Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190920 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa (19.1.5 -> 19.1.7) Mesa-drivers (19.1.5 -> 19.1.7) MozillaFirefox-branding-openSUSE accountsservice adjtimex avahi avahi-glib2 bash (5.0 -> 5.0.11) blog cdrdao cifs-utils curl (7.65.3 -> 7.66.0) emacs (26.2 -> 26.3) ffmpeg-4 gdb gegl ghostscript iptables iputils kwalletmanager5 libaio libb64 libdmapsharing libmfx (19.1.0 -> 19.2.1) libqca-qt5 libqmi (1.22.4 -> 1.22.6) nano netcat-openbsd (1.195 -> 1.203) numactl opie orc (0.4.29 -> 0.4.30) patterns-base perl-Test-Simple (1.302167 -> 1.302168) plymouth (0.9.4+git20190612+9359382 -> 0.9.5+git20190908+3abfab2) readline spandsp swig (4.0.0 -> 4.0.1) v4l-utils === Details === ==== Mesa ==== Version update (19.1.5 -> 19.1.7) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to version 19.1.7 * another bugfix release .... - Add ppc64 for radeonsi to avoid build error - Update to version 19.1.6 * bugfix release ==== Mesa-drivers ==== Version update (19.1.5 -> 19.1.7) Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - Update to version 19.1.7 * another bugfix release .... - Add ppc64 for radeonsi to avoid build error - Update to version 19.1.6 * bugfix release ==== MozillaFirefox-branding-openSUSE ==== - layout.word_select.stop_at_punctuation -> true (boo#1133163) ==== accountsservice ==== Subpackages: accountsservice-lang libaccountsservice0 typelib-1_0-AccountsService-1_0 - Add accountsservice-wtmp-io-improvements.patch: Backports that improve wtmp io performance (boo#1139487). - Refresh as-fate318433-prevent-same-account-multi-logins.patch. ==== adjtimex ==== - Modernise spec file a bit ==== avahi ==== Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7 - Trim descriptions of secondary packages. - Drop gtk2-devel and python-gtk-devel BuildRequires: No longer build gtk2 support. Following this, pass --disable-gtk to configure. Drop sub-package libavahi-ui0, no longer built. - Drop long disabled sub-packages libavahi-qt4-1 and libavahi-qt4-devel. ==== avahi-glib2 ==== Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0 - Drop gtk2-devel and python-gtk-devel BuildRequires: No longer build gtk2 support. Following this, pass --disable-gtk to configure. Drop sub-package libavahi-ui0, no longer built. - Drop long disabled sub-packages libavahi-qt4-1 and libavahi-qt4-devel. ==== bash ==== Version update (5.0 -> 5.0.11) Subpackages: bash-doc bash-lang - Use new version scheme which now includes patch level as well - Add official patch bash50-010 * Change posix mode bahviour * Remove patch assignment-preceding-builtin.patch - Add official patch bash50-011 The conditional command did not perform appropriate quoted null character removal on its arguments, causing syntax errors and attempts to stat invalid pathnames. - Avoid pulling in bash-doc into every installation. Instead of recommeding it, supplement the documentation pattern. ==== blog ==== Subpackages: libblogger2 - Add blog-Remove-unused-header.patch: Fix build with new glibc (gh#bitstreamout/showconsole#3). ==== cdrdao ==== - Add cdrdao-drop-gconf-dep.patch: Drop dependency on gconf2. Patch taken from debian. - Following the above, drop gconf2-devel BuildRequires. - Refresh patches with quilt. - Run spec-cleaner, use modern macros. ==== cifs-utils ==== - Fix double-free in mount.cifs; (bsc#1149164). * add 0011-fix-doublefree.patch ==== curl ==== Version update (7.65.3 -> 7.66.0) Subpackages: libcurl4 - Update to 7.66.0 [bsc#1149496, CVE-2019-5482][bsc#1149495, CVE-2019-5481] * Changes: - CURLINFO_RETRY_AFTER: parse the Retry-After header value - HTTP3: initial (experimental still not working) support - curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool - curl: support parallel transfers with -Z - curl_multi_poll: a sister to curl_multi_wait() that waits more - sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID * Bugfixes: - CVE-2019-5481: FTP-KRB double-free - CVE-2019-5482: TFTP small blocksize heap buffer overflow - CMake: remove needless newlines at end of gss variables - CMake: use platform dependent name for dlopen() library - CURLINFO docs: mention that in redirects times are added - CURLOPT_ALTSVC.3: use a "" file name to not load from a file - CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED - CURLOPT_HEADERFUNCTION.3: clarify - CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly - CURLOPT_READFUNCTION.3: provide inline example - CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 - Curl_addr2string: take an addrlen argument too - Curl_fillreadbuffer: avoid double-free trailer buf on error - HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown - alt-svc: add protocol version selection masking - alt-svc: fix removal of expired cache entry - alt-svc: make it use h3-22 with ngtcp2 as well - alt-svc: more liberal ALPN name parsing - alt-svc: send Alt-Used: in redirected requests - alt-svc: with quiche, use the quiche h3 alpn string - asyn-thread: create a socketpair to wait on - cleanup: move functions out of url.c and make them static - cleanup: remove the 'numsocks' argument used in many places - configure: avoid undefined check_for_ca_bundle - curl.h: add CURL_HTTP_VERSION_3 to the version enum - curl: cap the maximum allowed values for retry time arguments - curl: handle a libcurl build without netrc support - curl: make use of CURLINFO_RETRY_AFTER when retrying - curl: use CURLINFO_PROTOCOL to check for HTTP(s) - curl_global_init_mem.3: mention it was added in 7.12.0 - curl_version: bump string buffer size to 250 - curl_version_info.3: mentioned ALTSVC and HTTP3 - curl_version_info: offer quic (and h3) library info - curl_version_info: provide nghttp2 details - defines: avoid underscore-prefixed defines - docs/ALTSVC: remove what works and the experimental explanation - docs/EXPERIMENTAL: explain what it means and what's experimental now - docs/MANUAL.md: converted to markdown from plain text - docs/examples/curlx: fix errors - docs: s/curl_debug/curl_dbg_debug in comments and docs - easy: resize receive buffer on easy handle reset - examples: Avoid reserved names in hiperfifo examples - examples: add http3.c, altsvc.c and http3-present.c - http09: disable HTTP/0.9 by default in both tool and library - http2: when marked for closure and wanted to close == OK - http2_recv: trigger another read when the last data is returned - http: fix use of credentials from URL when using HTTP proxy - http_negotiate: improve handling of gss_init_sec_context() failures - md4: Use our own MD4 when no crypto libraries are available - multi: call detach_connection before Curl_disconnect - nss: use TLSv1.3 as default if supported - openssl: build warning free with boringssl - openssl: use SSL_CTX_set__proto_version() when available - plan9: add support for running on Plan 9 - progress: reset download/uploaded counter between transfers - readwrite_data: repair setting the TIMER_STARTTRANSFER stamp - scp: fix directory name length used in memcpy - smb: init *msg to NULL in smb_send_and_recv() - smtp: check for and bail out on too short EHLO response - source: remove names from source comments - spnego_sspi: add typecast to fix build warning - src/makefile: fix uncompressed hugehelp.c generation - ssh-libssh: do not specify O_APPEND when not in append mode - ssh: move code into vssh for SSH backends - sspi: fix memory leaks - tests: Replace outdated test case numbering documentation - tftp: return error when packet is too small for options - timediff: make it 64 bit (if possible) even with 32 bit time_t - travis: reduce number of torture tests in 'coverage' - url: make use of new HTTP version if alt-svc has one - urlapi: verify the IPv6 numerical address - urldata: avoid 'generic', use dedicated pointers - vauth: Use CURLE_AUTH_ERROR for auth function errors ==== emacs ==== Version update (26.2 -> 26.3) Subpackages: emacs-info emacs-nox emacs-x11 etags - Update to emacs version 26.3 * New option 'help-enable-completion-auto-load'. This allows disabling the new feature introduced in Emacs 26.1 which loads files during completion of 'C-h f' and 'C-h v' according to 'definition-prefixes'. * Emacs now supports the new Japanese Era name. The newly assigned codepoint U+32FF was added to the Unicode Character Database compiled into Emacs. ==== ffmpeg-4 ==== Subpackages: libavcodec58 libavdevice58 libavfilter7 libavformat58 libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5 - Add 0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch [boo#1149839, CVE-2019-15942] - Make ffmpeg-4.2-dlopen-fdk_aac.patch less verbose ==== gdb ==== - Add _constraints for PowerPC need more than 3.5GB disk space to avoid build failure - Disable use of valgrind on old s390 (31bit) distros. - Enable librpm for version > librpm.so.3 [bsc#1145692]: * Allow any librpm.so.x * Fix unused variables in HAVE_LIBRPM code in gdb-6.6-buildid-locate-rpm-suse.patch * Add %build test to check for "zypper install <rpm-packagename>" message - Implements jsc#ECO-368, the 2019 toolchain module update ==== gegl ==== Subpackages: gegl-0_4 gegl-0_4-lang libgegl-0_4-0 - bsc#1144344: Remove JPEG2000 support due to planned removal of jasper, drop pkgconfig(jasper) BuildRequires. ==== ghostscript ==== Subpackages: ghostscript-x11 - Add patch gs-CVE-2019-14811-885444fc.patch to fix bsc#1146882 for CVE-2019-14811,CVE-2019-14812,CVE-2019-14813 - Add patch gs-CVE-2019-14817-cd1b1cac.patch to fix bsc#1146884 for CVE-2019-14817 - Add patch openjpeg4gs-CVE-2018-6616-8ee33522.patch to fix bsc#1140359 for CVE-2019-12973 - Update RPM groups. ==== iptables ==== Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins - add missing Provides/Obsoletes for the renamed package iptables-backend-nft (was iptables-nft) ==== iputils ==== - Fix arping -w problem (https://github.com/iputils/iputils/issues/211) * added arping-fix-f-quit-on-first-reply-regression.patch (upstream commit 1df5350) ==== kwalletmanager5 ==== Subpackages: kwalletmanager5-lang - Remove no longer required kdelibs4support-devel BuildRequires, explicitly add no longer pulled in dependencies - Remove some obsolete parts from the spec file ==== libaio ==== Subpackages: libaio-devel libaio1 - Add _constraints for PowerPC to avoid OOM at build time ==== libb64 ==== - Small spec file cleanup ==== libdmapsharing ==== - Add missing pkgconfig(avahi-client) and pkgconfig(gtk+-2.0) BuildRequires previously pulled in by avahi. ==== libmfx ==== Version update (19.1.0 -> 19.2.1) Subpackages: libmfx1 - Update to release 19.2.1 * bugfixes and improvements ==== libqca-qt5 ==== Subpackages: libqca-qt5-plugins - Drop the obsolete libqca2 package. - Run spec-cleaner ==== libqmi ==== Version update (1.22.4 -> 1.22.6) Subpackages: libqmi-glib5 libqmi-tools - Update to version 1.22.6: + qmicli: - Fix potential dereference of null GArray in LOC service. + libqmi-glib: - Fix definitions for QMI_*_LTE_BAND_*_EUTRAN_32 enum values. + Build updated with several fixes: - Explicitly define max allowed GLib version. ==== nano ==== Subpackages: nano-lang - Do not recommend lang package. The lang package already has a supplements. ==== netcat-openbsd ==== Version update (1.195 -> 1.203) - Update to 1.203 matching debian - Remove patch verbose-numeric-port.patch - Refresh patches: * broadcast-support.patch * build-without-TLS-support.patch * connect-timeout.patch * dccp-support.patch * destination-port-list.patch * get-sev-by-name.patch * misc-failures-and-features.patch * port-to-linux-with-libsd.patch * quit-timer.patch * send-crlf.patch * serialized-handling-multiple-clients.patch * set-TCP-MD5SIG-correctly-for-client-connections.patch * udp-scan-timeout.patch * use-flags-to-specify-listen-address.patch ==== numactl ==== Subpackages: libnuma1 - numastat doesn't need perl anymore since 2012 ==== opie ==== Subpackages: opie-32bit - Remove ancient %clean section. Replace old $RPM_* shell vars by macros. ==== orc ==== Version update (0.4.29 -> 0.4.30) - Update to version 0.4.30: + Don't always generate static library but default to shared-only + Work around false positives in Microsoft UWP certification kit + Add endbr32/endbr64 instructions on x86/x86-64 for indirect branch tracking + Fix gtk-doc build when orc is used as a meson subproject + Switch float comparison in tests to ULP method to fix spurious failures + Fix flushing of ARM icache when using dual map + Use float constants/parameters when testing float opcodes + Add support for Hygon Dhyana processor + Fix PPC/PPC64 CPU family detection + Add little-endian PPC support + Fix compiler warnings with clang + Mark exec mapping writable in debug mode for allowing breakpoints + Various codegen refactorings + autotools support has been dropped in favour of Meson as build system. + Fix PPC CPU feature detection and add support for VSX/v2.07 + Add double/int64 support for PPC - No longer remove static file in install section, no longer needed as it's not built by default anymore. ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - minimal_base: add libnss_usrfiles2, required to read /usr/etc ==== perl-Test-Simple ==== Version update (1.302167 -> 1.302168) - updated to 1.302168 see /usr/share/doc/packages/perl-Test-Simple/Changes 1.302168 2019-09-06 07:40:18-07:00 America/Los_Angeles - Fix Typo in a Test2::API::Breakage warning (Thanks E. Choroba) - Delay loading of Term::Table until needed (Thanks Graham Knop) ==== plymouth ==== Version update (0.9.4+git20190612+9359382 -> 0.9.5+git20190908+3abfab2) Subpackages: plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Add patch plymouth-avoid-umount-hanging-shutdown.patch: To avoid grantpt() call nsslookup, it will hanging system unmount /var during shutdown period(bsc#1105688, bsc#1129386, bsc#1134660). - Update to version 0.9.5+git20190908+3abfab2: * two-step: Deal with buggy firmware which does not pre-rotate the bgrt image * configure: bump so name * Internationalization: Add zh_HK and zh_TW translations. * add delay time to 8 seconds to fit AMD graphic card. ==== readline ==== Subpackages: libreadline8 readline-devel readline-doc - Avoid pulling in readline-doc into every installation. Instead of recommeding it, supplement the documentation pattern. ==== spandsp ==== - Modernized the specfile. ==== swig ==== Version update (4.0.0 -> 4.0.1) - Update to 4.0.1 - SWIG now cleans up on error by removing all generated files. - Add Python 3.8 support. - Python Sphinx compatibility added for Doxygen comments. - Some minor regressions introduced in 4.0.0 were fixed. - Fix some C++17 compatibility problems in Python and Ruby generated code. - Minor improvements/fixes for C#, Java, Javascript, Lua, MzScheme, Ocaml, Octave and Python. See https://raw.githubusercontent.com/swig/swig/master/CHANGES ==== v4l-utils ==== Subpackages: libv4l libv4l1-0 libv4l2-0 libv4lconvert0 - Split build of qv4l2ctl to an independent package. This allows building libv4l much earlier in the build cycle, as it no longer depends on libQt5. * Add use_system_v4l_for_qv4l.patch - Drop glu BuildRequires, only used for unused test binary in contrib. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org