openSUSE Factory
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
June 2016
- 156 participants
- 133 discussions
Hi, just wondering why dhcpcd was silently dropped from Factory? Can't
find anything in the mailing list archives, the advanced search doesn't
work for date ranges.
Thanks
Dave P
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
4
4
05 Jun '16
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Packages changed:
ImageMagick (6.9.4.1 -> 6.9.4.5)
Mesa
NetworkManager
NetworkManager-pptp
apache2
at-spi2-core
atk
atkmm
avahi
baobab
brasero
cairomm
caribou
clutter-gst
clutter-gtk
cogl
colord-gtk
dos2unix (7.3.3 -> 7.3.4)
eog
folks
gd
gedit
geoclue2
geocode-glib
gjs
glade
glib-networking
glibmm2
gnome-color-manager
gnome-common
gnome-control-center
gnome-icon-theme
gnome-system-monitor
gnome-themes-standard
gnome-user-docs
gnome-user-share
graphviz-plugins
gssdp
gtk-doc
gtkmm3
gtkspell3
gucharmap
gupnp
gupnp-igd
harfbuzz
htdig
hunspell
hwinfo (21.24 -> 21.26)
indic-fonts (20140220 -> 20160512)
iputils (s20121221 -> s20160308)
ispell
json-glib
kde-cli-tools5
libXfixes (5.0.1 -> 5.0.2)
libchamplain
libgnomeui
libgsf (1.14.36 -> 1.14.37)
libkipi
libnice
libpeas
librest
lsb-release
mobile-broadband-provider-info
mousetweaks
nautilus-sendto
notification-daemon
pangomm
patterns-openSUSE
perl-DBI (1.634 -> 1.636)
perl-File-Which (1.19 -> 1.21)
perl-MailTools (2.16 -> 2.18)
perl-XML-LibXML (2.0124 -> 2.0125)
perl-libintl-perl (1.24 -> 1.25)
procps
python-atspi
python3-atspi
python3-setuptools (21.0.0 -> 21.2.1)
scout (0.1.0+20151023 -> 0.1.0+20160523.472154b)
seahorse
simple-scan
tracker
tracker-extras
vim (7.4.1842 -> 7.4.1883)
vino
vte
wayland (1.10.0 -> 1.10.93)
yelp-tools
yelp-xsl
zenity
=== Details ===
==== ImageMagick ====
Version update (6.9.4.1 -> 6.9.4.5)
Subpackages: ImageMagick-devel ImageMagick-extra libMagick++-6_Q16-6 libMagickCore-6_Q16-2 libMagickWand-6_Q16-2 perl-PerlMagick
- updated to 6.9.4-5:
* Most OpenCL operations are now executed asynchronous.
* Security improvements to TEXT coder broke it (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29754)
* Fix stroke offset problem for -annotate (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29626)
* Add additional checks to DCM reader to prevent data-driven faults (bug
report from Hanno B�ck).
* Fixed proper placement of text annotation for east / west gravity.
2016-05-15 6.9.4-3 Cristy <quetzlzacatenango@image...>
* Fix pixel cache on disk regression (reference
https://github.com/ImageMagick/ImageMagick/issues/202)
* Quote passwords when passed to a delegate program.
* Can read geo-related EXIF metdata once-again (reference
https://github.com/ImageMagick/ImageMagick/issues/198)
* Sanitize all delegate emedded formatting characters.
* Don't sync pixel cache in AcquireAuthenticCacheView() (bug report from
Hanno B�ck).
- security update:
* CVE-2016-5118 [bsc#982178]
+ ImageMagick-CVE-2016-5118.patch
==== Mesa ====
Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2
- U_gallivm-disable-avx512-features.patch:
Fix crashes on some Skykake CPUs by disabling avx512 features
(bsc#980557, bsc#981532).
- enable vc4 and freedreno on aarch64 as well
==== NetworkManager ====
Subpackages: NetworkManager-devel libnm-glib-vpn1 libnm-glib4 libnm-util2 libnm0 typelib-1_0-NM-1_0 typelib-1_0-NMClient-1_0 typelib-1_0-NetworkManager-1_0
- Move provides NetworkManager(cacert-patch) to libnm-util2, to
ensure gnome-control-center doesn't hard requires NetworkManager.
==== NetworkManager-pptp ====
Subpackages: NetworkManager-pptp-gnome
- Update to GNOME 3.20 Fate#318572
==== apache2 ====
Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils
- remove Alias= from [Install] of the template service
[bsc#981541c#10]
- remove unneded httpd-2.4.17-debug-crash.patch
==== at-spi2-core ====
Subpackages: at-spi2-core-devel libatspi0 typelib-1_0-Atspi-2_0
- Drop at-spi2-core-devel Obsolete: the devel package have not
existed since 2009. At the same time, drop rpmlintrc, since it's
not needed anymore.
- Pkgconfig'ify spec file BuildRequires:
+ Replace/Remove: glib2-devel, gobject-introspection-devel,
xorg-x11-devel.
+ Add: pkgconfig(gio-2.0), pkgconfig(glib-2.0),
pkgconfig(gobject-2.0), pkgconfig(gobject-introspection-1.0),
pkgconfig(x11), pkgconfig(xtst), pkgconfig(xi).
==== atk ====
Subpackages: atk-devel libatk-1_0-0 libatk-1_0-0-32bit typelib-1_0-Atk-1_0
- Update to GNOME 3.20 Fate#318572
==== atkmm ====
- Update to GNOME 3.20 Fate#318572
==== avahi ====
Subpackages: avahi-autoipd avahi-compat-mDNSResponder-devel libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7 libavahi-devel libdns_sd
- Update to GNOME 3.20.2 (Fate#318572)
- Added License field in spec file.
- Update to GNOME 3.20 Fate#318572
==== baobab ====
- Update to GNOME 3.20 Fate#318572
==== brasero ====
Subpackages: brasero-lang brasero-nautilus libbrasero-burn3-1 libbrasero-media3-1 libbrasero-utils3-1
- Update to GNOME 3.20 Fate#318572
==== cairomm ====
- Remove unnecessary INSTALL file (resolves rpmlint warning)
- Update to GNOME 3.20 Fate#318572
==== caribou ====
Subpackages: caribou-common caribou-gtk-module-common caribou-gtk2-module caribou-gtk3-module libcaribou0 typelib-1_0-Caribou-1_0
- Update to GNOME 3.20 Fate#318572
==== clutter-gst ====
Subpackages: clutter-gst-devel gstreamer-plugin-gstclutter-3_0 libclutter-gst-3_0-0 typelib-1_0-ClutterGst-3_0
- Update to GNOME 3.20 Fate#318572
==== clutter-gtk ====
Subpackages: clutter-gtk-devel libclutter-gtk-1_0-0 typelib-1_0-GtkClutter-1_0
- Update to GNOME 3.20 Fate#318572
==== cogl ====
Subpackages: cogl-devel gstreamer-plugins-cogl libcogl-gles2-20 libcogl-pango20 libcogl20 typelib-1_0-Cogl-1_0 typelib-1_0-Cogl-2_0 typelib-1_0-CoglGst-2_0 typelib-1_0-CoglPango-1_0 typelib-1_0-CoglPango-2_0
- Update to GNOME 3.20 Fate#318572
==== colord-gtk ====
- Update to GNOME 3.20 Fate#318572
==== dos2unix ====
Version update (7.3.3 -> 7.3.4)
- Update to 7.3.4
==== eog ====
- Update to GNOME 3.20.2 Fate#318572
==== folks ====
Subpackages: libfolks-data libfolks-eds25 libfolks-telepathy25 libfolks-tracker25 libfolks25
- Update to GNOME 3.20 Fate#318572
==== gd ====
Subpackages: libgd3 libgd3-32bit
- security update:
* CVE-2016-5116 [bsc#982176]
+ gd-CVE-2016-5116.patch
==== gedit ====
Subpackages: python3-gedit
- Fix group for gedit-devel to Development/Libraries/C and C++
- Update to GNOME 3.20.2 Fate#318572
==== geoclue2 ====
Subpackages: typelib-1_0-Geoclue-2_0
- Add geoclue2-rpmlintrc to sources to filter out bogus rpmlint
warning about missing systemd-service and nonstandard user.
- Add missing post/postun handling of library.
- Remove useless desktop file for demos, we do not build the demos.
- Do not use systemd macros for geoclue2.service, they are not
designed for dbus systemd unit file [bsc#982216].
- Update to GNOME 3.20 Fate#318572
==== geocode-glib ====
Subpackages: libgeocode-glib0 typelib-1_0-GeocodeGlib-1_0
- Update to GNOME 3.20 Fate#318572
==== gjs ====
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to GNOME 3.20 Fate#318572
==== glade ====
Subpackages: glade-lang libgladeui-2-6
- Update to GNOME 3.20 Fate#318572
- Drop glade-bgo702314.patch and glade-bgo721098-anjuta-hang.patch:
Fixed upstream.
==== glib-networking ====
- Update to GNOME 3.20.2 Fate#318572
==== glibmm2 ====
Subpackages: glibmm2-devel libgiomm-2_4-1 libglibmm-2_4-1
- Update to GNOME 3.20 Fate#318572
==== gnome-color-manager ====
Subpackages: gnome-color-manager-lang
- Update to GNOME 3.20 -- Fate#318572.
==== gnome-common ====
- Update to GNOME 3.20 Fate#318572
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-user-faces
- Move online accounts panel to a separate subpackage and ensure
gnome-online-accounts is required by this subpackage (icons are
provided by it). Add Supplements to ensure it will be pulled when
gnome-online-accounts is installed.
==== gnome-icon-theme ====
- Update to GNOME 3.20 Fate#318572
==== gnome-system-monitor ====
- Update to GNOME 3.20 -- Fate#318572.
==== gnome-themes-standard ====
Subpackages: gnome-themes-accessibility gnome-themes-accessibility-gtk2 gtk2-metatheme-adwaita gtk2-theming-engine-adwaita gtk3-metatheme-adwaita metatheme-adwaita-common
- Update to GNOME 3.20.2 FATE#318572
==== gnome-user-docs ====
- Update to GNOME 3.20.2 FATE#318572
==== gnome-user-share ====
- Update to GNOME 3.20 Fate#318572
==== graphviz-plugins ====
Subpackages: graphviz-gd graphviz-gnome
- Disable ocaml plugins, not ready for upstream ocaml (fate#320836)
==== gssdp ====
- Update to GNOME 3.20.2 Fate#318572
==== gtk-doc ====
Subpackages: gtk-doc-lang
- Update to GNOME 3.20 Fate#318572
==== gtkmm3 ====
- Update to GNOME 3.20 Fate#318572
==== gtkspell3 ====
- Update to GNOME 3.20.2 Fate#318572
==== gucharmap ====
Subpackages: gucharmap-devel libgucharmap_2_90-7 typelib-1_0-Gucharmap-2_90
- Update to GNOME 3.20 Fate#318572
==== gupnp ====
- Update to GNOME 3.20.2 Fate#318572.
==== gupnp-igd ====
- Update to GNOME 3.20 Fate#318572
==== harfbuzz ====
Subpackages: harfbuzz-devel libharfbuzz-icu0 libharfbuzz0 libharfbuzz0-32bit
- Update to GNOME 3.20.2 FATE#318572
==== htdig ====
- Add htdig-unsigned-char.patch: use unsigned char to be sure we
can store values up to (int)255.
==== hunspell ====
Subpackages: hunspell-devel libhunspell-1_4-0
- Drop Requires: pkgconfig because this is already autodetected
by rpm. Use mode inheritance for defattr. Edit rpm group and
description a tiny bit.
==== hwinfo ====
Version update (21.24 -> 21.26)
Subpackages: hwinfo-devel
- change wording for SCSI reference
- add reference to SCSI command specification
- change type of serial_buf[] to unsigned char (bsc#980819)
- 21.26
- Correct comma placement after part-number
- 21.25
==== indic-fonts ====
Version update (20140220 -> 20160512)
- gujrati fonts [bsc#977195]: remove hinting instructions for all
letters except gujrati symbols in
* aakar medium
* padmaa Bold
* padmaa Medium
* Rekha medium
Fonts updated from:
https://github.com/kartikm/fonts-aakar
https://github.com/samyakbhuta/fonts-padmaa
https://github.com/kartikm/fonts-rekha
==== iputils ====
Version update (s20121221 -> s20160308)
- do not install rarpd and rarpd.8 manpage (comes from rarpd rpm currently)
- Update to version s20160308 (Changes taken from the RELNOTES file)
* use syntax compatible with busybox date in Makefile
* 'admin prohibited' should print !X not !S.
* Makefile: use #define as in previous code changes
* doc/Makefile: require bash, because we use pushd and popd
* doc: don't timestamp manpages by default
* ping: status() now returns received/transmitted instead of trans/recv
* ping: don't mess with internals of struct msghdr
* ping: ICMP error replies while errno < 0 is a hard error
* ping: always use POSIX locale when parsing -i
* ping: link against libm
* made ping functions protocol independent
* ping: perform dual-stack ping by default
* ping: remove obsolete preprocessor directives
* ping: avoid name clashes between IPv4 and IPv6 code
* ping: merge all ping header files into a single one
* ping: merge `ping6` command into `ping`
* ping: refactor ping options
* ping: refactor ping socket code
* ping: merge IPv4 and IPv6 `pr_addr()`
* ping: fix defines and libs in Makefile
* ping: handle single protocol systems
* iputils ping/ping6: Add a function to check if a packet is ours
* ping: Add <linux/types.h> to fix compilation error.
* ping6: Use GNUTLS API directly for MD5. (v2)
* ping6: Use libgcrypt instead of gnutls for MD5.
* Allow ping to use IPv6 addresses
* ping,ping6 doc: More description on CAP_NET_RAW usage.
* if IPv4 resolving fails fallback to ping6
* ping: in usage print the 'ping -6' options as well
* ping: allow option -4 which forces IPv4
* combine sock and errno into a single structure
* This patch allows running ping and ping6 without root privileges on
* use better names for socket variables
* tracepath,doc: fix corrupted tag
* doc: ping: add missing options and remove ping6
* ninfod: remove unused variables
* ninfod: Regenerate configure by autoconf-2.69.
* ninfod: libgcrypt support.
* Fix building with musl
* travis.yml: install nettle-dev
* Allow using nettle instead of libgcrypt for MD5
* avoid compiler warning caused by snapshot.h
* make `getaddrinfo()` and `getnameinfo()` usage consistent
* enable IDN by default
* remove IPV4_TARGETS and IPV6_TARGETS
* Use svg instead of png to get better image quality
* spec: Configure before building ninfod.
* spec: Fix date in %changelog.
* make,spec: Add rpm target.
- Refreshed patches
* iputils-ping-interrupt.diff
* iputils-sec-ping-unblock.diff
- Remove ifenslave.c. It has been removed in the linux kernel commit
b1098bbe1b24("bonding: remove ifenslave.c from kernel source").
bonding can be done via iproute (netlink)
- dropped iputils-ifenslave.diff
- Append our CFLAGS to the upstream ones instead of overriding them.
- Cleanup old make command since the upstream Makefile does things right
it seems.
- Use Provides: for old /{,s}bin utils to satisfy reverse dependencies.
- Install utilities to /bin and /sbin until reverse dependencies are
properly fixed.
- Do not install tftp and traceroute to avoid conflicts with the tftp and
traceroute packages. Stick to what iputils used to provide in the past.
- Remove iputils-traceroute6-stdint.diff patch since we are not building
the traceroute* utilities.
- Install tracepath to /usr/bin. (boo#795788)
- Update to version s20150815
* use syntax compatible with busybox date in Makefile
* Makefile: use #define as in previous code changes
* ping: status() now returns received/transmitted instead of trans/recv
* ping: don't mess with internals of struct msghdr
* tracepath,doc: fix corrupted tag
* made ping functions protocol independent
* Allow ping to use IPv6 addresses
* if IPv4 resolving fails fallback to ping6
* ping: in usage print the 'ping -6' options as well
* ping: allow option -4 which forces IPv4
* combine sock and errno into a single structure
* This patch allows running ping and ping6 without root privileges on
* use better names for socket variables
* travis.yml: install nettle-dev
* Allow using nettle instead of libgcrypt for MD5
* avoid compiler warning caused by snapshot.h
* make `getaddrinfo()` and `getnameinfo()` usage consistent
* enable IDN by default
* ping: perform dual-stack ping by default
* remove IPV4_TARGETS and IPV6_TARGETS
* ping: remove obsolete preprocessor directives
* ping: avoid name clashes between IPv4 and IPv6 code
* ping: merge all ping header files into a single one
* ping: merge `ping6` command into `ping`
* ping: refactor ping options
* ping: refactor ping socket code
* ping: merge IPv4 and IPv6 `pr_addr()`
* Use svg instead of png to get better image quality
* iputils ping/ping6: Add a function to check if a packet is ours
* ping: Add <linux/types.h> to fix compilation error.
* ping6: Use GNUTLS API directly for MD5. (v2)
* ping6: Use libgcrypt instead of gnutls for MD5.
* ninfod: Regenerate configure by autoconf-2.69.
* ninfod: libgcrypt support.
* spec: Configure before building ninfod.
* spec: Fix date in %changelog.
* make,spec: Add rpm target.
* ping,ping6 doc: More description on CAP_NET_RAW usage.
- Update patches
* iputils-s20101006-ping-interrupt.diff > iputils-ping-interrupt.diff
* iputils-s20101006-sec-ping-unblock.diff > iputils-sec-ping-unblock.diff
* iputils-remove-bogus-check-required-for-2.4.9-kernels.patch
- Update home project page and download Url
- Remove obsolete %clean section
- Remove UsrMerge process; it has been done for more than two
openSUSE releases now
==== ispell ====
Subpackages: ispell-american ispell-british
- Extend patch boo966124.dif for bug boo#981024
==== json-glib ====
Subpackages: json-glib-devel libjson-glib-1_0-0 typelib-1_0-Json-1_0
- Update to GNOME 3.20 -- Fate#318572.
==== kde-cli-tools5 ====
- Add keditfiletype-create-directory-if-it-doesnt-exist.patch to
fix modifying filetypes on fresh user accounts (kde#356237)
==== libXfixes ====
Version update (5.0.1 -> 5.0.2)
Subpackages: libXfixes-devel libXfixes3 libXfixes3-32bit
- Update to version 5.0.2
* Remove fallback for _XEatDataWords, require libX11 1.6 for it
- tagged baselibs.conf as source in specfile
==== libchamplain ====
Subpackages: libchamplain-0_12-0 typelib-1_0-Champlain-0_12
- Update to GNOME 3.20 Fate#318572
==== libgnomeui ====
Subpackages: libgnomeui-lang
- Drop --with-pic, it is only relevant for static libs (which
are not built). Trim trailing dots from summary. Drop redundant
%clean section. Use %_smp_mflags for parallel building.
- Update to GNOME 3.20.2 FATE#318572
==== libgsf ====
Version update (1.14.36 -> 1.14.37)
Subpackages: gsf-office-thumbnailer libgsf-1-114 libgsf-devel typelib-1_0-Gsf-1
- Update to version 1.14.37:
+ Fix tar issue (bgo#765099).
==== libkipi ====
Subpackages: libKF5Kipi31_0_0 libkipi-devel
- Split off non-lib files from libkipi in a libkipi-data package
- Have libKF5Kipi require libkipi-data
- Adjust package groups for libKF5Kipi
==== libnice ====
Subpackages: gstreamer-libnice libnice10
- Merge with factory for Gnome 3.20 fate#318572.
==== libpeas ====
Subpackages: libpeas-1_0-0 libpeas-gtk-1_0-0 libpeas-loader-python libpeas-loader-python3 typelib-1_0-Peas-1_0 typelib-1_0-PeasGtk-1_0
- Update to GNOME 3.20 Fate#318572
==== librest ====
Subpackages: librest0 typelib-1_0-Rest-0_7
- Update to GNOME 3.20 Fate#318572
==== lsb-release ====
- Merge with openSUSE again, change openSUSE project distributor
name to remove the problematic whitespace.
- Change Distributor name from "SUSE LINUX" to "SUSE", since
the LSB spec is not in sync with the reference implementation,
and some projects follow the reference implementation and not
the spec.
==== mobile-broadband-provider-info ====
- Update to GNOME 3.20 Fate#318572
==== mousetweaks ====
- Update to GNOME 3.20 Fate#318572
==== nautilus-sendto ====
- Update to GNOME 3.20 Fate#318572
==== notification-daemon ====
- Update to GNOME 3.20 Fate#318572
==== pangomm ====
- Update to GNOME 3.20 Fate#318572
==== patterns-openSUSE ====
Subpackages: patterns-openSUSE-apparmor patterns-openSUSE-apparmor_opt patterns-openSUSE-base patterns-openSUSE-books patterns-openSUSE-console patterns-openSUSE-devel_C_C++ patterns-openSUSE-devel_basis patterns-openSUSE-devel_gnome patterns-openSUSE-devel_ide patterns-openSUSE-devel_java patterns-openSUSE-devel_kde patterns-openSUSE-devel_kde_frameworks patterns-openSUSE-devel_kernel patterns-openSUSE-devel_osc_build patterns-openSUSE-devel_perl patterns-openSUSE-devel_python patterns-openSUSE-devel_qt4 patterns-openSUSE-devel_qt5 patterns-openSUSE-devel_rpm_build patterns-openSUSE-devel_ruby patterns-openSUSE-devel_web patterns-openSUSE-dhcp_dns_server patterns-openSUSE-directory_server patterns-openSUSE-enhanced_base patterns-openSUSE-enhanced_base_opt patterns-openSUSE-file_server patterns-openSUSE-fonts patterns-openSUSE-fonts_opt patterns-openSUSE-games patterns-openSUSE-gateway_server patterns-openSUSE-gnome patterns-openSUSE-gnome_admin patterns-openSUSE-gnome_basis patterns
-openSUSE-gnome_basis_opt patterns-openSUSE-gnome_games patterns-openSUSE-gnome_ide patterns-openSUSE-gnome_imaging patterns-openSUSE-gnome_imaging_opt patterns-openSUSE-gnome_internet patterns-openSUSE-gnome_laptop patterns-openSUSE-gnome_multimedia patterns-openSUSE-gnome_multimedia_opt patterns-openSUSE-gnome_office patterns-openSUSE-gnome_office_opt patterns-openSUSE-gnome_utilities patterns-openSUSE-gnome_yast patterns-openSUSE-imaging patterns-openSUSE-imaging_opt patterns-openSUSE-kde patterns-openSUSE-kde_edutainment patterns-openSUSE-kde_games patterns-openSUSE-kde_ide patterns-openSUSE-kde_imaging patterns-openSUSE-kde_internet patterns-openSUSE-kde_multimedia patterns-openSUSE-kde_office patterns-openSUSE-kde_plasma patterns-openSUSE-kde_telepathy patterns-openSUSE-kde_utilities patterns-openSUSE-kde_utilities_opt patterns-openSUSE-kde_yast patterns-openSUSE-kvm_server patterns-openSUSE-lamp_server patterns-openSUSE-laptop patterns-openSUSE-lxde patterns-openSUSE-lxde_lap
top patterns-openSUSE-lxde_office patterns-openSUSE-mail_server patterns-openSUSE-minimal_base patterns-openSUSE-minimal_base-conflicts patterns-openSUSE-misc_server patterns-openSUSE-multimedia patterns-openSUSE-multimedia_opt patterns-openSUSE-network_admin patterns-openSUSE-non_oss patterns-openSUSE-non_oss_opt patterns-openSUSE-office patterns-openSUSE-office_opt patterns-openSUSE-print_server patterns-openSUSE-remote_desktop patterns-openSUSE-rest_dvd patterns-openSUSE-sw_management patterns-openSUSE-sw_management_gnome patterns-openSUSE-sw_management_kde patterns-openSUSE-tabletpc patterns-openSUSE-technical_writing patterns-openSUSE-x11 patterns-openSUSE-x11_opt patterns-openSUSE-x11_yast patterns-openSUSE-xen_server patterns-openSUSE-xfce patterns-openSUSE-xfce_basis patterns-openSUSE-xfce_laptop patterns-openSUSE-xfce_office patterns-openSUSE-yast2_basis patterns-openSUSE-yast2_install_wf
- Drop icedtea-web recommends from gnome and kde patterns.
- No longer recommend xorg-x11-Xvnc by the x11 pattern
(boo#981663).
- remove lilo and grub from patterns
==== perl-DBI ====
Version update (1.634 -> 1.636)
- updated to 1.636
see /usr/share/doc/packages/perl-DBI/Changes
=head2 Changes in DBI 1.636 - 24th April 2016
Fix compilation for threaded perl <= 5.12 broken in 1.635 RT#113955
Revert change to DBI::PurePerl DESTROY in 1.635
Change t/16destroy.t to avoid race hazard RT#113951
Output perl version and archname in t/01basics.t
Add perl 5.22 and 5.22-extras to travis-ci config
=head2 Changes in DBI 1.635 - 24th April 2016
Fixed RaiseError/PrintError for UTF-8 errors/warnings. RT#102404
Fixed cases where ShowErrorStatement might show incorrect Statement RT#97434
Fixed DBD::Gofer for UTF-8-enabled STDIN/STDOUT
thanks to mauke PR#32
Fixed fetchall_arrayref({}) behavior with no columns
thanks to Dan McGee PR#31
Fixed tied CachedKids ref leak in attribute cache by weakening
thanks to Michael Conrad RT#113852
Fixed "panic: attempt to copy freed scalar" upon commit() or rollback()
thanks to fbriere for detailed bug report RT#102791
Ceased to ignore DESTROY of outer handle in DBI::PurePerl
Treat undef in DBI::Profile Path as string "undef"
thanks to fREW Schmidt RT#113298
Fix SQL::Nano parser to ignore trailing semicolon
thanks to H.Merijn Brand.
Added @ary = $dbh->selectall_array(...) method
thanks to Ed Avis RT#106411
Added appveyor support (Travis like CI for windows)
thanks to mbeijen PR#30
Corrected spelling errors in pod
thanks to Gregor Herrmann RT#107838
Corrected and/or removed broken links to SQL standards
thanks to David Pottage RT#111437
Corrected doc example to use dbi: instead of DBI: in DSN
thanks to Michael R. Davis RT#101181
Removed/updated broken links in docs
thanks to mbeijen PR#29
Clarified docs for DBI::hash($string)
Removed the ancient DBI::FAQ module RT#102714
Fixed t/pod.t to require Test::Pod >= 1.41 RT#101769
This release was developed at the Perl QA Hackathon 2016
L<http://act.qa-hackathon.org/qa2016/>
which was made possible by the generosity of many sponsors:
L<https://www.fastmail.com> FastMail,
L<https://www.ziprecruiter.com> ZipRecruiter,
L<http://www.activestate.com> ActiveState,
L<http://www.opusvl.com> OpusVL,
L<https://www.strato.com> Strato,
L<http://www.surevoip.co.uk> SureVoIP,
L<http://www.cv-library.co.uk> CV-Library,
L<https://www.iinteractive.com/> Infinity,
L<https://opensource.careers/perl-careers/> Perl Careers,
L<https://www.mongodb.com> MongoDB,
L<https://www.thinkproject.com> thinkproject!,
L<https://www.dreamhost.com/> Dreamhost,
L<http://www.perl6.org/> Perl 6,
L<http://www.perl-services.de/> Perl Services,
L<https://www.evozon.com/> Evozon,
L<http://www.booking.com> Booking,
L<http://eligo.co.uk> Eligo,
L<http://www.oetiker.ch/> Oetiker+Partner,
L<http://capside.com/en/> CAPSiDE,
L<https://www.procura.nl/> Procura,
L<https://constructor.io/> Constructor.io,
L<https://metacpan.org/author/BABF> Robbie Bow,
L<https://metacpan.org/author/RSAVAGE> Ron Savage,
L<https://metacpan.org/author/ITCHARLIE> Charlie Gonzalez,
L<https://twitter.com/jscook2345> Justin Cook.
==== perl-File-Which ====
Version update (1.19 -> 1.21)
- fix test suite with a chmod
- updated to 1.21
see /usr/share/doc/packages/perl-File-Which/Changes
1.21 2016-03-02 14:20:43 -0500
- Workaround for nutty cygwin filesystem rules
1.20 2016-03-01 15:06:54 -0500
- Fix bug where executable named "0" would not be found (gh#7)
==== perl-MailTools ====
Version update (2.16 -> 2.18)
- updated to 2.18
see /usr/share/doc/packages/perl-MailTools/ChangeLog
version 2.18: Wed 18 May 23:52:30 CEST 2016
Fixes:
- Mail::Header should accept
in empty line which ends the
header. rt.cpan.org#114382 [Ricardo Signes]
version 2.17: Wed 11 May 17:20:21 CEST 2016
Fixes:
- Mail::Header should only accept totally empty lines as header
terminator, not to break MIME::Tools regression tests.
rt.cpan.org#113918 [David Cantrell]
==== perl-XML-LibXML ====
Version update (2.0124 -> 2.0125)
- updated to 2.0125
see /usr/share/doc/packages/perl-XML-LibXML/Changes
2.0125 2016-05-30
- Moved the repository from Mercurial and BitBucket to Git and GitHub:
- https://github.com/shlomif/perl-XML-LibXML
- This was done to better encourage contributions to XML::LiBXML and
to be able to use the better Continuous Integration options that
are available for GitHub projects.
==== perl-libintl-perl ====
Version update (1.24 -> 1.25)
- update to 1.25
* Fixed false negatives in test suite, no need to upgrade the module!
* Bugs fixed:
https://rt.cpan.org/Ticket/Display.html?id=83980
https://rt.cpan.org/Ticket/Display.html?id=47968
==== procps ====
Subpackages: libprocps5
- Avoid line doubling of pmap output due new SwapPss entry (boo#982090)
==== python-atspi ====
- Update to GNOME 3.20.2 Fate#318572
==== python3-atspi ====
- Update to GNOME 3.20.2 Fate#318572
==== python3-setuptools ====
Version update (21.0.0 -> 21.2.1)
- update to version 21.2.1:
* #261: Exclude directories when resolving globs in package_data.
- changes from version 21.2.0:
* #539: In the easy_install get_site_dirs, honor all paths found in
site.getsitepackages.
- changes from version 21.1.0:
* #572: In build_ext, now always import _CONFIG_VARS from distutils
rather than from sysconfig to allow
distutils.sysconfig.customize_compiler configure the OS X
compiler for -dynamiclib.
==== scout ====
Version update (0.1.0+20151023 -> 0.1.0+20160523.472154b)
Subpackages: command-not-found
- Update to version 0.1.0+20160523.472154b:
* Translated using Weblate (German)
* Translated using Weblate (Lithuanian)
* Translated using Weblate (Polish)
* Translated using Weblate (Dutch)
* Translated using Weblate (Norwegian Nynorsk)
* Translated using Weblate (German)
* Translated using Weblate (Arabic)
* Translated using Weblate (French)
* Translated using Weblate (Korean)
* Translated using Weblate (Swedish)
- Cleanup a bit to have the spec readable and point to proper url
==== seahorse ====
Subpackages: gnome-shell-search-provider-seahorse
- Update to GNOME 3.20 -- Fate#318572.
==== simple-scan ====
- Update to GNOME 3.20 Fate#318572
==== tracker ====
Subpackages: libtracker-common-1_0 libtracker-control-1_0-0 libtracker-miner-1_0-0 libtracker-sparql-1_0-0 tracker-devel tracker-miner-files typelib-1_0-Tracker-1_0 typelib-1_0-TrackerControl-1_0 typelib-1_0-TrackerMiner-1_0
- Update to GNOME 3.20.2 (Fate#318572)
==== tracker-extras ====
Subpackages: nautilus-extension-tracker-tags tracker-gui
- Update to GNOME 3.20.2 (Fate#318572)
==== vim ====
Version update (7.4.1842 -> 7.4.1883)
Subpackages: gvim vim-data
- Updated to revision 1883, fixes the following problems
* Python: encoding error with Python 2.
* Memory leaks in test49.
* Invalid memory access when exiting with EXITFREE defined.
* Memory leak in test_matchstrpos.
* Setting really_exiting causes memory leaks to be reported.
* Appending to the quickfix list while the quickfix window is open
is very slow.
* When a callback adds a timer the GUI doesn't use it until later.
* Comparing functions and partials doesn't work well.
* Typing "k" at the hit-enter prompt has no effect.
* Whether a job has exited isn't detected until a character is typed.
After calling exit_cb the cursor is in the wrong place.
* Channel test is flaky.
* Appending to a long quickfix list is slow.
* Check for line break at end of line wrong.
* Cppcheck found 2 incorrect printf formats.
- Updated to revision 1862, fixes the following problems
* Using a partial for timer_start() may cause a crash.
* Compiler warnings with 64 bit compiler.
* string() with repeated argument does not give a result usable
by eval().
- Updated to revision 1859, fixes the following problems
* Tests involving Python are flaky.
* Ubsan detects a multiplication overflow.
* Getting an item from a NULL dict crashes.
* Can't build with Strawberry Perl 5.24 (obsoletes perl-5.24.patch)
* Still trying to read from channel that is going to be closed.
* GUI freezes when using a job.
* test_syn_attr fails when using the GUI.
* Unix: Cannot run all tests with the GUI.
* Crash when job and channel are in the same dict while using partials.
* When setting 'termguicolors' the Ignore highlighting doesn't work.
* Valgrind reports memory leak for job that is not freed.
* When a channel appends to a buffer that is 'nomodifiable' there
is an error but appending is done anyway.
* When a channel writes to a buffer it doesn't find a buffer by
the short name but re-uses it anyway.
* Cannot use a function reference for "exit_cb".
==== vino ====
- Update to GNOME 3.20.2 Fate#318572
==== vte ====
Subpackages: glade-catalog-vte libvte-2_91-0 typelib-1_0-Vte-2.91 vte-devel
- Update to GNOME 3.20.2 Fate#318572
==== wayland ====
Version update (1.10.0 -> 1.10.93)
Subpackages: libwayland-client0 libwayland-client0-32bit libwayland-cursor0 libwayland-server0 libwayland-server0-32bit wayland-devel
- Update to new upstream release 1.10.93
* Proxy wrappers were introduced, which help avoid race
conditions in multi-threaded clients. A new "proxy wrapper" API
is added for the client to use when sending requests which does
not proxy events. This helps avoid one thread causing events to
be dropped before they can be handled by other threads.
* shm: When undergoing a resize operation while external users
are holding references to it, the resize is deferred to prevent
leading to a crash; Wayland now counts external and internal
users differently to permit tracking this.
* Support for cross-interface enum attributes is added.
==== yelp-tools ====
- Update to GNOME 3.20 Fate#318572
==== yelp-xsl ====
- Update to GNOME 3.20 Fate#318572
==== zenity ====
- Update to GNOME 3.20 Fate#318572
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
1
0
To users of NVIDIA hardware:
A tested patch for the 340.96 Nvidia driver using kernel 4.6 has been sent to
me. Since this is the TW kernel, I am posting it here for interested users. With
minor modifications, it should work for other Nvidia drivers.
Larry
--
If I was stranded on an island and the only way to get off
the island was to make a pretty UI, I’d die there.
Linus Torvalds
3
3
04 Jun '16
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Packages changed:
adwaita-icon-theme
bluez (5.39 -> 5.40)
calligra
desktop-file-utils
device-mapper (1.02.115 -> 1.02.124)
evince
gdb
gdm
ghex
gnome-backgrounds
gnome-terminal
gnome-weather
kernel-firmware (20160503 -> 20160516)
ktouch (15.12.3 -> 16.04.1)
libgit2-glib
libimobiledevice
libstorage (2.26.2 -> 2.26.3)
libusbmuxd
libvirt
lilo
lvm2 (2.02.141 -> 2.02.152)
meld
mutt
nfs-utils
pcsc-lite (1.8.16 -> 1.8.17)
phonon-backend-vlc
postfix (2.11.7 -> 3.1.1)
powertop
rubygem-cfa (0.3.0 -> 0.3.1)
tigervnc
valgrind
vte2
wicked (0.6.34 -> 0.6.35)
xorg-x11-driver-input
yast2 (3.1.189 -> 3.1.191)
yast2-bootloader (3.1.187 -> 3.1.192)
yast2-firewall (3.1.4 -> 3.1.5)
yast2-installation (3.1.187 -> 3.1.191)
yast2-mail (3.1.7 -> 3.1.8)
yast2-network (3.1.151 -> 3.1.152)
yast2-ruby-bindings (3.1.46 -> 3.1.48)
=== Details ===
==== adwaita-icon-theme ====
- Actually apply adwaita-symbolic-fixes.patch.
==== bluez ====
Version update (5.39 -> 5.40)
Subpackages: bluez-cups bluez-devel libbluetooth3
- update to version 5.40:
This is mostly a bug fix release fixing issues with GATT, paired
devices and connection handling (particularly for accepting
connections through the Profile D-Bus interface).
One new feature is the ability to use btmon for reading HCI logs
from a TTY device. Right now the creation of this kind of logs is
available with Zephyr <https://www.zephyrproject.org/> in the
form of a special console logging mode (more information
available here
https://www.zephyrproject.org/doc/board/arduino_101_ble.html#getting-hci-tr…>).
The format of the protocol is a slight modification of what btmon
normally receives from the kernel monitor sockets, and is
documented in doc/btsnoop.txt).
==== calligra ====
Subpackages: calligra-extras-dolphin calligra-extras-okular calligra-stage calligra-words-common
- Re-enable building against Vc-devel-static, it builds fine again
- Remove some unnecessary part from the specfile
==== desktop-file-utils ====
- Fix suse-update-mime-defaults: Ensure the directory structure to
write the cache info to is in place (boo#976973).
==== device-mapper ====
Version update (1.02.115 -> 1.02.124)
- Add compat symlinks for binaries to /sbin/ to avoid errors on
hardcoded systems, obsolete them with leap 43
- Add conflicts on unsplit packages to allow smooth upgrade path
Also do the conflict properly in baselibs.conf
- Add dependencies to the devel pacakge in baselibs.conf
- Update patch use-mirrortype-asdefault-whenclvmdrunning.patch
to match up the patches/pvmove_support_clustered_vg.diff and not
use the define declared only when building clvm codebase;
it is still broken if someone changes the PID location, but at least
it now does not depend on clvm code
- Regenerate_initrd in post of the lvm2 main pkg
- Update baselibs to point to split-out devicemapper libraries
- Keep in sync the common configuration options that are shared among
all the variants dm/lvm2/clvm
- Provide symlinks to 1.02 versions of dm and dm-event libs
* this should sort out binary packages without the need of double
rebuilding
- Update to 2.02.152 release, read WHATS_NEW for detailed log.
- Refresh patches:
* 10-dm.rules-Reset-state-variable-for-spurious-events.patch
* device-mapper-gcc-warnings.patch
* device-mapper-link.patch
* udev-Check-for-DM_NR_VALID_PATHS.patch
- Slightly tweak btrfs patch as the code changed for the detection:
* fsadm-add-support-for-btrfs.patch
- Build and install properly cluster files
- Remove csm-converter.tar.gz as the evms was last present on sle10
and thus migration is bit out of scope today
- Add pre_checkin.sh to allow syncing of patches between packages:
workflow = add everything to lvm2.spec and run pre_checkin.sh
- Refresh patch use-mirrortype-asdefault-whenclvmdrunning.patch to
work without clvm code enabled
- Regenerate lvm2 tmpfiles after install so they won't populate just
after the reboot
- Split out lvm2 libraries to separate subpkgs per standards
- Rename versioning of plugins patch:
* version-plugins-in-libdir -> version-plugins-in-libdir.patch
- Remove evms provides/obsoletes, last seen on sle10
- Mark configs as such
- Ghost the during-run created dirs
- Install rcbla compat service symlinks
- Sync with device-mapper.spec, build only lvm and wipe devicemapper
binaries
- Install in /usr there is no technical reason to keep this out
of /usr
- Split out device-mapper and clvm to separate spec files
* No factual changes just deletion in the spec to keep it out
of interacting with those parts
- Do not explicitely require expat it is only used by thin_provisioning
- There is no factual reason to keep the device mapper out of /usr
so just match everything else
- Remove device-mapper-static.patch as there should be no need to
have static library here and it can be reenabled with some explanation
if needed
- Rename device-mapper-link to device-mapper-link.patch
==== evince ====
Subpackages: evince-browser-plugin evince-plugin-comicsdocument evince-plugin-djvudocument evince-plugin-dvidocument evince-plugin-pdfdocument evince-plugin-psdocument evince-plugin-tiffdocument evince-plugin-xpsdocument libevdocument3-4 libevview3-3 nautilus-evince typelib-1_0-EvinceDocument-3_0 typelib-1_0-EvinceView-3_0
- Change Group in devel sub-package to Development/Languages/C and
C++: Silence rpmlint.
- Drop old Provides and Obsoletes that do not make any sense
keeping around anymore. Silence even more rpmlint warnings.
+ Provides: ggv, gpdf, evince-doc.
+ Obsoletes: ggv, gpdf, evince-doc.
==== gdb ====
- Add gdb-gcc6-Wparentheses-warning.patch to fix Werrors reported by GCC6.
==== gdm ====
Subpackages: gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Disable gdm-workaround-boo971852.patch.
==== ghex ====
Subpackages: ghex-lang libgtkhex-3-0
- Update to GNOME 3.20.2 Fate#318572
==== gnome-backgrounds ====
Subpackages: gnome-backgrounds-lang
- Update to GNOME 3.20 Fate#318572
==== gnome-terminal ====
Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal
- Remove gnome-core obsoletes; it is from 2002 or so and not
relevant now.
==== gnome-weather ====
Subpackages: gnome-shell-search-provider-gnome-weather
- Update to GNOME 3.20.2 FATE#318572
==== kernel-firmware ====
Version update (20160503 -> 20160516)
Subpackages: ucode-amd
- Update to version 20160516:
* linux-firmware: intel: Update Skylake audio firmware
* linux-firmware: update rt2860.bin, rt2800pci driver
* linux-firmware: update rt2870.bin, rt2800usb driver
* amdgpu: update firmware
==== ktouch ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libgit2-glib ====
- Add to the SDK. Fate#319349
==== libimobiledevice ====
Subpackages: libimobiledevice-devel libimobiledevice6
- Add libimobiledevice-CVE-2016-5104.patch: Make sure sockets only
listen locally (CVE-2016-5104, boo#982014).
==== libstorage ====
Version update (2.26.2 -> 2.26.3)
Subpackages: libstorage-ruby libstorage7
- call parted with --wipesignatures when creating partitions to
avoid auto-assembly of old MD RAIDs (fate#319893, bsc#943623)
- 2.26.3
==== libusbmuxd ====
Subpackages: libusbmuxd-devel libusbmuxd4
- Add libusbmuxd-CVE-2016-5104.patch: Make sure sockets only
listen locally (CVE-2016-5104, boo#982014).
==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen
- Avoid suppressing errors during useradd/groupadd
==== lilo ====
- Do not buildrequire device-mapper-32bit: this package contains
the libraries needed by device-mapper-devel-32bit and as such
it is the -devel package's responsibility, to bring the libs in.
==== lvm2 ====
Version update (2.02.141 -> 2.02.152)
- Add compat symlinks for binaries to /sbin/ to avoid errors on
hardcoded systems, obsolete them with leap 43
- Add conflicts on unsplit packages to allow smooth upgrade path
Also do the conflict properly in baselibs.conf
- Add dependencies to the devel pacakge in baselibs.conf
- Update patch use-mirrortype-asdefault-whenclvmdrunning.patch
to match up the patches/pvmove_support_clustered_vg.diff and not
use the define declared only when building clvm codebase;
it is still broken if someone changes the PID location, but at least
it now does not depend on clvm code
- Regenerate_initrd in post of the lvm2 main pkg
- Update baselibs to point to split-out devicemapper libraries
- Keep in sync the common configuration options that are shared among
all the variants dm/lvm2/clvm
- Provide symlinks to 1.02 versions of dm and dm-event libs
* this should sort out binary packages without the need of double
rebuilding
- Update to 2.02.152 release, read WHATS_NEW for detailed log.
- Refresh patches:
* 10-dm.rules-Reset-state-variable-for-spurious-events.patch
* device-mapper-gcc-warnings.patch
* device-mapper-link.patch
* udev-Check-for-DM_NR_VALID_PATHS.patch
- Slightly tweak btrfs patch as the code changed for the detection:
* fsadm-add-support-for-btrfs.patch
- Build and install properly cluster files
- Remove csm-converter.tar.gz as the evms was last present on sle10
and thus migration is bit out of scope today
- Add pre_checkin.sh to allow syncing of patches between packages:
workflow = add everything to lvm2.spec and run pre_checkin.sh
- Refresh patch use-mirrortype-asdefault-whenclvmdrunning.patch to
work without clvm code enabled
- Regenerate lvm2 tmpfiles after install so they won't populate just
after the reboot
- Split out lvm2 libraries to separate subpkgs per standards
- Rename versioning of plugins patch:
* version-plugins-in-libdir -> version-plugins-in-libdir.patch
- Remove evms provides/obsoletes, last seen on sle10
- Mark configs as such
- Ghost the during-run created dirs
- Install rcbla compat service symlinks
- Sync with device-mapper.spec, build only lvm and wipe devicemapper
binaries
- Install in /usr there is no technical reason to keep this out
of /usr
- Split out device-mapper and clvm to separate spec files
* No factual changes just deletion in the spec to keep it out
of interacting with those parts
- Do not explicitely require expat it is only used by thin_provisioning
- There is no factual reason to keep the device mapper out of /usr
so just match everything else
- Remove device-mapper-static.patch as there should be no need to
have static library here and it can be reenabled with some explanation
if needed
- Rename device-mapper-link to device-mapper-link.patch
==== meld ====
Subpackages: meld-lang
- Update to GNOME 3.20.2 (Fate#318572)
==== mutt ====
- Fix crash due keywords.patch which stumble over not existing
standard mailbox
- Update to neomutt 20160530
- Avoid sidebar patch from bother other users (boo#982129)
- Remove patch patch-1.6.1.rr.compressed.bz2 as now part of neumutt
==== nfs-utils ====
Subpackages: nfs-client nfs-doc nfs-kernel-server
- 0001-systemd-Decouple-the-starting-and-stopping-of-rpcbin.patch
0002-systemd-unit-files-fix-up-dependencies-on-rpcbind.patch
Fix systemd dependencies to ensure rpcbind is started when needed.
(bsc#975265)
==== pcsc-lite ====
Version update (1.8.16 -> 1.8.17)
Subpackages: libpcsclite1
- Updated to version 1.8.17
* Fix SCardEndTransaction() issue with a SCARD_SHARE_EXCLUSIVE connection
* Fix an issue when used with systemd (problem in signal handler)
* SCardGetAttrib(): set pcbAttrLen when buffer is too small
* Some other minor improvements
==== phonon-backend-vlc ====
- Require VLC 2.1.0 at least for building, support for 2.0.x has
been removed upstream
==== postfix ====
Version update (2.11.7 -> 3.1.1)
Subpackages: postfix-doc
- fix Changelog cause of Factory decline
- Fix typo in config.postfix
- bnc#981097 config.postfix creates broken main.cf for tls client configuration
- bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete
- update to 3.1.1:
- The new address_verify_pending_request_limit
parameter introduces a safety limit for the number of address
verification probes in the active queue. The default limit is 1/4
of the active queue maximum size. The queue manager enforces the
limit by tempfailing probe messages that exceed the limit. This
design avoids dependencies on global counters that get out of sync
after a process or system crash.
- Machine-readable, JSON-formatted queue listing with "postqueue -j"
(no "mailq" equivalent).
- The milter_macro_defaults feature provides an optional list of macro
name=value pairs. These specify default values for Milter macros when
no value is available from the SMTP session context.
- Support to enforce a destination-independent delay between email
deliveries. The following example inserts 20 seconds of delay
between all deliveries with the SMTP transport, limiting the delivery
rate to at most three messages per minute.
smtp_transport_rate_delay = 20s
- Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
that a "not found" result from a DNSBL server will be valid for one
hour. This may have been adequate five years ago when postscreen
was first implemented, but nowadays, that one hour can result in
missed opportunities to block new spambots.
To address this, postscreen now respects the TTL of DNSBL "not
found" replies, as well as the TTL of DNSWL replies (both "found"
and "not found"). The TTL for a "not found" reply is determined
according to RFC 2308 (the TTL of an SOA record in the reply).
Support for DNSBL or DNSWL reply TTL values is controlled by two
configuration parameters:
postscreen_dnsbl_min_ttl (default: 60 seconds).
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
the default value for the new postscreen_dnsbl_max_ttl parameter.
- New "smtpd_client_auth_rate_limit" feature, to
enforce an optional rate limit on AUTH commands per SMTP client IP
address. Similar to other smtpd_client_*_rate_limit features, this
enforces a limit on the number of requests per $anvil_rate_time_unit.
- New SMTPD policy service attribute "policy_context",
with a corresponding "smtpd_policy_service_policy_context" configuration
parameter. Originally, this was implemented to share the same SMTPD
policy service endpoint among multiple check_policy_service clients.
- A new "postfix tls" command to quickly enable opportunistic TLS
in the Postfix SMTP client or server, and to manage SMTP server keys
and certificates, including certificate signing requests and
TLSA DNS records for DANE.
- build with working support for SMTPUTF8
- fix build on sle11 by pointing _libexecdir to /usr/lib all the
time.
- some distros did not pull pkgconfig indirectly. pull it directly.
- fix building the dynamic maps: the old build had postgresql e.g.
with missing symbols.
- convert to AUXLIBS_* instead of plain AUXLIBS which is needed
for proper dynamic maps.
- reordered the CCARGS and AUXLIBS* lines to group by feature
- use pkgconfig or *_config tools where possible
- picked up signed char from fedora spec file
- enable lmdb support: new BR lmdb-devel, new subpackage
postfix-lmdb.
- don't delete vmail user/groups
- update to 3.1.0
- Since version 3.0 postfix supports dynamic loading of cdb:, ldap:,
lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients.
Thats why the patches dynamic_maps.patch and dynamic_maps_pie.patch
could be removed.
- Adapting all the patches to postfix 3.1.0
- remove obsolete patches
* add_missed_library.patch
* postfix-opensslconfig.patch
- update vda patch
* remove postfix-vda-v13-2.10.0.patch
* add postfix-vda-v13-3.10.0.patch
- The patch postfix-db6.diff is not more neccessary
- Backwards-compatibility safety net.
With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.
With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.
Several Postfix default settings have changed with Postfix 3.0. To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.
- Major changes - tls
* [Feature 20160207] A new "postfix tls" command to quickly enable
opportunistic TLS in the Postfix SMTP client or server, and to
manage SMTP server keys and certificates, including certificate
signing requests and TLSA DNS records for DANE.
* As of the middle of 2015, all supported Postfix releases no longer
nable "export" grade ciphers for opportunistic TLS, and no longer
use the deprecated SSLv2 and SSLv3 protocols for mandatory or
opportunistic TLS.
* [Incompat 20150719] The default Diffie-Hellman non-export prime was
updated from 1024 to 2048 bits, because SMTP clients are starting
to reject TLS handshakes with primes smaller than 2048 bits.
* [Feature 20160103] The Postfix SMTP client by default enables DANE
policies when an MX host has a (DNSSEC) secure TLSA DNS record,
even if the MX DNS record was obtained with insecure lookups. The
existence of a secure TLSA record implies that the host wants to
talk TLS and not plaintext. For details see the
smtp_tls_dane_insecure_mx_policy configuration parameter.
- Major changes - default settings
[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet). However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.
[Incompat 20141001] A new backwards-compatibility safety net forces
Postfix to run with backwards-compatible main.cf and master.cf
default settings after an upgrade to a newer but incompatible Postfix
version. See COMPATIBILITY_README for details.
While the backwards-compatible default settings are in effect,
Postfix logs what services or what email would be affected by the
incompatible change. Based on this the administrator can make some
backwards-compatibility settings permanent in main.cf or master.cf,
before turning off backwards compatibility.
- Major changes - address verification safety
[Feature 20151227] The new address_verify_pending_request_limit
parameter introduces a safety limit for the number of address
verification probes in the active queue. The default limit is 1/4
of the active queue maximum size. The queue manager enforces the
limit by tempfailing probe messages that exceed the limit. This
design avoids dependencies on global counters that get out of sync
after a process or system crash.
Tempfailing verify requests is not as bad as one might think. The
Postfix verify cache proactively updates active addresses weeks
before they expire. The address_verify_pending_request_limit affects
only unknown addresses, and inactive addresses that have expired
from the address verify cache (by default, after 31 days).
- Major changes - json support
[Feature 20151129] Machine-readable, JSON-formatted queue listing
with "postqueue -j" (no "mailq" equivalent). The output is a stream
of JSON objects, one per queue file. To simplify parsing, each
JSON object is formatted as one text line followed by one newline
character. See the postqueue(1) manpage for a detailed description
of the output format.
- Major changes - milter support
[Feature 20150523] The milter_macro_defaults feature provides an
optional list of macro name=value pairs. These specify default
values for Milter macros when no value is available from the SMTP
session context.
For example, with "milter_macro_defaults = auth_type=TLS", the
Postfix SMTP server will send an auth_type of "TLS" to a Milter,
unless the remote client authenticates with SASL.
This feature was originally implemented for a submission service
that may authenticate clients with a TLS certificate, without having
to make changes to the code that implements TLS support.
- Major changes - output rate control
[Feature 20150710] Destination-independent delivery rate delay
Support to enforce a destination-independent delay between email
deliveries. The following example inserts 20 seconds of delay
between all deliveries with the SMTP transport, limiting the delivery
rate to at most three messages per minute.
/etc/postfix/main.cf:
smtp_transport_rate_delay = 20s
For details, see the description of default_transport_rate_delay
and transport_transport_rate_delay in the postconf(5) manpage.
- Major changes - postscreen dnsbl
[Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL
lookup results
Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
that a "not found" result from a DNSBL server will be valid for one
hour. This may have been adequate five years ago when postscreen
was first implemented, but nowadays, that one hour can result in
missed opportunities to block new spambots.
To address this, postscreen now respects the TTL of DNSBL "not
found" replies, as well as the TTL of DNSWL replies (both "found"
and "not found"). The TTL for a "not found" reply is determined
according to RFC 2308 (the TTL of an SOA record in the reply).
Support for DNSBL or DNSWL reply TTL values is controlled by two
configuration parameters:
postscreen_dnsbl_min_ttl (default: 60 seconds).
This parameter specifies a minimum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents an excessive number of postscreen cache updates
when a DNSBL or DNSWL server specifies a very small reply TTL.
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
This parameter specifies a maximum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents cache pollution when a DNSBL or DNSWL server
specifies a very large reply TTL.
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
the default value for the new postscreen_dnsbl_max_ttl parameter.
- Major changes - sasl auth safety
[Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to
enforce an optional rate limit on AUTH commands per SMTP client IP
address. Similar to other smtpd_client_*_rate_limit features, this
enforces a limit on the number of requests per $anvil_rate_time_unit.
- Major changes - smtpd policy
[Feature 20150913] New SMTPD policy service attribute "policy_context",
with a corresponding "smtpd_policy_service_policy_context" configuration
parameter. Originally, this was implemented to share the same SMTPD
policy service endpoint among multiple check_policy_service clients.
==== powertop ====
Subpackages: powertop-lang
- Don't requires xterm-bin but xterm if Leap, boo#981780
==== rubygem-cfa ====
Version update (0.3.0 -> 0.3.1)
- better inspecting of BooleanValue objects (helps with debugging
various bncs, like bnc#980108 or bnc#940465)
- 0.3.1
==== tigervnc ====
Subpackages: libXvnc1 xorg-x11-Xvnc
- Add /etc/pam.d/vnc configuration and add vnc user to shadow
group. (bnc#980326)
- Add dependency on fltk-devel version >= 1.3.3.
==== valgrind ====
- add vex-r3197.diff (bsc#981447)
==== vte2 ====
Subpackages: libvte9 vte2-lang
- Update to GNOME 3.20.2 FATE#318572
- Fixes bsc#979317
==== wicked ====
Version update (0.6.34 -> 0.6.35)
Subpackages: libwicked-0-6 wicked-service
- version 0.6.35
- spec: removed ppp service template macro calls (fate#317976)
- bonding: support for new v3.7.1 netlink options in 4.4 kernel
- linux: update included headers to 4.4, add if_addr.h
==== xorg-x11-driver-input ====
- No longer require xf86-input-synaptics on systems later than Leap 42.1.
Instead require xf86-input-libinput.
People who will need the synaptics driver may install it by hand.
(boo#981750).
==== yast2 ====
Version update (3.1.189 -> 3.1.191)
Subpackages: yast2-devel-doc
- Split SuSEFirewall and SuSEFirewallServices classes to separate
files as recommended by the Yast coding style (fate#318356,
gh#yast/yast-yast2#471)
- 3.1.191
- Refactor SuSEFirewall backend code to support FirewallD. This allows
yast2 modules to be firewall agnostic and handle firewall services in
either SuSEFirewall2 or FirewallD (fate#318356, gh#yast/yast-yast2#457)
* Do a bit of code cleanup.
* Add FirewallD tests.
- 3.1.190
==== yast2-bootloader ====
Version update (3.1.187 -> 3.1.192)
- Drop yast2-bootloader-devel-doc package (fate#320356)
- 3.1.192
- fix unknown method error ( caused by fix for bnc#980529)
- 3.1.191
- use proper device to setup pmbr for grub2efi (bnc#981997)
- 3.1.190
- do not try to install grub2 on lvm on partition-less disk
(bnc#980529)
- 3.1.189
- run mkinitrd at the end of installation to ensure proper initrd
even for image based installation or live install
(bnc#977656,bnc#979719)
- 3.1.188
==== yast2-firewall ====
Version update (3.1.4 -> 3.1.5)
- Add support for firewalld (fate#318356)
* Bump yast2 dependency to 3.1.191 which is the first version to
support the firewalld backend.
- 3.1.5
==== yast2-installation ====
Version update (3.1.187 -> 3.1.191)
- When importing SSH keys/configuration, only regular files
will be considered (bsc#982522)
- Force YaST2-Firstboot.service to run after
YaST2-Second-Stage.service (bsc#980365)
- 3.1.191
- Move the debugger invocation code to yast2-ruby-bindings package
to use the same implementation at run time (FATE#318421)
- 3.1.190
- System Role: centered dialog (ncurses).
- More visual improvements in the SSH keys importing proposal
summary based on blog entry feedback. (Fate#319624)
- 3.1.189
- Start the Ruby debugger at the beginning of installation
when Y2DEBUGGER is set (FATE#318421)
- 3.1.188
==== yast2-mail ====
Version update (3.1.7 -> 3.1.8)
- bnc#981103 - yast2 mail uses always brackets for relayhost
- bnc#981101 - yast2 mail adds POSTFIX_NODAEMON to /etc/sysconfig/postfix
- 3.1.8
==== yast2-network ====
Version update (3.1.151 -> 3.1.152)
- fate#319319
- implemented support for vncmanager in Remote module. Thanks to
msrb(a)suse.cz.
- 3.1.152
==== yast2-ruby-bindings ====
Version update (3.1.46 -> 3.1.48)
- Improve the debugger support - use the same code also at run
time, allow using `Y2DEBUGGER` also in installed system
(FATE#318421)
- 3.1.48
- Added support for running the Ruby debugger (FATE#318421)
- Allow running the Ruby debugger from the generic crash handler
if the debugger is installed
- 3.1.47
- update code according to updated yast ruby style guide
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
1
0
[opensuse-factory] Mysql-workbench and sqlite-browser dependency problems
by Daniele Granata 03 Jun '16
by Daniele Granata 03 Jun '16
03 Jun '16
Hi all,
with the 2 or 3 latest snapshot in tumbleweed some packages were removed ,
libgdal1 and libpoppler60 but these libraries are needed by mysql-workbench.
Sqliteebrowser was updated to 3.8.0 but it is not installable due to
the lack of libqcustomplot.so
Cheers
--
Daniele
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
3
2
03 Jun '16
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Packages changed:
GraphicsMagick
LibVNCServer
ModemManager
MozillaFirefox
MozillaThunderbird
NetworkManager-gnome
akonadi-calendar (15.12.3 -> 16.04.1)
akonadi-search (15.12.3 -> 16.04.1)
akonadi-server (15.12.3 -> 16.04.1)
amarok
ark (15.12.3 -> 16.04.1)
baloo5-widgets (15.12.3 -> 16.04.1)
cdrdao
crda
dolphin (15.12.3 -> 16.04.1)
dragonplayer (15.12.3 -> 16.04.1)
espeak
gnome-software (3.20.2 -> 3.20.3)
gpgmepp5 (15.12.3 -> 16.04.1)
grantlee5 (5.0.0 -> 5.1.0)
gstreamer-plugins-bad
gwenview5 (15.12.3 -> 16.04.1)
installation-images-openSUSE (14.245 -> 14.247)
k3b
kaccounts-integration (15.12.3 -> 16.04.1)
kalarmcal (15.12.3 -> 16.04.1)
kamera (15.12.3 -> 16.04.1)
kate (15.12.3 -> 16.04.1)
kcalc (15.12.3 -> 16.04.1)
kcalcore (15.12.3 -> 16.04.1)
kcalutils (15.12.3 -> 16.04.1)
kcharselect (15.12.3 -> 16.04.1)
kcolorchooser (15.12.3 -> 16.04.1)
kcontacts (15.12.3 -> 16.04.1)
kdebase4 (15.12.3 -> 16.04.1)
kdebase4-runtime (15.12.3 -> 16.04.1)
kdebase4-workspace
kdelibs4 (4.14.18 -> 4.14.19)
kdenetwork4-filesharing (15.12.3 -> 16.04.1)
kdepim (15.12.3 -> 16.04.1)
kdepim-runtime (15.12.3 -> 16.04.1)
kdepimlibs (15.12.3 -> 16.04.1)
kdepimlibs4
kdnssd (15.12.3 -> 16.04.1)
kernel-source (4.5.4 -> 4.6.0)
kget (15.12.3 -> 16.04.1)
kgpg (15.12.3 -> 16.04.1)
kholidays (15.12.3 -> 16.04.1)
kidentitymanagement (15.12.3 -> 16.04.1)
kimap (15.12.3 -> 16.04.1)
kio-extras5 (15.12.3 -> 16.04.1)
kio_audiocd (15.12.3 -> 16.04.1)
kipi-plugins5 (4.94git -> 5.0.0~beta5)
kiwi (7.03.68 -> 7.03.72)
kldap (15.12.3 -> 16.04.1)
kleopatra5 (15.12.3 -> 16.04.1)
kmag (15.12.3 -> 16.04.1)
kmailtransport (15.12.3 -> 16.04.1)
kmbox (15.12.3 -> 16.04.1)
kmime (15.12.3 -> 16.04.1)
kmousetool (15.12.3 -> 16.04.1)
kompare (15.12.3 -> 16.04.1)
konsole (15.12.3 -> 16.04.1)
kontactinterface (15.12.3 -> 16.04.1)
kopete (15.12.3 -> 16.04.1)
kpimtextedit (15.12.3 -> 16.04.1)
kqtquickcharts (15.12.3 -> 16.04.1)
krdc (15.12.3 -> 16.04.1)
krfb (15.12.3 -> 16.04.1)
kruler (15.12.3 -> 16.04.1)
ktnef (15.12.3 -> 16.04.1)
ktp-accounts-kcm (15.12.3 -> 16.04.1)
ktp-approver (15.12.3 -> 16.04.1)
ktp-auth-handler (15.12.3 -> 16.04.1)
ktp-common-internals (15.12.3 -> 16.04.1)
ktp-contact-list (15.12.3 -> 16.04.1)
ktp-contact-runner (15.12.3 -> 16.04.1)
ktp-desktop-applets (15.12.3 -> 16.04.1)
ktp-filetransfer-handler (15.12.3 -> 16.04.1)
ktp-kded-module (15.12.3 -> 16.04.1)
ktp-send-file (15.12.3 -> 16.04.1)
ktp-text-ui (15.12.3 -> 16.04.1)
kwalletmanager5 (15.12.3 -> 16.04.1)
libaccounts-glib (1.18 -> 1.21)
libkcddb4 (15.12.3 -> 16.04.1)
libkcompactdisc4 (15.12.3 -> 16.04.1)
libkdcraw (15.12.3 -> 16.04.1)
libkdepim (15.12.3 -> 16.04.1)
libkexiv2 (15.12.3 -> 16.04.1)
libkface (15.12.3 -> 16.04.1)
libkgeomap (15.12.3 -> 16.04.1)
libkipi (15.12.3 -> 16.04.1)
libkolab-qt5
libkomparediff2 (15.12.3 -> 16.04.1)
libksane (15.12.3 -> 16.04.1)
libktorrent
libmusicbrainz
libqca-qt5
libqt5-qtdeclarative
libraw
libsidplay1
libyui (3.2.4 -> 3.2.5)
marble (15.12.3 -> 16.04.1)
mobipocket (15.12.3 -> 16.04.1)
mozilla-nss
net-snmp
okular (15.12.3 -> 16.04.1)
opal
openCOLLADA
perl (5.22.1 -> 5.24.0)
perl-MIME-tools
perl-Module-Build (0.421200 -> 0.421800)
plasma5-desktop
python-cffi (1.5.2 -> 1.6.0)
qalculate
signon-kwallet-extension (15.12.3 -> 16.04.1)
spectacle (15.12.3 -> 16.04.1)
sweeper (15.12.3 -> 16.04.1)
syndication (15.12.3 -> 16.04.1)
vim (7.4.1816 -> 7.4.1842)
vlc
webkitgtk
webkitgtk3
yast2-drbd (3.1.21 -> 3.1.22)
=== Details ===
==== GraphicsMagick ====
Subpackages: GraphicsMagick-devel libGraphicsMagick-Q16-3 libGraphicsMagick3-config libGraphicsMagickWand-Q16-2
- security update:
* CVE-2016-5118 [bsc#982178]
+ GraphicsMagick-CVE-2016-5118.patch
==== LibVNCServer ====
Subpackages: LibVNCServer-devel libvncclient0 libvncserver0
- Fix build errors of applications using stl_algobase.h and
libvncserver's rfbproto.h, e.g. krfb (issue #102)
* Add libvncserver-0.9.10-use-namespaced-rfbMax-macro.patch
==== ModemManager ====
Subpackages: ModemManager-devel libmm-glib0 typelib-1_0-ModemManager-1_0
- Add three more patches from upstream to fix build with gcc6:
+ ModemManager-cinterion_drop_unused_constants.patch.
+ ModemManager-novatel_remove_unused_custom_AT_probe_array.patch.
+ ModemManager-wmc_fix_typo.patch.
- Add ModemManager-fix-whitespaces.patch: Fix whitespace usage.
While building with GCC 6, the indenting is taken as a warning
for the user likely making a mistake.
==== MozillaFirefox ====
Subpackages: MozillaFirefox-translations-common
- The conditional testing for gcc was failing for different
openSUSE versions, drop it and apply patches unconditionally.
- Add patches to fix building with gcc6:
+ mozilla-gcc6.patch: fix building with gcc >= 6.1; patch
taken from upstream:
https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
+ mozilla-exclude-nametablecpp.patch: Exclude NameTable.cpp
from unified compilation because #include <cmath> in other
source files causes gcc6 compilation failure; patch taken from
upstream:
https://hg.mozilla.org/mozilla-central/rev/9c57b7cacffc.
- enable build with PIE and full relro on x86_64 (boo#980384)
- update to Firefox 46.0.1
Fixed:
* Search plugin issue for various locales
* Add-on signing certificate expiration
* Service worker update issue
* Build issue when jit is disabled
* Limit Sync registration updates
- removed now obsolete mozilla-jit_branch64.patch
- add mozilla-jit_branch64.patch to avoid PowerPC build failure
(from bmo#1266366)
- Update mozilla-gtk3_20.patch for Firefox 46.0 (sync to latest
version from Fedora).
- update to Firefox 46.0 (boo#977333)
* Improved security of the JavaScript Just In Time (JIT) Compiler
* WebRTC fixes to improve performance and stability
* Added support for document.elementsFromPoint
* Added HKDF support for Web Crypto API
* requires NSPR 4.12 and NSS 3.22.3
* added patch to fix unchecked return value
mozilla-check_return.patch
* Gtk3 builds not supported at the moment
security fixes:
* MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807
(boo#977373, boo#977375, boo#977376)
Miscellaneous memory safety hazards
* MFSA 2016-40/CVE-2016-2809 (bmo#1212939, boo#977377)
Privilege escalation through file deletion by Maintenance Service updater
(Windows only)
* MFSA 2016-41/CVE-2016-2810 (bmo#1229681, boo#977378)
Content provider permission bypass allows malicious application
to access data (Android only)
* MFSA 2016-42/CVE-2016-2811/CVE-2016-2812
(bmo#1252330, bmo#1261776, boo#977379)
Use-after-free and buffer overflow in Service Workers
* MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650, boo#977380)
Disclosure of user actions through JavaScript with motion and
orientation sensors (only affects mobile variants)
* MFSA 2016-44/CVE-2016-2814 (bmo#1254721, boo#977381)
Buffer overflow in libstagefright with CENC offsets
* MFSA 2016-45/CVE-2016-2816 (bmo#1223743, boo#977382)
CSP not applied to pages sent with multipart/x-mixed-replace
* MFSA 2016-46/CVE-2016-2817 (bmo#1227462, boo#977384)
Elevation of privilege with chrome.tabs.update API in web extensions
* MFSA 2016-47/CVE-2016-2808 (bmo#1246061, boo#977386)
Write to invalid HashMap entry through JavaScript.watch()
* MFSA 2016-48/CVE-2016-2820 (bmo#870870, boo#977388)
Firefox Health Reports could accept events from untrusted domains
- Update mozilla-gtk3_20.patch to fix scrollbar appearance under
gtk >= 3.20 (patch synced to Fedora's version).
- Compile against gtk3 depending on whether the macro
%firefox_use_gtk3 is defined or not (e.g., at the prjconf
level); macro is undefined by default and so gtk2 is used as the
default toolkit.
- Add BuildRequires for additional packages needed when building
against gtk3: pkgconfig(glib-2.0), pkgconfig(gobject-2.0),
pkgconfig(gtk+-3.0) >= 3.4.0, pkgconfig(gtk+-unix-print-3.0).
- Add firefox-gtk3_20.patch to fix appearance with gtk3 >= 3.20;
patch taken from Fedora (bmo#1230955).
- Mozilla Firefox 45.0.2:
* Fix an issue impacting the cookie header when third-party
cookies are blocked (bmo#1257861)
* Fix a web compatibility regression impacting the srcset
attribute of the image tag (bmo#1259482)
* Fix a crash impacting the video playback with Media Source
Extension (bmo#1258562)
* Fix a regression impacting some specific uploads (bmo#1255735)
* Fix a regression with the copy and paste with some old versions
of some Gecko applications like Thunderbird (bmo#1254980)
- Mozilla Firefox 45.0.1:
* Fix a regression causing search engine settings to be lost in
some context (bmo#1254694)
* Bring back non-standard jar: URIs to fix a regression in IBM
iNotes (bmo#1255139)
* XSLTProcessor.importStylesheet was failing when <import> was
used (bmo#1249572)
* Fix an issue which could cause the list of search provider to
be empty (bmo#1255605)
* Fix a regression when using the location bar (bmo#1254503)
* Fix some loading issues when Accept third-party cookies: was
set to Never (bmo#1254856)
* Disabled Graphite font shaping library
- update to Firefox 45.0 (boo#969894)
* requires NSPR 4.12 / NSS 3.21.1
* Instant browser tab sharing through Hello
* Synced Tabs button in button bar
* Tabs synced via Firefox Accounts from other devices are now shown
in dropdown area of Awesome Bar when searching
* Introduce a new preference (network.dns.blockDotOnion) to allow
blocking .onion at the DNS level
* Tab Groups (Panorama) feature removed
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
Miscellaneous memory safety hazards
* MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
Local file overwriting and potential privilege escalation through
CSP reports
* MFSA 2016-18/CVE-2016-1955 (bmo#1208946)
CSP reports fail to strip location information for embedded iframe pages
* MFSA 2016-19/CVE-2016-1956 (bmo#1199923)
Linux video memory DOS with Intel drivers
* MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
Memory leak in libstagefright when deleting an array during MP4
processing
* MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
Displayed page address can be overridden
* MFSA 2016-22/CVE-2016-1959 (bmo#1234949)
Service Worker Manager out-of-bounds read in Service Worker Manager
* MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
Use-after-free in HTML5 string parser
* MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
Use-after-free in SetBody
* MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
Use-after-free when using multiple WebRTC data channels
* MFSA 2016-26/CVE-2016-1963 (bmo#1238440)
Memory corruption when modifying a file being read by FileReader
* MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
Use-after-free during XML transformations
* MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
Addressbar spoofing though history navigation and Location protocol
property
* MFSA 2016-29/CVE-2016-1967 (bmo#1246956)
Same-origin policy violation using perfomance.getEntries and
history navigation with session restore
* MFSA 2016-30/CVE-2016-1968 (bmo#1246742)
Buffer overflow in Brotli decompression
* MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
Memory corruption with malicious NPAPI plugin
* MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/
CVE-2016-1976/CVE-2016-1972
WebRTC and LibVPX vulnerabilities found through code inspection
* MFSA 2016-33/CVE-2016-1973 (bmo#1219339)
Use-after-free in GetStaticInstance in WebRTC
* MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
Out-of-bounds read in HTML parser following a failed allocation
* MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
Buffer overflow during ASN.1 decoding in NSS
(fixed by requiring 3.21.1)
* MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
Use-after-free during processing of DER encoded keys in NSS
(fixed by requiring 3.21.1)
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Font vulnerabilities in the Graphite 2 library
- Remove B_CNT from symbols.zip filename to reduce build-compare noise
- fix build problems on i586, caused by too large unified compile
units - adding mozilla-reduce-files-per-UnifiedBindings.patch
- update to Firefox 44.0.2
* MFSA 2016-13/CVE-2016-1949 (bmo#1245724, boo#966438)
Same-origin-policy violation using Service Workers with plugins
* Fix issue which could lead to the removal of stored passwords
under certain circumstances (bmo#1242176)
* Allows spaces in cookie names (bmo#1244505)
* Disable opus/vorbis audio with H.264 (bmo#1245696)
* Fix for graphics startup crash (GNU/Linux) (bmo#1222171)
* Fix a crash in cache networking (bmo#1244076)
* Fix using WebSockets in service worker controlled pages (bmo#1243942)
- build fixes for arm/aarch64:
* disable webrtc for arm/aarch64
* switch away from openGL-ES backend to default for arm/aarch64
since it almost never builds
* reenable neon
- reenable webrtc for powerpc as it seems to build
- update to Firefox 44.0
* MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 boo#963633
Miscellaneous memory safety hazards
* MFSA 2016-02/CVE-2016-1933 (bmo#1231761) boo#963634
Out of Memory crash when parsing GIF format images
* MFSA 2016-03/CVE-2016-1935 (bmo#1220450) boo#963635
Buffer overflow in WebGL after out of memory allocation
* MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) boo#963637
Firefox allows for control characters to be set in cookie names
* MFSA 2016-06/CVE-2016-1937 (bmo#724353) boo#963641
Missing delay following user click events in protocol handler dialog
* MFSA 2016-07/CVE-2016-1938 (bmo#1190248) boo#963731
Errors in mp_div and mp_exptmod cryptographic functions in NSS
(fixed by requiring NSS 3.21)
* MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
Addressbar spoofing attacks boo#963643
* MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
(bmo#1186621, bmo#1214782, bmo#1232096) boo#963644
Unsafe memory manipulation found through code inspection
* MFSA 2016-11/CVE-2016-1947 (bmo#1237103) boo#963645
Application Reputation service disabled in Firefox 43
* requires NSPR 4.11
* requires NSS 3.21
- prepare mozilla-kde.patch for Gtk3 builds
- rebased patches
- Mozilla Firefox 43.0.4:
* Re-enable SHA-1 certificates to prevent outdated
man-in-the-middle security devices from interfering with
properly secured SSL/TLS connections (bmo#1236975)
* Fix for startup crash for users of a third party antivirus tool
(bmo#1235537)
- The following change was previously in the package as a patch:
* Multi-user GNU/Linux download folders can be created
(bmo#1233434), removed mozilla-bmo1233434.patch
- update to Firefox 43.0.3
* requires NSS 3.20.2 to fix
MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
server signature
* various changes to support Windows update (SHA-1 vs. SHA-2)
* workaround Youtube user agent detection issue (bmo#1233970)
- fix file download regression for multi user systems
(bmo#1233434) (mozilla-bmo1233434.patch)
- explicitely requires libXcomposite-devel
- update to Firefox 43.0 (bnc#959277)
* Improved API support for m4v video playback
* Users can opt-in to receive search suggestions from the Awesome Bar
* WebRTC streaming on multiple monitors
* User selectable second block list for Private Browsing's Tracking
Protection
security fixes:
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards
* MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
Crash with JavaScript variable assignment with unboxed objects
* MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
Same-origin policy violation using perfomance.getEntries and
history navigation
* MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
Firefox allows for control characters to be set in cookies
* MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
Integer overflow allocating extremely large textures
* MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
Cross-origin information leak through web workers error events
* MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
Hash in data URI is incorrectly parsed
* MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
DOS due to malformed frames in HTTP/2
* MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
Linux file chooser crashes on malformed images due to flaws in
Jasper library
* MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
(bmo#1201183, bmo#1178033, bmo#1199400)
Buffer overflows found through code inspection
* MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
Integer underflow and buffer overflow processing MP4 metadata in
libstagefright
* MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
Privilege escalation vulnerabilities in WebExtension APIs
* MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
Cross-site reading attack through data and view-source URIs
- rebased patches
- Add desktop menu action for private browsing window to desktop
file (boo#954747)
- remove obsolete patch mozilla-bmo1005535.patch completely from
source package to avoid automatic check failures
- update to Firefox 42.0 (bnc#952810)
* Private Browsing with Tracking Protection blocks certain Web
elements that could be used to record your behavior across sites
* Control Center that contains site security and privacy controls
* Login Manager improvements
* WebRTC improvements
* Indicator added to tabs that play audio with one-click muting
* Media Source Extension for HTML5 video available for all sites
security fixes:
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
Miscellaneous memory safety hazards
* MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
Information disclosure through NTLM authentication
* MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
CSP bypass due to permissive Reader mode whitelist
* MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
Firefox for Android addressbar can be removed after fullscreen mode
* MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
Reading sensitive profile files through local HTML file on Android
* MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
disabling scripts in Add-on SDK panels has no effect
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
Trailing whitespace in IP address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
Android intents can be used on Firefox for Android to open privileged files
* MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
XSS attack through intents on Firefox for Android
* MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
Crash when accessing HTML tables with accessibility tools on OS X
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type headers
are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
Certain escaped characters in host of Location-header are being
treated as non-escaped
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1188010, bmo#1204061, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1205157)
NSS and NSPR memory corruption issues
(fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR >= 4.10.10 and NSS >= 3.19.4
- removed obsolete patches
* mozilla-arm-disable-edsp.patch
* mozilla-icu-strncat.patch
* mozilla-skia-be-le.patch
* toolkit-download-folder.patch
- fixed build with enable-libproxy (bmo#1220399)
* mozilla-libproxy.patch
- update to Firefox 41.0.2 (bnc#950686)
* MFSA 2015-115/CVE-2015-7184 (bmo#1208339, bmo#1212669)
Cross-origin restriction bypass using Fetch
- added explicit appdata provides (bnc#949983)
- do not build with --enable-stdcxx-compat
(this starts to fail build on various toolchain combinations
and is not required for openSUSE builds in general
- update to Firefox 41.0.1
* Fix a startup crash related to Yandex toolbar and Adblock Plus
(bmo#1209124)
* Fix potential hangs with Flash plugins (bmo#1185639)
* Fix a regression in the bookmark creation (bmo#1206376)
* Fix a startup crash with some Intel Media Accelerator 3150
graphic cards (bmo#1207665)
* Fix a graphic crash, occurring occasionally on Facebook (bmo#1178601)
- update to Firefox 41.0 (bnc#947003)
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards
* MFSA 2015-97/CVE-2015-4503 (bmo#994337)
Memory leak in mozTCPSocket to servers
* MFSA 2015-98/CVE-2015-4504 (bmo#1132467)
Out of bounds read in QCMS library with ICC V4 profile attributes
* MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only)
Site attribute spoofing on Android by pasting URL with unknown scheme
* MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
Arbitrary file manipulation by local user through Mozilla updater
* MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-102/CVE-2015-4507 (bmo#1192401)
Crash when using debugger with SavedStacks in JavaScript
* MFSA 2015-103/CVE-2015-4508 (bmo#1195976)
URL spoofing in reader mode
* MFSA 2015-104/CVE-2015-4510 (bmo#1200004)
Use-after-free with shared workers and IndexedDB
* MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
Use-after-free while manipulating HTML media content
* MFSA 2015-107/CVE-2015-4512 (bmo#1170390)
Out-of-bounds read during 2D canvas display on Linux 16-bit
color depth systems
* MFSA 2015-108/CVE-2015-4502 (bmo#1105045)
Scripted proxies can access inner window
* MFSA 2015-109/CVE-2015-4516 (bmo#904886)
JavaScript immutable property enforcement can be bypassed
* MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
Dragging and dropping images exposes final URL after redirects
* MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
CVE-2015-7180
Vulnerabilities found through code inspection
* MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
bmo#1190526) (Windows only)
Memory safety errors in libGLES in the ANGLE graphics library
* MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only)
Information disclosure via the High Resolution Time API
- rebased patches
- removed obsolete patches
* mozilla-arm64-libjpeg-turbo.patch
- update to Firefox 40.0.3 (bnc#943550)
* Disable the asynchronous plugin initialization (bmo#1198590)
* Fix a segmentation fault in the GStreamer support (bmo#1145230)
* Fix a regression with some Japanese fonts used in the <input>
field (bmo#1194055)
* On some sites, the selection in a select combox box using the
mouse could be broken (bmo#1194733)
security fixes
* MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278)
Use-after-free when resizing canvas element during restyling
* MFSA 2015-95/CVE-2015-4498 (bmo#1042699)
Add-on notification bypass through data URLs
- update to Firefox 40.0 (bnc#940806)
* Added protection against unwanted software downloads
* Suggested Tiles show sites of interest, based on categories
from your recent browsing history
* Hello allows adding a link to conversations to provide context
on what the conversation will be about
* New style for add-on manager based on the in-content
preferences style
* Improved scrolling, graphics, and video playback performance
with off main thread compositing (GNU/Linux only)
* Graphic blocklist mechanism improved: Firefox version ranges
can be specified, limiting the number of devices blocked
security fixes:
* MFSA 2015-79/CVE-2015-4473/CVE-2015-4474
Miscellaneous memory safety hazards
* MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
Out-of-bounds read with malformed MP3 file
* MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
Use-after-free in MediaStream playback
* MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
Redefinition of non-configurable JavaScript object properties
* MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
Overflow issues in libstagefright
* MFSA 2015-84/CVE-2015-4481 (bmo1171518)
Arbitrary file overwriting through Mozilla Maintenance Service
with hard links (only affected Windows)
* MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
Out-of-bounds write with Updater and malicious MAR file
(does not affect openSUSE RPM packages which do not ship the
updater)
* MFSA 2015-86/CVE-2015-4483 (bmo#1148732)
Feed protocol with POST bypasses mixed content protections
* MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
Crash when using shared memory in JavaScript
* MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
Heap overflow in gdk-pixbuf when scaling bitmap images
* MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
Buffer overflows on Libvpx when decoding WebM video
* MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
Vulnerabilities found through code inspection
* MFSA 2015-91/CVE-2015-4490 (bmo#1086999)
Mozilla Content Security Policy allows for asterisk wildcards
in violation of CSP specification
* MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
Use-after-free in XMLHttpRequest with shared workers
- added mozilla-no-stdcxx-check.patch
- removed obsolete patches
* mozilla-add-glibcxx_use_cxx11_abi.patch
* firefox-multilocale-chrome.patch
- rebased patches
- requires version 40 of the branding package
- removed browser/searchplugins/ location as it's not valid anymore
- security update to Firefox 39.0.3 (bnc#940918)
* MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058)
Same origin violation and local file stealing via PDF reader
- update to Firefox 39.0 (bnc#935979)
* Share Hello URLs with social networks
* Support for 'switch' role in ARIA 1.1 (web accessibility)
* SafeBrowsing malware detection lookups enabled for downloads
(Mac OS X and Linux)
* Support for new Unicode 8.0 skin tone emoji
* Removed support for insecure SSLv3 for network communications
* Disable use of RC4 except for temporarily whitelisted hosts
* NPAPI Plug-in performance improved via asynchronous initialization
security fixes:
* MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726
Miscellaneous memory safety hazards
* MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
Local files or privileged URLs in pages can be opened into new tabs
* MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
Type confusion in Indexed Database Manager
* MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
Out-of-bound read while computing an oscillator rendering range in Web Audio
* MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
Use-after-free in Content Policy due to microtask execution error
* MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
ECDSA signature validation fails to handle some signatures correctly
(this fix is shipped by NSS 3.19.1 externally)
* MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
Use-after-free in workers while using XMLHttpRequest
* MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
Vulnerabilities found through code inspection
* MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
Key pinning is ignored when overridable errors are encountered
* MFSA 2015-68/CVE-2015-2742 (bmo#1138669)
OS X crash reports may contain entered key press information
(not relevant under Linux)
* MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
Privilege escalation in PDF.js
* MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
NSS accepts export-length DHE keys with regular DHE cipher suites
(this fix is shipped by NSS 3.19.1 externally)
* MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
NSS incorrectly permits skipping of ServerKeyExchange
(this fix is shipped by NSS 3.19.1 externally)
- dropped mozilla-prefer_plugin_pref.patch as this feature is
likely not worth maintaining further
- rebased patches
- require NSS 3.19.2
- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration
- update to Firefox 38.0.6
* fixes bmo#1171730 which is not really relevant to oS builds
- fix KDE regression from 38.0.5 builds (bsc#933439)
- update to Firefox 38.0.5
* Keep track of articles and videos with Pocket
* Clean formatting for articles and blog posts with Reader View
* Share the active tab or window in a Hello conversation
- add changes file as source for SRPM (bsc#932142)
- add mozilla-add-glibcxx_use_cxx11_abi.patch grabbed from
https://bugzilla.mozilla.org/show_bug.cgi?id=1153109
- update to Firefox 38.0.1
stability and regression fixes
* Systems with first generation NVidia Optimus graphics cards
may crash on start-up
* Users who import cookies from Google Chrome can end up with
broken websites
* Large animated images may fail to play and may stop other
images from loading
- update to Firefox 38.0 (bnc#930622)
* New tab-based preferences
* Ruby annotation support
* more info: https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
security fixes:
* MFSA 2015-46/CVE-2015-2708/CVE-2015-2709
Miscellaneous memory safety hazards
* MFSA 2015-47/VE-2015-0797 (bmo#1080995)
Buffer overflow parsing H.264 video with Linux Gstreamer
* MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
Buffer overflow with SVG content and CSS
* MFSA 2015-49/CVE-2015-2711 (bmo#1113431)
Referrer policy ignored when links opened by middle-click and
context menu
* MFSA 2015-50/CVE-2015-2712 (bmo#1152280)
Out-of-bounds read and write in asm.js validation
* MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
Use-after-free during text processing with vertical text enabled
* MFSA 2015-53/CVE-2015-2715 (bmo#988698)
Use-after-free due to Media Decoder Thread creation during shutdown
* MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
Buffer overflow when parsing compressed XML
* MFSA 2015-55/CVE-2015-2717 (bmo#1154683)
Buffer overflow and out-of-bounds read while parsing MP4 video
metadata
* MFSA 2015-56/CVE-2015-2718 (bmo#1146724)
Untrusted site hosting trusted page can intercept webchannel
responses
* MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
Privilege escalation through IPC channel messages
- requires NSS 3.18.1
- removed obsolete patches:
* mozilla-skia-bmo1136958.patch
- remove gnomevfs build options as it is removed from sources
- rebased patches
- update to Firefox 37.0.2 (bnc#928116)
* MFSA 2015-45/CVE-2015-2706 (bmo#1141081)
Memory corruption during failed plugin initialization
- update to Firefox 37.0.1 (bnc#926166)
* MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only)
Loading privileged content through Reader mode
* MFSA 2015-44/CVE-2015-0799 (bmo#1148328)
Certificate verification bypass through the HTTP/2 Alt-Svc header
- update to Firefox 37.0 (bnc#925368)
* Heartbeat user rating system
* Yandex set as default search provider for the Turkish locale
* Bing search now uses HTTPS for secure searching
* Improved protection against site impersonation via OneCRL
centralized certificate revocation
* Opportunistically encrypt HTTP traffic where the server supports
HTTP/2 AltSvc
* some more behaviour changes for TLS
security fixes:
* MFSA 2015-30/CVE-2015-0814/CVE-2015-0815
Miscellaneous memory safety hazards
* MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
Use-after-free when using the Fluendo MP3 GStreamer plugin
* MFSA 2015-32/CVE-2015-0812 (bmo#1128126)
Add-on lightweight theme installation approval bypassed through
MITM attack
* MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
resource:// documents can load privileged pages
* MFSA-2015-34/CVE-2015-0811 (bmo#1132468)
Out of bounds read in QCMS library
* MFSA-2015-35/CVE-2015-0810 (bmo#1125013)
Cursor clickjacking with flash and images (OS X only)
* MFSA-2015-36/CVE-2015-0808 (bmo#1109552)
Incorrect memory management for simple-type arrays in WebRTC
* MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
CORS requests should not follow 30x redirections after preflight
* MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 (bmo#1135511, bmo#1099437)
Memory corruption crashes in Off Main Thread Compositing
* MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (bmo#1134560)
Use-after-free due to type confusion flaws
* MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
Same-origin bypass through anchor navigation
* MFSA-2015-41/CVE-2015-0800/CVE-2012-2808
PRNG weakness allows for DNS poisoning on Android (only)
* MFSA-2015-42/CVE-2015-0802 (bmo#1124898)
Windows can retain access to privileged content on navigation
to unprivileged pages
- removed obsolete patches
* mozilla-bmo1088588.patch
* mozilla-bmo1108834.patch
- requires NSPR 4.10.8
- Fix builds with skia on Power
mozilla-skia-be-le.patch (patch from #bmo1136958)
mozilla-bmo1108834.patch
mozilla-bmo1005535.patch
- update to Firefox 36.0.4 (bnc#923534)
* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
Privilege escalation through SVG navigation
* MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
Code execution through incorrect JavaScript bounds checking
elimination
- Copy the icons to /usr/share/icons instead of symlinking them:
in preparation for containerized apps (e.g. xdg-app) as well as
AppStream metadata extraction, there are a couple locations that
need to be real files for system integration (.desktop files,
icons, mime-type info).
- update to Firefox 36.0.1
Bugfixes:
* Disable the usage of the ANY DNS query type (bmo#1093983)
* Hello may become inactive until restart (bmo#1137469)
* Print preferences may not be preserved (bmo#1136855)
* Hello contact tabs may not be visible (bmo#1137141)
* Accept hostnames that include an underscore character ("_")
(bmo#1136616)
* WebGL may use significant memory with Canvas2d (bmo#1137251)
* Option -remote has been restored (bmo#1080319)
- added mozilla-skia-bmo1136958.patch to fix build issues for
ARM and PPC
- update to Firefox 36.0 (bnc#917597)
* mozilla-xremote-client was removed
* added libclearkey.so media plugin
* Pinned tiles on the new tab page can be synced
* Support for the full HTTP/2 protocol. HTTP/2 enables a faster,
more scalable, and more responsive web.
* Locale added: Uzbek (uz)
security fixes:
* MFSA 2015-11/CVE-2015-0835/CVE-2015-0836
Miscellaneous memory safety hazards
* MFSA 2015-12/CVE-2015-0833 (bmo#945192)
Invoking Mozilla updater will load locally stored DLL files
(Windows only)
* MFSA 2015-13/CVE-2015-0832 (bmo#1065909)
Appended period to hostnames can bypass HPKP and HSTS protections
* MFSA 2015-14/CVE-2015-0830 (bmo#1110488)
Malicious WebGL content crash when writing strings
* MFSA 2015-15/CVE-2015-0834 (bmo#1098314)
TLS TURN and STUN connections silently fail to simple TCP connections
* MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
Use-after-free in IndexedDB
* MFSA 2015-17/CVE-2015-0829 (bmo#1128939)
Buffer overflow in libstagefright during MP4 video playback
* MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675)
Double-free when using non-default memory allocators with a
zero-length XHR
* MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
Out-of-bounds read and write while rendering SVG content
* MFSA 2015-20/CVE-2015-0826 (bmo#1092363)
Buffer overflow during CSS restyling
* MFSA 2015-21/CVE-2015-0825 (bmo#1092370)
Buffer underflow during MP3 playback
* MFSA 2015-22/CVE-2015-0824 (bmo#1095925)
Crash using DrawTarget in Cairo graphics library
* MFSA 2015-23/CVE-2015-0823 (bmo#1098497)
Use-after-free in Developer Console date with OpenType Sanitiser
* MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
Reading of local files through manipulation of form autocomplete
* MFSA 2015-25/CVE-2015-0821 (bmo#1111960)
Local files or privileged URLs in pages can be opened into new tabs
* MFSA 2015-26/CVE-2015-0819 (bmo#1079554)
UI Tour whitelisted sites in background tab can spoof foreground
tabs
* MFSA 2015-27CVE-2015-0820 (bmo#1125398)
Caja Compiler JavaScript sandbox bypass
- rebased patches
- requires NSS 3.17.4
- update to Firefox 35.0.1
* With the Enhanced Steam extension, Firefox could crash (bmo#1123732)
* Kerberos authentication did not work with alias (bmo#1108971)
* SVG / CSS animation had a regression causing rendering issues on
websites like openstreemap.org (bmo#1083079)
* On Godaddy webmail, Firefox could crash (bmo#1113121)
* document.baseURI did not get updated to document.location after
base tag was removed from DOM for site with a CSP (bmo#1121857)
* With a Right-to-left (RTL) version of Firefox, the text selection
could be broken (bmo#1104036)
* CSP had a change in behavior with regard to case sensitivity
resources loading (bmo#1122445)
- update to Firefox 35.0 (bnc#910669)
notable features:
* Firefox Hello with new rooms-based conversations model
* Implemented HTTP Public Key Pinning Extension (for enhanced
authentication of encrypted connections)
security fixes:
* MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
Miscellaneous memory safety hazards
* MFSA 2015-02/CVE-2014-8637 (bmo#1094536)
Uninitialized memory use during bitmap rendering
* MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
sendBeacon requests lack an Origin header
* MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
Cookie injection through Proxy Authenticate responses
* MFSA 2015-05/CVE-2014-8640 (bmo#1100409)
Read of uninitialized memory in Web Audio
* MFSA 2015-06/CVE-2014-8641 (bmo#1108455)
Read-after-free in WebRTC
* MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only)
Gecko Media Plugin sandbox escape
* MFSA 2015-08/CVE-2014-8642 (bmo#1079658)
Delegated OCSP responder certificates failure with
id-pkix-ocsp-nocheck extension
* MFSA 2015-09/CVE-2014-8636 (bmo#987794)
XrayWrapper bypass through DOM objects
- rebased patches
- dropped explicit support for everything older than 12.3
(including SLES11)
* merge firefox-kde.patch and firefox-kde-114.patch
* dropped mozilla-sle11.patch
- reworked specfile to build conditionally based on release channel
either Firefox or Firefox Developer Edition
- added mozilla-openaes-decl.patch to fix implicit declarations
- obsolete tracker-miner-firefox < 0.15 because it leads to startup
crashes (bnc#908892)
- fix bashism in mozilla.sh script
- update to Firefox 34.0.5 (bnc#908009)
* Default search engine changed to Yahoo! for North America
* Default search engine changed to Yandex for Belarusian, Kazakh,
and Russian locales
* Improved search bar (en-US only)
* Firefox Hello real-time communication client
* Easily switch themes/personas directly in the Customizing mode
* Implementation of HTTP/2 (draft14) and ALPN
* Disabled SSLv3
* MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
Miscellaneous memory safety hazards
* MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
XBL bindings accessible via improper CSS declarations
* MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
XMLHttpRequest crashes with some input streams
* MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
CSP leaks redirect data via violation reports
* MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
Use-after-free during HTML5 parsing
* MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
Buffer overflow while parsing media content
* MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
Bad casting from the BasicThebesLayer to BasicContainerLayer
- rebased patches
- limit linker memory usage for %ix86
- rebased patches
- update to Firefox 33.1
* Adding DuckDuckGo as a search option (upstream)
* Forget Button added
* Enhanced Tiles
* Privacy tour introduced
- fix typo in GStreamer Recommends
- Disable elf-hack for aarch64
- Enable EGL for aarch64
- Limit RAM usage during link for %arm
- Fix _constraints for ARM
- use proper macros for ARM
- use '--disable-optimize' not only on 32-bit x86, but on 32-bit arm too
to fix compiling.
- pass '-Wl,--no-keep-memory' to linker to reduce required memory during
linking on arm.
- update to Firefox 33.0.2
* Fix a startup crash with some combination of hardware and drivers
33.0.1
* Firefox displays a black screen at start-up with certain
graphics drivers
- adjusted _constraints for ARM
- added mozilla-bmo1088588.patch to fix build with EGL (bmo#1088588)
- define /usr/share/myspell as additional dictionary location
and remove add-plugins.sh finally (bnc#900639)
- use Firefox default optimization flags instead of -Os
- specfile cleanup
- fix build for all ppc by not enabling elf-hack
(bnc#901213)
- update to Firefox 33.0 (bnc#900941)
New features:
* OpenH264 support (sandboxed)
* Enhanced Tiles
* Improved search experience through the location bar
* Slimmer and faster JavaScript strings
* New CSP (Content Security Policy) backend
* Support for connecting to HTTP proxy over HTTPS
* Improved reliability of the session restoration
* Proprietary window.crypto properties/functions removed
Security:
* MFSA 2014-74/CVE-2014-1574/CVE-2014-1575
Miscellaneous memory safety hazards
* MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
Buffer overflow during CSS manipulation
* MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
Web Audio memory corruption issues with custom waveforms
* MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
Out-of-bounds write with WebM video
* MFSA 2014-78/CVE-2014-1580 (bmo#1063733)
Further uninitialized memory use during GIF rendering
* MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
Use-after-free interacting with text directionality
* MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190)
Key pinning bypasses
* MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
Inconsistent video sharing within iframe
* MFSA 2014-82/CVE-2014-1583 (bmo#1015540)
Accessing cross-origin objects via the Alarms API
(only relevant for installed web apps)
- requires NSPR 4.10.7
- requires NSS 3.17.1
- removed obsolete patches:
* mozilla-ppc.patch
* mozilla-libproxy-compat.patch
- added basic appdata information
- update to Firefox 32.0.2
* just a version bump for our builds
* fixed the in application update process for certain environments
(in application update is not enabled in openSUSE and Linux
is unaffected in any case)
- build with --disable-optimize for 13.1 and above for i586 to
workaround miscompilations (bnc#896624)
- use some more build flags to align with upstream
- update to Firefox 32.0.1
* fixed stability issues for computers with multiple graphics cards
* mixed content icon may be incorrectly displayed instead of lock
icon for SSL sites in 32.0 (
* WebRTC: setRemoteDescription() silently fails if no success
callback is specified (bmo#1063971)
- update to Firefox 32.0 (bnc#894370)
* MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562
Miscellaneous memory safety hazards
* MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
Use-after-free during DOM interactions with SVG
* MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
Uninitialized memory use during GIF rendering
* MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
Out-of-bounds read in Web Audio audio timeline
* MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
Use-after-free setting text directionality
- rebased patches
- requires NSS 3.16.4
- removed upstreamed patch
* mozilla-aarch64-bmo-810631.patch
- adapted _constraints, used more than 3900MB on s390x during
last build
- update to Firefox 31.0 (bnc#887746)
* MFSA 2014-56/CVE-2014-1547/CVE-2014-1548
Miscellaneous memory safety hazards
* MFSA 2014-57/CVE-2014-1549 (bmo#1020205)
Buffer overflow during Web Audio buffering for playback
* MFSA 2014-58/CVE-2014-1550 (bmo#1020411)
Use-after-free in Web Audio due to incorrect control message ordering
* MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375)
Toolbar dialog customization event spoofing
* MFSA 2014-61/CVE-2014-1555 (bmo#1023121)
Use-after-free with FireOnStateChange event
* MFSA 2014-62/CVE-2014-1556 (bmo#1028891)
Exploitable WebGL crash with Cesium JavaScript library
* MFSA 2014-63/CVE-2014-1544 (bmo#963150)
Use-after-free while when manipulating certificates in the trusted cache
(solved with NSS 3.16.2 requirement)
* MFSA 2014-64/CVE-2014-1557 (bmo#913805)
Crash in Skia library when scaling high quality images
* MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560
(bmo#1015973, bmo#1026022, bmo#997795)
Certificate parsing broken by non-standard character encoding
* MFSA 2014-66/CVE-2014-1552 (bmo#985135)
IFRAME sandbox same-origin access through redirect
- use EGL on ARM
- rebased patches
- requires NSS 3.16.2
- requires python-devel (not only python)
- update to Firefox 30.0 (bnc#881874)
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
(bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
bmo#1009952, bmo#1011007)
Miscellaneous memory safety hazards (rv:30.0)
* MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
(bmo#989994, bmo#999274, bmo#1005584)
Use-after-free and out of bounds issues found using Address
Sanitizer
* MFSA 2014-50/CVE-2014-1539 (bmo#995603)
Clickjacking through cursor invisability after Flash interaction
* MFSA 2014-51/CVE-2014-1540 (bmo#978862)
Use-after-free in Event Listener Manager
* MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
Use-after-free with SMIL Animation Controller
* MFSA 2014-53/CVE-2014-1542 (bmo#991533)
Buffer overflow in Web Audio Speex resampler
* MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
Buffer overflow in Gamepad API
* MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
Out of bounds write in NSPR
- rebased patches
- removed obsolete patches
* firefox-browser-css.patch
* mozilla-aarch64-bmo-962488.patch
* mozilla-aarch64-bmo-963023.patch
* mozilla-aarch64-bmo-963024.patch
* mozilla-aarch64-bmo-963027.patch
* mozilla-ppc64-xpcom.patch
* mozilla-ppc64le-javascript.patch
* mozilla-ppc64le-libffi.patch
* mozilla-ppc64le-mfbt.patch
* mozilla-ppc64le-webrtc.patch
* mozilla-ppc64le-xpcom.patch
* mozilla-ppc64le-build.patch
- requires NSPR 4.10.6
- enabled GStreamer 1.0 usage for 13.2 and above
- update to Firefox 29.0.1
* Seer disabled by default (bmo#1005958)
* Session Restore failed with a corrupted sessionstore.js file
(bmo#1001167)
* pdf.js printing white page (bmo#1003707, bnc#876833)
- general.useragent.locale gets overwritten with en-US while it
should be using the active langpack's setting
- update to Firefox 29.0 (bnc#875378)
* MFSA 2014-34/CVE-2014-1518/CVE-2014-1519
Miscellaneous memory safety hazards
* MFSA 2014-36/CVE-2014-1522 (bmo#995289)
Web Audio memory corruption issues
* MFSA 2014-37/CVE-2014-1523 (bmo#969226)
Out of bounds read while decoding JPG images
* MFSA 2014-38/CVE-2014-1524 (bmo#989183)
Buffer overflow when using non-XBL object as XBL
* MFSA 2014-39/CVE-2014-1525 (bmo#989210)
Use-after-free in the Text Track Manager for HTML video
* MFSA 2014-41/CVE-2014-1528 (bmo#963962)
Out-of-bounds write in Cairo
* MFSA 2014-42/CVE-2014-1529 (bmo#987003)
Privilege escalation through Web Notification API
* MFSA 2014-43/CVE-2014-1530 (bmo#895557)
Cross-site scripting (XSS) using history navigations
* MFSA 2014-44/CVE-2014-1531 (bmo#987140)
Use-after-free in imgLoader while resizing images
* MFSA 2014-45/CVE-2014-1492 (bmo#903885)
Incorrect IDNA domain name matching for wildcard certificates
(fixed by NSS 3.16)
* MFSA 2014-46/CVE-2014-1532 (bmo#966006)
Use-after-free in nsHostResolver
* MFSA 2014-47/CVE-2014-1526 (bmo#988106)
Debugger can bypass XrayWrappers with JavaScript
- rebased patches
- removed obsolete patches
* firefox-browser-css.patch
* mozilla-aarch64-599882cfb998.diff
* mozilla-aarch64-bmo-963028.patch
* mozilla-aarch64-bmo-963029.patch
* mozilla-aarch64-bmo-963030.patch
* mozilla-aarch64-bmo-963031.patch
- requires NSS 3.16
- added mozilla-icu-strncat.patch to fix post build checks
- add mozilla-aarch64-599882cfb998.patch,
mozilla-aarch64-bmo-810631.patch,
mozilla-aarch64-bmo-962488.patch,
mozilla-aarch64-bmo-963030.patch,
mozilla-aarch64-bmo-963027.patch,
mozilla-aarch64-bmo-963028.patch,
mozilla-aarch64-bmo-963029.patch,
mozilla-aarch64-bmo-963023.patch,
mozilla-aarch64-bmo-963024.patch,
mozilla-aarch64-bmo-963031.patch: AArch64 porting
- Add patch for bmo#973977
* mozilla-ppc64-xpcom.patch
- Refresh mozilla-ppc64le-xpcom.patch patch
- Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system
- update to Firefox 28.0 (bnc#868603)
* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
Miscellaneous memory safety hazards
* MFSA 2014-17/CVE-2014-1497 (bmo#966311)
Out of bounds read during WAV file decoding
* MFSA 2014-18/CVE-2014-1498 (bmo#935618)
crypto.generateCRMFRequest does not validate type of key
* MFSA 2014-19/CVE-2014-1499 (bmo#961512)
Spoofing attack on WebRTC permission prompt
* MFSA 2014-20/CVE-2014-1500 (bmo#956524)
onbeforeunload and Javascript navigation DOS
* MFSA 2014-22/CVE-2014-1502 (bmo#972622)
WebGL content injection from one domain to rendering in another
* MFSA 2014-23/CVE-2014-1504 (bmo#911547)
Content Security Policy for data: documents not preserved by
session restore
* MFSA 2014-26/CVE-2014-1508 (bmo#963198)
Information disclosure through polygon rendering in MathML
* MFSA 2014-27/CVE-2014-1509 (bmo#966021)
Memory corruption in Cairo during PDF font rendering
* MFSA 2014-28/CVE-2014-1505 (bmo#941887)
SVG filters information disclosure through feDisplacementMap
* MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
Privilege escalation using WebIDL-implemented APIs
* MFSA 2014-30/CVE-2014-1512 (bmo#982957)
Use-after-free in TypeObject
* MFSA 2014-31/CVE-2014-1513 (bmo#982974)
Out-of-bounds read/write through neutering ArrayBuffer objects
* MFSA 2014-32/CVE-2014-1514 (bmo#983344)
Out-of-bounds write through TypedArrayObject after neutering
- requires NSPR 4.10.3 and NSS 3.15.5
- new build dependency (and recommends):
* libpulse
- update of PowerPC 64 patches (bmo#976648) (pcerny(a)suse.com)
- rebased patches
- update to Firefox 27.0.1
* Fixed stability issues with Greasemonkey and other JS that used
ClearTimeoutOrInterval
* JS math correctness issue (bmo#941381)
- incorporate Google API key for geolocation (bnc#864170)
- updated list of "other" locales in RPM requirements
- update to Firefox 27.0 (bnc#861847)
* MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
* MFSA 2014-02/CVE-2014-1479 (bmo#911864)
Clone protected content with XBL scopes
* MFSA 2014-03/CVE-2014-1480 (bmo#916726)
UI selection timeout missing on download prompts
* MFSA 2014-04/CVE-2014-1482 (bmo#943803)
Incorrect use of discarded images by RasterImage
* MFSA 2014-05/CVE-2014-1483 (bmo#950427)
Information disclosure with *FromPoint on iframes
* MFSA 2014-06/CVE-2014-1484 (bmo#953993)
Profile path leaks to Android system log
* MFSA 2014-07/CVE-2014-1485 (bmo#910139)
XSLT stylesheets treated as styles in Content Security Policy
* MFSA 2014-08/CVE-2014-1486 (bmo#942164)
Use-after-free with imgRequestProxy and image proccessing
* MFSA 2014-09/CVE-2014-1487 (bmo#947592)
Cross-origin information leak through web workers
* MFSA 2014-10/CVE-2014-1489 (bmo#959531)
Firefox default start page UI content invokable by script
* MFSA 2014-11/CVE-2014-1488 (bmo#950604)
Crash when using web workers with asm.js
* MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
(bmo#934545, bmo#930874, bmo#930857)
NSS ticket handling issues
* MFSA 2014-13/CVE-2014-1481(bmo#936056)
Inconsistent JavaScript handling of access to Window objects
- requires NSS 3.15.4 or higher
- rebased/reworked patches
- removed obsolete mozilla-bug929439.patch
- Add support for powerpc64le-linux.
* mozilla-ppc64le.patch: general support
* mozilla-libffi-ppc64le.patch: libffi backport
* mozilla-xpcom-ppc64le.patch: port xpcom
- Add build fix from mainline.
* mozilla-bug929439.patch
- update to Firefox 26.0 (bnc#854367, bnc#854370)
* rebased patches
* requires NSPR 4.10.2 and NSS 3.15.3.1
* MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
Miscellaneous memory safety hazards
* MFSA 2013-105/CVE-2013-5611 (bmo#771294)
Application Installation doorhanger persists on navigation
* MFSA 2013-106/CVE-2013-5612 (bmo#871161)
Character encoding cross-origin XSS attack
* MFSA 2013-107/CVE-2013-5614 (bmo#886262)
Sandbox restrictions not applied to nested object elements
* MFSA 2013-108/CVE-2013-5616 (bmo#938341)
Use-after-free in event listeners
* MFSA 2013-109/CVE-2013-5618 (bmo#926361)
Use-after-free during Table Editing
* MFSA 2013-110/CVE-2013-5619 (bmo#917841)
Potential overflow in JavaScript binary search algorithms
* MFSA 2013-111/CVE-2013-6671 (bmo#930281)
Segmentation violation when replacing ordered list elements
* MFSA 2013-112/CVE-2013-6672 (bmo#894736)
Linux clipboard information disclosure though selection paste
* MFSA 2013-113/CVE-2013-6673 (bmo#970380)
Trust settings for built-in roots ignored during EV certificate
validation
* MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
Use-after-free in synthetic mouse movement
* MFSA 2013-115/CVE-2013-5615 (bmo#929261)
GetElementIC typed array stubs can be generated outside observed
typesets
* MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
JPEG information leak
* MFSA 2013-117 (bmo#946351)
Mis-issued ANSSI/DCSSI certificate
(fixed via NSS 3.15.3.1)
- removed gecko.js preference file as GStreamer is enabled by
default now
- update to Firefox 25.0 (bnc#847708)
* rebased patches
* requires NSS 3.15.2 or above
* MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
Miscellaneous memory safety hazards
* MFSA 2013-94/CVE-2013-5593 (bmo#868327)
Spoofing addressbar through SELECT element
* MFSA 2013-95/CVE-2013-5604 (bmo#914017)
Access violation with XSLT and uninitialized data
* MFSA 2013-96/CVE-2013-5595 (bmo#916580)
Improperly initialized memory and overflows in some JavaScript
functions
* MFSA 2013-97/CVE-2013-5596 (bmo#910881)
Writing to cycle collected object during image decoding
* MFSA 2013-98/CVE-2013-5597 (bmo#918864)
Use-after-free when updating offline cache
* MFSA 2013-99/CVE-2013-5598 (bmo#920515)
Security bypass of PDF.js checks using iframes
* MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
(bmo#915210, bmo#915576, bmo#916685)
Miscellaneous use-after-free issues found through ASAN fuzzing
* MFSA 2013-101/CVE-2013-5602 (bmo#897678)
Memory corruption in workers
* MFSA 2013-102/CVE-2013-5603 (bmo#916404)
Use-after-free in HTML document templates
- as GStreamer is not automatically required anymore but loaded
dynamically if available, require it explicitely
- recommend optional GStreamer plugins for comprehensive media
support
- move greek to the translations-common package (bnc#840551)
- update to Firefox 24.0 (bnc#840485)
* MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
Miscellaneous memory safety hazards
* MFSA 2013-77/CVE-2013-1720 (bmo#888820)
Improper state in HTML5 Tree Builder with templates
* MFSA 2013-78/CVE-2013-1721 (bmo#890277)
Integer overflow in ANGLE library
* MFSA 2013-79/CVE-2013-1722 (bmo#893308)
Use-after-free in Animation Manager during stylesheet cloning
* MFSA 2013-80/CVE-2013-1723 (bmo#891292)
NativeKey continues handling key messages after widget is destroyed
* MFSA 2013-81/CVE-2013-1724 (bmo#894137)
Use-after-free with select element
* MFSA 2013-82/CVE-2013-1725 (bmo#876762)
Calling scope for new Javascript objects can lead to memory corruption
* MFSA 2013-85/CVE-2013-1728 (bmo#883686)
Uninitialized data in IonMonkey
* MFSA 2013-88/CVE-2013-1730 (bmo#851353)
Compartment mismatch re-attaching XBL-backed nodes
* MFSA 2013-89/CVE-2013-1732 (bmo#883514)
Buffer overflow with multi-column, lists, and floats
* MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
Memory corruption involving scrolling
* MFSA 2013-91/CVE-2013-1737 (bmo#907727)
User-defined properties on DOM proxies get the wrong "this" object
* MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
GC hazard with default compartments and frame chain restoration
- enable gstreamer explicitely via pref (gecko.js)
- require NSS 3.15.1
- update to Firefox 23.0.1
* Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
(bmo#901527)
- update to Firefox 23.0 (bnc#833389)
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
Miscellaneous memory safety hazards
* MFSA 2013-64/CVE-2013-1704 (bmo#883313)
Use after free mutating DOM during SetBody
* MFSA 2013-65/CVE-2013-1705 (bmo#882865)
Buffer underflow when generating CRMF requests
* MFSA 2013-67/CVE-2013-1708 (bmo#879924)
Crash during WAV audio file decoding
* MFSA 2013-68/CVE-2013-1709 (bmo#838253)
Document URI misrepresentation and masquerading
* MFSA 2013-69/CVE-2013-1710 (bmo#871368)
CRMF requests allow for code execution and XSS attacks
* MFSA 2013-70/CVE-2013-1711 (bmo#843829)
Bypass of XrayWrappers using XBL Scopes
* MFSA 2013-72/CVE-2013-1713 (bmo#887098)
Wrong principal used for validating URI for some Javascript
components
* MFSA 2013-73/CVE-2013-1714 (bmo#879787)
Same-origin bypass with web workers and XMLHttpRequest
* MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
Local Java applets may read contents of local file system
- requires NSPR 4.10 and NSS 3.15
- fix build on ARM (/-g/ matches /-grecord-switches/)
- update to Firefox 22.0 (bnc#825935)
* removed obsolete patches
+ mozilla-qcms-ppc.patch
+ mozilla-gstreamer-760140.patch
* GStreamer support does not build on 12.1 anymore (build only
on 12.2 and later)
* MFSA 2013-49/CVE-2013-1682/CVE-2013-1683
Miscellaneous memory safety hazards
* MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
Memory corruption found using Address Sanitizer
* MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
Privileged content access and execution via XBL
* MFSA 2013-52/CVE-2013-1688 (bmo#873966)
Arbitrary code execution within Profiler
* MFSA 2013-53/CVE-2013-1690 (bmo#857883)
Execution of unmapped memory through onreadystatechange event
* MFSA 2013-54/CVE-2013-1692 (bmo#866915)
Data in the body of XHR HEAD requests leads to CSRF attacks
* MFSA 2013-55/CVE-2013-1693 (bmo#711043)
SVG filters can lead to information disclosure
* MFSA 2013-56/CVE-2013-1694 (bmo#848535)
PreserveWrapper has inconsistent behavior
* MFSA 2013-57/CVE-2013-1695 (bmo#849791)
Sandbox restrictions not applied to nested frame elements
* MFSA 2013-58/CVE-2013-1696 (bmo#761667)
X-Frame-Options ignored when using server push with multi-part
responses
* MFSA 2013-59/CVE-2013-1697 (bmo#858101)
XrayWrappers can be bypassed to run user defined methods in a
privileged context
* MFSA 2013-60/CVE-2013-1698 (bmo#876044)
getUserMedia permission dialog incorrectly displays location
* MFSA 2013-61/CVE-2013-1699 (bmo#840882)
Homograph domain spoofing in .com, .net and .name
- Fix qcms altivec include (mozilla-qcms-ppc.patch)
- update to Firefox 21.0 (bnc#819204)
* removed upstreamed patch firefox-712763.patch
* removed disabled mozilla-disable-neon-option.patch
* MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
Miscellaneous memory safety hazards
* MFSA 2013-42/CVE-2013-1670 (bmo#853709)
Privileged access for content level constructor
* MFSA 2013-43/CVE-2013-1671 (bmo#842255)
File input control has access to full path
* MFSA 2013-46/CVE-2013-1674 (bmo#860971)
Use-after-free with video and onresize event
* MFSA 2013-47/CVE-2013-1675 (bmo#866825)
Uninitialized functions in DOMSVGZoomEvent
* MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
Memory corruption found using Address Sanitizer
- revert to use GStreamer 0.10 on 12.3 (bnc#814101)
(remove mozilla-gstreamer-1.patch)
- Explicitly disable WebRTC support on non-x86, the configure script
disables it only half-heartedly
- update to Firefox 20.0 (bnc#813026)
* requires NSPR 4.9.5 and NSS 3.14.3
* mozilla-webrtc-ppc.patch included upstream
* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
Miscellaneous memory safety hazards
* MFSA 2013-31/CVE-2013-0800 (bmo#825721)
Out-of-bounds write in Cairo library
* MFSA 2013-35/CVE-2013-0796 (bmo#827106)
WebGL crash with Mesa graphics driver on Linux
* MFSA 2013-36/CVE-2013-0795 (bmo#825697)
Bypass of SOW protections allows cloning of protected nodes
* MFSA 2013-37/CVE-2013-0794 (bmo#626775)
Bypass of tab-modal dialog origin disclosure
* MFSA 2013-38/CVE-2013-0793 (bmo#803870)
Cross-site scripting (XSS) using timed history navigations
* MFSA 2013-39/CVE-2013-0792 (bmo#722831)
Memory corruption while rendering grayscale PNG images
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)
- build fixes for armv7hl:
* disable debug build as armv7hl does not have enough memory
* disable webrtc on armv7hl as it is non-compiling
- update to Firefox 19.0.2 (bnc#808243)
* MFSA 2013-29/CVE-2013-0787 (bmo#848644)
Use-after-free in HTML Editor
- update to Firefox 19.0.1
* blocklist updates
- update to Firefox 19.0 (bnc#804248)
* MFSA 2013-21/CVE-2013-0783/2013-0784
Miscellaneous memory safety hazards
* MFSA 2013-22/CVE-2013-0772 (bmo#801366)
Out-of-bounds read in image rendering
* MFSA 2013-23/CVE-2013-0765 (bmo#830614)
Wrapped WebIDL objects can be wrapped again
* MFSA 2013-24/CVE-2013-0773 (bmo#809652)
Web content bypass of COW and SOW security wrappers
* MFSA 2013-25/CVE-2013-0774 (bmo#827193)
Privacy leak in JavaScript Workers
* MFSA 2013-26/CVE-2013-0775 (bmo#831095)
Use-after-free in nsImageLoadingContent
* MFSA 2013-27/CVE-2013-0776 (bmo#796475)
Phishing on HTTPS connection through malicious proxy
* MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
Use-after-free, out of bounds read, and buffer overflow issues
found using Address Sanitizer
- removed obsolete patches
* mozilla-webrtc.patch
* mozilla-gstreamer-803287.patch
- added patch to fix session restore window order (bmo#712763)
- update to Firefox 18.0.2
* blocklist and CTP updates
* fixes in JS engine
- update to Firefox 18.0.1
* blocklist updates
* backed out bmo#677092 (removed patch)
* fixed problems involving HTTP proxy transactions
- Fix WebRTC to build on powerpc
- update to Firefox 18.0 (bnc#796895)
* MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
Miscellaneous memory safety hazards
* MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
Use-after-free and buffer overflow issues found using Address Sanitizer
* MFSA 2013-03/CVE-2013-0768 (bmo#815795)
Buffer Overflow in Canvas
* MFSA 2013-04/CVE-2012-0759 (bmo#802026)
URL spoofing in addressbar during page loads
* MFSA 2013-05/CVE-2013-0744 (bmo#814713)
Use-after-free when displaying table with many columns and column groups
* MFSA 2013-06/CVE-2013-0751 (bmo#790454)
Touch events are shared across iframes
* MFSA 2013-07/CVE-2013-0764 (bmo#804237)
Crash due to handling of SSL on threads
* MFSA 2013-08/CVE-2013-0745 (bmo#794158)
AutoWrapperChanger fails to keep objects alive during garbage collection
* MFSA 2013-09/CVE-2013-0746 (bmo#816842)
Compartment mismatch with quickstubs returned values
* MFSA 2013-10/CVE-2013-0747 (bmo#733305)
Event manipulation in plugin handler to bypass same-origin policy
* MFSA 2013-11/CVE-2013-0748 (bmo#806031)
Address space layout leaked in XBL objects
* MFSA 2013-12/CVE-2013-0750 (bmo#805121)
Buffer overflow in Javascript string concatenation
* MFSA 2013-13/CVE-2013-0752 (bmo#805024)
Memory corruption in XBL with XML bindings containing SVG
* MFSA 2013-14/CVE-2013-0757 (bmo#813901)
Chrome Object Wrapper (COW) bypass through changing prototype
* MFSA 2013-15/CVE-2013-0758 (bmo#813906)
Privilege escalation through plugin objects
* MFSA 2013-16/CVE-2013-0753 (bmo#814001)
Use-after-free in serializeToStream
* MFSA 2013-17/CVE-2013-0754 (bmo#814026)
Use-after-free in ListenerManager
* MFSA 2013-18/CVE-2013-0755 (bmo#814027)
Use-after-free in Vibrate
* MFSA 2013-19/CVE-2013-0756 (bmo#814029)
Use-after-free in Javascript Proxy objects
- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
- removed obsolete SLE11 patches (mozilla-gcc43*)
- reenable WebRTC
- added mozilla-libproxy-compat.patch for libproxy API compat
on openSUSE 11.2 and earlier
- backed out restartless language packs as it broke multi-locale
setup (bmo#677092, bmo#818468)
- update to Firefox 17.0.1
* revert some useragent changes introduced in 17.0
* leaving private browsing with social enabled doesn't reset all
social components (bmo#815042)
- fix KDE integration for file dialogs
- update to Firefox 17.0 (bnc#790140)
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
Miscellaneous memory safety hazards
* MFSA 2012-92/CVE-2012-4202 (bmo#758200)
Buffer overflow while rendering GIF images
* MFSA 2012-93/CVE-2012-4201 (bmo#747607)
evalInSanbox location context incorrectly applied
* MFSA 2012-94/CVE-2012-5836 (bmo#792857)
Crash when combining SVG text on path with CSS
* MFSA 2012-95/CVE-2012-4203 (bmo#765628)
Javascript: URLs run in privileged context on New Tab page
* MFSA 2012-96/CVE-2012-4204 (bmo#778603)
Memory corruption in str_unescape
* MFSA 2012-97/CVE-2012-4205 (bmo#779821)
XMLHttpRequest inherits incorrect principal within sandbox
* MFSA 2012-99/CVE-2012-4208 (bmo#798264)
XrayWrappers exposes chrome-only properties when not in chrome
compartment
* MFSA 2012-100/CVE-2012-5841 (bmo#805807)
Improper security filtering for cross-origin wrappers
* MFSA 2012-101/CVE-2012-4207 (bmo#801681)
Improper character decoding in HZ-GB-2312 charset
* MFSA 2012-102/CVE-2012-5837 (bmo#800363)
Script entered into Developer Toolbar runs with chrome privileges
* MFSA 2012-103/CVE-2012-4209 (bmo#792405)
Frames can shadow top.location
* MFSA 2012-104/CVE-2012-4210 (bmo#796866)
CSS and HTML injection through Style Inspector
* MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
Use-after-free and buffer overflow issues found using Address
Sanitizer
* MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
Use-after-free, buffer overflow, and memory corruption issues
found using Address Sanitizer
- rebased patches
- disabled WebRTC since build is broken (bmo#776877)
- build on SLE11
* mozilla-gcc43-enums.patch
* mozilla-gcc43-template_hacks.patch
* mozilla-gcc43-templates_instantiation.patch
- update to Firefox 16.0.2 (bnc#786522)
* MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
(bmo#800666, bmo#793121, bmo#802557)
Fixes for Location object issues
- bring back Obsoletes for libproxy's mozjs plugin for distributions
before 12.2 to avoid crashes
- update to Firefox 16.0.1 (bnc#783533)
* MFSA 2012-88/CVE-2012-4191 (bmo#798045)
Miscellaneous memory safety hazards
* MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
defaultValue security checks not applied
- update to Firefox 16.0 (bnc#783533)
* MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
Miscellaneous memory safety hazards
* MFSA 2012-75/CVE-2012-3984 (bmo#575294)
select element persistance allows for attacks
* MFSA 2012-76/CVE-2012-3985 (bmo#655649)
Continued access to initial origin after setting document.domain
* MFSA 2012-77/CVE-2012-3986 (bmo#775868)
Some DOMWindowUtils methods bypass security checks
* MFSA 2012-79/CVE-2012-3988 (bmo#725770)
DOS and crash with full screen and history navigation
* MFSA 2012-80/CVE-2012-3989 (bmo#783867)
Crash with invalid cast when using instanceof operator
* MFSA 2012-81/CVE-2012-3991 (bmo#783260)
GetProperty function can bypass security checks
* MFSA 2012-82/CVE-2012-3994 (bmo#765527)
top object and location property accessible by plugins
* MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
Chrome Object Wrapper (COW) does not disallow acces to privileged
functions or properties
* MFSA 2012-84/CVE-2012-3992 (bmo#775009)
Spoofing and script injection through location.hash
* MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
Use-after-free, buffer overflow, and out of bounds read issues
found using Address Sanitizer
* MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
CVE-2012-4188
Heap memory corruption issues found using Address Sanitizer
* MFSA 2012-87/CVE-2012-3990 (bmo#787704)
Use-after-free in the IME State Manager
- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
- removed upstreamed mozilla-crashreporter-restart-args.patch
- webapprt now included
- use kmozillahelper's new REVEAL command (bnc#777415)
(requires mozilla-kde4-integration >= 0.6.4)
- updated translations-other with new languages
- update to Firefox 15.0.1 (bnc#779936)
* Sites visited while in Private Browsing mode could be found
through manual browser cache inspection (bmo#787743)
- update to Firefox 15.0 (bnc#777588)
* MFSA 2012-57/CVE-2012-1970
Miscellaneous memory safety hazards
* MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
Use-after-free issues found using Address Sanitizer
* MFSA 2012-59/CVE-2012-1956 (bmo#756719)
Location object can be shadowed using Object.defineProperty
* MFSA 2012-60/CVE-2012-3965 (bmo#769108)
Escalation of privilege through about:newtab
* MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
Memory corruption with bitmap format images with negative height
* MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
WebGL use-after-free and memory corruption
* MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
SVG buffer overflow and use-after-free issues
* MFSA 2012-64/CVE-2012-3971
Graphite 2 memory corruption
* MFSA 2012-65/CVE-2012-3972 (bmo#746855)
Out-of-bounds read in format-number in XSLT
* MFSA 2012-66/CVE-2012-3973 (bmo#757128)
HTTPMonitor extension allows for remote debugging without explicit
activation
* MFSA 2012-68/CVE-2012-3975 (bmo#770684)
DOMParser loads linked resources in extensions when parsing
text/html
* MFSA 2012-69/CVE-2012-3976 (bmo#768568)
Incorrect site SSL certificate data display
* MFSA 2012-70/CVE-2012-3978 (bmo#770429)
Location object security checks bypassed by chrome code
* MFSA 2012-72/CVE-2012-3980 (bmo#771859)
Web console eval capable of executing chrome-privileged code
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
- GStreamer is only used for MP4 (no WebM, OGG)
- updated filelist
- moved browser specific preferences to correct location
- Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
- update to 14.0.1 (bnc#771583)
* MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
Miscellaneous memory safety hazards
* MFSA 2012-43/CVE-2012-1950
Incorrect URL displayed in addressbar through drag and drop
* MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
Gecko memory corruption
* MFSA 2012-45/CVE-2012-1955 (bmo#757376)
Spoofing issue with location
* MFSA 2012-46/CVE-2012-1966 (bmo#734076)
XSS through data: URLs
* MFSA 2012-47/CVE-2012-1957 (bmo#750096)
Improper filtering of javascript in HTML feed-view
* MFSA 2012-48/CVE-2012-1958 (bmo#750820)
use-after-free in nsGlobalWindow::PageHidden
* MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
Same-compartment Security Wrappers can be bypassed
* MFSA 2012-50/CVE-2012-1960 (bmo#761014)
Out of bounds read in QCMS
* MFSA 2012-51/CVE-2012-1961 (bmo#761655)
X-Frame-Options header ignored when duplicated
* MFSA 2012-52/CVE-2012-1962 (bmo#764296)
JSDependentString::undepend string conversion results in memory
corruption
* MFSA 2012-53/CVE-2012-1963 (bmo#767778)
Content Security Policy 1.0 implementation errors cause data
leakage
* MFSA 2012-55/CVE-2012-1965 (bmo#758990)
feed: URLs with an innerURI inherit security context of page
* MFSA 2012-56/CVE-2012-1967 (bmo#758344)
Code execution through javascript: URLs
- license change from tri license to MPL-2.0
- fix crashreporter restart option (bmo#762780)
- require NSS 3.13.5
- remove mozjs pacrunner obsoletes again for now
- adopted mozilla-prefer_plugin_pref.patch
- PPC fixes:
* reenabled mozilla-yarr-pcre.patch to fix build for PPC
* add patches for bmo#750620 and bmo#746112
* fix xpcshell segfault on ppc
- update to Firefox 13.0.1
* bugfix release
- obsolete libproxy's mozjs pacrunner (bnc#759123)
- update to Firefox 13.0 (bnc#765204)
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
Miscellaneous memory safety hazards
* MFSA 2012-36/CVE-2012-1944 (bmo#751422)
Content Security Policy inline-script bypass
* MFSA 2012-37/CVE-2012-1945 (bmo#670514)
Information disclosure though Windows file shares and shortcut
files
* MFSA 2012-38/CVE-2012-1946 (bmo#750109)
Use-after-free while replacing/inserting a node in a document
* MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
Buffer overflow and use-after-free issues found using Address
Sanitizer
- require NSS 3.13.4
* MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix sound notifications when filename/path contains a whitespace
(bmo#749739)
- fix build on arm
- reenabled crashreporter for Factory/12.2
(fix in mozilla-gcc47.patch)
- update to Firefox 12.0 (bnc#758408)
* rebased patches
* MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
Miscellaneous memory safety hazards
* MFSA 2012-22/CVE-2012-0469 (bmo#738985)
use-after-free in IDBKeyRange
* MFSA 2012-23/CVE-2012-0470 (bmo#734288)
Invalid frees causes heap corruption in gfxImageSurface
* MFSA 2012-24/CVE-2012-0471 (bmo#715319)
Potential XSS via multibyte content processing errors
* MFSA 2012-25/CVE-2012-0472 (bmo#744480)
Potential memory corruption during font rendering using cairo-dwrite
* MFSA 2012-26/CVE-2012-0473 (bmo#743475)
WebGL.drawElements may read illegal video memory due to
FindMaxUshortElement error
* MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
Page load short-circuit can lead to XSS
* MFSA 2012-28/CVE-2012-0475 (bmo#694576)
Ambiguous IPv6 in Origin headers may bypass webserver access
restrictions
* MFSA 2012-29/CVE-2012-0477 (bmo#718573)
Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
* MFSA 2012-30/CVE-2012-0478 (bmo#727547)
Crash with WebGL content using textImage2D
* MFSA 2012-31/CVE-2011-3062 (bmo#739925)
Off-by-one error in OpenType Sanitizer
* MFSA 2012-32/CVE-2011-1187 (bmo#624621)
HTTP Redirections and remote content can be read by javascript errors
* MFSA 2012-33/CVE-2012-0479 (bmo#714631)
Potential site identity spoofing when loading RSS and Atom feeds
- added mozilla-libnotify.patch to allow fallback from libnotify
to xul based events if no notification-daemon is running
- gcc 4.7 fixes
* mozilla-gcc47.patch
* disabled crashreporter temporarily for Factory
- recommend libcanberra0 for proper sound notifications
- update to Firefox 11.0 (bnc#750044)
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
XSS with Drag and Drop and Javascript: URL
* MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
SVG issues found with Address Sanitizer
* MFSA 2012-15/CVE-2012-0451 (bmo#717511)
XSS with multiple Content Security Policy headers
* MFSA 2012-16/CVE-2012-0458
Escalation of privilege with Javascript: URL as home page
* MFSA 2012-17/CVE-2012-0459 (bmo#723446)
Crash when accessing keyframe cssText after dynamic modification
* MFSA 2012-18/CVE-2012-0460 (bmo#727303)
window.fullScreen writeable by untrusted content
* MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
CVE-2012-0463
Miscellaneous memory safety hazards
- ported and reenabled KDE integration (bnc#746591)
- explicitely build-require X libs
- add Provides: browser(npapi) FATE#313084
- better plugin directory resolution (bnc#747320)
- update to Firefox 10.0.2 (bnc#747328)
* CVE-2011-3026 (bmo#727401)
libpng: integer overflow leading to heap-buffer overflow
- update to Firefox 10.0.1 (bnc#746616)
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
use after free in nsXBLDocumentInfo::ReadPrototypeBindings
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
is not supported, since PCRE doesnt build (bmo#691898)
- fix ppc64 build (bmo#703534)
- update to Firefox 10.0 (bnc#744275)
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
Miscellaneous memory safety hazards
* MFSA 2012-03/CVE-2012-0445 (bmo#701071)
<iframe> element exposed across domains via name attribute
* MFSA 2012-04/CVE-2011-3659 (bmo#708198)
Child nodes from nsDOMAttribute still accessible after removal
of nodes
* MFSA 2012-05/CVE-2012-0446 (bmo#705651)
Frame scripts calling into untrusted objects bypass security
checks
* MFSA 2012-06/CVE-2012-0447 (bmo#710079)
Uninitialized memory appended when encoding icon images may
cause information disclosure
* MFSA 2012-07/CVE-2012-0444 (bmo#719612)
Potential Memory Corruption When Decoding Ogg Vorbis files
* MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
Crash with malformed embedded XSLT stylesheets
- KDE integration has been disabled since it needs refactoring
- removed obsolete ppc64 patch
- Disable neon for arm as it doesn't build correctly
- update to Firefox 9.0.1
* (strongparent) parentNode of element gets lost (bmo#335998)
- fix arm build, don't package crashreporter there
- update to Firefox 9 (bnc#737533)
* MFSA 2011-53/CVE-2011-3660
Miscellaneous memory safety hazards (rv:9.0)
* MFSA 2011-54/CVE-2011-3661 (bmo#691299)
Potentially exploitable crash in the YARR regular expression
library
* MFSA 2011-55/CVE-2011-3658 (bmo#708186)
nsSVGValue out-of-bounds access
* MFSA 2011-56/CVE-2011-3663 (bmo#704482)
Key detection without JavaScript via SVG animation
* MFSA 2011-58/VE-2011-3665 (bmo#701259)
Crash scaling <video> to extreme sizes
- Fix accessibility under GNOME 3 (bnc#732898)
- fix ppc64 build
- update to Firefox 8 (bnc#728520)
* MFSA 2011-47/CVE-2011-3648 (bmo#690225)
Potential XSS against sites using Shift-JIS
* MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
Miscellaneous memory safety hazards
* MFSA 2011-49/CVE-2011-3650 (bmo#674776)
Memory corruption while profiling using Firebug
* MFSA 2011-52/CVE-2011-3655 (bmo#672182)
Code execution via NoWaiverWrapper
- rebased patches
- enable telemetry prompt
- update to minor release 7.0.1
* fixed staged addon updates
- set intl.locale.matchOS=true in the base package as it causes
too much confusion when it's only available with branding-openSUSE
- update to Firefox 7 (bnc#720264)
including
* Improve Responsiveness with Memory Reductions
* Instant Sync
* WebSocket protocol 8
* MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
Miscellaneous memory safety hazards
* MFSA 2011-39/CVE-2011-3000 (bmo#655389)
Defense against multiple Location headers due to CRLF Injection
* MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
Code installation through holding down Enter
* MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
Potentially exploitable WebGL crashes
* MFSA 2011-42/CVE-2011-3232 (bmo#653672)
Potentially exploitable crash in the YARR regular expression
library
* MFSA 2011-43/CVE-2011-3004 (bmo#653926)
loadSubScript unwraps XPCNativeWrapper scope parameter
* MFSA 2011-44/CVE-2011-3005 (bmo#675747)
Use after free reading OGG headers
* MFSA 2011-45
Inferring keystrokes from motion data
- removed obsolete mozilla-cairo-lcd.patch
- rebased patches
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
mozilla.sh.in (bnc#680758)
- fixed loading of kde.js under KDE (bnc#718311)
- add dbus-1-glib-devel to BuildRequires (not pulled in
automatically anymore on 12.1)
- increase minversions for NSPR and NSS
- recreated source archive to get correct source-stamp.txt
- security update to 6.0.2 (bnc#714931)
* Complete blocking of certificates issued by DigiNotar
(bmo#683449)
- security update to 6.0.1 (bnc#714931)
* MFSA 2011-34
Protection against fraudulent DigiNotar certificates
(bmo#682927)
- update to 6.0 (bnc#712224)
included security fixes MFSA 2011-29
* CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
Miscellaneous memory safety hazards
* CVE-2011-2993 (bmo#657267)
Unsigned scripts can call script inside signed JAR
* CVE-2011-2988 (bmo#665934)
Heap overflow in ANGLE library
* CVE-2011-0084 (bmo#648094)
Crash in SVGTextElement.getCharNumAtPosition()
* CVE-2011-2990
Credential leakage using Content Security Policy reports
* CVE-2011-2986 (bmo#655836)
Cross-origin data theft using canvas and Windows D2D
- removed obsolete curl header dependency (mozilla-curl.patch)
- update to 6.0b3
* removed obsolete patches
- firefox-shellservice.patch
- mozilla-gio.patch
- mozilla-ppc-ipc.patch
- firefox-linkorder.patch
- firefox-no-sync-l10n.patch
- recognize linux3 as platform for symbolstore.py
- Add x-scheme-handler/ftp to the MimeType key in the .desktop, to
let desktops know that Firefox can deal with ftp: URIs.
- create upstream branding package again (supposedly empty)
(bnc#703401)
- fix build on SLE11 (changes do not affect/are not applied for
later versions)
- enable startup notification (bnc#701465)
- update to 5.0 final
- included fixes for security issues: (bnc#701296, bnc#700578)
* MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
Miscellaneous memory safety hazards
* MFSA 2011-20/CVE-2011-2373 (bmo#617247)
Use-after-free vulnerability when viewing XUL document with
script disabled
* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
Memory corruption due to multipart/x-mixed-replace images
* MFSA 2011-22/CVE-2011-2371 (bmo#664009)
Integer overflow and arbitrary code execution in
Array.reduceRight()
* MFSA 2011-25/CVE-2011-2366
Stealing of cross-domain images using WebGL textures
* MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
Multiple WebGL crashes
* MFSA 2011-27/CVE-2011-2369 (bmo#650001)
XSS encoding hazard with inline SVG
* MFSA 2011-28/CVE-2011-2370 (bmo#645699)
Non-whitelisted site can trigger xpinstall
- update to 5.0b7
* updated supported locales
- do not build dump_syms static (not needed for us)
- > fix build for openSUSE 12.1 and above
- update to 5.0b6
- include proper revision information into the build
- speedier find-external-requires.sh
- update to 5.0b3
- transformed to standalone Firefox (not xulrunner based)
(with new Firefox rapid release cycle it makes no sense anymore)
* imported all relevant xulrunner patches
- do not compile in build timestamp
- security update to 4.0.1 (bnc#689281)
* MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079
CVE-2011-0080 CVE-2011-0081
Miscellaneous memory safety hazards
* MFSA 2011-17/CVE-2011-0068 (bmo#623791)
WebGLES vulnerabilities
* MFSA 2011-18/CVE-2011-1202 (bmo#640339)
XSLT generate-id() function heap address leak
- add all available icon sizes
- license update: MPLv1.1 or GPLv2+ or LGPLv2+
Sync licenses with Fedora. MPL does not state ^or later^
- update to version 4.0rc2
- fixed rpm macros delivered with devel package (bnc#679950)
- update to version 4.0b12
- rebased patches
- update to version 4.0b11
* loads of bugfixes compared to last beta
* added "Do Not Track" option
- rebased patches
- disable testpilot
- set correct desktop file name within KDE for 11.4 and up
- add devel package with macros for extensions (from lnussel(a)suse.de)
- update to version 4.0b10
- removed obsolete firefox-shell-bmo624267.patch
- testpilot moved to distribution/extensions
- updated locale provides and removed bn-IN from locales
- update to version 4.0b9
- added x-scheme-handler for http and https to desktop file for
newer Gnome environments
- fixed default browser check/set for GIO (bmo#611953)
(mozilla-shellservice.patch)
- removed obsolete firefox-appname.patch (integrated into
shellservice patch)
- renamed desktop file to firefox.desktop for 11.4 and newer
(bnc#664211)
- removed support for 10.3 and older from the spec file
- removed obsolete "Ximian" categories from desktop file
- Mirror ac_add_options --disable-ipc from xulrunner for PowerPC.
- update to version 4.0beta8
- major update to version 4.0beta7
* based on mozilla-xulrunner20
* far too many internal changes to list
- security update to 3.6.12 (bnc#649492)
* MFSA 2010-73/CVE-2010-3765 (bmo#607222)
Heap buffer overflow mixing document.write and DOM insertion
- security update to 3.6.11 (bnc#645315)
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
Miscellaneous memory safety hazards
* MFSA 2010-65/CVE-2010-3179 (bmo#583077)
Buffer overflow and memory corruption using document.write
* MFSA 2010-66/CVE-2010-3180 (bmo#588929)
Use-after-free error in nsBarProp
* MFSA 2010-67/CVE-2010-3183 (bmo#598669)
Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-68/CVE-2010-3177 (bmo#556734)
XSS in gopher parser when parsing hrefs
* MFSA 2010-69/CVE-2010-3178 (bmo#576616)
Cross-site information disclosure via modal calls
* MFSA 2010-70/CVE-2010-3170 (bmo#578697)
SSL wildcard certificate matching IP addresses
* MFSA 2010-71/CVE-2010-3182 (bmo#590753)
Unsafe library loading vulnerabilities
* MFSA 2010-72/CVE-2010-3173
Insecure Diffie-Hellman key exchange
- update to 3.6.10
* fixing startup topcrash (bmo#594699)
- security update to 3.6.9 (bnc#637303)
* MFSA 2010-49/CVE-2010-3169
Miscellaneous memory safety hazards
* MFSA 2010-50/CVE-2010-2765 (bmo#576447)
Frameset integer overflow vulnerability
* MFSA 2010-51/CVE-2010-2767 (bmo#584512)
Dangling pointer vulnerability using DOM plugin array
* MFSA 2010-53/CVE-2010-3166 (bmo#579655)
Heap buffer overflow in nsTextFrameUtils::TransformText
* MFSA 2010-54/CVE-2010-2760 (bmo#585815)
Dangling pointer vulnerability in nsTreeSelection
* MFSA 2010-55/CVE-2010-3168 (bmo#576075)
XUL tree removal crash and remote code execution
* MFSA 2010-56/CVE-2010-3167 (bmo#576070)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-57/CVE-2010-2766 (bmo#580445)
Crash and remote code execution in normalizeDocument
* MFSA 2010-59/CVE-2010-2762 (bmo#584180)
SJOW creates scope chains ending in outer object
* MFSA 2010-61/CVE-2010-2768 (bmo#579744)
UTF-7 XSS by overriding document charset using <object> type
attribute
* MFSA 2010-62/CVE-2010-2769 (bmo#520189)
Copy-and-paste or drag-and-drop into designMode document allows
XSS
* MFSA 2010-63/CVE-2010-2764 (bmo#552090)
Information leak via XMLHttpRequest statusText
- disable crash reporter for non x86/x86_64 to make it build.
- security update to 3.6.8 (bnc#622506)
* MFSA 2010-48/CVE-2010-2755 (bmo#575836)
Dangling pointer crash regression from plugin parameter array
fix
- security update to 3.6.7 (bnc#622506)
* MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
Miscellaneous memory safety hazards
* MFSA 2010-35/CVE-2010-1208 (bmo#572986)
DOM attribute cloning remote code execution vulnerability
* MFSA 2010-36/CVE-2010-1209 (bmo#552110)
Use-after-free error in NodeIterator
* MFSA 2010-37/CVE-2010-1214 (bmo#572985)
Plugin parameter EnsureCachedAttrParamArrays remote code
execution vulnerability
* MFSA 2010-38/CVE-2010-1215 (bmo#567069)
Arbitrary code execution using SJOW and fast native function
* MFSA 2010-39/CVE-2010-2752 (bmo#574059)
nsCSSValue::Array index integer overflow
* MFSA 2010-40/CVE-2010-2753 (bmo#571106)
nsTreeSelection dangling pointer remote code execution
vulnerability
* MFSA 2010-41/CVE-2010-1205 (bmo#570451)
Remote code execution using malformed PNG image
* MFSA 2010-42/CVE-2010-1213 (bmo#568148)
Cross-origin data disclosure via Web Workers and importScripts
* MFSA 2010-43/CVE-2010-1207 (bmo#571287)
Same-origin bypass using canvas context
* MFSA 2010-44/CVE-2010-1210 (bmo#564679)
Characters mapped to U+FFFD in 8 bit encodings cause subsequent
character to vanish
* MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
Multiple location bar spoofing vulnerabilities
* MFSA 2010-46/CVE-2010-0654 (bmo#524223)
Cross-domain data theft using CSS
* MFSA 2010-47/CVE-2010-2754 (bmo#568564)
Cross-origin data leakage from script filename in error messages
- update to 3.6.6 release
* modifies the crash protection feature to increase the amount
of time that plugins are allowed to be non-responsive before
being terminated.
- update to final 3.6.4 release (bnc#603356)
* MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
CVE-2010-1203
Crashes with evidence of memory corruption (rv:1.9.2.4)
* MFSA 2010-28/CVE-2010-1198 (bmo#532246)
Freed object reuse across plugin instances
* MFSA 2010-29/CVE-2010-1196 (bmo#534666)
Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
* MFSA 2010-30/CVE-2010-1199 (bmo#554255)
Integer Overflow in XSLT Node Sorting
* MFSA 2010-31/CVE-2010-1125 (bmo#552255)
focus() behavior can be used to inject or steal keystrokes
* MFSA 2010-32/CVE-2010-1197 (bmo#537120)
Content-Disposition: attachment ignored if
Content-Type: multipart also present
* MFSA 2010-33/CVE-2008-5913 (bmo#475585)
User tracking across sites using Math.random()
- update to 3.6.4(build6)
- security update to 3.6.4 (Lorentz)
* enable crashreporter also for x86-64
* Flash runs in a separate process to avoid crashing Firefox
(ix86 only; x86-64 still uses nspluginwrapper)
- security update to 3.6.3
* MFSA 2010-25/CVE-2010-1121 (bmo#555109)
Re-use of freed object due to scope confusion
- security update to version 3.6.2 (bnc#586567)
* MFSA 2010-08/CVE-2010-1028
WOFF heap corruption due to integer overflow
* MFSA 2010-09/CVE-2010-0164 (bmo#547143)
Deleted frame reuse in multipart/x-mixed-replace image
* MFSA 2010-10/CVE-2010-0170 (bmo#541530)
XSS via plugins and unprotected Location object
* MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167
Crashes with evidence of memory corruption
* MFSA 2010-12/CVE-2010-0171 (bmo#531364)
XSS using addEventListener and setTimeout on a wrapped object
* MFSA 2010-13/CVE-2010-0168 (bmo#540642)
Content policy bypass with image preloading
* MFSA 2010-14/CVE-2010-0169 (bmo#535806)
Browser chrome defacement via cached XUL stylesheets
* MFSA 2010-15/CVE-2010-0172 (bmo#537862)
Asynchronous Auth Prompt attaches to wrong window
* MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
Crashes with evidence of memory corruption
* MFSA 2010-18/CVE-2010-0176 (bmo#538308)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-19/CVE-2010-0177 (bmo#538310)
Dangling pointer vulnerability in nsPluginArray
* MFSA 2010-20/CVE-2010-0178 (bmo#546909)
Chrome privilege escalation via forced URL drag and drop
* MFSA 2010-22/CVE-2009-3555 (bmo#545755)
Update NSS to support TLS renegotiation indication
* MFSA 2010-23/CVE-2010-0181 (bmo#452093)
Image src redirect to mailto: URL opens email editor
* MFSA 2010-24/CVE-2010-0182 (bmo#490790)
XMLDocument::load() doesn't check nsIContentPolicy
- update to 3.6rc2 (already named 3.6.0)
- removed obsolete orbit-devel build requirement
- major update to 3.6rc1
- update to version 3.5.7 (bnc#568011)
* DNS resolution in MakeSN of nsAuthSSPI causing issues for
proxy servers that support NTLM auth (bmo#535193)
- added missing lockdown preferences (bnc#567131)
- readded firefox-ui-lockdown.patch (bnc#546158)
- security update to version 3.5.6 (bnc#559807)
* MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
Crashes with evidence of memory corruption (rv:1.9.1.6)
* MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
Memory safety fixes in liboggplay media library
* MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
Integer overflow, crash in libtheora video library
* MFSA 2009-68/CVE-2009-3983 (bmo#487872)
NTLM reflection vulnerability
* MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
Location bar spoofing vulnerabilities
* MFSA 2009-70/VE-2009-3986 (bmo#522430)
Privilege escalation via chrome window.opener
- fixed firefox-browser-css.patch (bnc#561027)
- rebased patches for fuzz=0
- update to version 3.5.5 (bnc#553172)
- security update to version 3.5.4 (bnc#545277)
* MFSA 2009-52/CVE-2009-3370 (bmo#511615)
Form history vulnerable to stealing
* MFSA 2009-53/CVE-2009-3274 (bmo#514823)
Local downloaded file tampering
* MFSA 2009-54/CVE-2009-3371 (bmo#514554)
Crash with recursive web-worker calls
* MFSA 2009-55/CVE-2009-3372 (bmo#500644)
Crash in proxy auto-configuration regexp parsing
* MFSA 2009-56/CVE-2009-3373 (bmo#511689)
Heap buffer overflow in GIF color map parser
* MFSA 2009-57/CVE-2009-3374 (bmo#505988)
Chrome privilege escalation in XPCVariant::VariantDataToJS()
* MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862)
Heap buffer overflow in string to number conversion
* MFSA 2009-61/CVE-2009-3375 (bmo#503226)
Cross-origin data theft through document.getSelection()
* MFSA 2009-62/CVE-2009-3376 (bmo#511521)
Download filename spoofing with RTL override
* MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378
Upgrade media libraries to fix memory safety bugs
* MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383
Crashes with evidence of memory corruption
- removed upstreamed patch
* firefox-bug506901.patch
- fix KDE button order in one more place (bnc#170055)
- improve UI colors to be usable with dark themes at all
(firefox-browser-css.patch) (bnc#503351)
- extend list of supported architectures as ABI identifier
(mozilla-abi.patch) (bnc#543460)
- added KDE integration patch from llunak(a)novell.com
(firefox-kde.patch)
* support for knotify, making -kde4-addon obsolete
* KDE-specific support functional (bnc#170055)
- do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs)
- security update to version 3.5.3 (bnc#534458)
* MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/
CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075
Crashes with evidence of memory corruption
* MFSA 2009-49/CVE-2009-3077 (bmo#506871)
TreeColumns dangling pointer vulnerability
* MFSA 2009-50/CVE-2009-3078 (bmo#453827)
Location bar spoofing via tall line-height Unicode characters
* MFSA 2009-51/CVE-2009-3079 (bmo#454363)
Chrome privilege escalation with FeedWriter
- renamed patch firefox-contextmenu-gnome to firefox-cross-desktop
as it contains more tweaks to handle non-Gnome environments and
especially KDE integration:
* added the ability to set the KDE default browser
(still part of bnc#170055)
- split -translations package into -common and -other
(bnc#529180)
- remove "set as background" from context menu if not running in
Gnome (part of bnc#170055)
- security update to version 3.5.2
* MFSA 2009-38/CVE-2009-2470 (bmo#459524)
Data corruption with SOCKS5 reply containing DNS name longer
than 15 characters
* MFSA 2009-44/CVE-2009-2654 (bmo#451898)
Location bar and SSL indicator spoofing via window.open() on
invalid URL
* MFSA 2009-45
Crashes with evidence of memory corruption
* MFSA 2009-46 (bmo#498897)
Chrome privilege escalation due to incorrectly cached wrapper
* various other stability fixes
- export MOZ_APP_LAUNCHER in the startscript (bmo#453689)
- fixed %exclude usage
- fixed preferences' advanced pane for fresh profiles (bmo#506901)
- security update to version 3.5.1
* MFSA 2009-41
Corrupt JIT state after deep return from native function
- added mozilla-linkorder.patch to fix build with --as-needed
- update to final version 3.5 (20090623)
- fixed build by linking to a real file
- update to version 3.5rc2 (20090617)
- BuildRequire mozilla-xulrunner191 = 1.9.1.0
- update to version 3.5b99 (20090604)
- BuildRequire mozilla-xulrunner191 = 1.9.1b99
- fixed typos in improved xulrunner dependencies
- use non-localized Downloads folder (bnc#501724)
- update to new major version 3.5b4
* based on Gecko 1.9.1 (mozilla-xulrunner191)
* Private Browsing Mode
* TraceMonkey JavaScript engine
* Geolocation support
* native JSON and web worker threads support
* speculative parsing for faster content rendering
* Some HTML5 support
- updated firefox.schemas
- improved firefox-no-update.patch
- security update to 3.0.10
* MFSA 2009-23/CVE-2009-1313 (bmo#489647)
Crash in nsTextFrame::ClearTextRun()
- security update to 3.0.9 (bnc#495473)
* MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305
Crashes with evidence of memory corruption (rv:1.9.0.9)
* MFSA 2009-15/CVE-2009-0652 (bmo#479336)
URL spoofing with box drawing character
* MFSA 2009-16/CVE-2009-1306 (bmo#474536)
jar: scheme ignores the content-disposition: header on the
inner URI
* MFSA 2009-17/CVE-2009-1307 (bmo#481342)
Same-origin violations when Adobe Flash loaded via
view-source: scheme
* MFSA 2009-18/CVE-2009-1308 (bmo#481558)
XSS hazard using third-party stylesheets and XBL bindings
* MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433)
Same-origin violations in XMLHttpRequest and
XPCNativeWrapper.toString
* MFSA 2009-20/CVE-2009-1310 (bmo#483086)
Malicious search plugins can inject code into arbitrary sites
* MFSA 2009-21/CVE-2009-1311 (bmo#471962)
POST data sent to wrong site when saving web page with
embedded frame
* MFSA 2009-22/CVE-2009-1312 (bmo#475636)
Firefox allows Refresh header to redirect to javascript: URIs
- security update to 1.9.0.8 (bnc#488955,489411)
* MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
Crash and remote code execution in XSL transformation
* MFSA 2009-13/CVE-2009-1044 (bmo#484320)
Arbitrary code execution via XUL tree moveToEdgeShift
- allow RPM provides for stuff besides shared libraries
(e.g. mime-types)
- security update to 3.0.7 (bnc#478625)
* MFSA 2009-07 - Crashes with evidence of memory corruption
CVE-2009-0771 - Layout Engine Crashes
CVE-2009-0772 - Layout Engine Crashes
CVE-2009-0773 - crashes in the JavaScript engine
CVE-2009-0774 - Layout Engine Crashes
* MFSA 2009-08/CVE-2009-0775 - (bmo#474456)
Mozilla Firefox XUL Linked Clones Double Free Vulnerability
* MFSA 2009-09/CVE-2009-0776 (bmo#414540)
XML data theft via RDFXMLDataSource and cross-domain redirect
* MFSA 2009-10/CVE-2009-0040 (bmo#478901)
Upgrade PNG library to fix memory safety hazards
* MFSA 2009-11/CVE-2009-0777 (bmo#452979)
URL spoofing with invisible control characters
==== MozillaThunderbird ====
Subpackages: MozillaThunderbird-translations-common
- The conditional testing for gcc was failing for different
openSUSE versions, drop it and apply patches unconditionally.
- Add patches to fix building with gcc >= 6:
+ mozilla-gcc6.patch: patch taken from fedora's git and is
essentially identical to upstream firefox patch:
https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
+ mozilla-flexible-array-member-in-union.patch: patch taken
from upstream bmo#1272649.
==== NetworkManager-gnome ====
Subpackages: NetworkManager-connection-editor libnm-gtk0 typelib-1_0-NMGtk-1_0
- Add NetworkManager-wrongly-placed-brace.patch: fix wrongly placed
brace.
==== akonadi-calendar ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== akonadi-search ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5AkonadiSearch
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== akonadi-server ====
Version update (15.12.3 -> 16.04.1)
- Explicitly require the newly-split libs in the devel package
- Split AkonadiCore, AkonadiAgentBase and AkonadiWidgets libraries
to separate subpackages, as per the SLPP
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Move akonadi2xml to devel package
- Move dbus xml files to the akonadi-devel package
- Make the devel package conflict with
libakonadiprotocolinternals-devel
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== amarok ====
- Add gcc6-workaround.patch to workaround an error seen by GCC,
link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71273.
==== ark ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== baloo5-widgets ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== cdrdao ====
- Add cdrdao-gcc6-fixes.patch: Fix build with gcc6.
==== crda ====
- Add gcc6-fix-errors.patch to remove errors seen by GCC6.
==== dolphin ====
Version update (15.12.3 -> 16.04.1)
Subpackages: dolphin-part libdolphinvcs5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Drop upstreamed patch specify-fallback-icon.patch
- Added specify-fallback-icon.patch: fixes missing icons for
certain filetypes where the specified icon doesn't exist
(kde#358958, kde#361034)
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Drop upstreamed patch Fix-wrong-path-URL-conversion.patch
==== dragonplayer ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== espeak ====
- gcc6-char-cast.patch: Fix GCC6 errors.
==== gnome-software ====
Version update (3.20.2 -> 3.20.3)
- Update to version 3.20.3:
+ Fix several issues with system upgrades.
+ Fix several issues with the Ubuntu reviews dialog.
+ Fix an issue that caused incorrect package versions to be shown
in the update panel.
+ Fix an issue that caused offline updates to not start under
certain conditions.
+ Updated translations.
- Drop gs-compile-against-old-appstream-glib.patch,
gs-Fix-underlinking.patch, gs-Fix-xdg-app-build.patch and
gs-Fix-a-possible-crasher.patch: Fixed upstream.
- Following the above drop gnome-common BuildRequires and
autoreconf call, we no longer have patches touching the
buildsystem.
==== gpgmepp5 ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5QGpgme5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== grantlee5 ====
Version update (5.0.0 -> 5.1.0)
- Update to 5.1.0
* Implement advanced operators for the {% if %} tag
* Use 'd' postfix for plugins built in debug mode
* Use 'd' postfix for libraries built in debug mode by Visual Studio
* Make it possible to build without QtScript and QtLinguistTools
* Bump Grantlee CMake requirement to 3.1.
* Bump Grantlee Qt requirement to 5.3.
==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbadbase-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstgl-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0
- Drop pkgconfig(libmusicbrainz): gstreamer does not depend on it
directly.
==== gwenview5 ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== installation-images-openSUSE ====
Version update (14.245 -> 14.247)
- adjust to update-alternative package change
- 14.247
- module.config: add macsec
- 14.246
==== k3b ====
- Add k3b-2.0.3-gcc6.patch: Fix build with GCC 6. Patch copied from
Gentoo.
==== kaccounts-integration ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kalarmcal ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kamera ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kate ====
Version update (15.12.3 -> 16.04.1)
Subpackages: kate-plugins kwrite
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcalc ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Drop kcalc-fix_set_size.patch, not necessary any more
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcalcore ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcalutils ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5CalendarUtils5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcharselect ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcolorchooser ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kcontacts ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kdebase4 ====
Version update (15.12.3 -> 16.04.1)
Subpackages: kdebase4-libkonq kdebase4-nsplugin kdepasswd kdialog keditbookmarks konqueror konqueror-plugins libkonq-devel libkonq5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kdebase4-runtime ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kdebase4-workspace ====
Subpackages: kdebase4-workspace-libs python-kdebase4
- Changed kdm-sysconfig-values.diff:
Add "-listen tcp" to the Xserver cmdline for Xorg 1.17 and up if
DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN="yes" in
/etc/syconfig/displaymanager, newer versions have -nolisten as
default (boo#978262)
- Add patch gcc6-fixes.diff to fix errors reported by GCC6 compiler
==== kdelibs4 ====
Version update (4.14.18 -> 4.14.19)
Subpackages: kdelibs4-core kdelibs4-doc libkde4 libkde4-devel libkdecore4 libkdecore4-devel libksuseinstall1
- Add patch gcc6-fix-errors.patch to fix errors reported by GCC6.
- Update to 4.14.19
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
==== kdenetwork4-filesharing ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kdepim ====
Version update (15.12.3 -> 16.04.1)
Subpackages: akonadi_resources akregator5 kaddressbook5 kalarm5 kmail5 knotes5 kontact5 korganizer5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Require kdepim for kmail, or the account wizard won't be found
at startup. Found by openQA.
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Require kdepim-addons in kmail (kde#361605), korganizer and
kaddressbook
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- libkdepim and kleopatra were split off in separate packages upstream
==== kdepim-runtime ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Drop bko354056.diff due to upstream inclusion
==== kdepimlibs ====
Version update (15.12.3 -> 16.04.1)
Subpackages: akonadi-contact kio-pimlibs libKF5AkonadiContact5 libKF5AkonadiMime5 libKF5AkonadiNotes5
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kdepimlibs4 ====
Subpackages: libakonadi4 libkdepimlibs4
- Remove akonadi2xml to prevent conflicts with akonadi-server
- Remove superfluous libpth-devel dependency
==== kdnssd ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kernel-source ====
Version update (4.5.4 -> 4.6.0)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms
- Fix build breakage due to missing buildroot in rpm/kernel-binary.spec.in
- commit c03eb71
- drm/amd: add Kconfig dependency for ACP on DRM_AMDGPU.
- Update config files.
- commit 99e9d31
- rpm/kernel-binary.spec.in: Fix build error when no firmware is installed
- commit a09ef60
- rpm/kernel-binary.spec.in: Do not package helper files in -devel (bsc#981204)
- commit 4c334f0
- tipc: check nl sock before parsing nested attributes
(CVE-2016-4951 bsc#981058).
- commit 353e24b
- rpm/kernel-binary.spec.in: Install only needed firmware for -base (bsc#966447)
- commit f685839
- rpm/kernel-binary.spec.in: Fix placement of the reproducible build hack
- commit 26e4b73
- Update change for hv-storvsc to set sg_tablesize on x86
- commit 758fc22
- ALSA: hrtimer: Handle start/stop more properly (bsc#973378).
- commit 713ff49
- watchdog: sp5100_tco: properly check for new register layouts
(boo#978953).
- commit 8096c43
- kvm: Remove variable physbase MTRR 0x2f8 (bsc#979715,
CVE-2016-3713).
- commit ffec37b
- Update to 4.6-final.
- Eliminated 1 patch.
- Config changes:
- MLX5_CORE_EN_VXLAN=y
- commit d9e67cc
- net: fix infoleak in llc (bsc#978821, CVE-2016-4485).
- commit 4715b83
- net: fix infoleak in llc (bsc#978821, CVE-2016-4485).
- commit f2da272
- Update tags in two patches for CVE-2016-4578, bsc#979879
- commit f3ff4d1
==== kget ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kgpg ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Fix filelist for 13.1, we don't install KF5 ServiceMenus there...
==== kholidays ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Drop kholidays-glibc-2.23.patch, this is no longer needed as the
issue was fixed upstream
==== kidentitymanagement ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kimap ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kio-extras5 ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Conflict with kactivities5 5.19.0 and earlier to prevent file
conflicts. The activities fileitem_linking_plugin and kio slave
have been moved from kactivities5 to kio-extras5 in 16.04
(boo#976592)
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kio_audiocd ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kipi-plugins5 ====
Version update (4.94git -> 5.0.0~beta5)
Subpackages: kipi-plugin-icons
- Adjust licenses as shown by legal review
- Update to 5.0 beta5
* No upstream changelog provided
==== kiwi ====
Version update (7.03.68 -> 7.03.72)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools
- v7.03.72 released
- fix hash key handling for perl 5.24 (boo#981080)
- v7.03.71 released
- Delete vmxboot dracut optimization
For vmx type images, dracut was called in background to speedup
the boot process. However this could cause a race condition
together with grub2-mkconfig. If grub2-mkconfig is called but
dracut has not yet created the initrd, grub2 creates a configuration
file without an initrd. The result boot setup is not able to
reboot the system because the initrd is not loaded.
This fixes (bnc#982092)
- v7.03.70 released
- v7.03.69 released
- Added readonly check for persistent data
When creating a partition for persistent data, check
if the device class has the readonly flag set before
trying to write anything there. Fixes #576
- tag debug and source medias in rpm-md meta data (bnc#980871)
==== kldap ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kleopatra5 ====
Version update (15.12.3 -> 16.04.1)
- Adjust license
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kmag ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kmailtransport ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kmbox ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kmime ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kmousetool ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kompare ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== konsole ====
Version update (15.12.3 -> 16.04.1)
Subpackages: konsole-part
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kontactinterface ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kopete ====
Version update (15.12.3 -> 16.04.1)
- Add gcc6.patch from kde#363053: Fix build with gcc6
- Run spec-cleaner on kopete.spec
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kpimtextedit ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kqtquickcharts ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== krdc ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== krfb ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kruler ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktnef ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-accounts-kcm ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libktpaccountskcminternal9
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-approver ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-auth-handler ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-common-internals ====
Version update (15.12.3 -> 16.04.1)
Subpackages: ktp-icons
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-contact-list ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-contact-runner ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-desktop-applets ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-filetransfer-handler ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-kded-module ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-send-file ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== ktp-text-ui ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== kwalletmanager5 ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libaccounts-glib ====
Version update (1.18 -> 1.21)
- Update to 1.21
* Support desktop-specific overrides for service and providers
files: desktops can define service and providers files in
/usr/share/accounts/{providers,services}/$XDG_CURRENT_DESKTOP
and these would override any files having the same name in the
parent (default) directory.
* Fixes
- Drop upstream libaccounts-glib-ignore-deprecated-declarations.patch
no longer required
==== libkcddb4 ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libkcddb4-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkcompactdisc4 ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libkcompactdisc4-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkdcraw ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5KDcraw5 libkdcraw-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkdepim ====
Version update (15.12.3 -> 16.04.1)
- Adjust version requires as per SLPP
- Use correct package groups
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkexiv2 ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5KExiv2-15_0_0 libkexiv2-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkface ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5KFace10_0_0 libkface-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkgeomap ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5KGeoMap10_0_0 libkgeomap-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Add patch find-astro.diff to ensure that we find Marble
==== libkipi ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libkolab-qt5 ====
- Remove akonadi-devel BuildRequire (replaced by
akonadi-sever-devel)
==== libkomparediff2 ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libksane ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libKF5Sane5 libksane-devel
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Remove conflicting icons with kipi-plugins
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== libktorrent ====
Subpackages: libktorrent-devel libktorrent6 libktorrent6-lang
- Added require-lower-LibGMP.patch: 6.0.0 version was chosen
randomly, and we know the code compiles with at least 5.1.3
==== libmusicbrainz ====
Subpackages: libmusicbrainz-devel libmusicbrainz4
- Add patch gcc6-fix-errors.patch to remove errors seen by GCC6.
==== libqca-qt5 ====
Subpackages: libqca-qt5-devel libqca-qt5-plugins
- Fix build on PowerPC with GCC 6:
* Add libqca-qt5-2.1.1-explicit-signed-char.patch
==== libqt5-qtdeclarative ====
Subpackages: libQtQuick5 libqt5-qtdeclarative-devel libqt5-qtdeclarative-tools
- Added Workaround-for-crashes-in-QtQml-code-relating-to-null-this-pointers.patch
to prevent issues with GCC 6
==== libraw ====
Subpackages: libraw-devel libraw15
- Complete libraw-0.17.1-gcc6-compatibility.patch to fix build
on ppc as well
- Fix build with GCC 6:
* Add libraw-0.17.1-gcc6-compatibility.patch
==== libsidplay1 ====
- Add baselibs.conf to source list.
- In case we build using gcc6, add -Wno-narrowing to CFLAGS and
CXXFLAGS: the code (intentionally) stores values like 0x80 into
signed chars, resulting in the compiler complaining (boo#981470).
==== libyui ====
Version update (3.2.4 -> 3.2.5)
- Fix 'Werror=nonnull-compare' for GCC 6 (bsc#964144)
- Optimizations remove null pointer checks for 'this'
- Clean-up trailing white-space
- 3.2.5
==== marble ====
Version update (15.12.3 -> 16.04.1)
Subpackages: libastro-qt5-1 marble-data marble-devel marble-doc marble-kde
- Move marble.appdata.xml to the -kde package where the
corresponding marble.desktop is shipped too.
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
- Drop marble-glibc-2.23.patch as this is fixed upstream
==== mobipocket ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-devel mozilla-nss-tools
- add nss_gcc6_change.patch
==== net-snmp ====
Subpackages: libsnmp30 libsnmp30-32bit net-snmp-devel perl-SNMP snmp-mibs
- Fix build with perl 5.24.0:
+ Add net-snmp-5.7.3-Fix-Makefile.PL.patch: Fix build system
recursiely loading Makefile.Pl and destroying its internas.
See https://rt.perl.org/Public/Bug/Display.html?id=125907
+ net-snmp-5.7.3-Remove-U64-typedef.patch: The U64 typedef
conflicts with a typedef in a Perl header file. Hence remove
the U64 typedef from the Net-SNMP header files. Backported from
upstream commit 477b4307ef1.
==== okular ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== opal ====
- Build opal using -std=gnu++98. It's old code.
==== openCOLLADA ====
- Add openCOLLADA-signed-char.patch: Use signed char; 'char' by
itself depends on arch implementation
(gh#KhronosGroup/OpenCOLLADA#439).
==== perl ====
Version update (5.22.1 -> 5.24.0)
Subpackages: perl-32bit perl-base perl-doc
- Update to perl-5.24.0
* postfix dereferencing is no longer experimental
* unicode 8.0 is now supported
* perl will now croak when closing an in-place output file fails
* new "\b{lb}" boundary in regular expressions
* qr/(?[ ])/" now works in UTF-8 locales
* integer shift ("<<" and ">>") now more explicitly defined
* printf and sprintf now allow reordered precision arguments
* more fields provided to "sigaction" callback with "SA_SIGINFO"
* hashbang redirection to Perl 6
* set proper umask before calling mkstemp(3)
* fix loss of taint in canonpath
* remove duplicate environment variables from "environ"
- rename patch perl-5.22.0.dif to perl-5.24.0.dif
==== perl-MIME-tools ====
- Add MIME-tools-5.507-rt113887.patch from fedora
to fix test failure with new MailTools
==== perl-Module-Build ====
Version update (0.421200 -> 0.421800)
- updated to 0.4218
see /usr/share/doc/packages/perl-Module-Build/Changes
0.4218 - Sun Apr 24 16:39:47 BST 2016
- Skip XS test when link_executable fails
0.42_17 - Mon Mar 21 14:02:06 CET 2016
- Read extra_linker_flags using its accessor [Salvador Fandino]
- Convert win shell splitting to m//gc parser, fixing handling of 0
and handling of backslashes preceeding a double quote [Graham Knop]
- Win32 installation of MB with gmake require SHELL env var to be set
[bulk88]
0.4216 - Wed Jan 20 10:39:27 CET 2016
- Delete test that fails with new version.pm [Leon Timmermans]
0.42_15 - Sat Nov 28 15:17:40 CET 2015
- Honor environmental variables when using TAP::Harness directly [Leon Timmermans]
- Reintroduce some level of perl 5.6 support [Leon Timmermans]
Note that this comes with no guarantees or commitment
- Allow Devel::Cover usage with TAP::Harness [Philipp Gortan]
- Remove "running under some shell" [Shoichi Kaji]
- Fix cookbook - code was missing trailing ` [Matthew Horsfall]
0.4214 - Fri Jun 12 00:25:00 CEST 2015
- Released 0.42_13 as 0.4214
0.42_13 - Sat Jun 6 21:18:24 CEST 2015
[BUG FIXES]
- Handle failure to guess license from key better
[ENHANCEMENTS]
- Output data in a stable order [J�r�my Bobbio]
- deleted patch make-builds-reproducible.patch
==== plasma5-desktop ====
- Add Cleanup-and-fixup-KConfig-handling-for-componentchooser.patch
to fix setting the default browser (boo#931316)
- Add fix-opening-recent-docs.patch to fix opening recent documents
from the application menu on newer KF5 (boo#982146, kde#363337)
- Add 100-fix-compile-with-gcc6.diff from upstream Plasma/5.6 branch
* Fix compilation with GCC 6 (missing cmath include)
==== python-cffi ====
Version update (1.5.2 -> 1.6.0)
- Add python-cffi-avoid-bitshifting-negative-int.patch to actually
fix the "negative left shift" warning by replacing bitshifting
in appropriate places by bitwise and comparison to self; patch
taken from upstream git. Drop cffi-1.5.2-wnoerror.patch: no
longer required.
- disable "negative left shift" warning in test suite to prevent
failures with gcc6, until upstream fixes the undefined code
in question (boo#981848, cffi-1.5.2-wnoerror.patch)
- Update to version 1.6.0:
* ffi.list_types()
* ffi.unpack()
* extern ?Python+C?
* in API mode, lib.foo.__doc__ contains the C signature now.
* Yet another attempt at robustness of ffi.def_extern() against
CPython?s interpreter shutdown logic.
==== qalculate ====
Subpackages: libqalculate-devel libqalculate5
- add gcc-6-compile.patch: Fix compilation with gcc 6
==== signon-kwallet-extension ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== spectacle ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== sweeper ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== syndication ====
Version update (15.12.3 -> 16.04.1)
- Update to KDE Applications 16.04.1
* KDE Applications 16.04.1
* https://www.kde.org/announcements/announce-applications-16.04.1.php
- Update to KDE Applications 16.04.0
* KDE Applications 16.04.0
* https://www.kde.org/announcements/announce-applications-16.04.0.php
- Update to KDE Applications 16.03.90
* KDE Applications 16.04.0 RC
* https://www.kde.org/announcements/announce-applications-16.04-rc.php
==== vim ====
Version update (7.4.1816 -> 7.4.1842)
Subpackages: gvim vim-data
- Update apparmor.vim (taken from AppArmor 2.10.1)
* add support for the "unspec" network keyword
- Updated to revision 1842, fixes the following problems
* non-antialiased misnamed.
* When timer_stop() is called with a string there is no proper
error message.
* Memory leak in debug commands.
* Cannot use an Ex command for 'keywordprg'.
* Possible crash when conceal is active.
* When splitting and closing a window the status height changes.
* When using a partial on a dictionary it always gets bound to that
dictionary.
* The BufUnload event is triggered twice, when :bunload is used with
`bufhidden` set to `unload` or `delete`.
* Functions specifically for testing do not sort together.
* Cannot get the items stored in a partial.
* When using packages an "after" directory cannot be used.
* The code to reallocate the buffer used for quickfix is repeated.
* get() works for Partial but not for Funcref.
- Fix build with perl 5.24 (perl-5.24.patch)
- Updated to revision 1829, fixes the following problems
* No error when invoking a callback when it's not safe.
* May try to access buffer that's already freed.
* No message on channel log when buffer was freed.
- Updated to revision 1826, fixes the following problems
* The screen is not updated if a callback is invoked when closing
a channel.
* Help completion adds @en to all matches except the first one.
* Compiler warnings when sprintf() is a macro.
* Removing language from help tags too often.
* Redirecting stdout of a channel to "null" doesn't work.
* When a job is no longer referenced and does not have an exit
callback the process may hang around in defunc state.
* When job writes to buffer nothing is written.
* Callbacks are invoked when it's not safe.
==== vlc ====
Subpackages: libvlc5 libvlccore8 vlc-noX vlc-noX-lang
- Add vlc-gcc6-buildfixes.patch: fix build with GCC 6. This patch
file is a collection of the backported commits from master:
+ 5d26efcad8d1aa5023028e3caa5a608b5e1d81fe
+ 406f697d5592752efc8a0479e48512ed20ab274b
+ 569df08d1be561022b86ce9c58dece388532e818
+ 45495aa458ef6856ee9eb18860706149148bb660
+ a7a70e8163e04244d733f4745dc8cbbc7502b830
+ ada4b4748eefcfd22f1417ed223f1381c694aa60
+ 0bcb7fd2567ba494b730234609b146cd8e23483c
+ 59678ec0b489d86f6f62cc987e21a82346f8da42
+ e8b683357b2ccc2bbd1ffbcb4783441a3620a6ea
+ ab550d60dd8d823b8ddacd2d4759f0840a9ea352
+ f5d5cb75768b692359068e837f72c9fd7cf6bd45
+ c5f80f5bc4cb498c8eb7469650437e92ae6d085a
+ 66842e08e177e3c458fa0e4db970deae84feb625
+ 98b4e987252f798213effa5ed6d19d958d6d9d42
+ d2571e643edb0f1cb217805ef8d5ac172d59a864
- Disable atmoLight sensor: pass --disable-atmo to configure. This
module fails to build with GCC 6 and has been removed upstream
for the next version of VLC already (671304).
==== webkitgtk ====
Subpackages: libjavascriptcoregtk-1_0-0 libwebkitgtk-1_0-0 libwebkitgtk-devel libwebkitgtk2-lang typelib-1_0-JavaScriptCore-1_0 typelib-1_0-WebKit-1_0
- Add webkitgtk-abs_to_fabs.patch: use fabs() instead of abs() on
floating point values.
==== webkitgtk3 ====
Subpackages: libjavascriptcoregtk-3_0-0 libwebkitgtk-3_0-0
- Add webkitgtk-abs_to_fabs.patch: use fabs() instead of abs() on
floating point values.
==== yast2-drbd ====
Version update (3.1.21 -> 3.1.22)
- bsc#981779, add IP validation check of resource.
- Version 3.1.22
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
11
12
03 Jun '16
not an openSUSE issue, but maybe others are also affected:
problem: vmware modules won't build on current kernel 4.6
fix [1]
I) vmnet.tar
- untar (i.e. aunpack)
- change ./vmnet-only/userif.c
- replace all:
"get_user_pages" to "get_user_pages_remote"
- make
- cd..
II) vmmon.tar
- untar (i.e. aunapck)
- change ./vmmon-only/linux/hostif.c
- replace all:
"get_user_pages" to "get_user_pages_remote"
- make
- cd..
III) install modules (superuser) [2]
cp vmmon.o /lib/modules/`uname -r`/kernel/drivers/misc/vmmon.ko
cp vmnet.o /lib/modules/`uname -r`/kernel/drivers/misc/vmnet.ko
depmod -a
/etc/init.d/vmware restart
HTH
tested working.
[1] https://communities.vmware.com/message/2598402#2598402
[2] https://communities.vmware.com/message/2570941#2570941
--
Cheers
Marvin
1
0
[snip]...
>>> Thanks
>>> Greg
>>
>>
>> Depending of the day and plasma5 vapor, I'm a happy/unhappy owner of a
>> Dell
>> Precision M7510 Laptop
>> since last december.
>> It has a generous Xeon Skylake inside (yes a Xeon inside a lappy) 32Gb
>> ram
>> a intel gpu M530 (optimus) disabled in bios
>> a Nvidia M200M quadro with 5 GB of ram
>> a 4k display
>> and I've took the challenge to bought the option 1TB M2 pcie SSD
>>
>> There's not that much trouble to use it as main storage you should
>> find it
>> under /dev/nvme0n1
>>
>> It's just fantastic and insane, with mine I got a ~1.8GB read and
>> ~1.4GB
>> write :-)
>> It make my previous ssd crucial looking like a Ford T ...
>>
>> you have a advanced package to install : nvme
>> which will help you to grab smart-log and other advanced commands.
>>
>> Still I don't know how much time it will survive, but in the meantime
>> what a
>> cool thing.
>>
>> Have fun.
>
> I'm already getting psyched!
>
> Since your machine is Skylake based, it would be great to know if the
> 4.4 LTS Kernel provides full support.
>
> I understand 4.4.0 didn't but there have been a lot of back ports
> done, so who knows now.
>
> I've got the 4.4.11 default kernel RPM for Tumbleweed in:
>
> /repositories/home:/gregfreemyer:/Kernel:/LTS/openSUSE_Tumbleweed/x86_64
>
> Greg
Unfortunately, I will not be able to try that one a few day before my
holidays :-)
Even today with 4.5.4 or 4.6.0 not everything work, the bluetooth failed
and also
the dell_laptop (not directly concerned) module is failing keyboard
backlight etc.
I've seen move in the direction...
If you have to use the intel gpu, I fear you need the lastest
kernel/mesa/xorg
(especially with 4k screen)
And my advise is check at least every month your mfg support website,
for newer bios.
My Dell got 8 upgrade since January, and lot of changelog is firmware
upgrade.
--
Bruno Friedmann
Ioda-Net Sàrl www.ioda-net.ch
openSUSE Member, fsfe fellowship
GPG KEY : D5C9B751C4653227
irc: tigerfoot
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
1
0
[opensuse-factory] [TW] mutt-1.6.1 unusable when built with --enable-sidebar
by Manfred Hollstein 02 Jun '16
by Manfred Hollstein 02 Jun '16
02 Jun '16
Hi there,
something in advance: I'm a long time mutt user. Therefore I'm used to
shuffle through the list of folders containing new/unread messages using
the 'c' followed by 'space' key sequence. This doesn't work anymore in
current Tumbleweed snapshots. I narrowed it down to the configure option
"--enable-sidebar", which enables some pseudo graphical functionality
for - I guess - mutt newbies. Rebuilding the otherwise unchanged
package with "--disable-sidebar" produces a normally working mutt
again. I strongly recommend to disable this code until it gets fixed.
<https://bugzilla.opensuse.org/show_bug.cgi?id=982129>
Hope this helps some otherwise potentially frustrated mutt users ;)
Thx, cheers.
l8er
manfred
5
16
Hi,
I installed Tumbleweed snapshot20160520 on our laptop, as a fresh
install, but with the existing /home dir's. Beforehand it ran 42.1,
which I had to re-install or upgrade.
Somehow I'm unable to reach websites. The (wifi)-network is running, I
can ping external addresses (e.g. 8.8.8.8, which I set up as first
nameserver), but I cannot access websites. Not as normal user, not as
root (destination host is unreachable).
Firewall is disabled, and using our phones I do get access, so it
doesn't seem a router problem to me.
I tried both networkmanager and wicked. Networkmanager keeps on asking
for the password of the router, wicked gives a working wifi-connection,
but no access to url's.
Using that laptop, with webaccess, is crucial to my wife's work, so I'm
rather desperate to get it up...
Anyone an idea?
Regards, Jogchum
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
3
2