Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20210209 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: arpwatch clamav (0.103.0 -> 0.103.1) libp11 (0.4.10 -> 0.4.11) patterns-xfce (20190809 -> 20210209) pitivi (2020.09.2 -> 2021.01) remmina (1.4.10 -> 1.4.11) xfce4-taskmanager (1.4.0 -> 1.4.1) === Details === ==== arpwatch ==== - Fix arp2ethers script (bsc#1181936). Added arp2ethers.patch to inline the awk fragments. I tried hard to do this in a script but no matter if sed, awk or perl is used something always breaks - exit cleanly on SIGTERM with arpwatch-exit.patch - refresh all patches for autosetup ==== clamav ==== Version update (0.103.0 -> 0.103.1) Subpackages: libclamav9 libfreshclam2 - Update to 0.103.1 * Added a new scan option to alert on broken media (graphics) file formats. This feature mitigates the risk of malformed media files intended to exploit vulnerabilities in other software. At present media validation exists for JPEG, TIFF, PNG, and GIF files. To enable this feature, set AlertBrokenMedia yes in clamd.conf, or use the --alert-broken-media option when using clamscan. These options are disabled by default in this patch release, but may be enabled in a subsequent release. Application developers may enable this scan option by enabling CL_SCAN_HEURISTIC_BROKEN_MEDIA for the heuristic scan option bit field. * Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG typing behavior. BMP and JPEG 2000 files will continue to detect as CL_TYPE_GRAPHICS because ClamAV does not yet have BMP or JPEG 2000 format checking capabilities. * Fixed PNG parser logic bugs that caused an excess of parsing errors and fixed a stack exhaustion issue affecting some systems when scanning PNG files. PNG file type detection was disabled via signature database update for ClamAV version 0.103.0 to mitigate the effects from these bugs. * Fixed an issue where PNG and GIF files no longer work with Target:5 graphics signatures if detected as CL_TYPE_PNG/GIF rather than as CL_TYPE_GRAPHICS. Target types now support up to 10 possible file types to make way for additional graphics types in future releases. * Fixed clamonacc's --fdpass option. - Interprocess file descriptor passing for clamonacc was broken since version 0.102.0 due to a bug introduced by the switch to curl for communicating with clamd. On Linux, passing file descriptors from one process to another is handled by the kernel, so we reverted clamonacc to use standard system calls for socket communication when fd passing is enabled. * Fixed a clamonacc stack corruption issue on some systems when using an older version of libcurl. * Allow clamscan and clamdscan scans to proceed even if the realpath lookup failed. This alleviates an issue on Windows scanning files hosted on file- systems that do not support the GetMappedFileNameW() API such as on ImDisk RAM-disks. * Fixed freshclam --on-update-execute=EXIT_1 temporary directory cleanup issue. * clamd's log output and VirusEvent now provide the scan target's file path instead of a file descriptor. The clamd socket API for submitting a scan by FD-passing doesn't include a file path, this feature works by looking up the file path by file descriptor. This feature works on Mac and Linux but is not yet implemented for other UNIX operating systems. FD-passing is not available for Windows. * Fixed an issue where freshclam database validation didn't work correctly when run in daemon mode on Linux/Unix. ==== libp11 ==== Version update (0.4.10 -> 0.4.11) - update to 0.4.11: * Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar) * Fixed various memory leaks (Mateusz Kwiatkowski) * Fixed Windows VERSIONINFO (Pavol Misik) * Fixed builds with OpenSSL older than 1.0.2 (Micha? Trojnara) * Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev) * Added CKA_VALUE_LEN to EC key derivation template (Micha? Trojnara) * Fixed handling keys without label attribute (efternavn) * Updated the tests (Anderson Toshiyuki Sasaki) * Made ECDH-derived keys extractable (Bent Bisballe Nyeng) * Added support for pin-source within PKCS#11 URI (Stanislav Levin) * Improved LibreSSL compatibility (patchMonkey156) * Fixed handling RSA private keys in BIND (Stanislav Levin) * Added macOS testing support (Stanislav Levin) * Fixed engine object search algorithm (Anderson Toshiyuki Sasaki) ==== patterns-xfce ==== Version update (20190809 -> 20210209) Subpackages: patterns-xfce-xfce patterns-xfce-xfce_basis patterns-xfce-xfce_laptop patterns-xfce-xfce_office - Clean up weak dependencies - Fix incorrect obsolete. - Fix duplicated recommend on avahi. - Removed IcedTea-Web ==== pitivi ==== Version update (2020.09.2 -> 2021.01) Subpackages: pitivi-lang - Update to version 2021.01: + The Render dialog has been further simplified. + Lots of bugfixes. ==== remmina ==== Version update (1.4.10 -> 1.4.11) Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp - Added fix_upstream_2196_older_glib_issue.patch to allow building with older glib versions - Added fix_upstream_2195_spice_plugin.patch to allow building on older opensuse versions - Update to release 1.4.11 * New features: - Implementing simple SSH multi factor authentication. !2162 (merged) @antenore - Implementing dynamic resolution in SPICE plugin !2150 (merged) @hadogenes - Disabling Python support by default !2158 (merged) @antenore - Add capability to load Python plugins (not finished). !2157 (merged) @ToolsDevler * Improvements - Suppress Output PDU when the RDP window is not visible !2159 (merged) @antenore - Several improvements on spelling - Command line help improvements !2185 (merged) @antenore - Improving error detection !2181 (merged) @antenore - Using curly double quotes where possible !2182 (merged) @antenore - Refactoring the RCW toolbar to use the right tool items types !2188 (merged) @antenore * Fixes - rdp/cliprdr: Fix header of FormatList message !2147 (merged) @pnowack - rdp/event: Fix wheel value for GDK_SCROLL_DOWN events !2149 (merged) @pnowack - Resolve "Remmina does not handle file:///some/path/to/file.rdp syntax" !2152 (merged) @antenore - Resolve "SSH tunneling, honoring ssh_config (User, HostKeyAlias, ProxyJump, HostKeyAlgorithms, IdentitiesOnly, etc.)" !2154 (merged) @antenore - Resolve "While in the main window, bind F10 keyboard shortcut to toggling the main menubutton" !2156 (merged) @antenore - Refactoring SSH plugin !2160 (merged) @antenore - Remove extra parenthesis !2164 (merged) @yurchor - Spice option to choose Prefered Video Codec and Image Compressor !2165 (merged) @hadogenes - Correct iterating lines in string - address sanitizer fix #2390 (closed) !2174 (merged) @hadogenes - Correct freeing memory in spice !2175 (merged) @hadogenes - Issue/2391 randomness !2176 (merged) @antenore - Resolve "Missing keyboard shortcuts to toggle search (Ctrl+F, Escape), and closing the search doesn't clear the search" !2179 (merged) @antenore - Resolve "Always false contition in remmina_ssh.c" !2180 (merged) @antenore - Fix minor typo !2186 (merged) @yurchor - Resolve "Remmina Crashes when opening the preferences with the accelerator" !2189 (merged) @antenore - Fixing #2401 (closed) - crash when using ctrl+p !2190 (merged) @antenore ==== xfce4-taskmanager ==== Version update (1.4.0 -> 1.4.1) Subpackages: xfce4-taskmanager-lang - Update to version 1.4.1 * Replace AC_PROG_LIBTOOL with IT_PROG_INTLTOOL * Simplify "query-tooltip" signal handler * statusbar: Use better color that works well with both light and dark themes (gxo#apps/xfce4-taskmanager!17) * Fix tooltip markdown issue * Create notification area icon only if needed (gxo#apps/xfce4-taskmanager#25)