February 2020 - openSUSE Factory - openSUSE Mailing Lists

Re: [opensuse-factory] Introducing new package for Factory
by Sergio Lindo 21 Feb '20

21 Feb '20

Hi Jiri, El 21 feb 2020, a las 8:01, Jiri Slaby <jslaby(a)suse.cz> escribió: > So where is the package? Sure, I forgot to mention the devel project: https://build.opensuse.org/package/show/utilities/tmux-resurrect I can now also mention the Submit request https://build.opensuse.org/request/show/777771 Kind Regards -- Sergio Lindo Mansilla Software developer with DevOps tendencies Portfolio: http://binary-sequence.github.com/-- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 0

[opensuse-factory] Introducing new package for Factory
by Sergio 21 Feb '20

21 Feb '20

Hi all, I am a tmux user and I use the plugin tmux-resurrect a lot. Since I want to use saltstack to automate the setup of my machines and I want to let tmux-resurrect be salted, I would like to maintain it on Factory, so that it is easier for me to 'salt' it. The upstream project is in github: https://github.com/tmux-plugins/tmux-resurrect They haven't given any feedback in the PR with the Makefile yet https://github.com/tmux-plugins/tmux-resurrect/pull/327 so I am using my fork as source: https://github.com/SergioAtSUSE/tmux-resurrect After following this guide https://en.opensuse.org/openSUSE:How_to_contribute_to_Factory I am sending this email to introduce the package. Kind Regards -- Sergio Lindo Mansilla Software developer with DevOps tendencies Portfolio: http://binary-sequence.github.com/

2 1

[opensuse-factory] Leap 15.2 Build 581.2 released!
by openSUSE release team 21 Feb '20

21 Feb '20

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.2&bui… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&q… When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3… to record your testing efforts and use bugzilla to report bugs. Packages changed: MozillaFirefox (68.4.2 -> 68.5.0) MozillaThunderbird (68.4.1 -> 68.5.0) QtAV (1.12.0 -> 1.13.0) edict (20180305 -> 20191016) ipmitool (1.8.18 -> 1.8.18+git20200204.7ccea28) kcm_tablet (3.1.1 -> 3.2.0) kdeconnect-kde (1.3.3 -> 1.4) plymouth python-PyWebDAV3-GNUHealth (0.10.2 -> 0.10.3) xfce4-whiskermenu-plugin (2.4.1 -> 2.4.2) xfconf === Details === ==== MozillaFirefox ==== Version update (68.4.2 -> 68.5.0) Subpackages: MozillaFirefox-translations-common MozillaFirefox-translations-other - Firefox Extended Support Release 68.5.0 ESR * Fixed: Various stability and security fixes - Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 ==== MozillaThunderbird ==== Version update (68.4.1 -> 68.5.0) Subpackages: MozillaThunderbird-translations-common MozillaThunderbird-translations-other - Mozilla Thunderbird 68.5 * new: Support for Client Identity IMAP/SMTP Service Extension (bmo#1532388) * new: Support for OAuth 2.0 authentication for POP3 accounts (bmo#1538409) * fixed: Status area goes blank during account setup (bmo#1593122) * fixed: Calendar: Could not remove color for default categories (bmo#1584853) * fixed: Calendar: Prevent calendar component loading multiple times (bmo#1606375) * fixed: Calendar: Today pane did not retain width between sessions (bmo#1610207) * fixed: Various <a href="https://www.mozilla.org/en- US/security/known- vulnerabilities/thunderbird/#thunderbird68.5">security fixes</a> * unresolved: When upgrading from Thunderbird version 60 to version 68, add-ons are not automatically updated during the upgrade process. They will however be updated during the add- on update check. It is of course possible to reinstall compatible add-ons via the Add-ons Manager or via addons.thunderbird.net. (bmo#1574183) MFSA 2020-07 (bsc#1163368) * CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain email messages * CVE-2020-6794 (bmo#1606619) Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords * CVE-2020-6795 (bmo#1611105) Crash processing S/MIME messages with multiple signatures * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6792 (bmo#1609607) Message ID calculcation was based on uninitialized data * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in Thunderbird 68.5 - Mozilla Thunderbird 68.4.2 (bsc#1162777) * changed: Calendar: Task and Event tree colours adjusted for the dark theme (bmo#1608344) * fixed: Retrieval of S/MIME certificates from LDAP failed (bmo#1604773) * fixed: Address-parsing crash on some IMAP servers when preference mail.imap.use_envelope_cmd was set (bmo#1609690) * fixed: Incorrect forwarding of HTML messages caused SMTP servers to respond with a timeout (bmo#1222046) * fixed: Calendar: Various parts of the calendar UI stopped working when a second Thunderbird window opened (bmo#1608407) ==== QtAV ==== Version update (1.12.0 -> 1.13.0) Subpackages: libQtAV1 libQtAVWidgets1 - Add 0001-Fix-build-with-Qt-5.14.patch - Update to 1.13.0 * Add python bindings * More apis for qml player * Auto rotate video * Apple store * Fix ios plugin not found * Support chapters * Muxer, encoder, transcoder improvements * Compatible with new ffmpeg * videotoolbox: hevc, * cuda: new devices * Android: no longer depends on private qt module * Fix opensl error * mediacodec: 0-copy via a plugin from https://github.com/wang-bin/mdk-sdk - Drop patches merged upstream: * fix-build-newer-ffmpeg.patch * disable-use-of-deprecated-header.patch ==== edict ==== Version update (20180305 -> 20191016) - Fix invalid RPM group. - Drop "Provides: locale(ja)" to reduce the size of Japanese base system - Update to snapshot 20191016 * No changelog recorded. - Update to snapshot 20190313 * No changelog recorded. - Update to snapshot 20181125 * No changelog recorded. - Split package into: edict, edict2, jmdict. This way, one need not install the rather large XML variant (jmdict) if not needed. - Added JIS X 0213-2012 Kanji dictionary ("kanjd213"). - Remove the computer terminology dictionary "compdic", as it is already included in the word dictionary. ==== ipmitool ==== Version update (1.8.18 -> 1.8.18+git20200204.7ccea28) - Don't hardcode /usr but use rpm variables - bsc#1163026 - CVE-2020-5208 - Use license macro for COPYING, instead of doc - Add ChangeLog mainline log to docs for shorter obs changelogs. This will be the last more detailed changelog, due to more important buffer overflow patches. Otherwise this changelog will not include (mainline) changes anymore. - Update to version 1.8.18+git20200204.7ccea28: * fru, sdr: Fix id_string buffer overflows * lanp: Fix buffer overflows in get_lan_param_select * channel: Fix buffer overflow * session: Fix buffer overflow in ipmi_get_session_info * fru: Fix buffer overflow in ipmi_spd_print_fru * fru: Fix buffer overflow vulnerabilities * chassis: bootmbox: Refix 62a04390 * configure: Drop requirement for curses et. al libs - Add a configure option to disable IANA PEN database internet download A autotools_define_DOWNLOAD.diff D create_pen_list_from_local_file.patch - New pen database: M enterprise-numbers - Patches adjusted to latest mainline code: M fix_file_permissions.patch M ipmitool_adjust_suse_paths.patch M several_more_compile_fixes.patch ==== kcm_tablet ==== Version update (3.1.1 -> 3.2.0) Subpackages: kcm_tablet-lang - Update to version 3.2.0 - Main changes: * screen tablet area calculation fix (by Jason Gerecke); this should finally fix or at least greatly improve calibration. * GCC9 support. * xlib backend removed, x11-xlib dependency removed. - New device definitions: * CTL-4100, CTL-4100WL, CTL-6100, CTL-6100WL (by Stefano Guidoni) - Drop patches merged upstream: * 0001-Supposedly-fix-building-with-gcc9.patch * 0001-Remove-x11-xlib-dependency.patch - Add patch to fix build with cmake >= 3.14 (X11 never had an XLIB component): * 0001-Remove-x11-xlib-dependency.patch - Add patch to fix build with GCC 9: * 0001-Supposedly-fix-building-with-gcc9.patch ==== kdeconnect-kde ==== Version update (1.3.3 -> 1.4) Subpackages: kdeconnect-kde-lang - Update to 1.4 * New "KDE Connect" desktop app to control the phone from the PC * SMS app that can read and write SMS texts * control PC system's global volume from a phone * flip forward and back through presentation slides * compatibility with Thunar (Xfce's file manager) and Elementary applications such as Pantheon Files. - Run spec-cleaner - Update to 1.3.5 * Add detectPlatform to always use wayland in a wayland session * i18n: fix extraction of nautilus extension * Don't update new notifications * Install desktop file for kdeconnectd * [sftp] Fix error message wording * Change plugin name * [sftp] Give better error messages for common errors * [sftp] Improve error reporting * Use KAboutData to set information about the daemon * Disable session management * Print socket error when connection fails * [kio] Mount device during stat if necessary * [backends/lan] Don't fail silently when a UDP packet could not be unserialized * Fix crash in daemon * Fix crash in notifications plugin (kde#400010) * Don't show multiple windows when replying to a notification - Drop Leap 42.3 specific patches, it's no longer supported: * 0001-Fix-build-on-Leap-42.3.patch * 0001-Revert-Retry-the-network-packet-if-it-failed-to-unse.patch - Don't install SuSEfirewall2 file on Tumbleweed anymore, Sf2 has been dropped - Use noun phrase in descriptions. - Update to 1.3.4 * Always play when call ended (kde#400787) * [cli] Show all reachable devices (kde#402088) * [sftp] Get device ID from URL * Retry the network packet if it failed to unserialize * Fix sending keys via CLI * [kio] Fix file browsing with non-KIO file managers - Run spec-cleaner - Refresh 0001-Fix-build-on-Leap-42.3.patch - Add 0001-Revert-Retry-the-network-packet-if-it-failed-to-unse.patch to make it build on Leap 42.3 - Drop Provides/Obsoletes for kdeconnect-kde-devel, that package doesn't exist anymore since 2015 and nothing should need it - Add 0001-Fix-build-on-Leap-42.3.patch to make it build on Leap 42.3 - Update to 1.3.3 * Instantiate QApplication object to fix crash on KDE Neon (kde#400178) * Fix build failure on musl based systems (kde#395161) - Update to 1.3.2 * Also allow modern algorithms, for compat with future apps * Remove characters from UUID that aren't legal in URLs * Add new notifications at the top of the list * Change the 'Dismiss all notifications' icon * Fix DBus signals in Mprisremote - Update to 1.3.1 * Fix a bug that would hang Nautilus when copying a file if paired devices were available * Fix remote filesystem reconnection issue * Add a missing dependency check in cmake * Add missing notification category to the plasmoid - Mark license file with %license instead of %doc - Update to 1.3.0 * Fixed frequent crash when receiving notifications * Fixed MPRIS player entries never being deleted * Added a Gnome Files (Nautilus) extension to send files from the context menu * Added handling of "tel:" links with KDE Connect * Support sending album art in MPRIS plugin * Allow sharing more than one file from the CI (eg: --share *.mp3) - Remove patches, now upstream: * 0001-Fix-null-dereference.patch - Modified wording in Description to match that KDE Connect runs under any Linux desktop (see upstream README.md file) - Add 0001-Fix-null-dereference.patch to fix a null dereference. - Add signature file kdeconnect-kde-v1.2.1.tar.xz.sig - Update to 1.2.1 * Require the latest version of KF5 * Was getting a double-delete, now it won't crash * Get rid of ProcessRunner * Add album art to mpris network packets * Add title, artist and album to MPRIS network packets * Fix information leak via /tmp (kde#383144) * Add support for new Android 2.3 (API 9+) cipher * Fix kdeconnect-cli device list * Fix "error activiting kdeconnectd" for kdeconnect-cli * Delay kdeconnectd autostart phase * Fix Notifications in Plasmoid * Make sure there's not a path within the filename * share plugin: fix path display * Use pactl instead of KMix in PauseMusic Plugin - needs KDE Frameworks 5.42 now - Update to 1.2.0 - Update build requirements, it needs Qt 5.7 and KF 5.38 now - Remove patches, now upstream: * 0001-Treat-device-names-as-plaintext-not-rich-text.patch - Add patch to fix unauthenticated HTML injection (kde#382243): * 0001-Treat-device-names-as-plaintext-not-rich-text.patch - Update to 1.0.3 - Update to 1.0.2 - Update to 1.0.1 * fixes some issues found in 1.0 - Drop upstreamed fix-build-with-older-qt.patch - Add fix-build-with-older-qt.patch from upstream to make it compile with Qt < 5.6, and lower the Qt requirement to 5.2 again (as demanded by CMakeLists.txt) - Add firewalld service file - Build docs again - Require at least Qt 5.6 - New upstream version 1.0 * Trigger custom commands from phone * Reply to SMS messages from the desktop * Receive desktop notifications on phone * TLS encryption - Update to 0.9g * No changelog provided - Drop upstreamed 0001-This-syntax-also-works-on-older-OpenSSH-versions.patch - Add 0001-This-syntax-also-works-on-older-OpenSSH-versions.patch from upstream to be compatible with older openssh versions (bnc#961554) - Update to 0.9f * Adds translations - Update to 0.9 * KF5 version - Update to 0.8 * No changelog provided - Add Requires: sshfs to make it work. - Update to 0.7.3: * No changelog provided ==== plymouth ==== Subpackages: libply-boot-client4 libply-splash-core4 libply-splash-graphics4 libply4 plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Sync the default openSUSE theme from Tumbleweed ==== python-PyWebDAV3-GNUHealth ==== Version update (0.10.2 -> 0.10.3) - vewrsion 0.10.3 Check for binary type before encoding ==== xfce4-whiskermenu-plugin ==== Version update (2.4.1 -> 2.4.2) Subpackages: xfce4-whiskermenu-plugin-lang - Update to 2.4.2 * Fix crash when selecting desktop action. (bxo#16445) * Translation updates ==== xfconf ==== Subpackages: libxfconf-0-3 xfconf-lang - xfconfd needs to be a hard dependency to libxfconf (boo#1163214) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 0

[opensuse-factory] New Tumbleweed snapshot 20200207 released!
by Dominique Leuenberger 20 Feb '20

20 Feb '20

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ImageMagick (7.0.9.19 -> 7.0.9.21) Mesa Mesa-drivers MozillaFirefox MozillaThunderbird aaa_base (84.87+git20200128.8a17290 -> 84.87+git20200206.ed897a1) apache2 audacity avahi clamav (0.102.1 -> 0.102.2) dracut (049.1+git119.abf1a408 -> 049.1+git120.dbfbfcb8) gedit ghostscript gnutls (3.6.11.1 -> 3.6.12) gstreamer gstreamer-plugins-bad gstreamer-plugins-base gstreamer-plugins-good gstreamer-plugins-ugly hwdata (0.331 -> 0.332) kernel-source (5.4.14 -> 5.5.1) libcdr (0.1.4 -> 0.1.6) libinput (1.15.0 -> 1.15.1) libmpeg2 libmtp (1.1.16 -> 1.1.17) libtasn1 (4.15.0 -> 4.16.0) libuv (1.31.0 -> 1.34.2) libvirt netcfg open-iscsi openal-soft (1.19.1 -> 1.20.1) openjpeg2 perl-DBI (1.642 -> 1.643) publicsuffix (20191115 -> 20200201) python python-base python-jedi (0.15.2 -> 0.16.0) python-parso (0.5.2 -> 0.6.1) python-setuptools (41.6.0 -> 44.0.0) rsyslog sharutils telegram-purple (1.4.1 -> 1.4.2) texlive tlp (1.2.2 -> 1.3.0) vim (8.2.0119 -> 8.2.0200) wireguard (0.0.20200128_k5.4.14_2 -> 0.0.20200205_k5.5.1_1) wxWidgets-3_0 wxWidgets-3_0-nostl xdg-desktop-portal xfsdump (3.1.8 -> 3.1.9) === Details === ==== ImageMagick ==== Version update (7.0.9.19 -> 7.0.9.21) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI7 libMagickWand-7_Q16HDRI7 perl-PerlMagick - version update to 7.0.9.21 * Support additional connected components defines. * Refresh cache morphology when writing MPC images. ==== Mesa ==== Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch * reverse apply since it caused a regression in rendering on s390x (bsc#1162252) ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch * reverse apply since it caused a regression in rendering on s390x (bsc#1162252) ==== MozillaFirefox ==== Subpackages: MozillaFirefox-translations-common - Use a symbolic icon from branding internals - Pixmaps no longer required for the desktops ==== MozillaThunderbird ==== Subpackages: MozillaThunderbird-translations-common - Use a symbolic icon from branding internals ==== aaa_base ==== Version update (84.87+git20200128.8a17290 -> 84.87+git20200206.ed897a1) Subpackages: aaa_base-extras - Update to version 84.87+git20200206.ed897a1: * get_kernel_version: fix for current kernel on s390x (from azouhr) - Update to version 84.87+git20200206.8d74b0b: * Fix services entry in /etc/nsswitch.conf [bsc#1162916] - Make sure glibc is recent enough else nsswitch.conf update will fail ==== apache2 ==== Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - define DEFAULT_LISTENBACKLOG=APR_INT32_MAX. We want apache to honour net.core.somaxconn sysctl as the mandatory limit. the old value of 511 was never used as until v5.4-rc6 it was clamped to 128, in current kernels the default limit is 4096. Cannot use the apr_socket_listen(.., -1) idiom because the function expects a positive integer argument. ==== audacity ==== Subpackages: audacity-lang - Download 2.3.3 tarball again to fix incorrect release info. - Use autopatch and refresh patches. - Fix boo#1162418, caused by wxWidgets. ==== avahi ==== Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7 - Require shadow instead of pwdutils: pwdutils has been absorbed and replaced by shadow long ago. ==== clamav ==== Version update (0.102.1 -> 0.102.2) Subpackages: libclamav9 libfreshclam2 - update to 0.102.2 * CVE-2020-3123: A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash. * Significantly improved the scan speed of PDF files on Windows. * Re-applied a fix to alleviate file access issues when scanning RAR files in downstream projects that use libclamav where the scanning engine is operating in a low-privilege process. This bug was originally fixed in 0.101.2 and the fix was mistakenly omitted from 0.102.0. * Fixed an issue where freshclam failed to update if the database version downloaded is one version older than advertised. This situation may occur after a new database version is published. The issue affected users downloading the whole CVD database file. * Changed the default freshclam ReceiveTimeout setting to 0 (infinite). The ReceiveTimeout had caused needless database update failures for users with slower internet connections. * Correctly display the number of kilobytes (KiB) in progress bar and reduced the size of the progress bar to accommodate 80-character width terminals. * Fixed an issue where running freshclam manually causes a daemonized freshclam process to fail when it updates because the manual instance deletes the temporary download directory. The freshclam temporary files will now download to a unique directory created at the time of an update instead of using a hardcoded directory created/destroyed at the program start/exit. * Fix for freshclam's OnOutdatedExecute config option. * Fixes a memory leak in the error condition handling for the email parser. * Improved bound checking and error handling in ARJ archive parser. * Improved error handling in PDF parser. * Fix for memory leak in byte-compare signature handler. ==== dracut ==== Version update (049.1+git119.abf1a408 -> 049.1+git120.dbfbfcb8) - Update to version 049.1+git120.dbfbfcb8: * 95zfcp_rules/parse-zfcp.sh: remove rule existence check (bsc#1008352) ==== gedit ==== Subpackages: gedit-lang python3-gedit - Own %{python3_sitearch}/gi/ and subdirectories: in the past, pkgconfig(pygobject-3.0) pulled in py2 and py3 gobject stacks, but we eliminated that so not every consumer of the C-headers gets two python stacks pulled in. Thus, own the directories. ==== ghostscript ==== Subpackages: ghostscript-x11 - Use system openjpeg2 on Tumbleweed/Factory. ==== gnutls ==== Version update (3.6.11.1 -> 3.6.12) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - gnutls 3.6.12 * libgnutls: Introduced TLS session flag (gnutls_session_get_flags()) to identify sessions that client request OCSP status request (#829). * libgnutls: Added support for X448 key exchange (RFC 7748) and Ed448 signature algorithm (RFC 8032) under TLS (#86). * libgnutls: Added the default-priority-string option to system configuration; it allows overriding the compiled-in default-priority-string. * libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by draft-smyshlyaev-tls12-gost-suites-07). By default this ciphersuite is disabled. It can be enabled by adding +GOST to priority string. In the future this priority string may enable other GOST ciphersuites as well. Note, that server will fail to negotiate GOST ciphersuites if TLS 1.3 is enabled both on a server and a client. It is recommended for now to disable TLS 1.3 in setups where GOST ciphersuites are enabled on GnuTLS-based servers. * libgnutls: added priority shortcuts for different GOST categories like CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, SIGN-GOST-ALL, GROUP-GOST-ALL. * libgnutls: Reject certificates with invalid time fields. That is we reject certificates with invalid characters in Time fields, or invalid time formatting To continue accepting the invalid form compile with --disable-strict-der-time * libgnutls: Reject certificates which contain duplicate extensions. We were previously printing warnings when printing such a certificate, but that is not always sufficient to flag such certificates as invalid. Instead we now refuse to import them (#887). * libgnutls: If a CA is found in the trusted list, check in addition to time validity, whether the algorithms comply to the expected level prior to accepting it. This addresses the problem of accepting CAs which would have been marked as insecure otherwise (#877). * libgnutls: The min-verification-profile from system configuration applies for all certificate verifications, not only under TLS. The configuration can be overriden using the GNUTLS_SYSTEM_PRIORITY_FILE environment variable. * libgnutls: The stapled OCSP certificate verification adheres to the convention used throughout the library of setting the 'GNUTLS_CERT_INVALID' flag. * libgnutls: On client side only send OCSP staples if they have been requested by the server, and on server side always advertise that we support OCSP stapling * libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible with gnutls_ocsp_req_t but const. * certtool: Added the --verify-profile option to set a certificate verification profile. Use '--verify-profile low' for certificate verification to apply the 'NORMAL' verification profile. * certtool: The add_extension template option is considered even when generating a certificate from a certificate request. ==== gstreamer ==== Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - No longer recommend -lang: supplements are in use. ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - No longer recommend -lang: supplements are in use. ==== gstreamer-plugins-base ==== Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - No longer recommend -lang: supplements are in use. ==== gstreamer-plugins-good ==== Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-lang gstreamer-plugins-good-qtqml - No longer recommend -lang: supplements are in use. ==== gstreamer-plugins-ugly ==== Subpackages: gstreamer-plugins-ugly-lang - No longer recommend -lang: supplements are in use. ==== hwdata ==== Version update (0.331 -> 0.332) - Update to version 0.322: * Updated pci, usb and vendor ids. ==== kernel-source ==== Version update (5.4.14 -> 5.5.1) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - btrfs: do not zero f_bavail if we have available space (bnc#1162471). - commit efe8ca5 - Linux 5.5.1 (bnc#1012628). - power/supply: ingenic-battery: Don't change scale if there's only one (bnc#1012628). - Revert "um: Enable CONFIG_CONSTRUCTORS" (bnc#1012628). - KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (bnc#1012628). - crypto: pcrypt - Fix user-after-free on module unload (bnc#1012628). - crypto: caam - do not reset pointer size from MCFGR register (bnc#1012628). - crypto: vmx - reject xts inputs that are too short (bnc#1012628). - crypto: af_alg - Use bh_lock_sock in sk_destruct (bnc#1012628). - rsi: fix non-atomic allocation in completion handler (bnc#1012628). - rsi: fix memory leak on failed URB submission (bnc#1012628). - rsi: fix use-after-free on probe errors (bnc#1012628). - rsi: fix use-after-free on failed probe and unbind (bnc#1012628). - rxrpc: Fix use-after-free in rxrpc_receive_data() (bnc#1012628). - net: include struct nhmsg size in nh nlmsg size (bnc#1012628). - mlxsw: minimal: Fix an error handling path in 'mlxsw_m_port_create()' (bnc#1012628). - udp: segment looped gso packets correctly (bnc#1012628). - net: socionext: fix xdp_result initialization in netsec_process_rx (bnc#1012628). - net: socionext: fix possible user-after-free in netsec_process_rx (bnc#1012628). - net_sched: walk through all child classes in tc_bind_tclass() (bnc#1012628). - net_sched: fix ops->bind_class() implementations (bnc#1012628). - net_sched: ematch: reject invalid TCF_EM_SIMPLE (bnc#1012628). - mvneta driver disallow XDP program on hardware buffer management (bnc#1012628). - zd1211rw: fix storage endpoint lookup (bnc#1012628). - rtl8xxxu: fix interface sanity check (bnc#1012628). - brcmfmac: fix interface sanity check (bnc#1012628). - ath9k: fix storage endpoint lookup (bnc#1012628). - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() (bnc#1012628). - cifs: set correct max-buffer-size for smb2_ioctl_init() (bnc#1012628). - CIFS: Fix task struct use-after-free on reconnect (bnc#1012628). - crypto: chelsio - fix writing tfm flags to wrong place (bnc#1012628). - driver core: Fix test_async_driver_probe if NUMA is disabled (bnc#1012628). - iio: st_gyro: Correct data for LSM9DS0 gyro (bnc#1012628). - iio: adc: stm32-dfsdm: fix single conversion (bnc#1012628). - mei: me: add jasper point DID (bnc#1012628). - mei: me: add comet point (lake) H device ids (bnc#1012628). - mei: hdcp: bind only with i915 on the same PCH (bnc#1012628). - binder: fix log spam for existing debugfs file creation (bnc#1012628). - component: do not dereference opaque pointer in debugfs (bnc#1012628). - debugfs: Return -EPERM when locked down (bnc#1012628). - serial: imx: fix a race condition in receive path (bnc#1012628). - serial: 8250_bcm2835aux: Fix line mismatch on driver unbind (bnc#1012628). - staging: vt6656: Fix false Tx excessive retries reporting (bnc#1012628). - staging: vt6656: use NULLFUCTION stack on mac80211 (bnc#1012628). - staging: vt6656: correct packet types for CTS protect, mode (bnc#1012628). - staging: wlan-ng: ensure error return is actually returned (bnc#1012628). - staging: most: net: fix buffer overflow (bnc#1012628). - usb: typec: fusb302: fix "op-sink-microwatt" default that was in mW (bnc#1012628). - usb: typec: wcove: fix "op-sink-microwatt" default that was in mW (bnc#1012628). - usb: dwc3: turn off VBUS when leaving host mode (bnc#1012628). - USB: serial: ir-usb: fix IrLAP framing (bnc#1012628). - USB: serial: ir-usb: fix link-speed handling (bnc#1012628). - USB: serial: ir-usb: add missing endpoint sanity check (bnc#1012628). - usb: host: xhci-tegra: set MODULE_FIRMWARE for tegra186 (bnc#1012628). - usb: dwc3: pci: add ID for the Intel Comet Lake -V variant (bnc#1012628). - rsi_91x_usb: fix interface sanity check (bnc#1012628). - orinoco_usb: fix interface sanity check (bnc#1012628). - Bluetooth: btusb: fix non-atomic allocation in completion handler (bnc#1012628). - commit d3e7b7d - config: armv7lpae: Update to 5.5 - commit 74459b2 - config: armv7hl: Update to 5.5 - commit ae8d01e - config: armv6hl: Update to 5.5 - commit edbc4d9 - x86/KVM: Clean up host's steal time structure (bcs#1161154, CVE-2019-3016). - x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (bcs#1161154, CVE-2019-3016). - x86/kvm: Cache gfn to pfn translation (bcs#1161154, CVE-2019-3016). - x86/kvm: Introduce kvm_(un)map_gfn() (bcs#1161154, CVE-2019-3016). - x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (bcs#1161154, CVE-2019-3016). - commit 77cf1f3 - x86/KVM: Clean up host's steal time structure (bcs#1161154, CVE-2019-3016). - x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (bcs#1161154, CVE-2019-3016). - x86/kvm: Cache gfn to pfn translation (bcs#1161154, CVE-2019-3016). - x86/kvm: Introduce kvm_(un)map_gfn() (bcs#1161154, CVE-2019-3016). - x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (bcs#1161154, CVE-2019-3016). - commit 7e57096 - update upstream references - update upstream status (in mainline now): patches.suse/ALSA-hda-Apply-aligned-MMIO-access-only-conditionall.patch patches.suse/hwrng-iproc-rng200-add-support-for-bcm2711.patch - commit f202425 - update upstream reference - update upstream status (in mainline now): patches.suse/ASoC-SOF-Introduce-state-machine-for-FW-boot.patch - commit 86483c3 - Update patch tag for upstreamed rtw88 patch - commit 1507410 - ASoC: SOF: core: release resources on errors in probe_continue (bsc#1161246). - ASoC: SOF: core: free trace on errors (bsc#1161246). - ASoC: SOF: Introduce state machine for FW boot (bsc#1161246). - commit ef0a514 - rpm/kabi.pl: support new (>=5.4) Module.symvers format (new symbol namespace field) - commit eecbd97 - Update to 5.5 final - refresh configs - commit 002fd1a - config: refresh Only update headers. - commit 7193c66 ==== libcdr ==== Version update (0.1.4 -> 0.1.6) - Version update to 0.1.6 * Extend support to the newest CDR format versions + Supports currently CDR 1 to 21, which is all released versions to date ==== libinput ==== Version update (1.15.0 -> 1.15.1) Subpackages: libinput-udev libinput10 - Update to release 1.15.1 * A specific event sequence involving proximity timeouts and eraser buttons could previously trigger invalid proximity in/out sequences, leading to a crash in the clients. * ALPS touchpads now automatically reduce the slot-count based on the number of actually provided fingers. The kernel hardcodes 5 but we don't always get 5 finger locations, so now we adjust this down to match. ==== libmpeg2 ==== - Remove unnecessary Requires: SDL-devel from devel package. - Disable SDL and Xv output in mpeg2dec. There a plenty of better video players. Removes X11 and SDL1 build dependency from library package. ==== libmtp ==== Version update (1.1.16 -> 1.1.17) Subpackages: libmtp-udev libmtp9 - updated to 1.1.17 release - new USB Ids - various bugfixes ==== libtasn1 ==== Version update (4.15.0 -> 4.16.0) Subpackages: libtasn1-6 libtasn1-6-32bit - libtasn1 4.16.0: * asn1_decode_simple_ber: added support for constructed definite octet strings * asn1_get_object_id_der: enhance the range of decoded OIDs * asn1_object_id_der: New function ==== libuv ==== Version update (1.31.0 -> 1.34.2) - Update to libuv 1.34.2: * Remove fno-common-build-errs.patch and rebase fix_tests.patch. Changes since version 1.34.1: * misc: adjust stalebot deadlines (Jameson Nash) * test: fix env-vars flakiness (cjihrig) * test: avoid truncating output lines (Jameson Nash) * darwin: stop calling SetApplicationIsDaemon() (Ben Noordhuis) * ibmi: implement uv_interface_addresses() (Xu Meng) * osx,fsevent: fix race during uv_loop_close (Jameson Nash) * osx,fsevent: clear pointer when deleting it [NFCI] (Jameson Nash) * Revert "aix: replace ECONNRESET with EOF if already closed" (Jameson Nash) * unix: handle uv__open_cloexec return value correctly (Anna Henningsen) Changes since version 1.34.0: * unix: fix -Wstrict-aliasing compiler warning (Ben Noordhuis) * unix: cache address of dlsym("mkostemp") (Ben Noordhuis) * build: remove -pedantic from compiler flags (Ben Noordhuis) * Revert "darwin: assume pthread_setname_np() is available" (Ben Noordhuis) * Revert "darwin: speed up uv_set_process_title()" (Ben Noordhuis) * darwin: assume pthread_setname_np() is available (Ben Noordhuis) * ibmi: fix the false isatty() issue on IBMi (Xu Meng) * test: fix test failure under NetBSD and OpenBSD (David Carlier) * test: skip some test cases on IBMi (Xu Meng) * test: skip uv_(get|set)_process_title on IBMi (Xu Meng) * doc: remove binaries for Windows from README (Richard Lau) * unix: fix -Wunused-but-set-variable warning (George Zhao) * unix: pass sysctl size arg using ARRAY_SIZE macro (David Carlier) * test: disallow running the test suite as root (cjihrig) * unix: suppress -Waddress-of-packed-member warning (Ben Noordhuis) * misc: make more tags "not-stale" (Jameson Nash) * test: fix pthread memory leak (Trevor Norris) * docs: delete socks5-proxy sample (Jameson Nash) * ibmi: fix the CMSG length issue (Xu Meng) * docs: fix formatting (Jameson Nash) * unix: squelch fchmod() EPERM on CIFS share (Ben Noordhuis) * docs: fix linkcheck (Jameson Nash) * docs: switch from linux.die.net to man7.org (Jameson Nash) * win: remove abort when non-IFS LSP detection fails (virtualyw) * docs: clarify that uv_pipe_t is a pipe (Jameson Nash) * win,tty: avoid regressions in utf-8 handling (Jameson Nash) * win: remove bad assert in uv_loop_close (Jameson Nash) * test: fix -fno-common build errors (Ben Noordhuis) * build: turn on -fno-common to catch regressions (Ben Noordhuis) * test: fix fs birth time test failure (Ben Noordhuis) * tty,unix: avoid affecting controlling TTY (Jameson Nash) Changes since version 1.33.1: * unix: move random-sysctl to random-sysctl-linux (nia) * netbsd: use KERN_ARND sysctl to get entropy (nia) * unix: refactor uv__fs_copyfile() logic (cjihrig) * build: fix android build, add missing sources (Ben Noordhuis) * build: fix android build, fix symbol redefinition (Ben Noordhuis) * build: fix android autotools build (Ben Noordhuis) * fs: handle non-functional statx system call (Milad Farazmand) * unix,win: add uv_sleep() (cjihrig) * doc: add richardlau to maintainers (Richard Lau) * aix: fix netmask for IPv6 (Richard Lau) * aix: clean up after errors in uv_interface_addresses() (Richard Lau) * aix: fix setting of physical addresses (Richard Lau) * fs: add uv_fs_mkstemp (Saúl Ibarra Corretgé) * unix: switch uv_sleep() to nanosleep() (Ben Noordhuis) * unix: retry on EINTR in uv_sleep() (Ben Noordhuis) * zos: fix nanosleep() emulation (Ben Noordhuis) Changes since version 1.33.0: * linux: fix arm64 SYS__sysctl build breakage (Ben Noordhuis) Changes since version 1.32.0: * Revert "linux: drop code path for epoll_pwait-less kernels" (Yang Yu) * build: fix build error with __ANDROID_API__ < 21 (Yang Yu) * win: fix reading hidden env vars (Anna Henningsen) * unix,win: add uv_random() (Ben Noordhuis) * win: simplify mkdtemp (Saúl Ibarra Corretgé) * docs: fix literal-includes in User Guide (Nhan Khong) * win, tty: fix problem of receiving unexpected SIGWINCH (erw7) * unix: fix {Net,Open}BSD build (David Carlier) * win,mingw: Fix undefined MCAST_* constants (Crunkle) * build: Add link for test/fixtures/lorem_ipsum.txt (Andrew Paprocki) * fs: use statvfs in uv__fs_statfs() for Haiku (Calvin Hill) * fsevents: stop using fsevents to watch files (Jameson Nash) * fsevents: regression in watching / (Jameson Nash) * build,cmake: don't try to detect a C++ compiler (Isabella Muerte) * build: fix build warning on cygwin (MaYuming) * unix: set sin_len and sin6_len (Ouyang Yadong) * test: fix order of operations in test (cjihrig) * doc: improve uv_fs_readdir() cleanup docs (cjihrig) * build: remove duplicated test in build files (ZYSzys) * android: enable getentropy on Android >= 28 (David Carlier) * android: fix build (David Carlier) * darwin: speed up uv_set_process_title() (Ben Noordhuis) * darwin: assume pthread_setname_np() is available (Ben Noordhuis) * unix,udp: ensure addr is non-null (Jameson Nash) * win,tty: add uv_tty_{get,set}_vterm_state (erw7) * win: fix uv_statfs_t leak in uv_fs_statfs() (Ryan Liptak) * build: install files on windows via cmake (Carl Lei) * darwin,test: include AvailabilityMacros.h (Saúl Ibarra Corretgé) * darwin,test: update loop time after sleeping (Saúl Ibarra Corretgé) * doc: remove old FreeBSD 9 related note (Saúl Ibarra Corretgé) * doc: improve uv_{send,recv}_buffer_size() docs (Ryan Liptak) * build: move -Wno-long-long check to configure time (Ben Noordhuis) * unix: update uv_fs_copyfile() fallback logic (Stefan Bender) * win: cast setsockopt struct to const char* (Shelley Vohr) Changes since version 1.31.0: * misc: enable stalebot (Saúl Ibarra Corretgé) * win: map ERROR_ENVVAR_NOT_FOUND to UV_ENOENT (cjihrig) * win: use L'\0' as UTF-16 null terminator (cjihrig) * win: support retrieving empty env variables (cjihrig) * unix,stream: fix returned error codes (Santiago Gimeno) * test: fix typo in DYLD_LIBRARY_PATH (Ben Noordhuis) * unix,signal: keep handle active if pending signal (Santiago Gimeno) * openbsd: fix uv_cpu_info (Santiago Gimeno) * src: move uv_free_cpu_info to uv-common.c (Santiago Gimeno) * tcp: add uv_tcp_close_reset method (Santiago Gimeno) * test: fix udp-multicast-join tests (Santiago Gimeno) * test: remove assertion in fs_statfs test (cjihrig) * doc: clarify uv_buf_t usage in uv_alloc_cb (Tomas Krizek) * win: fix typo in preprocessor expression (Konstantin Podsvirov) * timer: fix uv_timer_start on closing timer (seny) * udp: add source-specific multicast support (Vladimir Karnushin) * udp: fix error return values (Santiago Gimeno) * udp: drop IPV6_SSM_SUPPORT macro (Santiago Gimeno) * udp: fix uv__udp_set_source_membership6 (Santiago Gimeno) * udp: use sockaddr_storage instead of union (Santiago Gimeno) * build,zos: add _OPEN_SYS_SOCK_EXT3 flag (Santiago Gimeno) * test: add specific source multicast tests (Santiago Gimeno) * include: map EILSEQ error code (cjihrig) * win, tty: improve SIGWINCH performance (Bartosz Sosnowski) * build: fix ios build error (MaYuming) * aix: replace ECONNRESET with EOF if already closed (Milad Farazmand) * build: add cmake library VERSION, SOVERSION (Eneas U de Queiroz) * build: make include/ public in CMakeLists.txt (Ben Noordhuis) * build: export USING_UV_SHARED=1 to cmake deps (Ben Noordhuis) * build: cmake_minimum_required(VERSION 2.8.12) (Daniel Hahler) * aix: Fix broken cmpxchgi() XL C++ specialization. (Andrew Paprocki) * test: fix -Wsign-compare warning (Ben Noordhuis) * unix: simplify open(O_CLOEXEC) feature detection (Ben Noordhuis) * unix: fix UV_FS_O_DIRECT definition on Linux (Joran Dirk Greef) * doc: uv_handle_t documentation suggestion (Daniel Bevenius) ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - xen: Fix the list of supported ovmf firmwares suse-xen-ovmf-loaders.patch bsc#1159793 - lib: Prohibit parallel connections with tunneled migration e092daac-prohib-parallel-tunneled-mig.patch jsc#SLE-6998 - BuildRequire pkgconfig((lib)?udev) instead of (lib)?udev: allow OBS to shortcut through -mini flavors. ==== netcfg ==== - Require libnss_usrfiles2 for /usr/etc [bnc#1162666] ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Bug fixes, including addig support for "-fno-common" compiler option, 586 bug fixes, a bug fix for SHA1 handling, and other needed but small fixes (bsc#1160287), updating: * open-iscsi-SUSE-latest.diff.bz2 ==== openal-soft ==== Version update (1.19.1 -> 1.20.1) Subpackages: libopenal1 openal-soft-data - new version 1.20.1 The changes from 1.20.0 include: * Implemented the AL_SOFT_direct_channels_remix extension. * This extends AL_DIRECT_CHANNELS_SOFT to optionally remix input channels that don't have a matching output channel. * Implemented the AL_SOFT_bformat_ex extension. * This extends B-Format buffer support for N3D or SN3D scaling, or ACN channel ordering. * Fixed a potential voice leak when a source is started and stopped or restarted in quick succession. * Fixed a potential device reset failure with JACK. * Improved handling of unsupported channel configurations with WASAPI. * Such setups will now try to output at least a stereo mix. * Improved clarity a bit for the HRTF second-order ambisonic decoder. * Improved detection of compatible layouts for SOFA files in makemhr and sofa-info. * Added the ability to resample HRTFs on load. * MHR files no longer need to match the device sample rate to be usable. * Added an option to limit the HRTF's filter length. The changes from 1.19.1 include: * Converted the library codebase to C++11. * A lot of hacks and custom structures have been replaced with standard or cleaner implementations. * Partially implemented the Vocal Morpher effect. * Fixed the bsinc SSE resamplers on non-GCC compilers. * Fixed OpenSL capture. * Fixed support for extended capture formats with OpenSL. * Fixed handling of WASAPI not reporting a default device. * Fixed performance problems relating to semaphores on macOS. * Modified the bsinc12 resampler's transition band to better avoid aliasing noise. * Modified alcResetDeviceSOFT to attempt recovery of disconnected devices. * Modified the virtual speaker layout for HRTF B-Format decoding. * Modified the PulseAudio backend to use a custom processing loop. * Renamed the makehrtf utility to makemhr. * Improved the efficiency of the bsinc resamplers when up-sampling. * Improved the quality of the bsinc resamplers slightly. * Improved the efficiency of the HRTF filters. * Improved the HRTF B-Format decoder coefficient generation. * Improved reverb feedback fading to be more consistent with pan fading. * Improved handling of sources that end prematurely, avoiding loud clicks. * Improved the performance of some reverb processing loops. * Added fast_bsinc12 and 24 resamplers that improve efficiency at the cost of some quality. * Notably, down-sampling has less smooth pitch ramping. * Added support for SOFA input files with makemhr. * Added a build option to use pre-built native tools. * For cross-compiling, use with caution and ensure the native tools' binaries are kept up-to-date. * Added an adjust-latency config option for the PulseAudio backend. * Added basic support for multi-field HRTFs. * Added an option for mixing first- or second-order B-Format with HRTF output. * This can improve HRTF performance given a number of sources. * Added an RC file for proper DLL version information. * Disabled some old KDE workarounds by default. * Specifically, PulseAudio streams can now be moved (KDE may try to move them after opening). - makehrtf tool was renamed to makemhr - disable jack backend as it doesn't work due to missing jack_error_callback ==== openjpeg2 ==== - Fix several security relevant bugs: * 21399f6b7d318fcd.patch (like CVE-2018-6616, but rle4 instead of rle8, bsc#1079845) * 3aef207f90e937d4.patch (CVE-2019-12973, bsc#1140359) * 4cb1f663049aab96.patch (OSS-fuzz, https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979) * 024b8407392cb0b8.patch (CVE-2020-6851, bsc#1160782) * 05f9b91e60debda0.patch (CVE-2020-8112, bsc#1162090) - Use upstream pkgconfig file - Move API documentation from devel package to devel-doc ==== perl-DBI ==== Version update (1.642 -> 1.643) - updated to 1.643 see /usr/share/doc/packages/perl-DBI/Changes ==== publicsuffix ==== Version update (20191115 -> 20200201) - Update to version 20200201: * gTLD autopull: 2020-02-01 (#952) * gTLD autopull: 2020-01-31 (#951) * Add WoltLab Cloud domains (#947) * Add qbuser.com domain (#943) * Added senseering domain (#946) * Add u.channelsdvr.net to PSL (#950) * Add discourse.team (#949) * gTLD autopull: 2020-01-06 (#942) * gTLD autopull: 2019-12-25 (#939) * Urgent removal of eq.edu.au (#924) * gTLD autopull: 2019-12-20 (#938) * gTLD autopull: 2019-12-11 (#932) * Added adobeaemcloud domains (#931) * Add Observable domain: observableusercontent.com. (#914) * Correct v.ua sorting * add v.ua (#919) * Add en-root.fr domain (#910) * add Datawire private domain (#925) * Add amsw.nl private domain to PSL (#929) * Add *.on-k3s.io (#922) * Add *.r.appspot.com to public suffix list (#920) * Added gentapps.com (#916) * Add oya.to (#908) * Add Group 53, LLC Domains (#900) * Add perspecta.cloud (#898) * Add 0e.vc to PSL (#896) * Add skygearapp.com (#892) * Update Hostbip Section (#871) * Add qcx.io and *.sys.qcx.io (#868) * Add builtwithdark.com to the public suffix list (#857) * Add_customer-oci.com (#811) * Move out old .ru reserved domains * gTLD autopull: 2019-12-02 (#928) * gTLD autopull: 2019-11-20 (#926) ==== python ==== Subpackages: python-tk - Provide python-testsuite from devel subkg to ease py2->py3 dependencies - Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch off tests coliding with the combination of modern Python and ancient OpenSSL on SLE-12. - libnsl is required only on more recent SLEs and openSUSE, older glibc supported NIS on its own. ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Provide python-testsuite from devel subkg to ease py2->py3 dependencies - Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch off tests coliding with the combination of modern Python and ancient OpenSSL on SLE-12. ==== python-jedi ==== Version update (0.15.2 -> 0.16.0) - update to 0.16.0 - add delete.patch * Added Script.get_context to get information where you currently are. * Completions/type inference of Pytest fixtures. * Tensorflow, Numpy and Pandas completions should now be about 4-10x faster after the first time they are used. * Dict key completions are working now. e.g. d = {1000: 3}; d[10 will expand to 1000. * Completion for ?proxies? works now. These are classes that have a __getattr__(self, name) method that does a return getattr(x, name). after loading them initially. * Goto on a function/attribute in a class now goes to the definition in its super class. * Big Script API Changes: + The line and column parameters of jedi.Script are now deprecated + completions deprecated, use complete instead + goto_assignments deprecated, use goto instead + goto_definitions deprecated, use infer instead + call_signatures deprecated, use get_signatures instead + usages deprecated, use get_references instead + jedi.names deprecated, use jedi.Script(...).get_names() * BaseDefinition.goto_assignments renamed to BaseDefinition.goto * Add follow_imports to Definition.goto. Now its signature matches Script.goto. * Python 2 support deprecated. For this release it is best effort. Python 2 has reached the end of its life and now it?s just about a smooth transition. Bugs for Python 2 will not be fixed anymore and a third of the tests are already skipped. * Removed settings.no_completion_duplicates. It wasn?t tested and nobody was probably using it anyway. * Removed settings.use_filesystem_cache and settings.additional_dynamic_modules, they have no usage anymore. Pretty much nobody was probably using them. ==== python-parso ==== Version update (0.5.2 -> 0.6.1) - update to 0.6.1 * Add parso.normalizer.Issue.end_pos to make it possible to know where an issue ends * Dropped Python 2.6/Python 3.3 support * del_stmt names are now considered as a definition (for name.is_definition()) ==== python-setuptools ==== Version update (41.6.0 -> 44.0.0) Subpackages: python2-setuptools python3-setuptools - update to 44.0.0 - last version with python2 support - add testdata.tar.gz -> missing data for testsuite * Drop support for Python 3.4. * include pyproject.toml in source distribution by default. Projects relying on the previous behavior where pyproject.toml * Setuptools once again declares 'setuptools' in the build-system.requires and adds PEP 517 build support by declaring itself as the build-backend * Fix support for easy_install's find-links option in setup.cfg * Build dependencies (setup_requires and tests_require) now install transitive dependencies indicated by extras. * Mark the easy_install script and setuptools command as deprecated, and use pip when available to fetch/build wheels for missing setup_requires/tests_require requirements, with the following differences in behavior: + support for python_requires + better support for wheels (proper handling of priority with respect to PEP 425 tags) + PEP 517/518 support + eggs are not supported + no support for the allow_hosts easy_install option (index_url/find_links are still honored) + pip environment variables are honored (and take precedence over easy_install options) * Removed the "upload" and "register" commands in favor of twine. * Add support for the license_files option in setup.cfg to automatically include multiple license files in a source distribution. * Update handling of wheels compatibility tags: * add support for manylinux2010 * fix use of removed 'm' ABI flag in Python 3.8 on Windows * Fix empty namespace package installation from wheel. * Setuptools now exposes a new entry point hook "setuptools.finalize_distribution_options", enabling plugins like setuptools_scm to configure options on the distribution at finalization time. ==== rsyslog ==== - avoid build error with gcc flag -fno-common (bsc#1160414) * add 0001-satisfy-gcc-flag-fno-common.patch ==== sharutils ==== Subpackages: sharutils-lang - No longer recommend -lang: supplements are in use. ==== telegram-purple ==== Version update (1.4.1 -> 1.4.2) Subpackages: libpurple-plugin-telegram libpurple-plugin-telegram-lang pidgin-plugin-telegram - Upgrade to 1.4.2 - Support ancient glib (gh#501) - Update translations - Fix: Handle forwarded messages and captioned images better - Fix: Handle replies better - Fix: Images in own messages - Fix: Remove *some* of the duplicate messages seen ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - Check passwd not group file for user mktex - Introduce a user mktex as replacement for user nobody (boo#1159740) ==== tlp ==== Version update (1.2.2 -> 1.3.0) Subpackages: tlp-rdw - Update to 1.3.0 * New configuration scheme - /etc/default/tlp is replaced by /etc/tlp.conf - Settings are read in the following order: - 1. Intrinsic defaults - 2. /etc/tlp.d/*.conf - Drop-in customization snippets - 3. /etc/tlp.conf - User configuration - In case of identical parameters, the last occurence has precedence - Parse config files instead of sourcing --> no more shell expansion * Battery Features, tlp-stat -b - Charge thresholds: better checks for command line and configuration; clearer error messages - tlp discharge: error message "check your hardware" when battery wasn't completely discharged (Issue #438) - Distinguish between "no kernel support" for natacpi (< 4.17) and "laptop not supported" (>= 4.17) - Supplement battery status "Unknown" with "threshold may prevent charging" when thresholds are available only * General - systemd: replace tlp-sleep.service with /lib/systemd/system-sleep/tlp * Operation Mode AC/BAT - TLP_PS_IGNORE: power supply class to ignore when determining operation mode; workaround for laptops reporting incorrect AC or battery status (Issue #446) * PCI(e) devices - PCIE_ASPM_ON_AC/BAT: add method 'powersupersave' (Issue #425) * Processor - CPU_ENERGY_PERF_POLICY_ON_AC/BAT: backward compatible merge of settings for Intel energy vs. performance policies EPB (ENERGY_PERF_POLICY_ON_AC/BAT) and HWP.EPP (CPU_HWP_ON_AC/BAT); when HWP.EPP is available, EPB is not set; validate parameters; eliminate external tool x86_energy_perf_policy for kernel >= 5.2 * tlp-stat - Configuration: show file where the parameter comes from - System Info: Show SELinux status Show RDW as 'disabled' when TLP is disabled as a whole Indicate persistent mode - Intel CPU: don't show EPB values when HWP.EPP is active (see above) - PCIe ASPM: show available policies - Undervolting: remove "PHC kernel not available" message * Battery Features - Issue #415: ThinkPad X240 discharge BAT1 malfunction when BAT0 is not installed * Disks - Fix NVMe detection on Linux 4.15 * tlp-stat - Issue #430: ignore HID device batteries ==== vim ==== Version update (8.2.0119 -> 8.2.0200) Subpackages: gvim vim-data vim-data-common - Refreshed disable-unreliable-tests.patch and vim-7.3-help_tags.patch - Updated to version 8.2.0200, fixes the following problems * Message test fails on some platforms. (Elimar Riesebieter) * virtcol() does not check arguments to be valid, which may lead to a crash. * filter() and map() on blob don't work. * complete_info() does not work when CompleteDone is triggered. * Compiler warnings for variable types. * :mode no longer works for any system. * Textprop test fails. * Some buffer commands work in a popup window. * Cannot list options one per line. * Python3 ranges are not tested. * Command line is not cleared when switching tabs and the command line height differs. * Script may be re-used when deleting and creating a new one. * Invalid memory access with search command. * Some map functionality not covered by tests. * Bracketed paste can still cause invalid memory access. (Dominique Pelle) * Stray ch_logfile() call. * Crash when using win_execute() from a new tab. * Memory leak when starting a job fails. * No swift filetype detection. * Possible to enter popup window with CTRL-W p. (John Devin) * Coverity warning for possible use of NULL pointer. * Some mapping code is not fully tested. * Using #error for compilation errors should be OK now. * Wrong indent when 'showbreak' and 'breakindent' are set and 'briopt' includes "sbr". * Block Visual mode operators not correct when 'linebreak' set. * Mapping related function in wrong source file. * Maintaining a Vim9 branch separately is more work. * Cannot define python function when using :execute. (Yasuhiro Matsumoto) * Detecting a script was already sourced is unreliable. * Restoring ctrl_x_mode is not needed. * Warning shows when listing version info. * Reallocating the list of scripts is inefficient. * Warnings from MinGW compiler. (John Marriott) Json test fails when building without +float feature. * Various typos in source files and tests. * Vim9 script files not in list of distributed files. * Triggering CompleteDone earlier is not backwards compatible. (Daniel Hahler) * Non-materialized range() list causes problems. (Fujiwara Takuya) * Range test fails. * Not recognizing .gv file as dot filetype. * Balloon test fails in the GUI. * Test hangs on MS-Windows console. * Test_alot takes too long. * Coverity warning for using NULL pointer. * Coverity warning for using uninitialized variable. * Coverity warning for ignoring return value. * Coverity warning for assigning NULL to an option. * Coverity warning for dead code. * Coverity warning for ignoring return value. * Coverity warning for using uninitialized buffer. * Coverity warning for not restoring character. * Various commands not completely tested. * Crash when removing list element in map(). * Generating os headers does not work for Swedish. * Memory leak in get_tags(). * With VTP the screen may not be restored properly. * Still a few places where range() does not work. * Test for wrapmargin fails if terminal is not 80 columns. * Problems parsing :term arguments. * Min() and max() materialize a range() list. * Tests fail when the float feature is disabled. * Blob test fails. * Vim9 script: cannot use "if has()" to skip lines. * A couple of tests may fail when features are missing. * Reduntant code. * Check commands don't work well with Vim9 script. * cd() with NULL argument crashes. * Kotlin files are not recognized. * Cannot put a terminal in a popup window. * Build failure without +terminal feature. * Still build failure without +terminal feature. * Some commands can cause problems in terminal popup. * Some tests fail when run in the GUI. * Blocking commands for a finished job in a popup window. * Some Ex commands not sufficiently tested. * No tests for y/n prompt. ==== wireguard ==== Version update (0.0.20200128_k5.4.14_2 -> 0.0.20200205_k5.5.1_1) - Update to version 0.0.20200205 * allowedips: remove previously added list item when OOM fail * noise: reject peers with low order public keys * netns: ensure non-addition of peers with failed precomputation * netns: tie socket waiting to target pid ==== wxWidgets-3_0 ==== Subpackages: libwx_baseu-suse3_0_4 libwx_baseu_net-suse3_0_4 libwx_baseu_xml-suse3_0_4 libwx_gtk2u_adv-suse3_0_4 libwx_gtk2u_aui-suse3_0_4 libwx_gtk2u_core-suse3_0_4 libwx_gtk2u_gl-suse3_0_4 libwx_gtk2u_html-suse3_0_4 libwx_gtk2u_media-suse3_0_4 libwx_gtk2u_propgrid-suse3_0_4 libwx_gtk2u_richtext-suse3_0_4 libwx_gtk2u_stc-suse3_0_4 libwx_gtk2u_xrc-suse3_0_4 wxWidgets-lang - Build wxWidgets-3_0-nostl variant with LTO disabled to fix boo#1162418. ==== wxWidgets-3_0-nostl ==== Subpackages: libwx_baseu-suse-nostl3_0_4 libwx_baseu_net-suse-nostl3_0_4 libwx_baseu_xml-suse-nostl3_0_4 libwx_gtk2u_adv-suse-nostl3_0_4 libwx_gtk2u_core-suse-nostl3_0_4 libwx_gtk2u_html-suse-nostl3_0_4 libwx_gtk2u_qa-suse-nostl3_0_4 - Build wxWidgets-3_0-nostl variant with LTO disabled to fix boo#1162418. ==== xdg-desktop-portal ==== Subpackages: xdg-desktop-portal-lang - Set encoding before building to fix a build error in SLE. ==== xfsdump ==== Version update (3.1.8 -> 3.1.9) - Update to version 3.1.9: - Fix build due to removed typedefs in xfsprogs - Support fallocate in xfs_restore - Many cosmetic cleanups N��r��y隊Z)z{.��r�+�맲��r��z�^�ˬz��N�(�֜��^� ޭ隊Z)z{.��r�+��0��Ǩ�

12 19

[opensuse-factory] cdparanoia, kernel 5.6.0rc2 and no SG_IO support for device /dev/sr0
by Antonio Larrosa 20 Feb '20

20 Feb '20

Hi, I'm testing the 5.6.0rc2 kernel from Kernel:HEAD with Tumbleweed and I noticed that cdparanoia doesn't work with it. I specified -d /dev/sr0 as usual in the command line to use the cdrom device but with kernel 5.6.0rc2 it returns: "Error trying to open /dev/sga exclusively (No such file or directory)" And in verbose mode it adds: Testing /dev/sr0 for SCSI/MMC interface no SG_IO support for device: /dev/sr0 With kernel 5.5.2 the same command line works fine. I checked that the sg module is loaded with both kernels and also did a diff of the lsmod output with both kernels and didn't find anything suspicious. Any idea? Btw, a small test application with code from cdparanoia (attached, build with `gcc test.c`) shows that the ioctl call is returning a different errno number in 5.5.2 (EINVAL) and 5.6.0rc2 (EFAULT). -- Antonio Larrosa

4 6

[opensuse-factory] getprotobyname() does not work any more because of the /usr/etc migration
by Xu Zhao 20 Feb '20

20 Feb '20

Hello all, After upgrading to netcfg 11.6 I find it has moved the file /etc/protocols to /usr/etc/protocols. This will break the assumption of some applications and function calls. For example, the getprotobyname() call (https://linux.die.net/man/3/getprotobyname) takes a protocol name and should return a struct protoent. However, on my machine this function call returns NULL. Creating a softlink from "/usr/etc/protocols" to "/etc/protocols" could workaround this problem. However, I believe we should fix it by patching glibc. Best Regards, ~xz -- Xu Zhao i(a)xuzhao.net

4 4

[opensuse-factory] Re: UEFI Secure Boot and hibernation
by Chris Murphy 20 Feb '20

20 Feb '20

On Tue, Feb 18, 2020 at 11:59 PM joeyli <jlee(a)suse.com> wrote: > > On Tue, Feb 18, 2020 at 11:16:25PM -0700, Chris Murphy wrote: > > Thanks for the update. Is the expectation that the authentication will > > require a TPM? > > The hibernate snapshot image should be encrypted by a AE mode (Authenticated > Encryption) like AES-GCM as Andy Lutomirski's suggestion. > https://lkml.org/lkml/2019/1/9/828 > > Then the key of AES-GCM must be sealed by TPM with appropriate PCR registers for > localities with the runtime kernel. Then the sealed key chunk must be attached > on hibernation header with snapshot image. > > The above is what I think for next version. Do you think it's necessary to encrypt and sign swap (page outs)? If an attacker could inject something malicious into the hibernation image, why not inject it into pages in swap? For example: Hibernation (apparently) can silently fail if > 50% of RAM is used; but the intention is that some mechanism (whether kernel or user-space) needs to free up enough RAM so that the hibernation image can be created. https://marc.info/?l=linux-kernel&m=157177497015315 In my experience, upon issuing: # echo reboot > /sys/power/disk # echo disk > /sys/power/state I see considerable page outs to the swap partition, prior to hibernation entry. Upon resume, those pages in swap are still valid. Is there a reason why they wouldn't be exploitable? Maybe it's a more suitable subject for discussion on linux-pm@ list? -- Chris Murphy -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

2 1

[opensuse-factory] New Tumbleweed snapshot 20200218 released!
by Dominique Leuenberger 20 Feb '20

20 Feb '20

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ModemManager (1.12.0 -> 1.12.6) apache2-mod_dnssd btrfsprogs (5.4 -> 5.4.1) busybox (1.30.1 -> 1.31.1) chrony dconf-editor (3.34.3 -> 3.34.4) dialog double-conversion epiphany (3.34.3.1 -> 3.34.4) evolution (3.34.3 -> 3.34.4) evolution-data-server (3.34.3 -> 3.34.4) evolution-ews (3.34.3 -> 3.34.4) flatpak (1.6.1 -> 1.6.2) glibc (2.30 -> 2.31) gnome-control-center (3.34.2 -> 3.34.4) gnome-shell-extensions grep (3.3 -> 3.4) hylafax+ (7.0.1 -> 7.0.2) iagno (3.34.4 -> 3.34.5) intel-vaapi-driver (2.3.0 -> 2.4.0) issue-generator (1.7 -> 1.8) jsoncpp kernel-firmware (20200122 -> 20200207) kernel-source (5.5.2 -> 5.5.4) libarchive (3.4.1 -> 3.4.2) libeconf (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69) libreoffice libxcrypt (4.4.10 -> 4.4.12) llvm9 mariadb-connector-c (3.1.6 -> 3.1.7) mdadm meld (3.20.1 -> 3.20.2) mutt (1.13.3 -> 1.13.4) nfs-utils openssh perl-Convert-UUlib (1.6 -> 1.62) ppp psqlODBC (11.01.0000 -> 12.01.0000) python python-base rtl_433 (19.08+git.20190829 -> 20.02+git.20200218) strace (5.4 -> 5.5) sudo (1.8.28p1 -> 1.8.31) tigervnc whois (5.5.4 -> 5.5.5) wireguard (0.0.20200205_k5.5.2_1 -> 0.0.20200214_k5.5.4_1) xdg-user-dirs xerces-c xfce4-whiskermenu-plugin (2.4.1 -> 2.4.2) xfconf yast2-nis-client (4.2.1 -> 4.2.2) yast2-python-bindings (4.1.1 -> 4.1.2) zsh (5.8~pre2 -> 5.8~pre3) === Details === ==== ModemManager ==== Version update (1.12.0 -> 1.12.6) Subpackages: ModemManager-bash-completion ModemManager-lang libmm-glib0 - Update to version 1.12.6: + SIM: Updated logic to avoid sending PIN/PUK to the SIM card when not required (e.g. if already unlocked). + Simple interface: Avoid aborting connection if SIM-PUK2 locked, as PIN2/PUK2 doesn't prevent us from getting connected. + Location interface: Fixed memory leak happening as soon as a position fix was obtained and gps-raw location source was enabled. + Core: - Fixed handling of 0x00 bytes at the end of GSM encoded strings. - Fixed cleaning up 'timed-out' signal on the serial port objects. - Fixed logic that closes MBIM ports during cleanup. + Several other minor fixes and memory leak plugs. - Changes from version 1.12.4: + Core: Added missing ME error codes when building GError variables for the MM_MOBILE_EQUIPMENT_ERROR domain. + Bearer: Avoid connection checks or stats updates while disconnecting. + Serial port: Fix segfault when port flash operation gets cancelled. + Simple interface: Fix the ongoing connection cancellable handling. + Voice interface: Fix segfault when voice support check fails. + QMI: Fixed several memory leaks, including a severe one happening when multiple GPS sources (e.g. raw and nmea) were enabled at the same time. + Plugins: ublox: ignore errors when attempting to disconnect last bearer. + mmcli: Allow "yes" and "no" as boolean strings. + Several other minor fixes and memory leak plugs. - Changes from version 1.12.2: + Simple interface: Avoid assertion on the ongoing connect cancellable. + Plugin manager: - Fix waiting the minimum probing time. - Explicitly cancel timeouts when device probing is cancelled. - Disable lazy plugin loading, we now require all missing symbols to be resolved at loading time for a plugin to correctly be loaded. + Bearer: Avoid reporting disconnection error if trying to disconnect a bearer that is already disconnected. + MBIM: Completely skip LTE attach config/status if unsupported. + QMI: - Make current settings mandatory when using 'static' addressing. - Handle disconnection indications during connection attempt. - Explicitly close QMI port during disconnection if it was opened during a connection attempt. + Plugins: - huawei: avoid using QCDM port during a voice call. - sierra: added port type hints for the EM7565. - dell,dw5821e: added support for the DW5821e with eSIM variant. + mmcli: Fix printing empty value lists in human-friendly output. + Several other minor fixes and memory leak plugs. ==== apache2-mod_dnssd ==== - removing %apache_test_* macros, do not test module just by loading the module ==== btrfsprogs ==== Version update (5.4 -> 5.4.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.4.1 * build: fix docbook5 build * check: do extra verification of extent items, inode items and chunks * qgroup: return ENOTCONN if quotas not running (needs updated kernel) * other: various test fixups ==== busybox ==== Version update (1.30.1 -> 1.31.1) - Eanble FEATURE_TFTP_HPA_COMPAT and SH_MATH_BASE - Update to version 1.31.1: + Bug fix release. 1.30.1 has fixes for dc, ash (PS1 expansion fix), hush, dpkg-deb, telnet and wget. - Changes from version 1.31.0: + many bugfixes and new features. - Add busybox-no-stime.patch: stime() has been deprecated in glibc 2.31 and replaced with clock_settime(). ==== chrony ==== - Add chrony-test-update-processing-of-packet-log.patch in order to fix test-suite failure. - Update clknetsim to version 79ffe44 (fixes boo#1162964). - Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch. ==== dconf-editor ==== Version update (3.34.3 -> 3.34.4) Subpackages: dconf-editor-lang - Update to version 3.34.4: + Updated translations. ==== dialog ==== Subpackages: dialog-lang libdialog15 - No longer recommend -lang: supplements are in use. ==== double-conversion ==== - Use proper cmake calls - Do not pull in py2 that is EOL but use python3 for build ==== epiphany ==== Version update (3.34.3.1 -> 3.34.4) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.34.4: + Changing web app icon in preferences dialog should copy icon. + Fix new tab page with few items in history. + Fix Favorites and Mobile bookmarks not tagged correctly when localized. + Fix password manager user account selector. + Hide view source context menu item when on view source page. + Fix memory corruption in view source mode. + Fix crash when parsing session state. + Fix improper warning when closing multiple tabs. + Fix occasional failure to start up. + Fix memory corruption when loading adblock filters. ==== evolution ==== Version update (3.34.3 -> 3.34.4) Subpackages: evolution-lang evolution-plugin-bogofilter evolution-plugin-pst-import evolution-plugin-spamassassin evolution-plugin-text-highlight - Update to version 3.34.4: + Emoticon: Replace Unicode variant for face-smile and face-sad with Emoji. + Bugs fixed: - 'open-map:' URI passed to browser. - PST importer: Fix name of MIME multipart/alternative. - Incorrect time shown in Reply credits for Australia/Adelaide. - ECompEditor: Typing end time messes up start time. ==== evolution-data-server ==== Version update (3.34.3 -> 3.34.4) Subpackages: evolution-data-server-lang libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-24 libedataserverui-1_2-2 - Update to version 3.34.4: + EDBusServer: Delay new module load. + alarm-notify: Double-free with certain types of the reminder. + Bugs fixed: - Calendar: Handle errors in file backend's refresh thread gracefully. - WebDAV: Privilege with multiple child elements not handled properly. - Broken search folder that includes all mails from other search folders. + Updated translations. ==== evolution-ews ==== Version update (3.34.3 -> 3.34.4) Subpackages: evolution-ews-lang - Update to version 3.34.4: + Bugs fixed: - Fails to create event with no duration. - Map 'tzone://Microsoft/Utc' to libical's 'UTC'. ==== flatpak ==== Version update (1.6.1 -> 1.6.2) Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0 - Update to version 1.6.2: + Due to a combination of some behaviour in flatpak and recent versions of ostree we at some point lost the use of deltas for the initial install case, instead always falling back to a full ostree operation which is a lot less efficient for pulls with many small files like a runtime. This caused some very slow installs from e.g. flathub, so it's recommended to update to this version to get better install performance. + We now correctly handle TMPDIR env var overrides when bwrap is setuid + Disallow running "flatpak run" under sudo (as it doesn't work and causes issues) + Fix build with older versions of glib + Minor documentation updates + Updated translations ==== glibc ==== Version update (2.30 -> 2.31) Subpackages: glibc-32bit glibc-devel glibc-extra glibc-info glibc-locale glibc-locale-base nscd - nsswitch.conf: comment out initgroups setting, so that it defaults to the group setting (bsc#1164075) - fix-locking-in-_IO_cleanup.patch: update to latest version - Update to glibc 2.31 * The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to enable features from the draft ISO C2X standard * The <math.h> functions that round their results to a narrower type now have corresponding type-generic macros in <tgmath.h> * The function pthread_clockjoin_np has been added, enabling join with a terminated thread with a specific clock * New locale added: mnw_MM (Mon language spoken in Myanmar). * The DNS stub resolver will optionally send the AD (authenticated data) bit in queries if the trust-ad option is set via the options directive in /etc/resolv.conf (or if RES_TRUSTAD is set in _res.options) * The totalorder and totalordermag functions, and the corresponding functions for other floating-point types, now take pointer arguments to avoid signaling NaNs possibly being converted to quiet NaNs in argument passing * The obsolete function stime is no longer available to newly linked binaries, and its declaration has been removed from <time.h> * The gettimeofday function no longer reports information about a system-wide time zone * If a lazy binding failure happens during dlopen, during the execution of an ELF constructor, the process is now terminated - malloc-info-whitespace.patch, riscv-vfork.patch, prefer-map-32bit-exec.patch, backtrace-powerpc.patch, ldconfig-dynstr.patch: Removed. - backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (bsc#1158996, BZ #25423) - Drop support for pluggable gconv modules (bsc#1159851) ==== gnome-control-center ==== Version update (3.34.2 -> 3.34.4) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Update to version 3.34.4: + Thunderbolt: Fix memory leak. + Printers: Fix read of freed memory. + User Accounts: - Use absolute path of command usermod. - Fix carousel arrow location when animations are disabled. - Fix memory leak. - Fix uninitialized variable. + Region & Language: Fix LC_* variables not being correctly reset. + Sound: Add missing subwoofer icons. + Updated translations. - Drop gnome-control-center-can-not-find-usermod.patch: Fixed upstream. ==== gnome-shell-extensions ==== Subpackages: gnome-shell-classic gnome-shell-classic-session - Enable packaging of user-theme extension: Despite its name, this extension is also used to enable 'system themes' in GMOME Tweaks. And since we have multiple themes in the repository, we should also provide the needed extension to enable them. - No longer obsolete gnome-shell-extension-user-theme. ==== grep ==== Version update (3.3 -> 3.4) Subpackages: grep-lang - Switch back to system regex to avoid undefined behaviour - grep 3.4: * new --no-ignore-case option causes grep to observe case distinctions, overriding any previous -i (--ignore-case) option * '.' no longer matches some invalid byte sequences in UTF-8 locales * grep -Fw can no longer false match in non-UTF-8 multibyte locales * The exit status of 'grep -L' is no longer incorrect when standard output is /dev/null * fix some performance bugs - drop test-pcre-jitstack.diff ==== hylafax+ ==== Version update (7.0.1 -> 7.0.2) Subpackages: hylafax+-client - Version 7.0.2 * change FIXEDWIDTH default to better accommodate auto-rotation (13 Dec 2019) * prevent SSL_accept() from blocking (5 Dec 2019) * support libtiff v4.1 (5 Dec 2019) * fix ignoremodembusy feature broken by ModemGroup limits feature (16 Nov 2019) ==== iagno ==== Version update (3.34.4 -> 3.34.5) Subpackages: iagno-lang - Update to version 3.34.5: + Metadata fixes. + Updated translations. ==== intel-vaapi-driver ==== Version update (2.3.0 -> 2.4.0) - Update to version 2.4.0 * Fix the dependency on libEGL (boo#1163093) * Fix ROI support * Fix FD leaks on Wayland * Fix BRC setting * Fix VP8 encoder * Fix VP9 encoder * Fix meson build - supersedes patches: * U_vaapi_Check-interface-from-libva.patch * U_vaapi_Revert-VPP-clear-surface.patch * U_vaapi_Return-false-instead-assertion-fail.patch * U_vaapi_HEVC-encoder-correct-minimal-bitrate.patch * U_vaapi_Remove-dep-on-EncRoi-attr.patch * U_vaapi_Fix-off-by-one-in-ROI-regions.patch ==== issue-generator ==== Version update (1.7 -> 1.8) - Update to version 1.8 - Handle network interface renames ==== jsoncpp ==== - Fix build on non-x86 architectures - boo#1163385 * jsoncpp-f11611c8785082ead760494cba06196f14a06dcb.patch - From 1.9.1 to 1.9.2, features.h has been renamed json_features.h so, add a symlink for compatibility - boo#1163385 ==== kernel-firmware ==== Version update (20200122 -> 20200207) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20200207 (git commit 6f89735800fe): * rtl_nic: update firmware for RTL8153A * rtl_bt: Update RTL8822C BT FW to V0x0998_C2B4 * linux-firmware: add firmware for MT7622 * linux-firmware: add version 2 for MT7615E * amdgpu: update to latest navi10 firmware from 19.50 * Revert "radeon: update oland rlc microcode from amdgpu" * amlogic: update video decoder firmwares * amdgpu: add renoir firmware for 19.50 * amdgpu: update raven2 firmware for 19.50 * nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.12.A.13 * qca: update bluetooth firmware for QCA6174 - Update topics and alias list ==== kernel-source ==== Version update (5.5.2 -> 5.5.4) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - bcache: fix incorrect data type usage in btree_flush_write() (git-fixes). - commit 119f9ca - Linux 5.5.4 (bnc#1012628). - selinux: fall back to ref-walk if audit is required (bnc#1012628). - libertas: make lbs_ibss_join_existing() return error code on rates overflow (bnc#1012628). - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held (bnc#1012628). - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (bnc#1012628). - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (bnc#1012628). - dmaengine: axi-dmac: add a check for devm_regmap_init_mmio (bnc#1012628). - clk: meson: g12a: fix missing uart2 in regmap table (bnc#1012628). - mfd: max77650: Select REGMAP_IRQ in Kconfig (bnc#1012628). - regmap: fix writes to non incrementing registers (bnc#1012628). - pinctrl: qcom: Don't lock around irq_set_irq_wake() (bnc#1012628). - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B (bnc#1012628). - pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control (bnc#1012628). - pinctrl: baytrail: Allocate IRQ chip dynamic (bnc#1012628). - selinux: fix regression introduced by move_mount(2) syscall (bnc#1012628). - selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" (bnc#1012628). - x86/alternatives: add missing insn.h include (bnc#1012628). - bcache: avoid unnecessary btree nodes flushing in btree_flush_write() (bnc#1012628). - ASoC: soc-generic-dmaengine-pcm: Fix error handling (bnc#1012628). - dt-bindings: iio: adc: ad7606: Fix wrong maxItems value (bnc#1012628). - i2c: cros-ec-tunnel: Fix ACPI identifier (bnc#1012628). - i2c: cros-ec-tunnel: Fix slave device enumeration (bnc#1012628). - media: i2c: adv748x: Fix unsafe macros (bnc#1012628). - drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe (bnc#1012628). - crypto: caam/qi2 - fix typo in algorithm's driver name (bnc#1012628). - crypto: atmel-sha - fix error handling when setting hmac key (bnc#1012628). - crypto: artpec6 - return correct error code for failed setkey() (bnc#1012628). - crypto: testmgr - don't try to decrypt uninitialized buffers (bnc#1012628). - mtd: sharpslpart: Fix unsigned comparison to zero (bnc#1012628). - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock (bnc#1012628). - arm64: kvm: Fix IDMAP overlap with HYP VA (bnc#1012628). - arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly (bnc#1012628). - KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer (bnc#1012628). - KVM: arm64: pmu: Fix chained SW_INCR counters (bnc#1012628). - KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset (bnc#1012628). - KVM: arm: Make inject_abt32() inject an external abort instead (bnc#1012628). - KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests (bnc#1012628). - KVM: arm/arm64: Fix young bit from mmu notifier (bnc#1012628). - crypto: arm/chacha - fix build failured when kernel mode NEON is disabled (bnc#1012628). - arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations (bnc#1012628). - arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly (bnc#1012628). - arm64: cpufeature: Fix the type of no FP/SIMD capability (bnc#1012628). - arm64: kernel: Correct annotation of end of el0_sync (bnc#1012628). - sched/uclamp: Fix a bug in propagating uclamp value in new cgroups (bnc#1012628). - ARM: 8949/1: mm: mark free_memmap as __init (bnc#1012628). - KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections (bnc#1012628). - ARM: at91: pm: use of_device_id array to find the proper shdwc node (bnc#1012628). - ARM: at91: pm: use SAM9X60 PMC's compatible (bnc#1012628). - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA (bnc#1012628). - powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW (bnc#1012628). - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning (bnc#1012628). - powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths (bnc#1012628). - powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX (bnc#1012628). - powerpc/ptdump: Fix W+X verification call in mark_rodata_ro() (bnc#1012628). - Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests" (bnc#1012628). - soc: qcom: rpmhpd: Set 'active_only' for active only power domains (bnc#1012628). - tools/power/acpi: fix compilation error (bnc#1012628). - ARM: dts: at91: sama5d3: define clock rate range for tcb1 (bnc#1012628). - ARM: dts: at91: sama5d3: fix maximum peripheral clock rates (bnc#1012628). - ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP (bnc#1012628). - ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP (bnc#1012628). - arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node (bnc#1012628). - arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound (bnc#1012628). - ARM: dts: am43xx: add support for clkout1 clock (bnc#1012628). - ARM: dts: at91: Reenable UART TX pull-ups (bnc#1012628). - arm64: dts: qcom: msm8998-mtp: Add alias for blsp1_uart3 (bnc#1012628). - arm64: dts: uDPU: fix broken ethernet (bnc#1012628). - arm64: dts: qcom: msm8998: Fix tcsr syscon size (bnc#1012628). - platform/x86: intel_mid_powerbtn: Take a copy of ddata (bnc#1012628). - ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node (bnc#1012628). - MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init() (bnc#1012628). - watchdog: qcom: Use platform_get_irq_optional() for bark irq (bnc#1012628). - rtc: cmos: Stop using shared IRQ (bnc#1012628). - rtc: hym8563: Return -EINVAL if the time is known to be invalid (bnc#1012628). - rtc: mt6397: drop free_irq of devm_ allocated irq (bnc#1012628). - netdevsim: use __GFP_NOWARN to avoid memalloc warning (bnc#1012628). - netdevsim: fix panic in nsim_dev_take_snapshot_write() (bnc#1012628). - netdevsim: disable devlink reload when resources are being used (bnc#1012628). - netdevsim: fix using uninitialized resources (bnc#1012628). - mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap (bnc#1012628). - bpf, sockmap: Check update requirements after locking (bnc#1012628). - bpf: Improve bucket_log calculation logic (bnc#1012628). - selftests/bpf: Test freeing sockmap/sockhash with a socket in it (bnc#1012628). - bpf, sockhash: Synchronize_rcu before free'ing map (bnc#1012628). - bpf, sockmap: Don't sleep while holding RCU lock on tear-down (bnc#1012628). - bpftool: Don't crash on missing xlated program instructions (bnc#1012628). - x86/boot: Handle malformed SRAT tables during early ACPI parsing (bnc#1012628). - NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals (bnc#1012628). - NFSv4: try lease recovery on NFS4ERR_EXPIRED (bnc#1012628). - NFSv4: pnfs_roc() must use cred_fscmp() to compare creds (bnc#1012628). - NFS: Fix fix of show_nfs_errors (bnc#1012628). - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() (bnc#1012628). - NFS: Revalidate the file size on a fatal write error (bnc#1012628). - nfs: NFS_SWAP should depend on SWAP (bnc#1012628). - NFSv4.x recover from pre-mature loss of openstateid (bnc#1012628). - netfilter: flowtable: Fix missing flush hardware on table free (bnc#1012628). - netfilter: flowtable: Fix hardware flush order on nf_flow_table_cleanup (bnc#1012628). - netfilter: flowtable: restrict flow dissector match on meta ingress device (bnc#1012628). - netfilter: flowtable: fetch stats only if flow is still alive (bnc#1012628). - iwlwifi: mvm: fix TDLS discovery with the new firmware API (bnc#1012628). - iwlwifi: mvm: avoid use after free for pmsr request (bnc#1012628). - PCI/AER: Initialize aer_fifo (bnc#1012628). - PCI: Don't disable bridge BARs when assigning bus resources (bnc#1012628). - PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30 (bnc#1012628). - PCI/switchtec: Fix vep_vector_number ioread width (bnc#1012628). - PCI/switchtec: Use dma_set_mask_and_coherent() (bnc#1012628). - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe (bnc#1012628). - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (bnc#1012628). - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails (bnc#1012628). - RDMA/umem: Fix ib_umem_find_best_pgsz() (bnc#1012628). - RDMA/cma: Fix unbalanced cm_id reference count during address resolve (bnc#1012628). - RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence (bnc#1012628). - RDMA/mlx5: Fix handling of IOVA != user_va in ODP paths (bnc#1012628). - RDMA/uverbs: Verify MR access flags (bnc#1012628). - RDMA/core: Fix locking in ib_uverbs_event_read (bnc#1012628). - RDMA/i40iw: fix a potential NULL pointer dereference (bnc#1012628). - RDMA/netlink: Do not always generate an ACK for some netlink operations (bnc#1012628). - IB/mlx4: Fix leak in id_map_find_del (bnc#1012628). - IB/mlx5: Return the administrative GUID if exists (bnc#1012628). - IB/srp: Never use immediate data if it is disabled by a user (bnc#1012628). - IB/mlx4: Fix memory leak in add_gid error flow (bnc#1012628). - commit 271ee1b - Update config files: enable CONFIG_FW_CFG_SYSFS for arm64 (bsc#1163521) - commit d888576 - Update config files: CONFIG_NVME_HWMON=y When the config files were updated for kernel v5.5, the commit message claimed CONFIG_NVME_HWMON was to be enabled, however the configuration files themselves had the option disabled. We definitely want hardware monitoring enabled on NVME devices, so fix the configuration files to match the original intent. - commit d654690 - Linux 5.5.3 (bnc#1012628). - sparc32: fix struct ipc64_perm type definition (bnc#1012628). - bnxt_en: Move devlink_register before registering netdev (bnc#1012628). - gtp: use __GFP_NOWARN to avoid memalloc warning (bnc#1012628). - l2tp: Allow duplicate session creation with UDP (bnc#1012628). - net: hsr: fix possible NULL deref in hsr_handle_frame() (bnc#1012628). - net_sched: fix an OOB access in cls_tcindex (bnc#1012628). - net/core: Do not clear VF index for node/port GUIDs query (bnc#1012628). - net: mvneta: fix XDP support if sw bm is used as fallback (bnc#1012628). - bnxt_en: Fix TC queue mapping (bnc#1012628). - net: stmmac: Delete txtimer in suspend() (bnc#1012628). - tcp: clear tp->total_retrans in tcp_disconnect() (bnc#1012628). - tcp: clear tp->delivered in tcp_disconnect() (bnc#1012628). - tcp: clear tp->data_segs{in|out} in tcp_disconnect() (bnc#1012628). - tcp: clear tp->segs_{in|out} in tcp_disconnect() (bnc#1012628). - cls_rsvp: fix rsvp_policy (bnc#1012628). - rxrpc: Fix use-after-free in rxrpc_put_local() (bnc#1012628). - rxrpc: Fix insufficient receive notification generation (bnc#1012628). - rxrpc: Fix missing active use pinning of rxrpc_local object (bnc#1012628). - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect (bnc#1012628). - bnxt_en: Refactor logic to re-enable SRIOV after firmware reset detected (bnc#1012628). - net: phy: at803x: disable vddio regulator (bnc#1012628). - bnxt_en: Fix RDMA driver failure with SRIOV after firmware reset (bnc#1012628). - ionic: fix rxq comp packet type mask (bnc#1012628). - MAINTAINERS: correct entries for ISDN/mISDN section (bnc#1012628). - netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init() (bnc#1012628). - bnxt_en: Fix logic that disables Bus Master during firmware reset (bnc#1012628). - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (bnc#1012628). - mfd: dln2: More sanity checking for endpoints (bnc#1012628). - netfilter: ipset: fix suspicious RCU usage in find_set_and_id (bnc#1012628). - ALSA: pcm: Fix memory leak at closing a stream without hw_free (bnc#1012628). - ipc/msg.c: consolidate all xxxctl_down() functions (bnc#1012628). - tracing/kprobes: Have uname use __get_str() in print_fmt (bnc#1012628). - tracing: Fix sched switch start/stop refcount racy updates (bnc#1012628). - rcu: Use *_ONCE() to protect lockless ->expmask accesses (bnc#1012628). - rcu: Avoid data-race in rcu_gp_fqs_check_wake() (bnc#1012628). - srcu: Apply *_ONCE() to ->srcu_last_gp_end (bnc#1012628). - rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special() (bnc#1012628). - nvmet: Fix error print message at nvmet_install_queue function (bnc#1012628). - nvmet: Fix controller use after free (bnc#1012628). - Bluetooth: btusb: fix memory leak on fw (bnc#1012628). - Bluetooth: btusb: Disable runtime suspend on Realtek devices (bnc#1012628). - brcmfmac: Fix memory leak in brcmf_usbdev_qinit (bnc#1012628). - usb: dwc3: gadget: Check END_TRANSFER completion (bnc#1012628). - usb: dwc3: gadget: Delay starting transfer (bnc#1012628). - usb: typec: tcpci: mask event interrupts when remove driver (bnc#1012628). - objtool: Silence build output (bnc#1012628). - usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer (bnc#1012628). - usb: gadget: legacy: set max_speed to super-speed (bnc#1012628). - usb: gadget: f_ncm: Use atomic_t to track in-flight request (bnc#1012628). - usb: gadget: f_ecm: Use atomic_t to track in-flight request (bnc#1012628). - ALSA: usb-audio: Fix endianess in descriptor validation (bnc#1012628). - ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk (bnc#1012628). - ALSA: dummy: Fix PCM format loop in proc output (bnc#1012628). - memcg: fix a crash in wb_workfn when a device disappears (bnc#1012628). - mm/sparse.c: reset section's mem_map when fully deactivated (bnc#1012628). - utimes: Clamp the timestamps in notify_change() (bnc#1012628). - mm/migrate.c: also overwrite error when it is bigger than zero (bnc#1012628). - mm/memory_hotplug: fix remove_memory() lockdep splat (bnc#1012628). - mm: thp: don't need care deferred split queue in memcg charge move path (bnc#1012628). - mm: move_pages: report the number of non-attempted pages (bnc#1012628). - media/v4l2-core: set pages dirty upon releasing DMA buffers (bnc#1012628). - media: v4l2-core: compat: ignore native command codes (bnc#1012628). - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments (bnc#1012628). - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() (bnc#1012628). - irqdomain: Fix a memory leak in irq_domain_push_irq() (bnc#1012628). - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR (bnc#1012628). - platform/x86: intel_scu_ipc: Fix interrupt support (bnc#1012628). - ALSA: hda: Add Clevo W65_67SB the power_save blacklist (bnc#1012628). - ALSA: hda: Add JasperLake PCI ID and codec vid (bnc#1012628). - ALSA: hda - Fix DP-MST support for NVIDIA codecs (bnc#1012628). - arm64: acpi: fix DAIF manipulation with pNMI (bnc#1012628). - KVM: arm64: Correct PSTATE on exception entry (bnc#1012628). - KVM: arm/arm64: Correct CPSR on exception entry (bnc#1012628). - KVM: arm/arm64: Correct AArch32 SPSR on exception entry (bnc#1012628). - KVM: arm64: Only sign-extend MMIO up to register width (bnc#1012628). - MIPS: syscalls: fix indentation of the 'SYSNR' message (bnc#1012628). - MIPS: fix indentation of the 'RELOCS' message (bnc#1012628). - MIPS: boot: fix typo in 'vmlinux.lzma.its' target (bnc#1012628). - MIPS: SGI-IP30: Check for valid pointer before using it (bnc#1012628). - MIPS: asm: local: add barriers for Loongson (bnc#1012628). - s390/mm: fix dynamic pagetable upgrade for hugetlbfs (bnc#1012628). - powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case (bnc#1012628). - powerpc/ptdump: Fix W+X verification (bnc#1012628). - powerpc/xmon: don't access ASDR in VMs (bnc#1012628). - powerpc/pseries: Advance pfn if section is not present in lmb_is_removable() (bnc#1012628). - powerpc/32s: Fix bad_kuap_fault() (bnc#1012628). - powerpc/32s: Fix CPU wake-up from sleep mode (bnc#1012628). - PCI/ATS: Use PF PASID for VFs (bnc#1012628). - PCI: tegra: Fix return value check of pm_runtime_get_sync() (bnc#1012628). - PCI: keystone: Fix outbound region mapping (bnc#1012628). - PCI: keystone: Fix link training retries initiation (bnc#1012628). - PCI: keystone: Fix error handling when "num-viewport" DT property is not populated (bnc#1012628). - mmc: spi: Toggle SPI polarity, do not hardcode it (bnc#1012628). - ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards (bnc#1012628). - ACPI / battery: Deal with design or full capacity being reported as -1 (bnc#1012628). - ACPI / battery: Use design-cap for capacity calculations if full-cap is not available (bnc#1012628). - ACPI / battery: Deal better with neither design nor full capacity not being reported (bnc#1012628). - smb3: fix default permissions on new files when mounting with modefromsid (bnc#1012628). - alarmtimer: Unregister wakeup source when module get fails (bnc#1012628). - fscrypt: don't print name of busy file when removing key (bnc#1012628). - ubifs: don't trigger assertion on invalid no-key filename (bnc#1012628). - ubifs: Fix wrong memory allocation (bnc#1012628). - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag (bnc#1012628). - ubifs: Fix deadlock in concurrent bulk-read and writepage (bnc#1012628). - mmc: sdhci-of-at91: fix memleak on clk_get failure (bnc#1012628). - ASoC: tegra: Revert 24 and 32 bit support (bnc#1012628). - ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj initialization order (bnc#1012628). - hv_balloon: Balloon up according to request page number (bnc#1012628). - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile (bnc#1012628). - nvmem: imx: scu: fix write SIP (bnc#1012628). - nvmem: core: fix memory abort in cleanup path (bnc#1012628). - crypto: api - Check spawn->alg under lock in crypto_drop_spawn (bnc#1012628). - crypto: ccree - fix backlog memory leak (bnc#1012628). - crypto: ccree - fix AEAD decrypt auth fail (bnc#1012628). - crypto: ccree - fix pm wrongful error reporting (bnc#1012628). - crypto: ccree - fix FDE descriptor sequence (bnc#1012628). - crypto: ccree - fix PM race condition (bnc#1012628). - padata: Remove broken queue flushing (bnc#1012628). - fs: allow deduplication of eof block into the end of the destination file (bnc#1012628). - scripts/find-unused-docs: Fix massive false positives (bnc#1012628). - erofs: fix out-of-bound read for shifted uncompressed block (bnc#1012628). - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state (bnc#1012628). - scsi: qla2xxx: Fix stuck login session using prli_pend_timer (bnc#1012628). - scsi: qla2xxx: Fix mtcp dump collection failure (bnc#1012628). - cpupower: Revert library ABI changes from commit ae2917093fb60bdc1ed3e (bnc#1012628). - power: supply: axp20x_ac_power: Fix reporting online status (bnc#1012628). - power: supply: ltc2941-battery-gauge: fix use-after-free (bnc#1012628). - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() (bnc#1012628). - ovl: fix lseek overflow on 32bit (bnc#1012628). - f2fs: fix miscounted block limit in f2fs_statfs_project() (bnc#1012628). - f2fs: code cleanup for f2fs_statfs_project() (bnc#1012628). - f2fs: fix dcache lookup of !casefolded directories (bnc#1012628). - f2fs: fix race conditions in ->d_compare() and ->d_hash() (bnc#1012628). - PM: core: Fix handling of devices deleted during system-wide resume (bnc#1012628). - cpufreq: Avoid creating excessively large stack frames (bnc#1012628). - of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc (bnc#1012628). - ARM: dma-api: fix max_pfn off-by-one error in __dma_supported() (bnc#1012628). - dm zoned: support zone sizes smaller than 128MiB (bnc#1012628). - dm space map common: fix to ensure new block isn't already in use (bnc#1012628). - dm writecache: fix incorrect flush sequence when doing SSD mode commit (bnc#1012628). - dm crypt: fix GFP flags passed to skcipher_request_alloc() (bnc#1012628). - dm crypt: fix benbi IV constructor crash if used in authenticated mode (bnc#1012628). - dm thin metadata: use pool locking at end of dm_pool_metadata_close (bnc#1012628). - dm thin: fix use-after-free in metadata_pre_commit_callback (bnc#1012628). - dm: fix potential for q->make_request_fn NULL pointer (bnc#1012628). - tracing: Annotate ftrace_graph_hash pointer with __rcu (bnc#1012628). - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu (bnc#1012628). - ftrace: Add comment to why rcu_dereference_sched() is open coded (bnc#1012628). - ftrace: Protect ftrace_graph_hash with ftrace_sync (bnc#1012628). - crypto: pcrypt - Avoid deadlock by using per-instance padata queues (bnc#1012628). - btrfs: fix improper setting of scanned for range cyclic write cache pages (bnc#1012628). - btrfs: Handle another split brain scenario with metadata uuid feature (bnc#1012628). - riscv, bpf: Fix broken BPF tail calls (bnc#1012628). - libbpf: Fix readelf output parsing for Fedora (bnc#1012628). - libbpf: Fix printf compilation warnings on ppc64le arch (bnc#1012628). - libbpf: Don't attach perf_buffer to offline/missing CPUs (bnc#1012628). - selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs (bnc#1012628). - flow_dissector: Fix to use new variables for port ranges in bpf hook (bnc#1012628). - bpf, devmap: Pass lockdep expression to RCU lists (bnc#1012628). - libbpf: Add missing newline in opts validation macro (bnc#1012628). - libbpf: Fix realloc usage in bpf_core_find_cands (bnc#1012628). - tc-testing: fix eBPF tests failure on linux fresh clones (bnc#1012628). - samples/bpf: Don't try to remove user's homedir on clean (bnc#1012628). - samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach (bnc#1012628). - samples/bpf: Reintroduce missed build targets (bnc#1012628). - selftests/bpf: Fix test_attach_probe (bnc#1012628). - selftests/bpf: Skip perf hw events test if the setup disabled it (bnc#1012628). - selftests: bpf: Use a temporary file in test_sockmap (bnc#1012628). - selftests: bpf: Ignore FIN packets for reuseport tests (bnc#1012628). - crypto: sun8i-ss - fix removal of module (bnc#1012628). - crypto: amlogic - fix removal of module (bnc#1012628). - crypto: sun8i-ce - fix removal of module (bnc#1012628). - crypto: api - fix unexpectedly getting generic implementation (bnc#1012628). - crypto: hisilicon - Fix issue with wrong number of sg elements after dma map (bnc#1012628). - crypto: hisilicon - Use the offset fields in sqe to avoid need to split scatterlists (bnc#1012628). - crypto: ccp - set max RSA modulus size for v3 platform devices as well (bnc#1012628). - crypto: arm64/ghash-neon - bump priority to 150 (bnc#1012628). - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request (bnc#1012628). - crypto: hisilicon - select CRYPTO_SKCIPHER, not CRYPTO_BLKCIPHER (bnc#1012628). - crypto: atmel-aes - Fix counter overflow in CTR mode (bnc#1012628). - crypto: api - Fix race condition in crypto_spawn_alg (bnc#1012628). - crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill (bnc#1012628). - powerpc/futex: Fix incorrect user access blocking (bnc#1012628). - scsi: qla2xxx: Fix unbound NVME response length (bnc#1012628). - NFS: Fix memory leaks and corruption in readdir (bnc#1012628). - NFS: Directory page cache pages need to be locked when read (bnc#1012628). - nfsd: fix filecache lookup (bnc#1012628). - jbd2_seq_info_next should increase position index (bnc#1012628). - ext4: fix deadlock allocating crypto bounce page from mempool (bnc#1012628). - ext4: fix race conditions in ->d_compare() and ->d_hash() (bnc#1012628). - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES (bnc#1012628). - Btrfs: make deduplication with range including the last block work (bnc#1012628). - Btrfs: fix infinite loop during fsync after rename operations (bnc#1012628). - btrfs: set trans->drity in btrfs_commit_transaction (bnc#1012628). - btrfs: drop log root for dropped roots (bnc#1012628). - btrfs: free block groups after free'ing fs trees (bnc#1012628). - Btrfs: fix race between adding and putting tree mod seq elements and nodes (bnc#1012628). - btrfs: flush write bio if we loop in extent_write_cache_pages (bnc#1012628). - btrfs: Correctly handle empty trees in find_first_clear_extent_bit (bnc#1012628). - Btrfs: send, fix emission of invalid clone operations within the same file (bnc#1012628). - ARM: tegra: Enable PLLP bypass during Tegra124 LP1 (bnc#1012628). - iwlwifi: don't throw error when trying to remove IGTK (bnc#1012628). - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (bnc#1012628). - sunrpc: expiry_time should be seconds not timeval (bnc#1012628). - gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0 (bnc#1012628). - gfs2: move setting current->backing_dev_info (bnc#1012628). - gfs2: fix O_SYNC write handling (bnc#1012628). - drm: atmel-hlcdc: use double rate for pixel clock only if supported (bnc#1012628). - drm: atmel-hlcdc: enable clock before configuring timing engine (bnc#1012628). - drm: atmel-hlcdc: prefer a lower pixel-clock than requested (bnc#1012628). - drm/rect: Avoid division by zero (bnc#1012628). - media: iguanair: fix endpoint sanity check (bnc#1012628). - media: rc: ensure lirc is initialized before registering input device (bnc#1012628). - tools/kvm_stat: Fix kvm_exit filter name (bnc#1012628). - xen/balloon: Support xend-based toolstack take two (bnc#1012628). - xen/gntdev: Do not use mm notifiers with autotranslating guests (bnc#1012628). - watchdog: fix UAF in reboot notifier handling in watchdog core code (bnc#1012628). - bcache: add readahead cache policy options via sysfs interface (bnc#1012628). - io_uring: don't map read/write iovec potentially twice (bnc#1012628). - io_uring: spin for sq thread to idle on shutdown (bnc#1012628). - eventfd: track eventfd_signal() recursion depth (bnc#1012628). - aio: prevent potential eventfd recursion on poll (bnc#1012628). - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (bnc#1012628). - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bnc#1012628). - KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform (bnc#1012628). - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bnc#1012628). - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails (bnc#1012628). - kvm/svm: PKU not currently supported (bnc#1012628). - KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM (bnc#1012628). - KVM: x86: use CPUID to locate host page table reserved bits (bnc#1012628). - KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM (bnc#1012628). - KVM: VMX: Add non-canonical check on writes to RTIT address MSRs (bnc#1012628). - KVM: x86: Don't let userspace set host-reserved cr4 bits (bnc#1012628). - KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails (bnc#1012628). - KVM: x86: fix overlap between SPTE_MMIO_MASK and generation (bnc#1012628). - KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (bnc#1012628). - KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation (bnc#1012628). - KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest" (bnc#1012628). - KVM: s390: do not clobber registers during guest reset/store status (bnc#1012628). - KVM: x86: reorganize pvclock_gtod_data members (bnc#1012628). - KVM: x86: use raw clock values consistently (bnc#1012628). - ocfs2: fix oops when writing cloned file (bnc#1012628). - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section (bnc#1012628). - arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high power mode (bnc#1012628). - mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush (bnc#1012628). - clk: tegra: Mark fuse clock as critical (bnc#1012628). - drm/amdgpu/navi: fix index for OD MCLK (bnc#1012628). - drm/tegra: Relax IOMMU usage criteria on old Tegra (bnc#1012628). - drm/tegra: Reuse IOVA mapping where possible (bnc#1012628). - drm/amd/powerplay: fix navi10 system intermittent reboot issue V2 (bnc#1012628). - drm/amd/dm/mst: Ignore payload update failures (bnc#1012628). - drm/amdgpu: fetch default VDDC curve voltages (v2) (bnc#1012628). - drm/amdgpu/navi10: add OD_RANGE for navi overclocking (bnc#1012628). - drm/amdgpu/smu_v11_0: Correct behavior of restoring default tables (v2) (bnc#1012628). - virtio-balloon: initialize all vq callbacks (bnc#1012628). - virtio-pci: check name when counting MSI-X vectors (bnc#1012628). - fix up iter on short count in fuse_direct_io() (bnc#1012628). - broken ping to ipv6 linklocal addresses on debian buster (bnc#1012628). - percpu: Separate decrypted varaibles anytime encryption can be enabled (bnc#1012628). - ASoC: meson: axg-fifo: fix fifo threshold setup (bnc#1012628). - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type (bnc#1012628). - scsi: csiostor: Adjust indentation in csio_device_reset (bnc#1012628). - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free (bnc#1012628). - scsi: ufs: Recheck bkops level if bkops is disabled (bnc#1012628). - compat: scsi: sg: fix v3 compat read/write interface (bnc#1012628). - mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two (bnc#1012628). - phy: qualcomm: Adjust indentation in read_poll_timeout (bnc#1012628). - ext2: Adjust indentation in ext2_fill_super (bnc#1012628). - powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize (bnc#1012628). - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable (bnc#1012628). - NFC: pn544: Adjust indentation in pn544_hci_check_presence (bnc#1012628). - ppp: Adjust indentation into ppp_async_input (bnc#1012628). - net: smc911x: Adjust indentation in smc911x_phy_configure (bnc#1012628). - net: tulip: Adjust indentation in {dmfe, uli526x}_init_module (bnc#1012628). - IB/mlx5: Fix outstanding_pi index for GSI qps (bnc#1012628). - IB/core: Fix ODP get user pages flow (bnc#1012628). - IB/core: Fix ODP with IB_ACCESS_HUGETLB handling (bnc#1012628). - staging: wfx: revert unexpected change in debugfs output (bnc#1012628). - nfsd: fix delay timer on 32-bit architectures (bnc#1012628). - nfsd: fix jiffies/time_t mixup in LRU list (bnc#1012628). - nfsd: Return the correct number of bytes written to the file (bnc#1012628). - virtio-balloon: Fix memory leak when unloading while hinting is in progress (bnc#1012628). - virtio_balloon: Fix memory leaks on errors in virtballoon_probe() (bnc#1012628). - ubi: fastmap: Fix inverted logic in seen selfcheck (bnc#1012628). - ubi: Fix an error pointer dereference in error handling code (bnc#1012628). - ubifs: Fix memory leak from c->sup_node (bnc#1012628). - regulator: core: Add regulator_is_equal() helper (bnc#1012628). - ASoC: sgtl5000: Fix VDDA and VDDIO comparison (bnc#1012628). - ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug (bnc#1012628). - mfd: da9062: Fix watchdog compatible string (bnc#1012628). - mfd: rn5t618: Mark ADC control register volatile (bnc#1012628). - mfd: bd70528: Fix hour register mask (bnc#1012628). - mfd: ab8500: Fix ab8500-clk typo (bnc#1012628). - bpf: Fix trampoline usage in preempt (bnc#1012628). - libbpf: Extract and generalize CPU mask parsing logic (bnc#1012628). - x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode (bnc#1012628). - bonding/alb: properly access headers in bond_alb_xmit() (bnc#1012628). - devlink: report 0 after hitting end in region read (bnc#1012628). - dpaa_eth: support all modes with rate adapting PHYs (bnc#1012628). - net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (bnc#1012628). - net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port (bnc#1012628). - net: dsa: microchip: enable module autoprobe (bnc#1012628). - net: mvneta: move rx_dropped and rx_errors in per-cpu stats (bnc#1012628). - net_sched: fix a resource leak in tcindex_set_parms() (bnc#1012628). - net: stmmac: fix a possible endless loop (bnc#1012628). - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode (bnc#1012628). - net/mlx5: IPsec, Fix esp modify function attribute (bnc#1012628). - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx (bnc#1012628). - net: macb: Remove unnecessary alignment check for TSO (bnc#1012628). - net: macb: Limit maximum GEM TX length in TSO (bnc#1012628). - net: stmmac: fix incorrect GMAC_VLAN_TAG register writting in GMAC4+ (bnc#1012628). - net: stmmac: xgmac: fix incorrect XGMAC_VLAN_TAG register writting (bnc#1012628). - net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter (bnc#1012628). - net: stmmac: xgmac: fix missing IFF_MULTICAST checki in dwxgmac2_set_filter (bnc#1012628). - net: stmmac: update pci platform data to use phy_interface (bnc#1012628). - taprio: Fix enabling offload with wrong number of traffic classes (bnc#1012628). - taprio: Fix still allowing changing the flags during runtime (bnc#1012628). - taprio: Add missing policy validation for flags (bnc#1012628). - taprio: Use taprio_reset_tc() to reset Traffic Classes configuration (bnc#1012628). - taprio: Fix dropping packets when using taprio + ETF offloading (bnc#1012628). - ipv6/addrconf: fix potential NULL deref in inet6_set_link_af() (bnc#1012628). - qed: Fix timestamping issue for L2 unicast ptp packets (bnc#1012628). - drop_monitor: Do not cancel uninitialized work item (bnc#1012628). - net/mlx5: Fix deadlock in fs_core (bnc#1012628). - net/mlx5: Deprecate usage of generic TLS HW capability bit (bnc#1012628). - r8169: fix performance regression related to PCIe max read request size (bnc#1012628). - net/mlx5e: TX, Error completion is for last WQE in batch (bnc#1012628). - cifs: fail i/o on soft mounts if sessionsetup errors out (bnc#1012628). - cifs: fix mode bits from dir listing when mounted with modefromsid (bnc#1012628). - x86/apic/msi: Plug non-maskable MSI affinity race (bnc#1012628). - clocksource: Prevent double add_timer_on() for watchdog_timer (bnc#1012628). - perf/core: Fix mlock accounting in perf_mmap() (bnc#1012628). - perf/cgroups: Install cgroup events to correct cpuctx (bnc#1012628). - drm/dp_mst: Remove VCPI while disabling topology mgr (bnc#1012628). - io_uring: enable option to only trigger eventfd for async completions (bnc#1012628). - io_uring: prevent potential eventfd recursion on poll (bnc#1012628). - KVM: x86: Protect exit_reason from being used in Spectre-v1/L1TF attacks (bnc#1012628). - KVM: nVMX: vmread should not set rflags to specify success in case of #PF (bnc#1012628). - KVM: Use vcpu-specific gva->hva translation when querying host page size (bnc#1012628). - KVM: Play nice with read-only memslots when querying host page size (bnc#1012628). - rxrpc: Fix service call disconnection (bnc#1012628). - IB/core: Fix build failure without hugepages (bnc#1012628). - crypto: atmel-{aes,tdes} - Do not save IV for ECB mode (bnc#1012628). - crypto: atmel-aes - Fix saving of IV for CTR mode (bnc#1012628). - crypto: atmel-aes - Fix CTR counter overflow when multiple fragments (bnc#1012628). - crypto: atmel-tdes - Map driver data flags to Mode Register (bnc#1012628). - regulator fix for "regulator: core: Add regulator_is_equal() helper" (bnc#1012628). - powerpc/kuap: Fix set direction in allow/prevent_user_access() (bnc#1012628). - compat: ARM64: always include asm-generic/compat.h (bnc#1012628). - Update config files. - commit ffbbfe8 - cgroup: init_tasks shouldn't be linked to the root cgroup (bsc#1163370). - commit 00b4c73 - ipmi_si: Avoid spurious errors for optional IRQs (bsc#1161943). - commit 481e5b9 - media: go7007: Fix URB type for interrupt handling (bsc#1162583). - commit ae333f8 - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices (bsc#1163213). - commit f4b8e5e ==== libarchive ==== Version update (3.4.1 -> 3.4.2) Subpackages: bsdtar libarchive13 - Update to version 3.4.2 New features: * support for atomic file extraction (bsdtar -x --safe-writes) (#1289) * support for mbed TLS (PolarSSL) (#1301) Important bugfixes: * security fixes in RAR5 reader (#1280 #1326) * compression buffer fix in XAR writer (#1317) * fix uname and gname longer than 32 characters in PAX writer (#1319) * fix segfault when archiving hard links in ISO9660 and XAR writers (#1325) * fix support for extracting 7z archive entries with Delta filter (#987) ==== libeconf ==== Version update (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69) Subpackages: libeconf0 libeconf0-32bit - Update to version 0.3.5+git20200203.3144b69: * Release version 0.3.5 * Use float.h instead of obsolete gnuism values.h * Remove gnuism (strdupa) * Check for empty value (NULL pointer) before calling strdup. - Update to version 0.3.4+git20200121.febebf2: * Release version 0.3.4 * Fix buffer overflow in econf_readDirs * Fix parsing of quoted strings, and values starting with delimiters * tests: add test for quoted strings * tests: tst-configdirs5: fix config dir paths ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-base-drivers-firebird libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Fix autocorrect names for Italian In Italian there are also other locales that should be included in this list like fur_IT lld_IT sc_IT and vec_IT - Remove unneeded (and counterintuitive) mysql/mariadb dep from core RPMs. Move it instead to the -base package, where it's really used. - Add soffice.sh_Avoid-exporting-empty-LC_ALL.patch to fix broken handling of non-ASCII characters in the KDE filedialog (boo#1161816) ==== libxcrypt ==== Version update (4.4.10 -> 4.4.12) Subpackages: libcrypt1 libcrypt1-32bit libxcrypt-devel - Update to version 4.4.12 * Another fix for GCC v10.x, which occurs on s390 architectures only. - Update to version 4.4.11 * Fixes for GCC v10.x * Change how the known-answer tests are parallelized - gcc10.patch: remove ==== llvm9 ==== Subpackages: clang9 clang9-checker clang9-doc libLLVM9 libLTO9 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang9 - Add vim-plugin-llvm Conflicts to clang subpackage which now contains files formerly in llvmN-vim-plugins, conflicting with packages from older llvm releases. - Add back emacs-llvm Provides and Conflicts to clang subpackage originally in llvm-emacs-plugins to properly conflict with llvm-emacs-plugins from older llvm releases. - Add clang5-devel to clang9-doc conflicts. - Add compiler-rt-sanitizer-ipc-perm.patch: Fix sanitizer-common build with glibc 2.31. ==== mariadb-connector-c ==== Version update (3.1.6 -> 3.1.7) - Update to release 3.1.7 * TLS/SSL: when the client doesn't procide a CA file and the option ssl_verify_server_cert was set, the peer cerificate will be validated against the system CA. ==== mdadm ==== - Create: add support for RAID0 layouts. (bsc#1162479) 0015-Create-add-support-for-RAID0-layouts.patch - Assemble: add support for RAID0 layouts. (bsc#1162479) 0016-Assemble-add-support-for-RAID0-layouts.patch - mdadm.8: add note information for raid0 growing operation (bsc#1129900) 1002-mdadm.8-add-note-information-for-raid0-growing-opera.patch ==== meld ==== Version update (3.20.1 -> 3.20.2) Subpackages: meld-lang - Update to version 3.20.2: + Fix display of large file sizes. + Set file chooser encoding to autodetect by default. + Fix ignoring blank lines on text-filtered files in folder comparison. + Fix expand/collapse actions for missing folders. + Fix some incorrect action sensitivity settings. + Fix height of commit dialog. + Fix install support for Python 3.8. + Updated translations. ==== mutt ==== Version update (1.13.3 -> 1.13.4) Subpackages: mutt-doc mutt-lang - Update to version 1.13.4 (2020-02-15) * $ssl_force_tls reverted to default unset. Defaulting this set was overly optimistic, and caused breakage. ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client nfs-doc nfs-kernel-server - Update to version 2.4.3 Dropped patches (accepted upstream): - 0001-nfs.conf-allow-empty-assignments.patch - 0002-Let-systemd-know-when-rpc.statd-is-needed.patch - 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch - 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch - 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch - 0006-conffile-allow-optional-include-files.patch - 0007-statd-user-from-sm - 0008-mountd-Initialize-logging-early.patch Dropped patches (upstream used different solution): - 0009-Allow-compilation-to-succeed-with-fno-common.patch (btw this used Patch0: instead of Patch10:) (boo#1160405) Add nfsdcld - NFSv4 Client Tracking Daemon, add nfsdcld.service and enable it for nfs-kernel-server, add man page Add clddb-tool - tool for downgrading the nfsdcld sqlite database schema, add man page Removed osd_login (dropped in upstream in 2.3.4 rc1) - 0009-Allow-compilation-to-succeed-with-fno-common.patch Allow compilation to success with -fno-common (boo#1160405) ==== openssh ==== Subpackages: openssh-helpers - Add patches to fix the sandbox blocking glibc on 32bit platforms (boo#1164061): * openssh-8.1p1-seccomp-clock_nanosleep_time64.patch * openssh-8.1p1-seccomp-clock_gettime64.patch ==== perl-Convert-UUlib ==== Version update (1.6 -> 1.62) - updated to 1.62 see /usr/share/doc/packages/perl-Convert-UUlib/Changes 1.62 Mon Feb 17 23:19:42 CET 2020 - major performance improvement by simplifying code in _FP_gets to not use fscanf. This might slow things down on platforms with very slow fgetc. 1.61 Sun Feb 9 18:38:29 CET 2020 - lint uulib: fix some format string type mismatches and some other minor issues. ==== ppp ==== - CVE-2020-8597, bsc#1162610, ppp-CVE-2020-8597.patch: rhostname buffer overflow in the eap_request and eap_response functions. ==== psqlODBC ==== Version update (11.01.0000 -> 12.01.0000) - Update to 12.01.0000: * Fix result-conversions regression test. + Remove tests for abstime type because the type was removed in PG12. + Update results for PG12's new floating point output format. * Fix the bug that causes Error : A parameter cannot be found that matches parameter name?ene'. + Check BuildResult(the result of drivers build) before building installers. + Enclose the command part * Find_VSDir $vc_ver * with parentheses so that the subsequent * -ne "" * isn't considered to be a parameter. * Cope with the removal of pg_class.relhasoids in PG12 correctly when retrieving updatable cursors. - Changes in 12.00.0000: * Fix the bug that SQLGetDescField() for Field SQL_DESC_COUNT returns SQLINTEGER value which should be of type SQLSMALLINT. * SQLGetTypeInfo() filters SQL_TYPE_DATE, SQL_TYPE_TIME and SQL_TYPE_TIMESTAMP for ODBC 2.x applications. * Added support for scalar functions TIMESTAMPADD(), TIMESTAMPDIFF() and EXTRACT() functions. * The macro IS_NOT_SPACE() is used for not pointers but integers. * Fix a crash bug when SQLProcedureColumns() handles satisfies_hash_partition(). The proargmodes column of satisfies_hash_partition()'s pg_proc entry is not null but the proallargtypes column is null. ==== python ==== Subpackages: python-tk - Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224). - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367) ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674) - Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224). - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367) ==== rtl_433 ==== Version update (19.08+git.20190829 -> 20.02+git.20200218) - Update to version 20.02+git.20200218: Highlights * Added InfluxDB output * Added native Sigrok writer * Changed to newmodel keys default * Fixed SoapySDR for 0.8 API * Added new minmax FSK pulse detector * Changed default to use new minmax detector and sample rate of 1MS/s for frequency above 800MHz * Changed -a and -G option to discourage usage * Improvements and support for many more sensors - Build with support for SoapySDR ==== strace ==== Version update (5.4 -> 5.5) - Update to strace 5.5 * Improvements * Added -e trace=%creds option for tracing syscalls related to process credentials. * Enhanced decoding of arch_prctl, keyctl, io_uring_register, io_uring_setup, and perf_event_open syscalls. * Enhanced decoding of BPF_PROG_LOAD bpf syscall command. * Updated decoding of clone3 syscall to match Linux 5.5. * Implemented decoding of TCA_ACT_FLAGS and TCA_STATS_PKT64 netlink attributes. * Updated lists of AUDIT_*, BPF_*, CLONE_*, KEY_*, KVM_*, PPC_PTRACE_*, SCTP_*, STATX_*, TIPC_*, V4L2_*, and *_MAGIC constants. * Updated lists of ioctl commands from Linux 5.5. * Enhanced manual page and "strace --help" output. * Bug fixes * Fixed stack trace printing for early syscalls when strace is configured to use libdw backend for stack tracing (addresses Fedora bug #1788636). * Fixed stack trace caching when --seccomp-bpf option is specified. * Fixed potentially unaligned access in decoder of SO_TIMESTAMP*_NEW control messages. * Fixed decoding of NDA_LLADDR netlink neighbor table attribute. * Fixed build of mpers support when CFLAGS contains -flto. * Fixed build on no-MMU architectures. * Fixed build with glibc-2.31 and Linux kernel headers < 5.3. * Fixed tests for glibc-2.31. ==== sudo ==== Version update (1.8.28p1 -> 1.8.31) - Update to 1.8.31 Major changes between version 1.8.31 and 1.8.30: * This version fixes a potential security issue that can lead to a buffer overflow if the pwfeedback option is enabled in sudoers [CVE-2019-18634] [bsc#1162202] * The sudoedit_checkdir option now treats a user-owned directory as writable, even if it does not have the write bit set at the time of check. Symbolic links will no longer be followed by sudoedit in any user-owned directory. Bug #912. * Fixed a crash introduced in sudo 1.8.30 when suspending sudo at the password prompt. Bug #914. * Fixed compilation on systems where the mmap MAP_ANON flag is not available. Bug #915. Major changes between version 1.8.30 and 1.8.29: * Sudo now closes file descriptors before changing uids. This prevents a non-root process from interfering with sudo's ability to close file descriptors on systems that support the prlimit(2) system call. * Sudo now treats an attempt to run sudo sudoedit as simply sudoedit If the sudoers file contains a fully-qualified path to sudoedit, sudo will now treat it simply as sudoedit (with no path). Visudo will will now treat a fully-qualified path to sudoedit as an error. Bug #871. * Fixed a bug introduced in sudo 1.8.28 where sudo would warn about a missing /etc/environment file on AIX and Linux when PAM is not enabled. Bug #907. * Fixed a bug on Linux introduced in sudo 1.8.29 that prevented the askpass program from running due to an unlimited stack size resource limit. Bug #908. * If a group provider plugin has optional arguments, the argument list passed to the plugin is now NULL terminated as per the documentation. * The user's time stamp file is now only updated if both authentication and approval phases succeed. This is consistent with the behavior of sudo prior to version 1.8.23. Bug #910. * The new allow_unknown_runas_id sudoers setting can be used to enable or disable the use of unknown user or group IDs. Previously, sudo would always allow unknown user or group IDs if the sudoers entry permitted it, including via the ALL alias. As of sudo 1.8.30, the admin must explicitly enable support for unknown IDs. * The new runas_check_shell sudoers setting can be used to require that the runas user have a shell listed in the /etc/shells file. On many systems, users such as bin, do not have a valid shell and this flag can be used to prevent commands from being run as those users. * Fixed a problem restoring the SELinux tty context during reboot if mctransd is killed before sudo finishes. GitHub Issue #17. * Fixed an intermittent warning on NetBSD when sudo restores the initial stack size limit. Major changes between version 1.8.29 and 1.8.28p1: * The cvtsudoers command will now reject non-LDIF input when converting from LDIF format to sudoers or JSON formats. * The new log_allowed and log_denied sudoers settings make it possible to disable logging and auditing of allowed and/or denied commands. * The umask is now handled differently on systems with PAM or login.conf. If the umask is explicitly set in sudoers, that value is used regardless of what PAM or login.conf may specify. However, if the umask is not explicitly set in sudoers, PAM or login.conf may now override the default sudoers umask. Bug #900. * For make install, the sudoers file is no longer checked for syntax errors when DESTDIR is set. The default sudoers file includes the contents of /etc/sudoers.d which may not be readable as non-root. Bug #902. * Sudo now sets most resource limits to their maximum value to avoid problems caused by insufficient resources, such as an inability to allocate memory or open files and pipes. Fixed a regression introduced in sudo 1.8.28 where sudo would refuse to run if the parent process was not associated with a session. This was due to sudo passing a session ID of -1 to the plugin. - refresh sudo-sudoers.patch ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - added a reference to bsc#1162951 about the reasoning why adding the vnc user to the shadow group ==== whois ==== Version update (5.5.4 -> 5.5.5) - whois 5.5.5: * Fix the hide string for .sx, which broke many others ==== wireguard ==== Version update (0.0.20200205_k5.5.2_1 -> 0.0.20200214_k5.5.4_1) - Update to version 0.0.20200214 * chacha20poly1305: defensively protect against large inputs * netns: ensure that icmp src address is correct with nat * receive: reset last_under_load to zero * send: account for mtu=0 devices ==== xdg-user-dirs ==== Subpackages: xdg-user-dirs-lang - No longer recommend -lang: supplements are in use. ==== xerces-c ==== - Fixup rpmlint warning about installed Makefiles ==== xfce4-whiskermenu-plugin ==== Version update (2.4.1 -> 2.4.2) Subpackages: xfce4-whiskermenu-plugin-lang - Update to 2.4.2 * Fix crash when selecting desktop action. (bxo#16445) * Translation updates ==== xfconf ==== Subpackages: libxfconf-0-3 xfconf-lang - xfconfd needs to be a hard dependency to libxfconf (boo#1163214) ==== yast2-nis-client ==== Version update (4.2.1 -> 4.2.2) - Preserve NSS database sources when adding nis to nsswitch.conf file (bsc#1162916). - 4.2.2 ==== yast2-python-bindings ==== Version update (4.1.1 -> 4.1.2) - Don't overwrite CPPFLAGS/LDFLAGS/LIBADD during build; (bsc#1163310); - 4.1.2 - Switch to python3 on new releases of openSUSE as we no longer support python2 at all - Cleanup the spec file to adhere to current packaging guidelines ==== zsh ==== Version update (5.8~pre2 -> 5.8~pre3) - Update to version 5.8~pre3 (5.7.1-test-3) * Minor bugfixes compared to pre2 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 0

[opensuse-factory] openSUSE:Factory - Build fail notification
by DimStar / Dominique Leuenberger 19 Feb '20

19 Feb '20

Dear Package maintainers and hackers. Below package(s) in openSUSE:Factory have been failing to build for at least 4 weeks. We tried to send out notifications to the configured bugowner/maintainers of the package(s), but so far no fix has been submitted. This probably means that the maintainer/bugowner did not yet find the time to look into the matter and he/she would certainly appreciate help to get this sorted. - MotionBox - python-nibabel Unless somebody is stepping up and submitting fixes, the listed package(s) are going to be removed from openSUSE:Factory. Kind regards, DimStar / Dominique Leuenberger <dimstar(a)opensuse.org>

1 0

[opensuse-factory] Notes before you update your openSUSE Leap 15.2 and Beta reminder
by Lubos Kocman 19 Feb '20

19 Feb '20

Hello openSUSE! I'm really sorry for recent dalays in publishing updates for Leap 15.2. Great news is that we've just publish yet another big update - Build 574.1 / 800MB+. Max was questioning the publishing due the upgrade (not update) issues which we're currently facing on openqa (listed bellow), however there is no official upgrade support for Alpha/Beta, so I feel that this is not really a blocker. This will most likely be the last published build before Beta deadline, which is currently targeted for tomorrow, Thursday 20th February. See more details about schedule in https://en.opensuse.org/openSUSE:Roadmap Here's list of known issues in the build. * This yast2 bug breaks a most of upgrade testing https://bugzilla.suse.com/show_bug.cgi?id=1163081 * Plymouth issues https://bugzilla.suse.com/show_bug.cgi?id=1164073 https://bugzilla.suse.com/show_bug.cgi?id=1162535 * Out of the box performance issues with Intel/Optimus laptops (e.g. Dell Precision line) https://bugzilla.suse.com/show_bug.cgi?id=1163093 Happy testing! -- Best regards Luboš Kocman Release Manager openSUSE Leap SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nuremberg Germany (HRB 36809, AG Nürnberg) Managing Director: Felix Imendörffer

2 1