Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20200422 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: appstream-glib (0.7.16 -> 0.7.17) crash freerdp google-noto-sans-cjk-fonts (20170403 -> 20190410) google-noto-serif-cjk-fonts grub2 kismet (2020_03_R1 -> 2020_04_R1) libmnl libnma libvirt mariadb patterns-gnome (20180321 -> 20200416) perl-Mojolicious (8.37 -> 8.39) python-Beaker python-kiwisolver (1.1.0 -> 1.2.0) qemu qemu-linux-user sudo (1.8.31p1 -> 1.9.0rc2) suse-module-tools (15.2.10 -> 15.3.2) tracker wavpack (5.1.0+71.22977b2 -> 5.3.0) yast2-sound (4.2.2 -> 4.2.3) === Details === ==== appstream-glib ==== Version update (0.7.16 -> 0.7.17) Subpackages: appstream-glib-lang libappstream-glib8 - Add as-glib-PR359.patch: Fix crash with invalid children of <ul>. - Update to version 0.7.17: * Support versioning on clang/macOS * Use ".so" suffix for the plugins on macOS * Use internal uuid library in macOS * docs: Fix examples of AsNodeToXmlFlags using an invalid flag. * Bump minimum glib2 dependency. * Update Galician translations * as-app: properly initialize unique_id_mutex * Use _fullpath() instead of GetFullPathNameA(). * Fix Win32 headers. * Support ${id}/${locale}.qm in addition to ${id}_${locale}.qm * as-app: add "icon-theme" as recognised component type * as-content-rating: Make default values match OARS semantics ==== crash ==== - Make Factory ppc64 crash usable on both SLE 15 SP1 and releases before SLE15 SP1 (bsc#1148197). This is only a workaround that requires to build crash for each codestream separately. - Drop crash-s390-autodetect-kaslr.patch which has been merged in 7.2.7. ==== freerdp ==== Subpackages: libfreerdp2 libwinpr2 - Updated and reviewed make command and added fix-freerdp-2.0.0-usbdk-build.patch to fix boo#1169679 and make USB working again - Fixed build for SLE_12 - Cleaned up spec file - Add fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch in order to fix boo#1169748. ==== google-noto-sans-cjk-fonts ==== Version update (20170403 -> 20190410) Subpackages: noto-sans-sc-bold-fonts noto-sans-sc-fonts noto-sans-sc-regular-fonts noto-sans-tc-bold-fonts noto-sans-tc-fonts noto-sans-tc-regular-fonts - Update version to 2.001(20190410) * A second flavor of Traditional Chinese, for Hong Kong and supporting the HKSCS-2016 standard, was add- ed, which increased the total number of font resources by 16, from 72 to 88. * 155 new mappings have been added to the CMap resources. 66 are from BMP code points, 22 are from Plane 1 code points, and the remaining 67 are from Plane 2 code points. Among the 67 new Plane 2 code points, 57 are from Extension B, two are from Extension C, three are from Extension E, and the remaining five are from Extension F. * As a result of removing approximately 1,750 glyphs in order to make room for approximately 1,750 new glyphs, the CID assignments of the glyphs necessarily?and drastically?changed. The CID assignments of exactly 200 glyphs are unchanged from Version 1.004: 0?107, 2570?2633, 47223?47232, 47262?47272, 47281?47286, and 65484. * The Traditional Chinese form of the Radical #162 ? component was improved. * The URO is complete up through U+9FEF (Unicode Version 11.0). * The glyphs for some of the kana were tweaked. * The glyphs and support for bopomofo, along with their tone marks, were improved. This involved adding the 'GDEF' (Glyph Definition) table, the 'mark' (Mark Positioning) GPOS feature, and the 'ruby' (Ruby Nota- tion Forms) GSUB feature. * The language and script declarations in the 'locl' and 'vert' GSUB features were improved. * The 13-page glyph synopsis PDFs for the 500 pre-composed high-frequency hangul syllables have been incorporated into the Unicode-base glyph synopsis PDFs, and are bookmarked under the ?Korean? book- mark. * Placeholder glyphs for U+32FF, uni32FF (CID+2184) and uni32FF-V (CID+65359), are included. This character has been reserved for the two-ideograph square ligature that represents the name of Japan?s forthcoming new era which starts on 2019-05-01, and will be the only character added in Unicode Version 12.1. * Like Source Han Serif, the CIDFont and CMap resources do not include XUID arrays. * Like Source Han Serif, there are no mappings for the range U+0000 through U+001F. * Like Source Han Serif, the code points that correspond to Halfwidth Jamo variants map to glyphs that cor- respond to code points in the Hangul Compatibility Jamo block. In other words, the glyphs for half-width jamo have been removed. * Like Source Han Serif, the 'name' table does not includes any Macintosh (PlatformID=1) strings. * Like Source Han Serif, the Regular weight is now style-linked to the Bold weight. This means that the Bold weight may not appear in the font menu, particularly when using applications that support style-linking as a way to make text bold. * Like Source Han Serif, the 'vert' GPOS feature is included. * Like Source Han Serif, the deprecated 'hngl' (Hangul) GSUB feature is not included in the Korean fonts and font instances. - Split HongKong Fonts for NotoSans. ==== google-noto-serif-cjk-fonts ==== Subpackages: noto-serif-jp-bold-fonts noto-serif-jp-fonts noto-serif-jp-regular-fonts noto-serif-sc-bold-fonts noto-serif-sc-fonts noto-serif-sc-regular-fonts noto-serif-tc-bold-fonts noto-serif-tc-fonts noto-serif-tc-regular-fonts - Update version to 2.001(20190410) * A second flavor of Traditional Chinese, for Hong Kong and supporting the HKSCS-2016 standard, was add- ed, which increased the total number of font resources by 16, from 72 to 88. * 155 new mappings have been added to the CMap resources. 66 are from BMP code points, 22 are from Plane 1 code points, and the remaining 67 are from Plane 2 code points. Among the 67 new Plane 2 code points, 57 are from Extension B, two are from Extension C, three are from Extension E, and the remaining five are from Extension F. * As a result of removing approximately 1,750 glyphs in order to make room for approximately 1,750 new glyphs, the CID assignments of the glyphs necessarily?and drastically?changed. The CID assignments of exactly 200 glyphs are unchanged from Version 1.004: 0?107, 2570?2633, 47223?47232, 47262?47272, 47281?47286, and 65484. * The Traditional Chinese form of the Radical #162 ? component was improved. * The URO is complete up through U+9FEF (Unicode Version 11.0). * The glyphs for some of the kana were tweaked. * The glyphs and support for bopomofo, along with their tone marks, were improved. This involved adding the 'GDEF' (Glyph Definition) table, the 'mark' (Mark Positioning) GPOS feature, and the 'ruby' (Ruby Nota- tion Forms) GSUB feature. * The language and script declarations in the 'locl' and 'vert' GSUB features were improved. * The 13-page glyph synopsis PDFs for the 500 pre-composed high-frequency hangul syllables have been incorporated into the Unicode-base glyph synopsis PDFs, and are bookmarked under the ?Korean? book- mark. * Placeholder glyphs for U+32FF, uni32FF (CID+2184) and uni32FF-V (CID+65359), are included. This character has been reserved for the two-ideograph square ligature that represents the name of Japan?s forthcoming new era which starts on 2019-05-01, and will be the only character added in Unicode Version 12.1. * Like Source Han Serif, the CIDFont and CMap resources do not include XUID arrays. * Like Source Han Serif, there are no mappings for the range U+0000 through U+001F. * Like Source Han Serif, the code points that correspond to Halfwidth Jamo variants map to glyphs that cor- respond to code points in the Hangul Compatibility Jamo block. In other words, the glyphs for half-width jamo have been removed. * Like Source Han Serif, the 'name' table does not includes any Macintosh (PlatformID=1) strings. * Like Source Han Serif, the Regular weight is now style-linked to the Bold weight. This means that the Bold weight may not appear in the font menu, particularly when using applications that support style-linking as a way to make text bold. * Like Source Han Serif, the 'vert' GPOS feature is included. * Like Source Han Serif, the deprecated 'hngl' (Hangul) GSUB feature is not included in the Korean fonts and font instances. - Split HongKong Fonts for NotoSans. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Fix executable stack in grub-probe and other grub utility (bsc#1169137) * grub2-btrfs-06-subvol-mount.patch ==== kismet ==== Version update (2020_03_R1 -> 2020_04_R1) Subpackages: kismet-capture-freaklabs-zigbee kismet-capture-linux-bluetooth kismet-capture-linux-wifi kismet-capture-nrf-51822 kismet-capture-nrf-mousejack kismet-capture-sdr-rtl433 kismet-capture-sdr-rtladsb kismet-capture-sdr-rtlamr kismet-capture-ti-cc2540 kismet-logtools - Update to version 2020-04-R1 * New web-based UI with searching, device notes, realtime graphs, and more. * A REST-like API * Expanded support for non-WiFi capture types * New remote capture * Massive data set support * New KismetDB logs * Multithreaded optimizations * Kismet will now take advantage of multi-core systems, both on large servers, and on small systems like the Raspberry Pi; * Live packet export * Packets can now be streamed live via the export endpoints, as a pcapng stream of all packets or with live filtering by data source, device, and more. * Scriptable alerts * Alerts can be defined (and triggered) via REST endpoints ==== libmnl ==== - package the license text ==== libnma ==== Subpackages: libnma-lang libnma0 typelib-1_0-NMA-1_0 - Add libnma-fix-segment-fault.patch: nma-ws: properly dispose wireless security objects(bsc#1168347 glgo#GNOME/libnma#7). ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - libxl: Add support for 'passthrough' and 'e820_host' settings b7d6648d-conf-add-e820-host.patch, 5749395b-libxl-e820-host.patch, f3ef7daf-xenconfig-e820-host.patch, 34077c1b-tests-check-e820-host.patch, fadbaa23-conf-add-passthrough.patch, 9529e007-libxl-passthrough.patch, 9cb8bc6f-xenconfig-refactor-features.patch, b523e225-xenconfig-passthrough.patch, bed32525-tests-check-passthrough.patch bsc#1167217 - qemu: fix hang in p2p + xbzrle compression + parallel migration 93b15ba0-qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch bsc#1161159 ==== mariadb ==== Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Add oqgraph.social to the suse_skipped_tests.list (reported upstream as MDEV-22280) [bsc#1169369] ==== patterns-gnome ==== Version update (20180321 -> 20200416) Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basic patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_ide patterns-gnome-gnome_imaging patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia patterns-gnome-gnome_office patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome - add gnome-packagekit recommends to gnome_basic pattern for SLE and Leap (bsc#1164858 and bsc#1081584) ==== perl-Mojolicious ==== Version update (8.37 -> 8.39) - updated to 8.39 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.39 2020-04-22 - Fixed a bug in Mojo::Server::Daemon where active connections could get the keep-alive timeout assigned instead of the inactivity timeout. - Fixed a race condition in Mojo::UserAgent where test servers would close connections prematurely. - updated to 8.38 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.38 2020-04-21 - Added run_p method to Mojo::IOLoop::Subprocess. (batman) ==== python-Beaker ==== - Fix build without Python 2 present. ==== python-kiwisolver ==== Version update (1.1.0 -> 1.2.0) - version update to 1.2.0 * setup.py: proper python version pinning and cut 1.2.0 release - python3 only, e. g. requires cppy, which is python3 only ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Include upstream patches targeted for the next stable release (bug fixes only) spapr-Fix-failure-path-for-attempting-to.patch target-i386-do-not-set-unsupported-VMX-s.patch target-xtensa-fix-pasto-in-pfwait.r-opco.patch tcg-i386-Fix-INDEX_op_dup2_vec.patch tcg-mips-mips-sync-encode-error.patch vhost-user-gpu-Release-memory-returned-b.patch vpc-Don-t-round-up-already-aligned-BAT-s.patch xen-block-Fix-double-qlist-remove-and-re.patch - Fix bug causing weak encryption in PAuth for ARM (CVE-2020-10702 bsc#1168681) target-arm-Fix-PAuth-sbox-functions.patch - Fix OOB in tulip NIC emulation (CVE-2020-11102 bsc#1168713 net-tulip-check-frame-size-and-r-w-data-.patch - Note that previously included patch addresses CVE-2020-1711 and bsc#1166240 iscsi-Cap-block-count-from-GET-LBA-STATU.patch - Include performance improvement (and related?) patch aio-wait-delegate-polling-of-main-AioCon.patch async-use-explicit-memory-barriers.patch - Rework previous patch at Olaf H.'s direction hw-i386-disable-smbus-migration-for-xenf.patch - Eliminate is_opensuse usage in producing seabios version string what we are doing here is just replacing the upstream string with one indicating that the openSUSE build service built it, and so just leave it as "-rebuilt.opensuse.org" - Alter algorithm used to produce "unique" symbol for coordinating qemu with the optional modules it may load. This is a reasonable relaxation for broader compatibility configure-remove-pkgversion-from-CONFIG_.patch - Tweak supported.*.txt for latest deprecations, and other fixes - Tweak update_git.sh, config.sh - One more fix is needed for: s390x Protected Virtualization support - start and control guest in secure mode (bsc#1167075 jsc#SLE-7407) s390x-s390-virtio-ccw-Fix-build-on-syste.patch - Include upstream patches targeted for the next stable release (bug fixes only) block-Avoid-memleak-on-qcow2-image-info-.patch block-bdrv_set_backing_bs-fix-use-after-.patch hmp-vnc-Fix-info-vnc-list-leak.patch migration-colo-fix-use-after-free-of-loc.patch migration-ram-fix-use-after-free-of-loca.patch ppc-ppc405_boards-Remove-unnecessary-NUL.patch qcow2-List-autoclear-bit-names-in-header.patch scsi-qemu-pr-helper-Fix-out-of-bounds-ac.patch sheepdog-Consistently-set-bdrv_has_zero_.patch - Note The previous set of s390x patches also includes the fix for: bsc#1167445 ==== qemu-linux-user ==== - Include upstream patches targeted for the next stable release (bug fixes only) spapr-Fix-failure-path-for-attempting-to.patch target-i386-do-not-set-unsupported-VMX-s.patch target-xtensa-fix-pasto-in-pfwait.r-opco.patch tcg-i386-Fix-INDEX_op_dup2_vec.patch tcg-mips-mips-sync-encode-error.patch vhost-user-gpu-Release-memory-returned-b.patch vpc-Don-t-round-up-already-aligned-BAT-s.patch xen-block-Fix-double-qlist-remove-and-re.patch - Fix bug causing weak encryption in PAuth for ARM (CVE-2020-10702 bsc#1168681) target-arm-Fix-PAuth-sbox-functions.patch - Fix OOB in tulip NIC emulation (CVE-2020-11102 bsc#1168713 net-tulip-check-frame-size-and-r-w-data-.patch - Note that previously included patch addresses CVE-2020-1711 and bsc#1166240 iscsi-Cap-block-count-from-GET-LBA-STATU.patch - Include performance improvement (and related?) patch aio-wait-delegate-polling-of-main-AioCon.patch async-use-explicit-memory-barriers.patch - Rework previous patch at Olaf H.'s direction hw-i386-disable-smbus-migration-for-xenf.patch - Eliminate is_opensuse usage in producing seabios version string what we are doing here is just replacing the upstream string with one indicating that the openSUSE build service built it, and so just leave it as "-rebuilt.opensuse.org" - Alter algorithm used to produce "unique" symbol for coordinating qemu with the optional modules it may load. This is a reasonable relaxation for broader compatibility configure-remove-pkgversion-from-CONFIG_.patch - Tweak supported.*.txt for latest deprecations, and other fixes - Tweak update_git.sh, config.sh - One more fix is needed for: s390x Protected Virtualization support - start and control guest in secure mode (bsc#1167075 jsc#SLE-7407) s390x-s390-virtio-ccw-Fix-build-on-syste.patch - Include upstream patches targeted for the next stable release (bug fixes only) block-Avoid-memleak-on-qcow2-image-info-.patch block-bdrv_set_backing_bs-fix-use-after-.patch hmp-vnc-Fix-info-vnc-list-leak.patch migration-colo-fix-use-after-free-of-loc.patch migration-ram-fix-use-after-free-of-loca.patch ppc-ppc405_boards-Remove-unnecessary-NUL.patch qcow2-List-autoclear-bit-names-in-header.patch scsi-qemu-pr-helper-Fix-out-of-bounds-ac.patch sheepdog-Consistently-set-bdrv_has_zero_.patch - Note The previous set of s390x patches also includes the fix for: bsc#1167445 ==== sudo ==== Version update (1.8.31p1 -> 1.9.0rc2) - build with enable-python to support python plugins - Update to 1.9.0rc2 * Fixed a test failure in the strsig_test regress test on FreeBSD. * Sudo now includes a logging daemon, sudo_logsrvd, which can be used to implement centralized logging of I/O logs. TLS connections are supported when sudo is configured with the --enable-openssl option. For more information, see the sudo_logsrvd, logsrvd.conf and sudo_logsrv.proto manuals as well as the log_servers setting in the sudoers manual. The --disable-log-server and --disable-log-client configure options can be used to disable building the I/O log server and/or remote I/O log support in the sudoers plugin. * The new sudo_sendlog utility can be used to test sudo_logsrvd or send existing sudo I/O logs to a centralized server. * It is now possible to write sudo plugins in Python 3 when sudo is configured with the --enable-python> option. See the sudo_plugin_python.man.html manual for details. Sudo 1.9.0 comes with several Python example plugins that get installed sudo's examples directory. The sudo blog article "What's new in sudo 1.9: Python" (https://blog.sudo.ws/posts/2020/01/whats-new-in-sudo-1.9-python/) includes a simple tutorial on writing python plugins. * Sudo now supports an "audit" plugin type. An audit plugin receives accept, reject, exit and error messages and can be used to implement custom logging that is independent of the underlying security policy. Multiple audit plugins may be specified in the sudo.conf file. A sample audit plugin is included that writes logs in JSON format. * Sudo now supports an "approval" plugin type. An approval plugin is run only after the main security policy (such as sudoers) accepts a command to be run. The approval policy may perform additional checks, potentially interacting with the user. Multiple approval plugins may be specified in the sudo.conf file. Only if all approval plugins succeed will the command be allowed. * Sudo's -S command line option now causes the sudo conversation function to write to the standard output or standard error instead of the terminal device. * It is now possible to use "Cmd_Alias" instead of "Cmnd_Alias" for people who find the former more natural. * The new "pam_ruser" and "pam_rhost" sudoers settings can be used to enable or disable setting the PAM remote user and/or host values during PAM session setup. * More than one SHA-2 digest may now be specified for a single command. Multiple digests must be separated by a comma. * It is now possible to specify a SHA-2 digest in conjunction with the "ALL" reserved word in a command specification. This allows one to give permission to run any command that matches the specified digest, regardless of its path. * Sudo and sudo_logsrvd now create an extended I/O log info file in JSON format that contains additional information about the command that was run, such as the host name. The sudoreplay utility uses this file in preference to the legacy log file. * The sudoreplay utility can now match on a host name in list mode. The list output also now includes the host name if one is present in the log file. * For "sudo -i", if the target user's home directory does not exist, sudo will now warn about the problem but run the command in the current working directory. Previously, this was a fatal error. Debian bug #598519. * The command line arguments in the SUDO_COMMAND environment variable are now truncated at 4096 characters. This avoids an "Argument list too long" error when executing a command with a large number of arguments. Debian bug #596631. * Sudo now properly ends the PAM transaction when the user authenticates successfully but sudoers denies the command. Debian bug #669687. * The sudoers grammar in the manual now indicates that "sudoedit" requires one or more arguments. Debian bug #571621. - Pack /usr/sbin/{sudo_logsrvd,sudo_sendlog} binaries and their manpages - Pack /usr/lib/sudo/sudo/{audit_json.so,sample_approval.so} plugins - Pack /etc/sudo.conf and /etc/sudo_logsrvd.conf configuration files - Run spec-cleaner ==== suse-module-tools ==== Version update (15.2.10 -> 15.3.2) - Update to version 15.3.2: * modprobe.conf.common: eliminate circular uas/usb-storage dependency (bsc#1168661) ==== tracker ==== Subpackages: libtracker-common-2_0 libtracker-control-2_0-0 libtracker-miner-2_0-0 libtracker-sparql-2_0-0 tracker-lang typelib-1_0-Tracker-2_0 typelib-1_0-TrackerControl-2_0 - Add tracker-Use-correct-signature.patch: tracker-store: Use correct signature for DBusSignalCallback. ==== wavpack ==== Version update (5.1.0+71.22977b2 -> 5.3.0) - Update to version 5.3.0 * Plenty of changes * Drop _service and switch to regular release ==== yast2-sound ==== Version update (4.2.2 -> 4.2.3) - jsc#SLE-11873 - dropped conditional build to unify SLE and OS builds - 4.2.3 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org