==== libindi ====
Subpackages: libindi-devel libindi1 libindiAlignmentDriver1 libindidriver1 libindimain1
- libindi-implicit-pointer-decl.patch: fix rpmlint implicit
- BuildRequire libusb-1.0 not libusb-devel
- Build C++ code with at least -fvisibility-inlines-hidden.
==== nano ====
Version update (2.4.1 -> 2.4.2)
- GNU nano 2.4.2:
* ability to resize when in modes other than the main editing window
* proper displaying of invalid UTF-8 bytes
* new syntax definitions for Elisp, Guile, and PostgreSQL
* better display of shortcuts in the help menu and file browser
==== libopenssl-devel ====
Version update (1.0.2a -> 1.0.2d)
Subpackages: libopenssl1_0_0 libopenssl1_0_0-32bit openssl
- update to 1.0.2d
* fixes CVE-2015-1793 (bsc#936746)
Alternate chains certificate forgery
During certificate verfification, OpenSSL will attempt to find an
alternative certificate chain if the first attempt to build such a chain
fails. An error in the implementation of this logic can mean that an
attacker could cause certain checks on untrusted certificates to be
bypassed, such as the CA flag, enabling them to use a valid leaf
certificate to act as a CA and "issue" an invalid certificate.
- drop openssl-fix_invalid_manpage_name.patch (upstream)
- Workaround debugit crash on ppc64le with gcc5
- update merge_from_0.9.8k.patch replacing __LP64__ by __LP64
this is a change versus previous request 309611
required to avoid build error for ppc64
- Build with no-ssl3, for details on why this is needed read
rfc7568. Contrary to the "no-ssl2" option, this does not
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
but will fail to negotiate. if removing SSL3 methods is desired
at a later time, option "no-ssl3-method" needs to be used.
- update to 1.0.2c
* Fix HMAC ABI incompatibility
- refreshed openssl-1.0.2a-fips.patch
- update to 1.0.2b
* Malformed ECParameters causes infinite loop (CVE-2015-1788)
* Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
* PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
* CMS verify infinite loop with unknown hash function (CVE-2015-1792)
* Race condition handling NewSessionTicket (CVE-2015-1791)
- refreshed patches:
==== pragha ====
Version update (184.108.40.206 -> 220.127.116.11)
Subpackages: pragha-lang pragha-plugins
- Update to 18.104.22.168.
* Fixed: Not save state album_art_in_osd=false.
* Provide more app icons size.
* Set expand comment entry on tag dialog.
* Ensure menu size and fallback to 16 on library and playlist
* Updated translations: German, Ukrainian, Czech.
* New Bulgarian translation.
- Correct the project URL.
- Doesn't buildrequires fdupes.
==== xournal ====
- Use upstream command to install desktop entries, mimetypes
- Generate and install hires icons into hicolor directory (needed
on HiDPI displays).
- Use appropriate post-scripts to update desstop menu database,
mime cache and icon-theme.
- Drop external .desktop file and icon, and use upstream bundled
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org