opendocument.formula=math.desktop +application/vnd.oasis.opendocument.formula-template=math.desktop +application/vnd.oasis.opendocument.graphics=draw.desktop +application/vnd.oasis.opendocument.graphics-flat-xml=xsltfilter.desktop +application/vnd.oasis.opendocument.graphics-template=draw.desktop +application/vnd.oasis.opendocument.presentation=impress.desktop +application/vnd.oasis.opendocument.presentation-flat-xml=xsltfilter.desktop +application/vnd.oasis.opendocument.presentation-template=impress.desktop +application/vnd.oasis.opendocument.spreadsheet=calc.desktop +application/vnd.oasis.opendocument.spreadsheet-flat-xml=xsltfilter.desktop +application/vnd.oasis.opendocument.spreadsheet-template=calc.desktop +application/vnd.oasis.opendocument.text=writer.desktop +application/vnd.oasis.opendocument.text-flat-xml=xsltfilter.desktop +application/vnd.oasis.opendocument.text-master=writer.desktop +application/vnd.oasis.opendocument.text-template=writer.desktop +application/vnd.oasis.opendocument.text-web=writer.desktop +application/vnd.openofficeorg.extension=startcenter.desktop +application/vnd.openxmlformats-officedocument.presentationml.presentation=impress.desktop +application/vnd.openxmlformats-officedocument.presentationml.slide=impress.desktop +application/vnd.openxmlformats-officedocument.presentationml.slideshow=impress.desktop +application/vnd.openxmlformats-officedocument.presentationml.template=impress.desktop +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet=calc.desktop +application/vnd.openxmlformats-officedocument.spreadsheetml.template=calc.desktop +application/vnd.openxmlformats-officedocument.wordprocessingml.document=writer.desktop +application/vnd.openxmlformats-officedocument.wordprocessingml.template=writer.desktop +application/vnd.rn-realmedia=vlc.desktop +application/vnd.stardivision.writer-global=writer.desktop +application/vnd.sun.xml.base=base.desktop +application/vnd.sun.xml.calc=calc.desktop +application/vnd.sun.xml.calc.template=calc.desktop +application/vnd.sun.xml.draw=draw.desktop +application/vnd.sun.xml.draw.template=draw.desktop +application/vnd.sun.xml.impress=impress.desktop +application/vnd.sun.xml.impress.template=impress.desktop +application/vnd.sun.xml.math=math.desktop +application/vnd.sun.xml.writer=writer.desktop +application/vnd.sun.xml.writer.global=writer.desktop +application/vnd.sun.xml.writer.template=writer.desktop +application/vnd.tcpdump.pcap=wireshark.desktop +application/vnd.visio=draw.desktop +application/vnd.wordperfect=writer.desktop +application/wordperfect=writer.desktop +application/x-123=calc.desktop +application/x-5view=wireshark.desktop +application/x-7z-compressed=file-roller.desktop +application/x-7z-compressed-tar=file-roller.desktop +application/x-ace=file-roller.desktop +application/x-alz=file-roller.desktop +application/x-app-package=gpk-install-local-file.desktop +application/x-ar=file-roller.desktop +application/x-archive=file-roller.desktop +application/x-arj=file-roller.desktop +application/x-bittorrent=transmission-gtk.desktop +application/x-brasero=brasero.desktop +application/x-bzdvi=evince.desktop +application/x-bzip=file-roller.desktop +application/x-bzip-compressed-tar=file-roller.desktop +application/x-bzip1=file-roller.desktop +application/x-bzip1-compressed-tar=file-roller.desktop +application/x-bzpdf=evince.desktop +application/x-bzpostscript=evince.desktop +application/x-cabinet=file-roller.desktop +application/x-catalog=gpk-install-catalog.desktop +application/x-cb7=evince.desktop +application/x-cbr=file-roller.desktop +application/x-cbt=evince.desktop +application/x-cbz=file-roller.desktop +application/x-cd-image=brasero.desktop +application/x-cdrdao-toc=brasero.desktop +application/x-chess-pgn=glchess.desktop +application/x-compress=file-roller.desktop +application/x-compressed-tar=file-roller.desktop +application/x-cpio=file-roller.desktop +application/x-cue=brasero.desktop +application/x-dbase=calc.desktop +application/x-dbf=calc.desktop +application/x-deb=file-roller.desktop +application/x-desktop=panel-desktop-handler.desktop +application/x-doc=writer.desktop +application/x-dos_ms_excel=calc.desktop +application/x-dvi=evince.desktop +application/x-ear=file-roller.desktop +application/x-etherpeek=wireshark.desktop +application/x-excel=calc.desktop +application/x-extension-m4a=totem.desktop +application/x-extension-mp4=totem.desktop +application/x-extension-txt=writer.desktop +application/x-flac=totem.desktop +application/x-flash-video=totem.desktop +application/x-gtar=file-roller.desktop +application/x-gzdvi=evince.desktop +application/x-gzip=file-roller.desktop +application/x-gzpdf=evince.desktop +application/x-gzpostscript=file-roller.desktop +application/x-hwp=writer.desktop +application/x-iptrace=wireshark.desktop +application/x-java-archive=file-roller.desktop +application/x-java-jnlp-file=javaws.desktop +application/x-lanalyzer=wireshark.desktop +application/x-lha=file-roller.desktop +application/x-lhz=file-roller.desktop +application/x-lrzip=file-roller.desktop +application/x-lrzip-compressed-tar=file-roller.desktop +application/x-lzip=file-roller.desktop +application/x-lzip-compressed-tar=file-roller.desktop +application/x-lzma=file-roller.desktop +application/x-lzma-compressed-tar=file-roller.desktop +application/x-lzop=file-roller.desktop +application/x-lzop-compressed-tar=file-roller.desktop +application/x-matroska=totem.desktop +application/x-ms-dos-executable=file-roller.desktop +application/x-ms-excel=calc.desktop +application/x-ms-wim=file-roller.desktop +application/x-msexcel=calc.desktop +application/x-netinstobserver=wireshark.desktop +application/x-netshow-channel=totem.desktop +application/x-nettl=wireshark.desktop +application/x-ogg=totem.desktop +application/x-pcapng=wireshark.desktop +application/x-pem-file=gcr-viewer.desktop +application/x-pem-key=gcr-viewer.desktop +application/x-pkcs12=gcr-viewer.desktop +application/x-pkcs7-certificates=gcr-viewer.desktop +application/x-quattropro=calc.desktop +application/x-quicktime-media-link=totem.desktop +application/x-quicktimeplayer=totem.desktop +application/x-radcom=wireshark.desktop +application/x-rar=file-roller.desktop +application/x-rar-compressed=file-roller.desktop +application/x-redhat-package-manager=package-manager.desktop +application/x-rpm=package-manager.desktop +application/x-rzip=file-roller.desktop +application/x-rzip-compressed-tar=file-roller.desktop +application/x-servicepack=gpk-install-local-file.desktop +application/x-shockwave-flash=vlc.desktop +application/x-shorten=totem.desktop +application/x-smil=totem.desktop +application/x-snoop=wireshark.desktop +application/x-spkac=gcr-viewer.desktop +application/x-spkac+base64=gcr-viewer.desktop +application/x-stuffit=file-roller.desktop +application/x-t602=writer.desktop +application/x-tar=file-roller.desktop +application/x-tarz=file-roller.desktop +application/x-toc=brasero.desktop +application/x-visualnetworks=wireshark.desktop +application/x-war=file-roller.desktop +application/x-wpg=draw.desktop +application/x-x509-ca-cert=gcr-viewer.desktop +application/x-x509-user-cert=gcr-viewer.desktop +application/x-xpinstall=firefox.desktop +application/x-xz=file-roller.desktop +application/x-xz-compressed-tar=file-roller.desktop +application/x-xzpdf=evince.desktop +application/x-zip=file-roller.desktop +application/x-zip-compressed=file-roller.desktop +application/x-zoo=file-roller.desktop +application/xhtml+xml=firefox.desktop +application/xspf+xml=totem.desktop +application/zip=file-roller.desktop +audio/3gpp=totem.desktop +audio/AMR=totem.desktop +audio/AMR-WB=totem.desktop +audio/ac3=totem.desktop +audio/amr=vlc.desktop +audio/amr-wb=vlc.desktop +audio/basic=totem.desktop +audio/flac=totem.desktop +audio/midi=totem.desktop +audio/mp2=totem.desktop +audio/mp4=totem.desktop +audio/mpeg=totem.desktop +audio/mpegurl=totem.desktop +audio/ogg=totem.desktop +audio/prs.sid=totem.desktop +audio/vnd.rn-realaudio=vlc.desktop +audio/webm=vlc.desktop +audio/x-aiff=totem.desktop +audio/x-ape=totem.desktop +audio/x-flac=totem.desktop +audio/x-gsm=totem.desktop +audio/x-it=totem.desktop +audio/x-m4a=totem.desktop +audio/x-matroska=totem.desktop +audio/x-mod=totem.desktop +audio/x-mp3=totem.desktop +audio/x-mp3-playlist=brasero.desktop +audio/x-mpeg=totem.desktop +audio/x-mpegurl=totem.desktop +audio/x-ms-asf=totem.desktop +audio/x-ms-asx=totem.desktop +audio/x-ms-wax=totem.desktop +audio/x-ms-wma=totem.desktop +audio/x-musepack=totem.desktop +audio/x-pn-aiff=totem.desktop +audio/x-pn-au=totem.desktop +audio/x-pn-realaudio=vlc.desktop +audio/x-pn-realaudio-plugin=vlc.desktop +audio/x-pn-wav=totem.desktop +audio/x-pn-windows-acm=totem.desktop +audio/x-real-audio=vlc.desktop +audio/x-s3m=totem.desktop +audio/x-sbc=totem.desktop +audio/x-scpls=totem.desktop +audio/x-speex=totem.desktop +audio/x-stm=totem.desktop +audio/x-tta=totem.desktop +audio/x-vorbis=totem.desktop +audio/x-vorbis+ogg=totem.desktop +audio/x-wav=totem.desktop +audio/x-wavpack=totem.desktop +audio/x-xm=totem.desktop +image/bmp=ristretto.desktop +image/g3fax=gimp.desktop +image/gif=ristretto.desktop +image/jp2=gimp.desktop +image/jpeg=ristretto.desktop +image/jpeg2000=gimp.desktop +image/jpg=shotwell-viewer.desktop +image/jpx=gimp.desktop +image/pjpeg=shotwell-viewer.desktop +image/png=ristretto.desktop +image/svg+xml=ristretto.desktop +image/tiff=ristretto.desktop +image/vnd.djvu=evince.desktop +image/vnd.rn-realpix=vlc.desktop +image/x-3fr=shotwell-viewer.desktop +image/x-adobe-dng=shotwell-viewer.desktop +image/x-arw=shotwell-viewer.desktop +image/x-bay=shotwell-viewer.desktop +image/x-bmp=shotwell-viewer.desktop +image/x-bzeps=evince.desktop +image/x-canon-cr2=shotwell-viewer.desktop +image/x-canon-crw=shotwell-viewer.desktop +image/x-cap=shotwell-viewer.desktop +image/x-cmu-raster=ristretto.desktop +image/x-compressed-xcf=gimp.desktop +image/x-cr2=shotwell-viewer.desktop +image/x-crw=shotwell-viewer.desktop +image/x-dcr=shotwell-viewer.desktop +image/x-dcraw=shotwell-viewer.desktop +image/x-dcs=shotwell-viewer.desktop +image/x-dng=shotwell-viewer.desktop +image/x-drf=shotwell-viewer.desktop +image/x-eip=shotwell-viewer.desktop +image/x-eps=evince.desktop +image/x-erf=shotwell-viewer.desktop +image/x-fff=shotwell-viewer.desktop +image/x-fits=gimp.desktop +image/x-fuji-raf=shotwell-viewer.desktop +image/x-gimp-gbr=gimp.desktop +image/x-gimp-gih=gimp.desktop +image/x-gimp-pat=gimp.desktop +image/x-gzeps=evince.desktop +image/x-ico=ristretto.desktop +image/x-icon=gimp.desktop +image/x-iiq=shotwell-viewer.desktop +image/x-k25=shotwell-viewer.desktop +image/x-kdc=shotwell-viewer.desktop +image/x-mef=shotwell-viewer.desktop +image/x-minolta-mrw=shotwell-viewer.desktop +image/x-mos=shotwell-viewer.desktop +image/x-mrw=shotwell-viewer.desktop +image/x-nef=shotwell-viewer.desktop +image/x-nikon-nef=shotwell-viewer.desktop +image/x-nrw=shotwell-viewer.desktop +image/x-olympus-orf=shotwell-viewer.desktop +image/x-orf=shotwell-viewer.desktop +image/x-panasonic-raw=shotwell-viewer.desktop +image/x-pcx=gimp.desktop +image/x-pef=shotwell-viewer.desktop +image/x-pentax-pef=shotwell-viewer.desktop +image/x-pict=totem.desktop +image/x-png=shotwell-viewer.desktop +image/x-portable-anymap=ristretto.desktop +image/x-portable-bitmap=ristretto.desktop +image/x-portable-graymap=ristretto.desktop +image/x-portable-pixmap=ristretto.desktop +image/x-psd=gimp.desktop +image/x-psp=gimp.desktop +image/x-ptx=shotwell-viewer.desktop +image/x-pxn=shotwell-viewer.desktop +image/x-r3d=shotwell-viewer.desktop +image/x-raf=shotwell-viewer.desktop +image/x-raw=shotwell-viewer.desktop +image/x-rw2=shotwell-viewer.desktop +image/x-rwl=shotwell-viewer.desktop +image/x-rwz=shotwell-viewer.desktop +image/x-sgi=gimp.desktop +image/x-sigma-x3f=shotwell-viewer.desktop +image/x-sony-arw=shotwell-viewer.desktop +image/x-sony-sr2=shotwell-viewer.desktop +image/x-sony-srf=shotwell-viewer.desktop +image/x-sr2=shotwell-viewer.desktop +image/x-srf=shotwell-viewer.desktop +image/x-sun-raster=ristretto.desktop +image/x-tga=ristretto.desktop +image/x-win-bitmap=ristretto.desktop +image/x-wmf=gimp.desktop +image/x-x3f=shotwell-viewer.desktop +image/x-xbitmap=ristretto.desktop +image/x-xcf=gimp.desktop +image/x-xcursor=gimp.desktop +image/x-xpixmap=ristretto.desktop +image/x-xpm=ristretto.desktop +image/x-xwindowdump=gimp.desktop +inode/directory=Thunar-folder-handler.desktop +misc/ultravox=totem.desktop +text/calendar=xfcalendar.desktop +text/comma-separated-values=calc.desktop +text/csv=calc.desktop +text/google-video-pointer=totem.desktop +text/html=firefox.desktop +text/mathml=math.desktop +text/mml=firefox.desktop +text/plain=leafpad.desktop +text/rtf=writer.desktop +text/spreadsheet=calc.desktop +text/tab-separated-values=calc.desktop +text/x-bibtex=jabref.desktop +text/x-comma-separated-values=calc.desktop +text/x-csv=calc.desktop +text/x-google-video-pointer=totem.desktop +text/x-suse-ymp=yast2-metapackage-handler.desktop +text/x-suse-ymu=yast2-metapackage-handler-ymu.desktop +text/xml=firefox.desktop +video/3gp=totem.desktop +video/3gpp=totem.desktop +video/divx=totem.desktop +video/dv=totem.desktop +video/fli=totem.desktop +video/flv=totem.desktop +video/mp2t=totem.desktop +video/mp4=totem.desktop +video/mp4v-es=totem.desktop +video/mpeg=totem.desktop +video/msvideo=totem.desktop +video/ogg=totem.desktop +video/quicktime=totem.desktop +video/vivo=totem.desktop +video/vnd.divx=totem.desktop +video/vnd.mpegurl=totem.desktop +video/vnd.rn-realvideo=vlc.desktop +video/vnd.vivo=totem.desktop +video/webm=totem.desktop +video/x-anim=totem.desktop +video/x-avi=totem.desktop +video/x-flc=totem.desktop +video/x-fli=totem.desktop +video/x-flic=totem.desktop +video/x-flv=totem.desktop +video/x-m4v=totem.desktop +video/x-matroska=totem.desktop +video/x-mpeg=totem.desktop +video/x-mpeg2=totem.desktop +video/x-ms-asf=totem.desktop +video/x-ms-asx=totem.desktop +video/x-ms-wm=totem.desktop +video/x-ms-wmv=totem.desktop +video/x-ms-wmx=totem.desktop +video/x-ms-wvx=totem.desktop +video/x-msvideo=totem.desktop +video/x-nsv=totem.desktop +video/x-ogm+ogg=totem.desktop +video/x-theora+ogg=totem.desktop +video/x-totem-stream=totem.desktop +x-content/audio-cdda=sound-juicer.desktop +x-content/audio-player=rhythmbox-device.desktop +x-content/image-dcf=shotwell.desktop +x-content/image-picturecd=brasero.desktop +x-content/video-dvd=totem.desktop +x-content/video-svcd=totem.desktop +x-content/video-vcd=totem.desktop +x-scheme-handler/ftp=firefox.desktop +x-scheme-handler/ghelp=yelp.desktop +x-scheme-handler/help=yelp.desktop +x-scheme-handler/http=firefox.desktop +x-scheme-handler/https=firefox.desktop +x-scheme-handler/icy=totem.desktop +x-scheme-handler/icyx=totem.desktop +x-scheme-handler/info=yelp.desktop +x-scheme-handler/itms=rhythmbox.desktop +x-scheme-handler/magnet=transmission-gtk.desktop +x-scheme-handler/mailto=thunderbird.desktop +x-scheme-handler/man=yelp.desktop +x-scheme-handler/mms=totem.desktop +x-scheme-handler/mmsh=totem.desktop +x-scheme-handler/net=totem.desktop +x-scheme-handler/pnm=totem.desktop +x-scheme-handler/rtmp=totem.desktop +x-scheme-handler/rtp=totem.desktop +x-scheme-handler/rtsp=totem.desktop +x-scheme-handler/uvox=totem.desktop -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit doomsday for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package doomsday for openSUSE:Factory checked in at 2014-05-02 10:52:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/doomsday (Old) and /work/SRC/openSUSE:Factory/.doomsday.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "doomsday" Changes: -------- --- /work/SRC/openSUSE:Factory/doomsday/doomsday.changes 2014-01-13 10:52:53.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.doomsday.new/doomsday.changes 2014-05-02 10:53:07.000000000 +0200 @@ -1,0 +2,25 @@ +Thu May 1 13:03:03 UTC 2014 - jengelh(a)inai.de + +- Update to new upstream release 1.14.1, which fixes: +* particles were shut off shortly after level start +* flickering light decoration on moving platform +* letterboxed/pillarboxed drawing of the game was broken +* Heretic ghost mummies' floating spirits were not disappearing + after death +* Shift key state was not recognized by bindings when typing in + console +* Multiplayer weapons were not remaining in play +* Gracefully abort if OpenGL version is not sufficient + +------------------------------------------------------------------- +Wed Apr 23 21:44:28 UTC 2014 - jengelh(a)inai.de + +- Update to new upstream release 1.14 +* It adds bloom to Doomsday's visual features. The last of the + old UI has been replaced, and now MP games and save games, due + to a new save game format, from all games can be accessed from + the taskbar or home screen (formerly Ring Zero). New alert and + tutorial notifications have been added to inform users of any + important engine, map and resource errors and about the UI. + +------------------------------------------------------------------- Old: ---- doomsday-1.13.1.tar.xz New: ---- doomsday-1.14.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ doomsday.spec ++++++ --- /var/tmp/diff_new_pack.Mw1DUw/_old 2014-05-02 10:53:08.000000000 +0200 +++ /var/tmp/diff_new_pack.Mw1DUw/_new 2014-05-02 10:53:08.000000000 +0200 @@ -17,9 +17,9 @@ Name: doomsday -Version: 1.13.1 +Version: 1.14.1 Release: 0 -%define rver 1.13.1 +%define rver 1.14.1 Summary: The Doomsday Engine: DOOM/Hertic/Hexen port with pretty graphics License: GPL-2.0+ and GPL-2.0 Group: Amusements/Games/3D/Shoot @@ -28,8 +28,7 @@ #Git-Web: https://github.com/skyjake/Doomsday-Engine #Git-Clone: git://github.com/skyjake/Doomsday-Engine -#DL-URL: http://downloads.sf.net/deng/doomsday-1.13.1.tar.gz -Source: %name-%rver.tar.xz +Source: http://downloads.sf.net/deng/%name-%rver.tar.gz Source2: %name-rpmlintrc BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -41,7 +40,6 @@ BuildRequires: libqt4-devel >= 4.6 BuildRequires: ncurses-devel BuildRequires: xorg-x11-devel -BuildRequires: xz BuildRequires: zlib-devel %if 0%{?suse_version} @@ -54,9 +52,11 @@ Provides: deng = %version-%release # Doomsday 1.12 needs OpenGL 2.x, which Mesa 9.0 (as shipped in openSUSE 12.3) -# does not have. As far as RPM is concerned, 3rd party GL drivers can coexist -# with Mesa-libGL1 as they are located in a separate directory, which means -# that having the Mesa require is always acceptable. +# does not have. +# For the situation in openSUSE 13.1+, as far as RPM is concerned, 3rd party +# GL drivers can coexist with Mesa-libGL1 as they are located in a separate +# directory, which means that having the following Mesa require is always +# acceptable. Requires: Mesa-libGL1 >= 9.2 %description @@ -108,7 +108,7 @@ pushd doomsday/; make install INSTALL_ROOT="$b"; mkdir -p "$b/%_libexecdir/%name"; -mv "$b/%_bindir"/{md2tool,texc} "$b/%_libexecdir/%name/"; +mv "$b/%_bindir"/{md2tool,savegametool,texc} "$b/%_libexecdir/%name/"; popd; mkdir -p "$b/%_sysconfdir/doomsday"; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit calligra for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package calligra for openSUSE:Factory checked in at 2014-05-02 10:52:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/calligra (Old) and /work/SRC/openSUSE:Factory/.calligra.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "calligra" Changes: -------- --- /work/SRC/openSUSE:Factory/calligra/calligra.changes 2014-03-09 18:21:43.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.calligra.new/calligra.changes 2014-05-02 10:53:02.000000000 +0200 @@ -1,0 +2,75 @@ +Tue Apr 29 22:18:03 UTC 2014 - hrvoje.senjan(a)gmail.com + +- Update to 2.8.2 + * Bugfix release, for more details please see + - General: + * Move Export to PDF command to the Export menu section instead + of the Print section for conformance with other office + suites (kde#332603). + * Fix “Missing import filter” bug when saving if not extension + is specified (even if selecting a File type is set to a format) + (kde#328975). + * Use native file dialogs on Windows. + - Kexi: + * Make Rich Text property false by default for Text Editor + form widget. Rich Text often causes misbehaviour. + - Krita + * Fix resetting the slider spin box when double clicking on + it (kde#330165). + * Ignore tablet press/release events which did not produce any + sane buttons (kde#331925). + * Added support for ‘evdev’ tablets (kde#332239, kde#331572, kde#329641). + * Save line smoothing options between runs of Krita. This is + really needed for low-level tablets like Genius to filter + the trajectory they report to us. + * Make Krita auto-recognize axes labels of Evdev tablets. + The labels are stored in a special property of the + XInput device. + * Recognize Surface Pro 2 tablets on Windows (kde#331922). + * Fixed size of predefined images. + * Set default gradient to alpha (kde#329008). + * Clean up the layout of the Transform tool. + * Hide unused settings for stroke in the Path tool (kde#331556). + * Fixed memory leaks in brush handling. + * Fixed memory leaks when resources fail to load. + * Fixed memory leaks when creating strokes (kde#331592). + * Don’t crash on creating a file layer in Krita Gemini (kde#332871). + * Improved splash screen. + * Fix loading plugins for Krita Gemini. + * Save tags with special characters properly (kde#332708). + * Fix removing of tags, don’t load or save dummy tags. + * Add import for PSD layer groups (kde#289857). + * Fix translation issues. + * Fix startup of Krtita Sketch and Gemini. + +------------------------------------------------------------------- +Tue Mar 25 20:24:58 UTC 2014 - tittiatcoke(a)gmail.com + +- Update to 2.8.1 + * Bugfix release + - Kexi + Bug 332329: do not remove table prefix when it is needed. + Bug 332293: fix crash on exporting reports as spread sheet document + Added ‘NOT LIKE’ SQL operator support in kexi queries. + Bug 331613: fixes sorting tables in the CSV import dialog. + - Krita + Fix memory leaks. + Fix loading and executing macros. + Save single-layer CMYK images correctly to PSD. + Bug 331805: do not let the selection grow bigger than the image on invert. + Bug 329945: fix the Unsharp Mask filter to not be applied with an offset. + Bug 322022: fix Mirror Mode in Color Smudge and Filter ops. + Bug 331775: make the Wrap-tool handles less obstructive. + Bug 332070: do not crash when selecting a template with a stylus doubleclick. + Bug 331950: mark the document as modified when changing layer properties. + Bug 331890: fix loading of multilayered PSD files. + Fix crash in pixellize filter. + Fix artefacts in the emboss filter. + Bug 331702: fix crash when saving 16 bits/channel PSD. + Fix crash in oilpaint filter. + - Flow + Add stencils icon generation. + - Words + Do not use calligrawords for plain-text files. + +------------------------------------------------------------------- Old: ---- calligra-2.8.0.tar.xz New: ---- calligra-2.8.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ calligra.spec ++++++ --- /var/tmp/diff_new_pack.8QRXUB/_old 2014-05-02 10:53:06.000000000 +0200 +++ /var/tmp/diff_new_pack.8QRXUB/_new 2014-05-02 10:53:06.000000000 +0200 @@ -17,17 +17,16 @@ Name: calligra -Version: 2.8.0 +Version: 2.8.2 Release: 0 Summary: Libraries and Base Files for the KDE Office Suite License: GPL-2.0+ and LGPL-2.1+ and GFDL-1.2 Group: Productivity/Office/Suite Url: http://www.calligra.org/ -Source0: ftp://ftp.kde.org/pub/kde/stable/%{name}-%{version}/%{name}-%{version}.tar.… +Source0: http://download.kde.org/stable/%{name}-%{version}/%{name}-%{version}.tar.xz %if 0%{?suse_version} > 1230 BuildRequires: OpenColorIO-devel %endif -BuildRequires: libodfgen-devel BuildRequires: OpenEXR-devel BuildRequires: create-resources BuildRequires: fdupes @@ -45,6 +44,7 @@ BuildRequires: liblcms-devel BuildRequires: liblcms2-devel BuildRequires: libmysqld-devel +BuildRequires: libodfgen-devel BuildRequires: libpoppler-qt4-devel # Kexi doesn't support libpqxx >= 4, for details see https://bugs.kde.org/show_bug.cgi?id=300871 %if 0%{?suse_version} < 1310 ++++++ calligra-2.8.0.tar.xz -> calligra-2.8.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/calligra/calligra-2.8.0.tar.xz /work/SRC/openSUSE:Factory/.calligra.new/calligra-2.8.2.tar.xz differ: char 27, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2-all-packages for openSUSE:Factory
by root＠hilbert.suse.de 02 May '14

02 May '14

Hello community, here is the log from the commit of package yast2-all-packages for openSUSE:Factory checked in at 2014-05-02 10:20:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-all-packages (Old) and /work/SRC/openSUSE:Factory/.yast2-all-packages.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-all-packages" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-all-packages/yast2-all-packages.changes 2014-03-11 08:03:33.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.yast2-all-packages.new/yast2-all-packages.changes 2014-05-02 10:20:31.000000000 +0200 @@ -1,0 +2,6 @@ +Fri May 2 07:29:57 UTC 2014 - jreidinger(a)suse.com + +- remove dropped yast2-iscsi-server and add replacement + yast2-iscsi-lio-server + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-all-packages.spec ++++++ --- /var/tmp/diff_new_pack.zPfRmE/_old 2014-05-02 10:20:32.000000000 +0200 +++ /var/tmp/diff_new_pack.zPfRmE/_new 2014-05-02 10:20:32.000000000 +0200 @@ -58,7 +58,7 @@ Requires: yast2-installation-devel-doc Requires: yast2-instserver Requires: yast2-iscsi-client -Requires: yast2-iscsi-server +Requires: yast2-iscsi-lio-server Requires: yast2-isns Requires: yast2-kdump Requires: yast2-ldap -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0