Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20201026 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (81.0.1 -> 82.0) MozillaThunderbird (78.3.3 -> 78.4.0) cups (2.3b6 -> 2.3.3) dhcp glib2 (2.64.6 -> 2.66.2) grub2 kernel-source (5.8.15 -> 5.9.1) libpwquality (1.4.2 -> 1.4.4) librsvg (2.48.8 -> 2.50.1) libwpe (1.6.0 -> 1.8.0) mariadb (10.4.14 -> 10.5.6) mtr open-vm-tools (11.1.5 -> 11.2.0) perl-List-MoreUtils (0.428 -> 0.430) perl-List-MoreUtils-XS (0.428 -> 0.430) perl-Mojolicious (8.62 -> 8.63) perl-URI (1.76 -> 5.05) qemu rubygem-mixlib-authentication (3.0.6 -> 3.0.7) rubygem-mixlib-cli (2.1.6 -> 2.1.8) rubygem-mixlib-config (3.0.6 -> 3.0.9) rubygem-mixlib-log (3.0.8 -> 3.0.9) tftp transactional-update (2.27 -> 2.28) wpebackend-fdo (1.6.1 -> 1.8.0) yast2-bootloader (4.3.12 -> 4.3.13) yast2-firewall (4.3.7 -> 4.3.8) yast2-storage-ng (4.3.15 -> 4.3.16) === Details === ==== MozillaFirefox ==== Version update (81.0.1 -> 82.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 82.0 * https://www.mozilla.org/en-US/firefox/82.0/releasenotes/ MFSA 2020-45 (bsc#1177872) * CVE-2020-15969 (bmo#1666570) Use-after-free in usersctp * CVE-2020-15254 (bmo#1668514) Undefined behavior in bounded channel of crossbeam rust crate * CVE-2020-15680 (bmo#1658881) Presence of external protocol handlers could be determined through image tags * CVE-2020-15681 (bmo#1666568) Multiple WASM threads may have overwritten each others' stub table entries * CVE-2020-15682 (bmo#1636654) The domain associated with the prompt to open an external protocol could be spoofed to display the incorrect origin * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760, bmo#1663439, bmo#1666140) Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 * CVE-2020-15684 (bmo#1653764, bmo#1661402, bmo#1662259, bmo#1664257) Memory safety bugs fixed in Firefox 82 - requires * NSPR 4.29 * NSS 3.57 ==== MozillaThunderbird ==== Version update (78.3.3 -> 78.4.0) Subpackages: MozillaThunderbird-translations-common - Mozilla Thunderbird 78.4.0 * MailExtensions: browser.tabs.sendMessage API added * MailExtensions: messageDisplayScripts API added * Yahoo and AOL mail users using password authentication will be migrated to OAuth2 * MailExtensions: messageDisplay APIs extended to support multiple selected messages * MailExtensions: compose.begin functions now support creating a message with attachments * multiple bugfixes MFSA 2020-47 (bsc#1177872) * CVE-2020-15969 (bmo#1666570) Use-after-free in usersctp * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760, bmo#1663439, bmo#1666140) Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 ==== cups ==== Version update (2.3b6 -> 2.3.3) Subpackages: cups-client cups-config libcups2 libcups2-32bit libcupsimage2 - Version upgrade to 2.3.3: - CVE-2020-3898: The `ppdOpen` function did not handle invalid UI constraint. `ppdcSource::get_resolution` function did not handle invalid resolution strings. - CVE-2019-8842: The `ippReadIO` function may under-read an extension field. - Fixed WARNING_OPTIONS support for GCC 9.x Changes in CUPS 2.3.2: Localization updates Changes in CUPS 2.3.1: - CVE-2019-2228: The `ippSetValuetag` function did not validate the default language value. - Fixed a crash bug in the web interface. - The PPD cache code now looks up page sizes using their dimensions. - PPD files containing "custom" option keywords did not work. - Added a workaround for the scheduler's systemd support. - Added a DigestOptions directive for the `client.conf` file to control whether MD5-based Digest authentication is allowed. - Fixed a bug in the handling of printer resource files. - The libusb-based USB backend now reports an error when the distribution permissions are wrong. - Added paint can labels to Dymo driver. - The `ippeveprinter` program now supports authentication. - The `ippeveprinter` program now advertises DNS-SD services on the correct interfaces, and provides a way to turn them off. - The `--with-dbusdir` option was ignored by the configure script. - Sandboxed applications were not able to get the default printer. - Log file access controls were not preserved by `cupsctl`. - Default printers set with `lpoptions` did not work in all cases. - Fixed an error in the jobs web interface template. - Fixed an off-by-one error in `ippEnumString`. - Fixed some new compiler warnings. - Fixed a few issues with the Apple Raster support. - The IPP backend did not detect all cases where a job should be retried using a raster format. - Fixed spelling of "fold-accordion". - Fixed the default common name for TLS certificates used by `ippeveprinter`. - Fixed the option names used for IPP Everywhere finishing options. - Added support for the second roll of the DYMO Twin/DUO label printers. Changes in CUPS v2.3.0: - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows. - Added a GPL2/LGPL2 exception to the new CUPS license terms. - Fixed a bug in the scheduler job cleanup code. - Fixed builds when there is no TLS library. - "make" failed with GZIP options. - Fixed potential excess logging from the scheduler when removing job files. - Fixed a NULL pointer dereference bug in `httpGetSubField2`. - Added FIPS-140 workarounds for GNU TLS. - The scheduler no longer provides a default value for the description. - The scheduler now logs jobs held for authentication using the error level so it is clear what happened. - The `lpadmin` command did not always update the PPD file for changes to the `cupsIPPSupplies` and `cupsSNMPSupplies` keywords. - The scheduler now uses both the group's membership list as well as the various OS-specific membership functions to determine whether a user belongs to a named group. - Added USB quirks rule for HP LaserJet 1015. - Fixed some PPD parser issues. - The IPP parser no longer allows invalid member attributes in collections. - The configure script now treats the "wheel" group as a potential system group. - Fixed IPP buffer overflow. - Fixed memory disclosure issue in the scheduler. - Fixed DoS issues in the scheduler. - Fixed an issue with unsupported "sides" values in the IPP backend. - The scheduler would restart continuously when idle and printers were not shared. - Fixed an issue with `EXPECT !name WITH-VALUE ...` tests. - Fixed a command ordering issue in the Zebra ZPL driver. - Fixed a memory leak in `ppdOpen`. Changes in CUPS v2.3rc1: - The `cups-config` script no longer adds extra libraries when linking against shared libraries. - The supplied example print documents have been optimized for size. - The `cupsctl` command now prevents setting "cups-files.conf" directives. - The "forbidden" message in the web interface is now explained. - The footer in the web interface covered some content on small displays. - The libusb-based USB backend now enforces read limits, improving print speed in many cases. - The `ippeveprinter` command now looks for print commands in the "command" subdirectory. - The `ipptool` command now supports `$date-current` and `$date-start` variables to insert the current and starting date and time values, as well as ISO-8601 relative time values such as "PT30S" for 30 seconds in the future. Changes in CUPS v2.3b8 - Media size matching now uses a tolerance of 0.5mm. - The lpadmin command would hang with a bad PPD file. - Fixed a potential crash bug in cups-driverd. - Fixed a performance regression with large PPDs. - Fixed a memory reallocation bug in HTTP header value expansion. - Timed out job submission now yields an error. - Restored minimal support for the `Emulators` keyword in PPD files to allow old Samsung printer drivers to continue to work. - The scheduler did not encode octetString values like "job-password" correctly for the print filters. - The `cupsCheckDestSupported` function did not check octetString values correctly. - Added support for `UserAgentTokens` directive in "client.conf". - Updated the systemd service file for cupsd. - The `ippValidateAttribute` function did not catch all instances of invalid UTF-8 strings. - Fixed an issue with the self-signed certificates generated by GNU TLS. - Fixed a potential memory leak when reading at the end of a file. - Fixed potential unaligned accesses in the string pool. - Fixed a potential memory leak when loading a PPD file. - Added a USB quirks rule for the Lexmark E120n. - Updated the USB quirks rule for Zebra label printers. - The lpadmin command, web interface, and scheduler all queried an IPP Everywhere printer differently, resulting in different PPDs for the same printer. - The web interface no longer provides access to the log files. - Non-Kerberized printing to Windows via IPP was broken. - The scheduler no longer stops a printer if an error occurs when a job is canceled or aborted. - Added a USB quirks rule for the DYMO 450 Turbo. - Added a USB quirks rule for Xerox printers. - The scheduler's self-signed certificate did not include all of the alternate names for the server when using GNU TLS. - Fixed some PPD caching and IPP Everywhere PPD accounting/password bugs. - Fixed `PreserveJobHistory` bug with time values. - The scheduler no longer advertises the HTTP methods it supports. - The scheduler did not always idle exit as quickly as it could. - Added a new `ippeveprinter` command based on the old ippserver sample code. Changes in CUPS v2.3b7 - Running ppdmerge with the same input and output filenames did not work as advertised. - Rebase let-cupsd-start-after-network.patch and cups-config-libs.patch. - Drop issue5509-fix-utf-8-validation-issue.patch and issue5453.patch: fixed upstream. ==== dhcp ==== Subpackages: dhcp-client dhcp-doc dhcp-relay dhcp-server - Complete the /var/run -> /run migration by renaming /var/lib/dhcp/var/run accordingly (boo#1177951). ==== glib2 ==== Version update (2.64.6 -> 2.66.2) Subpackages: glib2-lang glib2-tools libgio-2_0-0 libgio-2_0-0-32bit libglib-2_0-0 libglib-2_0-0-32bit libgmodule-2_0-0 libgmodule-2_0-0-32bit libgobject-2_0-0 libgobject-2_0-0-32bit libgthread-2_0-0 libgthread-2_0-0-32bit - Enable building of documentation: + Toggle gtk_doc from bcond_with to bcond_without. + Use sed to replace gtk-doc version in docs/reference/meson.build with 1.32. - Update to version 2.66.2: + Important and time-critical fix to DST transitions which will happen in Europe on 2020-10-25 on distributions which use the ?slim? tzdata format (which is now the default in tzdata/tzcode 2020b). + Further timezone handling changes to restore support for changing the timezone when `/etc/localtime/` changes. + Fix deadlock on Windows when `G_SLICE` is set in the environment. + Fix UTF-8 validation when escaping URI components. + Updated translations. - Update to version 2.66.1: + A performance problem where timezones were reloaded from disk every time a `GTimeZone` was created has been fixed, but this means that changes to `/etc/localtime` will not take effect until a process restarts; future changes in a subsequent 2.66.x release will improve this. + Security fix for incorrect scope/zone ID parsing in URIs. + Updated translations. - Update to version 2.66.0: + * Bugs fixed: - Missing tab in makefile rule. - guri: Fix user passed to g_uri_split_with_user() not being NULL'd. + Updated translations. - Update to version 2.65.3: + Fixes to the new `statx()` calls ? note that since GLib 2.65.2 uses `statx()` (if available) instead of `stat()`/`fstat()`/`lstat()`/`fstatat()`, syscall sandboxing for third party applications might need to be updated. + Updated translations. - Update to version 2.65.2: + Support `statx()` and `G_FILE_ATTRIBUTE_TIME_CREATED`. + Fix deadlock in `g_subprocess_communicate_async()`. + Add `%f`/microsecond placeholder support to `g_date_time_format()`. - Changes from version 2.65.1: + Add `GUri` API for parsing, building and representing URIs according to [RFC 3986](https://tools.ietf.org/html/rfc3986). + Fix handling of xattr data with embedded nuls. + Add `g_file_set_contents_full()` which gives more control over fsyncs. + Add a `x-gvfs-notrash` option to disable trash on certain mounts. + Support ?slim? TZif files generated with `zic -b slim`. + Support emitting profiling marks from `GMainContext` to sysprof capture files. + Accept IPv6 zone IDs in `g_hostname_is_ip_address()`. + Updated translations. - Rebase glib2-gdbus-codegen-version.patch. - Build without gtk-doc: it would require a not yet released version of gtk-doc. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Fix grub2-install error with "failed to get canonical path of `/boot/grub2/i386-pc'." (bsc#1177957) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch - Fix https boot interrupted by unrecognised network address error message (bsc#1172952) * 0001-add-support-for-UEFI-network-protocols.patch - grub2.spec: Fix bare words used as string in expression which is no longer allowed in rpm 4.16 - Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062) * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch ==== kernel-source ==== Version update (5.8.15 -> 5.9.1) Subpackages: kernel-default kernel-docs - vt_ioctl: fix GIO_UNIMAP regression (5.9 GIO_UNIMAP regression). - commit 15946ea - kernel-binary.spec.in: pack scripts/module.lds into kernel-$flavor-devel Since mainline commit 596b0474d3d9 ("kbuild: preprocess module linker script") in 5.10-rc1, scripts/module.lds linker script is needed to build out of tree modules. Add it into kernel-$flavor-devel subpackage. - commit fe37c16 - drm/amd/display: Don't invoke kgdb_breakpoint() unconditionally (bsc#1177973). - drm/amd/display: Fix kernel panic by dal_gpio_open() error (bsc#1177973). - commit 3f21462 - series.conf: cleanup - move to "almost mainline" section: patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch - commit 8e0635b - Refresh patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch. Update upstream status. - commit 7b40cc9 - Linux 5.9.1 (bsc#1012628). - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (bsc#1012628). - media: usbtv: Fix refcounting mixup (bsc#1012628). - USB: serial: option: add Cellient MPL200 card (bsc#1012628). - USB: serial: option: Add Telit FT980-KS composition (bsc#1012628). - staging: comedi: check validity of wMaxPacketSize of usb endpoints found (bsc#1012628). - USB: serial: pl2303: add device-id for HP GC device (bsc#1012628). - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (bsc#1012628). - vt_ioctl: make VT_RESIZEX behave like VT_RESIZE (bsc#1012628). - reiserfs: Initialize inode keys properly (bsc#1012628). - reiserfs: Fix oops during mount (bsc#1012628). - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" (bsc#1012628). - crypto: bcm - Verify GCM/CCM key length in setkey (bsc#1012628). - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (bsc#1012628). - commit b7f511b - update patches metadata - update upstream references: patches.suse/Bluetooth-A2MP-Fix-not-initializing-all-members.patch patches.suse/Bluetooth-L2CAP-Fix-calling-sk_filter-on-non-socket-.patch - commit b1f22f7 ==== libpwquality ==== Version update (1.4.2 -> 1.4.4) Subpackages: libpwquality-lang libpwquality1 libpwquality1-32bit pam_pwquality pam_pwquality-32bit - update to 1.4.4 * e11f2bd Fix regression with enabling cracklib check * 02e6728 Use make macros in rpm spec file * xxxxxxx Translated using Weblate (Polish, Turkish, Ukrainian) - update to 1.4.3 * 1213d33 Update translation files * a951fbe Add --disable-cracklib-check configure parameter * 6a8845b fixup static compilation * 92c6066 python: Add missing getters/setters for newly added settings * bfef79d Add usersubstr check * 09a2e65 pam_pwquality: Add debug message for the local_users_only option * a6f7705 Fix some gcc warnings * 8c8a260 pwmake: Properly validate the bits parameter. * 7be4797 we use Fedora Weblate now * xxxxxxx Translated using Weblate (Azerbaijani, Bulgarian, Chinese (Simplified), Czech, French, Friulian, Hungarian, Italian, Japanese, Norwegian Bokmål, Persian, Russian, Spanish, Turkish) ==== librsvg ==== Version update (2.48.8 -> 2.50.1) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 librsvg-lang rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.50.1: + SVG2: Support a chain of uri() filters in the "filter" property. + Support CSS selectors for attribute matching, like rect[attr^="prefix"]. + Fixed the geometry_for_layer() APIs to not ignore the passed viewport. + Fixed CSS "import" so it allows only files from the same base directory. + The pkg-config files (*.pc) do not define the 'svgz_supported' and 'css_supported' variables anymore. These variables were hardcoded to 'true' and unchanged since 2011. + The source repository no longer produces a librsvg-uninstalled.pc file. - Update to version 2.50.0: + Librsvg now consumes much less memory for large SVG files. + The 'font' shorthand in is now supported in CSS. Librsvg ignores the 'line-height' sub-property because it cannot be done easily with Pango, but everything else in 'font' should work now. + Many new features from SVG2: - radialGradient now supports the "fr" property from SVG2. - Support href attribute in addition to xlink:href per SVG2. - Ignore missing filter references per SVG2. - Support the mix-blend-mode property from SVG2 and the Compositing and Blending Level 1 specification, so layers can be composited with operators like multiply/screen/color-burn. - Support the paint-order property from SVG2, so one can pick the order in which a path's fill/stroke/markers are drawn. + Updated translations. ==== libwpe ==== Version update (1.6.0 -> 1.8.0) - Update to version 1.8.0: + New build configuration system based on Meson. The existing CMake-based system is still maintained, and both produce the same outputs. + Hidden visibility is now used by default for symbols, and only those belonging to the public API are exported. - Switch to meson. ==== mariadb ==== Version update (10.4.14 -> 10.5.6) Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - update to 10.5.6 * release notes and changelog https://mariadb.com/kb/en/mariadb-1056-release-notes https://mariadb.com/kb/en/mariadb-1056-changelog - refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch - drop mariadb-10.5-fix-prevent-optimizing-out-buf-argument-in-ch.patch - mariadb now builds against pcre2 - added binaries aria_s3_copy and mariadb-conv to tools subpackage - added type_test.type_test_double to list of skipped tests ==== mtr ==== - Stop requiring group-membership in 'dialout' group to run mtr. Only run chkstat for the mtr-packet binary in %post and %pre since it's the only file that's supposed to be installed with capabilities (depending on security profile). ==== open-vm-tools ==== Version update (11.1.5 -> 11.2.0) Subpackages: libvmtools0 open-vm-tools-desktop - Update to 11.2.0 (build 16938113) (boo#1177987) + Fixed memory leak occurs in disk device mapping information for IDE, SATA or SAS (LSI Logic SAS) disks configured in the guest. + The following issues and pull requests reported on https://github.com/vmware/open-vm-tools have been addressed: https://github.com/vmware/open-vm-tools/issues/429 https://github.com/vmware/open-vm-tools/pull/431 https://github.com/vmware/open-vm-tools/pull/432 https://github.com/vmware/open-vm-tools/issues/452 + A number of Coverity reported errors and false positives have been addressed. + A complete list of the granular changes that are in the open-vm-tools 11.2.0 release is available at: https://github.com/vmware/open-vm-tools/blob/stable-11.2.0/open-vm-tools/Cha... - Update pam-vmtoolsd.patch (boo#1177987): removed the pam_securetty.so line from the new suse file. Modified the Makefile.am to copy the suse file to the /etc/pam.d/vmtoolsd file rather than the default generic file. ==== perl-List-MoreUtils ==== Version update (0.428 -> 0.430) - updated to 0.430 see /usr/share/doc/packages/perl-List-MoreUtils/Changes 0.430 2020-10-21 - bump List::MoreUtils::XS requirement to 0.430 - release 0.429_001 without any further changes 0.429_001 2020-10-05 - fix failing installation in parallel make (Issue#38) - infrastructure improvements and tooling updates, lot's of author tests with according fixes added - added slide and slideatatime functions wished by SCHWERN - documentation fixes (PR#21, PR#33, PR#34, RT#126029, RT#132043, RT#132940) ==== perl-List-MoreUtils-XS ==== Version update (0.428 -> 0.430) - updated to 0.430 see /usr/share/doc/packages/perl-List-MoreUtils-XS/Changes 0.430 2020-10-21 - re-release 0.429_002 without further changes 0.429_002 2020-10-05 - fix parts of RT#132043: listcmp misbehave in XS implementation (thanks to Henrik Pauli for reporting) 0.429_001 2020-10-02 - fix parts of RT#123989: more $a/$b/$_ refcounting bugs since some bugs are simply reported wrong, dealing with them breaks more (including running code) than it solves. Way to heavy to feel better ... - introduce functions slide and slideatatime (wished by SCHWERN) - toolchain fixes - fix RT#133128 - LANG=nb_NO.utf8 related str tests fails (thanks, SJN for reporting and provide a reasonable fix) - fix issue#7 (Typo), thanks AMBS for reporting ==== perl-Mojolicious ==== Version update (8.62 -> 8.63) - updated to 8.63 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.63 2020-10-11 - Improved Mojo::IOLoop::Subprocess to ensure a clean exit even if something unexpected happens in the forked process. ==== perl-URI ==== Version update (1.76 -> 5.05) - updated to 5.05 see /usr/share/doc/packages/perl-URI/Changes 5.05 2020-10-21 13:00:44Z - Bump all versions to 5.05 in order to remove various version mismatches. (GH #77) (Olaf Alders) - Add a simple test case for an ipv6 host (GH#66) (Olaf Alders) ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-guest-agent qemu-hw-display-qxl qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Note: As part of the "Close the Leap Gap" effort, it's been decided that our SDL2 support in qemu is not worth trying to maintain. Long ago SLE qemu stopped including SDL2 support and now we will do the same for the openSUSE releases going forward. Accordingly SDL2 options are now configured out, and the two sub- packages which are SDL2 specific, namely qemu-audio-sdl and qemu-ui-sdl, are no longer generated, and due to the rpm package conflicts used for those packages, they will be uninstalled from systems as qemu updates move forward - Drop e2fsprogs-devel and libpcap-devel as BuildRequires packages. They have not actually been needed to build qemu for a very long time - Add more forsplits files ==== rubygem-mixlib-authentication ==== Version update (3.0.6 -> 3.0.7) updated to version 3.0.7 no changelog found ==== rubygem-mixlib-cli ==== Version update (2.1.6 -> 2.1.8) updated to version 2.1.8 no changelog found ==== rubygem-mixlib-config ==== Version update (3.0.6 -> 3.0.9) updated to version 3.0.9 no changelog found ==== rubygem-mixlib-log ==== Version update (3.0.8 -> 3.0.9) updated to version 3.0.9 no changelog found ==== tftp ==== - Do not suppress errors from useradd. - Replace some old specfile constructs. To that end, patches were refreshed: tftp-hpa-0.43_include_sys_params.patch, tftp-hpa-0.46_colon_check.patch, tftp-hpa-0.48-macros-crash.patch, tftp-hpa-0.48-macros-v6mapped.patch. ==== transactional-update ==== Version update (2.27 -> 2.28) Subpackages: transactional-update-zypp-config - Version 2.28 - Add 'setup-selinux' command for easy setup of a SELinux system - Allow complex commands for the 'run' command - SELinux: Fix /etc / overlay labeling ==== wpebackend-fdo ==== Version update (1.6.1 -> 1.8.0) - Update to version 1.8.0: + Added new API for the audio rendering protocol, which allows embedders to receive audio samples instead of letting WPE WebKit handle their playback. + Added support to export frames using EGLStreams, which can be used e.g. with Nvidia GPUs. + New build configuration system based on Meson. The existing CMake-based system is still maintained, and both produce the same outputs. + Use libepoxy for EGL operations. - Switch to meson. - Add epoxy to BuildRequires: new dependency. ==== yast2-bootloader ==== Version update (4.3.12 -> 4.3.13) - "write proper value for NVRAM for UEFI (bsc#1157550)" - fix failing test on s390 (bsc#1177986) - 4.3.13 ==== yast2-firewall ==== Version update (4.3.7 -> 4.3.8) - Do not warn user about ssh key only authentication when ssh port is closed, but firewall is disabled. (bsc#1177953) - 4.3.8 ==== yast2-storage-ng ==== Version update (4.3.15 -> 4.3.16) - Added $LIBSTORAGE_IGNORE_PROBE_ERRORS environment variable to ignore storage probing errors (bsc#1177332) - 4.3.16