October 2014 - openSUSE Factory - openSUSE Mailing Lists

[opensuse-factory] using the created autoyast control.xml for a repeated install - discrepancies
by Per Jessen 04 Oct '14

04 Oct '14

I wanted to try out the optionally created autoyast control file - a 2nd installation with autoyast=<controlfile> doesn't exactly correspond to the first I have to say. The question is - should I expect an autoyast installation with an auto-created control.xml to be exactly the same as the manual installation? -- Per Jessen, Zürich (16.7°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 3

[opensuse-factory] cron daemon
by ellanios82 03 Oct '14

03 Oct '14

Hello List , - in case of interest : am getting several hundred Thunderbird Local Folders, each day, like : Cron <root@AIG> source /etc/sysconfig/mdadm; [ -n "$MDADM_CHECK_DURATION" -a -x /usr/share/mdadm/mdcheck ] && /usr/share/mdadm/mdcheck --continue --duration "$MDADM_CHECK_DURATION" ls: cannot access /dev/md?*: No such file or directory ............... regards -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

3 3

[opensuse-factory] rkhunter warns : /usr/bin/.fipscheck.hmac
by ellanios82 03 Oct '14

03 Oct '14

Hello List, rkhunter warns : "Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text " ........... - is this harmless ? ............ thanks, regards ellan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

10 15

[opensuse-factory] New Factory snapshot 20140928 released!
by Ludwig Nussel 03 Oct '14

03 Oct '14

Changed packages: ==== GraphicsMagick-devel ==== Subpackages: libGraphicsMagick-Q16-3 libGraphicsMagickWand-Q16-2 - Move library configuration files to separated package ==== ImageMagick ==== Version update (6.8.9.5 -> 6.8.9.8) Subpackages: ImageMagick-devel ImageMagick-doc ImageMagick-extra libMagick++-6_Q16-5 libMagickCore-6_Q16-2 libMagickWand-6_Q16-2 perl-PerlMagick - update to 6.8.9-8 * JPEG library version >= 80 is thread safe * Added support for some legacy dds formats - updated to 6.8.9-7 * Fix off by one buglet when extracting profiles 8BIM. * Fixed bug when reading 1 bit PSD. * Fixed fill-rule in SVG clip path. * Added support for R5G6B5, RGB5A1 and RGBA4 dds files. * Write LAB pixels as percentages in the TXT image format. * Throw exception when image morphology differs when comparing. * Remove mogrify backup file. * Read WEBP images from STDIN. ==== Mesa ==== Subpackages: Mesa-32bit Mesa-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2 - Update to version 10.3.0 (10.3 Final): - New features: + GL_ARB_ES3_compatibility on nv50, nvc0, r600, radeonsi, softpipe, llvmpipe + GL_ARB_clear_texture on i965 + GL_ARB_compressed_texture_pixel_storage on all drivers + GL_ARB_conditional_render_inverted on i965, nvc0, softpipe, llvmpipe + GL_ARB_derivative_control on i965, nv50, nvc0, r600 + GL_ARB_draw_indirect on nvc0, radeonsi + GL_ARB_explicit_uniform_location (all drivers that support GLSL) + GL_ARB_fragment_layer_viewport on nv50, nvc0, llvmpipe, r600 + GL_ARB_gpu_shader5 on i965/gen7, nvc0 + GL_ARB_multi_draw_indirect on nvc0, radeonsi + GL_ARB_sample_shading on radeonsi + GL_ARB_seamless_cubemap_per_texture on i965, llvmpipe, nvc0, r600, radeonsi, softpipe + GL_ARB_stencil_texturing on nv50, nvc0, r600, and radeonsi + GL_ARB_texture_barrier on nv50, nvc0, r300, r600, radeonsi + GL_ARB_texture_compression_bptc on i965/gen7+, nvc0, r600/evergreen+, radeonsi + GL_ARB_texture_cube_map_array on radeonsi + GL_ARB_texture_gather on r600, radeonsi + GL_ARB_texture_query_levels on nv50, nvc0, llvmpipe, r600, radeonsi, softpipe + GL_ARB_texture_query_lod on r600, radeonsi + GL_ARB_viewport_array on nvc0 + GL_AMD_vertex_shader_viewport_index on i965/gen7+, r600 + GL_OES_compressed_ETC1_RGB8_texture on nv30, nv50, nvc0, r300, r600, radeonsi, softpipe, llvmpipe + GLX_MESA_query_renderer on nv30, nv50, nvc0, r300, r600, radeonsi, softpipe, llvmpipe + A new software rasterizer driver (kms_swrast_dri.so) that works with DRM drivers that don't have a full-fledged GEM (such as qxl or simpledrm) - Changes: Building of gallium-pipe disabled for now by upstream, see: http://cgit.freedesktop.org/mesa/mesa/commit/?h=10.3&id=07426ad1029c3505b80… Nevertheless keep it around as it may get enabled again. ==== MozillaFirefox ==== Version update (31.1.0 -> 32.0.2) Subpackages: MozillaFirefox-translations-common - update to Firefox 32.0.2 * just a version bump for our builds * fixed the in application update process for certain environments (in application update is not enabled in openSUSE and Linux is unaffected in any case) - build with --disable-optimize for 13.1 and above for i586 to workaround miscompilations (bnc#896624) - use some more build flags to align with upstream - update to Firefox 32.0.1 * fixed stability issues for computers with multiple graphics cards * mixed content icon may be incorrectly displayed instead of lock icon for SSL sites in 32.0 ( * WebRTC: setRemoteDescription() silently fails if no success callback is specified (bmo#1063971) - update to Firefox 32.0 (bnc#894370) * MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562 Miscellaneous memory safety hazards * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality - rebased patches - requires NSS 3.16.4 - removed upstreamed patch * mozilla-aarch64-bmo-810631.patch - adapted _constraints, used more than 3900MB on s390x during last build - update to Firefox 31.0 (bnc#887746) * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards * MFSA 2014-57/CVE-2014-1549 (bmo#1020205) Buffer overflow during Web Audio buffering for playback * MFSA 2014-58/CVE-2014-1550 (bmo#1020411) Use-after-free in Web Audio due to incorrect control message ordering * MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375) Toolbar dialog customization event spoofing * MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free with FireOnStateChange event * MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable WebGL crash with Cesium JavaScript library * MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free while when manipulating certificates in the trusted cache (solved with NSS 3.16.2 requirement) * MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia library when scaling high quality images * MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560 (bmo#1015973, bmo#1026022, bmo#997795) Certificate parsing broken by non-standard character encoding * MFSA 2014-66/CVE-2014-1552 (bmo#985135) IFRAME sandbox same-origin access through redirect - use EGL on ARM - rebased patches - requires NSS 3.16.2 - requires python-devel (not only python) - update to Firefox 30.0 (bnc#881874) * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534 (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874, bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981, bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817, bmo#996536, bmo#996715, bmo#999651, bmo#1000598, bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223, bmo#1009952, bmo#1011007) Miscellaneous memory safety hazards (rv:30.0) * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538 (bmo#989994, bmo#999274, bmo#1005584) Use-after-free and out of bounds issues found using Address Sanitizer * MFSA 2014-50/CVE-2014-1539 (bmo#995603) Clickjacking through cursor invisability after Flash interaction * MFSA 2014-51/CVE-2014-1540 (bmo#978862) Use-after-free in Event Listener Manager * MFSA 2014-52/CVE-2014-1541 (bmo#1000185) Use-after-free with SMIL Animation Controller * MFSA 2014-53/CVE-2014-1542 (bmo#991533) Buffer overflow in Web Audio Speex resampler * MFSA 2014-54/CVE-2014-1543 (bmo#1011859) Buffer overflow in Gamepad API * MFSA 2014-55/CVE-2014-1545 (bmo#1018783) Out of bounds write in NSPR - rebased patches - removed obsolete patches * firefox-browser-css.patch * mozilla-aarch64-bmo-962488.patch * mozilla-aarch64-bmo-963023.patch * mozilla-aarch64-bmo-963024.patch * mozilla-aarch64-bmo-963027.patch * mozilla-ppc64-xpcom.patch * mozilla-ppc64le-javascript.patch * mozilla-ppc64le-libffi.patch * mozilla-ppc64le-mfbt.patch * mozilla-ppc64le-webrtc.patch * mozilla-ppc64le-xpcom.patch * mozilla-ppc64le-build.patch - requires NSPR 4.10.6 - enabled GStreamer 1.0 usage for 13.2 and above - update to Firefox 29.0.1 * Seer disabled by default (bmo#1005958) * Session Restore failed with a corrupted sessionstore.js file (bmo#1001167) * pdf.js printing white page (bmo#1003707, bnc#876833) - general.useragent.locale gets overwritten with en-US while it should be using the active langpack's setting - update to Firefox 29.0 (bnc#875378) * MFSA 2014-34/CVE-2014-1518/CVE-2014-1519 Miscellaneous memory safety hazards * MFSA 2014-36/CVE-2014-1522 (bmo#995289) Web Audio memory corruption issues * MFSA 2014-37/CVE-2014-1523 (bmo#969226) Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 (bmo#989183) Buffer overflow when using non-XBL object as XBL * MFSA 2014-39/CVE-2014-1525 (bmo#989210) Use-after-free in the Text Track Manager for HTML video * MFSA 2014-41/CVE-2014-1528 (bmo#963962) Out-of-bounds write in Cairo * MFSA 2014-42/CVE-2014-1529 (bmo#987003) Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 (bmo#895557) Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 (bmo#987140) Use-after-free in imgLoader while resizing images * MFSA 2014-45/CVE-2014-1492 (bmo#903885) Incorrect IDNA domain name matching for wildcard certificates (fixed by NSS 3.16) * MFSA 2014-46/CVE-2014-1532 (bmo#966006) Use-after-free in nsHostResolver * MFSA 2014-47/CVE-2014-1526 (bmo#988106) Debugger can bypass XrayWrappers with JavaScript - rebased patches - removed obsolete patches * firefox-browser-css.patch * mozilla-aarch64-599882cfb998.diff * mozilla-aarch64-bmo-963028.patch * mozilla-aarch64-bmo-963029.patch * mozilla-aarch64-bmo-963030.patch * mozilla-aarch64-bmo-963031.patch - requires NSS 3.16 - added mozilla-icu-strncat.patch to fix post build checks - add mozilla-aarch64-599882cfb998.patch, mozilla-aarch64-bmo-810631.patch, mozilla-aarch64-bmo-962488.patch, mozilla-aarch64-bmo-963030.patch, mozilla-aarch64-bmo-963027.patch, mozilla-aarch64-bmo-963028.patch, mozilla-aarch64-bmo-963029.patch, mozilla-aarch64-bmo-963023.patch, mozilla-aarch64-bmo-963024.patch, mozilla-aarch64-bmo-963031.patch: AArch64 porting - Add patch for bmo#973977 * mozilla-ppc64-xpcom.patch - Refresh mozilla-ppc64le-xpcom.patch patch - Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system - update to Firefox 28.0 (bnc#868603) * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards * MFSA 2014-17/CVE-2014-1497 (bmo#966311) Out of bounds read during WAV file decoding * MFSA 2014-18/CVE-2014-1498 (bmo#935618) crypto.generateCRMFRequest does not validate type of key * MFSA 2014-19/CVE-2014-1499 (bmo#961512) Spoofing attack on WebRTC permission prompt * MFSA 2014-20/CVE-2014-1500 (bmo#956524) onbeforeunload and Javascript navigation DOS * MFSA 2014-22/CVE-2014-1502 (bmo#972622) WebGL content injection from one domain to rendering in another * MFSA 2014-23/CVE-2014-1504 (bmo#911547) Content Security Policy for data: documents not preserved by session restore * MFSA 2014-26/CVE-2014-1508 (bmo#963198) Information disclosure through polygon rendering in MathML * MFSA 2014-27/CVE-2014-1509 (bmo#966021) Memory corruption in Cairo during PDF font rendering * MFSA 2014-28/CVE-2014-1505 (bmo#941887) SVG filters information disclosure through feDisplacementMap * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909) Privilege escalation using WebIDL-implemented APIs * MFSA 2014-30/CVE-2014-1512 (bmo#982957) Use-after-free in TypeObject * MFSA 2014-31/CVE-2014-1513 (bmo#982974) Out-of-bounds read/write through neutering ArrayBuffer objects * MFSA 2014-32/CVE-2014-1514 (bmo#983344) Out-of-bounds write through TypedArrayObject after neutering - requires NSPR 4.10.3 and NSS 3.15.5 - new build dependency (and recommends): * libpulse - update of PowerPC 64 patches (bmo#976648) (pcerny(a)suse.com) - rebased patches - update to Firefox 27.0.1 * Fixed stability issues with Greasemonkey and other JS that used ClearTimeoutOrInterval * JS math correctness issue (bmo#941381) - incorporate Google API key for geolocation (bnc#864170) - updated list of "other" locales in RPM requirements - update to Firefox 27.0 (bnc#861847) * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) * MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected content with XBL scopes * MFSA 2014-03/CVE-2014-1480 (bmo#916726) UI selection timeout missing on download prompts * MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of discarded images by RasterImage * MFSA 2014-05/CVE-2014-1483 (bmo#950427) Information disclosure with *FromPoint on iframes * MFSA 2014-06/CVE-2014-1484 (bmo#953993) Profile path leaks to Android system log * MFSA 2014-07/CVE-2014-1485 (bmo#910139) XSLT stylesheets treated as styles in Content Security Policy * MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free with imgRequestProxy and image proccessing * MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin information leak through web workers * MFSA 2014-10/CVE-2014-1489 (bmo#959531) Firefox default start page UI content invokable by script * MFSA 2014-11/CVE-2014-1488 (bmo#950604) Crash when using web workers with asm.js * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545, bmo#930874, bmo#930857) NSS ticket handling issues * MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent JavaScript handling of access to Window objects - requires NSS 3.15.4 or higher - rebased/reworked patches - removed obsolete mozilla-bug929439.patch - Add support for powerpc64le-linux. * mozilla-ppc64le.patch: general support * mozilla-libffi-ppc64le.patch: libffi backport * mozilla-xpcom-ppc64le.patch: port xpcom - Add build fix from mainline. * mozilla-bug929439.patch - update to Firefox 26.0 (bnc#854367, bnc#854370) * rebased patches * requires NSPR 4.10.2 and NSS 3.15.3.1 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-105/CVE-2013-5611 (bmo#771294) Application Installation doorhanger persists on navigation * MFSA 2013-106/CVE-2013-5612 (bmo#871161) Character encoding cross-origin XSS attack * MFSA 2013-107/CVE-2013-5614 (bmo#886262) Sandbox restrictions not applied to nested object elements * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-110/CVE-2013-5619 (bmo#917841) Potential overflow in JavaScript binary search algorithms * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-112/CVE-2013-6672 (bmo#894736) Linux clipboard information disclosure though selection paste * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) - removed gecko.js preference file as GStreamer is enabled by default now - update to Firefox 25.0 (bnc#847708) * rebased patches * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates - as GStreamer is not automatically required anymore but loaded dynamically if available, require it explicitely - recommend optional GStreamer plugins for comprehensive media support - move greek to the translations-common package (bnc#840551) - update to Firefox 24.0 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-78/CVE-2013-1721 (bmo#890277) Integer overflow in ANGLE library * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - enable gstreamer explicitely via pref (gecko.js) - require NSS 3.15.1 - update to Firefox 23.0.1 * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls (bmo#901527) - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - fix build on ARM (/-g/ matches /-grecord-switches/) - update to Firefox 22.0 (bnc#825935) * removed obsolete patches + mozilla-qcms-ppc.patch + mozilla-gstreamer-760140.patch * GStreamer support does not build on 12.1 anymore (build only on 12.2 and later) * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code execution within Profiler * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox restrictions not applied to nested frame elements * MFSA 2013-58/CVE-2013-1696 (bmo#761667) X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context * MFSA 2013-60/CVE-2013-1698 (bmo#876044) getUserMedia permission dialog incorrectly displays location * MFSA 2013-61/CVE-2013-1699 (bmo#840882) Homograph domain spoofing in .com, .net and .name - Fix qcms altivec include (mozilla-qcms-ppc.patch) - update to Firefox 21.0 (bnc#819204) * removed upstreamed patch firefox-712763.patch * removed disabled mozilla-disable-neon-option.patch * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-43/CVE-2013-1671 (bmo#842255) File input control has access to full path * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer - revert to use GStreamer 0.10 on 12.3 (bnc#814101) (remove mozilla-gstreamer-1.patch) - Explicitly disable WebRTC support on non-x86, the configure script disables it only half-heartedly - update to Firefox 20.0 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * mozilla-webrtc-ppc.patch included upstream * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) - build fixes for armv7hl: * disable debug build as armv7hl does not have enough memory * disable webrtc on armv7hl as it is non-compiling - update to Firefox 19.0.2 (bnc#808243) * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor - update to Firefox 19.0.1 * blocklist updates - update to Firefox 19.0 (bnc#804248) * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - added patch to fix session restore window order (bmo#712763) - update to Firefox 18.0.2 * blocklist and CTP updates * fixes in JS engine - update to Firefox 18.0.1 * blocklist updates * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - Fix WebRTC to build on powerpc - update to Firefox 18.0 (bnc#796895) * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas * MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads * MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups * MFSA 2013-06/CVE-2013-0751 (bmo#790454) Touch events are shared across iframes * MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads * MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection * MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values * MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy * MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects * MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in Javascript string concatenation * MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG * MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype * MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects * MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream * MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager * MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate * MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in Javascript Proxy objects - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) - removed obsolete SLE11 patches (mozilla-gcc43*) - reenable WebRTC - added mozilla-libproxy-compat.patch for libproxy API compat on openSUSE 11.2 and earlier - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468) - update to Firefox 17.0.1 * revert some useragent changes introduced in 17.0 * leaving private browsing with social enabled doesn't reset all social components (bmo#815042) - fix KDE integration for file dialogs - update to Firefox 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) - build on SLE11 * mozilla-gcc43-enums.patch * mozilla-gcc43-template_hacks.patch * mozilla-gcc43-templates_instantiation.patch - update to Firefox 16.0.2 (bnc#786522) * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 (bmo#800666, bmo#793121, bmo#802557) Fixes for Location object issues - bring back Obsoletes for libproxy's mozjs plugin for distributions before 12.2 to avoid crashes - update to Firefox 16.0.1 (bnc#783533) * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied - update to Firefox 16.0 (bnc#783533) * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer * MFSA 2012-87/CVE-2012-3990 (bmo#787704) Use-after-free in the IME State Manager - requires NSPR 4.9.2 - improve GStreamer integration (bmo#760140) - removed upstreamed mozilla-crashreporter-restart-args.patch - webapprt now included - use kmozillahelper's new REVEAL command (bnc#777415) (requires mozilla-kde4-integration >= 0.6.4) - updated translations-other with new languages - update to Firefox 15.0.1 (bnc#779936) * Sites visited while in Private Browsing mode could be found through manual browser cache inspection (bmo#787743) - update to Firefox 15.0 (bnc#777588) * MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 Use-after-free issues found using Address Sanitizer * MFSA 2012-59/CVE-2012-1956 (bmo#756719) Location object can be shadowed using Object.defineProperty * MFSA 2012-60/CVE-2012-3965 (bmo#769108) Escalation of privilege through about:newtab * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) Memory corruption with bitmap format images with negative height * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 WebGL use-after-free and memory corruption * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 SVG buffer overflow and use-after-free issues * MFSA 2012-64/CVE-2012-3971 Graphite 2 memory corruption * MFSA 2012-65/CVE-2012-3972 (bmo#746855) Out-of-bounds read in format-number in XSLT * MFSA 2012-66/CVE-2012-3973 (bmo#757128) HTTPMonitor extension allows for remote debugging without explicit activation * MFSA 2012-68/CVE-2012-3975 (bmo#770684) DOMParser loads linked resources in extensions when parsing text/html * MFSA 2012-69/CVE-2012-3976 (bmo#768568) Incorrect site SSL certificate data display * MFSA 2012-70/CVE-2012-3978 (bmo#770429) Location object security checks bypassed by chrome code * MFSA 2012-72/CVE-2012-3980 (bmo#771859) Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) - GStreamer is only used for MP4 (no WebM, OGG) - updated filelist - moved browser specific preferences to correct location - Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16) - update to 14.0.1 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-43/CVE-2012-1950 Incorrect URL displayed in addressbar through drag and drop * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-46/CVE-2012-1966 (bmo#734076) XSS through data: URLs * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-55/CVE-2012-1965 (bmo#758990) feed: URLs with an innerURI inherit security context of page * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs - license change from tri license to MPL-2.0 - fix crashreporter restart option (bmo#762780) - require NSS 3.13.5 - remove mozjs pacrunner obsoletes again for now - adopted mozilla-prefer_plugin_pref.patch - PPC fixes: * reenabled mozilla-yarr-pcre.patch to fix build for PPC * add patches for bmo#750620 and bmo#746112 * fix xpcshell segfault on ppc - update to Firefox 13.0.1 * bugfix release - obsolete libproxy's mozjs pacrunner (bnc#759123) - update to Firefox 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix sound notifications when filename/path contains a whitespace (bmo#749739) - fix build on arm - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) - update to Firefox 12.0 (bnc#758408) * rebased patches * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - added mozilla-libnotify.patch to allow fallback from libnotify to xul based events if no notification-daemon is running - gcc 4.7 fixes * mozilla-gcc47.patch * disabled crashreporter temporarily for Factory - recommend libcanberra0 for proper sound notifications - update to Firefox 11.0 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards - ported and reenabled KDE integration (bnc#746591) - explicitely build-require X libs - add Provides: browser(npapi) FATE#313084 - better plugin directory resolution (bnc#747320) - update to Firefox 10.0.2 (bnc#747328) * CVE-2011-3026 (bmo#727401) libpng: integer overflow leading to heap-buffer overflow - update to Firefox 10.0.1 (bnc#746616) * MFSA 2012-10/CVE-2012-0452 (bmo#724284) use after free in nsXBLDocumentInfo::ReadPrototypeBindings - Use YARR interpreter instead of PCRE on platforms where YARR JIT is not supported, since PCRE doesnt build (bmo#691898) - fix ppc64 build (bmo#703534) - update to Firefox 10.0 (bnc#744275) * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443 Miscellaneous memory safety hazards * MFSA 2012-03/CVE-2012-0445 (bmo#701071) <iframe> element exposed across domains via name attribute * MFSA 2012-04/CVE-2011-3659 (bmo#708198) Child nodes from nsDOMAttribute still accessible after removal of nodes * MFSA 2012-05/CVE-2012-0446 (bmo#705651) Frame scripts calling into untrusted objects bypass security checks * MFSA 2012-06/CVE-2012-0447 (bmo#710079) Uninitialized memory appended when encoding icon images may cause information disclosure * MFSA 2012-07/CVE-2012-0444 (bmo#719612) Potential Memory Corruption When Decoding Ogg Vorbis files * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466) Crash with malformed embedded XSLT stylesheets - KDE integration has been disabled since it needs refactoring - removed obsolete ppc64 patch - Disable neon for arm as it doesn't build correctly - update to Firefox 9.0.1 * (strongparent) parentNode of element gets lost (bmo#335998) - fix arm build, don't package crashreporter there - update to Firefox 9 (bnc#737533) * MFSA 2011-53/CVE-2011-3660 Miscellaneous memory safety hazards (rv:9.0) * MFSA 2011-54/CVE-2011-3661 (bmo#691299) Potentially exploitable crash in the YARR regular expression library * MFSA 2011-55/CVE-2011-3658 (bmo#708186) nsSVGValue out-of-bounds access * MFSA 2011-56/CVE-2011-3663 (bmo#704482) Key detection without JavaScript via SVG animation * MFSA 2011-58/VE-2011-3665 (bmo#701259) Crash scaling <video> to extreme sizes - Fix accessibility under GNOME 3 (bnc#732898) - fix ppc64 build - update to Firefox 8 (bnc#728520) * MFSA 2011-47/CVE-2011-3648 (bmo#690225) Potential XSS against sites using Shift-JIS * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards * MFSA 2011-49/CVE-2011-3650 (bmo#674776) Memory corruption while profiling using Firebug * MFSA 2011-52/CVE-2011-3655 (bmo#672182) Code execution via NoWaiverWrapper - rebased patches - enable telemetry prompt - update to minor release 7.0.1 * fixed staged addon updates - set intl.locale.matchOS=true in the base package as it causes too much confusion when it's only available with branding-openSUSE - update to Firefox 7 (bnc#720264) including * Improve Responsiveness with Memory Reductions * Instant Sync * WebSocket protocol 8 * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997 Miscellaneous memory safety hazards * MFSA 2011-39/CVE-2011-3000 (bmo#655389) Defense against multiple Location headers due to CRLF Injection * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001 Code installation through holding down Enter * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335) Potentially exploitable WebGL crashes * MFSA 2011-42/CVE-2011-3232 (bmo#653672) Potentially exploitable crash in the YARR regular expression library * MFSA 2011-43/CVE-2011-3004 (bmo#653926) loadSubScript unwraps XPCNativeWrapper scope parameter * MFSA 2011-44/CVE-2011-3005 (bmo#675747) Use after free reading OGG headers * MFSA 2011-45 Inferring keystrokes from motion data - removed obsolete mozilla-cairo-lcd.patch - rebased patches - removed XLIB_SKIP_ARGB_VISUALS=1 from environment in mozilla.sh.in (bnc#680758) - fixed loading of kde.js under KDE (bnc#718311) - add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1) - increase minversions for NSPR and NSS - recreated source archive to get correct source-stamp.txt - security update to 6.0.2 (bnc#714931) * Complete blocking of certificates issued by DigiNotar (bmo#683449) - security update to 6.0.1 (bnc#714931) * MFSA 2011-34 Protection against fraudulent DigiNotar certificates (bmo#682927) - update to 6.0 (bnc#712224) included security fixes MFSA 2011-29 * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985 Miscellaneous memory safety hazards * CVE-2011-2993 (bmo#657267) Unsigned scripts can call script inside signed JAR * CVE-2011-2988 (bmo#665934) Heap overflow in ANGLE library * CVE-2011-0084 (bmo#648094) Crash in SVGTextElement.getCharNumAtPosition() * CVE-2011-2990 Credential leakage using Content Security Policy reports * CVE-2011-2986 (bmo#655836) Cross-origin data theft using canvas and Windows D2D - removed obsolete curl header dependency (mozilla-curl.patch) - update to 6.0b3 * removed obsolete patches - firefox-shellservice.patch - mozilla-gio.patch - mozilla-ppc-ipc.patch - firefox-linkorder.patch - firefox-no-sync-l10n.patch - recognize linux3 as platform for symbolstore.py - Add x-scheme-handler/ftp to the MimeType key in the .desktop, to let desktops know that Firefox can deal with ftp: URIs. - create upstream branding package again (supposedly empty) (bnc#703401) - fix build on SLE11 (changes do not affect/are not applied for later versions) - enable startup notification (bnc#701465) - update to 5.0 final - included fixes for security issues: (bnc#701296, bnc#700578) * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375 Miscellaneous memory safety hazards * MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images * MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() * MFSA 2011-25/CVE-2011-2366 Stealing of cross-domain images using WebGL textures * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368 Multiple WebGL crashes * MFSA 2011-27/CVE-2011-2369 (bmo#650001) XSS encoding hazard with inline SVG * MFSA 2011-28/CVE-2011-2370 (bmo#645699) Non-whitelisted site can trigger xpinstall - update to 5.0b7 * updated supported locales - do not build dump_syms static (not needed for us) - > fix build for openSUSE 12.1 and above - update to 5.0b6 - include proper revision information into the build - speedier find-external-requires.sh - update to 5.0b3 - transformed to standalone Firefox (not xulrunner based) (with new Firefox rapid release cycle it makes no sense anymore) * imported all relevant xulrunner patches - do not compile in build timestamp - security update to 4.0.1 (bnc#689281) * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079 CVE-2011-0080 CVE-2011-0081 Miscellaneous memory safety hazards * MFSA 2011-17/CVE-2011-0068 (bmo#623791) WebGLES vulnerabilities * MFSA 2011-18/CVE-2011-1202 (bmo#640339) XSLT generate-id() function heap address leak - add all available icon sizes - license update: MPLv1.1 or GPLv2+ or LGPLv2+ Sync licenses with Fedora. MPL does not state ^or later^ - update to version 4.0rc2 - fixed rpm macros delivered with devel package (bnc#679950) - update to version 4.0b12 - rebased patches - update to version 4.0b11 * loads of bugfixes compared to last beta * added "Do Not Track" option - rebased patches - disable testpilot - set correct desktop file name within KDE for 11.4 and up - add devel package with macros for extensions (from lnussel(a)suse.de) - update to version 4.0b10 - removed obsolete firefox-shell-bmo624267.patch - testpilot moved to distribution/extensions - updated locale provides and removed bn-IN from locales - update to version 4.0b9 - added x-scheme-handler for http and https to desktop file for newer Gnome environments - fixed default browser check/set for GIO (bmo#611953) (mozilla-shellservice.patch) - removed obsolete firefox-appname.patch (integrated into shellservice patch) - renamed desktop file to firefox.desktop for 11.4 and newer (bnc#664211) - removed support for 10.3 and older from the spec file - removed obsolete "Ximian" categories from desktop file - Mirror ac_add_options --disable-ipc from xulrunner for PowerPC. - update to version 4.0beta8 - major update to version 4.0beta7 * based on mozilla-xulrunner20 * far too many internal changes to list - security update to 3.6.12 (bnc#649492) * MFSA 2010-73/CVE-2010-3765 (bmo#607222) Heap buffer overflow mixing document.write and DOM insertion - security update to 3.6.11 (bnc#645315) * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 Miscellaneous memory safety hazards * MFSA 2010-65/CVE-2010-3179 (bmo#583077) Buffer overflow and memory corruption using document.write * MFSA 2010-66/CVE-2010-3180 (bmo#588929) Use-after-free error in nsBarProp * MFSA 2010-67/CVE-2010-3183 (bmo#598669) Dangling pointer vulnerability in LookupGetterOrSetter * MFSA 2010-68/CVE-2010-3177 (bmo#556734) XSS in gopher parser when parsing hrefs * MFSA 2010-69/CVE-2010-3178 (bmo#576616) Cross-site information disclosure via modal calls * MFSA 2010-70/CVE-2010-3170 (bmo#578697) SSL wildcard certificate matching IP addresses * MFSA 2010-71/CVE-2010-3182 (bmo#590753) Unsafe library loading vulnerabilities * MFSA 2010-72/CVE-2010-3173 Insecure Diffie-Hellman key exchange - update to 3.6.10 * fixing startup topcrash (bmo#594699) - security update to 3.6.9 (bnc#637303) * MFSA 2010-49/CVE-2010-3169 Miscellaneous memory safety hazards * MFSA 2010-50/CVE-2010-2765 (bmo#576447) Frameset integer overflow vulnerability * MFSA 2010-51/CVE-2010-2767 (bmo#584512) Dangling pointer vulnerability using DOM plugin array * MFSA 2010-53/CVE-2010-3166 (bmo#579655) Heap buffer overflow in nsTextFrameUtils::TransformText * MFSA 2010-54/CVE-2010-2760 (bmo#585815) Dangling pointer vulnerability in nsTreeSelection * MFSA 2010-55/CVE-2010-3168 (bmo#576075) XUL tree removal crash and remote code execution * MFSA 2010-56/CVE-2010-3167 (bmo#576070) Dangling pointer vulnerability in nsTreeContentView * MFSA 2010-57/CVE-2010-2766 (bmo#580445) Crash and remote code execution in normalizeDocument * MFSA 2010-59/CVE-2010-2762 (bmo#584180) SJOW creates scope chains ending in outer object * MFSA 2010-61/CVE-2010-2768 (bmo#579744) UTF-7 XSS by overriding document charset using <object> type attribute * MFSA 2010-62/CVE-2010-2769 (bmo#520189) Copy-and-paste or drag-and-drop into designMode document allows XSS * MFSA 2010-63/CVE-2010-2764 (bmo#552090) Information leak via XMLHttpRequest statusText - disable crash reporter for non x86/x86_64 to make it build. - security update to 3.6.8 (bnc#622506) * MFSA 2010-48/CVE-2010-2755 (bmo#575836) Dangling pointer crash regression from plugin parameter array fix - security update to 3.6.7 (bnc#622506) * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 Miscellaneous memory safety hazards * MFSA 2010-35/CVE-2010-1208 (bmo#572986) DOM attribute cloning remote code execution vulnerability * MFSA 2010-36/CVE-2010-1209 (bmo#552110) Use-after-free error in NodeIterator * MFSA 2010-37/CVE-2010-1214 (bmo#572985) Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability * MFSA 2010-38/CVE-2010-1215 (bmo#567069) Arbitrary code execution using SJOW and fast native function * MFSA 2010-39/CVE-2010-2752 (bmo#574059) nsCSSValue::Array index integer overflow * MFSA 2010-40/CVE-2010-2753 (bmo#571106) nsTreeSelection dangling pointer remote code execution vulnerability * MFSA 2010-41/CVE-2010-1205 (bmo#570451) Remote code execution using malformed PNG image * MFSA 2010-42/CVE-2010-1213 (bmo#568148) Cross-origin data disclosure via Web Workers and importScripts * MFSA 2010-43/CVE-2010-1207 (bmo#571287) Same-origin bypass using canvas context * MFSA 2010-44/CVE-2010-1210 (bmo#564679) Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957) Multiple location bar spoofing vulnerabilities * MFSA 2010-46/CVE-2010-0654 (bmo#524223) Cross-domain data theft using CSS * MFSA 2010-47/CVE-2010-2754 (bmo#568564) Cross-origin data leakage from script filename in error messages - update to 3.6.6 release * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before being terminated. - update to final 3.6.4 release (bnc#603356) * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ CVE-2010-1203 Crashes with evidence of memory corruption (rv:1.9.2.4) * MFSA 2010-28/CVE-2010-1198 (bmo#532246) Freed object reuse across plugin instances * MFSA 2010-29/CVE-2010-1196 (bmo#534666) Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal * MFSA 2010-30/CVE-2010-1199 (bmo#554255) Integer Overflow in XSLT Node Sorting * MFSA 2010-31/CVE-2010-1125 (bmo#552255) focus() behavior can be used to inject or steal keystrokes * MFSA 2010-32/CVE-2010-1197 (bmo#537120) Content-Disposition: attachment ignored if Content-Type: multipart also present * MFSA 2010-33/CVE-2008-5913 (bmo#475585) User tracking across sites using Math.random() - update to 3.6.4(build6) - security update to 3.6.4 (Lorentz) * enable crashreporter also for x86-64 * Flash runs in a separate process to avoid crashing Firefox (ix86 only; x86-64 still uses nspluginwrapper) - security update to 3.6.3 * MFSA 2010-25/CVE-2010-1121 (bmo#555109) Re-use of freed object due to scope confusion - security update to version 3.6.2 (bnc#586567) * MFSA 2010-08/CVE-2010-1028 WOFF heap corruption due to integer overflow * MFSA 2010-09/CVE-2010-0164 (bmo#547143) Deleted frame reuse in multipart/x-mixed-replace image * MFSA 2010-10/CVE-2010-0170 (bmo#541530) XSS via plugins and unprotected Location object * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167 Crashes with evidence of memory corruption * MFSA 2010-12/CVE-2010-0171 (bmo#531364) XSS using addEventListener and setTimeout on a wrapped object * MFSA 2010-13/CVE-2010-0168 (bmo#540642) Content policy bypass with image preloading * MFSA 2010-14/CVE-2010-0169 (bmo#535806) Browser chrome defacement via cached XUL stylesheets * MFSA 2010-15/CVE-2010-0172 (bmo#537862) Asynchronous Auth Prompt attaches to wrong window * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 Crashes with evidence of memory corruption * MFSA 2010-18/CVE-2010-0176 (bmo#538308) Dangling pointer vulnerability in nsTreeContentView * MFSA 2010-19/CVE-2010-0177 (bmo#538310) Dangling pointer vulnerability in nsPluginArray * MFSA 2010-20/CVE-2010-0178 (bmo#546909) Chrome privilege escalation via forced URL drag and drop * MFSA 2010-22/CVE-2009-3555 (bmo#545755) Update NSS to support TLS renegotiation indication * MFSA 2010-23/CVE-2010-0181 (bmo#452093) Image src redirect to mailto: URL opens email editor * MFSA 2010-24/CVE-2010-0182 (bmo#490790) XMLDocument::load() doesn't check nsIContentPolicy - update to 3.6rc2 (already named 3.6.0) - removed obsolete orbit-devel build requirement - major update to 3.6rc1 - update to version 3.5.7 (bnc#568011) * DNS resolution in MakeSN of nsAuthSSPI causing issues for proxy servers that support NTLM auth (bmo#535193) - added missing lockdown preferences (bnc#567131) - readded firefox-ui-lockdown.patch (bnc#546158) - security update to version 3.5.6 (bnc#559807) * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 Crashes with evidence of memory corruption (rv:1.9.1.6) * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library * MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities * MFSA 2009-70/VE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener - fixed firefox-browser-css.patch (bnc#561027) - rebased patches for fuzz=0 - update to version 3.5.5 (bnc#553172) - security update to version 3.5.4 (bnc#545277) * MFSA 2009-52/CVE-2009-3370 (bmo#511615) Form history vulnerable to stealing * MFSA 2009-53/CVE-2009-3274 (bmo#514823) Local downloaded file tampering * MFSA 2009-54/CVE-2009-3371 (bmo#514554) Crash with recursive web-worker calls * MFSA 2009-55/CVE-2009-3372 (bmo#500644) Crash in proxy auto-configuration regexp parsing * MFSA 2009-56/CVE-2009-3373 (bmo#511689) Heap buffer overflow in GIF color map parser * MFSA 2009-57/CVE-2009-3374 (bmo#505988) Chrome privilege escalation in XPCVariant::VariantDataToJS() * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862) Heap buffer overflow in string to number conversion * MFSA 2009-61/CVE-2009-3375 (bmo#503226) Cross-origin data theft through document.getSelection() * MFSA 2009-62/CVE-2009-3376 (bmo#511521) Download filename spoofing with RTL override * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378 Upgrade media libraries to fix memory safety bugs * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383 Crashes with evidence of memory corruption - removed upstreamed patch * firefox-bug506901.patch - fix KDE button order in one more place (bnc#170055) - improve UI colors to be usable with dark themes at all (firefox-browser-css.patch) (bnc#503351) - extend list of supported architectures as ABI identifier (mozilla-abi.patch) (bnc#543460) - added KDE integration patch from llunak(a)novell.com (firefox-kde.patch) * support for knotify, making -kde4-addon obsolete * KDE-specific support functional (bnc#170055) - do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs) - security update to version 3.5.3 (bnc#534458) * MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/ CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075 Crashes with evidence of memory corruption * MFSA 2009-49/CVE-2009-3077 (bmo#506871) TreeColumns dangling pointer vulnerability * MFSA 2009-50/CVE-2009-3078 (bmo#453827) Location bar spoofing via tall line-height Unicode characters * MFSA 2009-51/CVE-2009-3079 (bmo#454363) Chrome privilege escalation with FeedWriter - renamed patch firefox-contextmenu-gnome to firefox-cross-desktop as it contains more tweaks to handle non-Gnome environments and especially KDE integration: * added the ability to set the KDE default browser (still part of bnc#170055) - split -translations package into -common and -other (bnc#529180) - remove "set as background" from context menu if not running in Gnome (part of bnc#170055) - security update to version 3.5.2 * MFSA 2009-38/CVE-2009-2470 (bmo#459524) Data corruption with SOCKS5 reply containing DNS name longer than 15 characters * MFSA 2009-44/CVE-2009-2654 (bmo#451898) Location bar and SSL indicator spoofing via window.open() on invalid URL * MFSA 2009-45 Crashes with evidence of memory corruption * MFSA 2009-46 (bmo#498897) Chrome privilege escalation due to incorrectly cached wrapper * various other stability fixes - export MOZ_APP_LAUNCHER in the startscript (bmo#453689) - fixed %exclude usage - fixed preferences' advanced pane for fresh profiles (bmo#506901) - security update to version 3.5.1 * MFSA 2009-41 Corrupt JIT state after deep return from native function - added mozilla-linkorder.patch to fix build with --as-needed - update to final version 3.5 (20090623) - fixed build by linking to a real file - update to version 3.5rc2 (20090617) - BuildRequire mozilla-xulrunner191 = 1.9.1.0 - update to version 3.5b99 (20090604) - BuildRequire mozilla-xulrunner191 = 1.9.1b99 - fixed typos in improved xulrunner dependencies - use non-localized Downloads folder (bnc#501724) - update to new major version 3.5b4 * based on Gecko 1.9.1 (mozilla-xulrunner191) * Private Browsing Mode * TraceMonkey JavaScript engine * Geolocation support * native JSON and web worker threads support * speculative parsing for faster content rendering * Some HTML5 support - updated firefox.schemas - improved firefox-no-update.patch - security update to 3.0.10 * MFSA 2009-23/CVE-2009-1313 (bmo#489647) Crash in nsTextFrame::ClearTextRun() - security update to 3.0.9 (bnc#495473) * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) * MFSA 2009-15/CVE-2009-0652 (bmo#479336) URL spoofing with box drawing character * MFSA 2009-16/CVE-2009-1306 (bmo#474536) jar: scheme ignores the content-disposition: header on the inner URI * MFSA 2009-17/CVE-2009-1307 (bmo#481342) Same-origin violations when Adobe Flash loaded via view-source: scheme * MFSA 2009-18/CVE-2009-1308 (bmo#481558) XSS hazard using third-party stylesheets and XBL bindings * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433) Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString * MFSA 2009-20/CVE-2009-1310 (bmo#483086) Malicious search plugins can inject code into arbitrary sites * MFSA 2009-21/CVE-2009-1311 (bmo#471962) POST data sent to wrong site when saving web page with embedded frame * MFSA 2009-22/CVE-2009-1312 (bmo#475636) Firefox allows Refresh header to redirect to javascript: URIs - security update to 1.9.0.8 (bnc#488955,489411) * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation * MFSA 2009-13/CVE-2009-1044 (bmo#484320) Arbitrary code execution via XUL tree moveToEdgeShift - allow RPM provides for stuff besides shared libraries (e.g. mime-types) - security update to 3.0.7 (bnc#478625) * MFSA 2009-07 - Crashes with evidence of memory corruption CVE-2009-0771 - Layout Engine Crashes CVE-2009-0772 - Layout Engine Crashes CVE-2009-0773 - crashes in the JavaScript engine CVE-2009-0774 - Layout Engine Crashes * MFSA 2009-08/CVE-2009-0775 - (bmo#474456) Mozilla Firefox XUL Linked Clones Double Free Vulnerability * MFSA 2009-09/CVE-2009-0776 (bmo#414540) XML data theft via RDFXMLDataSource and cross-domain redirect * MFSA 2009-10/CVE-2009-0040 (bmo#478901) Upgrade PNG library to fix memory safety hazards * MFSA 2009-11/CVE-2009-0777 (bmo#452979) URL spoofing with invisible control characters ==== PackageKit ==== Version update (0.8.17 -> 1.0.0) Subpackages: PackageKit-backend-zypp PackageKit-browser-plugin PackageKit-gstreamer-plugin PackageKit-gtk3-module typelib-1_0-PackageKitGlib-1_0 - Update to version 1.0.0: + The offline update functionality has moved to a proper D-Bus interface and the pkexec helpers have been removed. Offline updates is an important feature that no longer deserves to be bolted-on. All the existing users have been ported to the new interface, but you need 3.13.92 if you're running GNOME from unstable or jhbuild. + No more plugins. Both in-tree and out-of-tree plugins were the biggest source of crashes, and with the systemd offline updates merged into the core daemon they are just not reuired anymore. All affected projects have been notified. + No more conary, opkg, smart or yum plugins. These have been unmaintained and broken for over two years, so time to give them the heave-ho. + The alpm, aptcc, hif and zypp plugins have had lots of love, and are up to date with the latest features and working well. + New Features: - Add a D-Bus interface and helpers for offline support. - Add a repo-set-data command to packagekit-direct. - Add a simple script that generates some offline metadata. - Add pk_backend_job_get_cancellable(). - Add pk_backend_job_is_cancelled(). - Add pk_backend_set_user_data(). - Add pk_offline_get_prepared_sack() and use it in the systemd-updates plugin. - Remove pk-debuginfo-install. - Remove support for distros not supporting /etc/os-release. - Remove the --enable-systemd-updates configure switch. - Remove the events/pre-transaction.d functionality. - Remove the pkexec systemd helpers. - Remove the plugin interface. - Remove various options from the config file. + Bugfixes: - Automatically do pk_backend_job_finished() for threaded backends. - Do not shutdown the daemon on idle by default. - Fix compile of the ConnMan network support. - Fix packagekit-offline-update.service generation. - Increase the default transaction limits. - Prefer npapi-sdk over mozilla-plugins. - Refresh the NetworkManager state when the daemon starts. - Add rcpackagekitd and rcpackagekitd-offline-update symlinks. - Shorten the Summary of PackageKit-branding-upstream a bit. - Update to version 0.9.6 (git master/0fcee3c): + Fix a multitude of possible crashers. - Drop 0002-Build-against-npapi-sdk-instead-of-xulrunner.patch and PackageKit-zypp-0.9.patch: fixed upstream. - Update to version 0.9.5: + New Features: - Add --allow-untrusted option to pkcon. - Add a new tool called packagekit-direct that can run without a daemon. - Remove remaining time reporting. - Remove the desktop.db plugin. + Bugfixes: - Do not commit the transaction manually but instead set the correct state. - Do not log a critical warning when idle exiting. - Fix a crash when we are cancelling a transaction that has not yet been run. - Make browser-plugin search for npapi-sdk or mozilla-plugin. - Never ever use g_main_context_iteration() manually. + Backend fixes. + For changes from version 0.9.1 up to 0.9.4: please see NEWS file. - No longer pass --with-security-framework to configure: not known anymore. - Rebase 0002-Build-against-npapi-sdk-instead-of-xulrunner.patch and PackageKit-dbus-location.patch. - Drop PackageKit-zypp-filter-uninstalled-packages.patch: fixed upstream. - Add PackageKit-zypp-0.9.patch: port zypp backend to PK 0.9.x. - Drop typelib-1_0-PackageKitPlugin-1_0 subpackage: the plugin architecture does no longer exist. - Rename libpackagekit-glib2-16 subpackage to libpackagekit-glib2-18, following upstreams soname change. - Rework for GStreamer 1.0 support: + Remove gstreamer-0_10-devel and gstreamer-0_10-plugins-base-devel BuildRequires. + Add gstreamer-devel and gstreamer-plugins-base-devel BuildRequires. + Change supplements in gstreamer-plugin to packageand(%{name}:gstreamer-plugins-base). ==== PackageKit-Qt-devel ==== Version update (0.8.8 -> 0.9.2) - Add 0001-Use-GNUInstallDirs-to-determine-most-of-used-variabl.patch: Use GNUinstallDirs to determine relevant destination directories. Also removed unused vars. - Pass only install prefix, the above patch takes care of the libdir. - Add PackageKit-Qt-ff-7248b030c0.patch: Fast forward to git commit 7248b030c0, fixing build with PackageKit 1.0.0. - Rename libpackagekit-qt2-6 subpackage to libpackagekitqt4-0, following upstreams soname bump. - Adust Requires in -devel package accordingly. - Update to version 0.9.2: + Notes: - Update to new PK API 0.9. - Applied a series of patches to port to Qt5. + New Features: - Add GetDetailsLocal, GetFilesLocal and RepoRemove. - Make use of DBus Properties changed to make less blocking calls. + Bugfixes: - Allow for Details to be empty constructed. - Cleaned include directive. - Finish the API changes to get rid of blocking calls. - Fix CMake var names for both Qt versions. - Fix libdir path. - Fix reply signature for Transaction methods. - Improve object handlying. - I think the API level should be hidden from libname. - Keep only one transaction flags, which is unlikely to change. - PackageKit doesn't has a changed signal anymore. - Properly delete private data on daemon as DaemonPrivate is not a QObject. - Properly handle new Details signal. - Properly init some Daemon values. - Queue signals so that all transaction properties are available when needed. - Remove debug info. - Update Roles enum, remove Provides enum, and fix some docs typos. - Drop PackageKit-Qt-libdir-references.patch: fixed upstream. ==== PackageKit-branding-openSUSE ==== - Rebase PackageKit-branding-default-config.patch for PackageKit 0.9.6. ==== accountsservice ==== Version update (0.6.37 -> 0.6.38) Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - Update to version 0.6.38: + Fix polkit policy for non-desktop cases. + Fix for a race when new user appears. + Some clearer log and debug messages. ==== apache2-mod_perl ==== - Changed access control statements in config file to use mod_authz_host (bnc#897005) - adapt test configuration for apache24 to fix build * use the new access control mechanisms from apache24 * added apache24-mod_authz_host.patch ==== apper ==== Version update (0.8.2 -> 0.9.1) - add no-popup-for-background-actions.patch to avoid popups from background jobs - Update to 0.9.1 * bug fix release - Update to 0.9.0 * Support for the PackageKit 0.9.x API * use async calls on PackageKit-Qt everywhere ==== autoyast2 ==== Version update (3.1.60 -> 3.1.64) Subpackages: autoyast2-installation - Documentation update for SLES12. - 3.1.64 - Exporting package selection correctly. (bnc#897404) - 3.1.63 - Fixed path of change-root scripts which have been defined in autoinst.xml. (bnc#897212) - 3.1.62 - Finishing the autoyast-initscripts.service BEFORE the user can login. (bnc#891144) - 3.1.61 ==== bash ==== Subpackages: bash-doc libreadline6 readline-devel readline-doc - Add patches bash-4.2-BSC898604.patch for bsc#898604: functions via environment hardening bash-4.2-CVE-2014-7169.patch for bsc#898346, CVE-2014-7169: incremental parsing fix for function environment issue bash-4.2-CVE-2014-7187.patch for bsc#898603, CVE-2014-7186, CVE-2014-7187: bad handling of HERE documents and for loop issue - Add bash-4.2-CVE-2014-6271.patch to fix CVE-2014-6271, the unexpected code execution with environment variables (bnc#896776) - Add patch bash-4.2-error-getpwd.patch which is the backport of the corrected german error message for a failing getpwd (bnc#895475) ==== btrfsprogs ==== Version update (3.16 -> 3.16.1) Subpackages: libbtrfs0 - version 3.16.1 - library version defines - subvol list: -R to print received UUID - fixed detection of multiple mounts on the same directory - restore: misc fixes - other fixes - Modified patches (sync with pending upstream versions): * 0011-btrfs-progs-Enhance-the-command-btrfs-filesystem-df.patch * 0012-btrfs-progs-Add-helpers-functions-to-handle-the-prin.patch * 0013-btrfs-progs-Add-command-btrfs-filesystem-disk-usage.patch * 0018-btrfs-progs-read-global-reserve-size-from-space-info.patch * 0020-btrfs-progs-move-device-usage-to-cmds-device-more-cl.patch * 0024-btrfs-progs-Print-more-info-about-device-sizes.patch * 0025-btrfs-progs-compare-unallocated-space-against-the-co.patch * 0028-btrfs-progs-extend-pretty-printers-with-unit-mode.patch * 0029-btrfs-progs-replace-df_pretty_sizes-with-pretty_size.patch - Removed patch: library-version-defines.patch (upstream) ==== cantarell-fonts ==== Version update (0.0.15 -> 0.0.16) - Update to version 0.0.16: + Add space variations (bgo#735205). ==== compositeproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== coreutils ==== - Add coreutils-fix_false_du_failure_on_newer_xfs.patch that fixes a false negative in the testsuite. - Add coreutils-disable_tests.patch to not run a tests that fail inside the OBS. - Add coreutils-test_without_valgrind.patch to not use valgrind in shuf-reservoir. ==== crash-kmp-default ==== Version update (7.0.7_k3.16.2_1.gdcee397 -> 7.0.8_k3.16.3_1.gd2bbe7f) Subpackages: crash-kmp-desktop crash-kmp-xen - Upgrade to 7.0.8 from upstream. For a detailed changelog see http://people.redhat.com/anderson/crash.changelog.html - Dropped (now in upstream): - crash-keep-file-orig-with-name-on-select.patch: - As crash-7.0.8/gdb-7.6-ppc64le-support.patch: - crash-gdb-7.6-ppc64_sysv_abi_push_float.patch - crash-gdb-7.6-bound_minimal_symbol.patch - crash-gdb-7.6-add-powerpc64le-linux.patch - crash-gdb-7.6-update-autoconf-2013-04-24.patch - crash-gdb-7.6-ppc_insns_match_pattern.patch - crash-gdb-7.6-floatformat.patch - crash-gdb-7.6-ppc64-ELFv2-trampoline-match.patch - crash-gdb-7.6-update-autoconf-2013-06-10.patch - crash-gdb-7.6-ppc64le.patch ==== cron ==== Subpackages: cronie - fixes bnc#833240: the first occurance of "/etc/anacrontab" replaced with "/etc/crontab" in the manpage file - version updated to 1.4.12 * various small bugfixes ==== cyrus-sasl ==== Subpackages: cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-plain libsasl2-3 libsasl2-3-32bit - bnc#897837 saslauthd package has no config ==== damageproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== dbus-1-devel ==== Subpackages: libdbus-1-3 libdbus-1-3-32bit - Update baselibs.conf: Provides dbus-1-32bit in lib package ==== dbus-1 ==== Subpackages: dbus-1-x11 - Update baselibs.conf: Provides dbus-1-32bit in lib package ==== deja-dup ==== Version update (28.0 -> 32.0) Subpackages: nautilus-deja-dup - Update to version 32.0: + Features: Drop support for Ubuntu One cloud storage, since it has shut down. + Packaging: Fix some compile issues and warnings. + Updated translations. - Update to version 30.0: + Packaging: Fix build with CMake 2.8.12. - Changes from version 29.5: + Bug Fixes: Re-enable libunity support after it was accidentally dropped in 29.1. + Packaging: Require duplicity 0.6.23. - Changes from version 29.4: + Bug Fixes: Add missing icon in help documentation. + Packaging: - Add ENABLE_UNITY_CCPANEL argument for unity-control-center support. - Fix some compile problems with valac, parallel building, and rpath support. - Changes from version 29.1: + Bug Fixes: Detect encryption on existing backups by paying attention to what Duplicity tells us, rather than trying to figure it out by scanning ourselves. This removes a possible source of error. + Polish: - Rename to Backups (instead of Backup). - Update look and feel of preferences a bit. - Add screenshots to appdata file. + Packaging: - Require GTK+ 3.6 and GLib 2.34. - Convert from autotools to cmake: --with-ccpanel is now - DENABLE_CCPANEL, --with-nautilus is now -DENABLE_NAUTILUS, - -with-unity is now -DENABLE_UNITY. Otherwise, normal cmake conventions apply. - Add some autopilot tests, runnable by 'autopilot' and 'autopilot-system' targets (which test against the local built executables or the installed system ones respectively). + Updated translations. - Add deja-dup-help2man_stderr.patch: Corrects help2man failure in build. - Drop deja-dup-vala-0.22.patch: Incorporated upstream. - Updated .spec file for new CMake build process: add cmake BuildRequires. - Add -Wl,rpath to CFLAGS and CXXFLAGS to ensure we do not lose the path to the private library. ==== dia ==== Version update (0.97.2 -> 0.97.3) Subpackages: dia-lang - Update to version 0.97.3: + Fix double free with some SVG rendering (regression from Dia 0.97.2). + Fixes to cope better with updated versions of Dia's dependencies: - don't crash at start-up with ABI breaking GLib 2-36. - don't assert in cairo 1.12 with invalid arc parameters. - avoid kerning problems (character overlap) for all Pango versions. - fix image files to be loadable by libpng16. + Backport fixes for some seldom crashes and other annoyances. + Updated translations. - Drop upstream fixed patches: + dia-glib-2.31.patch. + dia-glib-2.35.patch. + dia-swig-2x.patch. + dia-use-recommended-freetype-include.patch. ==== digikam ==== Version update (4.2.0 -> 4.3.0) Subpackages: digikam-doc kipi-plugins kipi-plugins-acquireimage kipi-plugins-geolocation libkface-devel libkface2 libkgeomap-devel libkgeomap1 libmediawiki-devel libmediawiki1 - Update to 4.3.0 digikam: - Database : Nepomuk support have been replaced by Baloo support - Map Searches : New option to display all non geolocated images from collections. - General : New notification event when kioslave cannot be started. - General : OSX event notifier is now used to dispatch notifications. - AlbumGui : New Action To Exclude Items Without Rating with items filter. kipi-plugins: - ExpoBlending: remove OPenMP dependency. Ported to QtConcurrentRun. - Panorama: support next hugin version (2014.0). - Build with baloo support for 13.2+ ==== dmxproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== dosfstools ==== - Drop gpg-offline build-time requirement; this is now handled by the local source validator ==== dracut ==== - Try to load xennet driver in network module (if loaded). bnc#896464 * Add 0159-network-Try-to-load-xennet.patch ==== dri2proto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== dri3proto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== fcitx ==== Version update (4.2.8.4 -> 4.2.8.5) Subpackages: fcitx-branding-openSUSE fcitx-gtk2 fcitx-gtk3 fcitx-pinyin fcitx-qt4 fcitx-table libfcitx-4_2_8 - update version 4.2.8.5 * bugfix release ==== fixesproto-devel ==== - require pkgconfig(xextproto) >= 7.0.99.1 in order to fix build of xcursorgen/xcursor-themes - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== fontcacheproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== fontsproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== freeglut-devel ==== Subpackages: libglut3 - Cleanup buildrequires to include only what is actually used. ==== fribidi-devel ==== - libfribidi-devel requires %{lname} = %{version} - Utilize shared library package naming guidelines - Drop Requires:pkg-config for fribidi-devel, it is implicit (due to .pc file being picked up by rpm find-requires) ==== gfxboot ==== Version update (4.5.4 -> 4.5.5) Subpackages: gfxboot-devel - recreated font to match latest translations - translation update - remove duplicate 'Default' from po file - 4.5.5 ==== ghostscript ==== Version update (9.14 -> 9.15) Subpackages: ghostscript-devel ghostscript-x11 - Version upgrade to 9.15. Primarily a maintenance release. There are no recorded incompatible changes (as of this writing). Highlights in this release include: * Ghostscript now supports the PDF security handler revision 6. * The pdfwrite and ps2write (and related) devices can now be forced to "flatten" glyphs into "basic" marking operations (rather than writing fonts to the output), by giving the -dNoOutputFonts command line option (defaults to "false"). * PostScript programs can now use get_params or get_param to determine if a page contains color markings by reading the pageneutralcolor state from the device (so whether the page is "color" or "mono"). Note that this is only accurate when in clist mode, so -dMaxBitmap=0 and -dGrayDetection=true should both be used. * The pdfwrite device now supports Link annotations with GoTo and GoToR actions. * The pdfwrite device now supports BMC/BDC/EMC pdfmarks * Regarding the new color management for the pdfwrite device introduced in the previous release, the proscription on using the new color management when producing PDF/A-1 compliant files is now lifted. To reiterate, also, with the new color management implementation, using the UseCIEColor option is strongly discouraged. For further information on the new pdfwrite color management, see in Ps2pdf.htm the "Color Conversion and Management" section. * Plus the usual round of bug fixes, compatibility changes, and incremental improvements. For details see the News.htm and History9.htm files. - Version upgrade to 9.15rc2 (second release candidate for 9.15). Ghostscript upstream QA highlighted a couple of issues that they felt warranted a fresh release candidate. For details see the History9.htm file. - Version upgrade to 9.15rc1 (first release candidate for 9.15). For details see the News.htm and History9.htm files. - ppc64le-support.patch is no longer needed because it is fixed in the upstream sources. - Removed trailing whitespaces in spec file and changes file. ==== gimp ==== Version update (2.8.10 -> 2.8.14) Subpackages: gimp-help-browser gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - update to version 2.8.14: + Fix libtool versioning (forgot to bump gimp_interface_age). - Changes from Version 2.8.12: + Core: - Fix brush sizes when used from plug-ins. - Make XCF loading more robust against broken files. + GUI: - Make sure the widget direction matches the GUI language. - Remove the option to disable the warning when closing a modified image. - Fix canvas overlay widgets (like the text options) for tablets. - Make DND work between images in one dockable. + Libgimp: Make gimp_image_get_name() return the string used for the image title. + Plug-ins: - Make script-fu-server more secure by listening to 127.0.0.1 by default and add a warning about changing that IP. This breaks the procedure's API, but for security reasons. - Bring back proper script-fu translations. + General: - Add Jenkins tutorial. - Documentation updates. - Bug fixes. + Updated translations. - Drop gimp-use-recommended-freetype-include.patch: fixed upstream. ==== git ==== Version update (2.1.0 -> 2.1.1) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.1.1: * Git 2.0 had a regression where "git fetch" into a shallowly cloned repository from a repository with bitmap object index enabled did not work correctly. This has been corrected. * Git 2.0 had a regression which broke (rarely used) "git diff-tree - t". This has been corrected. * "git log --pretty/format=" with an empty format string did not mean the more obvious "No output whatsoever" but "Use default format", which was counterintuitive. Now it means "nothing shown for the log message part". * "git -c section.var command" and "git -c section.var= command" should pass the configuration differently (the former should be a boolean true, the latter should be an empty string), but they didn't work that way. Now it does. * Applying a patch not generated by Git in a subdirectory used to check the whitespace breakage using the attributes for incorrect paths. Also whitespace checks were performed even for paths excluded via "git apply --exclude=<path>" mechanism. * "git bundle create" with date-range specification were meant to exclude tags outside the range, but it did not work correctly. * "git add x" where x that used to be a directory has become a symbolic link to a directory misbehaved. * The prompt script checked $GIT_DIR/ref/stash file to see if there is a stash, which was a no-no. * "git checkout -m" did not switch to another branch while carrying the local changes forward when a path was deleted from the index. * With sufficiently long refnames, fast-import could have overflown an on-stack buffer. * After "pack-refs --prune" packed refs at the top-level, it failed to prune them. * "git gc --auto" triggered from "git fetch --quiet" was not quiet. ==== glproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== gnome-disk-utility ==== - Add %glib2_gsettings_schema_post/postun handling to scriptlets. ==== gnutls ==== Version update (3.2.17 -> 3.2.18) Subpackages: libgnutls-devel libgnutls-openssl27 libgnutls28 libgnutls28-32bit * Upgrade to Version 3.2.18 (released 2014-09-18) * * libgnutls: Fixes in gnutls_x509_crt_set_dn() and friends to properly handle strings with embedded spaces and escaped commas. * * libgnutls: Corrected gnutls_x509_crl_verify() which would always report a CRL signature as invalid. Reported by Armin Burgmeier. * * libgnutls: Fixed issue with certificates being sanitized by gnutls prior to signature verification. That resulted to certain non-DER compliant modifications of valid certificates, being corrected by libtasn1's parser and restructured as the original. Issue found and reported by Antti Karjalainen and Matti Kamunen from Codenomicon. * * API and ABI modifications: No changes since last version. Delete files: gnutls-3.2.17.tar.xz, gnutls-3.2.17.tar.xz.sig Add files: gnutls-3.2.18.tar.xz, gnutls-3.2.18.tar.xz.sig - update list of available architectures for valgrind ==== goffice-lang ==== Version update (0.10.17 -> 0.10.18) Subpackages: libgoffice-0_10-10 - Update to version 0.10.18: + Fix saving of color map names (bgo#735298). + Fix grid line theme support (bgo#733403). + Fix default ticks position. + Fix font color theme support (deb#757611). + Fix saving color maps when directory does not exists (bgo#735008). + Fix color maps loading (bgo#735007). + Don't pass NULL to g_strtod() (bgo#735555). + Work around gtk+ ABI break for colour selector (bgo#733350). ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-xen - update translations - fix possible access to uninitialized pointer in linux loader * add grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch * drop superceded grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch - fix grub.xen not able to handle legacy menu.lst hdX names (bnc#863821) * add grub2-xen-legacy-config-device-name.patch from arvidjaar - fix the performance of grub2 uefi pxe is bad (bnc#871555) * add grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch ==== gstreamer ==== Version update (1.4.1 -> 1.4.3) Subpackages: gstreamer-devel gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.4.3: + Bugs fixed: bgo#709868, bgo#736969, bgo#737102, bgo#737133. + Updated translations. - Update to version 1.4.2: + Bugs fixed: bgo#735574, bgo#734412, bgo#735975, bgo#729811, bgo#736455, bgo#736424, bgo#736680, bgo#736295, bgo#736736, bgo#736739, bgo#736813, bgo#736762. + Updated translations. ==== gstreamer-plugins-bad ==== Version update (1.4.1 -> 1.4.3) Subpackages: libgstbadbase-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstgl-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 - Update to version 1.4.3: + Bugs fixed: bgo#735861, bgo#736090, bgo#736390, bgo#736426, bgo#736474, bgo#736490, bgo#736729, bgo#736730, bgo#736731, bgo#736732, bgo#736733, bgo#736735, bgo#736750, bgo#736871, bgo#736919, bgo#736951. + Updated translations. ==== gstreamer-plugins-base ==== Version update (1.4.1 -> 1.4.3) Subpackages: gstreamer-plugins-base-devel libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAllocators-1_0 typelib-1_0-GstApp-1_0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstFft-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstRiff-1_0 typelib-1_0-GstRtp-1_0 typelib-1_0-GstRtsp-1_0 typelib-1_0-GstSdp-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.4.3: + Bugs fixed: bgo#734617, bgo#736944. + Updated translations. - Update to version 1.4.2: + Bugs fixed: bgo#727255, bgo#732908, bgo#735569, bgo#735748, bgo#735800, bgo#735844, bgo#735952, bgo#736071, bgo#736118, bgo#736679, bgo#736739, bgo#736779, bgo#736788, bgo#736796, bgo#736861. + Updated translations. ==== gstreamer-plugins-good ==== Version update (1.4.1 -> 1.4.3) Subpackages: gstreamer-plugins-good-extra - Update to version 1.4.3: + Minor bug fixes. + Updated translations. - Update to version 1.4.2: + Bugs fixed: bgo#719359, bgo#733607, bgo#734266, bgo#735520, bgo#735660, bgo#735804, bgo#735833, bgo#735859, bgo#736192, bgo#736266, bgo#736384, bgo#736670, bgo#736739, bgo#736805, bgo#736807. + Updated translations. ==== gstreamer-plugins-ugly ==== Version update (1.4.1 -> 1.4.3) - Update to version 1.4.3: + Bugs fixed: bgo#736060. + Updated translations. ==== gtkspell3-lang ==== Version update (3.0.3 -> 3.0.6) Subpackages: libgtkspell3-3-0 - Update to version 3.0.6: + Fix badly merged translations. + Also recognize U+2019 as apostrophe. + Updated translations. - Changes from version 3.0.5: + Fix incorrect handling of single quotes. + Buildsystem cleanups and tweaks. + Updated translations. - Changes from version 3.0.4: + Make decode-language-codes more robust. + Don't use deprecated symbols when compiled against gtk3 >= 3.9. + Updated translations. ==== hplip ==== Subpackages: hplip-hpijs hplip-sane - From openSUSE 13.2 on explicitly "BuildRequires cups-filters-foomatic-rip" to avoid that foomatic-filters is used for build in the "Printing" development project (where foomatic-filters intentionally exists also for openSUSE_13.2 and openSUSE_Factory) which would not match what is used for build in openSUSE:13.2 or openSUSE:Factory (where foomatic-filters is intentionally dropped and replaced by cups-filters-foomatic-rip). Using the matching package for build results that the backward compatibility link /usr/lib/cups/filter/foomatic-rip-hplip points to a foomatic-rip executable that is used by default on the runtime system. - PPDs that require a proprietary plugin from HP must be moved to the hplip main-package because the proprietary plugin from HP must be downloaded and installed by using HP's "hp-plugin" tool that belongs to the hplip main-package. Accordingly PPDs that require a proprietary plugin from HP are in a new directory /usr/share/cups/model/manufacturer-PPDs/hplip-plugin that belongs to the hplip main-package (bnc#876690). ==== icedtea-web-javadoc ==== Version update (1.5 -> 1.5.1) - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for the desktop files to keep SLE and openSUSE in sync - Update to 1.5.1 * Massively improved offline abilities. * Improved to be able to run with any JDK * JDK 8 support added (URLPermission granted if applicable) * Added DE and PL localizations * Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property to control scan of Manifest file * Control Panel - PR1856: ControlPanel UI improvement for lower resolutions (800*600) * NetX - PR1858: Java Console accepts multi-byte encodings - PR1859: Java Console UI improvement for lower resolutions (800*600) - RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception java.lang.ClassCastException in method sun.applet.PluginAppletViewer$8.run() * Plugin - PR1743 - Intermittant deadlock in PluginRequestProcessor - RH1121549: coverity defects * PolicyEditor - codebases without permissions assigned save to file anyway (and re-appear on next open) - PR1776: NullPointer on save-and-exit - Custom permissions are properly formatted - Remove upstreamed patch: * icedtea-web-1.5-no-return-in-nonvoid-function.patch - Touch link targets in order to silence test of broken symlinks - Update icedtea-web-suse-desktop-files.patch: Add X-GNOME-SystemSettings category. - Update alternatives code to match docu. ==== inputproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== install-initrd-openSUSE ==== Version update (14.136 -> 14.141) - add splash=silent to enable plymouth on uefi systems (bnc #897461) - 14.141 - update git2log script - drop pcmciautils - 14.140 - allow both pango-tools & pango-modules - copy ssh keys into rescue system - 14.139 - load scsi_dh_* before starting udevd (bnc #871617) - kexec for everyone - 14.138 - follow pango-tools to pango-modules rename - improve ppc64le iso layout (bnc #894878) - we have to load autoinst.xml, not autoyast.xml (fate #316530) - remove rubygem(nokogiri) dependency (bnc #895069) - 14.137 ==== libjack-devel ==== Version update (1.9.9.5 -> 1.9.10) Subpackages: libjack0 - Update to release 1.9.10 - Removed patches jack-wafdocbuild.patch and aarch64.patch as they are now in upstream. - Upstream changes: * Correct JackPortAudioDriver::Open : special case for ASIO drivers. * Correct JackEngine::NotifyGraphReorder : graph-order callback now notified after port latencies update. * netjack/opus: don't re-init en/decoders. * Use string ids in the alsa device list. * controlapi: fix double free on master switch. * netjack1/netone opus support. * netjack1/2 Opus: use only 2bytes for encoded-length. * wscript: add header defines and libs for example-clients/netsource. * fix duplicate prog.includes. * More robust channel mapping handling in JackCoreAudioDriver. * Add opus support to NetJack2. * jack_control: fix epr command. * Update JackCoreAudioDriver and JackCoreAudioAdapter with more recent API. * Devin Anderson patch for Jack/CoreMIDI duplicated messages. * Fix in ALSA adapter. * Fix alsa driver parameter order. * Control API: Enforce driver/internal parameter order. * Extend jack_control to have parameter reset commands. * Align buffers to 32 byte boundaries to allow AVX processing. * New jack_get_cycle_times() implementation from Fons Adriennsen. * Update waf. * [firewire] Introduce UpdateLatencies() in FFADO backend. * [firewire] Allow FFADO backend to change the buffer size. * Rework JackMessageBuffer. * POST_PACKED_STRUCTURE used for jack_latency_range_t type. * Remove JACK_32_64 flag, so POST_PACKED_STRUCTURE now always used. * Improve libjacknet master mode. * In control API, UNIX like sigset_t replaced by more abstract jackctl_sigmask_t * opaque struct. * Check server API callback from notification thread. * Use a time-out in notification channel write function. * Fix lock management in JackEngine. * A bit more robust JackMessageBuffer implementation (in progress). * Rename JackProcessSync in JackPosixProcessSync. * Fix NetJack2 initialisation bug. * Improve ShutDown in NetManager. * Correct ShutDown in JackInternalClient and JackLibClient. * Implement shutdown for in server clients. * Better time-out management in NetJack2. * More robust server/client protocol. * Factorize code the server/client request in JackRequestDecoder class. * Cleanup drivers and internals loading code. * jackctl_driver_params_parse API moved in public control.h. * More general drivers/internals loading model on Windows. * Fix library symbols export issue. * Adrian Knoth fix in midiseq.c. ==== java-1_7_0-openjdk ==== Subpackages: java-1_7_0-openjdk-devel java-1_7_0-openjdk-headless - Add provides jre-32 on %{ix86} and ppc * This satisfies libreoffice's requires - Update to 2.5.2 bugfix release * Backports - S8049480: Current versions of Java can't verify jars signed and timestamped with Java 9 - S8051012, LP1360392: Regression in verifier for <init> method call from inside of a branch * Bug fixes - PR1903: [REGRESSION] Bug reports now lack IcedTea version and distribution packaging information - PR1948: Only try and symlink debuginfo if STRIP_POLICY is other than no_strip - PR1948: Fix indenting - PR1966: Move to new OpenJDK bug URL format - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix for PPC32) * PPC & AIX port - Adapt AIX port to 5049299: (process) Use posix_spawn, not fork, on S10 to avoid swap exhaustion - Adapt aix to 8022507 - Fix aix after 8022507: SIGSEGV at ParMarkBitMap::verify_clear() - S8050942: PPC64: implement template interpreter for ppc64le - S8050972: Concurrency problem in PcDesc cache - Remove upstreamed patch: * java-1_7_0-openjdk-ppc-stackoverflow.patch ==== java-1_7_0-openjdk-plugin ==== Version update (1.5 -> 1.5.1) - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for the desktop files to keep SLE and openSUSE in sync - Update to 1.5.1 * Massively improved offline abilities. * Improved to be able to run with any JDK * JDK 8 support added (URLPermission granted if applicable) * Added DE and PL localizations * Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property to control scan of Manifest file * Control Panel - PR1856: ControlPanel UI improvement for lower resolutions (800*600) * NetX - PR1858: Java Console accepts multi-byte encodings - PR1859: Java Console UI improvement for lower resolutions (800*600) - RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception java.lang.ClassCastException in method sun.applet.PluginAppletViewer$8.run() * Plugin - PR1743 - Intermittant deadlock in PluginRequestProcessor - RH1121549: coverity defects * PolicyEditor - codebases without permissions assigned save to file anyway (and re-appear on next open) - PR1776: NullPointer on save-and-exit - Custom permissions are properly formatted - Remove upstreamed patch: * icedtea-web-1.5-no-return-in-nonvoid-function.patch ==== java-1_8_0-openjdk ==== Subpackages: java-1_8_0-openjdk-headless - Add provides jre-32 on %{ix86} and ppc * This satisfies libreoffice's requires ==== java-1_8_0-openjdk-plugin ==== Version update (1.5 -> 1.5.1) - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for the desktop files to keep SLE and openSUSE in sync - Update to 1.5.1 * Massively improved offline abilities. * Improved to be able to run with any JDK * JDK 8 support added (URLPermission granted if applicable) * Added DE and PL localizations * Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property to control scan of Manifest file * Control Panel - PR1856: ControlPanel UI improvement for lower resolutions (800*600) * NetX - PR1858: Java Console accepts multi-byte encodings - PR1859: Java Console UI improvement for lower resolutions (800*600) - RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception java.lang.ClassCastException in method sun.applet.PluginAppletViewer$8.run() * Plugin - PR1743 - Intermittant deadlock in PluginRequestProcessor - RH1121549: coverity defects * PolicyEditor - codebases without permissions assigned save to file anyway (and re-appear on next open) - PR1776: NullPointer on save-and-exit - Custom permissions are properly formatted - Remove upstreamed patch: * icedtea-web-1.5-no-return-in-nonvoid-function.patch ==== libjson-c2 ==== Version update (0.11 -> 0.12) Subpackages: libjson-c2-32bit - json-c 0.12 Fixes for security issues contained in this release have been previously patched into this package, but listed for completeness: * Address security issues: * CVE-2013-6371: hash collision denial of service * CVE-2013-6370: buffer overflow if size_t is larger than int - Further changes: * Avoid potential overflow in json_object_get_double * Eliminate the mc_abort() function and MC_ABORT macro. * Make the json_tokener_errors array local. It has been deprecated for a while, and json_tokener_error_desc() should be used instead. * change the floating point output format to %.17g so values with more than 6 digits show up in the output. * Remove the old libjson.so name compatibility support. The library is only created as libjson-c.so now and headers are only installed into the ${prefix}/json-c directory. * When supported by the linker, add the -Bsymbolic-functions flag. * Make strict mode more strict: * number must not start with 0 * no single-quote strings * no comments * trailing char not allowed * only allow lowercase literals * Added a json_object_new_double_s() convenience function to allow an exact string representation of a double to be specified when creating the object and use it in json_tokener_parse_ex() so a re-serialized object more exactly matches the input. * Add support NaN and Infinity - packaging changes: * json-c-hash-dos-and-overflow-random-seed-4e.patch is upstream * Move from json-c-lfs.patch which removed warning errors and autoconf call to json-c-0.12-unused_variable_size.patch from upstream which fixes the warning * except for SLE 11 where autoreconf call is required * add licence file to main package ==== kbd ==== - euro{,1,2}.map now produces correct unicode for Euro sign [bnc#360993] - added patches: * kbd-2.0.2-euro-unicode.patch - port dumpkeys-C-opt.patch - modified patches: * kbd-1.15.2-dumpkeys-C-opt.patch - kbd-2.0.2-doshell-reference.patch: drop doshell reference from openvt.1 man page [bnc#675317] ==== kbproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== kdebase4-openSUSE ==== Subpackages: kdebase4-runtime-branding-openSUSE kdebase4-workspace-branding-openSUSE - Push new KDE branding for 13.2 - Put also config and colorschemes into kdebase4-runtime branding ==== kde4-kgreeter-plugins ==== Version update (4.11.11 -> 4.11.12) Subpackages: kdebase4-workspace kdebase4-workspace-addons kdebase4-workspace-devel kdebase4-workspace-ksysguardd kdebase4-workspace-liboxygenstyle kdebase4-workspace-libs kdm kwin oxygen-cursors4 python-kdebase4 - Make kactivities4 a hard requirement (bnc#896660) - Update to 4.11.12 * KDE 4.14.1 SC Bugfix Release * See http://www.kde.org/announcements/announce-4.14.1.php - Drop upstream patch changeset_re8241313fc979aefafc8c2a0207570d6394f1580.diff ==== kdump ==== - kdump-enable-fadump-ppc64le.patch: Enable FADUMP on ppc64le (bsc#889192). - kdump-fadump-bootloader-always.patch: Always turn on fadump if KDUMP_FADUMP is true (bsc#889192). - kdump-bootloader-grub2.patch: kdump-Bootloader: add support for GRUB2 (bsc#889192). - kdump-fadump-keep-sysroot.patch: Keep /sysroot mount point if fadump is on (bsc#889192). - kdump-get-multipath-wwid-from-sysfs.patch: Refresh. - kdump-add-IPv6-KDUMP_NETCONFIG-modes.patch: Refresh: Fix ip error messages when KDUMP_NETCONFIG=auto (bnc#885897). - kdump-split-kdump_default_netdev.patch: Cleanup: Split kdump_default_netdev (bnc#885897). - kdump-move-network-setup-to-module-setup.patch: Move dracut network command line to module-setup.sh (bnc#885897). - kdump-add-IPv6-KDUMP_NETCONFIG-modes.patch: Add KDUMP_NETCONFIG modes to support IPv6 (bnc#885897). - kdump-get-multipath-wwid-from-sysfs.patch: Get required multipath wwids from sysfs (bnc#883883). - kdump-remove-root-and-resume.patch: Remove root= and resume= from the kdump kernel command line (bnc#883883). - kdump-systemd-support.patch: Dracut-systemd support (bnc#883883). - kdump-calibrate-systemd-runtime.patch: Calibrate: update user-space run-time requirements for systemd (bnc#883883). - kdump-calibrate-systemd-initramfs.patch: Calibrate: update the initramfs size (bnc#883883). ==== kernel-default ==== Version update (3.16.2 -> 3.16.3) Subpackages: kernel-default-devel - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kernel-desktop ==== Version update (3.16.2 -> 3.16.3) Subpackages: kernel-desktop-devel - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kernel-docs ==== Version update (3.16.2 -> 3.16.3) - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kernel-devel ==== Version update (3.16.2 -> 3.16.3) Subpackages: kernel-macros kernel-source - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kernel-syms ==== Version update (3.16.2 -> 3.16.3) - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kernel-xen ==== Version update (3.16.2 -> 3.16.3) Subpackages: kernel-xen-devel - Linux 3.16.3 (bnc#890096). - Delete patches.fixes/reiserfs-fix-corruption-introduced-by-balance_leaf-refactor. - Delete patches.fixes/rtsx_usb-export-device-table. - Update config files. Set CONFIG_SMS_SIANO_DEBUGFS=n as it is in master. - commit d2bbe7f - blk-merge: fix blk_recount_segments (bnc#888259). - commit 5fca623 ==== kismet ==== - Require xz ==== kiwi ==== Version update (5.06.158 -> 5.06.165) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools - v5.06.165 released - Make sure to wait for nic link up (bnc #898505) - Fixed double encoded luks system (bnc #898249) when kiwi builds a disk image it can either dump a filesystem image onto a raw partition or it rsync a tree of files onto a partition which has a filesystem created on top of a subsystem or a subsystem stack like lvm, luks, etc. In kiwi this is controlled by the value of the $treeAccess variable. If treeAccess is disabled but the support for syncing a tree in the given configuration is implemented this results in duplicate preparation of the filesystem and the subsystems which results in an unbootable mess. - Fixed passthrough of luks cipher (bnc #898249) kiwi passed the ciper using a shell echo command which is bad because the shell evaluates the contents of this information and might break the cipher if it contains shell meta characters. This patch fixes this by using a simple pipe stream to the cryptsetup process without invoking a shell command - Fixed URI credentials setup Make sure the ?credentials=kiwiRepoCredentials flag is only added to the url if the appropriate credentials file exists - v5.06.164 released - Added missing filesystem provides for the xfs filesystem (bnc #897935) With the kiwi-filesystem:xfs Provides the buildservice is able to setup a build environment including the needed tools called by kiwi when building inside this environment - v5.06.163 released - Follow up fix for max storage device wait period (bnc #897516) Hannes Reinecke suggested to increase it to 60 seconds; 30 seconds is the typical I/O timeout value, so I'd be giving it double the time to allow error handling to complete. - v5.06.162 released - Increase max per storage device wait period to 30 sec (bnc #897516) - Prevent activation of a partition on non x86 systems (bnc #897507) The active flag is used by legacy BIOS systems on x86 systems. On other architectures it could cause trouble because that information is not expected - Eliminate use of haveBootPartition variable in the initrd code kiwi provides exact information in the partition ID's variables created when the image is build in setupPartIDs. The indicator if a boot partition is in use was not set correctly by the existing function. The indicator for a boot partition should be the filesystem label set to 'BOOT' and the check if this partition is not equal to the root partition. In the repartition code the partition ID for the root partition is always defined correctly by the kiwi_RootPart variable and should not depend on any condition. That way there was no code left which requires and extra boolean haveBootPartition variable and also fixes the wrong pID assignment described in bug (bnc #897497) - remove media check from mini iso (bnc#895021) - make the mini isos reasonable size again instead of just removing the root file, remove all files actually downloaded from NET repo - v5.06.161 released - Add a post install script for kiwi The file /dev/shm/lwp-download will be removed in order to allow kiwi to create this file with the permissions it needs. The support to allow kiwi to run kiwi --info as non root user requires this cleanup step because lwp-download is created with permissions which allows root and normal users to call the script. former versions leaves a version of the script which doesn't allow non root users to call or change it which results in a raise condition for a non privileged --info call - Really fixed package update from sle11 to sle12 (bnc #893340) the man pages were moved from kiwi-doc to the main kiwi package between sle11 and sle12. Thus the main kiwi package has to set a conflicts for the kiwi-doc package in versions < 5 - KIWICollect: handle POOL flavors as "ftp" flavors (bnc#896930) - Fixed spec file by adding missing requirements; tar and psmisc - Allow kiwi --info to be called without root permission There is one exception though. If the repo is an iso file which needs to be loop mounted we still need root privileges to call the mount system call. In such a case kiwi will exit with a useful error message - v5.06.160 released - Improve spee of nic setup in netboot initrd (bnc #893788) With this commit the list of preferred interfaces which are either the BOOTIF interface or the list of all detected ones is used to run the dhcp discovery. The first successfully discovered interface is used to setup the default gateway and route as there can only be one - Fixed package build due to failed unit tests The unit tests failed when building on non x86 architectures because the test reference files for these architectures contained an unexpected newline at the end of the file. In addition subsequent tests should not fail which was the case because existing test tmpdirs were not correctly cleaned up - Use legacy bios_grub partition only on ix86 and x86_64 (bnc #896445) - v5.06.159 released - Fully document virtualsize attribute of <vagrantconfig> in schema - Move useLVM helper function into global space and explain conditions for using LVM or not in one central place - Added runtime check for the bootpartition requirements If the use of a bootpartition is explicitly disabled and one of the filesystems btrfs, zfs or xfs are used this is only supported with the grub2 bootloader. - Implement preferlvm="true|false" attribute for <systemdisk> When using filesystems which provides a volume management like btrfs and zfs do, kiwi will make use of it by default. With the preferlvm attribute the user can overwrite the default and prefer LVM for volume management - make the two vagrant box templates more consistent This makes it easier to see the differences which really matter. - remove pointless $xmlsize assignment This assignment is pointless since $xmlsize will always get set to another value soon after. - do not publish appdata for source rpms - Make suseImportBuildKey more robust (bnc #896126) Check if dumpsigs tool exist and don't operate on files which do not exist - Prevent building iso with empty loader directory - Added test_virtualboxGuestOS unit test - Update unit tests due to ovf osType adaptions - Fixed OVF creation for writing osType osType is a subsection of the OperatingSystemSection not an attribute osType was supported for VMware vmw: flagged systems. This patch adds osType support for virtualbox vbox: flagged systems too ==== kiwi-config-openSUSE ==== - fix previous change, it's RC_LANG not RC_ALL - set some english defaults to get the console into proper UTF-8 during boot - fix permissions of langset.service ==== krb5 ==== Subpackages: krb5-32bit krb5-client krb5-devel - bnc#897874 CVE-2014-5351: krb5: current keys returned when randomizing the keys for a service principal - added patches: * bnc#897874-CVE-2014-5351.diff ==== libQtWebKit-devel ==== Version update (4.8.6+2.3.3 -> 4.8.6+2.3.4) Subpackages: libQtWebKit4 - Update to 2.3.4: * Bugfix release * Incorporated GStreamer 1.0 support - Drop gstreamer-1.0.diff, aarch64-support.patch, bison3.patch, ppc64le-support.patch, all merged upstream ==== libcamgm100 ==== Version update (1.0.6 -> 1.0.7) Subpackages: perl-camgm - version 1.0.7 - Store the common server CA to /etc/pki/trust/anchors and run update-ca-certificates to update the trust dir (bnc#897441) - upate translation files ==== libgcrypt-devel ==== Subpackages: libgcrypt20 libgcrypt20-32bit - disabled curve P-192 in FIPS mode (bnc#896202) * added libgcrypt-fips_ecdsa.patch - don't use SHA-1 for ECDSA in FIPS mode - also run the fips self tests only in FIPS mode - run the fips self tests at the constructor code * added libgcrypt-fips_run_selftest_at_constructor.patch - rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216) * added libgcrypt-fips-dsa.patch * install fips186_dsa - use 2048 bit keys in selftests_dsa ==== libgphoto2-6 ==== Version update (2.5.5 -> 2.5.5.1) Subpackages: libgphoto2-6-32bit libgphoto2-devel - 2.5.5.1 release - regression with nikon coolpix s fixed - canon eos has no zoom - more fixes and translation updates ==== libical-devel ==== Subpackages: libical1 - disable parallel build, too unreliable - Use %cmake macros so that %optflags reliably lands on the build command lines - Improve on RPM group classification - Drop strange Recommends: from libical-doc to libical1 (the latter does not offer any directly-usable feature when the docs are installed). - Documentation subpackage should be noarch ==== libksba8 ==== Version update (1.3.0 -> 1.3.1) - libksba 1.3.1: * Fixed memory leak in CRL parsing * Build fixes for ppc64el ==== libmtp-devel ==== Subpackages: libmtp9 - include-config-h.patch: always include "config.h" first ==== libnetfilter_conntrack3 ==== - Drop gpg-offline build-time requirement; this is now handled by the local source validator ==== libqt4 ==== Subpackages: libqt4-32bit libqt4-devel libqt4-linguist libqt4-qt3support libqt4-qt3support-32bit libqt4-sql libqt4-sql-32bit libqt4-sql-sqlite libqt4-sql-sqlite-32bit libqt4-x11 libqt4-x11-32bit - Added fix_qrasterpixmapdata_bnc847880.diff (bnc#847880). When extracting a region of a QRasterPixmapData an optimization was using the wrong bit depth for some calculations thus copying a different section of the image than requested. This breaks specially the oxygen kde theme under qemu when using a cirrus driver. - Removed workaround for bnc#847880 which is no longer needed. ==== libQt5Core5 ==== Subpackages: libQt5DBus5 libQt5Gui5 libQt5Widgets5 - Build without sse2 instructions by default for %ix86 architecture, and rebuild QtCore and QtuGui modules with sse2 (they are installed to %_libdir/sse2 (bnc#897758) ==== gdk-pixbuf-loader-rsvg ==== Version update (2.40.3 -> 2.40.4) Subpackages: librsvg-2-2 librsvg-devel typelib-1_0-Rsvg-2_0 - Update to version 2.40.4: + rsvg-convert: Handle gzip compressed input (bgo#735836). ==== librsync1 ==== - Library ends compiled with executable stack, something we really do not want around.. it turns out a nested function causes gcc to emit trampolines. fix that (librsync-noexecstack-nestedfunc.patch) - Only export the public api, all symbols prefixed with "rs_" (librsync-exports.patch) ==== libstorage-ruby ==== Subpackages: libstorage5 - sort partitions after certain remove steps (bsc#898362) - treat disks with implicit partition table as read-only (bsc#894585) ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen - CVE-2014-3633: Use correct definition when looking up disk in qemu blkiotune 3e745e8f-CVE-2014-3633.patch bnc#897783 ==== libzypp ==== Version update (14.29.0 -> 14.29.4) - Trigger appdata plugin when system repos have changed (bnc#866257) - Protect against race when destructing globals - BuildRequire libsolv-tools as libsolv-devel no longer does - version 14.29.4 (29) - Update zypp-po.tar.bz2 - Fix computation of userinstalled items (bnc#897404) - version 14.29.3 (29) - Adapt to API changes in rpm.4.12 - SLE-12 (suse_version 1315) uses it's own translations set (bnc#897176) - version 14.29.2 (29) - Update zypp-po.tar.bz2 - Update sle-zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - adjust BuildRequires - version 14.29.1 (29) ==== libLLVM ==== Version update (3.4.2 -> 3.5.0) Subpackages: libLLVM-32bit - Enable shared libs on PPC64 - Require llvm-clang not just clang - Add llvm-remove-werror-date-time.patch to remove -Werror=date-time for CXXFLAGS, gcc does not support it and it creeps into llvm-config --cflags - Remove wrong Requires from the llvm-devel package - Add default target triple form ARM, fixes bnc#893359 - Use ninja for building - Update to llvm 3.5.0 * Major update, see http://llvm.org/releases/3.5.0/docs/ReleaseNotes.html - Use upstream pristine tarballs - Add libc++/libc++abi support clang (only on x86_64) - Add libcxxabi-exceptions.patch to fix libcxxabi exception handling - Add libcxx-libdir.patch to fix libdir on 64bit arches - Remove asan-disable-hugemalloctest.patch and cmake-patchversion.patch, fixed upstream. ==== liblockdev1 ==== Subpackages: liblockdev1-32bit lockdev - add baselibs.conf as source - pass --enable-helper to force use of setgid helper in order to be able to write /var/lock (bnc#896010) ==== lxappearance ==== Version update (0.5.5 -> 0.5.6) Subpackages: lxappearance-lang - new upstream release 0.5.6 * Change AC_CONFIG_MACRO_DIR to [.] instead of [m4] * Add compilation notes into README file * Include ~/.gtkrc-2.0.mine first to be able to apply changes from * LXAppearance * Add 'keyboard_options' frame for future improvements * [SF#614]Don't follow symlink ~/.icons/default or we can recurse * inheritance * Avoid call to g_thread_init() with GLib >= 2.32 * Use .glade file names and compress them into .ui purging spaces * Update Copyright years in the About dialog * Fix compilation warnings with --enable-more-warnings * Fix compilation warnings with --enable-debug * [SF#515] Fix configure --enable-debug * [SF#584] Fix crash on installing new cursor theme * [SF#498] Fix lxappearanse 0.5.2 gtk3 linking problem * [SF#484] Don't reset contents of settings.ini file, only update * Fix crash in update_cursor_demo() * Update .gitignore file * Get rid of unused libtoolize - this is not a library * Remove unused xml-purge program * Remove po/Makefile.in.in -it's autogenerated * Disable setting of custom colors if run without lxsession * Fix broken pt_BR.po translation file * Include lxappearance.desktop.in into release tarball * Translation updates ==== lxappearance-obconf ==== Subpackages: lxappearance-obconf-lang - added pkgconfig(ice) and pkgconfig(sm) to build requires ==== lxrandr ==== Version update (0.2.0 -> 0.3.0) Subpackages: lxrandr-lang - new upstream version 0.3.0 * Add compilation notes into README file * Add AC_CONFIG_MACRO_DIR to configure.ac and ACLOCAL_AMFLAGS to Makefile.am * Add --enable-debug option to configure script * Fix missing m->active_rate correction * Implement confirmation dialog on mode(s) change * Fix choise "show the same image on both monitors" * Implement automatic diagnostic for monitors placement * Correctly set state of 'Turn On' button * Correctly react on 'Enable' button toggle * Fix invalid selection which monitor should be disabled to change position * Fix formatting of xrandr command, new options don't work * Implement positioning of monitors in 'Advanced' tab * Fix notebook internal monitor detection * Fix spelling error: accessable -> accessible * Translation updates ==== makedumpfile ==== Version update (1.5.6 -> 1.5.7) - Switch to dynamic linking: Since most libraries are no longer available for static link, the remaining space savings are no longer worth the effort. - upgrade to makedumpfile-1.5.7 o Show memory usage of the running kernel o Hugepage filtering o Support kernels up to 3.16 - Drop following patches, which are now upstream: o makedumpfile-generic-multi-page-excl.patch o makedumpfile-remove-overrun-adj.patch o makedumpfile-fix-free-bitmap_buffer_cyclic.patch o makedumpfile-isCompoundHead.patch o makedumpfile-exclude-compound-pages.patch ==== libmysqlclient-devel ==== Subpackages: libmysqlclient18 libmysqlclient18-32bit libmysqlclient_r18 libmysqld18 mariadb mariadb-client mariadb-errormessages - Get rid of error during update - Little polishing of rc script ==== mcelog ==== - mcelog.tmpfiles, mcelog-socket-path.patch, move socket and pid file to /run/mcelog directory. This update may require reboot as the relevant rpm macro tmpfiles_create is not yet in any product. ==== meld ==== Version update (1.8.6 -> 3.11.4) Subpackages: meld-lang - Update to version 3.11.4: + Fixes: - Only apply the auto merge flag to the last comparison started. - Fix install layout issues on Debian-based systems. - Fix "Open External" for files on Windows. - Record installation directory and executable location on Windows. - Revert to using latin1 as a fallback encoding; this will be reverted in the next unstable series. + Updated translations. - Update to version 3.11.3: + Features: - Manually handle app menu fallback for non-Gnome shells. - Save and restore window maximisation state. + Fixes: - Add missing/incomplete "Language" entries. - Miscellaneous code cleanups. - Handle broken locale settings better. - Fix size allocation issues in preferences UI. - Update shebang for environments with Python 3 as default. + Updated translations. - Update to version 3.11.2: + Features: - File and folder comparison panes can now be resized. - Folder comparisons now support scrolling between chunks using the mouse wheel in the link map, like file comparisons. + Fixes: - Don't draw spurious actions for equal chunks. - Remove default sourceview behaviour for Alt+Left/Right. - Fix storing translated column names in configuration. - Several fixes for multiple windows in single-instance handling: . Resolve relative paths relative to the correct instance. . Don't create windows in the original instance when the calling instance errors out. . Raise the correct window for new windows in the same instance. . Exit correctly for command line errors in the calling instance. - Fix display of unicode paths in repositories. - Fix handling of unicode paths in recent files store. - Improve behaviour of Open External action, and handle spaces in filenames for the custom editor option. - Improve support custom installation prefixes. - Changes from version 3.11.1: + Features: - New (alpha) infrastructure for stand-alone Windows builds. - Display renames and metadata in Bazaar repositories. - Improved tab labels in version control comparisons. - New merge-order preference to accompany comparison-order. - Added a prompt to mark a conflict as resolved from file comparison. + Fixes: - Fix filtering for shallow folder comparisons. - Several install and distribution fixes. - Sundry bug fixes. + Updated translations. - Pass --no-update-icon-cache --no-compile-schemas to the distutils script. - Update to version 3.11.0: + Features: - Supporting hiding empty filtered folders in folder comparison. - Notify user when files change externally in file comparison. - Use standard GIO file trash handling when deleting files. - Newly written Mallard-based help. + User interface updates: - Support GNOME 3-style application menu. - Visual improvements to several icons. - Update Meld's colour scheme. - Many visual styling updates, layout tweaks and UI polish. + Internal changes: - Port to GObject introspection, GTK+ 3, GApplication, GSettings and other new things starting with 'G'. - Port to distutils, based on python-distutils-extra. - Move to using CSS for styling and colour definitions. - Update to use more modern GTK widgets. - Move a lot of extra UI construction into glade/UI files. - Make several custom icons themeable. - Make Meld a single-instance application, and add support for multiple windows. + Fixes: - Improved rendering speed in file comparisons. - Copy and paste within a buffer no longer causes occasional incorrect change highlighting. - Fixes for version control support. - Windows crash fixes. - Sundry bug fixes. + Updated translations. - Drop meld-1.3.0-env.patch: no longer required. - Add meld-nodocs.patch: do not install COPYING and NEWS: we do this on our own. - Drop scrollkeeper BuildRequires: no longer needed. - Add glib2-devel, gobject-introspection-devel, itstool and libxml2-tools BuildRequires: new requirements. - Rewrite build and install section to match new upstream build system, based on distutils. ==== libmono-2_0-1 ==== Version update (3.6.0 -> 3.8.0) Subpackages: libmono-2_0-devel libmonoboehm-2_0-1 libmonoboehm-2_0-devel libmonosgen-2_0-1 mono-core mono-data mono-data-oracle mono-data-postgresql mono-data-sqlite mono-devel mono-extras mono-locale-extras mono-mvc mono-nunit mono-wcf mono-web mono-winforms mono-winfxcore monodoc-core - Removed upstreamed ppc.patch - Updated to 3.8.0 + The JIT now better handle long remainers by powers of two, generating significantly better code. + Over 10x faster code is generated for delegates that only invoked once. C# features such as async and LINQ produces a lot of those delegates, so this improvement will impact everyone. + Improved alias analysis can now handle second order aliases and eliminate null checks. + The runtime now has a concurrently readable hashtable that can makes reflection heavy workloads significantly faster and more scalable. + Optimized one of the core data structures of the garbage collector should result in 5 to 10% reduction in collection times. + Fix the leaking of mach ports introduced by 98bbf8512aec0fa01b4426583280f6d231d22187. bxc#22068 + Fix Process.PrivateMemorySize64 etc. on ios. bxc#21882 + Fix enum->int casts in gsharedvt code. bxc#21893 + Avoid making generic calls from gsharedvt methods normally, go through the rgctx infrastructure instead. bxc#21677 + Fix another native-types problem. Hopefully fixes #21670 and #21636 + Use alias information to eliminate explicit null checks. bxc#21645 + Initialize fields in MonoField:GetFieldOffset () if needed. Fixes part of #21604 + Properly handle rethrow outside of catch blocks. bxc#20412 + Disable runtime unit tests on linux, because it cannot be linked due to circular dependencies between libraries. bxc#21520 + When parsing a method header, ensure we pass any available generic context. bxc#21388 + Added new mono_domain_set_config function; used to fix ConfigurationErrorsException in bxc#10468 + Only apply the maverick stack size hack to the main thread. bxc#10096 + Don?t hardcode the temp dir to /tmp, use g_get_tmp_dir instead. bxc#20894 + Explicit thread GC data around instead of relying on TLS storage. bxc#20360 + Make WaitForPendingFinalizers () really wait for the finalizers added by a previous GC. bxc#20503 + Fix the marshal7.cs test, longs can be aligned to 4 bytes on 32 bit linux, and the runtime no longer aligns structure sizes to 8 bytes. bxc#20788 + Fix the popping of LMF frames during unwinding. bxc#20616 + Fix the marshalling of ByValTStr types which have a size specified. bxc#20674 + Fix the decoding of MonoJitInfo. bxc#16439 + Make it possible to create views to magic zero size files such as /dev/zero. bxc#19460 + Free static bound delegate wrappers of dynamic methods. bxc#19058 + Don?t perform double accounting of offset for named memory segments. bxc#20591 + Avoid joining attached threads. bxc#19343 + Fix support for custom marshallers defined in other assemblies. bxc#20020 + Fix a jit assertion on a class which contains an empty struct as a static field. bxc#20349 + Applied patch from Kyle Edwards kyleedwardsny(a)gmail.com. Fix isinf () check with clang. bxc#20244 + Fix constrained type unwrap for enum types. bxc#18371 + Handle quoted filename value. bxc#21960 + Correctly handle partial chunk sizes. bxc#20583 + Tweak Dictionary initial capacity to be more conservative. bxc#21375 + Handle closed-over-null delegates created with IL when using InvokeDynamic. bxc#21196 + Fix a race in a Task test. bxc#20921 + Contract the values array when decoding an array with a negative number and a trailer that evals to zero. bxc#20456 + Fixes issue with expression columns and IsNull. bxc#20925 + Array qsort without head allocation. bxc#20922 + Enum::TryParse ignores leading whitespaces. bxc#20870 + Fix disposing of DelegatingHandler. bxc#20818 + Fix digest authentication (bug #18799) + Only recycle ServicePoints from the idle timer (fixes #19823) + Changed ConcurrentDictionary.Contains(KeyValuePair<TKey, TValue>) to also compare value. bxc#16990 + Add System.ServiceModel.Security assembly. bxc#20108 + Removed NET_2_1 conditional blocks from FileInfo. bxc#19862 + Update codegen for boolean loads. bxc#21685 + Effective base class can include inherited types. bxc#21390 + Handle duplicate resume point registration. bxc#21387 + Arguments can be empty when reporting missing params argument. bxc#21215 + Flow analysis of moved arguments. bxc#20983 + Run new initializer await checks only in async context. bxc#20614[system.data] Parse numeric expressions using invariant culture. bxc#20582 + Reachability analysis should ignore local variables declarations. bxc#20603 + Check for missing dependencies of container types. bxc#20382 + Resolve event expression when testing left side expression. bxc#20493 + Flow analysis of binary expressions not using logical operators. bxc#20515 + Add 4.5.1 framework to MSBuild. bxc#20827 + Parsing conditions with property references. bxc#20634 + Implements property functions using constructor syntax. bxc#12999 + Avoid clearning event requests if they reference an assembly which is unloaded. Instead, remove the assembly reference from the event request so it stays active. bxc#9924. ==== kpartx ==== Subpackages: multipath-tools - Fix segfault in recv_packet (bnc#896678) - Fixup segfault due to double unlock - Skip USB devices during discovery (bnc#865577) - Ignore devices when sysfs_get_tgt_nodename fails (bnc#865577) - Use sysfs attribute vpd_pg80 to read serial number - Create rcmultipathd links (bnc#894513) - multipathd: fix segfault in checkerloop() (bnc#894513) - Use regenerate_posttrans rpm macros (bnc#892181) ==== libsnmp30 ==== Version update (5.7.2.1 -> 5.7.3) Subpackages: libsnmp30-32bit net-snmp net-snmp-devel perl-SNMP snmp-mibs - update to upstream version 5.7.3.pre5 - remove patches that are now present in the upstream release: * net-snmp-5.7.2-build-fix-for-strlcat.patch * net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch * net-snmp-5.7.2-fix-perl-trap-handler.patch - net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: refresh and add patch header ==== obconf ==== - added pkgconfig(ice) and pkgconfig(sm) to build requires ==== openbox ==== - In the previous change I forgot to remove xorg-x11-devel from the -devel package requires. Remove *all* hardcoded deps of that package and let pkgconfig dependency generator pick the correct packages for us. ==== openldap2 ==== - Add baselibs.conf to sources list - sanitize release line in specfile - segfault on certain queries with rwm overlay (bnc#846389) 0008-ITS-7723-fix-reference-counting.patch ==== libldap-2_4-2 ==== Subpackages: libldap-2_4-2-32bit openldap2-client openldap2-devel - sanitize release line in specfile - segfault on certain queries with rwm overlay (bnc#846389) 0008-ITS-7723-fix-reference-counting.patch ==== libopagent1 ==== Version update (0.9.9 -> 1.0.0) Subpackages: oprofile - Update to version 1.0.0. THIS IS A MAJOR OPROFILE RELEASE WITH SIGNIFICANT CHANGES FROM THE PREVIOUS 0.9.9 RELEASE. See changelog below. Drop patch: oprofile-add-support-for-intel-silvermont-processor.patch Drop patch: oprofile-compressed-kernel.patch Drop patch: oprofile-configure-error-message-for-missing-libpfm-is-not-informative-enough.patch Drop patch: oprofile-enable-for-new-ppc64le-architecture.patch Drop patch: oprofile-fix-unable-to-open-cpu_type-file-for-reading-for-ibm-power7.patch Drop patch: oprofile-make-cpu-type-power8e-equivalent-to-power8.patch Changelog: Major changes: - The legacy opcontrol-based profiler has been removed. operf is now the only supported interface - GUI component (i.e., oprof_start) has been removed. - IBS events removed from AMD processors - Following architectures have been removed (Alpha [except for EV67 which is supported by operf/ocount], avr32, ia64, IBM Cell, P.A Semi PA64T) - RTV (real time clock) mode has been removed Other incompatibilities: - Sample data collected with previous releases of OProfile are incompatible with release 1.0. - ophelp schema: Major version changed for removal of unit mask 'extra' attribute and addition of unit mask 'name'. New features: - Enhance ocount to support millisecond time intervals - Obtain kernel symbols from /proc/kallsyms if no vmlinux file specified - New Processor Support (Freescale e6500, Freescale e500mc, Intel Silvermont, ARMv7 Krait, APM X-Gene (ARMv8), Intel Broadwell, ARMv8 Cortex A57, ARMv8 Cortex A53 - Added little endian support for IBM POWER8 - Update events for IBM POWER8 - Added edge-detect events for IBM POWER7 - Update events for Intel Haswell Bug Fixes: - opreport schema: Fix count field maxOccurs (changed to 'unbounded') - Fix compile error on ppc/uClibc platform: 'AT_BASE_PLATFORM' undeclared' - Duplicate event specs passed to ocount show up twice in output - Fix operf/ocount default unit mask selection - ocount: print the unit mask, kernel and user modes if specified for the event - ophelp schema is not included in installed files - Remove unused 'extra' attribute from ophelp schema - opreport from 'operf --callgraph' profile shows false recursive calls - Fix handling of default named unit masks longer than 11 chars - Print unit mask name where applicable in ophelp XML output - Fix profiling of multi-threaded apps when using "--pid" option - Fix operf/opreport kernel throttling detection - Fix sample attribution problem when using multiple events - exclude/include files option doesn't work for opannotate -a - Fix behavior and documentation for '--threshold' option - Remove hard-coded timeout for JIT dump conversion - Update Alpha EV67 CPU support and remove all other Alpha CPU support - operf main process improperly killing conversion process - Fix up S390 support to work with operf/ocount - Link ocount with librt for clock_gettime only when needed - Fix 'Invalid argument' running 'opcontrol --start --callgraph=<n>' in Timer mode - Allow root to remove old jitdump files from /tmp/.oprofile/jitdump - Remove opreport warnings for /no-vmlinux, [vdso], [hypervisor_bucket] not found - Fix event codes for marked architected events (IBM ppc64) - Make operf/ocount detect invalid timer mode from opcontrol - Reduce overhead of operf waiting for profiled app to end - Fix "Unable to open cpu_type file for reading" for IBM POWER7+ - Allow all native events for IBM POWER8 in POWER7 compat mode - Fix spurious "backtraces skipped due to no file mapping" log entries - Fix the units for the reported CPU frequency ==== liborc-0_4-0 ==== Version update (0.4.18 -> 0.4.22) - Update to version 0.4.22: + Handle NOCONFIGURE=1 in autogen.sh. + Some memory leak fixes in the compiler. + Fixes for compiler warnings on Win64. + Properly detect CPU features on Android in non-debug build. + Use Android logging system instead of stderr for debug output. - Update to version 0.4.21 + Fix memory leaks + Fix list corruption when splitting code memory chunks, causing crashes when allocating a lot of code memory and trying to free it later + Various compiler warnings, coverity warnings and static code analysis fixes + Documentation fix for mulhsw, mulhuw - Add orc-disable-test-limits.patch to disable test-limits test, it only works on x86-64 ==== pam-config ==== Version update (0.87 -> 0.88) - Update to pam-config 0.88 - Add pam_ecryptfs to password section [bnc#895096] ==== libcryptmount0 ==== Subpackages: libcryptmount0-32bit pam_mount pam_mount-32bit - Drop gpg-offline build-time requirement; this is now handled by the local source validator ==== libparted0 ==== Subpackages: parted - Add an "implicit_partition_table" disk flag to mark FBA DASD disks with fake partition (bnc#894585) - libparted-dasd-implicit-partition-disk-flag.patch - refresh following patches to fix build: - parted-type.patch - parted-mac.patch - parted-Add-Intel-Rapid-Start-Technology-partition.patch ==== perl ==== Version update (5.20.0 -> 5.20.1) Subpackages: perl-32bit perl-base perl-doc - update to perl-5.20.1 * some performance improvements and bug fixes * utf8, version, File::Copy, Exporter and other modules have been updated - fix infinite recursion in Data::Dumper [bnc#896715] new patch: DataDumper-no-infinite-recursion.diff ==== perl-Bootloader ==== Version update (0.822 -> 0.824) Subpackages: perl-Bootloader-YAML - fix GRUB_TERMINAL check to accept multiple terminal devices (bsc #898609) - 0.824 - write only files we have data for (bsc #898429) - 0.823 ==== perl-Business-ISBN ==== Version update (2.07 -> 2.09) - update to 2.09: * Break circular dependency on Test::ISBN * Add increment and decrement to create new article numbers (Markus Spann) - require Business::ISBN::Data >= 20140910 - also build require perl(GD) and perl(GD::Barcode::EAN13) for Barcode testing ==== perl-Business-ISBN-Data ==== Version update (20120719.001 -> 20140910.001) - updated to 20140910.001: * Update to the latest data (2014-09-10) - fix perl path in make_data.pl ==== perl-DBD-CSV ==== Version update (0.41 -> 0.44) - updated to 0.44 * Table names case sensitiveness not tested case-problematic FS's * Fix defaults in doc (annocpan) * Fix typo in SYNOPSIS (RT#97313) * Workaround eof bug in Text::CSV_XS-1.10 0.43 - 2014-06-30, H.Merijn Brand * Updated copyright to 2014 * Unquote schema's in test for cygwin * Extra guards in Makefile.PL for unmet requirements 0.42 - 2013-08-14, H.Merijn Brand * Optionally skip tests using File::Spec->tempdir () RT#87684 * And document the use of $TMPDIR in README * Make the SYNOPSIS more reflect real-world usage * Detect DBI::Test and use it if available ==== perl-DBD-SQLite ==== Version update (1.40 -> 1.42) - updated to 1.42 - Switched to a production version. (ISHIGAKI) 1.41_07 2014-03-13 - Updated to SQLite 3.8.4.1, which fixed several obscure bugs on "ORDER BY" or "DISTINCT". (ISHIGAKI) 1.41_06 2014-02-12 - Updated to SQLite 3.8.3.1, which fixed a SQLite bug in 3.8.2 (bundled in DBD::SQLite 1.41_04/5) that could cause queries to omit valid out rows. (ISHIGAKI) 1.41_05 2014-01-22 - Resolved #92322: Failure under heavily parallelized tests (ISHIGAKI) - Disabled Test::NoWarnings in a test 1.41_04 2014-01-12 - Updated to SQLite 3.8.2 (ISHIGAKI) - Resolved #90211: Error in documentation (Felix Li) - Resolved #89351: DBD-SQLite won't compile on Cygwin 64 bit (Warren Young++) (ISHIGAKI) - Tweaked sqlite_see_if_its_a_number not to guess data types of bind values with explicit type specification (via bind_param() etc) (mje++, ilmari++) (ISHIGAKI) 1.41_03 2013-09-05 - Updated to SQLite 3.8.0.2 (ISHIGAKI) 1.41_02 2013-08-30 - Updated to SQLite 3.8.0.1 to resolve #88228 (RIBASUSHI++) (ISHIGAKI) 1.41_01 2013-08-27 * ** NOTICE ON NEXT GENERATION QUERY PLANNER *** - As of SQLite 3.8.0, SQLite's query planner has been rewritten. According to the author, the new query planner should give exactly the same result (though perhaps with a little less CPU time spent planning) for simple queries, and for complex queries, it can in many cases provide a much faster answer. See http://www.sqlite.org/queryplanner-ng.html for details. * ** NOTICE ON PARTIAL INDICES *** - Database files created by SQLite 3.8.0 are still readable and writable by prior versions, but if you use partial indices introduced in SQLite 3.8.0, those files become unreadable and unwritable by older versions of (DBD::)SQLite. They'll be readable/writable again by dropping partial indices. - Resolved #87435: PATCH: statistics_info perldoc (DDICK) - Resolved #87297: URI filenames in DBD::SQLite (ISHIGAKI) ==== perl-Devel-StackTrace ==== Version update (1.31 -> 1.34) - updated to 1.34 - Fixed use of // operator (my use, not Graham's) in previous release. 1.33 2014-06-26 - Added a skip_frames option. This causes the stack trace to skip an arbitrary number of frames. Patch by Graham Knopp. PR #5. 1.32 2014-05-05 - Added a filter_frames_early option to filter frames before arguments are stringified. Added by Dagfinn Ilmari Manns�ker. PR #4. ==== perl-ExtUtils-Depends ==== Version update (0.306 -> 0.401) - updated to 0.401 - Add README changes created by 'make dist' from the POD - Rename test modules - Test old/new schemes with .pm files - Move old/new scheme tests from middle of other stuff to end - Rename test packages to 8.3 unique 0.400 Sun Aug 10 13:58:24 CEST 2014 - In addition to the package variables $inc, $libs and @typemaps, write an 'Inline' method to <package>::Install::Files for easier interoperability with the Inline module. - Accompany the 'Inline' method with a 'deps' method in <package>::Install::Files in addition to the @deps package variable. - Make ExtUtils::Depends->load use the 'Inline' and 'deps' methods by default, falling back to the package variables if the methods are not defined. - Make the docs recommend the 'Inline' and 'deps' approach for creating <package>::Install::Files manually, without ExtUtils::Depends::save_config. 0.309 Sat Aug 2 15:23:03 PDT 2014 - Depends.pm: use $DLEXT instead of $SO for library filename extensions - MANIFEST: remove MYMETA.* files - use DynaLoader::mod2fname if available - Added Android support 0.308 Sun May 18 16:22:11 PDT 2014 - Fix win32 test failure in t/02_save_load.t (closes RT#95301) 0.307 Mon Apr 28 22:04:38 PDT 2014 - $Data::Dumper::Terse set to 1 broke save_config - Document API expected by ::load function ==== perl-Log-Dispatch ==== Version update (2.41 -> 2.42) - really remove Log-Dispatch-old_Test-More.patch - updated to 2.42 - Added a Log::Dispatch->clone() method. This returns shallow clone. The outputs and callbacks are shared, but changes to outputs and callbacks in the clone do not affect the original, or vice versa. - Added Log::Dispatch->outputs() method. This returns all the output objects in a dispatch object. - Added Log::Dispatch->callbacks() method. This returns all the callback subs in a dispatch object. - The Syslog output now calls Sys::Syslog::setlogsock() every time a message is logged, since something else could have called it in between logging two messages. - Added a lock parameter to the Syslog output. If this is true, then logging is done in the scope of a per-thread lock. Reported by Cedric Carree and Franck Youssef. RT #67988 and #85013. - Replaced Class::Load with Module::Runtime. ==== perl-PPI ==== Version update (1.215 -> 1.218) - updated to 1.218 Summary: - Fixes for various parsing and documentation bugs - 1MB limit on input document size removed - Moved repository to GitHub: https://github.com/adamkennedy/PPI Details: - Stop directing bugs to rt.cpan.org (GitHub #40) (MOREGAN) - Fix documentation reference to List::Util (RT #75308) (RWSTAUNER) - Improve scalability of parsing long lines, and remove the size limit on documents PPI will parse (GitHub #5) (MITHALDU) - Speed up adding an element to an unlabeled statement. Allow inlining of some methods. (WOLFSAGE) - Expanded test coverage (DOLMEN, MOREGAN) - Convert inline tests to standalone tests (GitHub #12) (MOREGAN) - Fix for '1=>x' being parsed as x operator (GitHub #46) (MOREGAN) - Recognize that '1 x3' is the x operator followed by a 3 (RT #37892, GitHub #27) (MOREGAN) - Support all augmented assignment operators (<<=, ||=, etc.) (RT #68176, 71705) (MOREGAN) - Stop upper-case "=CUT" from terminating POD (RT #75039) (JAE) - Support upper-case digits in hex and binary numbers, including in the leading '0X' and '0B'. (RT #36540) (KRYDE, MOREGAN) - Fix float argument to range operator misparsed as version string (RT #45014) (MOREGAN) - Fix POD markup in PPI::Find (RT #51693) (FWIE) - Fix spelling of "Tom Christiansen" (RT #67264) (TADMC) - Fix a large raft of spelling and grammar errors (RT #85049) (David Steinbrunner, DOLMEN, MOREGAN) - Fix errors in documentation of the PPI::Element class hierarchy (RT #30863, 69026) (SJQUINNEY) - Prevent PPI::XSAccessor packages from hiding corresponding PPI packages in CPAN (RT #90792) (MITHALDU) - Recognize the formfeed character as whitespace (RT #67517) (WYANT) - Recognize regex match following 'return' (RT #27475) (ADAMK) - Fix missing dereference, length called on reference (RT #40103) (ADAMK) ==== perl-Readonly ==== Version update (1.04 -> 2.00) - updated to 2.00 - Deprecation of Readonly::XS as a requirement for fast, readonly scalars is complete. Report any lingering issues on the tracker ASAP. 1.61 2014-06-28T11:22:13Z - Normal constants (strings, numbers) do not appear to be read only to Internals::SvREADONLY($) but perl itself doesn't miss a beat when you attempt to assign a value to them. Fixing test regression in t/general/reassign.t 1.60 2014-06-27T15:59:27Z - Fix array and hash tie() while in XS mode (exposed by Params::Validate tests) - Fix implicit undef value regression resolves #8 - Minor documentation fixes (spell check, etc.) - Patch from Gregor Herrmann <gregoa(a)debian.org> resolves #7 v1.500.0 2014-06-25T19:56:18Z - PLEASE NOTE: Readonly::XS is no longer needed! - Again, Readonly::XS is no longer needed. - Merged typo fix from David Steinbrunner RT#86350/#2 - Merged patch (w/ tests, yay!) from Daniel P. Risse RT#37864 - Upstream magic related bugs were reported to p5p and fixed in perl itself so we can resolve the following local issues: RT#70167, RT#57382, RT#29487, RT#36653, RT#24216. - Reported RT#120122 (tie + smartmatch bug) upstream to p5p. Will eventually resolve local [RT#59256]. - Note: Resolved RT#16167 (benchmark.pl being installed) in 1.04. - Use readonly support exposed in Internals on perl >=5.8.x - Have I mentioned you don't need to install Readonly::XS anymore? - Checking $Readonly::XSokay is no longer suggested. ...never should have been ==== perl-Sub-Install ==== Version update (0.927 -> 0.928) - updated to 0.928 - cope with subroutines with spaces in their names when catching warnings - don't assume that the source sub isn't blessed in tests (!) ==== libply-boot-client2 ==== Version update (0.8.8_git201309032142 -> 0.9.0) Subpackages: libply-splash-core2 libply-splash-graphics2 libply2 plymouth plymouth-dracut plymouth-plugin-label plymouth-plugin-script plymouth-scripts - Update 0001-let-it-become-a-real-daemon.patch to call setsid only from the child process. - Add 0001-let-it-become-a-real-daemon.patch to make plymouth a real daemon, fixes part of bnc#889757. Patch by Werner. - Add plymouth-boot-vga-framebuffer.patch to fix boot_vga problem with framebuffer devices. (bnc#886211) - Modify plymouth-ignore-cirrusdrm.patch to return as early as possible. Patch by glin(a)suse.com - Invert the logic in plymouth-ignore-cirrusdrm.patch bnc#890516 - Add 0001-text-step-bar-use-correct-utf-8-multibyte-sequence-f.patch: fix incorrect UTF-8 code used for square [bnc#886148]. - Add plymouth-ignore-cirrusdrm.patch: ignore cirrus drm and use fb instead [bnc#888590] - Add 0001-seat-be-a-little-more-forgiving-in-the-case-there-s-.patch: Be more forgiving with empty seat. - Update 0001-Some-greenish-openSUSE-colors.patch to also use SUSE colors on tribar [bnc#886148] - Add 0001-libply-splash-core-also-monitor-for-file-removal-in-.patch: handle new udev behaviour in seqnum removal. - Add 0001-splash-do-not-process-display-lists-if-it-is-empty.patch: fix crash when calling plymouth quit - Add 0001-seats-guard-against-NULL-terminal.patch: guard against NULL terminal. - Update stop-graphical.patch: add RemainAfterExit=true to plymouth-start.service, ensuring plymouthd is not restarted when switching between runlevels. - Add 0001-splash-remove-pixel_pixel-in-sprite-lib-when-notifie.patch: fix crash when pixel_display is removed. - Add 0001-device-manager-only-call-ply_terminal_free.patch: fix crash. - Add use-mkinitrd.patch: call mkinitrd -B, not dracut for now, otherwise initramfs is being created by plymouth-update-initrd, not initrd file. - Ensure we don't rebuild initrd twice when updating plymouth. - Ensure default theme is SLE/openSUSE (based on %suse_version) - Release 0.9.0 (3 additional fixes compared to previously packaged git snapshot): + Use udev for graphics device enumeration + Add new text plugin to replace the tribar one + Add background tiling and watermark support to two-step + Make various plymouth commands that change state be resilient to being called multiple times + Support going back to the initrd at shutdown + Keyfile parser improvements + Make plymouthd use better defaults when running on top of X11 + Fixes for systems using QXL + minor two-step plugin fixes + Use /sys/class/tty/console/active instead of parsing /proc/cmdline for consoles. + Documentation improvements + Drop driver specific renderers and use generic driver across the board. + Better debug message output + systemd integration fixes + upstart integration fixes + initrd scripts fixes + Misc fixes - Update fix-serial-consoles.patch to fix a crash in some rare cases. - Add fix-serial-consoles.patch to fix binary garbage on serial consoles. This is bnc#873859 - Remove plymouth-restore-suspend.patch: suspend package is being dropped, no longer needs to provide this old API. - Remove requires on suspend package. - Update to git snapshot as of 20140327 * Fixes bnc#872502 and bnc#872428 - Kill all mkinitrd stuff Remove suse-initrd-support - Tell zypper to regenerate initrd on installation/update via %post and %posttrans scripts - Add plymouth-manpages.patch to fix manpage installation (bnc#871419) - Drop plymouth.conf, it is no longer used, plymouthd.conf is nowadays. - Updated from git - carried over patches - Dropped 0001-Make-plymouthd-real-daemon-and-save-old-log.patch Because it is really not necesary ==== presentproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== printproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== python-matplotlib ==== Subpackages: python-matplotlib-tk - Create subpackage to pull in latex dependencies so they are more visible to users. - Comment out testing BuildRequires since we aren't doing testing. We aren't doing testing because it takes a long time and a lot of packages depend on matplotlib, so it slows down the build process for python packages too much. ==== python-qt4 ==== Subpackages: python-qt4-devel python-qt4-utils - tweaked python3-qt4.spec to also include the dbus support module ==== python-urlgrabber ==== - Add python-urlgrabber-3.9.1-preserve-queryparams-in-urls.patch (bnc#896844) ==== python-zope.interface ==== Version update (4.1.0 -> 4.1.1) - Update to version 4.1.1: * Added support for Python 3.4. ==== randrproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== recordproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== renderproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== resourceproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== rpm ==== Version update (4.11.3 -> 4.12.0.1) Subpackages: rpm-32bit rpm-build rpm-devel - update to rpm-4.12.0.1 * fixes archivesize being off a couple of bytes - update to rpm-4.12.0 * weakdeps support is now upstream * new optional payload format to support files > 4GB * lots of cleanups all over the codebase - dropped patches: autodeps.diff, psm-errno.diff, exportoldtags.diff, pythondeps.diff, newweakdeps.diff, findsupplements.diff, rpm-gst-provides.patch, noposttrans.diff, fontprovides.diff ==== rsyslog ==== - fix build with json-c 0.12 with upstream patch rsyslog-8.4.0-json-c-0.12.patch - json-c provides a compatibility pkg-config for "json". Add rsyslog-8.4.0-json-c-0.12-configure.patch to check for the required function directly. ==== ruby-common ==== - the ruby(abi) = $interpreter:$abiversion was not a good idea. rpm treats the $interpreter part as epoch. instead we use now: $interpreter(abi) = $abiversion For MRI it means we are basically back to ruby(abi). Examples for alternative ruby interpreters are rubinius(abi) and jruby(abi) (bnc#896658) ==== libruby2_1-2_1 ==== Subpackages: ruby2.1 ruby2.1-devel ruby2.1-stdlib - conflict with $interpreter(abi) = %api_version to make the upgrade path easier. - the ruby(abi) = $interpreter:$abiversion was not a good idea. rpm treats the $interpreter part as epoch. instead we use now: $interpreter(abi) = $abiversion For MRI it means we are basically back to ruby(abi). Examples for alternative ruby interpreters are rubinius(abi) and jruby(abi) (bnc#896658) ==== libdcerpc-binding0 ==== Version update (4.1.11 -> 4.1.12) Subpackages: libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libgensec0 libgensec0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libpdb0 libpdb0-32bit libregistry0 libsamba-credentials0 libsamba-credentials0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient-raw0 libsmbclient-raw0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0 libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba samba-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind samba-winbind-32bit - Exclude unwanted libdnsserver_common and libdfs_server_ad shared libs and the man page of the unused findsmb script. - Skip groups that aren't mapped by idmap_ad; (bso#10824); (bnc#897969). - Update to 4.1.12. + s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout". Add new parameter "winbind request timeout". Please see smb.conf man page for details; (bso#3204). + Fix smbd crashes when filename contains non-ascii character; (bso#10716). + s4-rpc: dnsserver: Handle updates of tombstoned dnsNode objects; (bso#10749). + passdb: Fix NT_STATUS_NO_SUCH_GROUP; (bso#9570). + s4:setup/dns_update_list: make use of the new substitution variables; (bso#9831). + build: Fix configure to honour '--without-dmapi'; (bso#10369). + provision: Correctly provision the SOA record minimum TTL; (bso#10466). + s3: Enforce a positive allocation_file_size for non-empty files; (bso#10543). + lib: tevent: make TEVENT_SIG_INCREMENT atomic; (bso#10640). + Make "case sensitive = True" option working with "max protocol = SMB2" or higher in large directories; (bso#10650). + Samba 4 consuming a lot of CPU when re-reading printcap info; (bso#10652). + lib: strings: Simplify strcasecmp; (bso#10716). + Allow netr_ServerReqChallenge() and netr_ServerAuthenticate3() on different connections; (bso#10723). + 'net time': Fix usage and core dump; (bso#10728). + sys_poll_intr: Fix timeout arithmetic; (bso#10731). + s3:idmap: Don't log missing range config if range checking not requested; (bso#10737). + Fix flapping VFS gpfs offline bit; (bso#10741). + s4-rpc: dnsserver: Allow . to be specified for @ record; (bso#10742). + s4-rpc: dnsserver: return DNS_RANK_NS_GLUE recors when explicitly asked for; (bso#10751). + samba: Retain case sensitivity of cifs client; (bso#10755). + lib: Remove unused nstrcpy; (bso#10758). + Fix a memory leak in cli_set_mntpoint(); (bso#10759). + docs: Fix typos in smb.conf (inherit acls); (bso#10761). + libcli/security: Add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info(); (bso#10773). + s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common(); (bso#10773). + Don't discard result of checking grouptype; (bso#10777). + s3:libsmb: Set a max charge for SMB2 connections; (bso#10778). + smbd: Properly initialize mangle_hash; (bso#10782). + dosmode: Fix FSCTL_SET_SPARSE request validation; (bso#10787). + vfs_dirsort: Fix an off-by-one error that can cause uninitialized memory read; (bso#10794). - Wait for network-online.target to prevent caching of pre-network failures; (bnc#889175). ==== scrnsaverproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== seamonkey ==== Version update (2.26.1 -> 2.29) Subpackages: seamonkey-dom-inspector seamonkey-irc seamonkey-translations-common seamonkey-venkman - update to SeaMonkey 2.29 (bmo#894370) * based on Gecko 32.0 including all security fixes outlined here https://www.mozilla.org/security/known-vulnerabilities/ * removed obsolete patches mozilla-aarch64-bmo-810631.patch, mozilla-aarch64-bmo-962488.patch, mozilla-aarch64-bmo-963023.patch, mozilla-aarch64-bmo-963024.patch, mozilla-aarch64-bmo-963027.patch mozilla-ppc64le-build.patch, mozilla-ppc64le-javascript.patch, mozilla-ppc64le-libffi.patch, mozilla-ppc64le-mfbt.patch, mozilla-ppc64le-webrtc.patch, mozilla-ppc64le-xpcom.patch * rebased patches - requires NSS 3.16.4 - build with --disable-optimize for 13.1 and above for i586 to workaround miscompilations (bnc#896624) ==== libsnapper2 ==== Subpackages: snapper snapper-zypp-plugin - resolved some code issues found by code analysis ==== subversion ==== Subpackages: subversion-devel subversion-perl subversion-python subversion-server subversion-tools - INSTALL#SQLite says 'Subversion 1.8 requires SQLite version 3.7.12 or above'; therefore I lowered the sqlite requirement to make the subversion run on older system versions, tooi. [bnc#897033] ==== sysconfig ==== Version update (0.83.6 -> 0.83.7) Subpackages: sysconfig-netconfig - rpm: fixed SUSE spelling in the spec file (bnc#889002) - version 0.83.7 - netconfig: create missed /var/run/ntp directory (bnc#892877) When the directory does not exists yet, the ntp service is not yet started/running and it is even more important to write the servers so ntpd can pickup them at start. - config: changed NM_ONLINE_TIMEOUT to 30 (bnc#889175) - config: updated to list new variables in network/dhcp, cleanup of ifcfg.template and network/config variables ==== libgudev-1_0-0 ==== Subpackages: libgudev-1_0-devel libudev-devel libudev1 libudev1-32bit systemd systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit typelib-1_0-GUdev-1_0 udev - Add upstream patch 0001-systemd-tmpfiles-Fix-IGNORE_DIRECTORY_PATH-age-handl.patch for bsc#893797 - Drop renaming virtual interfaces in a guest (bnc#898432). Add 1088-drop-renaming-of-virtual-interfaces-in-guest.patch - Rename patch 0001-infinit-timeout-for-kmod-loaded-modules.patch to patch 1087-infinit-timeout-for-kmod-loaded-modules.patch and apply this one - Change patch 0003-mount-order-options-before-other-arguments-to-mount.patch to fix bsc#898240 - Add upstream patches 0001-Fix-warning-about-unused-variable-with-SELINUX.patch 0002-bus-remove-unused-check.patch - Add patch 0001-infinit-timeout-for-kmod-loaded-modules.patch to be able to avoid killing a running kmod/modprobe (bnc#889297) - Update patch 0001-bnc888612-logind-polkit-acpi.patch - Add upstream patches 0001-login-pause-devices-before-acknowledging-VT-switches.patch May help that history of the shell is saved 0001-nspawn-don-t-try-to-create-veth-link-with-too-long-i.patch 0001-socket-introduce-SELinuxContextFromNet-option.patch (bsc#897801) 0002-util-avoid-non-portable-__WORDSIZE.patch - Add patch 0001-bnc888612-logind-polkit-acpi.patch from Frederic to solve bnc#888612 - AUDIT-0: Power button press at gdm login should not prompt for credentials - Add upstream bugfix patches 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch 0003-mount-order-options-before-other-arguments-to-mount.patch 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch 0005-shared-label.h-add-missing-stdio.h-include.patch 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch 1081-udevd-check-return-of-various-functions.patch 1082-udevadm-hwdb-check-return-value-of-fseeko.patch 1083-udev-node-warn-if-chmod-chown-fails.patch 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch 1085-udev-fix-typos.patch 1086-udevd-don-t-fail-if-run-udev-exists.patch - Add upstream bugfix patches 0001-core-fix-resource-leak-in-manager_environment_add.patch 0002-util-remove-a-unnecessary-check.patch 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch 0004-shared-conf-parser.patch 0005-logind-fix-typo.patch 0006-systemctl-fix-resource-leak-CID-1237747.patch 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch - Remove 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch as 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch is the upstream solution - Add patch 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch to fix for the size of the gcc builtin type bool also known as _Bool from the include header stdbool.h. ==== libtdb1 ==== Version update (1.3.0 -> 1.3.1) Subpackages: libtdb1-32bit - Update to version 1.3.1. + tools: fix a compiler warning + defragment the freelist in tdb_allocate_from_freelist() + add "freelist_size" sub-command to tdbtool + use tdb_freelist_merge_adjacent in tdb_freelist_size() + add tdb_freelist_merge_adjacent() + add utility function check_merge_ptr_with_left_record() + simplify tdb_free() using check_merge_with_left_record() + add utility function check_merge_with_left_record() + improve comments for tdb_free(). + factor merge_with_left_record() out of tdb_free() + fix debug message in tdb_free() + reduce indentation in tdb_free() for merging left + increase readability of read_record_on_left() + factor read_record_on_left() out of tdb_free() + build: improve detection of srcdir. ==== libtevent0 ==== Subpackages: libtevent0-32bit - Utilize doxygen to generate the API documentation and package it. ==== trapproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== update-desktop-files ==== - fix find call, type expects one char ==== libblkid-devel ==== Subpackages: libblkid1 libblkid1-32bit libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit util-linux - Install runuser and runuser-l PAM file (runuser.pamd, bnc#892079). ==== util-linux-systemd ==== - Install runuser and runuser-l PAM file (runuser.pamd, bnc#892079). ==== valgrind ==== Version update (3.9.0 -> 3.10.0) Subpackages: valgrind-devel - glibc-2.19.patch: already upstream, so remove - Fix file list - update to 3.10.0: * Support for the 64-bit ARM Architecture (AArch64 ARMv8). This port is mostly complete, and is usable, but some SIMD instructions are as yet unsupported. * Support for little-endian variant of the 64-bit POWER architecture. * Support for Android on MIPS32. * Support for 64bit FPU on MIPS32 platforms. * Both 32- and 64-bit executables are supported on MacOSX 10.8 and 10.9. * Configuration for and running on Android targets has changed. See README.android in the source tree for details. - drop VEX-r2803.diff, VEX-r2808.diff, VEX-r2816.diff, VEX-r2858.diff, VEX-r2904.diff, VEX-r2910.diff, VEX-r2914.diff, VEX-r2915.diff, VEX-r2916.diff, aarch64-VEX-support.diff, aarch64-support.diff, r13767.diff, r13770.diff, r14184.diff, r14238.diff, r14239.diff, r14240.diff, r14246.diff, r2798.diff, valgrind-r13948.diff ==== videoproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== vlan ==== - Removed obsolete README.SuSE (fate#316521,bnc#888999), see ifcfg-vlan(5) manual page for actual informations. ==== vpnc ==== - Add unit file - Fix building for SLE_11_SP3 - Clean specfile ==== libwicked-0-6 ==== Version update (0.6.9 -> 0.6.11) Subpackages: wicked wicked-service - version 0.6.11 - client-state: Do not fail on parsing empty origin and uuid (bnc#890084) - hwaddr: change hwaddr only when valid (bnc#898622) - ifup/ifstatus: no failure report on failed/deferred lease, correctly OR grouped leas status (bnc#896188) - ifup,ifreload: wait for all tentative addresses - config: improved allowed update mask/defaults - man: added startmode hotplug and use-nanny (bnc#896403), - Introduce ifcfg-dhcp man page covering DHCLIENT and DHCLIENT6 vars, remove template reference from ifup(8), ifcfg-wireless(5), reference ifcfg-dhcp(5) - README: updated / improved - rpm: dbus policies as noreplace config (bnc#897775), reload dbus in wicked-service post-install (bnc#897775) - fsm: corrected device hierarchy structure print - routes: generate routes also without IP (bnc#895219), show a note about not matching routes (bnc#895219) - ethernet: lower ethtool not supported messages to debugs - version 0.6.10 - ifconfig: apply address lease priorities same as for routes to dhcp6 to takeover addresses from guessed lower-priority leases e.g. after restart and adjust lifetime on renewal. - routes: lookup and accept custom table names defined in the /etc/iproute2/rt_tables file and set forgotten route table netlink attibute if provided by the kernel (bnc#885007). - ethernet: do not fail when some ethtool operation is not supported (bnc#897264) - fsm: add link-masterdev relation when all dependencies are already created and detect existing/conflicting masterdev references. ==== wine ==== Version update (1.7.26 -> 1.7.27) Subpackages: wine-32bit - Updated to 1.7.27 development snapshot - Some more work on Direct2D support. - Various improvements to RichEdit interfaces. - Initial support for ICMP version 6. - Various bug fixes. ==== wireshark ==== Version update (1.12.0 -> 1.12.1) Subpackages: wireshark-ui-gtk - install epan/wmem/*.h - Wireshark 1.12.1 [bnc#897055] - The following vulnerabilities have been fixed. * MEGACO dissector infinite loop wnpa-sec-2014-13 CVE-2014-6423 * Netflow dissector crash wnpa-sec-2014-14 CVE-2014-6424 * CUPS dissector crash wnpa-sec-2014-15 CVE-2014-6425 * HIP dissector infinite loop wnpa-sec-2014-16 CVE-2014-6426 * RTSP dissector crash wnpa-sec-2014-17 CVE-2014-6427 * SES dissector crash wnpa-sec-2014-18 CVE-2014-6428 * Sniffer file parser crash wnpa-sec-2014-19 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 - drop wireshark-1.12.0-qt-QFont-stylename.patch, upstream - only build with --enable-gnutls where it has a compatible licence as configure check was changed from a warning to an error openSUSE 13.1 and up and SLE 11 - add a desktop file for the QT user interface - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.1.html ==== wpa_supplicant ==== Subpackages: wpa_supplicant-gui - Avoid spurious dependency on /usr/bin/python due to executable doc files ==== python-xcb-proto-devel ==== Subpackages: xcb-proto-devel - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xdg-utils ==== Version update (20140630 -> 20140922) - Update to 20140922: * Initial support for Plasma5 * XFCE .desktop file created for browser selection is broken (fdo#56092) * Unnecessary filtering file:// for pcmanfm (fdo#63153) * fails if user sets a custom IFS environment variable (fdo#81386) * xdg-utils-common is broken, xdg-open uses bashism (fdo#83979) * xdg-email: do not encode - character ==== xen ==== Version update (4.4.1_04 -> 4.4.1_06) Subpackages: xen-doc-html xen-kmp-default xen-kmp-desktop xen-libs xen-tools xen-tools-domU - bnc#897614 - Virtualization/xen: Bug `xen-tools` uninstallable; grub2-x86_64-xen dependency not available xen.spec - More cleanup of README.SUSE - Update xen patch with upstream patch so that latest libvirt patch can work. (bnc#896044) + 53fcebab-xen-pass-kernel-initrd-to-qemu.patch - xen-pass-kernel-initrd-to-qemu.patch - bnc#895804 - VUL-0: CVE-2014-6268: xen: XSA-107: Mishandling of uninitialised FIFO-based event channel control blocks xsa107.patch - bnc#895802 - VUL-0: xen: XSA-106: Missing privilege level checks in x86 emulation of software interrupts xsa106.patch - bnc#895799 - VUL-0: xen: XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation xsa105.patch - bnc#895798 - VUL-0: xen: XSA-104: Race condition in HVMOP_track_dirty_vram xsa104.patch ==== xextproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xf86-input-synaptics ==== Version update (1.8.0 -> 1.8.1) - Update to version 1.8.1: A couple of coverity-induced fixes, the top software buttons are now 15% and better detection of two-finger taps. A couple of misc other fixes, the only oddity in there is a fix for clock drift - if you had clickpad clicks delayed by a second or so after a number of suspend/resume cycles then you may want to upgrade to this version. ==== xf86-video-intel ==== - U_sna-Validate-framebuffer-tiling-before-creation.patch Fix regression causing tiling settings not being validated which subsequently lead to failed surface allocations (bnc#898169). ==== xf86dgaproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xf86driproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xf86miscproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xf86vidmodeproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xfce4-panel-plugin-power-manager ==== Version update (1.4.0 -> 1.4.1) Subpackages: xfce4-power-manager xfce4-power-manager-lang - update to version 1.4.1 - fix for panel icon not always updating depending on the version of UPower in use. - fix handle lid switch with loginD (Bug 11160) Fixed by Simon P. - translation updates - remove obsolete xfce4-power-manager-fix-lid-switch-logic.patch ==== xineramaproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xorg-x11-server ==== Version update (7.6_1.16.0 -> 7.6_1.16.1) Subpackages: xorg-x11-server-extra xorg-x11-server-sdk - Update to version 1.16.1: + mieq: Fix a crash regression in mieqProcessDeviceEvent + ListenOnOpenFD: Remove Resets since this is intended to be for hotplugging connections + XQuartz: Better support turning off "Displays have separate Spaces" on OS X Mavericks + glamor: Fix temp picture coordinates in glamor_composite_clipped_region + glx/present: Only send GLX_BufferSwapComplete for PresentCompleteKindPixmap + xfree86: Fallback to first platform device as primary + xfree86: Allow non-PCI devices as primary + xwayland: always include drm.xml in tarballs ==== xproto-devel ==== - Update description and other metadata - Use full %configure for build, and remove CFLAGS (nothing is compiled) - Make file list more compact ==== xterm ==== Version update (310 -> 311) - Patch #311 - 2014/09/18 * mention xclip in manpage as an alternative workaround for copying clipboard data, noting that selectToClipboard (from patch #209) is the recommended approach (Debian #639094). * correct comparison in do_select_regex() of working position against starting column. * correct initialization for regular-expression feature of exec-selectable and insert-selectable actions (Debian [#758633]). * modify logic for exec-formatted and insert-formatted actions to ensure that the formatting occurs just after the selection is received (Debian #758633). * account for state of reverse-video in special case of cursor coloring (Debian #759734). * fix a sign-extension problem in ReGIS support, as well as correcting a case where ignored-characters were not really ignored (patch by Ross Combs). * Enable the "Escape Sequence" menu entry when an OSC 50 is received. Also disable it if the escape sequence specifies no font (Debian #760208). * improve fix for the fontsel menu entry from patch #304: because the recovery used the "current font", it would fail if one first selected a valid font, then an invalid font (Debian #760207). * correct an off-by-one in limit-check for ScrnLimitChar function (report by Egmont Koblinger). - remove unnecessary colour tweaks which cause strange artifacts in the ReverseVideo mode (bnc#395154, bnc#865340) ==== xtrans ==== Version update (1.3.4 -> 1.3.5) - Update to version 1.3.5: Here's a release of Xtrans that includes a bunch of const fixes and a new Listen function which the X server wants to allow - nolisten tcp by default. ==== liblzma5 ==== Version update (5.0.5 -> 5.0.7) Subpackages: liblzma5-32bit xz xz-devel - xz 5.0.7: * Fix regressions introduced in 5.0.6: - Fix building with non-GNU make. - Fix invalid Libs.private value in liblzma.pc which broke static linking against liblzma if the linker flags were taken from pkg-config. - include changes from 5.0.6: * xzgrep now exits with status 0 if at least one file matched. * A few minor portability and build system fixes ==== yast2-ca-management ==== Version update (3.1.4 -> 3.1.5) - version 3.1.5 - the CA is now stored in /etc/pki/trust/anchors and we need to run update-ca-certificates (bnc#897441) ==== yast2-dhcp-server ==== Version update (3.1.3 -> 3.1.4) - Adapted to use systemd to manage the dhcpd service (bnc#892342) - 3.1.4 ==== yast2-firstboot ==== Version update (3.1.3 -> 3.1.4) - bnc#895359 - added client for nic cards autoconfiguration - 3.1.4 ==== yast2-ftp-server ==== Version update (3.1.4 -> 3.1.5) - Autoyast Import:Evaluate the kind of ftpserver at first. (bnc#892701) - 3.1.5 ==== yast2-installation ==== Version update (3.1.115 -> 3.1.116) - additionaly return file system type in ".run.df" agent result, (to use it in the disk usage calculation bnc#896176) - 3.1.116 ==== yast2-iscsi-client ==== Version update (3.1.16 -> 3.1.17) - Add IP and port to 'isns' discovery command (bnc #897247) - 3.1.17 ==== yast2-mail ==== Version update (3.1.3 -> 3.1.4) - bnc#878514 - SLED12_LOC : ALL_LANGS:Untranslated text in Mail Server dialog in YaST - 3.1.4 ==== yast2-network ==== Version update (3.1.99 -> 3.1.101) - bnc#892958 - propose STARTMODE=nfsroot when installing to remote device - 3.1.101 ==== yast2-packager ==== Version update (3.1.47 -> 3.1.49) - fixed installation crash when a non-btrfs file system is used (bnc#897909) - 3.1.49 - handle Btrfs specifically in disk usage counting (bnc#896176) - use "btrfs filesystem df" instead of "df" (more accurate) - pass "growonly" flag to libzypp when any snapshot is found - 3.1.48 ==== yast2-pkg-bindings ==== Version update (3.1.18 -> 3.1.20) - Added onsystem_by_user flag in Pkg.PkgProperties and Pkg.ResolvableProperties - Fixed PkgPropertiesAll. It returns only package information about the package which is defined in the parameters. In former versions the given package name has not been regarded and the properties of ALL packages have been returned, which has been wrong. (needed for bnc#897404) - 3.1.20 - SetTargetDU(): added new options ("growonly" and "filesystem") to better handle Btrfs snapshots in disk usage counting (part of bnc#896176) - 3.1.19 ==== yast2-samba-client ==== Version update (3.1.12 -> 3.1.13) - Ensure nmbd is restarted following nmbstatus lookup; (bnc#895319). - 3.1.13 ==== yast2-services-manager ==== Version update (3.1.31 -> 3.1.33) - Defining safe minimal width of the Default Target UI entry (bnc#897443) - 3.1.33 - Defining textdomain in ServicesManagerTarget::BaseTargets module (bnc#892366) - 3.1.32 ==== yast2-storage ==== Version update (3.1.44 -> 3.1.45) - fixed btrfs subvolume handling for non-root devices (bnc#895075) - version 3.1.45 ==== yast2-users ==== Version update (3.1.32 -> 3.1.33) - fix the usage of tail command, so the quota state is read correctly (bnc#887753) - 3.1.33 ==== python-yum ==== - Add yum-3.4.3-preserve-queryparams-in-urls.patch (bnc#896844) ==== zypper ==== Version update (1.11.13 -> 1.11.14) Subpackages: zypper-aptitude zypper-log - Trigger appdata plugin when system repos have changed (bnc#866257) - SLE-12 (suse_version 1315) uses it's own translations set (bnc#897176) - version 1.11.14 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 Removed packages: libpackagekit-glib2-16 libpackagekit-qt2-6 anthy-32bit libatk-bridge-2_0-0-32bit libatspi0-32bit libcairo-gobject2-32bit libcolord2-32bit fribidi > fribidi-32bit gtk3-tools-32bit > libgtk-3-0-32bit hxtools > hxtools-man > hxtools-scripts > sysinfo libcanberra-gtk3-0-32bit > libcanberra-gtk3-module-32bit libedit0-32bit libfm > libfm-gtk4 > libfm-lang > libfm4 > lxshortcut libotf0-32bit libsemanage1-32bit libsepol1-32bit libustr-1_0-1-32bit libxkbcommon0-32bit lxpanel > lxpanel-lang libm17n0-32bit mlterm-uim libncurses6-32bit pcmanfm > pcmanfm-lang perl-File-Find-Rule perl-Number-Compare perl-Text-Glob pulseaudio-esound-compat scim-gtk3-32bit uim > uim-32bit > uim-gtk2 > uim-gtk2-32bit > uim-gtk3 > uim-gtk3-32bit > uim-qt4 > uim-qt4-32bit libwayland-cursor0-32bit Added packages: libGraphicsMagick3-config libpackagekit-glib2-18 libpackagekitqt4-0 bundle-lang-common-fi clisp esound-daemon exim ffcall libfribidi0 ibus > ibus-branding-openSUSE-KDE > ibus-gtk > ibus-gtk-32bit > ibus-gtk3 > ibus-lang > libibus-1_0-5-32bit > python-ibus ibus-anthy ibus-googlepinyin ibus-libpinyin ibus-libzhuyin ibus-m17n ibus-pinyin ibus-qt ibus-sunpinyin ibus-table ibus-table-chinese-array > ibus-table-chinese-cangjie > ibus-table-chinese-cantonese > ibus-table-chinese-easy > ibus-table-chinese-erbi > ibus-table-chinese-jyutping > ibus-table-chinese-quick > ibus-table-chinese-scj > ibus-table-chinese-stroke5 > ibus-table-chinese-wu > ibus-table-chinese-wubi-haifeng > ibus-table-chinese-wubi-jidian > ibus-table-chinese-yong ibus-table-rustrad > ibus-table-translit ibus-table-zhuyin kactivities4 libsigsegv2 libva-drm1 > libva-egl1 > libva-glx1 > libva-x11-1 > libva1 > vaapi-dummy-driver libvdpau_va_gl1 lyx ibus-mozc > ibus-mozc-candidate-window opencc perl-Test-Simple libpyzy-1_0-0 > pyzy-db-android > pyzy-db-open-phrase xindy > xindy-rules -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

10 16

[opensuse-factory] Wanted: Correct power-switch for ARM based Chromebook
by Dr. Werner Fink 02 Oct '14

02 Oct '14

Hi, just to be noted that the patch rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch which includes the line SUBSYSTEM=="input", KERNEL=="event*", KERNELS=="gpio-keys.8", TAG+="power-switch" in the 70-power-switch.rules can not be fully corect. This because the "gpio-keys.8" is much to general and may cause trouble with other keyboard layouts. Therefore I'd like to see the output of such a Chromebook of the command: udevadm info -a /dev/input/by-path/*kbd which may give the more specific name of the power button. Werner -- "Having a smoking section in a restaurant is like having a peeing section in a swimming pool." -- Edward Burr

3 2

[opensuse-factory] Is it possible to submit packaged RC versions to factory?
by jcsl 02 Oct '14

02 Oct '14

Hi. The other day, chatting with one of the developers of LXDE, he ask me if I could submit a RC version of one of the desktop components to get feedback before the release. I have tried to submit it to X11:lxde but it has been rejected because they only accept stable packages. This is fine and I don't have any complaints about it. My question is, could I submit this package to Factory via system:install:head for example? I see git and beta versions of some packages there and that makes me think it is possible. On the other hand, with the movement to Factory Rolling I suppose the contrary because the objetive now is stability. So I really don't know if it is allowed or not. Having two package sources (X11:lxde and the other repo that I could choose) makes me think that the answer is "no". It is not my intention to make a rule of this and start submitting RC packages, but this one is going to be a 1.0.0 release and it is supposed to be an important milestone. Currently I have the package hosted in my home project but It doesn't have the same visibility that it could have in a more prominent repository. If the answer is definitely "no", what ways do you know to help testing small projects like LXDE that doesn't have a big user base? Thanks in advance. Greetings. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

3 3

[opensuse-factory] Clamav anti-virus : Permissions problem
by ellanios82 01 Oct '14

01 Oct '14

Hello List, - in case of interest, am seeing : " Database updated (3596558 signatures) from database.clamav.net (IP: 193.92.150.194) WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd-socket: Permission denied " .............. regards -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

3 3

[opensuse-factory] [ANNOUNCE] Bugzilla 4.4.5 Update this weekend
by Michael Schroeder 01 Oct '14

01 Oct '14

Hi openSUSE folks, we're going to update the openSUSE bugzilla from ancient version 3.4.3 to version 4.4.5. We do this mainly for three reasons: - to get new features and better speed - to get better customization support - to get all security holes fixed The update will happen on September 20th, aka this weekend. From a user experience, Bugzilla version 4.4.5 is not very different to 3.4.3, but there are some incompatible changes to watch out for: * NEEDINFO is no longer a state, but a flag. This has the advantage that a bug can have multiple needinfos set. The UI still offers the needinfo checkboxes, so you should not notice this much. * Some states got updated to sync with upstream bugzilla: ASSIGNED has been split into CONFIRMED and IN_PROGRESS. CONFIRMED means that you acknowlede that there is a bug, IN_PROGRESS means that you work on the bug. CLOSED has been merged into VERIFIED. The standard bug life cycle is thus: NEW -> CONFIRMED -> IN_PROGRESS -> RESOLVED -> VERIFIED * Partner IDs are stored as "See Also" URLs. There are shortcuts to add them, e.g. "FATE-2222" maps to the id in fate. There's also "CVE-XXXX" to map to the mitre server for the security inclined. With the update come per-business unit bugzilla styles and product filtering, thus navigating to "bugzilla.opensuse.org" will get you to openSUSE's bugzilla instance in a friendly green look instead of the old wiki page. Note that this is just a different skin for the same novell.com bugzilla, you can even configure it in the bugzilla preferences section. (In case you're wondering, there's also bugzilla.suse.com, bugzilla.netiq.com, and bugzilla.novell.com.) Cheers, Michael. -- Michael Schroeder mls(a)suse.de SUSE LINUX Products GmbH, GF Jeff Hawn, HRB 16746 AG Nuernberg main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);} -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

14 23

[opensuse-factory] Thunderbird : Local Folders
by ellanios82 01 Oct '14

01 Oct '14

Hello List, messages for root are being delivered ok into folder /var/spool/mail/root but, are not getting delivered to Thunderbird's Local Folder for root : where to look please ? : so that root's mail gets delivered to thunderbird ............. thanks ellan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

4 4

[opensuse-factory] Icedtea-web on 13.2 (beta1)
by Martin Schlander 01 Oct '14

01 Oct '14

Hi I'm testing 13.2 beta1 and I found icedtea-web missing from the distribution. However icedtea-web 1.5.1 is built for both Factory and 13.1 via the Java:Factory repo. Is there anyway icedtea-web could be shoehorned into 13.2? At least in a Danish context icedtea-web is crucial for home banking and access to public sector data (taxes, health information etc.). Luckily JavaScript-based replacements are being developed, but icedtea-web will still be mandatory for any Danish desktop user for another year or two. Surely we can't be the only ones still heavily dependent on Java web applets? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 1