December 2019 - openSUSE Factory - openSUSE Mailing Lists

[opensuse-factory] Tumbleweed - Review of the week 2019/52
by Dominique Leuenberger / DimStar 27 Dec '19

27 Dec '19

Dear Tumbleweed users and hackers, The year 2019 is coming to an end and this is the final week of the year. As you are surely aware, in many regions people tend to stay away from computers during this period of the year and it is thus not surprising, that Tumbleweed has been rolling a bit slower. But actually: has it? During the last week, 2 snapshots (1221 and 1225) have been published to the users. But there were also snapshots tested and discarded (e.g. 1223 and 1224). Just because we have a snapshot does not mean we distribute it (in this case the issues were around libmozjs60 switching to be an i686 base library, but polkit being an i586 application linking this library). But anyway: let’s talk about the success of this week and what updates those two published snapshots brought the users in the end: * KDE Frameworks 5.65.0 * QEmu 4.2.0 * PHP 7.4.1 * zsh 5.8 (pre2) The staging areas are still all filled up with the following updates: * Python 3.8 * Rust 1.39.0 (Thunderbird failing to build) * Mozilla Firefox 71.0 (currently staged together with rust, which I’d hope to get ready soon) * systemd 244 (Need a fix for python-prompt_toolkit1) * Qt 5.14 (looks like being ready soonish) * Kubernetes 5.17 (one failing openQA test identified) * RPM 4.15 * Linux kernel 5.4.x (kexec identified issues around the used signing infrastructure) * SQLite 3.30.1 (breaks python-Django) Cheers, Dominique

3 2

[opensuse-factory] New Tumbleweed snapshot 20191225 released!
by Dominique Leuenberger 27 Dec '19

27 Dec '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apache2 apr-util bbswitch bluez boost-base boost-extra ca-certificates-mozilla catfish (1.4.10 -> 1.4.11) ccache (3.7.5 -> 3.7.6) dracut (049+git115.c2d8d6fb -> 049+git116.e9995c78) exo (0.12.10 -> 0.12.11) ftgl (2.1.3~rc5 -> 2.4.0) fuse3 (3.8.0 -> 3.9.0) gcc9 (9.2.1+r275327 -> 9.2.1+r279103) gdb geoclue2 (2.5.3 -> 2.5.4) geronimo-specs git (2.24.0 -> 2.24.1) glib-networking (2.62.1 -> 2.62.2) gnome-autoar (0.2.3 -> 0.2.4) gnome-settings-daemon (3.34.1+3 -> 3.34.2+0) gnome-shell (3.34.1+14 -> 3.34.2+0) gobject-introspection gpg2 (2.2.18 -> 2.2.19) grantlee5 (5.1.0 -> 5.2.0) grantleetheme graphite2 greybird-geeko-theme (3.22.10.1+git39.ffde076 -> 3.22.10.1+git48.35f7cb8) groff groff-full grub2 gstreamer-plugins-base gtk2 gtkmm3 hexchat (2.14.2 -> 2.14.3) iptables (1.8.3 -> 1.8.4) java-11-openjdk kcalutils kdevelop5 kdump kwin5 ldb less libdbusmenu-gtk2 libdbusmenu-gtk3 libebml (1.3.9 -> 1.3.10) libmbim (1.20.2 -> 1.20.4) libmicrohttpd (0.9.68 -> 0.9.69) libosinfo (1.6.0 -> 1.7.1) libqmi (1.24.0 -> 1.24.2) libsolv (0.7.9 -> 0.7.10) libssh (0.9.2 -> 0.9.3) libxml2 libxml2-python3 libzypp (17.17.0 -> 17.20.0) lilv llvm9 (9.0.0 -> 9.0.1) lvm2 lvm2-device-mapper mariadb mokutil nagios (4.4.3 -> 4.4.5) nftables (0.9.2 -> 0.9.3) opencv3 (3.4.7 -> 3.4.8) openssl-1_1 osinfo-db (20191108 -> 20191125) p11-kit patterns-base perl-HTTP-Date (6.03 -> 6.05) perl-Net-DBus (1.1.0 -> 1.2.0) php7 (7.4.0 -> 7.4.1) polari (3.34.0 -> 3.34.1) policycoreutils python python-base python-paramiko (2.6.0 -> 2.7.1) python-pywbem (0.14.6 -> 0.15.0) python-redis python-requests python-scipy (1.3.2 -> 1.4.1) remmina (1.3.7 -> 1.3.8) rubygem-actioncable-5.2 (5.2.4 -> 5.2.4.1) rubygem-actionmailer-5.2 (5.2.4 -> 5.2.4.1) rubygem-actionpack-5.2 (5.2.4 -> 5.2.4.1) rubygem-actionview-5.2 (5.2.4 -> 5.2.4.1) rubygem-activejob-5.2 (5.2.4 -> 5.2.4.1) rubygem-activemodel-5.2 (5.2.4 -> 5.2.4.1) rubygem-activerecord-5.2 (5.2.4 -> 5.2.4.1) rubygem-activestorage-5.2 (5.2.4 -> 5.2.4.1) rubygem-activesupport-5.2 (5.2.4 -> 5.2.4.1) rubygem-rails-5.2 (5.2.4 -> 5.2.4.1) rubygem-railties-5.2 (5.2.4 -> 5.2.4.1) salt samba (4.11.2+git.99.f93cc798f2e -> 4.11.3+git.102.3e2882ca77e) sssd tbb (2019_20190605 -> 2020.0) tmux tumbler (0.2.7 -> 0.2.8) unbound (1.9.5 -> 1.9.6) virglrenderer virtualbox xen (4.13.0_03 -> 4.13.0_04) zchunk (1.1.0 -> 1.1.4) zsh (5.7.1 -> 5.8~pre2) zxing-cpp === Details === ==== apache2 ==== Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - add openssl call to DEFAULT_SUSE comment [bsc#1159480] - modified sources % apache2-ssl-global.conf ==== apr-util ==== Subpackages: apr-util-devel libapr-util1 - fix linking with libpq - modified patches % apr-util-postgresql.patch ==== bbswitch ==== - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: allow OBS to shortcut through the -mini flavors. ==== bluez ==== Subpackages: libbluetooth3 - add NoSource tag for omitting README.md from src.rpm - move all deprecated tools into bluez-deprecated package which can be disabled by prjconf in OBS. - bluez-deprecated will go away before end of 2020 in Tumbleweed! ==== boost-base ==== Subpackages: boost-license1_71_0 boost1_71_0-jam libboost_date_time1_71_0 libboost_filesystem1_71_0 libboost_headers1_71_0-devel libboost_iostreams1_71_0 libboost_locale1_71_0 libboost_program_options1_71_0 libboost_regex1_71_0 libboost_thread1_71_0 - Remove hardcoded abiflags (%py3_abiflags is not available for 3 years), use python3-config instead. Fixes build with Python 3.8. ==== boost-extra ==== - Remove hardcoded abiflags (%py3_abiflags is not available for 3 years), use python3-config instead. Fixes build with Python 3.8. ==== ca-certificates-mozilla ==== - make sure p11-kit with patches is installed on SLE (boo#1154871) ==== catfish ==== Version update (1.4.10 -> 1.4.11) Subpackages: catfish-lang - Update to version 1.4.11 - Radio indicators are now displayed on the layout options - Fix crashes when GdkDisplay or GdkScreen calls return None (lp#1822914) - Fix configuration of preferred window layout (bxo#16085) - Fix finding files in the target directory (bxo#15985, bxo#16233) - Fix symbolic link looping (bxo#16272) - Fix home (~) expansion for the start path - Fix asv-summary-has-dot-suffix (https://appstream.debian.org/sid/main/issues/catfish.html) - Translation Updates ==== ccache ==== Version update (3.7.5 -> 3.7.6) - Update to version 3.7.6: * The opt-in ?file_macro sloppiness? mode has been removed so that the input file path now is always included in the direct mode hash. This fixes a bug that could result in false cache hits in an edge case when ?file_macro sloppiness? is enabled and several identical source files include a relative header file with the same name but in different directories. * Statistics files are no longer lost when the filesystem of the cache is full. * Bail out on too hard Clang option -MJarg (in addition to the previous bailout of -MJ arg). * Properly handle color diagnostics in the depend mode as well. ==== dracut ==== Version update (049+git115.c2d8d6fb -> 049+git116.e9995c78) - Update to version 049+git116.e9995c78: * dracut.spec: add convertfs module correctly (boo#1158777) ==== exo ==== Version update (0.12.10 -> 0.12.11) Subpackages: exo-data exo-helpers exo-lang exo-tools libexo-1-0 libexo-2-0 - Update to version 0.12.11 * Bump documentation dates * Add *.mo to .gitignore * Revert padding patches that add too much padding in the Thunar compact view (bxo#16196) ==== ftgl ==== Version update (2.1.3~rc5 -> 2.4.0) - Update to version 2.4.0 * New setting LegacyOpenGLState(), see README-LegacyOpenGLState * Fix/silence compiler warnings version 2.3.1: * Updates to debian/ build files version 2.3.0: * Fix a memory leak * FTContour: avoid NaN for angles close to 180 degrees (see Debian bug #589601, 5.) * FTBufferGlyph: fix garbage with bitmap fonts (text is still clipped, that seems to be another problem) * FTTextureGlyphImpl: fix garbage with bitmap fonts (see Debian bug #589601, 4.) * FTPixmapGlyph: fix garbage with bitmap fonts (see Debian bug #589601, 2.) * FTOutlineGlyphImpl, FTPolygonGlyphImpl: avoid uninizitalized vectoriser in case of error (see Debian bug #589601, 1.) * Various other bugfixes collected through the years version 2.2.0: * Stable API. Public headers are now frozen. * Fixed several memory corruption and crash bugs - Sam Hocevar * Fixed several memory leaks - Sam Hocevar * Kerning and glyph performance enhancements - Sean Morrison * The library now also exports a pure C interface - Éric Beets * Inset/outset contour support for fonts - Éric Beets * Fix the FTLayout rendering - Éric Beets * Added new FTLayout and FTSimpleLayout support for layout managers - Sam Hocevar * Fixed the paths in the XCode project - Henry Maddocks * Changed the behaviour of some objects so that if there is an error their state isn't changed - Henry Maddocks * New, fast FTBufferFont texture fonts - Sam Hocevar * UTF-8 support - Daniel Remenak - Switch to maintained fork - Dropped ftgl-autoreconf.patch (merged upstream) - Refreshed install-FTVectoriser.h.patch ==== fuse3 ==== Version update (3.8.0 -> 3.9.0) Subpackages: libfuse3-3 - Update to version 3.9.0 * Added support for FUSE_EXPLICIT_INVAL_DATA to enable onl invalidate cached pages on explicit request. ==== gcc9 ==== Version update (9.2.1+r275327 -> 9.2.1+r279103) Subpackages: cpp9 gcc9-c++ gcc9-fortran gcc9-info gcc9-locale gcc9-objc libasan5 libatomic1 libgcc_s1 libgcc_s1-32bit libgfortran5 libgomp1 libitm1 liblsan0 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-devel-gcc9 libstdc++6-locale libstdc++6-pp-gcc9 libstdc++6-pp-gcc9-32bit libtsan0 libubsan1 - Update to gcc-9-branch head (r279103). * Includes gcc9-pr91772.patch - Refresh gcc48-remove-mpfr-2.4.0-requirement.patch to apply again. - Use new license and header also in gcc.spec.in to reduce churn with format_spec_file. - Use BuildRoot tag again for old distros (SLE-11). - Make cross-arm-gcc a gcc_icecream cross. Remove the disabling of debuginfo stripping. [bsc#1152590] ==== gdb ==== - Fix build with gcc 10 [bsc#1158539, swo#24653]. * gdb-0001-remove-alloca-0-calls.patch ==== geoclue2 ==== Version update (2.5.3 -> 2.5.4) Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0 - Update to version 2.5.4: + Plug a leak that becomes pretty huge after a while of running Geoclue. + Fix a buffer-overflow. ==== geronimo-specs ==== - Set version for the specs comming from tag 1_1_1 in order to avoid unexpanded version macros in pom files. ==== git ==== Version update (2.24.0 -> 2.24.1) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.24.1: * CVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (boo#1158785) * CVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (boo#1158787) * CVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (boo#1158788) * CVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (boo#1158789) * CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (boo#1158790) * CVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (boo#1158791) * CVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (boo#1158792) * CVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (boo#1158793) * CVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (boo#1158795) ==== glib-networking ==== Version update (2.62.1 -> 2.62.2) Subpackages: glib-networking-lang - Update to version 2.62.1: + Fix handshake_context crashes. ==== gnome-autoar ==== Version update (0.2.3 -> 0.2.4) Subpackages: libgnome-autoar-0-0 libgnome-autoar-gtk-0-0 - Update to version 0.2.4: + Use autoreconf instead of deprecated gnome-common. ==== gnome-settings-daemon ==== Version update (3.34.1+3 -> 3.34.2+0) Subpackages: gnome-settings-daemon-lang - Update to version 3.34.2+0: + media-keys: Place spawned processes into a systemd scope + smartcard: Initialize a pointer before use ==== gnome-shell ==== Version update (3.34.1+14 -> 3.34.2+0) Subpackages: gnome-shell-calendar gnome-shell-lang - Update to version 3.34.2+0: * popupMenu: Close when a system modal pops up * switcherPopup: Dismiss when a system modal dialog opens * weather: Only require auto-location authorization if sandboxed * util: Place spawned processes into a systemd scope * shell-global: Place launched applications into a systemd scope * Update Malay translation * closeDialog: Fix scale of dialog for x11 clients in Wayland sessions * switcherPopup: Fix scrollable check * calendar-server: Use correct timezone for all-day events * theme: Add light styling to message buttons * Update Chinese (Taiwan) translation * appIcon: Draw running dot above the overview icon * texture-cache: Remove also scaled keys from the cache * data: Enable clean session shutdown after gnome-shell failure * extensionSystem: Create a file to flag that extensions are being loaded * extensions-tool: Fix removing from settings list * introspect: Fix whitelist check * theme: Add :active styling to message-close and media control buttons * theme: Add message close button styling * theme: Darken hovered message-media-control button * magnifier: Use new cursor tracker API to keep wayland focus while hidden * magnifier: Use own showSystemCursor() instead of set_pointer_visible() * Update Brazilian Portuguese translation * polkitAgent: Use dialog as confirmation when the user has no password * polkitAgent: Update user name on user changes * polkitAgent: Fix a typo of a signal name * appDisplay: Add a timeout when switching pages during DnD * appDisplay: Add threshold after overshoot page switches * appDisplay: Simplify event blocking while folder is opened * appDisplay: Ensure we don't recreate existing AppIcons for folders * appDisplay: Add missing .actor * keyboard: Try harder to find a matching layout * screenShield: Replace child properties * switcherPopup: Fix last commit * switcherPopup: Improve modifier-less keybinding navigation * switcherPopup: Use roundtrip time when the popup is modifier-less * appDisplay: Don't crash if app is missing categories * panel: Update window section items on title changes * power: Handle "100% but charging" case * closeDialog: Fix dialog size when using geometry scaling * appIcon: Remove drag monitor on destroy * folderView: Reset schemas before removing the folder * baseAppView: Destroy icon when removing * allView: Rename variable * allView, frequentView: Only create icons when necessary * polkitAgent: Fix spinner * Increase .calendar-today visibility * appMenu: Hide stopped spinner actor * animation: Add parameter for hiding stopped Spinner actor * animation: Turn Spinner animate parameter into Params option ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Drop python3-Sphix BuildRequires, only used for rebuilding the website contents. ==== gpg2 ==== Version update (2.2.18 -> 2.2.19) Subpackages: gpg2-lang - update to 2.2.19: * gpg: Fix double free when decrypting for hidden recipients * gpg: Use auto-key-locate for encryption even for mail addressed given with angle brackets * gpgsm: Add special case for certain expired intermediate certificates ==== grantlee5 ==== Version update (5.1.0 -> 5.2.0) - Enable and run tests * add grantlee-5.2.0-fix-ctest-ld-library-path.patch to set correct ld library path as we skip rpath * add grantlee-5.2.0-disable-textdocument-tests.patch to disable some tests - Update to 5.2.0 * Increase CMake requirement to version 3.5 * Port scriptable extensions to QJSEngine provided by QtQml * Support reading properties from Q_GADGETS * Remove TestCocoon integration * Clean up documentation to clarify introspection requirements * Fix mixing of {% include %} and {% extends %} tags * Fix various bugs discovered by fuzzing * Remove use of TR1 library features from unit tests * Remove obsolete build options * Document that loading templates from Qt Resources is possible - Remove obsolete patches now included upstream * fix-build-with-Qt-5.13.patch * 0001-Remove-vestigial-ansi-flag.patch * 0002-Fix-mix-of-inclusion-and-extension.patch - Rebase pachtes * includes.diff - Add patch to fix segfault when mixing include and extend * 0002-Fix-mix-of-inclusion-and-extension.patch ==== grantleetheme ==== Subpackages: grantleetheme-lang libKF5GrantleeTheme5 - Require exact grantlee5 version it was built with, the plugin location contains the version so the installed plugin won't be found by different versions ==== graphite2 ==== Subpackages: libgraphite2-3 libgraphite2-3-32bit - BuildIgnore shared-mime-info, pulled in by libglib-2_0-0. Required by gvfs to do mime detection, but not required for building. ==== greybird-geeko-theme ==== Version update (3.22.10.1+git39.ffde076 -> 3.22.10.1+git48.35f7cb8) Subpackages: gtk2-metatheme-greybird-geeko gtk3-metatheme-greybird-geeko metatheme-greybird-geeko-common - Update to version 3.22.10.1+git48.35f7cb8: * Make use of symlinks * Add single-user installation instructions * Added xfwm4 dark accessibility theme * Update to upstream master ==== groff ==== - Add man page roff(7) to alternatives to avoid conflict with mandoc. ==== groff-full ==== Subpackages: gxditview - Add man page roff(7) to alternatives to avoid conflict with mandoc. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Correct awk pattern in 20_linux_xen (bsc#900418, bsc#1157912) - Correct linux and initrd handling in 20_linux_xen (bsc#1157912) M grub2-efi-xen-cfg-unquote.patch M grub2-efi-xen-chainload.patch M grub2-efi-xen-cmdline.patch M grub2-efi-xen-removable.patch ==== gstreamer-plugins-base ==== Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Enable orc / wayland-egl on SLE15. ==== gtk2 ==== Subpackages: gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-tigrigna gtk2-immodule-vietnamese gtk2-immodule-xim gtk2-lang gtk2-tools gtk2-tools-32bit libgtk-2_0-0 libgtk-2_0-0-32bit - Add Obsoletes/Provides to baselibs.conf to ensure gtk2-immodule-tigrigna-32bit can be upgraded from old version. - bsc#1158897: Remove dependency on jasper (due to planned removal) Removes JPEG2000 support. ==== gtkmm3 ==== - Update BuildRequires: pkgconfig(atkmm-1.6) >= 2.24.2; pkgconfig(giomm-2.4) >= 2.54.0. ==== hexchat ==== Version update (2.14.2 -> 2.14.3) Subpackages: hexchat-lang - update to 2.14.3 * fix various incorrect parsing of IRC messages relating to trailing parameters * fix SASL negotiation combined with multi-line cap * fix input box theming with Yaru theme * python: Work around Python 3.7 regression causing crash on unload * sysinfo: Add support for /etc/os-release * sysinfo: Ignore irrelevant mounts when calculating storage size ==== iptables ==== Version update (1.8.3 -> 1.8.4) Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins - Update to release 1.8.4 * Fix for wrong counter format in `ebtables-nft-save -c` output. * Print typical iptables-save comments in arptables- and ebtables-save, too. * xt_owner: add --suppl-groups option * Remove support for /etc/xtables.conf * Restore support for "-4" and "-6" options in rule lines. ==== java-11-openjdk ==== Subpackages: java-11-openjdk-headless - Switch back armv6 from zero platform to client JVM ==== kcalutils ==== Subpackages: kcalutils-lang libKF5CalendarUtils5 - Require exact grantlee5 version it was built with, the plugin location contains the version so the installed plugin won't be found by different versions ==== kdevelop5 ==== Subpackages: kdevelop5-lang kdevplatform kdevplatform-lang libkdevplatform54 - Require exact grantlee5 version by kdevplatform with which it was built, the plugin location contains the version so the installed plugin won't be found by different versions ==== kdump ==== - kdump-calibrate-Update-values.patch: calibrate: Update values (bsc#1130529). - kdump-prefer-by-path-and-device-mapper.patch: Prefer by-path and device-mapper aliases over kernel device names (bsc#1101149, LTC#168532). - kdump-powerpc-no-reload-on-CPU-removal.patch: powerpc: Do not reload on CPU hot removal (bsc#1133407, LTC#176111). - kdump-Add-force-option-to-KDUMP_NETCONFIG.patch: Add ":force" option to KDUMP_NETCONFIG (bsc#1108919). - kdump-Add-fence_kdump_send-when-fence-agents-installed.patch: Add fence_kdump_send when fence-agents installed (bsc#1108919). - kdump-FENCE_KDUMP_SEND-variable.patch: Use var for path of fence_kdump_send and remove the unnecessary PRESCRIPT check (bsc#1108919). - kdump-Document-fence_kdump_send.patch: Document kdump behaviour for fence_kdump_send (bsc#1108919). - kdump-nss-modules.patch: Improve the handling of NSS (bsc#1021846). - kdump-skip-mounts-if-no-proc-vmcore.patch: Skip kdump-related mounts if there is no /proc/vmcore (bsc#1102252, bsc#1125011). - kdump-clean-up-kdump-mount-points.patch: Make sure that kdump mount points are cleaned up (bsc#1102252, bsc#1125011). - kdump-Clean-up-the-use-of-current-vs-boot-network-iface.patch: Clean up the use of current vs. boot network interface names (bsc#1094444, bsc#1116463, bsc#1141064). - kdump-Use-a-custom-namespace-for-physical-NICs.patch: Use a custom namespace for physical NICs (bsc#1094444, bsc#1116463, bsc#1141064). - kdump-preserve-white-space.patch: Preserve white space when removing kernel command line options (bsc#1117652). ==== kwin5 ==== Subpackages: kwin5-lang - Add patch to fix crash in systemsettings (kde#411166): * 0001-Possible-fix-for-KDecoration-crash-in-systemsettings.patch ==== ldb ==== Subpackages: libldb2 libldb2-32bit python3-ldb - Add obsolete ldb1 directive to baselibs.conf ==== less ==== - Move lesskey* from /etc to /usr/etc ==== libdbusmenu-gtk2 ==== - Disable testtools on %arm since Valgrind is broken on armv6/7 atm ==== libdbusmenu-gtk3 ==== - Disable testtools on %arm since Valgrind is broken on armv6/7 atm ==== libebml ==== Version update (1.3.9 -> 1.3.10) - Update to version 1.3.10: * When reading binary elements with a size of 0, the element was skipped by libebml instead of returned to the calling function. ==== libmbim ==== Version update (1.20.2 -> 1.20.4) Subpackages: libmbim-glib4 mbimcli-bash-completion - Update to version 1.20.4: + libmbim-glib: - Fixed memleak when processing responses with multiple fragments. - Fixed memleak when processing failed Open operations. - Removed redundant method declaration in UUID header. ==== libmicrohttpd ==== Version update (0.9.68 -> 0.9.69) - update to 0.9.69: * If application suspends a connection before we could send 100 CONTINUE, give application another shot at queuing a reply before the upload begins. ==== libosinfo ==== Version update (1.6.0 -> 1.7.1) Subpackages: libosinfo-1_0-0 libosinfo-lang typelib-1_0-Libosinfo-1_0 - Update to version 1.7.1 Changes in this release include: * Fix usage of versioned symbols * MinGW spec file fixes and improvements * Fix pci.ids and usb.ids installation - Update to version 1.7.0 Changes in this release include: * Add API to expose a device driver "priority" * Improve media detection when using "volume-size" to distinguish medias * General improvements on OsinfoList APIs to avoid unsafe access * Minor POD fixes * Switch to meson build system * Add API to expose "firmware" support on OsinfoOS * Drop "env" type support from osinfo-detect * Print the architecture of the detected tree / media on osinfo-detect * Add API to create an OsinfoTree from a treeinfo file ==== libqmi ==== Version update (1.24.0 -> 1.24.2) Subpackages: libqmi-glib5 libqmi-tools - Update to version 1.24.2: + libqmi-glib: - message: fixed message creation on big endian systems. - message: added missing services in get_version_introduced_full(). - message: updated printable_full() to allow a NULL line_prefix. - device: updated response reception logic to make sure we check the message id before attempting to parse the contents, and if the message id doesn't match we return an early QMI_CORE_ERROR_UNEXPECTED_MESSAGE error. + pkgconfig: - Added libmbim dependency in Libs.Private, if built with QMI-over-MBIM support. + qmi-proxy: - Updated to always use the realpath of the QMI device file, so that users using different symlinks to the same device file don't get transaction ids mixed up. + Several other minor improvements and fixes. ==== libsolv ==== Version update (0.7.9 -> 0.7.10) Subpackages: libsolv-devel libsolv-tools python3-solv ruby-solv - fix solv_zchunk decoding error if large chunks are used [bnc#1159314] - build with -DENABLE_RPMDB_LIBRPM=1 on SUSE to support multiple rpm database backends - added two new function to make libzypp independent of the rpm database format - bump version to 0.7.10 ==== libssh ==== Version update (0.9.2 -> 0.9.3) Subpackages: libssh-config libssh4 - Update to version 0.9.3 * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state * SSH-01-006 General: Various unchecked Null-derefs cause DOS * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys * SSH-01-010 SSH: Deprecated hash function in fingerprinting * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access * SSH-01-001 State Machine: Initial machine states should be set explicitly * SSH-01-002 Kex: Differently bound macros used to iterate same array * SSH-01-005 Code-Quality: Integer sign confusion during assignments * SSH-01-008 SCP: Protocol Injection via unescaped File Names * SSH-01-009 SSH: Update documentation which RFCs are implemented * SSH-01-012 PKI: Information leak via uninitialized stack buffer - Rename suffix define to pkg_suffix: rpm 4.15 has suffix reserved for internal use. ==== libxml2 ==== Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools - Build python2 and python3 bindings in separate flavors. As python3-libxml2 is a dependency of e.g. itstools and thus many other packages these packages no longer have a build dependency on python2. Breaks a build loop for python2. ==== libxml2-python3 ==== - Build python2 and python3 bindings in separate flavors. As python3-libxml2 is a dependency of e.g. itstools and thus many other packages these packages no longer have a build dependency on python2. Breaks a build loop for python2. ==== libzypp ==== Version update (17.17.0 -> 17.20.0) - BuildRequires: libsolv-devel >= 0.7.10. - RpmDb: Become rpmdb backend independent (jsc#SLE-7272) - RpmDb: Close API offering a custom rpmdb path It's actually not needed and for this to work also libsolv needs to support it. You can sill use a librpmDb::db_const_iterator to access a database at a custom location (ro). - Remove legacy rpmV3database conversion code. - version 17.20.0 (20) - MediaCurl: assert cookie file has mode 0600 (bsc#1158763, CVE-2019-18900) - version 17.19.0 (12) - dup: fix removing orphaned packages dropped by to-be-installed products (bsc#1155819) - version 17.18.1 (12) - Resolver: add solution actions for SOLVER_SOLUTION_BLACK (retracted/PTF) - Solvable: add isRetracted and isPtf attributes. - version 17.18.0 (12) ==== lilv ==== - Add specific version requirement for libserd see boo#1158728 ==== llvm9 ==== Version update (9.0.0 -> 9.0.1) Subpackages: clang9 clang9-checker clang9-doc libLLVM9 libLTO9 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang9 - Update to version 9.0.1. * This release contains bug-fixes for the LLVM 9.0.0 release. This release is API and ABI compatible with 9.0.0. - Drop patches that have landed upstream: * dont-install-example-analyzer-plugins.patch * fix-module-test.patch * llvm-add-missing-include.patch - Drop set-revision.patch, don't provide revision number in clang. The upstream repository has moved from Subversion to git, so the revision number is just a hash, which limits its usefulness. - Rebase llvm-do-not-install-static-libraries.patch. ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - backport patches for lvm2 to avoid software abnormal work (bsc#1158861) + bug-1158861_01-config-remove-filter-typo.patch + bug-1158861_02-config-Fix-default-option-which-makes-no-sense.patch + bug-1158861_03-vgchange-don-t-fail-monitor-command-if-vg-is-exporte.patch + bug-1158861_04-fix-duplicate-pv-size-check.patch + bug-1158861_05-hints-fix-copy-of-filter.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch + bug-1158861_07-vgck-let-updatemetadata-repair-mismatched-metadata.patch + bug-1158861_08-hints-fix-mem-leaking-buffers.patch + bug-1158861_09-pvcreate-pvremove-fix-reacquiring-global-lock-after.patch - backport upstream patches for passing lvm2 testsuite (bsc#1158628) + bug-1158628_01-tests-replaces-grep-q-usage.patch + bug-1158628_02-tests-fix-ra-checking.patch + bug-1158628_03-tests-simplify-some-var-settings.patch + bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_05-activation-add-synchronization-point.patch + bug-1158628_06-pvmove-add-missing-synchronization.patch + bug-1158628_07-activation-extend-handling-of-pending_delete.patch + bug-1158628_08-lv_manip-add-synchronizations.patch + bug-1158628_09-lvconvert-improve-validation-thin-and-cache-pool-con.patch + bug-1158628_10-thin-activate-layer-pool-aas-read-only-LV.patch + bug-1158628_11-tests-mdadm-stop-in-test-cleanup.patch + bug-1158628_12-test-increase-size-of-raid10-LV-allowing-tests-to-su.patch + bug-1158628_13-lvconvert-fix-return-value-when-zeroing-fails.patch + bug-1158628_14-tests-add-extra-settle.patch + bug-1158628_15-test-Fix-handling-leftovers-from-previous-tests.patch - bug-1043040_test-fix-read-ahead-issues-in-test-scripts.patch ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit - backport patches for lvm2 to avoid software abnormal work (bsc#1158861) + bug-1158861_01-config-remove-filter-typo.patch + bug-1158861_02-config-Fix-default-option-which-makes-no-sense.patch + bug-1158861_03-vgchange-don-t-fail-monitor-command-if-vg-is-exporte.patch + bug-1158861_04-fix-duplicate-pv-size-check.patch + bug-1158861_05-hints-fix-copy-of-filter.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch + bug-1158861_07-vgck-let-updatemetadata-repair-mismatched-metadata.patch + bug-1158861_08-hints-fix-mem-leaking-buffers.patch + bug-1158861_09-pvcreate-pvremove-fix-reacquiring-global-lock-after.patch - backport upstream patches for passing lvm2 testsuite (bsc#1158628) + bug-1158628_01-tests-replaces-grep-q-usage.patch + bug-1158628_02-tests-fix-ra-checking.patch + bug-1158628_03-tests-simplify-some-var-settings.patch + bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_05-activation-add-synchronization-point.patch + bug-1158628_06-pvmove-add-missing-synchronization.patch + bug-1158628_07-activation-extend-handling-of-pending_delete.patch + bug-1158628_08-lv_manip-add-synchronizations.patch + bug-1158628_09-lvconvert-improve-validation-thin-and-cache-pool-con.patch + bug-1158628_10-thin-activate-layer-pool-aas-read-only-LV.patch + bug-1158628_11-tests-mdadm-stop-in-test-cleanup.patch + bug-1158628_12-test-increase-size-of-raid10-LV-allowing-tests-to-su.patch + bug-1158628_13-lvconvert-fix-return-value-when-zeroing-fails.patch + bug-1158628_14-tests-add-extra-settle.patch + bug-1158628_15-test-Fix-handling-leftovers-from-previous-tests.patch - bug-1043040_test-fix-read-ahead-issues-in-test-scripts.patch ==== mariadb ==== Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - added rpm test macros: %mysql_testserver_start, %mysql_testserver_cconf, %mysql_testserver_stop First two consuments are python-sortinghat and python-mysqlclient. ==== mokutil ==== - Add build for ppc64/ppc64le ==== nagios ==== Version update (4.4.3 -> 4.4.5) Subpackages: nagios-www - 4.4.5 * Reverted changes related to #625 due to CPU load issues * Partially reverted changes for #647 due to CPU load issues * Fixed "Quick Search" so that leading/trailing whitespace doesn't affect output (#681) (Sebastian Wolf) * Fixed build issues on non-RPM-based platforms (#617) (T.J. Yang) - 4.4.4 * Fixed log rotation logic to not repeatedly schedule rotation on a DST change (#610, #626) (Jaroslav Jindrak & Sebastian Wolf) * Fixed $SERVICEPROBLEMID$ to be reset after service recovery (#621) (Sebastian Wolf) * Fixed defunct worker processes appearing after nagios was reloaded (#441, #620) (Sebastian Wolf) * Fixed main nagios thread to release nagios.qh on a closed connection (#635) (Sebastian Wolf) * Fixed semicolon escaping to remove prepended backslash (\) (#643) (Sebastian Wolf) * Fixed 'Checks of this host have been disabled' message showing on passive-only hosts (#632) (Vojt?ch ?ir??ek & Sebastian Wolf) * Fixed last_hard_state showing the current hard state when service status is brokered (#633) (Sebastian Wolf) * Fixed long plugin output (>8KB) occasionally getting truncated (#625) (Sebastian Wolf) * Fixed check scheduling for objects with large check_intervals and small timeperiods (#647) (Sebastian Wolf) * Fixed SOFT recoveries sending when services had HARD recovery some time after host recovery (#651) (Sebastian Wolf) * Fixed incorrect permissions on debugging builds of FreeBSD (#420) (Sebastian Wolf) * Fixed NEB callback lists being partially orphaned when multiple modules subscribe to one callback (#590) (Sebastian Wolf) * Fixed memory leaks in run_async_service_check(), run_async_host_check() when checks are brokered (#664) (Sebastian Wolf) * Fixed potential XSS in main.php, map.php (#671, #672) (Jak Gibb) * Removed NEB brokering for nagios daemonization, since daemonization occurs before NEB initialization (#591) (Sebastian Wolf) ==== nftables ==== Version update (0.9.2 -> 0.9.3) Subpackages: libnftables1 - Add json, python [boo#1158723] - Update to release 0.9.3 * meta: Introduce new conditions "time", "day" and "hour". * src: add ability to set/get secmarks to/from connection. * flowtable: add support for named flowtable listing. * flowtable: add support for delete command by handle. * json: add support for element deletion. * Add `-T` as the short option for `--numeric-time`. * meta: add ibrpvid and ibrvproto support ==== opencv3 ==== Version update (3.4.7 -> 3.4.8) - Update to 3.4.8 For details, see https://github.com/opencv/opencv/wiki/ChangeLog#version348 Drop upstream CVE-2019-15939.patch - Adjust _constraints, fix out-of-disk-space failures ==== openssl-1_1 ==== Subpackages: libopenssl-1_1-devel libopenssl1_1 libopenssl1_1-32bit - Security fix: [bsc#1158809, CVE-2019-1551] * Overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli - Add openssl-1_1-CVE-2019-1551.patch ==== osinfo-db ==== Version update (20191108 -> 20191125) - Update database to version 20191125 osinfo-db-20191125.tar.xz - Update sle12sp5 definition add-sle12sp5-support.patch ==== p11-kit ==== Subpackages: libp11-kit0 libp11-kit0-32bit p11-kit-tools - Also build documentation (boo#1013125) ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - Disable purge-kernels-service dependency for now: dracut has not yet been updated to no longer ship the service file. - Support multiversion(kernel) with purge-kernels.service separated from dracut (jsc#SLE-10162, jsc#SLE-10465). ==== perl-HTTP-Date ==== Version update (6.03 -> 6.05) - updated to 6.05 see /usr/share/doc/packages/perl-HTTP-Date/Changes 6.05 2019-11-19 03:02:32Z - Bump minimum version of Time::Local to 1.28 (GH#17) (Olaf Alders) - updated to 6.04 see /usr/share/doc/packages/perl-HTTP-Date/Changes 6.04 2019-11-14 22:22:50Z - Replace vars with our (GH#15) (James Raspass) - Tidy lib and t files (GH#16) (Olaf Alders) ==== perl-Net-DBus ==== Version update (1.1.0 -> 1.2.0) - updated to 1.2.0 see /usr/share/doc/packages/perl-Net-DBus/Changes 1.2.0 2019-12-16 - Avoid memory leak with timeouts in reactor - Disable XML entity expansion in introspection XML docs - Don't include GIT repo in dist - Remove obsolete XML::Grove dep from spec - Fix GIT repo location - Fix misc typos in POD - Make reactor robust to time going backwards - Add GIT repo & bug tracker to Makefile.PL - Fix basepath when enumerating subnodes - Fix child paths in introspection XML to be relative - Support passing UNIX file descriptors - Fix encoding of properties via GetAll method - Add return & param names for standard interface introspection - Use org.freedesktop.DBus.Error.UnknownMethod error code - Fix reactor add_exception method - Enable exporting objects on the root node - Fix introspection decode with zero parameters - Validate parameters for standard methods - Validate object interface against declared method - Don't include MYMETA.* files in dist - Fix passing nomainloop parameter to constructor - Fix variant type in mock iterator ==== php7 ==== Version update (7.4.0 -> 7.4.1) Subpackages: apache2-mod_php7 php7-bcmath php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-devel php7-dom php7-exif php7-fastcgi php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-json php7-ldap php7-mbstring php7-mysql php7-odbc php7-openssl php7-pdo php7-pgsql php7-shmop php7-snmp php7-sockets php7-sqlite php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-xmlreader php7-xmlwriter php7-xsl php7-zlib - updated to 7.4.1: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.1 - deleted patches - php-fix-mysqlnd-compression-library.patch - php-fpm-service-fails-to-start.patch ==== polari ==== Version update (3.34.0 -> 3.34.1) Subpackages: polari-lang typelib-1_0-Polari-1_0 - Update to version 3.34.1: + Fix NickServ authentication without username. + Catch newly added gjs exception that prevents startup. + Fix grouping of status messages. + Misc. bug fixes and cleanups. + Updated translations. ==== policycoreutils ==== Subpackages: policycoreutils-lang python3-policycoreutils - Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262) ==== python ==== Subpackages: python-curses python-tk - Drop appstream-glib BuildRequires and no longer call appstream-util validate-relax: eliminate a build cycle between as-glib and python. The only thing would would gain by calling as-uril is catching if upstream breaks the appdata.xml file in a future release. Considering py2 is dying, chances for a new release, let alone one breaking the xml file, are slim. - Unify packages among openSUSE:Factory and SLE versions. (bsc#1159035) ; add missing records to this changelog. - Add idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830) - Add python2_split_startup Provide to make it possible to conflict older packages by shared-python-startup. ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Drop appstream-glib BuildRequires and no longer call appstream-util validate-relax: eliminate a build cycle between as-glib and python. The only thing would would gain by calling as-uril is catching if upstream breaks the appdata.xml file in a future release. Considering py2 is dying, chances for a new release, let alone one breaking the xml file, are slim. - Unify packages among openSUSE:Factory and SLE versions. (bsc#1159035) ; add missing records to this changelog. - Add idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830) - Add python2_split_startup Provide to make it possible to conflict older packages by shared-python-startup. ==== python-paramiko ==== Version update (2.6.0 -> 2.7.1) - update to 2.7.1 - add configs.tar.gz with missing test data * full changelog at http://www.paramiko.org/changelog.html ==== python-pywbem ==== Version update (0.14.6 -> 0.15.0) - Add replace-yamlordereddictloader-w-yamlloader.patch which can allow us to kick off deprecated yamlordereddictloader module from Factory again. gh#pywbem/pywbem#2022 - Add silenced_MOFCompiler.patch so we can unexclude some more tests. - Update to 0.15.0: - This release deprecates the wbemcli command. Pywbem 1.0.0 will remove the wbemcli command. The recommended replacement is the pywbemcli command from the pywbemtools package on Pypi: https://pypi.org/project/pywbemtools/ - Further changes are presented on https://pywbem.readthedocs.io/en/stable_0.15/changes.html#pywbem-0-15-0 - Depends on the acceptance of bdo#754686 - Many many tests need to be switched off (gh#pywbem/pywbem#2004) - fix unit tests (unittest2-just-say-no.patch) ==== python-redis ==== - Fix tests with redis pre 5.0.0: * 0001-fix-tests-with-redis-pre-5.0.0.patch ==== python-requests ==== - Remove python-urllib3, python-certifi and ca-certificates from main package BuildRequires, not required for building. - Do not require full python, (implicit) python-base is sufficient. ==== python-scipy ==== Version update (1.3.2 -> 1.4.1) - Update to 1.4.1 * SciPy 1.4.1 is a bug-fix release with no new features compared to 1.4.0. Importantly, it aims to fix a problem where an older version of pybind11 may cause a segmentation fault when imported alongside incompatible libraries. - Update to 1.4.0 + Highlights of this release * a new submodule, `scipy.fft`, now supersedes `scipy.fftpack`; this means support for ``long double`` transforms, faster multi-dimensional transforms, improved algorithm time complexity, release of the global intepreter lock, and control over threading behavior * support for ``pydata/sparse`` arrays in `scipy.sparse.linalg` * substantial improvement to the documentation and functionality of several `scipy.special` functions, and some new additions * the generalized inverse Gaussian distribution has been added to `scipy.stats` * an implementation of the Edmonds-Karp algorithm in `scipy.sparse.csgraph.maximum_flow` * `scipy.spatial.SphericalVoronoi` now supports n-dimensional input, has linear memory complexity, improved performance, and supports single-hemisphere generators + New features > Infrastructure * Documentation can now be built with ``runtests.py --doc`` * A ``Dockerfile`` is now available in the ``scipy/scipy-dev`` repository to acilitate getting started with SciPy development. > `scipy.constants` improvements * `scipy.constants` has been updated with the CODATA 2018 constants. > `scipy.fft` added * `scipy.fft` is a new submodule that supersedes the `scipy.fftpack` submodule. or the most part, this is a drop-in replacement for ``numpy.fft`` and scipy.fftpack` alike. With some important differences, `scipy.fft`: * uses NumPy's conventions for real transforms (``rfft``). This means the eturn value is a complex array, half the size of the full ``fft`` output. his is different from the output of ``fftpack`` which returned a real array epresenting complex components packed together. * the inverse real to real transforms (``idct`` and ``idst``) are normalized or ``norm=None`` in thesame way as ``ifft``. This means the identity `idct(dct(x)) == x`` is now ``True`` for all norm modes. * does not include the convolutions or pseudo-differential operators rom ``fftpack``. * This submodule is based on the ``pypocketfft`` library, developed by the uthor of ``pocketfft`` which was recently adopted by NumPy as well. `pypocketfft`` offers a number of advantages over fortran ``FFTPACK``: * support for long double (``np.longfloat``) precision transforms. * faster multi-dimensional transforms using vectorisation * Bluestein?s algorithm removes the worst-case ``O(n^2)`` complexity of `FFTPACK`` * the global interpreter lock (``GIL``) is released during transforms * optional multithreading of multi-dimensional transforms via the ``workers`` rgument * Note that `scipy.fftpack` has not been deprecated and will continue to be aintained but is now considered legacy. New code is recommended to use scipy.fft` instead, where possible. > `scipy.fftpack` improvements * `scipy.fftpack` now uses pypocketfft to perform its FFTs, offering the same peed and accuracy benefits listed for scipy.fft above but without the mproved API. > `scipy.integrate` improvements * The function `scipy.integrate.solve_ivp` now has an ``args`` argument. his allows the user-defined functions passed to the function to have dditional parameters without having to create wrapper functions or ambda expressions for them. * `scipy.integrate.solve_ivp` can now return a ``y_events`` attribute epresenting the solution of the ODE at event times * New ``OdeSolver`` is implemented --- ``DOP853``. This is a high-order explicit unge-Kutta method originally implemented in Fortran. Now we provide a pure ython implementation usable through ``solve_ivp`` with all its features. * `scipy.integrate.quad` provides better user feedback when break points are pecified with a weighted integrand. * `scipy.integrate.quad_vec` is now available for general purpose integration f vector-valued functions > `scipy.interpolate` improvements * `scipy.interpolate.pade` now handles complex input data gracefully * `scipy.interpolate.Rbf` can now interpolate multi-dimensional functions > `scipy.io` improvements * `scipy.io.wavfile.read` can now read data from a `WAV` file that has a alformed header, similar to other modern `WAV` file parsers * `scipy.io.FortranFile` now has an expanded set of available ``Exception`` lasses for handling poorly-formatted files > `scipy.linalg` improvements * The function ``scipy.linalg.subspace_angles(A, B)`` now gives correct esults for complex-valued matrices. Before this, the function only returned orrect values for real-valued matrices. * New boolean keyword argument ``check_finite`` for `scipy.linalg.norm`; whether o check that the input matrix contains only finite numbers. Disabling may ive a performance gain, but may result in problems (crashes, non-termination) f the inputs do contain infinities or NaNs. * `scipy.linalg.solve_triangular` has improved performance for a C-ordered riangular matrix * ``LAPACK`` wrappers have been added for ``?geequ``, ``?geequb``, ``?syequb``, nd ``?heequb`` * Some performance improvements may be observed due to an internal optimization n operations involving LAPACK routines via ``_compute_lwork``. This is articularly true for operations on small arrays. * Block ``QR`` wrappers are now available in `scipy.linalg.lapack` > `scipy.optimize` improvements * It is now possible to use linear and non-linear constraints with scipy.optimize.differential_evolution`. * `scipy.optimize.linear_sum_assignment` has been re-written in C++ to improve erformance, and now allows input costs to be infinite. * A ``ScalarFunction.fun_and_grad`` method was added for convenient simultaneous etrieval of a function and gradient evaluation * `scipy.optimize.minimize` ``BFGS`` method has improved performance by avoiding uplicate evaluations in some cases * Better user feedback is provided when an objective function returns an array nstead of a scalar. > `scipy.signal` improvements * Added a new function to calculate convolution using the overlap-add method, amed `scipy.signal.oaconvolve`. Like `scipy.signal.fftconvolve`, this unction supports specifying dimensions along which to do the convolution. * `scipy.signal.cwt` now supports complex wavelets. * The implementation of ``choose_conv_method`` has been updated to reflect the ew FFT implementation. In addition, the performance has been significantly mproved (with rather drastic improvements in edge cases). * The function ``upfirdn`` now has a ``mode`` keyword argument that can be used o select the signal extension mode used at the signal boundaries. These modes re also available for use in ``resample_poly`` via a newly added ``padtype`` rgument. * `scipy.signal.sosfilt` now benefits from Cython code for improved performance * `scipy.signal.resample` should be more efficient by leveraging ``rfft`` when ossible > `scipy.sparse` improvements * It is now possible to use the LOBPCG method in `scipy.sparse.linalg.svds`. * `scipy.sparse.linalg.LinearOperator` now supports the operation ``rmatmat`` or adjoint matrix-matrix multiplication, in addition to ``rmatvec``. * Multiple stability updates enable float32 support in the LOBPCG eigenvalue olver for symmetric and Hermitian eigenvalues problems in `scipy.sparse.linalg.lobpcg``. * A solver for the maximum flow problem has been added as scipy.sparse.csgraph.maximum_flow`. * `scipy.sparse.csgraph.maximum_bipartite_matching` now allows non-square inputs, o longer requires a perfect matching to exist, and has improved performance. * `scipy.sparse.lil_matrix` conversions now perform better in some scenarios * Basic support is available for ``pydata/sparse`` arrays in scipy.sparse.linalg` * `scipy.sparse.linalg.spsolve_triangular` now supports the ``unit_diagonal`` rgument to improve call signature similarity with its dense counterpart, scipy.linalg.solve_triangular` * ``assertAlmostEqual`` may now be used with sparse matrices, which have added upport for ``__round__`` > `scipy.spatial` improvements * The bundled Qhull library was upgraded to version 2019.1, fixing several ssues. Scipy-specific patches are no longer applied to it. * `scipy.spatial.SphericalVoronoi` now has linear memory complexity, improved erformance, and supports single-hemisphere generators. Support has also been dded for handling generators that lie on a great circle arc (geodesic input) nd for generators in n-dimensions. * `scipy.spatial.transform.Rotation` now includes functions for calculation of a ean rotation, generation of the 3D rotation groups, and reduction of rotations ith rotational symmetries. * `scipy.spatial.transform.Slerp` is now callable with a scalar argument * `scipy.spatial.voronoi_plot_2d` now supports furthest site Voronoi diagrams * `scipy.spatial.Delaunay` and `scipy.spatial.Voronoi` now have attributes or tracking whether they are furthest site diagrams > `scipy.special` improvements * The Voigt profile has been added as `scipy.special.voigt_profile`. * A real dispatch has been added for the Wright Omega function `scipy.special.wrightomega`). * The analytic continuation of the Riemann zeta function has been added. (The iemann zeta function is the one-argument variant of `scipy.special.zeta`.) * The complete elliptic integral of the first kind (`scipy.special.ellipk`) is ow available in `scipy.special.cython_special`. * The accuracy of `scipy.special.hyp1f1` for real arguments has been improved. * The documentation of many functions has been improved. > `scipy.stats` improvements * `scipy.stats.multiscale_graphcorr` added as an independence test that perates on high dimensional and nonlinear data sets. It has higher statistical ower than other `scipy.stats` tests while being the only one that operates on ultivariate data. * The generalized inverse Gaussian distribution (`scipy.stats.geninvgauss`) has een added. * It is now possible to efficiently reuse `scipy.stats.binned_statistic_dd` ith new values by providing the result of a previous call to the function. * `scipy.stats.hmean` now handles input with zeros more gracefully. * The beta-binomial distribution is now available in `scipy.stats.betabinom`. * `scipy.stats.zscore`, `scipy.stats.circmean`, `scipy.stats.circstd`, and scipy.stats.circvar` now support the ``nan_policy`` argument for enhanced andling of ``NaN`` values * `scipy.stats.entropy` now accepts an ``axis`` argument * `scipy.stats.gaussian_kde.resample` now accepts a ``seed`` argument to empower eproducibility * `scipy.stats.kendalltau` performance has improved, especially for large inputs, ue to improved cache usage * `scipy.stats.truncnorm` distribution has been rewritten to support much wider ails + Deprecated features > `scipy` deprecations * Support for NumPy functions exposed via the root SciPy namespace is deprecated nd will be removed in 2.0.0. For example, if you use ``scipy.rand`` or `scipy.diag``, you should change your code to directly use `numpy.random.default_rng`` or ``numpy.diag``, respectively. hey remain available in the currently continuing Scipy 1.x release series. * The exception to this rule is using ``scipy.fft`` as a function -- mod:`scipy.fft` is now meant to be used only as a module, so the ability to all ``scipy.fft(...)`` will be removed in SciPy 1.5.0. * In `scipy.spatial.Rotation` methods ``from_dcm``, ``as_dcm`` were renamed to `from_matrix``, ``as_matrix`` respectively. The old names will be removed in ciPy 1.6.0. * Method ``Rotation.match_vectors`` was deprecated in favor of `Rotation.align_vectors``, which provides a more logical and eneral API to the same functionality. The old method ill be removed in SciPy 1.6.0. + Backwards incompatible changes > `scipy.special` changes * The deprecated functions ``hyp2f0``, ``hyp1f2``, and ``hyp3f0`` have been emoved. * The deprecated function ``bessel_diff_formula`` has been removed. * The function ``i0`` is no longer registered with ``numpy.dual``, so that `numpy.dual.i0`` will unconditionally refer to the NumPy version regardless f whether `scipy.special` is imported. * The function ``expn`` has been changed to return ``nan`` outside of its omain of definition (``x, n < 0``) instead of ``inf``. > `scipy.sparse` changes * Sparse matrix reshape now raises an error if shape is not two-dimensional, rather than guessing what was meant. The behavior is now the same as before ciPy 1.1.0. * ``CSR`` and ``CSC`` sparse matrix classes should now return empty matrices f the same type when indexed out of bounds. Previously, for some versions f SciPy, this would raise an ``IndexError``. The change is largely motivated y greater consistency with ``ndarray`` and ``numpy.matrix`` semantics. > `scipy.signal` changes * `scipy.signal.resample` behavior for length-1 signal inputs has been ixed to output a constant (DC) value rather than an impulse, consistent with he assumption of signal periodicity in the FFT method. * `scipy.signal.cwt` now performs complex conjugation and time-reversal of avelet data, which is a backwards-incompatible bugfix for ime-asymmetric wavelets. > `scipy.stats` changes * `scipy.stats.loguniform` added with better documentation as (an alias for `scipy.stats.reciprocal``). ``loguniform`` generates random variables hat are equally likely in the log space; e.g., ``1``, ``10`` and ``100`` re all equally likely if ``loguniform(10 ** 0, 10 ** 2).rvs()`` is used. + Other changes * The ``LSODA`` method of `scipy.integrate.solve_ivp` now correctly detects stiff roblems. * `scipy.spatial.cKDTree` now accepts and correctly handles empty input data * `scipy.stats.binned_statistic_dd` now calculates the standard deviation tatistic in a numerically stable way. * `scipy.stats.binned_statistic_dd` now throws an error if the input data ontains either ``np.nan`` or ``np.inf``. Similarly, in `scipy.stats` now all ontinuous distributions' ``.fit()`` methods throw an error if the input data ontain any instance of either ``np.nan`` or ``np.inf``. - Rebase no_implicit_decl.patch - Update to 1.3.3 * Fix deadlock on osx for python 3.8 * MAINT: TST: Skip tests with multiprocessing that use "spawn" start method ==== remmina ==== Version update (1.3.7 -> 1.3.8) Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp - Update to new upstream release 1.3.8 * Avoid clearing username/domain when saving RDP password * Make Remmina news dialog modal to the main window * Change switch notebook page idle func order. * Fixing bad seat grabbing behaviour (grab all keys not working) * Adding cmake option to use latest FreeRDP symbols when compiling. * Adding default application symbolic icons * Several translation fixes - Removed obsolete remmina-1.3.7-libfreerdp-2.0.0-rc4.patch ==== rubygem-actioncable-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-actionmailer-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-actionpack-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-actionview-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-activejob-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-activemodel-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-activerecord-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-activestorage-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-activesupport-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-rails-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== rubygem-railties-5.2 ==== Version update (5.2.4 -> 5.2.4.1) - update to version 5.2.4.1 (CVE-2019-16782): https://weblog.rubyonrails.org/2019/12/18/Rails-5-2-4-1-has-been-released/ ==== salt ==== Subpackages: python3-salt salt-master salt-minion - Add missing bugzilla references: Properly handle colons in inline dicts with yamlloader (bsc#1095651) Fix corrupt public key with m2crypto python3 (bsc#1099323) Add missing dateutils import (bsc#1099945) Fix UnicodeDecodeError using is_binary check (bsc#1100225) Prevent payload crash on decoding binary data (bsc#1100697) Fix file.blockreplace to avoid throwing IndexError (bsc#1101812) Add API log rotation on SUSE package (bsc#1102218) Fix wrong recurse behavior on for linux_acl.present (bsc#1106164) Handle anycast IPv6 addresses on network.routes (bsc#1114474) Crontab module fix: file attributes option missing (bsc#1114824) Add metadata to accepted keyword arguments (bsc#1122680) Bugfix: properly refresh pillars (bsc#1125015) - xfs: do not fail if type is not present (bsc#1153611) - Added: * xfs-do-not-fails-if-type-is-not-present.patch - Don't use __python indirection macros on spec file %__python is no longer defined in RPM 4.15 (python2 is going EOL in Jan 2020); additionally, python/python3 are just binaries in the path. - Fix errors when running virt.get_hypervisor function - Added: * fix-virt.get_hypervisor-188.patch - Align virt.full_info fixes with upstream Salt - Let salt-ssh use platform-python on RHEL8 (bsc#1158441) - Added: * align-virt-full-info-fixes-with-upstream-192.patch * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch - Fix StreamClosedError issue (bsc#1157479) - Added: * fix-batch_async-obsolete-test.patch * fixing-streamclosed-issue.patch ==== samba ==== Version update (4.11.2+git.99.f93cc798f2e -> 4.11.3+git.102.3e2882ca77e) Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit - Update to samba 4.11.3 + CVE-2019-14861: DNSServer RPC server crash, an authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name; (bso#14138); (bsc#1158108). + CVE-2019-14870: DelegationNotAllowed not being enforced, the DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC; (bso#14187); (bsc#1158109). ==== sssd ==== Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap - Install infopipe dbus service (bsc#1106598) - Add systemd service unit files to manage socket or bus activated responders. - All responders except infopipe are also managed by a socket unit file. - Add missing post and postun hooks for libsss_certmap0 package. ==== tbb ==== Version update (2019_20190605 -> 2020.0) - Update to version 2020.0 * Extended task_arena interface to simplify development of NUMA-aware applications. * Added warning notifications when the deprecated functionality is used. ==== tmux ==== - Fix tmux completion ==== tumbler ==== Version update (0.2.7 -> 0.2.8) Subpackages: libtumbler-1-0 tumbler-lang - Updated to version 0.2.8 * Fix thumbnail orientation (bxo#15011) * prepend $XDG_DATA_HOME/thumbnailers/ to thumbnailers directory (bxo#15858) * Translation Updates ==== unbound ==== Version update (1.9.5 -> 1.9.6) Subpackages: libunbound8 unbound-anchor - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Allow OBS to shortcut through the -mini flavors. - update to 1.9.6 This release contains a number of security related fixes found in a security audit Features: - The unbound.conf includes are sorted ascending, for include statements with a '*' from glob. - drop-tld.diff in contrib/ : adds option drop-tld: yesno that drops 2 label queries, to stop random floods. Apply with patch -p1 < contrib/drop-tld.diff and compile. From Saksham Manchanda (Secure64). Please note that we think this will drop DNSKEY and DS lookups for tlds and hence break DNSSEC lookups for downstream clients. - Add new configure option `--enable-fully-static` to enable full static build if requested; in relation to #91. - Add make distclean that removes everything configure produced, and make maintainer-clean that removes bison and flex output. - unbound-fuzzers.tar.bz2 in contrib/ : three programs for fuzzing, that are 1:1 replacements for unbound-fuzzme.c that gets created after applying the contrib/unbound-fuzzme.patch. They are contributed by Eric Sesterhenn from X41 D-Sec. Bug Fixes: - Fix that pkg-config is setup before --enable-systemd needs it. - Fix contrib/fastrpz.patch asprintf return value checks. - ipset module #28: log that an address is added, when verbosity high. - ipset: refactor long routine into three smaller ones. - updated Makefile dependencies. - squelch DNS over TLS errors 'ssl handshake failed crypto error' on low verbosity, they show on verbosity 3 (query details), because there is a high volume and the operator cannot do anything for the remote failure. Specifically filters the high volume errors. - Fix #71: fix openssl error squelch commit compilation error. - Fix #72: configure --with-syslog-facility=LOCAL0-7 with default LOG_DAEMON (as before) can set the syslog facility that the server uses to log messages. - Use explicit bzero for wiping clear buffer of hash in cachedb, reported by Eric Sesterhenn from X41 D-Sec. - Fix #78: Memory leak in outside_network.c. - Merge pull request #76 from Maryse47: Improvements and fixes for systemd unbound.service. - oss-fuzz badge on README.md. - Fix fix for #78 to also free service callback struct. - Fix for oss-fuzz build warning. - Fix wrong response ttl for prepended short CNAME ttls, this would create a wrong zero_ttl response count with serve-expired enabled. - Merge #80 from stasic: Improve wording in man page. - Merge #82 from hardfalcon: Downgrade CAP_NET_ADMIN to CAP_NET_RAW in unbound.service. - Merge #81 from Maryse47: Consistently use /dev/urandom instead of /dev/random in scripts and docs. - Merge #83 from Maryse47: contrib/unbound.service.in: do not fork into the background. - Merge #85 for #84 from sam-lunt: Add kill capability to systemd service file to fix that systemctl reload fails. - Merge #87 from hardfalcon: Fix contrib/unbound.service.in, Drop CAP_KILL, use + prefix for ExecReload= instead. - Merge #90 from vcunat: fix build with nettle-3.5. - Fix for CVE-2019-16866. That fix is also in 1.9.4. - Merge #86 from psquarejho: Added -b source address option to smallapp/unbound-anchor.c, from Lukas Wunner. - Add doxygen comments to unbound-anchor source address code, in #86. - Merge #97: manpage: Add missing word on unbound.conf, from Erethon. - Fix #99: Memory leak in ub_ctx (event_base will never be freed). - Fix #109: check number of arguments for stdin-pipes in unbound-control and fail if too many arguments. - Merge #102 from jrtc27: Add getentropy emulation for FreeBSD. - iana portlist updated. - contrib/fastrpz.patch updated to apply for current code. - fixes for splint cleanliness, long vs int in SSL set_mode. - In unbound-host use separate variable for get_option to please code checkers. - update to bison output of 3.4.1 in code repository. - Provide a prototype for compat malloc to remove compile warning. - Portable grep usage for reuseport configure test. - Check return type of HMAC_Init_ex for openssl 0.9.8. - gitignore .source tempfile used for compatible make. - Fix for CVE-2019-18934, shell execution in ipsecmod. This fix is also in 1.9.5. - Fix authzone printout buffer length check. - Fixes to please lint checks. - Fix Integer Overflow in Regional Allocator, reported by X41 D-Sec. - Fix Unchecked NULL Pointer in dns64_inform_super() and ipsecmod_new(), reported by X41 D-Sec. - Fix Out-of-bounds Read in rr_comment_dnskey(), reported by X41 D-Sec. - Fix Integer Overflows in Size Calculations, reported by X41 D-Sec. - Fix Integer Overflow to Buffer Overflow in sldns_str2wire_dname_buf_origin(), reported by X41 D-Sec. - Fix Out of Bounds Read in sldns_str2wire_dname(), reported by X41 D-Sec. - Fix Out of Bounds Write in sldns_bget_token_par(), reported by X41 D-Sec. - Fix Out of Bounds Read in rrinternal_get_owner(), reported by X41 D-Sec. - Fix Race Condition in autr_tp_create(), reported by X41 D-Sec. - Fix Shared Memory World Writeable, reported by X41 D-Sec. - Adjust unbound-control to make stats_shm a read only operation. - Fix Weak Entropy Used For Nettle, reported by X41 D-Sec. - Fix Randomness Error not Handled Properly, reported by X41 D-Sec. - Fix Out-of-Bounds Read in dname_valid(), reported by X41 D-Sec. - Fix Config Injection in create_unbound_ad_servers.sh, reported by X41 D-Sec. - Fix Local Memory Leak in cachedb_init(), reported by X41 D-Sec. - Fix Integer Underflow in Regional Allocator, reported by X41 D-Sec. - Upgrade compat/getentropy_linux.c to version 1.46 from OpenBSD. - Synchronize compat/getentropy_win.c with version 1.5 from OpenBSD, no changes but makes the file, comments, identical. - Upgrade compat/getentropy_solaris.c to version 1.13 from OpenBSD. - Upgrade compat/getentropy_osx.c to version 1.12 from OpenBSD. - Changes to compat/getentropy files for, no link to openssl if using nettle, and hence config.h for HAVE_NETTLE variable. compat definition of MAP_ANON, for older systems. ifdef stdint.h inclusion for older systems. ifdef sha2.h inclusion for older systems. - Fixed Compat Code Diverging from Upstream, reported by X41 D-Sec. - Fix compile with --enable-alloc-checks, reported by X41 D-Sec. - Fix Terminating Quotes not Written, reported by X41 D-Sec. - Fix Useless memset() in validator, reported by X41 D-Sec. - Fix Unrequired Checks, reported by X41 D-Sec. - Fix Enum Name not Used, reported by X41 D-Sec. - Fix NULL Pointer Dereference via Control Port, reported by X41 D-Sec. - Fix Bad Randomness in Seed, reported by X41 D-Sec. - Fix python examples/calc.py for eval, reported by X41 D-Sec. - Fix comments for doxygen in dns64. - Fix dname loop maximum, reported by Eric Sesterhenn from X41 D-Sec. - Fix compiler warnings. - Merge pull request #122 from he32: In tcp_callback_writer(), don't disable time-out when changing to read. - Merge pull request #124 from rmetrich: Changed log lock from 'quick' to 'basic' because this is an I/O lock. - Fix text around serial arithmatic used for RRSIG times to refer to correct RFC number. - Fix Assert Causing DoS in synth_cname(), reported by X41 D-Sec. - Fix similar code in auth_zone synth cname to add the extra checks. - Fix Assert Causing DoS in dname_pkt_copy(), reported by X41 D-Sec. - Fix OOB Read in sldns_wire2str_dname_scan(), reported by X41 D-Sec. - Fix Out of Bounds Write in sldns_str2wire_str_buf(), reported by X41 D-Sec. - Fix Out of Bounds Write in sldns_b64_pton(), fixed by check in sldns_str2wire_int16_data_buf(), reported by X41 D-Sec. - Fix Insufficient Handling of Compressed Names in dname_pkt_copy(), reported by X41 D-Sec. - Fix Out of Bound Write Compressed Names in rdata_copy(), reported by X41 D-Sec. - Fix Hang in sldns_wire2str_pkt_scan(), reported by X41 D-Sec. This further lowers the max to 256. - Fix snprintf() supports the n-specifier, reported by X41 D-Sec. - Fix Bad Indentation, in dnscrypt.c, reported by X41 D-Sec. - Fix Client NONCE Generation used for Server NONCE, reported by X41 D-Sec. - Fix compile error in dnscrypt. - Fix _vfixed not Used, removed from sbuffer code, reported by X41 D-Sec. - Fix Hardcoded Constant, reported by X41 D-Sec. - make depend - Fix lock type for memory purify log lock deletion. - Fix testbound for alloccheck runs, memory purify and lock checks. - update contrib/fastrpz.patch to apply more cleanly. - Fix Make Test Fails when Configured With --enable-alloc-nonregional, reported by X41 D-Sec. - Fix ipsecmod compile - Fix Makefile.in for ipset module compile, from Adi Prasaja. ==== virglrenderer ==== - Add 5 security fixes * Check resource creation more thoroughly (CVE-2019-18388 bsc#1159479) 0001-5d03711-vrend-Keep-the-max-texture-sizes-in-the-vrend_state.patch 0002-0d9a2c8-vrend-Check-resource-creation-more-thoroughly.patch * check info formats in blits (CVE-2019-18390 bsc#1159478) 0003-24f67de-vrend-check-info-formats-in-blits.patch * check transfer bounds for negative values too (CVE-2019-18389 bsc#1159482) 0004-cbc8d8b-vrend-check-transfer-bounds-for-negative-values-too-.patch * check transfer iov holds enough data for the data upload (CVE-2019-18391 bsc#1159486) 0005-2abeb18-vrend-check-that-the-transfer-iov-holds-enough-data-.patch * Add an assert for allocating the intermediate texture (CVE-2019-18392 bsc#1159454) 0006-164d758-vrend-Add-an-assert-for-allocating-the-intermediate-.patch ==== virtualbox ==== Subpackages: virtualbox-guest-tools virtualbox-guest-x11 virtualbox-kmp-default - Fix build for kernel 5.5. Added file "fixes_for_5.5.patch". ==== xen ==== Version update (4.13.0_03 -> 4.13.0_04) Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1159320 - Xen logrotate file needs updated logrotate.conf - Update to Xen 4.13.0 FCS release xen-4.13.0-testing-src.tar.bz2 * Core Scheduling (contributed by SUSE) * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) * Late uCode loading (contributed by Intel) * Improved live-patching build tools (contributed by AWS) * OP-TEE support (contributed by EPAM) * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) * Dom0-less passthrough and ImageBuilder (contributed by XILINX) * Support for new Hardware - Update to Xen 4.13.0 RC4 release xen-4.13.0-testing-src.tar.bz2 - Rebase libxl.pvscsi.patch ==== zchunk ==== Version update (1.1.0 -> 1.1.4) - Update to version 1.1.4: * Simplify regex for detecting part header info * Fix coverity warnings * Open files with permissions 0666 and let umask(2) do its job. * Multipart boundary field can be quoted. ==== zsh ==== Version update (5.7.1 -> 5.8~pre2) - Update to version 5.8~pre2 (5.7.1-test-2) - Drop 1baf0d1f553631ecb641e98f4bf48bc2a44e5b82.patch, fixed upstream. - Add 1baf0d1f553631ecb641e98f4bf48bc2a44e5b82.patch to fix a re-entrancy problem. - Update to version 5.8~pre1 (5.7.1-test-1) * The zsh/zutil module's zparseopts builtin learnt an -F option to abort parsing when an unrecognised option-like parameter is encountered. * The zsh/files module gained a chmod builtin. * Several changes have been made to the way completion functions track 'precommands' (such as `command` and `env`) and determine whether the command being completed for is a shell builtin. Developers of completion functions may wish to familiarise themselves with `_normal -p` and `_pick_variant -b`. * The option CD_SILENT was added to suppress all output from cd (whether explicit or implicit with AUTO_CD). It is disabled by default. * The compadd builtin's -o option now takes an optional argument to specify the order of completion matches. This affects the display of candidate matches and the order in which they are selected when cycling between them using menu completion. * The :h and :t modifiers in parameter expansion (if braces are present), glob qualifiers and history expansion may take following decimal digit arguments in order to keep that many leading or trailing path components instead of the defaults of all but one (:h) and one (:t). In an absolute path the leading '/' counts as one component. * The functions builtin gained a -c option to efficiently copy functions. - See included ChangeLog for the complete list of changes. ==== zxing-cpp ==== - Add add-missing-includes-of-stdexcept-header.patch in order to fix boo#1158377. N��r��y隊Z)z{.��r�+�맲��r��z�^�ˬz��N�(�֜��^� ޭ隊Z)z{.��r�+��0��Ǩ�

1 0

[opensuse-factory] installation of OpenSUSE Leap-15.2 NET install x86_64 Build 542.1
by André Verwijs 27 Dec '19

27 Dec '19

general information installation of "OpenSUSE Leap-15.2 NET install x86_64 Build 542.1" installing with ACPI (Advanced Configuration and Power Interface) and/or APIC (Advanced Programmable Interrupt Controller) disabled. enabled freezes the installation process, I have older PC so that must be it.. Not sure if (relative) new PC's still supports ACPI/APIC if not, turn this off by default for successful installation. other than this the installation went well. will try to add logfiles later... thank you ----------------------------------------------------------------------------- general information so no whining please, only constructive comments.. ----------------------------------------------------------------------------- _____________________________________________________________________________ Dank U - Thank You *Twitter:* http://twitter.com/OpenSimFan *Facebook:* http://www.facebook.com/andre.verwijs *Instagram:* André Verwijs - Instagram <https://instagram.com/dutchglory> -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 0

[opensuse-factory] openSUSE:Factory - Build fail notification
by DimStar / Dominique Leuenberger 26 Dec '19

26 Dec '19

Dear Package maintainers and hackers. Below package(s) in openSUSE:Factory have been failing to build for at least 4 weeks. We tried to send out notifications to the configured bugowner/maintainers of the package(s), but so far no fix has been submitted. This probably means that the maintainer/bugowner did not yet find the time to look into the matter and he/she would certainly appreciate help to get this sorted. - hedgewars - openarena Unless somebody is stepping up and submitting fixes, the listed package(s) are going to be removed from openSUSE:Factory. Kind regards, DimStar / Dominique Leuenberger <dimstar(a)opensuse.org> N��r��y隊Z)z{.��r�+�맲��r��z�^�ˬz��N�(�֜��^� ޭ隊Z)z{.��r�+��0��Ǩ�

1 0

[opensuse-factory] Tumbleweed - Review of the week 2019/51
by Dominique Leuenberger / DimStar 26 Dec '19

26 Dec '19

Dear Tumbleweed users and hackers, The year 2019 is slowly coming to the end, yet Tumbleweed keeps on rolling (so far). During that week we could publish three snapshots (1213, 1214 and 1216). The changes contained therein were: * KDE Applications 19.12.0 * PHP 7.4 One complete snapshot was built (but not released) using kernel 5.4. Unfortunately, we had to revert this update again, as kexec functionality was non-functional with our signed kernel. The issue is being analyzed and fixes are being looked for. Unfortunately, with the holiday season, I can’t predict when this will happen. Other than that, we still have a few things piling up in stagings, like: * Python 3.8 * Rust 1.39 * systemd 244 * Qt 5.14 * Kubernetes 1.17 Unfortunately, there is also an openQA/Networking issue present at the moment. Our openQA workers are unable to connect to multiple sites (all *.opensuse.org) and thus fail to test any of the snapshots/staging areas. We are busy trying to find resources that can fix this up, but this proves not so easy over this period. I hope we can soon resume testing activity with working network setup and restart rolling Tumbleweed Cheers, Dominique

12 28

[opensuse-factory] openSUSE:Factory - Build fail notification
by DimStar / Dominique Leuenberger 24 Dec '19

24 Dec '19

Dear Package maintainers and hackers. Below package(s) in openSUSE:Factory have been failing to build for at least 4 weeks. We tried to send out notifications to the configured bugowner/maintainers of the package(s), but so far no fix has been submitted. This probably means that the maintainer/bugowner did not yet find the time to look into the matter and he/she would certainly appreciate help to get this sorted. - hercules - hpx - isapnp - libxdg-basedir - mathomatic - mimic - python-mimesis - trustedgrub Unless somebody is stepping up and submitting fixes, the listed package(s) are going to be removed from openSUSE:Factory. Kind regards, DimStar / Dominique Leuenberger <dimstar(a)opensuse.org>

1 0

[opensuse-factory] New Tumbleweed snapshot 20191221 released!
by Dominique Leuenberger 24 Dec '19

24 Dec '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 389-ds (1.4.2.4~git0.c881f6ec0 -> 1.4.2.5~git0.d52700340) ImageMagick (7.0.9.6 -> 7.0.9.8) aspell-dictionaries attica-qt5 (5.64.0 -> 5.65.0) baloo5 (5.64.0 -> 5.65.0) bison (3.4.2 -> 3.5) bluez-qt (5.64.0 -> 5.65.0) breeze5-icons (5.64.0 -> 5.65.0) clamav cryptsetup ebtables (2.0.10.4 -> 2.0.11) f2fs-tools (1.12 -> 1.13.0) frameworkintegration (5.64.0 -> 5.65.0) gnome-control-center gstreamer-plugins-bad gtk3 kactivities-stats (5.64.0 -> 5.65.0) kactivities5 (5.64.0 -> 5.65.0) karchive (5.64.0 -> 5.65.0) kauth (5.64.0 -> 5.65.0) kbookmarks (5.64.0 -> 5.65.0) kcalendarcore (5.64.0 -> 5.65.0) kcmutils (5.64.0 -> 5.65.0) kcodecs (5.64.0 -> 5.65.0) kcompletion (5.64.0 -> 5.65.0) kconfig (5.64.0 -> 5.65.0) kconfigwidgets (5.64.0 -> 5.65.0) kcontacts (5.64.0 -> 5.65.0) kcoreaddons (5.64.0 -> 5.65.0) kcrash (5.64.0 -> 5.65.0) kdbusaddons (5.64.0 -> 5.65.0) kdeclarative (5.64.0 -> 5.65.0) kded (5.64.0 -> 5.65.0) kdelibs4support (5.64.0 -> 5.65.0) kdesu (5.64.0 -> 5.65.0) kdnssd-framework (5.64.0 -> 5.65.0) kdoctools (5.64.0 -> 5.65.0) kemoticons (5.64.0 -> 5.65.0) kfilemetadata5 (5.64.0 -> 5.65.0) kglobalaccel (5.64.0 -> 5.65.0) kguiaddons (5.64.0 -> 5.65.0) kholidays (5.64.0 -> 5.65.0) khtml (5.64.0 -> 5.65.0) ki18n (5.64.0 -> 5.65.0) kiconthemes (5.64.0 -> 5.65.0) kidletime (5.64.0 -> 5.65.0) kimageformats (5.64.0 -> 5.65.0) kinit (5.64.0 -> 5.65.0) kio (5.64.0 -> 5.65.0) kirigami2 (5.64.1 -> 5.65.0) kitemmodels (5.64.0 -> 5.65.0) kitemviews (5.64.0 -> 5.65.0) kjobwidgets (5.64.0 -> 5.65.0) kjs (5.64.0 -> 5.65.0) knewstuff (5.64.0 -> 5.65.0) knotifications (5.64.0 -> 5.65.0) knotifyconfig (5.64.0 -> 5.65.0) konsole kpackage (5.64.0 -> 5.65.0) kparts (5.64.0 -> 5.65.0) kpeople5 (5.64.0 -> 5.65.0) kplotting (5.64.0 -> 5.65.0) kpty (5.64.0 -> 5.65.0) kross (5.64.0 -> 5.65.0) krunner (5.64.0 -> 5.65.0) kservice (5.64.0 -> 5.65.0) ktexteditor (5.64.0 -> 5.65.0) ktextwidgets (5.64.0 -> 5.65.0) kunitconversion (5.64.0 -> 5.65.0) kwallet (5.64.0 -> 5.65.0) kwayland (5.64.0 -> 5.65.0) kwidgetsaddons (5.64.0 -> 5.65.0) kwindowsystem (5.64.0 -> 5.65.0) kxmlgui (5.64.0 -> 5.65.0) libKF5ModemManagerQt (5.64.0 -> 5.65.0) libKF5NetworkManagerQt (5.64.0 -> 5.65.0) libcap libcontainers-common (20190923 -> 20191211) libgit2 (0.28.2 -> 0.28.4) libselinux-bindings libvirt man-pages-ja (20181215 -> 20191215) moonjit nodejs12 (12.13.1 -> 12.14.0) openblas_pthreads oxygen5-icon-theme (5.64.0 -> 5.65.0) patchutils perl-Cpanel-JSON-XS (4.17 -> 4.18) pidgin-sipe (1.24.0 -> 1.25.0) plasma-framework (5.64.0 -> 5.65.0) plymouth prison-qt5 (5.64.0 -> 5.65.0) procps (3.3.15 -> 3.3.16) purpose (5.64.0 -> 5.65.0) qemu (4.1.93 -> 4.2.0) qemu-linux-user (4.1.93 -> 4.2.0) qqc2-desktop-style (5.64.0 -> 5.65.0) rubygem-actioncable-6.0 (6.0.2 -> 6.0.2.1) rubygem-actionmailbox-6.0 (6.0.2 -> 6.0.2.1) rubygem-actionmailer-6.0 (6.0.2 -> 6.0.2.1) rubygem-actionpack-6.0 (6.0.2 -> 6.0.2.1) rubygem-actiontext-6.0 (6.0.2 -> 6.0.2.1) rubygem-actionview-6.0 (6.0.2 -> 6.0.2.1) rubygem-activejob-6.0 (6.0.2 -> 6.0.2.1) rubygem-activemodel-6.0 (6.0.2 -> 6.0.2.1) rubygem-activerecord-6.0 (6.0.2 -> 6.0.2.1) rubygem-activestorage-6.0 (6.0.2 -> 6.0.2.1) rubygem-activesupport-6.0 (6.0.2 -> 6.0.2.1) rubygem-rack (2.0.7 -> 2.0.8) rubygem-rails-6.0 (6.0.2 -> 6.0.2.1) rubygem-railties-6.0 (6.0.2 -> 6.0.2.1) rubygem-rubocop (0.77.0 -> 0.78.0) rubygem-thor (1.0.0 -> 1.0.1) sendmail solid (5.64.0 -> 5.65.0) sonnet (5.64.0 -> 5.65.0) spamassassin (3.4.2 -> 3.4.3) sudo syndication (5.64.0 -> 5.65.0) syntax-highlighting (5.64.0 -> 5.65.0) texlive threadweaver (5.64.0 -> 5.65.0) tpm2-0-tss (2.2.3 -> 2.3.0) wicked (0.6.60 -> 0.6.61) wireguard (0.0.20191212_k5.3.12_1 -> 0.0.20191219_k5.3.12_2) === Details === ==== 389-ds ==== Version update (1.4.2.4~git0.c881f6ec0 -> 1.4.2.5~git0.d52700340) Subpackages: lib389 libsvrcore0 - Update to version 1.4.2.5~git0.d52700340: * Bump version to 1.4.2.5 * Issue 50747 - Port readnsstate to dsctl * Issue 50758 - Enable CLI arg completion * Issue 50753 - Dumping the changelog to a file doesn't work * Ticket 50745: ns-slapd hangs during CleanAllRUV tests * Issue 50734 - lib389 creates non-SSCA cert DBs with misleading README.txt * Issue: 48851 - investigate and port TET matching rules filter tests(cert) * Issue: 50443 - Create a module in lib389 to Convert a byte sequence to a properly escaped for LDAP * Ticket 50664 - DS can fail to recover if an empty directory exists in db * Ticket 50736 - RetroCL trimming may crash at shutdown if trimming configuration is invalid * Ticket 50741 - bdb_start - Detected Disorderly Shutdown last time Directory Server was running * Issue 50572 - After running cl-dump dbdir/cldb/*ldif.done are not deleted * Issue 50701 - Fix type in lint report * Ticket 50729 - add support for gssapi tests on suse * Issue 50701 - Add additional healthchecks to dsconf * Issue 50711 - `dsconf security` lacks option for setting nsTLSAllowClientRenegotiation attribute * Issue 50439 - Update docker integration for Fedora * Issue: 48851 - Investigate and port TET matching rules filter tests(last test cases for match) * Issue 50499 - Fix npm audit issues * Issue 50722 - Test IDs are not unique * Issue 50712 - Version comparison doesn't work correctly on git builds * Issue 50499 - Fix npm audit issues * Issue 50706 - Missing lib389 dependency - packaging ==== ImageMagick ==== Version update (7.0.9.6 -> 7.0.9.8) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI7 libMagickWand-7_Q16HDRI7 perl-PerlMagick - version update to 7.0.9.8 * -type bilevel behavior restored, it creates a black and white image. * Support Pocketmod image format, e.g. convert -density 300 pages?.pdf pocketmod:organize.pdf * Fixed numerous issues posted to GitHub (reference https://github.com/ImageMagick/ImageMagick/issues). * Update documentation. - deleted patches - ImageMagick-targa.patch (upstreamed) ==== aspell-dictionaries ==== Subpackages: aspell-cs aspell-da aspell-de aspell-el aspell-es aspell-fr aspell-hu aspell-it aspell-pl aspell-pt_BR aspell-pt_PT aspell-ru - removing Novell residues - update: . da 1.6.36 . pt_PT 20190329 - deleted patches - aspell-dictionaries-Novellwords_extra_dict.patch (abandoned) - deleted sources - Nwordlist.tgz (abandoned) ==== attica-qt5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Attica5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== baloo5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: baloo5-file baloo5-file-lang baloo5-imports baloo5-imports-lang baloo5-kioslaves baloo5-kioslaves-lang baloo5-tools baloo5-tools-lang libKF5Baloo5 libKF5BalooEngine5 libKF5BalooEngine5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== bison ==== Version update (3.4.2 -> 3.5) Subpackages: bison-lang - Drop unnecessary autoconf BuildRequires. - Update to version 3.5: * Plenty of changes - see provided NEWS for detailed list ==== bluez-qt ==== Version update (5.64.0 -> 5.65.0) Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Fix minor issue found by EBN and typos ==== breeze5-icons ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Pixel align color-picker * Add new baloo icons * Add new preferences search icons * Use an eyedropper for color-picker icons (kde#403924) * Add "all applications" category icon ==== clamav ==== Subpackages: libclamav9 libfreshclam2 - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Aloow OBS to shortcut through the -mini flavors. ==== cryptsetup ==== Subpackages: libcryptsetup12 libcryptsetup12-32bit libcryptsetup12-hmac - Create a weak dependency cycle between libcryptsetup and libcryptsetup-hmac to make sure they are installed together (bsc#1090768) ==== ebtables ==== Version update (2.0.10.4 -> 2.0.11) - add ebtables.keyring as a Source - Update to release 2.0.11 * Add --noflush command line support for ebtables-restore * Do not print IPv6 mask if it is all ones * Allow RETURN target rules in user defined chains * ebt_ip: add support for matching ICMP type and code * ebt_ip: add support for matching IGMP type * extensions: Add string filter to ebtables * Print IPv6 prefixes in CIDR notation * extensions: Add AUDIT target * Fix incorrect IPv6 prefix formatting - Drop ebtables-v2.0.8-makefile.diff (no longer needed) - Drop ebtables-v2.0.8-initscript.diff, include-linux-if.patch (not applicable) - Drop ebtables-v2.0.10-4-audit.patch, 0001-fix-compilation-warning.patch, 0001-Use-flock-for-concurrent-option.patch, 0002-Fix-locking-if-LOCKDIR-does-not-exist.patch (merged) ==== f2fs-tools ==== Version update (1.12 -> 1.13.0) - Update to release 1.13 * introduce some preen mode in fsck.f2fs * add f2fs_io tool * add casefolding support ==== frameworkintegration ==== Version update (5.64.0 -> 5.65.0) Subpackages: frameworkintegration-plugin libKF5Style5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Conditionally set SH_ScrollBar_LeftClickAbsolutePosition based on kdeglobals setting * Set application name and version on the knshandler tool * Port away from deprecated signal KNSCore::Engine::signalError ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Add gnome-control-center-Initialize-GError-to-NULL-before-use.patch: backport upstream commit 54caab7b, initialize GError* to NULL before use, fix g-c-c crash. - Rebase gnome-control-center-more-power-button-actions.patch for 3.34: Rename 'Shutdown' to 'Force Off' and adjust the order by severity (bsc#1091796, bsc#1158476). - Add gnome-control-center-can-not-find-usermod.patch: g-c-c use command usermod to verify user is valid, usermod is in /usr/sbin, environment PATH doesn't include this path, so g-c-c can't find this command. Upstream commit c6be204 (bsc#1158341 glgo#GNOME/gnome-control-center!653). ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - Add a BuildRequires for pkgconfig(pangocairo) since it's needed by the ttmlsubs and closedcaption extensions. This is not currently a problem in openSUSE because the dependency is pulled in by other packages which are not installed in SLE. ==== gtk3 ==== Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Split API doc generation from main package using _multibuild, libgtk3 itself only takes a fraction of the time to build. ==== kactivities-stats ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kactivities5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: kactivities5-imports libKF5Activities5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * EBN KActivites transfer protocol cleanup ==== karchive ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Port to QRegularExpression ==== kauth ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Auth5 libKF5Auth5-lang libKF5AuthCore5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Install .pri file for KAuthCore ==== kbookmarks ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Bookmarks5 libKF5Bookmarks5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Simplify null check * Clean up includes * Remove unneeded moc include * Remove superflous private * Deprecate KonqBookmarkMenu and KonqBookmarkContextMenu * Move classes only used by KonqBookmarkMenu together with it. * Coding style fixes ==== kcalendarcore ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * autotests: Find perl executable on all platforms * Add some test to ensure local time handling in recurrences. * Fallback to system time zone on calendar creation with an invalid one. * Memory Calendar: avoid code duplication * Use QDate as key in mIncidencesForDate in MemoryCalendar * Handle incidences in different time zones in MemoryCalendar. ==== kcmutils ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5KCMUtils5 libKF5KCMUtils5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * [KCMultiDialog] Remove most special margins handling; it's done in KPageDialog now * KPluginSelector: use new KAboutPluginDialog * Add guard for missing kirigami * Disable the restore defaults button if the KCModule says so * Have KCModuleProxy take care of the defaulted state * Make KCModuleQml conform to the defaulted() signal ==== kcodecs ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Codecs5 libKF5Codecs5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kcompletion ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Completion5 libKF5Completion5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Refactor KHistoryComboBox::insertItems * Add missing include for Qt 5.14 build ==== kconfig ==== Version update (5.64.0 -> 5.65.0) Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigCore5-lang libKF5ConfigGui5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Don't use nullptr as flag. Make it compile against qt5.15 * Make sure to execute test with english lang * Document Notifiers setting * Only create a session config when actually restoring a session * kwriteconfig: add delete option * Add KPropertySkeletonItem * Prepare KConfigSkeletonItem to allow inheriting its private class ==== kconfigwidgets ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5ConfigWidgets5 libKF5ConfigWidgets5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * [KColorScheme] Make order of decoration colors match DecorationRole enum * [KColorScheme] Fix mistake in NShadeRoles comment * [KColorScheme/KStatefulBrush] Switch hardcoded numbers for enum items * [KColorScheme] Add items to ColorSet and Role enums for the total number of items * Remove unused include * KConfigWidgets: port away from KF5 deprecated API * Register KKeySequenceWidget to KConfigDialogManager * Adjust KCModule to also channel information about defaults ==== kcontacts ==== Version update (5.64.0 -> 5.65.0) Subpackages: kcontacts-lang libKF5Contacts5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Fix compile against qt5.15. a flags can't be nullptr ==== kcoreaddons ==== Version update (5.64.0 -> 5.65.0) Subpackages: kcoreaddons-lang libKF5CoreAddons5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Remove unused variable * Deprecate KAboutData::fromPluginMetaData, now there is KAboutPluginDialog * Add a descriptive warning when inotify_add_watch returned ENOSPC * Add test for bug "bug-414360" it's not a ktexttohtml bug ==== kcrash ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * actually set a dependency between kcrashtest and test_crasher * disable kcrashtest and its helper executable test_crasher on windows * Disable execution of test_crasher, which enters an infinite loop on Windows (one step from a fork bomb) and holds up the CI system infinitely ==== kdbusaddons ==== Version update (5.64.0 -> 5.65.0) Subpackages: kdbusaddons-tools libKF5DBusAddons5 libKF5DBusAddons5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Include API to generically implement --replace arguments ==== kdeclarative ==== Version update (5.64.0 -> 5.65.0) Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5Declarative5-lang libKF5QuickAddons5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * EBN kdeclarative transfer protocol cleanup * Adapt to change in KConfigCompiler * MAke it compile without deprecated method * make header and footer visible when they get content * support qqmlfileselectors * Allow to disable autosave behavior in ConfigPropertyMap ==== kded ==== Version update (5.64.0 -> 5.65.0) Subpackages: kded-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Remove kdeinit dependency from kded. ==== kdelibs4support ==== Version update (5.64.0 -> 5.65.0) Subpackages: kdelibs4support-lang libKF5KDELibs4Support5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Don't use nullptr/0 as flag * Fix build: remove include of no longer used & provided kgesturemap_p.h * Document how to port away from Kdeprint::createPrintDialog * remove unused kgesturemap from kaction * Docs: KIO::file_copy() is a more direct path for porting upload() ==== kdesu ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Su5 libKF5Su5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Use remove method directly ==== kdnssd-framework ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5DNSSD5 libKF5DNSSD5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kdoctools ==== Version update (5.64.0 -> 5.65.0) Subpackages: kdoctools-lang libKF5DocTools5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Catalan Works: Add missing entitie ==== kemoticons ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kfilemetadata5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: kfilemetadata5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * xattr: fix crash on dangling symlinks (kde#414227) * disable writercollectiontest when taglib is not installed ==== kglobalaccel ==== Version update (5.64.0 -> 5.65.0) Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccel5-lang libKF5GlobalAccelPrivate5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kguiaddons ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Minor qstring optimization ==== kholidays ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Holidays5 libKF5Holidays5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== khtml ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5KHtml5 libKF5KHtml5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== ki18n ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5I18n5 libKF5I18n5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Undeprecate I18N_NOOP2 ==== kiconthemes ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5IconThemes5 libKF5IconThemes5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Deprecate top-level UserIcon method, no longer used * Replace for with maths with range for ==== kidletime ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kimageformats ==== Version update (5.64.0 -> 5.65.0) Subpackages: kimageformats-eps - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kinit ==== Version update (5.64.0 -> 5.65.0) Subpackages: kinit-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Finish cleaning up autostart-related code * use more modern for construct ==== kio ==== Version update (5.64.0 -> 5.65.0) Subpackages: kio-core kio-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes since 5.64.0, only listing bugfixes: * [KFileWidget] Avoid calling slotOk right after the url changed (kde#412737) * KRun: don't override user preferred app when opening local *.*html and co. files (kde#399020) * [KPropertiesDialog] provide a way of showing the target of a symlink (kde#413002) * [Remote ioslave] Add Display Name to remote:/ (kde#414345) * Fix HTTP proxy settings (kde#414346) * [DeleteJob] Use a separate worker thread to run actual IO operation (kde#390748) * [KPropertiesDialog] Make creation date string mouse-selectable too (kde#413902) ==== kirigami2 ==== Version update (5.64.1 -> 5.65.0) Subpackages: kirigami2-lang libKF5Kirigami2-5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes since 5.64.0, only listing bugfixes: * Fix default card background (kde#414329) * Make QmlComponentsPool one instance per engine (kde#414003) * Vertically center left actions in ActionTextField (kde#413769) ==== kitemmodels ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes to list here. ==== kitemviews ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5ItemViews5 libKF5ItemViews5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Add missing include for Qt 5.14 build ==== kjobwidgets ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5JobWidgets5 libKF5JobWidgets5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kjs ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5JS5 libKF5JSApi5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== knewstuff ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5NewStuff5 libKF5NewStuff5-lang libKF5NewStuffCore5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes since 5.64.0, only listing bugfixes: * Fix i18n syntax to avoid runtime errors (kde#414498) * Correctly set i18n arguments in one pass (kde#414060) * Add OBS to screenrecorders (kde#412320) * Give some more pretty feedback in NewStuff::Page while the Engine is loading (kde#413439) * Add an overlay component for item activity feedback (kde#413441) * Only show DownloadItemsSheet if there's more than one download item (kde#413437) * Use the pointing hand cursor for the single-clickable delegates (kde#413435) * Fix the header layouts for EntryDetails and Page components (kde#413433) ==== knotifications ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Notifications5 libKF5Notifications5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Add missing include for Qt 5.14 build * Make the docs reflect that setIconName should be preferred over setPixmap when possible * Document configuration file path on Android * Disable knotification_test, which starts D-Bus if it is not already running, which on Windows causes the test to hang infinitely ==== knotifyconfig ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5NotifyConfig5 libKF5NotifyConfig5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Add ColorScheme-fix-stack-use-after-scope.patch to fix wrong background color with "Black on Random Light" color scheme (boo#1159247, kde#415242) ==== kpackage ==== Version update (5.64.0 -> 5.65.0) Subpackages: kpackage-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Remove -std=c++0x flag and duplicated -Wall flag * Remove commented cmake code * support Qt File selectors in KPackage ==== kparts ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Parts5 libKF5Parts5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Remove more dead code as a consequence of nepomuk removal long ago * Mark BrowserRun::simpleSave properly as deprecated * BrowserOpenOrSaveQuestion: move AskEmbedOrSaveFlags enum from BrowserRun ==== kpeople5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: kpeople5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Allow triggering sort from QML * Port deprecated method * Make it compile with qt >= 5.14 without deprecated method ==== kplotting ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Add missing include for Qt 5.14 build ==== kpty ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Pty5 libKF5Pty5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kross ==== Version update (5.64.0 -> 5.65.0) Subpackages: kross-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * loadLibrary: Use enum values to define what type of plugin we load ==== krunner ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Use ECMGenerateExportHeader to manage deprecated API better * Include KDE CMake settings macros as first * KRunner: port away from deprecated KF5 API * Remove unused variable "package" ==== kservice ==== Version update (5.64.0 -> 5.65.0) Subpackages: kservice-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== ktexteditor ==== Version update (5.64.0 -> 5.65.0) Subpackages: ktexteditor-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * KateModeManager::updateFileType(): validate modes and reload menu of the status bar * Remove unused include * Remove KIconThemes use * Verify modes of the session config file * LGPLv2+ after ok by Svyatoslav Kuzmich * restore files pre-format * don't touch templates/ ==== ktextwidgets ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5TextWidgets5 libKF5TextWidgets5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Remove unused kregexpeditorinterface include * Fix compilation for users of kregexpeditorinterface.h * deprecate kregexpeditorinterface * [kfinddialog] Remove usage of kregexpeditor plugin system ==== kunitconversion ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5UnitConversion5 libKF5UnitConversion5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kwallet ==== Version update (5.64.0 -> 5.65.0) Subpackages: kwallet-tools kwallet-tools-lang kwalletd5 kwalletd5-lang libKF5Wallet5 libkwalletbackend5-5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== kwayland ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Make test more tolerant timing-wise * Don't use nullptr to flags * [server] Do not own dmabuf implementation * [server] Make double-buffered properties in xdg-shell double-buffered * Add missing include for Qt 5.14 build ==== kwidgetsaddons ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5WidgetsAddons5 libKF5WidgetsAddons5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * [KSqueezedTextLabel] Add icon for "Copy entire text" action * Remove unused signal we can use directly "signal(const QUrl&) * Unify KPageDialog margin handling into KPageDialog itself (kde#413181) ==== kwindowsystem ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5WindowSystem5 libKF5WindowSystem5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Adjust count after _GTK_FRAME_EXTENTS addition * Add support for _GTK_FRAME_EXTENTS * use modern for syntax ==== kxmlgui ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5XmlGui5 libKF5XmlGui5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Unbreak last commit: still install normal headers as before * Drop unused broken KGesture support * Move comment to the right place * Port foreach * Port away from KTextWidgets * Add KAboutPluginDialog, to be used with KPluginMetaData * Enable -DKF_DISABLE_DEPRECATED_BEFORE_AND_AT=0x053f00 * Also allow invoking session restoration logic when apps are manually launched * Add missing property to KKeySequenceWidget ==== libKF5ModemManagerQt ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== libKF5NetworkManagerQt ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== libcap ==== - Remove pam_cap (bsc#1150522) since this PAM module is a bad idea, security wise. ==== libcontainers-common ==== Version update (20190923 -> 20191211) - Update to image 5.0.0 - Clean up various imports primarily so that imports of packages that aren't in the standard library are all in one section. - Update to major version v5 - return resp error message - copy.Image(): select the CopySystemImage image using the source context - Add manifest list support - docker: handle http 429 status codes - allow for .dockercfg files to reside in non-home directories - Use the correct module path in (make test-skopeo) - Update to libpod 1.6.3 - Handling of the libpod.conf configuration file has seen major changes. Most significantly, rootless users will no longer automatically receive a complete configuration file when they first use Podman, and will instead only receive differences from the global configuration. - Initial support for the CNI DNS plugin, which allows containers to resolve the IPs of other containers via DNS name, has been added - Podman now supports anonymous named volumes, created by specifying only a destination to the -v flag to the podman create and podman run commands - Named volumes now support uid and gid options in --opt o=... to set UID and GID of the created volume - Update to storage 1.15.3 - overlay: allow storing images with more than 127 layers - Lazy initialize the layer store - tarlogger: drop state mutex ==== libgit2 ==== Version update (0.28.2 -> 0.28.4) - libgit2 0.28.4: * CVE-2019-1348: the fast-import stream command "feature export-marks=path" allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. (boo#1158785) * CVE-2019-1349: by using NTFS 8.3 short names, backslashes or alternate filesystreams, it is possible to cause submodules to be written into pre-existing directories during a recursive clone using git. As libgit2 rejects cloning into non-empty directories by default, it is not susceptible to this vulnerability. (boo#1158787) * CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability. (boo#1158788) * CVE-2019-1351: Windows provides the ability to substitute drive letters with arbitrary letters, including multi-byte Unicode letters. To fix any potential issues arising from interpreting such paths as relative paths, we have extended detection of DOS drive prefixes to accomodate for such cases. (boo#1158790) * CVE-2019-1352: by using NTFS-style alternative file streams for the ".git" directory, it is possible to overwrite parts of the repository. While this has been fixed in the past for Windows, the same vulnerability may also exist on other systems that write to NTFS filesystems. We now reject any paths starting with ".git:" on all systems. (boo#1158790) * CVE-2019-1353: by using NTFS-style 8.3 short names, it was possible to write to the ".git" directory and thus overwrite parts of the repository, leading to possible remote code execution. While this problem was already fixed in the past for Windows, other systems accessing NTFS filesystems are vulnerable to this issue too. We now enable NTFS protecions by default on all systems to fix this attack vector. (boo#1158791) * CVE-2019-1354: on Windows, backslashes are not a valid part of a filename but are instead interpreted as directory separators. As other platforms allowed to use such paths, it was possible to write such invalid entries into a Git repository and was thus an attack vector to write into the ".git" dierctory. We now reject any entries starting with ".git" on all systems. (boo#1158792) * CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution. As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability. (boo#1158793) - libgit2 0.28.3: * A carefully constructed commit object with a very large number of parents may have lead to out-of-bounds writes or potential denial of service (boo#1158981) ==== libselinux-bindings ==== - Added swig4_moduleimport.patch to prevent import errors due to SWIG 4 ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - virt-create-rootfs: add SLE 15 and SLE 12 service packs support bsc#1154093 ==== man-pages-ja ==== Version update (20181215 -> 20191215) - version update to 20191215 * added and improved manual pages ==== moonjit ==== - Ignore make check error for PowerPC until upstream solved issue https://github.com/moonjit/moonjit/issues/40 - do the same for %arm rather than to disable all %check. - Disable %check on %arm until the following issue is fixed: https://github.com/moonjit/moonjit/issues/9 - Use %_lib ==== nodejs12 ==== Version update (12.13.1 -> 12.14.0) Subpackages: nodejs12-devel npm12 - Update to LTS release 12.14.0: * deps: update npm to 6.13.4 fixing an arbitrary path overwrite and access via "bin" field (bsc#1159352, CVE-2019-16777, CVE-2019-16776, CVE-2019-16775) - refreshed: fix_ci_tests.patch versioned.patch ==== openblas_pthreads ==== - Add gcc10-Support-two-digit-version-numbers-in-gcc-version-che.patch in order to fix boo#1158727. ==== oxygen5-icon-theme ==== Version update (5.64.0 -> 5.65.0) Subpackages: oxygen5-icon-theme-large - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * EBN cleanup of autotests transfer protocol * Symlink microphone to audio-input-microphone on all sizes (kde#398160) ==== patchutils ==== - Drop xmlto dependency as it would introduce build cycle - Modernise spec file ==== perl-Cpanel-JSON-XS ==== Version update (4.17 -> 4.18) - updated to 4.18 see /usr/share/doc/packages/perl-Cpanel-JSON-XS/Changes 4.18 2019-12-13 (rurban) - Add new method ->type_all_string (#156 by Pali). When type_all_string is set then encode method produce stable deterministic string types in result JSON. This can be an alternative to Cpanel::JSON::XS::Type when having deterministic output is required but string JSON types are enough for any output. - Move SvGETMAGIC() from encode_av() and encode_hv() to encode_sv() (#156 by Pali) - Add Math::BigInt and Math::BigFloat as recommended dependences (#157 by Pali and Grinnz) ==== pidgin-sipe ==== Version update (1.24.0 -> 1.25.0) Subpackages: libpurple-plugin-sipe libpurple-plugin-sipe-lang pidgin-plugin-sipe - Update to version 1.25.0: * Provide idle start time for a buddy. * RTF support (incoming) + the code only extracts plain text from incoming RTF. * Fix build with glib-2.0 >= 2.62.0. * Inconsistent parsing of From:/To: headers. * Raise BR telepathy-glib >= 0.24.0. * Switch from GPLv2+ to SPDX identifier GPL-2.0-or-later. - Drop openSUSE Leap 42.x support. ==== plasma-framework ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Plasma5 plasma-framework-components plasma-framework-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes to list here. ==== plymouth ==== Subpackages: libply-boot-client5 libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Avoid inconsistencies in library package names causing unresolvable dependencies, replace all soversion occurences with a macro. ==== prison-qt5 ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Prison5 prison-qt5-imports - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - No code change since 5.64.0 ==== procps ==== Version update (3.3.15 -> 3.3.16) - Update to procps-ng-3.3.16 * library: Increment to 8:2:0 No removals or functions Internal changes only, so revision is incremented. Previous version should have been 8:1:0 not 8:0:1 * docs: Use correct symbols for -h option in free.1 Debian #898774 * docs: ps.1 now warns about command name length issue #101 * docs: install translated man pages issue #146 * pgrep: Match on runstate issue #109, Debian #919381 * snice: Fix matching on pid merge #89 * top: can now exploit 256-color terminals issue #96 * top: preserves 'other filters' in configuration file issue #99 * top: can now collapse/expand forest view children issue #99 * top: parent %CPU time includes collapsed children * top: improve xterm support for vim navigation keys issue #135 * top: avoid segmentation fault at program termination Redhat #1737552 - Port patches (mostly changed offsets of the hunks) * procps-ng-3.3.10-fdleak.dif * procps-ng-3.3.10-large_pcpu.patch * procps-ng-3.3.10-slab.patch * procps-ng-3.3.10-xen.dif * procps-ng-3.3.8-bnc634840.patch * procps-ng-3.3.8-petabytes.patch * procps-ng-3.3.8-readeof.patch * procps-ng-3.3.8-tinfo.dif * procps-ng-3.3.8-vmstat-terabyte.dif * procps-v3.3.3-read-sysctls-also-from-boot-sysctl.conf-kernelversion.diff - Delete patches now upstream * procps-ng-3.3.15-typo.patch * procps-ng-3.3.8-top.1.diff - Add aptch procps-ng-3.3.16-comm_len.patch * "ps -C" does not allow anymore an argument longer than 15 characters (bsc#1158830) ==== purpose ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Purpose5 libKF5PurposeWidgets5 purpose-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * include the cmake command we are about to use ==== qemu ==== Version update (4.1.93 -> 4.2.0) Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Update to v4.2.0: See http://wiki.qemu.org/ChangeLog/4.2 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * x86: Denverton, Snowridge, and Dhyana CPU models added * x86: Latest version of all CPU models how have TSX (HLE and RTM) disabled by default * x86: Support for AVX512 BFloat16 extensions * x86: VMX features exposed more accurately and controllably * s390: TCG now implements IEP (Instruction Execution Protection) * PowerPC: POWER8 and POWER9 non-virtualized machines separated out * PowerPC: RTAS now comes from SLOF instead of QEMU itself * PowerPC: Unplug of multifunction PCI devices now unplugs the whole slot, as in x86 * ARM: Support for >256 CPUs with KVM is fixed * ARM: Memory hotplug now supported , when using UEFI, ACPI, for virt machine type * ARM: SVE support possuble now for KVM guests * ARM: ACPI generic event device can now deliver powerdown event * The backend device can be specified for a guest audio device * virtio v1.1 packed virtqueues supported * Socket based character device backends now support TCP keep-alive * Use encryption library cipher mode facilities, allowing improved performance for eg. AES-XTS encrption * Misc block device improvements, esp. with nbd - See the following few release-candidate changelog entries for additional changes related to this release - Switched package build to be out-of-tree - Update to v4.2.0-rc5: See http://wiki.qemu.org/ChangeLog/4.2 - Update to v4.2.0-rc4: See http://wiki.qemu.org/ChangeLog/4.2 * Update the support documents used for SUSE SLE releases to cover this qemu release ==== qemu-linux-user ==== Version update (4.1.93 -> 4.2.0) - Update to v4.2.0: See http://wiki.qemu.org/ChangeLog/4.2 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * x86: Denverton, Snowridge, and Dhyana CPU models added * x86: Latest version of all CPU models how have TSX (HLE and RTM) disabled by default * x86: Support for AVX512 BFloat16 extensions * x86: VMX features exposed more accurately and controllably * s390: TCG now implements IEP (Instruction Execution Protection) * PowerPC: POWER8 and POWER9 non-virtualized machines separated out * PowerPC: RTAS now comes from SLOF instead of QEMU itself * PowerPC: Unplug of multifunction PCI devices now unplugs the whole slot, as in x86 * ARM: Support for >256 CPUs with KVM is fixed * ARM: Memory hotplug now supported , when using UEFI, ACPI, for virt machine type * ARM: SVE support possuble now for KVM guests * ARM: ACPI generic event device can now deliver powerdown event * The backend device can be specified for a guest audio device * virtio v1.1 packed virtqueues supported * Socket based character device backends now support TCP keep-alive * Use encryption library cipher mode facilities, allowing improved performance for eg. AES-XTS encrption * Misc block device improvements, esp. with nbd - See the following few release-candidate changelog entries for additional changes related to this release - Switched package build to be out-of-tree - Update to v4.2.0-rc5: See http://wiki.qemu.org/ChangeLog/4.2 - Update to v4.2.0-rc4: See http://wiki.qemu.org/ChangeLog/4.2 * Update the support documents used for SUSE SLE releases to cover this qemu release ==== qqc2-desktop-style ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Fix typo in name of installed CMake Config: Deskop->Desktop * Make it compile against qt5.14 without deprecated method * [TabBar] Use window color instead of button color (kde#413311) * bind enabled properties to the view enabled * [ToolTip] Base timeout on text length * [ComboBox] Don't dim Popup * [ComboBox] Don't indicate focus when popup is open * [ComboBox] Follow focusPolicy ==== rubygem-actioncable-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-actionmailbox-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-actionmailer-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-actionpack-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * Fix possible information leak / session hijacking vulnerability. The ActionDispatch::Session::MemcacheStore is still vulnerable given it requires the gem dalli to be updated as well. (CVE-2019-16782) ==== rubygem-actiontext-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-actionview-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-activejob-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-activemodel-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-activerecord-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-activestorage-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-activesupport-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-rack ==== Version update (2.0.7 -> 2.0.8) - updated to version 2.0.8 * CVE-2019-16782: Possible information leak / session hijack vulnerability ==== rubygem-rails-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-railties-6.0 ==== Version update (6.0.2 -> 6.0.2.1) - updated to version 6.0.2.1 * no changes ==== rubygem-rubocop ==== Version update (0.77.0 -> 0.78.0) - New upstream release 0.78.0 [#]## New features * [#7528](https://github.com/rubocop-hq/rubocop/pull/7528): Add new `Lint/NonDeterministicRequireOrder` cop. ([@mangara][]) * [#7559](https://github.com/rubocop-hq/rubocop/pull/7559): Add `EnforcedStyleForExponentOperator` parameter to `Layout/SpaceAroundOperators` cop. ([@khiav223577][]) [#]## Bug fixes * [#7530](https://github.com/rubocop-hq/rubocop/issues/7530): Typo in `Style/TrivialAccessors`'s `AllowedMethods`. ([@movermeyer][]) * [#7532](https://github.com/rubocop-hq/rubocop/issues/7532): Fix an error for `Style/TrailingCommaInArguments` when using an anonymous function with multiple line arguments with `EnforcedStyleForMultiline: consistent_comma`. ([@koic][]) * [#7534](https://github.com/rubocop-hq/rubocop/issues/7534): Fix an incorrect autocorrect for `Style/BlockDelimiters` cop and `Layout/SpaceBeforeBlockBraces` cop with `EnforcedStyle: no_space` when using multiline braces. ([@koic][]) * [#7231](https://github.com/rubocop-hq/rubocop/issues/7231): Fix the exit code to be `2` rather when `0` when the config file contains an unknown cop. ([@jethroo][]) * [#7513](https://github.com/rubocop-hq/rubocop/issues/7513): Fix abrupt error on autocorrecting with `--disable-uncorrectable`. ([@tejasbubane][]) * [#7537](https://github.com/rubocop-hq/rubocop/issues/7537): Fix a false positive for `Layout/SpaceAroundOperators` when using a Rational literal with `/` (e.g. `2/3r`). ([@koic][]) * [#7029](https://github.com/rubocop-hq/rubocop/issues/7029): Make `Style/Attr` not flag offense for custom `attr` method. ([@tejasbubane][]) * [#7574](https://github.com/rubocop-hq/rubocop/issues/7574): Fix a corner case that made `Style/GuardClause` crash. ([@buehmann][]) [#]## Changes * [#7514](https://github.com/rubocop-hq/rubocop/pull/7514): Expose correctable status on offense and in formatters. ([@tyler-ball][]) * [#7542](https://github.com/rubocop-hq/rubocop/pull/7542): **(Breaking)** Move `LineLength` cop from `Metrics` department to `Layout` department. ([@koic][]) ==== rubygem-thor ==== Version update (1.0.0 -> 1.0.1) - updated to version 1.0.1 * Fix thor when `thor/base` and `thor/group` are required without `thor.rb`. * Handle relative source path in `create_link`. ==== sendmail ==== Subpackages: libmilter1_0 - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Allow OBS to shortcut through the -mini flavors. ==== solid ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5Solid5 libKF5Solid5-lang solid-imports solid-tools - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * [udisks2] fix media change detection for external optical drives (kde#394348) ==== sonnet ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5SonnetCore5 libKF5SonnetCore5-lang libKF5SonnetUi5 - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Rename signal for avoiding overload signal * Disable ispell backend with mingw * fix windows compile * Implement ISpellChecker backend for Windows >= 8 * Basic cross-compiling support for parsetrigrams * no trigrams for cross compiling at the moment, like before * embed trigrams.map into shared library ==== spamassassin ==== Version update (3.4.2 -> 3.4.3) Subpackages: perl-Mail-SpamAssassin - remove old (compiled) rules in /var/lib/spamassassin directory after package upgrade and remove entirely upon package removal - add BuildRequires for perl(Archive::Zip) and perl(IO::String) - update spamassassin to 3.4.3 * There is one new plugin (disabled by default) OLEVBMacro - Detects both OLE macros and VB code inside Office documents * Two CVE security bug fixes are included in this release CVE-2019-12420 for Multipart Denial of Service Vulnerability CVE-2018-11805 for nefarious CF files can be configured to run system commands without any output or errors * Safer and faster scanning of large emails using body_part_scan_size and rawbody_part_scan_size settings. * New tflag "nosubject" for 'body' rules, to stop matching the Subject header which is part of the body text. * Security updates include deprecation of the unsafe sa-update '--allowplugins' option, which now prints a warning that '--reallyallowplugins' is required to use it. - Increase maximum size for spampd to 7168 ==== sudo ==== - Move pam.d/sudo* files to /usr/etc ==== syndication ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Too many changes since 5.64.0, only listing bugfixes: * Fix Bug 383381 - Getting the feed URL from a youtube channel no longer works (kde#383381) ==== syntax-highlighting ==== Version update (5.64.0 -> 5.65.0) Subpackages: libKF5SyntaxHighlighting5 libKF5SyntaxHighlighting5-lang - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Updates from CMake 3.16 final release * reStructuredText: Fix inline literals highlighting preceding characters * rst: Add support for standalone hyperlinks * JavaScript: move keywords from TypeScript and other improvements * JavaScript/TypeScript React: rename syntax definitions * LaTeX: fix backslash delimiter in some keywords (kde#413493) ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - Add source-poppler0.83.0.patch: support poppler 0.83. ==== threadweaver ==== Version update (5.64.0 -> 5.65.0) - Update to 5.65.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.65.0.php - Changes since 5.64.0: * Make it compile with qt5.15 without deprecated method * Use URL with transport encryption ==== tpm2-0-tss ==== Version update (2.2.3 -> 2.3.0) Subpackages: libtss2-esys0 libtss2-mu0 libtss2-sys0 - update to upstream version 2.3.0: - changes in version 2.3.0: - tss2-tctildr: A new library that helps with tcti initialization Recommend to use this in place of custom tcti loading code now ! - tss2-rc: A new library that provides textual representations for return codes - Option to disable NIST-deprecated crypto (--disable-weak-crypto) - Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext) - map-files with correct symbol lists for tss2-sys and tss2-esys This may lead to unresolved symbols in linked applications - Support to call Tss2_Sys_Execute repeatedly on certain errors - Reduced RAM consumption in Esys due to Tss2_Sys_Execute change - Automated session attribution clearing for esys (decrypt and encrypt) per cmd - Removed libtss2-mu from "Requires" field of libtss2-esys.pc Needs to be added explicitely now - All fixes from 2.2.1, 2.2.2 and 2.2.3 - Fixed SPDX License Identifiers - Fixed Null-pointer problems in tcti-tbs - Fixed Default locality for tcti-mssim set to LOC_0 - Fixed coverity and valgrind leaks detected in test programs (not library code) ==== wicked ==== Version update (0.6.60 -> 0.6.61) Subpackages: wicked-service - version 0.6.61 - dracut: add initial cmdline parsing as a config source - address: don't check hwaddr length if parsing as ARPHRD_VOID - utils: added find and insert var array utils, cleanup - client: add show-policy command calling policy generation - client: initial support to generate a basic policy directly - client: cleanup convert and show-config commands ==== wireguard ==== Version update (0.0.20191212_k5.3.12_1 -> 0.0.20191219_k5.3.12_2) - Update to version 0.0.20191219 * wg-quick: linux: try both iptables(8) and nft(8) on teardown * wg-quick: linux: use already configured addresses instead of in-memory * compat: ipv6_dst_lookup_flow was backported to 5.3 and 5.4 * tools: adjust wg.8 syntax for consistency in COMMANDS section -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 0

[opensuse-factory] openSUSE reproducible builds status 2019-01
by Bernhard M. Wiedemann 23 Dec '19

23 Dec '19

Hi, last month's status: https://lists.opensuse.org/opensuse-factory/2018-12/msg00171.html Last months' r-b project updates (including my work): https://reproducible-builds.org/blog/posts/195/ https://reproducible-builds.org/blog/posts/194/ https://reproducible-builds.org/blog/posts/193/ https://reproducible-builds.org/blog/posts/192/ I uploaded https://rb.zq1.de/compare.factory-20190125/ today and rbstats are: total-packages: 11298 build-tried: 11297 build-failed: 37 build-n-a: 107 build-succeeded: 11153 build-official-failed+na: 85 build-compare-failed: 283 build-compare-succeeded: 10870 bit-by-bit-identical: 10605 not-bit-by-bit-identical: 538 Fixed core packages since last month: breeze5-icons dolphin libqt5-qtwebkit wireshark syntax-highlighting: Qt rcc/qrc fix merged in Factory https://build.opensuse.org/request/show/663360 also fixed dozens others like bitcoin. opa-ff CPU-detection via -march=native https://build.opensuse.org/request/show/661771 gengetopt https://build.opensuse.org/request/show/661735 nearly fixed: pcre2 PGO/parallelism https://build.opensuse.org/request/show/668163 perl: ASLR-induced randomness https://build.opensuse.org/request/show/668211 --- ring0 --- acl gcc7 gcc8 --- ring1 --- MozillaFirefox MozillaThunderbird ant bsf colord emacs firebird gconf2-branding-openSUSE gdb gimp gnome-documents go1.10 go1.11 groff-full grub2 hamcrest installation-images java-11-openjdk java-1_8_0-openjdk jing-trang jtidy junit junitperf kernel-debug kernel-default kernel-vanilla kubernetes libkolabxml libqt5-qtscript libreoffice mono-core mozilla-nss pcp php7 python-base python3-base qdox release-notes-openSUSE ruby2.5 rubygem-gem2rpm rust scons transfig virtualbox xmlbeans yodl If you are interested in why they vary: acl: date+time in /usr/share/locale/en(a)boldquot/LC_MESSAGES/acl.mo -PO-Revision-Date: 2018-10-23 01:45+0000 +PO-Revision-Date: 2033-11-24 15:01+0000 gcc7 gcc8: indeterminism from PGO/parallelism + mtime. See also https://github.com/bmwiedemann/theunreproduciblepackage/tree/master/pgo MozillaFirefox MozillaThunderbird: date+time, rust, other has bug around update.locale symlink /usr/lib64/firefox/libxul.so varies from https://github.com/rust-lang/rust/issues/57041 .../browser/extensions/langpack-ca(a)xxxxxxxxxxxxxxxxxxx/manifest.json - "version": "20181009013946" + "version": "20331110172641" apache-commons-lang3 apache-pdfbox dom4j hsqldb icu4j javassist jing-trang jtidy junitperf jython objectweb-asm qdox tomcat xerces-j2 xpp2 xpp3: date + mtime in .jar + javadoc html can be normalized by strip-nondeterminism bsh2 cglib: /usr/share/maven-metadata/bsh2.xml has ASLR order issues date + mtime in .jar + javadoc html colord some randomness from uninitialized memory maybe from glib-compile-resources 16-byte random profileID in .icc files from cd-create-profile plus an uncommitted date/time fix in lib/colord/cd-it8.c: priv->enable_created = FALSE ecj ASLR + date? /usr/share/maven-metadata/ecj.xml has alias entries in random order emacs dumps lisp interpreter memory to create its binaries (similar to clisp) causes variations in /usr/bin/emacs-* firebird: ships unreproducible database http://tracker.firebirdsql.org/browse/CORE-5548 gconf2-branding-openSUSE embeds mtime values in /etc/gconf/gconf.xml.vendor/%gconf-tree.xml gdb contains testresults https://bugzilla.opensuse.org/show_bug.cgi?id=1110708 gimp ASLR 12 byte differ in bKGD header from gegl GEGL_USE_OPENCL=no GEGL_SWAP=ram /usr/bin/gegl ../../icons/Symbolic/64/gimp-texture.png -o 64/gimp-texture.png -- gegl:invert-gamma gnome-documents gnome-documents-getting-started.pdf has random ID from inkscape go1.10 go1.11: variations in /usr/lib64/go/1.10/pkg/obj/go-build/*/*-a groff-full date+time + unknown reason? .ps files vary .html files have CreationDate grub2 mtime + readdir https://savannah.gnu.org/bugs/index.php?54841 hamcrest java .class files vary from build/temp/hamcrest-core/generated-code /org/hamcrest/CoreMatchers.java written by ant javadoc html varies installation-images many variations from mtimes + filesys/readdir and %post scripts java-1_8_0-openjdk java-10-openjdk java-11-openjdk various .jar .zip .html .jmod ordering in /usr/lib64/jvm/java-10-openjdk-10/lib/classlist kernel-debug kernel-default kernel-vanilla date+time ; random keys? "Build time autogenerated kernel key0 ..181009012108Z..21180915012108Z0.1,0" kubernetes: fixed upstream: order in man-pages https://github.com/kubernetes/kubernetes/pull/68983 maybe fixed upstream: random build-ids libkolabxml unknown/ASLR? from build/kolabformat-xcal-schema.cxx created by compiled/xsdbin.cxx libqt5-qtscript filesys order libreoffice various .jar .so .dat/.bau (.zip) javadoc_log.txt mono-core date+time ; other mozilla-nss DSA random temp-key from shlibsign https://bugzilla.opensuse.org/show_bug.cgi?id=1081723 pcp /var/lib/pcp/testsuite/perfevent/perfevent_coverage has random diffs from gcov / .gcno files causing diff in .o ? php7 date / EPOCH timestamps e.g. in /usr/share/php7/PEAR/.channels/__uri.reg python-base python3-base: PGO varies .o files that go into /usr/lib64/libpython3.6m.so.1.0 .pyc files vary python-base shows influence from date+hostname (in PGO?) python-numpy 1 .pyc file varied release-notes-openSUSE partial fix in https://github.com/openSUSE/daps/issues/482 date+time in .pdf ; needs work on fop java code random id values in .html ruby2.5 2 gemspec files have date created.rid varies rubygem-gem2rpm mtime ? /usr/lib64/ruby/gems/2.5.0/cache/checksums.yaml varies rust asm diffs in cargo and others from llvm's llc - filed at https://github.com/rust-lang/rust/issues/57041 some progress made here with the switch to llvm7 scons hostname in various places tigervnc date+time+randomness in /usr/share/vnc/classes/META-INF/TIGERVNC.RSA from SignJar.cmake calling jarsigner with temporary private key partial fix merged https://github.com/TigerVNC/tigervnc/pull/765 transfig date+time in sample-presentation.pdf /CreationDate /ModDate from pdflatex virtualbox tar + random https://www.virtualbox.org/ticket/16854 .so files have random NT_GNU_BUILD_ID (unique build ID bitstring) maybe from out/linux.amd64/release/obj/webservice/gsoapH_from_gsoap.h that has date+time in comment /usr/share/virtualbox/extensions/VNC-5.2.16.vbox-extpack unhandled gzip content: POSIX tar archive (GNU) -13343137165.010505. 5... +16773576625.010527. 5... xmlbeans index.xsb varies from filesystem created in org.apache.xmlbeans.impl.tool.SchemaCompiler yodl pdf from latex/ghostscript/dvips/ps2pdf additionally, on the SLE15 list =============================== gnuplot date+time in pdf from pdflatex golang-github-prometheus-prometheus date+time+random build-id hawk2 https://bugzilla.opensuse.org/show_bug.cgi?id=1112159 ibus-libzhuyin libpinyin libzhuyin random bytes - maybe uninitialized memory perf random filesys order from nftw call in ./linux-*/tools/perf/pmu-events/jevents.c python-keystoneauth1 https://bugs.launchpad.net/keystoneauth/+bug/1796899

5 14

[opensuse-factory] network:ldap/openldap2 no builds for Tumbleweed
by Michael Ströder 22 Dec '19

22 Dec '19

HI! Can anybody enlighten me why package network:ldap/openldap2 currently does not build for Tumbleweed? OBS says: unresolvable (nothing provides krb5-mini) I tried to generate a local build of krb5 and krb5-mini in my home project but rpmlint seg faulted. Strange enough network/krb5-mini seems to build just fine. Ciao, Michael. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

3 4

[opensuse-factory] mirrors lagging, by 200-400% the lifetime of a TW release - how to get a coherent version?
by L A Walsh 22 Dec '19

22 Dec '19

On 2019/12/20 17:32, Knurpht-openSUSE wrote: > Linda, to cut a long story short: > Mirrors are there for distributing the transfers for people downloading, > updating, upgrading etc. If a workaround for this would go public, everyone > would try download.o.o with some options first. Result: download.o.o down. > ---- Usually the sites I d/l are fine and give me my max d/l speed -- not always the same for d.o.o. I certainly don't mind using a local mirror if one exists, but most importantly, is really a mirror and not 4+ days behind. Problem now, is I keep getting rerouted to what would normally be a very close, performant mirror, but now, I have no way of getting to "correct content" as I seem to have no choice in the mirror chosen, nor a way to work around it. d.o.o is effectively offline for anyone using a mirror less than or equal to the net-distance of kernel.org from anywhere. A four day lag time seems like alot for a distro like TW that updates as often as daily. > We may need some faster mirroring though for TW. Sometimes it comepletely > rebuilds ( i.e. full package upgrade, f.e. gcc major version upgrade ) , a new > release gets distributed before some mirrors have synced the previous released > TW repos. > That's a big problem for anyone trying to pull down a coherent release considering the size. I haven't been able to pull down a coherent release since I switched to TW. Sometimes I've gotten remarks from some who when noticing the the noncoherence think it has something to do with changes I've made, but reality is that most of it now has to do with not being able to get a complete copy before another version is released. This supports one of my long time pet-peeves of having specific versions built into everything that they will work with and not a range or 'newer than or equal to Vx.y'. While many people come up with lots of edge cases where that system can fail. The reality I've run into is often ending up with different parts of the system that not only won't load or run, but more often -- that can't even be built from "open source[sic]" because the sources don't stay still long enough to download all of them and their deps. Certainly, its beginning to more and more seem like version requirements and differences are becoming more of a problem noticed by more people. Certainly -- with something like TW, might not cutting back to 1/week help resolve a problem? It's hard to get everything in TW working together if the versions of everything are interlocked. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

7 13