Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.0&build=231.1&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.0 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: autofs babl (0.1.44 -> 0.1.46) chromium (66.0.3359.117 -> 66.0.3359.139) dracut fcitx-qt5 gegl (0.3.30 -> 0.3.34) ghostscript (9.22 -> 9.23) gnome-control-center json-glib kernel-source libqt5-qttranslations (5.9.4 -> 5.9.5) libstorage-ng (3.3.250 -> 3.3.259) libzypp (17.3.0 -> 17.3.1) mariadb-connector-c (3.0.2 -> 3.0.3) openldap2 polkit (0.113 -> 0.114) powerdevil5 python3 (3.6.4 -> 3.6.5) python3-base (3.6.4 -> 3.6.5) qemu rdma-core tigervnc totem virtualbox (5.2.10_k4.12.14_lp150.9 -> 5.2.10_k4.12.14_lp150.10) yast2-samba-client (3.1.19 -> 4.0.1) yast2-storage-ng (4.0.164 -> 4.0.167) zypper (1.14.4 -> 1.14.5) === Details === ==== autofs ==== - BuildRequire pkgconfig(udisks2) instead of udisks2-devel: let's be flexible on possible package name changes. - Package COPYRIGHT as %license instead of %doc. - 0001-use_hostname_for_mounts-shouldn-t-prevent-selection-.patch Fix handling of replicated NFS server so that selection between servers still works sensibly when use_hostname_for_mounts is in effect. (bsc#1066720) - 0002-Fix-monotonic_elapsed.patch Fix bug introduced with monotonic-time patches which causes nanoseconds to be ignored and effectively disables sorting based on response time and/or weight. (bsc#1066720) ==== babl ==== Version update (0.1.44 -> 0.1.46) - Update to version 0.1.46: + Added extensions with more coverage for u32, half and other utilit fast paths. + Improving fast path coverage. ==== chromium ==== Version update (66.0.3359.117 -> 66.0.3359.139) - chromium 66.0.3359.139: * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) * drop add-missing-blink-tools.patch, now in tarball again ==== dracut ==== - 01fips: fix FIPS mode on SLES 15 (bsc#1074984) * adds 0567-Fix-booting-with-fips-1-on-SLES-15.patch ==== fcitx-qt5 ==== - Add upstream patch fix-compilation-with-qt-5.11.patch: * Fix compilation with Qt 5.11 (missing include) ==== gegl ==== Version update (0.3.30 -> 0.3.34) Subpackages: gegl-0_3 gegl-0_3-lang libgegl-0_3-0 - Do not buildrequires lensfun-devel, it would be only used when building workshop, if Makefile was really compiling relevant code. - Explicitly version pkgconfig(libavcodec), pkgconfig(libavformat) and pkgconfig(libswscale) BuildRequires to less than the symbol versions provided by ffmpeg4 branch until upstream catches up. Currently provided by new ffmpeg3 compatability package. - Update to version 0.3.34 (CVE-2018-10114): + Core: Change GeglParamSpecSeed from int to uint to match the value range of GeglRandom's seed. + Operations: Limit allocations in ppm-load to 2GB (CVE-2018-10114). - Changes from version 0.3.32: + Operations: - panorama-projection: added reverse transform, which permits using GIMP for retouching zenith, nadir or other arbitrary gaze directions in equirectangular, also known as 360x180 panoramas. - Added abyss-policy to base class for scale ops, making it possible to achieve hard edges on rescaled buffers. + GeglBuffer: - Improved performance and correctness, avoid incorrectly gamma/ungamma correcting alpha in u8 formats, for a tiny 2-3% performance boost. - Keep track of valid/invalid areas on smaller granularity than tiles in mipmap. - Various micro-optimizations in display paths, with minuscle performance impact. - Add cairo and glib-2.0 BuildRequires to avoid implicit dependencies. ==== ghostscript ==== Version update (9.22 -> 9.23) Subpackages: ghostscript-x11 - Version upgrade to 9.23 Highlights in this release include: * Ghostscript now has a family of 'pdfimage' devices (pdfimage8, pdfimage24 and pdfimage32) which produce rendered output wrapped up as an image in a PDF. Additionally, there is a 'pclm' device which produces PCLm format output. * There is now a ColorAccuracy parameter allowing the user to decide between speed or accuracy in ICC color transforms. * JPEG Passthrough: devices which support it can now receive the 'raw' JPEG stream from the interpreter. The main use of this is the pdfwrite/ps2write family of devices that can now take JPEG streams from the input file(s) and write them unchanged to the output (thus avoiding additional quantization effects). * PDF transparency performance improvements * IMPORTANT: We (i.e. Ghostscript upstream) are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF). * We have continued the focus on code hygiene in this release cleaning up security issues, ignored return values, and compiler warnings. * The usual round of bug fixes, compatibility changes, and incremental improvements. Incompatible changes * The planned device API tidy has, unfortunately, been indefinitely postponed, until appropriate resources are available. For a release summary see: http://www.ghostscript.com/doc/9.23/News.htm For details see the News.htm and History9.htm files. See also the entries below since "Version upgrade to 9.22" (boo#1082896 and boo#1074266). - For now use lcms2 from SUSE because that is what currently Ghostscript upstream recommends according to https://ghostscript.com/pipermail/gs-devel/2018-March/010061.html because since Ghostscript 9.23rc1 there is no longer lcms2 in Ghostscript but now it is lcms2art which is the beginning of a lcms2 fork, see News.htm that reads in particular "LCMS2 is not thread safe ... Our fork will be thread safe ... We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity", see also https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c14 - On SLE11 and on SLE12-SP1 there is liblcms2-2-2.5 which is too old so that configure fails there with configure: error: lcms2 not found, or too old but there is no configure option to build it without lcms2 so that for SLE11 and SLE12-SP1 it is built with the lcms2art in Ghostscript. - ppc64le-support.patch is no longer needed because it only contained a fix for lcms2art/include/lcms2art.h in Ghostscript but currently lcms2 from SUSE is used instead (see above). - Do no longer require any fonts packages in particular neither require ghostscript-fonts-std because the PostScript Base35 fonts are provided by Ghostscript (in 'Resource') nor require ghostscript-fonts-other (provides Bitream Charter, Adobe Utopia, URW Antiqua, URW Grotesq and Hershey fonts where all but the last are also provided by texlive-<name>-fonts) and those fonts are not required for PostScript compliance, see https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c13 - Version upgrade to 9.23rc1 (first release candidate for 9.23). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - Adapted ppc64le-support.patch: In Ghostscript 9.23 there is now lcms2art/include/lcms2art.h (instead of lcms2/include/lcms2.h). - ghostscript-fix-debug-use.patch is no longer needed because the issue is fixed in the upstream sources. - fix_ln_docdir_gsdatadir.patch avoids "base/unixinst.mak:162: recipe for target 'install-doc' failed" - Adapted spec file to the new Ghostscript upstream documentation directory /usr/share/doc/ghostscript/9.23/ - Use -p /sbin/ldconfig instead of shell post(un) scriptlet, drop explicit Prereq for ldconfig - Use shared libgs library for gs binary instead of static linked version - Use --disable-compile-inits, to allow unbundling of Resource files - Remove --disable-omni switch, has been removed in GS 9.20 - Keep patch ordering in full/mini consistent - Remove patch backup files to avoid packaging - Add ghostscript-fix-debug-use.patch from upstream to fix broken printing with some drivers (especially Dell Printers) from https://bugs.ghostscript.com/show_bug.cgi?id=698837 - Fix build for SLE targets ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Add gnome-control-center-users-empty-state.patch and gnome-control-center-fix-users-crash.patch: fix crash opening users as root (bsc#1087583 bgo#773673). ==== json-glib ==== Subpackages: json-glib-lang libjson-glib-1_0-0 typelib-1_0-Json-1_0 - Set gettext domain explicitly in translation-update-upstream, as it does not support complex meson.build expressions (bsc#1087076#c21). ==== kernel-source ==== - kernel-binary: only install modules.fips on modular kernels. - commit 6408562 - powerpc/64s/idle: Fix restore of AMOR on POWER9 after deep sleep (bsc#1055186, fate#323286). - commit 6368307 - Update config files. - commit 6174b6c - powerpc/mm/radix: Fix checkstops caused by invalid tlbiel (bsc#1055186, fate#323286). - powerpc/mm/radix: Update command line parsing for disable_radix (bsc#1055186, fate#323286). - powerpc/mm/radix: Parse disable_radix commandline correctly (bsc#1055186, fate#323286). - powerpc/mm/radix: Update pte fragment count from 16 to 256 on radix (bsc#1055186, fate#323286). - powerpc/mm/radix: Fix always false comparison against MMU_NO_CONTEXT (bsc#1055186, fate#323286). - powerpc/mm: Add a CONFIG option to choose if radix is used by default (bsc#1055186, fate#323286). - commit e9d987c - powerpc/xive: Fix wrong xmon output caused by typo (bsc#1088273). - commit f3598fe - btrfs: qgroups, fix rescan worker running races (bsc#1091101). - commit 3c4b9ba - supported.conf: mark new FIPS modules as supported: sha2-mb, sha3, crc32 and crypto_engine (bsc#1074984) - commit 9e8aa4a - random: fix crng_ready() test (CVE-2018-1108,bsc#1090818). - commit 8c55b94 - btrfs: use spinlock to protect ->caching_block_groups list (bsc#1083684). - commit bb913e1 - bnxt_en: Fix memory fault in bnxt_ethtool_init() (bsc#1050242 FATE#322914). - commit 65193fa - kvm/x86: fix icebp instruction handling (bsc#1087088). - commit 364bcca - crypto: cavium - Fix smp_processor_id() warnings (bsc#1089141). - crypto: cavium - Fix statistics pending request value (bsc#1089141). - crypto: cavium - Prevent division by zero (bsc#1089141). - crypto: cavium - Limit result reading attempts (bsc#1089141). - crypto: cavium - Fix fallout from CONFIG_VMAP_STACK (bsc#1089141). - commit 6ff9496 - xfs: set format back to extents if xfs_bmap_extents_to_btree (bsc#1090717, CVE-2018-10323). - commit cd127e8 - supported.conf: remove obsolete entry drivers/tty/serial/of_serial -> drivers/tty/serial/8250/8250_of - commit 8e4b38c - ppc64le: reliable stacktrace: mark stacktraces with kretprobe_trampoline as unreliable (bsc#1090522). - commit ed9151a - Refresh patches.suse/btrfs-fix-race-condition-between-delayed-refs-and-blockgroup-removal.patch. - commit 1ba0893 - xprtrdma: Fix corner cases when handling device removal (git-fixes). - nfsd: fix incorrect umasks (git-fixes). - fs: Teach path_connected to handle nfs filesystems with multiple roots (git-fixes). - md raid10: fix NULL deference in handle_write_completed() (git-fixes). - fix kabi breaker in md.h (git-fixes). - md: fix md_write_start() deadlock w/o metadata devices (git-fixes). - nfs: system crashes after NFS4ERR_MOVED recovery (git-fixes). - commit 69e2c71 ==== libqt5-qttranslations ==== Version update (5.9.4 -> 5.9.5) - Update to 5.9.5: * New bugfix release * Contains fixed translations (bsc#1082569) * For more details, see http://code.qt.io/cgit/qt/qttranslations.git/tree/dist/changes-5.9.5/?h=v5.9... ==== libstorage-ng ==== Version update (3.3.250 -> 3.3.259) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Czech) - 3.3.259 - Translated using Weblate (Dutch) - 3.3.258 - Translated using Weblate (Japanese) - 3.3.257 - Translated using Weblate (Dutch) - 3.3.256 - merge gh#openSUSE/libstorage-ng#523 - merged po files - 3.3.255 - merge gh#openSUSE/libstorage-ng#522 - centralized reading /sys/block - added function light_probe (for bsc#1090753) - added integration test - 3.3.254 - merge gh#openSUSE/libstorage-ng#521 - added stand-alone functions to read fstab and crypttab - added integration tests - removed unneeded include - 3.3.253 - Translated using Weblate (Portuguese (Brazil)) - 3.3.252 - Translated using Weblate (Swedish) - 3.3.251 ==== libzypp ==== Version update (17.3.0 -> 17.3.1) - Avoid zombie tar processes (bsc#1076192) - Replace the terminology 'uninstallable' with 'not installable' (bsc#1029392) - version 17.3.1 (2) ==== mariadb-connector-c ==== Version update (3.0.2 -> 3.0.3) - New upstream version 3.0.3 * Added support for new utf8mb4 character sets * MDEV-9059: Bundle first command with authentication packet * Build: support static OpenSSL on Windows * MDEV-14101: Add support for tls-version, via mysql_options(mysql, MARIADB_OPT_TLS_VERSION, value), where value must be "TLSv1.1", "TLSv1.2" or "TLSv1.3". * CONC-275: New indicator type STMT_INDICATOR_IGNORE_ROW for skipping particular parameter set in bulk operation (prepared statements). * MDEV-10361: Don't try to reconnect twice if mysql_ping failed. * Build fix for TSAN build with Clang * CONC-302: Fix output of mariadb_config * CONC-301: In case of a truncation the statement status was not updated correctly and further calls to mysql_stmt_fetch_column failed * MDEV-14647: Fixed crash when client receives extended ok packet with SESSION_TRACK_STATE_CHANGE information flag * CONC-297: setting MYSQL_OPT_LOCAL_INFILE failed on big endian systems. * MDEV-14514: mariadb_config returned wrong exit code when specifying an invalid option * MDEV-11546: Fixed timeout problem in Schannel * CONC-277: Allow reinitialization of the library if mysql_server_end() was called. * CONC-292: Fixed malloc result check in dynamic columns * MDEV-14165: The metadata length value for a column with a zerofill flag was calculated with a fixed length instead of using the reported length. * CONC-286: Force TLS/SSL usage if fingerprint parameters were specified. * CONC-282: Connector/C now provides additional information for package version * mariadb_config --cc_version lists the package version * Beside MARIADB_PACKAGE_VERSION numeric representation MARIADB_PACKAGE_VERSION_ID can be used now within preprocessor directives. * MDEV-13959: Fixed duplicate if condition in dynamic columns * Added MARIADB_BASE_VERSION definition in mariadb_version.h to distnguish MARIADB from MySQL * CONC-271: installation layout fix for RPM - refresh the following patches: * absolute_path_fix.patch * private_library.patch - drop 0334aa48.patch that is no longer needed - use %license instead of %doc [bsc#1082318] ==== openldap2 ==== Subpackages: libldap-2_4-2 libldap-2_4-2-32bit libldap-data openldap2-client - bsc#1085064 Packaging issues have been discovered around the openldap_update_modules_path.sh which has been corrected: - the spec file was wrongly configured, therefore the script has never been called - the script should create the symlinks first, as slapcat is useless on a system which is already affected. ==== polkit ==== Version update (0.113 -> 0.114) Subpackages: libpolkit0 typelib-1_0-Polkit-1_0 - Update to version 0.114: + Port to mozjs 52, the latest version of the firefox JavaScript engine. + Add gettext support for policy files. + Fixes for various memory leaks. + Updated translations. - Update keyring with Ray Strode <halfline@gmail.com> public key. - Drop with_systemd define and all conditionals and polkit-no-systemd.patch and ConsoleKit BuildRequires, we only support systemd now. - Drop upstream fixed polkit-itstools.patch. - Rebase pkexec.patch with quilt. - Add gcc-c++ and pkgconfig(mozjs-52) BuildRequires: New dependencies. - Drop conditional pkgconfig(mozjs-17.0) and pkgconfig(mozjs185): no longer supported. - Drop autoconf and automake BuildRequires: They are implicit via libtool BuildRequires. - Replace glib2-devel and gobject-introspection-devel with their pkgconfig counterparts: pkgconfig(gio-unix-2.0), pkgconfig(gmodule-2.0) and pkgconfig(gobject-introspection-1.0). - Add polkit-jsauthority-pass-format-string.patch: jsauthority: pass "%s" format string to remaining report function, patch from upstream git, adding missed commit (bgo#105865). - Drop polkit-revert-session-magic.patch: Upstream systemd bug is since a long time fixed (gh#systemd#58) (boo#954139). - pkexec.patch: pkexec: allow --version and --help even if not setuid - Modernize spec-file by calling spec-cleaner ==== powerdevil5 ==== Subpackages: powerdevil5-lang - Add patch to fix initial config generation (kde#391782): * 0001-Ignore-migration-key-for-determining-whether-the-con.patch ==== python3 ==== Version update (3.6.4 -> 3.6.5) Subpackages: python3-curses python3-dbm - As we run in main python package do not generate the pre_checkin from both now - Move the tests from base to generic package wrt bsc#1088573 * We still fail the whole distro if python3 is not build * The other archs than x86_64 took couple of hours to unblock build of other software, this way we work around the issue - update to 3.6.5 * bugfix release * see Misc/NEWS for details - drop ctypes-pass-by-value.patch - drop fix-localeconv-encoding-for-LC_NUMERIC.patch - refresh python-3.6.0-multilib-new.patch ==== python3-base ==== Version update (3.6.4 -> 3.6.5) Subpackages: libpython3_6m1_0 - As we run in main python package do not generate the pre_checkin from both now - Move the tests from base to generic package wrt bsc#1088573 * We still fail the whole distro if python3 is not build * The other archs than x86_64 took couple of hours to unblock build of other software, this way we work around the issue - Some tests are still run in -base for the LTO tweaking, but at least it is not run twice - update to 3.6.5 * bugfix release * see Misc/NEWS for details - drop ctypes-pass-by-value.patch - drop fix-localeconv-encoding-for-LC_NUMERIC.patch - refresh python-3.6.0-multilib-new.patch - Created %so_major and %so_minor macros - Put Tools/gdb/libpython.py script into proper place and ship it with devel subpackage. ==== qemu ==== - Guard strncpy call with GCC pragma to disable warning about possible incorrect usage, when in fact it is correct. This is for gcc 8 compatibility (bsc#1090355) ipxe-efi-guard-strncpy-with-gcc-warning-ignore-pragma.patch - Add WantedBy for enable qemu-ga@.service auto start (bsc#1090369) ==== rdma-core ==== Subpackages: libibverbs libibverbs1 libmlx4-1 libmlx5-1 - Add umad-Do-not-check-for-umad-sysfs-files-in-umad_init.patch to fix umad/ibstat support on RoCE hardware (bsc#1088441). ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc - Reload firewalld files after installation. ==== totem ==== Subpackages: nautilus-totem totem-lang totem-plugins - Fix broken "ninja totem-update-po" (bsc#1087076#c21, totem-xgettext-po-update.patch) ==== virtualbox ==== Version update (5.2.10_k4.12.14_lp150.9 -> 5.2.10_k4.12.14_lp150.10) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-tools virtualbox-guest-x11 - Add gcc8-configure.patch to fix boo#1090367. ==== yast2-samba-client ==== Version update (3.1.19 -> 4.0.1) - Use firewalld samba service definition (bsc#1083456) +- 4.0.1 - SuSEFirewall2 replaced by firewalld (fate#323460) - 4.0.0 ==== yast2-storage-ng ==== Version update (4.0.164 -> 4.0.167) - Set fs_passno to 1 for ext2/3/4 root filesystems (bsc#1078703). - 4.0.167 - fix libstorage logging that do not expect printf expansion (bsc#1091062) - 4.0.166 - Ensure the installer adds reused devices to /etc/crypttab and/or /etc/mdadm.conf if needed for booting (bsc#1071350). - 4.0.165 ==== zypper ==== Version update (1.14.4 -> 1.14.5) Subpackages: zypper-aptitude zypper-log - search: Hint the user to the 'search-packages' subcommand, if the distribution provides it (bsc#1089994) - clean: Don't report an error, if no repo is to be cleaned (bsc#1089504) - Add --installroot flag (fixes #157) - version 1.14.5 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org