openSUSE Factory December 2018

factory@lists.opensuse.org

76 participants
53 discussions

[opensuse-factory] Package fixes for 32-bit PowerPC

by John Paul Adrian Glaubitz

Hello! I have fixed a couple of packages for 32-bit PowerPC. These include mariadb, LLVM and the Rust compiler. mariadb is already on its way to Factory [1], LLVM and Rust are still in my home project [2]. Adrian > [1] https://build.opensuse.org/package/show/openSUSE:Factory:Staging:G/mariadb > [2] https://build.opensuse.org/project/show/home:glaubitz:powerpc-fixes -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] clementine-1.3.1-8.1 package broken on latest tumbleweed

by Greg Mohney

Hi, New user to opensuse and tumbleweed here. Running the latest snapshot 20181204, it appears a dependency for clementine-1.3.1-8.1 has been broken: merc@linux-fi5j:~> sudo zypper install clementine Loading repository data... Reading installed packages... Resolving package dependencies... Problem: nothing provides libcryptopp.so.5.6.5()(64bit) needed by clementine-1.3.1-8.1.x86_64 Solution 1: do not install clementine-1.3.1-8.1.x86_64 Solution 2: break clementine-1.3.1-8.1.x86_64 by ignoring some of its dependencies Choose from above solutions by number or cancel [1/2/c] (c): 2 [...] merc@linux-fi5j:~> clementine clementine: error while loading shared libraries: libcryptopp.so.5.6.5: cannot open shared object file: No such file or directory merc@linux-fi5j:/etc> zypper search libcrypto S | Name | Summary | Type ---+------------------------+------------------------------------------+-------- i+ | libcrypto44 | An SSL/TLS protocol implementation | package i+ | libcrypto44-32bit | An SSL/TLS protocol implementation | package i+ | libcryptopp-devel | Development files for libcryptopp, a c-> | package i+ | libcryptopp7_0_0 | Cryptographic Library for C++ | package i+ | libcryptopp7_0_0-32bit | Cryptographic Library for C++ | package libcrypto seems to have been updated and version 5 is no longer available. Thanks, Merc -- Merc mercster(a)gmail.com Yeah. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] Akonadi/Kmail with PostgreSQL as backend on Tumbleweed

by Vinzenz Vietzke

Hi, Akonadi and Kmail, walking hand in hand, are giving me itches yet again. So I dug around and came across some tutorials and hints for PostgreSQL. Unfortunately I can't find a package for PgSQL as a backend to Akonadi while other distributions have it. I already asked on /r/openSUSE but without any luck. Any hints how and where to start with Tumbleweed? Regards, vinz. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] Kernel 4.19 causing ext4 corruption

by Liam Proven

I realise that openSUSE doesn't use ext4 by default, but it's still a significant issue... E.g. both my desktop and laptop have ext4 partitions. A friend of mine contacted me to say: « Hi Liam, please note that there is a potential regression (root ext4 fs goes read-only) in the newest openSUSE-Tumbleweed-GNOME-Live-x86_64-Snapshot20181112-Media - as it already contains Linux kernel 4.19.1. How do I know? I was using Linux kernel 4.19.2 (on Ubuntu 18.04) on 2 laptops - and the root ex4 filesystem on both of them suddenly switched to read-only mode multiple times (never happened before upgrading to 4.19.x). Now I have rolled back to Linux 4.18.19 and will see if fs read-only switching continues.. » He found a related discussion: <https://askubuntu.com/questions/1092558/ubuntu-18-04-4-19-1-kernel-after-cl…> He added: « If you download the newest image from https://en.opensuse.org/openSUSE:Tumbleweed_installation (2018-11-16), it should contain kernel 4.19.1. openSUSE-Tumbleweed-GNOME-Live-x86_64-Snapshot20181118-Media.iso contains kernel 4.19.2. So... it's official now. 😀 https://www.phoronix.com/scan.php?page=news_item&px=EXT4-Linux-4.19-Corrupt… (And I can personally confirm that the issue is still present in the newest stable kernel 4.19.5.) Hi Liam, so... it's official now. 😀 https://www.phoronix.com/scan.php?page=news_item&px=EXT4-Linux-4.19-Corrupt… (And I can personally confirm that the issue is still present in the newest stable kernel 4.19.5.) » He's also raised it here: https://lkml.org/lkml/2018/12/1/576 -- Liam Proven - Technical Writer, SUSE Linux s.r.o. Corso II, Křižíkova 148/34, 186-00 Praha 8 - Karlín, Czechia Email: lproven(a)suse.com - Office telephone: +420 284 241 084 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] New TW installation on laptop very slow start-up

by Bob Williams

I have recently installed TW on an old laptop, which has been rejuvenated with a 500GB SSD and extra RAM. Previously this machine has run various versions of Windows, as well as OS Leap (42.x and 15.0). After powering on, the 5 second countdown screen appears fairly quickly, but after that it takes two or three minutes to reach the login screen, During that time, the following messages appear on the screen: [ 7.446469] PKCS#7 signature not signed with a trusted key [ 18.411645] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:34:pipe A] flip_done timed out [ 28.651636] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:34:pipe A] flip_done timed out [ 38.891625] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 49.903654] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 60.143652] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 70.383646] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 80.623658] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 90.863652] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 101.103649] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 118.255676] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 128.491663] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 138.731659] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 148.975670] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 159.211654] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 169.451641] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 200.683653] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 210.927668] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 221.163714] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out [ 235.243634] [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 245.483648] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out [ 255.723654] [drm:drm_atomic_helper_wait_for_dependencies [drm_kms_helper]] *ERROR* [CONNECTOR:55:SVIDEO-1] flip_done timed out I installed TW with all the defaults suggested by YaST, but I wonder if something is missing. The machine was originally purchased around 2009, so I think it predates Secure Boot and UEFI. Any suggestions, please? Bob -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] K8s vulnerability

by Liam Proven

I have only seen this in a Twitter post so far, and it sounds quite nasty so I thought I'd bring it to wider attention. https://twitter.com/IanColdwater/status/1069710608340275201 « More info on CVE-2018-1002105. Recently disclosed Kubernetes vulnerability allows all users, authenticated and unauthenticated, backdoor administrative access to the API server, including the kubelet...and it can't easily be detected in logs. » https://github.com/kubernetes/kubernetes/issues/71411 -- Liam Proven - Technical Writer, SUSE Linux s.r.o. Corso II, Křižíkova 148/34, 186-00 Praha 8 - Karlín, Czechia Email: lproven(a)suse.com - Office telephone: +420 284 241 084 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] New Tumbleweed snapshot 20181203 released!

by Dominique Leuenberger

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: binutils checkmedia (4.0 -> 4.1) cifs-utils (6.5 -> 6.8) digikam elfutils (0.174 -> 0.175) gnutls grilo (0.3.6 -> 0.3.7) ibus-pinyin icecream (1.1 -> 1.2) kvm_stat (4.19.1 -> 4.19.5) ldb (1.4.2 -> 1.4.3) libgcrypt libzypp (17.9.0 -> 17.10.1) man (2.7.6 -> 2.8.4) nautilus (3.30.3 -> 3.30.4) ncurses pam pixman (0.34.0 -> 0.36.0) polkit-default-privs ruby2.5 skopeo syslinux translation-update (15.0 -> 15.1) virt-manager virtualbox (5.2.20_k4.19.5_1 -> 5.2.22_k4.19.5_1) webkit2gtk3 (2.22.3 -> 2.22.4) xen zypper (1.14.16 -> 1.14.17) === Details === ==== binutils ==== Subpackages: binutils-devel - Add handle-ELF-compressed-header-alignment-correctly-by-.patch: PR23919. - Update to binutils-2_31-branch @e51abf7e3, minor bugfixes in the support for the X86_ISA_1_* notes. Adds patch binutils-2.31-branch.diff.gz . - Add binutils-revert-plt32-in-branches.diff on anything older than Tumbleweed to not break old tools not expecting PLT32 instead of PC32 relocs on x86_64. - Includes fixes for these CVEs: * from 2.30: bnc#1065643 aka CVE-2017-15996 aka PR22361 bnc#1065689 aka CVE-2017-15939 aka PR22205 bnc#1065693 aka CVE-2017-15938 aka PR22209 bnc#1068640 aka CVE-2017-16826 aka PR22376 bnc#1068643 aka CVE-2017-16832 aka PR22373 bnc#1068887 aka CVE-2017-16831 aka PR22385 bnc#1068888 aka CVE-2017-16830 aka PR22384 bnc#1068950 aka CVE-2017-16829 aka PR22307 bnc#1069176 aka CVE-2017-16828 aka PR22386 bnc#1069202 aka CVE-2017-16827 aka PR22306 * from 2.31: bnc#1077745 aka CVE-2018-6323 aka PR22746 bnc#1079103 aka CVE-2018-6543 aka PR22769 bnc#1079741 aka CVE-2018-6759 aka PR22794 bnc#1080556 aka CVE-2018-6872 aka PR22788 bnc#1081527 aka CVE-2018-7208 aka PR22741 bnc#1083528 aka CVE-2018-7570 aka PR22881 bnc#1083532 aka CVE-2018-7569 aka PR22895 bnc#1086608 aka CVE-2018-8945 aka PR22809 bnc#1086784 aka CVE-2018-7643 aka PR22905 bnc#1086786 aka CVE-2018-7642 aka PR22887 bnc#1086788 aka CVE-2018-7568 aka PR22894 bnc#1090997 aka CVE-2018-10373 aka PR23065 bnc#1091015 aka CVE-2018-10372 aka PR23064 bnc#1091365 aka CVE-2018-10535 aka PR23113 bnc#1091368 aka CVE-2018-10534 aka PR23110 - Removes binutils-fix-pr21964.diff as it's included in 2.31. Rebase testsuite.diff and aarch64-common-pagesize.patch . - Disable -z separate-code everywhere but in Tumbleweed. ==== checkmedia ==== Version update (4.0 -> 4.1) Subpackages: libmediacheck4 - merge gh#openSUSE/checkmedia#8 - fix digest calculation in tagmedia (bsc#1117499) - added testcases - adjust function descriptions - 4.1 ==== cifs-utils ==== Version update (6.5 -> 6.8) - Update to cifs-utils 6.8. + document more mount options + man pages now generated from RST files + add python-docutils build dependency + update keyring to check tarball signature + remove 0001-manpage-correct-typos-and-spelling-mistakes.patch + remove 0002-mount.cifs-document-SMBv3.1.1-and-new-seal-option.patch - Add typo corrections, better doc and configure fixes from upstream + add 0001-docs-cleanup-rst-formating.patch + add 0002-mount.cifs.rst-document-new-no-handlecache-mount-opt.patch + add 0003-manpage-update-mount.cifs-manpage-with-info-about-rd.patch + add 0004-checkopts-add-python-script-to-cross-check-mount-opt.patch + add 0005-mount.cifs.rst-document-missing-options-correct-wron.patch + add 0006-cifs-utils-support-rst2man-3.patch + add 0007-checkopts-report-duplicated-options-in-man-page.patch + add 0008-mount.cifs.rst-more-cleanups.patch + add 0009-mount.cifs.rst-document-vers-3-mount-option.patch + add 0010-mount.cifs.rst-document-vers-3.02-mount-option.patch - Cleanup spec file * assume SUSE vendor and SLE >= 11 ==== digikam ==== Subpackages: kipi-plugins kipi-plugins-lang - Add fix-black-Welcome-page-by-clicking-on-a-link.patch to fix the Welcome page getting black when clicking on a link that opens a new browser window (with QtWebEngine) ==== elfutils ==== Version update (0.174 -> 0.175) Subpackages: elfutils-lang libasm1 libdw1 libebl-plugins libelf-devel libelf1 - Update to version 0.175 readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. libdwelf: New function dwelf_elf_begin. libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. Fixes CVE-2018-18310, CVE-2018-18520 and CVE-2018-18521. - remove disable-backtrace-dwarf-test.patch patch - the test works now ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - search for guile-2.2 during configure, part of boo#1117121 add patches: * gnutls-enbale-guile-2.2.patch: search for guile-2.2 refresh patches: * disable-psk-file-test.patch: disable psk-file in Makefile.am ==== grilo ==== Version update (0.3.6 -> 0.3.7) Subpackages: grilo-lang libgrilo-0_3-0 libgrlnet-0_3-0 libgrlpls-0_3-0 typelib-1_0-Grl-0_3 - Update to version 0.3.7: + Fix crash in totem after emitting source-{add remove}. + Add grl_related_keys_{get,set}_int64 functions. + Support transform GValue on grl_data_*_for_id(). + Add per Source configs on keyfile. + Pattern matching for GRL_PLUGIN_RANKS. + Documentation improvements. + Removed Autotools supported. + Updated translations. - Add meson BuildRequires and macros, switch to meson buildsystem following upstreams changes. ==== ibus-pinyin ==== - Update ibus-pinyin.spec: To adapt to tumbleweed's update to python3. ==== icecream ==== Version update (1.1 -> 1.2) - update to 1.2 - Add more compiler flags to the list that mean build locally * -pedantic (preprocessing only) * -pedantic-errors (preprocessing only) * -fsyntax-only - don't force local compile on -include-pch - Make load calculation better - Limit amount of data sent at one time for slow networks/remotes - Many updates to the tests - Better logs of some error conditions - Build locally if it is likely that there will not be more compiles - Support adding gcc and clang to the same environment - Better handling of icerun - Cygwin now works as a client - Don't expose Host endianness to network - General code cleanup ==== kvm_stat ==== Version update (4.19.1 -> 4.19.5) * Changed the spec file to build SLE15-SP1 with the s390x patches, and added logic to the spec file to uniquely build Factory and SLE-15 as they do not require the first 44 patches, and the code base is not the same - Making kvm_stat use python3 for openSUSE (bsc#1116822) - 0047-tools-kvm_stat-switch-python-reference-to-be-explici.patch + 0047-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat2.patch + 0048-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat3.patch + 0049-tools-kvm_stat-switch-python-reference-to-be-explici.patch - Make kvm_stat use python3 (bsc#1116822) + 0044-tools-kvm_stat-Don-t-use-deprecated-file.patch + 0045-tools-kvm_stat-fix-python3-issues.patch + 0046-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat.patch + 0047-tools-kvm_stat-switch-python-reference-to-be-explici.patch * Incorporating patches and comments produced by Fei Li for SLE15-SP1 - Backport 43 kvm_stat patches between kernel v4.16-* and current v4.12.14 for the kvm_stat package. Actually some of the patches are s390x specific, and some are noarch. (FATE#325017) + 0001-tools-kvm_stat-fix-event-counts-display-for-interrup.patch + 0002-tools-kvm_stat-fix-undue-use-of-initial-sleeptime.patch + 0003-tools-kvm_stat-remove-unnecessary-header-redraws.patch + 0004-tools-kvm_stat-simplify-line-print-logic.patch + 0005-tools-kvm_stat-remove-extra-statement.patch + 0006-tools-kvm_stat-simplify-initializers.patch + 0007-tools-kvm_stat-move-functions-to-corresponding-class.patch + 0008-tools-kvm_stat-show-cursor-in-selection-screens.patch + 0009-tools-kvm_stat-display-message-indicating-lack-of-ev.patch + 0010-tools-kvm_stat-make-heading-look-a-bit-more-like-top.patch + 0011-tools-kvm_stat-rename-Current-column-to-CurAvg-s.patch + 0012-tools-kvm_stat-add-new-interactive-command-h.patch + 0013-tools-kvm_stat-add-new-interactive-command-s.patch + 0014-tools-kvm_stat-add-new-interactive-command-o.patch + 0015-tools-kvm_stat-display-guest-list-in-pid-guest-selec.patch + 0016-tools-kvm_stat-fix-error-on-interactive-command-g.patch + 0017-tools-kvm_stat-add-new-command-line-switch-i.patch + 0018-tools-kvm_stat-add-new-interactive-command-b.patch + 0019-tools-kvm_stat-add-f-help-to-get-the-available-event.patch + 0020-tools-kvm_stat-Add-Python-3-support-to-kvm_stat.patch + 0021-tools-kvm_stat-fix-command-line-option-g.patch + 0022-tools-kvm_stat-fix-drilldown-in-events-by-guests-mod.patch + 0023-tools-kvm_stat-fix-missing-field-update-after-filter.patch + 0024-tools-kvm_stat-fix-extra-handling-of-help-with-field.patch + 0025-tools-kvm_stat-add-hint-on-f-help-to-man-page.patch + 0026-tools-kvm_stat-fix-child-trace-events-accounting.patch + 0027-tools-kvm_stat-handle-invalid-regular-expressions.patch + 0028-tools-kvm_stat-suppress-usage-information-on-command.patch + 0029-tools-kvm_stat-stop-ignoring-unhandled-arguments.patch + 0030-tools-kvm_stat-add-line-for-totals.patch + 0031-tools-kvm_stat-sort-f-help-output.patch + 0032-tools-kvm_stat-simplify-the-sortkey-function.patch + 0033-tools-kvm_stat-use-a-namedtuple-for-storing-the-valu.patch + 0034-tools-kvm_stat-use-a-more-pythonic-way-to-iterate-ov.patch + 0035-tools-kvm_stat-avoid-is-for-equality-checks.patch + 0036-tools-kvm_stat-fix-crash-when-filtering-out-all-non-.patch + 0037-tools-kvm_stat-print-error-on-invalid-regex.patch + 0038-tools-kvm_stat-fix-debugfs-handling.patch + 0039-tools-kvm_stat-mark-private-methods-as-such.patch + 0040-tools-kvm_stat-eliminate-extra-guest-pid-selection-d.patch + 0041-tools-kvm_stat-separate-drilldown-and-fields-filteri.patch + 0042-tools-kvm_stat-group-child-events-indented-after-par.patch + 0043-tools-kvm_stat-print-Total-line-for-multiple-events-.patch ==== ldb ==== Version update (1.4.2 -> 1.4.3) Subpackages: libldb1 libldb1-32bit - Update to 1.4.3 + Python: Ensure ldb.Dn can accept utf8 encoded unicode (bug 13616) ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-32bit libgcrypt20-hmac - Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355) * add libgcrypt-binary_integrity_in_non-FIPS.patch ==== libzypp ==== Version update (17.9.0 -> 17.10.1) - Adapt to changes in upcoming Boost 1.69.0 - Do not fail service-refresh on a empty repoindex.xml (bnc#1116840) - version 17.10.1 (9) - str: recognize 'always' and 'never' as valid boolean strings - Fix needreboot code to use SolvableSpec parser (fate#326451) - SolvableSpec: Define a set of Solvables by ident and provides - version 17.10.0 (9) ==== man ==== Version update (2.7.6 -> 2.8.4) - Update to man-db 2.8.4 * Major changes since man-db 2.8.3: + Rely on decompressors reading from their standard input rather than redundantly passing them the input file on their command line. This works better with downstream AppArmor confinement of decompressors. + Fix invalid syntax in tmpfiles.d/man-db.conf when configured with - -disable-cache-owner. + Make seccomp sandbox allow sched_getaffinity, sometimes used by xz. + Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy as documented, not in the current directory. This was broken by the working-directory-handling changes in 2.8.3. Note that this change means that "man -l" will never use an external formatter (which was never documented behaviour and was surely a bad idea). + Make seccomp sandbox allow some shared memory operations across the board rather than just when ESET File Security is in use; the Astrill VPN seems to require something similar, and there are doubtless other such preload hacks. + Some versions of ESET File Security call msgget and msgsnd; if this program is in use, then allow those. * Major changes since man-db 2.8.2: + Make seccomp sandbox allow madvise, since that's used by lbzip2. + Make seccomp sandbox allow kill and tgkill outright, since groff uses kill to pass on signals to its child processes. + Make seccomp sandbox allow sibling architectures on x86/x86_64/x32, since people sometimes mix and match architectures there for performance reasons. + Fix version check in locale macro loading to tolerate groff release candidates. + man now only changes working directory in child processes, so never fails due to being unable to change back to its original working directory. + accessdb, apropos, and lexgrog no longer emit spurious gettext headers in their --help output when localised. * Major changes since man-db 2.8.1: + Make seccomp sandbox allow kill and tgkill when the signal is directed at the current process or one of its threads; this is needed by xz. + Make seccomp sandbox allow ioctl(fd, TIOCGWINSZ), since that's used by musl. + Work around the proprietary "ESET File Security" antivirus program in seccomp sandbox: if this is in use then we need to allow some socket-related system calls. + Work around the "snoopy" execve() wrapper and logger in seccomp sandbox: if this is in use then we need to allow some socket-related system calls. + Interpret EFAULT from seccomp_load as meaning that seccomp is unavailable, since this can be returned by some versions of qemu-user. * Major changes since man-db 2.8.0: + Fix seccomp sandbox build on Linux/POWER. + Fix manconv execution under seccomp when man is installed setuid. + Make seccomp sandbox allow mremap (used by iconv, for example). + configure now has a --without-libseccomp option to disable the use of seccomp even if the library is available. * Major changes since man-db 2.7.6.1: + Fix locale macro loading for Chinese to load the macro file corresponding to just the language part of the user's locale. + Honour --enable-cache-owner in generated systemd tmpfiles snippet rather than hardcoding "man". + If man adds prefixes to a page to handle such things as disabling hyphenation, then take account of those when looking for a preprocessor line at the start of the page. + Fix a segfault in 'man -D --help'. + Treat "\(en" as another synonym for "\-" in NAME sections. + Confine most subprocesses that handle untrusted data using seccomp. This mainly deals with subprocesses that perform encoding conversions, (de)compressors, groff programs, and a few other odds and ends. groff programs use a slightly more permissive filter since they need to create temporary files, so additional path-based confinement (e.g. using AppArmor) is still useful. If this goes wrong, then MAN_DISABLE_SECCOMP=1 can be set in the environment to disable it, but please report any such problem as a bug. + man now falls back to cat if the compile-time default pager is not executable. * Major changes since man-db 2.7.6: + Don't chmod CACHEDIR.TAG if it doesn't exist. + Correct installation of Swedish manual pages. - Modify the patches * man-db-2.6.3-listall.dif * man-db-2.6.3-man0.dif * man-db-2.6.3-section.dif * man-db-2.7.1-firefox.dif * man-db-2.7.1-security4.dif * man-db-2.7.1-zio.dif - Rename patch man-db-2.7.6.dif which is now man-db-2.8.4.dif - Add systemd timer service and its timer unit to refresh man data base daily without using cron (bsc#1115406) ==== nautilus ==== Version update (3.30.3 -> 3.30.4) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 nautilus-lang - Update to version 3.30.4: + Fix crash when opening windows quickly. + Show trash action bar when trash status changes. + Implement rename file support in dbus for integration with desktop icons extension. ==== ncurses ==== Subpackages: libncurses6 ncurses-devel ncurses-utils tack terminfo terminfo-base terminfo-screen - Remove screen.xterm from terminfo data base (boo#1103320) as with this screen uses fallback TERM=screen - Add ncurses patch 20181117 + ignore the hex/b64 $TERMINFO in toe's listing. + correct a status-check in _nc_read_tic_entry() so that if reading a hex/b64 $TERMINFO, and the $TERM does not match, fall-through to the compiled-in search list. - For screen.xterm remove also `rep' feature (repeat char) this might help on boo#1103320 - Add ncurses patch 20181110 + several workarounds to ensure proper C compiler used in parts of Ada95 tree. + update config.guess, config.sub from http://git.savannah.gnu.org/cgit/config.git ==== pam ==== Subpackages: pam-32bit pam-devel - When comparing an incoming IP address with an entry in access.conf that only specified a single host (ie no netmask), the incoming IP address was used rather than the IP address from access.conf, effectively comparing the incoming address with itself. (Also fixed a small typo while I was at it) {bsc#1115640, use-correct-IP-address.patch, CVE-2018-17953] ==== pixman ==== Version update (0.34.0 -> 0.36.0) Subpackages: libpixman-1-0 libpixman-1-0-32bit libpixman-1-0-devel - Update to version 0.36.0: + Add tests for (a)rgb floating point formats + Add support for argb/xrgb float formats, v5 + Fix stride calculation in stress-test + Adjust for clang's removal of __builtin_shuffle + Fix vector loads on ppc64le + Promote unsigned short to unsigned int explicitly + pixman-filter: Made Gaussian a bit wider + pixman-filter: Nested polynomial for cubic + pixman-filter: Fix several issues related to normalization + pixman-filter: Speed up BOX/BOX filter + pixman-filter: integral splitting is only needed for triangle filterdd + pixman-filter: Correct Simpsons integration + pixman-filter: reduce amount of malloc/free/memcpy to generate filter + pixman-image: Added enable-gnuplot config to view filters in gnuplot + pixman-fast-path.c: Pick NEAREST affine fast paths before BILINEAR ones + pixman-private: include <float.h> only in C code - Remove pixman-private-correct-include.patch: upstreamed ==== polkit-default-privs ==== - chkstat: adjust DO NOT EDIT banner in generated rules file (bsc#1099754) ==== ruby2.5 ==== Subpackages: libruby2_5-2_5 ruby2.5-devel ruby2.5-stdlib - Use parallel make. - Disable compressed sections as they are not supported by rpm (https://bugs.ruby-lang.org/issues/12934). ==== skopeo ==== - Disable ostree repository types for SLE, as this feature requires libostree that is not yet available in the Server Application module where skopeo is located. ==== syslinux ==== - Add remove-note-gnu-section.patch: strip a newly added section in order to fulfil ELF size limits expected. ==== translation-update ==== Version update (15.0 -> 15.1) Subpackages: translation-update-cs translation-update-da translation-update-de translation-update-el translation-update-en_GB translation-update-es translation-update-fr translation-update-hu translation-update-it translation-update-ja translation-update-pl translation-update-pt translation-update-pt_BR translation-update-ru translation-update-zh_CN translation-update-zh_TW - Update to Factory specific version 20181128 that contains only abandoned packages in static.tlst (bsc#1100398). - Obsolete all language packages that are no longer distributed (boo#952855#c41) and add support for it in supplementary scripts - translation-update-spec-generate-lang-list.sh: Fix Obsoletes generator. - Drop many unneeded subpackages. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1117846 - virt-manager: Checking for virtualization packages error virtman-load-stored-uris.patch ==== virtualbox ==== Version update (5.2.20_k4.19.5_1 -> 5.2.22_k4.19.5_1) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-tools virtualbox-guest-x11 - Fix the changes for kernel 4.20 API differences. The previous version compiled but had an error in logic. - Version bump to 5.2.22 (released November 09 2018 by Oracle) This is a maintenance release. The following items were fixed and/or added: Audio: fixed a regression in the Core Audio backend causing a hang when returning from host sleep when processing input buffers Audio: fixed a potential crash in the HDA emulation if a stream has no valid mixer sink attached -- thanks to Rink Springer (rink@?) Linux Additions: disable 3D for recent guests using Wayland (bug #18116) Linux Additions: fix for rebuilding kernel modules for new kernels on RPM guests Linux Additions: further fixes for Linux 4.19 Linux Additions: fixed errors rebuilding initrd files with dracut on EL 6 (bug 18055#) Linux Additions: fixed 5.2.20 regression: guests not remembering the screen size after shutdown and restart (bug #18078) Patch file "gcc8-configure.patch" removed. The issue is fixed upstream. Patch file "fixes_for_4.19.patch" removed. The issue is fixed upstream. Add file "change_default_net_adapter.patch" to set PCnet-FAST III as the default adapter. This helps with the vulnerability listed in bsc#1115041. - Update "fixes_for_4.20.patch" for one additional API change so that Kernel_HEAD_standard will build. The description of VB was modified as suggested by Jan Engelhardt. ==== webkit2gtk3 ==== Version update (2.22.3 -> 2.22.4) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Reduce memory constraints for riscv64 - Update to version 2.22.4: + Expose ENABLE_MEDIA_SOURCE as a public build option. + Fix a crash when using Cairo versions between 1.15 and 1.16.0 + Fix the build with -DLOG_DISABLED=0. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. + Fix debug builds of JavaScriptCore. + Fix several crashes and rendering issues. ==== xen ==== Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: Missing /bin/domu-xenstore. This was broken because "make package build reproducible" change. (boo#1047218, boo#1062303) This fix reverses the change to this patch. tmp_build.patch - bsc#1115040 - VUL-0: xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275) xsa275-1.patch xsa275-2.patch - bsc#1115043 - VUL-0: xen: resource accounting issues in x86 IOREQ server handling (XSA-276) xsa276-1.patch xsa276-2.patch - bsc#1115044 - VUL-0: xen: x86: incorrect error handling for guest p2m page removals (XSA-277) xsa277.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch - bsc#1115045 - VUL-0: xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses (XSA-279) xsa279.patch - bsc#1115047 - VUL-0: xen: Fix for XSA-240 conflicts with shadow paging (XSA-280) xsa280-1.patch xsa280-2.patch - bsc#1114988 - VUL-0: xen: guest use of HLE constructs may lock up host (XSA-282) 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV 5bdc31d5-VMX-fix-vmx_handle_eoi.patch - Upstream bug fixes (bsc#1027519) 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch ==== zypper ==== Version update (1.14.16 -> 1.14.17) Subpackages: zypper-aptitude zypper-log - Optionally run "zypper search-packages" after "search" (FATE#325599) - zypper.conf: Add [search]runSearchPackages config variable. - BuildRequires: libzypp-devel >= 17.10.0 - version 1.14.17 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] YaST Sprint 68 Report

by Martin Vidner

- UDF: Share big files with other operating systems - Raspberry Pi: Fully customized installation with YaST https://lizards.opensuse.org/2018/12/04/highlights-of-yast-development-spri… -- Martin Vidner, YaST Team http://en.opensuse.org/User:Mvidner

2 years, 10 months

[opensuse-factory] emacs-magit silently removed !?

by Martin Wilck

My TW update today silently removed the emacs-magit package, which I heavily depend upon for my daily work. Worse, the package in the "editors" repo is also broken, as it links to the not-anymore- existing package in openSUSE:Factory, so it's not possible to branch and reinstate the package (I suppose it can be done, but not by the usual straightforward method). The OBS log bluntly tells "The build depends on the broken emacs-dash package and I no longer use (or maintain) magit.". I don't recall having seen a call for a new maintainer for this package anywhere, nor a discussion whether this package could/should be ditched. I don't even see this removal mentioned in any of the late "New Tumbleweed snapshot" mails. The removal just came as a surprise slap in the face this morning. Sorry to say it, but this is not the kind of thing that makes me love Tumbleweed. Regards, Martin -- Dr. Martin Wilck <mwilck(a)suse.com>, Tel. +49 (0)911 74053 2107 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 years, 10 months

[opensuse-factory] New Tumbleweed snapshot 20181130 released!

by Dominique Leuenberger

2 years, 10 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

openSUSE Factory December 2018