Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20181029 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 389-ds (1.4.0.3 -> 1.4.0.18) PackageKit alsa (1.1.6 -> 1.1.7) alsa-plugins (1.1.6 -> 1.1.7) alsa-utils (1.1.6 -> 1.1.7) amavisd-new (2.11.0 -> 2.11.1) apache2 (2.4.35 -> 2.4.37) bluedevil5 (5.14.1 -> 5.14.2) breeze (5.14.1 -> 5.14.2) breeze-gtk (5.14.1 -> 5.14.2) breeze4-style (5.14.1 -> 5.14.2) bubblewrap (0.3.0 -> 0.3.1) chrony (3.3 -> 3.4) discount (2.2.3a -> 2.2.4) discover (5.14.1 -> 5.14.2) dracut drbd (9.0.15+git.c46d2790 -> 9.0.16+git.ab9777df) drkonqi5 (5.14.1 -> 5.14.2) epiphany (3.30.1 -> 3.30.2) exiv2 file (5.33 -> 5.35) flatpak (1.0.0 -> 1.0.3) gjs (1.54.1 -> 1.54.2) gnome-games (3.30.1 -> 3.30.2) gnome-shell (3.30.0 -> 3.30.1) gnutls (3.6.3 -> 3.6.4) grilo-plugins ibus-libzhuyin (1.8.0 -> 1.8.92) iio-sensor-proxy (2.4 -> 2.5) installation-images-Kubic (14.385 -> 14.387) inxi (3.0.26 -> 3.0.27) java-11-openjdk (11.0.0.0 -> 11.0.1.0) jhead kactivitymanagerd (5.14.1 -> 5.14.2) kcm_sddm (5.14.1 -> 5.14.2) kde-cli-tools5 (5.14.1 -> 5.14.2) kde-gtk-config5 (5.14.1 -> 5.14.2) kde-user-manager (5.14.1 -> 5.14.2) kdeconnect-kde (1.3.1 -> 1.3.2) kdevelop5 kgamma5 (5.14.1 -> 5.14.2) khotkeys5 (5.14.1 -> 5.14.2) kinfocenter5 (5.14.1 -> 5.14.2) kmenuedit5 (5.14.1 -> 5.14.2) krb5 (1.15.3 -> 1.16.1) kscreen5 (5.14.1 -> 5.14.2) kscreenlocker (5.14.1 -> 5.14.2) ksshaskpass5 (5.14.1 -> 5.14.2) ksysguard5 (5.14.1 -> 5.14.2) kwayland-integration (5.14.1 -> 5.14.2) kwin5 (5.14.1 -> 5.14.2) ldmtool libHX (3.23 -> 3.24) libdrm (2.4.95 -> 2.4.96) libepoxy (1.5.0 -> 1.5.3) libfm (1.2.5 -> 1.3.0.2) libfm-extra (1.2.5 -> 1.3.0.2) libkdecoration2 (5.14.1 -> 5.14.2) libkscreen2 (5.14.1 -> 5.14.2) libksysguard5 (5.14.1 -> 5.14.2) libnumbertext (1.0.2 -> 1.0.5) libssh (0.8.3 -> 0.8.4) lxtask (0.1.7 -> 0.1.8) lz4 (1.8.2 -> 1.8.3) messagelib milou5 (5.14.1 -> 5.14.2) mozilla-nspr (4.19 -> 4.20) mozilla-nss (3.38 -> 3.39) nautilus (3.30.1 -> 3.30.2) net-snmp (5.7.3 -> 5.8) nodejs10 (10.9.0 -> 10.12.0) open-iscsi openssh (7.7p1 -> 7.8p1) opus (1.2.1 -> 1.3) oxygen5 (5.14.1 -> 5.14.2) pcmanfm (1.2.5 -> 1.3.0) pcsc-lite (1.8.23 -> 1.8.24) plasma-browser-integration (5.14.1 -> 5.14.2) plasma-nm5 (5.14.1 -> 5.14.2) plasma5-addons (5.14.1 -> 5.14.2) plasma5-desktop (5.14.1 -> 5.14.2) plasma5-integration (5.14.1 -> 5.14.2) plasma5-openSUSE plasma5-pa (5.14.1 -> 5.14.2) plasma5-workspace (5.14.1 -> 5.14.2) plymouth (0.9.3+git20180827.0a66272 -> 0.9.3+git20181016.a588b3f) polkit-kde-agent-5 (5.14.1 -> 5.14.2) powerdevil5 (5.14.1 -> 5.14.2) purple-carbons (0.2.0 -> 0.2.1) python-cffi python-kiwi (9.16.18 -> 9.16.27) python-matplotlib (3.0.0 -> 3.0.1) python-pycryptodome qqc2-desktop-style (5.50.0 -> 5.51.0) re2 (20180901 -> 20181001) remmina (1.2.31.4 -> 1.2.32) rpm (4.14.1 -> 4.14.2.1) rubygem-bundler (1.16.3 -> 1.16.6) rubygem-commander (4.4.5 -> 4.4.6) rubygem-devise (4.4.3 -> 4.5.0) rubygem-fluentd (1.2.3 -> 1.2.5) rubygem-grape (1.0.3 -> 1.1.0) rubygem-hashie (3.5.7 -> 3.6.0) squid systemd systemsettings5 (5.14.1 -> 5.14.2) thunar (1.8.1 -> 1.8.2) tiff timezone (2018e -> 2018g) timezone-java (2018e -> 2018g) tomcat (9.0.10 -> 9.0.12) transactional-update (2.6 -> 2.10) transmission tumbler (0.2.1 -> 0.2.3) vim (8.1.0451 -> 8.1.0479) virt-manager webkit2gtk3 wpa_supplicant xdg-desktop-portal-kde (5.14.1 -> 5.14.2) xf86-input-libinput (0.28.0 -> 0.28.1) xf86-video-nouveau xfce4-panel-plugin-battery (1.1.0 -> 1.1.1) xfce4-panel-plugin-cpufreq (1.2.0 -> 1.2.1) xfce4-panel-plugin-weather (0.8.10 -> 0.9.0) xfce4-panel-plugin-whiskermenu (2.2.1 -> 2.3.0) xfce4-session === Details === ==== 389-ds ==== Version update (1.4.0.3 -> 1.4.0.18) - disable building lib389 by default to circumvent unresolvables - remove fscaps until the audit bug is done - fix one type pkg_name vs pkgname in the post scriptlets - prepare rust support - enable lib389 by default now - use the same hack for svrcore-devel as the redhat package: claim to be version 4.1.4 and obsolete olders. the pkg-config file will report the new version though. - update to 1.4.0.18 - Ticket 49968 - Confusing CRITICAL message: list_candidates - NULL idl was recieved from filter_candidates_ext - Ticket 49946 - upgrade of 389-ds-base could remove replication agreements. - Ticket 49969 - DOS caused by malformed search operation (part2) - changes from 1.4.0.17 - Ticket 49969 - DOS caused by malformed search operation (security fix); CVE-2018-14648 [bsc#1109609] - Ticket 49943 - rfc3673_all_oper_attrs_test is not strict enough - Ticket 49915 - Master ns-slapd had 100% CPU usage after starting replication and replication cannot finish - Ticket 49963 - ASAN build fails on F28 - Ticket 49947 - Coverity Fixes - Ticket 49958 - extended search fail to match entries - Ticket 49928 - WebUI schema functionality and improve CLI part - Ticket 49954 - On s390x arch retrieved DB page size is stored as size_t rather than uint32_t - Ticket 49928 - Refactor and improve schema CLI/lib389 part to DSLdapObject - Ticket 49926 - Fix replication tests on 1.3.x - Ticket 49926 - Add replication functionality to dsconf - Ticket 49887 - Clean up thread local usage - Ticket 49937 - Log buffer exceeded emergency logging msg is not thread-safe (security fix) CVE-2018-14624 [bsc#1106699] - Ticket 49866 - fix typo in cos template in pwpolicy subtree create - Ticket 49930 - Correction of the existing fixture function names to remove test_ prefix - Ticket 49932 - Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly CVE-2018-14638 [bsc#1108674] - Ticket 48053 - Add attribute encryption test cases - Ticket 49866 - Refactor PwPolicy lib389/CLI module - Ticket 49877 - Add log level functionality to UI - changes from 1.4.0.16 - Revert ?Ticket 49372 - filter optimisation improvements for common queries? - Revert ?Ticket 49432 - filter optimise crash? - Ticket 49887 - Fix SASL map creation when ?disable-perl - Ticket 49858 - Add backup/restore and import/export functionality to WebUI/CLI - changes from 1.4.0.15 - Ticket 49029 - Internal logging thread data needs to allocate int pointers - Ticket 48061 - CI test - config - Ticket 48377 - Only ship libjemalloc.so.2 - Ticket 49885 - On some platform fips does not exist - changes from 1.4.0.14 - Ticket 49891 - Use ?__python3? macro for python scripts - Ticket 49890 - SECURITY FIX - ldapsearch with server side sort crashes the ldap server CVE-2018-10935 [bsc#1105606] - Ticket 49029 - RFE -improve internal operations logging - Ticket 49893 - disable nunc-stans by default - Ticket 48377 - Update file name for LD_PRELOAD - Ticket 49884 - Improve nunc-stans test to detect socket errors sooner - Ticket 49888 - Use perl filter in rpm specfile - Ticket 49866 - Add password policy features to CLI/UI - Ticket 49881 - Missing check for crack.h - Ticket 48056 - Add more test cases to the basic suite - Ticket 49761 - Fix replication test suite issues - Ticket 49381 - Refactor the plugin test suite docstrings - Ticket 49837 - Add new password policy attributes to UI - Ticket 49794 - RFE - Add pam_pwquality features to password syntax checking - Ticket 49867 - Fix CLI tools? double output - changes from 1.4.0.13 - Ticket 49854 - ns-slapd should create run_dir and lock_dir directories at startup - Ticket 49806 - Add SASL functionality to CLI/UI - Ticket 49789 - backout originali security fix from 1.4.0.12 as it caused a regression in FreeIPA - Ticket 49857 - RPM scriptlet for 389-ds-base-legacy-tools throws an error - changes from 1.4.0.12 - Ticket 49813 - Revised interactive installer - Ticket 49789 - By default, do not manage unhashed password (Security Fix) CVE-2018-10871 [bsc#1099564] - Ticket 49844 - lib389: don?t set up logging at module scope - Ticket 49546 - Fix issues with MIB file - Ticket 49840 - ds-replcheck command returns traceback errors against ldif files having garbage content when run in offline mode - Ticket 49640 - Cleanup plugin bootstrap logging - Ticket 49835 - lib389: fix logging - Ticket 48818 - For a replica bindDNGroup, should be fetched the first time it is used not when the replica is started - Ticket 49780 - acl_copyEval_context double free - Ticket 49830 - Import fails if backend name is ?default? - Ticket 49832 - remove tcmalloc references - Ticket 49813 - dscreate - add interactive installer - Ticket 49808 - Add option to add backend to dscreate - Ticket 49811 - lib389 setup.py should install autogenerated man pages - Ticket 49795 - UI - add ?action? backend funtionality - Ticket 49588 - Add py3 support for tickets : part-3 - Ticket 49820 - lib389 requires wrong python ldap library - Ticket 49791 - Update docker file for new dscreate options - Ticket 49761 - Fix more CI test issues - Ticket 49811 - Update man pages - Ticket 49783 - UI - add server configuration backend - Ticket 49717 - Add conftest.py for tests - Ticket 49588 - Add py3 support for tickets - Ticket 49793 - Updated descriptions in dscreate example INF file - Ticket 49471 - Rename dscreate options - Ticket 49751 - passwordMustChange attribute is not honored by a RO consumer if using ?Chain on Update? - Ticket 49734 - Fix various issues with Disk Monitoring - changes from 1.4.0.11 - Ticket 49788 - Add test for ticket #49788 - Ticket 49788 - Fixing 4-byte UTF-8 character validation - Ticket 49777 - add config subcommand to dsconf - Ticket 49712 - lib389 CLI tools should return a result code on failures - Ticket 49588 - Add py3 support for tickets : part-2 - Remove old RHEL/fedora version checking from upstream specfile - Ticket 48204 - remove python2 from scripts - Ticket 49576 - ds-replcheck: fix certificate directory verification - Bug 1591761 - 389-ds-base: Remove jemalloc exports - changes from 1.4.0.10 - Ticket 49640 - Errors about PBKDF2 password storage plugin at server startup - Ticket 49571 - perl subpackage and python installer by default - Ticket 49740 - UI - Replication monitor color coding is not colorblind friendly - Ticket 49741 - UI - View/Edit replication agreement hangs WebUI - Ticket 49703 - UI - Set default values in create instance form - Ticket 49742 - Fine grained password policy can impact search performance - Ticket 49768 - Under network intensive load persistent search can erronously decrease connection refcnt(Security Fix) CVE-2018-10850 [bsc#1096368] - Ticket 49765 - compiler warning - Ticket 49689 - Cockpit subpackage does not build in PREFIX installations - Ticket 49765 - Async operations can hang when the server is running nunc-stans - Ticket 49745 - UI add filter options for error log severity levels - Ticket 49761 - Fix test suite issues - Ticket 49754 - instances created with dscreate can not be upgraded with setup-ds.pl - Ticket 47902 - UI - add continuous refresh log feature - Ticket 49381 - Add docstrings to plugin test suites - Part 1 - Ticket 49646 - Improve TLS cert processing in lib389 CLI - Ticket 49748 - Passthru plugin startTLS option not working - Ticket 49732 - Optimize resource limit checking for rootdn issued searches - Ticket 48377 - Bundle jemalloc - Ticket 49736 - Hardening of active connection list - Ticket 48184 - clean up and delete connections at shutdown (3rd) - Ticket 49675 - Revise coverity fix - Ticket 49333 - Do not remove versioned man pages - Ticket 49683 - Add support for JSON option in lib389 CLI tools - Ticket 49704 - Error log from the installer is concatenating all lines into one - Ticket 49726 - DS only accepts RSA and Fortezza cipher families - Ticket 49722 - Errors log full of ? WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set? messages - Ticket 49582 - Add py3 support to memberof_plugin test suite - Ticket 49675 - Fix coverity issues - Ticket 49576 - Add support of ?;deletedattribute? in ds-replcheck - Ticket 49706 - Finish UI patternfly convertions - Ticket 49684 - AC_PROG_CC clobbers CFLAGS set by ?enable-debug - Ticket 49678 - organiSational vs organiZational spelling in lib389 - Ticket 49689 - Fix local ?make install? after adding cockpit subpackage - Ticket 49689 - Move Cockpit UI plugin to a subpackage - Ticket 49679 - Missing nunc-stans documentation and doxygen warnings - Ticket 49588 - Add py3 support for tickets : part-1 - Ticket 49576 - Update ds-replcheck for new conflict entries - Ticket 48184 - clean up and delete connections at shutdown (2nd try) - Ticket 49698 - Remove unneeded patternfly files from Cockpit package - Ticket 49581 - Fix dynamic plugins test suite - Ticket 49665 - remove obsoleted upgrade scripts - Ticket 49693 - A DB_DEADLOCK while adding a tombstone (RUV) leads to access of an already freed entry - Ticket 49696 - replicated operations should be serialized - Ticket 49669 - Invalid cachemem size can crash the server during a restore - Ticket 49684 - AC_PROG_CC clobbers CFLAGS set by ?enable-debug - Ticket 49685 - make clean fails if cargo is not installed - Ticket 49106 - Move ds_* scripts to libexec - Ticket 49657 - Fix cascading replication scenario in lib389 API - Ticket 49671 - Readonly replicas should not write internal ops to changelog - Ticket 49673 - nsslapd-cachememsize can?t be set to a value bigger than MAX_INT - Ticket 49519 - Convert Cockpit UI to use strictly patternfly stylesheets - Ticket 49665 - Upgrade script doesn?t enable CRYPT password storage plug-in - Ticket 49665 - Upgrade script doesn?t enable PBKDF2 password storage plug-in - changes from 1.4.0.9 - Ticket 49661 - CVE-2018-1089 - Crash from long search filter [bsc#1092187] - Ticket 49652 - DENY aci?s are not handled properly - Ticket 49650 - lib389 enable_tls doesn?t work on F28 - Ticket 49538 - replace cacertdir_rehash with openssl rehash - Ticket 49406 - Port backend_test.py test to DSLdapObject implementation - Ticket 49649 - Use reentrant crypt_r() - Ticket 49642 - lib389 should generate a more complex password - Ticket 49612 - lib389 remove_ds_instance() does not remove systemd units - Ticket 49644 - crash in debug build - changes from 1.4.0.8 - Ticket 49639 - Crash when failing to read from SASL conn - Ticket 49109 - nsDS5ReplicaTransportInfo should accept StartTLS as an option - Ticket 49586 - Add py3 support to plugins test suite - Ticket 49511 - memory leak in pwdhash - changes from 1.4.0.7 - Ticket 49477 - Missing pbkdf python - Ticket 49552 - Fix the last of the build issues on F28/29 - Ticket 49522 - Fix build issues on F28 - Ticket 49631 - same csn generated twice - Ticket 49585 - Add py3 support to password test suite : part-3 - Ticket 49585 - Add py3 support to password test suite : part-2 - Ticket 48184 - revert previous patch around unuc-stans shutdown crash - Ticket 49585 - Add py3 support to password test suite - Ticket 46918 - Fix compiler warnings on arm - Ticket 49601 - Replace HAVE_SYSTEMD define with WITH_SYSTEMD in svrcore - Ticket 49619 - adjustment of csn_generator can fail so next generated csn can be equal to the most recent one received - Ticket 49608 - Add support for gcc/clang sanitizers - Ticket 49606 - Improve lib389 documentation - Ticket 49552 - Fix build issues on F28 - Ticket 49603 - 389-ds-base package rebuilt on EPEL can?t be installed due to missing dependencies - Ticket 49593 - NDN cache stats should be under the global stats - Ticket 49599 - Revise replication total init status messages - Ticket 49596 - repl-monitor.pl fails to find db tombstone/RUV entry - Ticket 49589 - merge svrcore into 389-ds-base - Ticket 49560 - Add a test case for extract-pemfiles - Ticket 49239 - Add a test suite for ds-replcheck tool RFE - Ticket 49369 - merge svrcore into 389-ds-base - changes from 1.4.0.6 - Ticket 49545 - final substring extended filter search returns invalid resulta (security fix) CVE-2018-1054 [bsc#1083689] - Ticket 49572 - ns_job_wait race on condvar - Ticket 49584 - Fix Tickets with paged_results test suite - Ticket 49161 - memberof fails if group is moved into scope - Ticket 49447 - PBKDF2 on upgrade - ticket 49551 - correctly handle subordinates and tombstone numsubordinates - Ticket 49043 - Add replica conflict test suite - Ticket 49296 - Fix race condition in connection code with anonymous limits - Ticket 49568 - Fix integer overflow on 32bit platforms - Ticket 48085 - Add encryption cl5 test suite - Ticket 49566 - ds-replcheck needs to work with hidden conflict entries - Ticket 49519 - Add more Cockpit UI content - Ticket 49551 - fix memory leak found by coverity - Ticket 49551 - v3 - correct handling of numsubordinates for cenotaphs and tombstone delete - Ticket 49278 - Add a new CI test case - Ticket 49560 - nsslapd-extract-pemfiles should be enabled by default as openldap is moving to openssl - Ticket 49557 - Add config option for checking CRL on outbound SSL Connections - Ticket 49446 - Add CI test case - Ticket 35 - Description: Add support for managing automember to dsconf - Ticket 49544 - cli release preperation - Ticket 48006 - Add a new CI test case - changes from 1.4.0.5 - CVE-2017-15134 389-ds-base: Remote DoS via search filters in slapi_filter_sprintf [bsc#1076530] - Ticket 49554 - Update Makefile for README.md - Ticket 49554 - update readme - Ticket 49546 - Fix broken snmp MIB file - Ticket 49400 - Make CLANG configurable - Ticket 49530 - Add pseudolocalization option for dbgen - Ticket 49523 - Fixed skipif marker, topology fixture and log message - Ticket 49544 - Double check pw prompts - Ticket 49548 - Cockpit UI - installer should also setup Cockpit - changes from 1.4.0.4 - Ticket 49540 - Indexing task is reported finished too early regarding the backend status - Ticket 49534 - Fix coverity regression - Ticket 49544 - cli release preperation, group improvements - Ticket 49542 - Unpackaged files on el7 break rpm build - Ticket 49541 - repl config should not allow rid 65535 for masters - Ticket 49370 - Add all the password policy defaults to a new local policy - Ticket 49425 - improve demo objects for install - Ticket 49537 - allow asan to build with stable rustc - Ticket 49526 - Improve create_test.py script - Ticket 49516 - Add python 3 support for replication suite - Ticket 49534 - Fix coverity issues and regression - Ticket 49532 - coverity issues - fix compiler warnings & clang issues - Ticket 49531 - coverity issues - fix memory leaks - Ticket 49463 - After cleanALLruv, there is a flow of keep alive DEL - Ticket 49529 - Fix Coverity warnings: invalid deferences - Ticket 49509 - Indexing of internationalized matching rules is failing - Ticket 49527 - Improve ds* cli tool testing - Ticket 49474 - purge saslmaps before gssapi test - Ticket 49413 - Changelog trimming ignores disabled replica-agreement - Ticket 49446 - cleanallruv should ignore cleaned replica Id in processing changelog if in force mode - Ticket 49278 - GetEffectiveRights gives false-negative - Ticket 49508 - memory leak in cn=replica plugin setup - Ticket 48118 - Add CI test case - Ticket 49520 - Cockpit UI - Add database chaining HTML - Ticket 49512 - Add ds-cockpit-setup to rpm spec file - Ticket 49523 - Refactor CI test - Ticket 49524 - Password policy: minimum token length fails when the token length is equal to attribute length - Ticket 49517 - Cockpit UI - Add correct png files - Ticket 49517 - Cockput UI - revise config layout - Ticket 49523 - memberof: schema violation error message is confusing as memberof will likely repair target entry - Ticket 49312 - Added a new test case for ?-D configdir? - Ticket 49512 - remove backup directories from cockpit source - Ticket 49512 - Add initial Cockpit UI Plugin - Ticket 49515 - cannot link, missing -fPIC - Ticket 49474 - Improve GSSAPI testing capability - Ticket 49493 - heap use after free in csn_as_string - Ticket 49379 - Add Python 3 support to CI test - Ticket 49431 - Add CI test case - Ticket 49495 - cos stress test and improvements. - Ticket 49495 - Fix memory management is vattr. - Ticket 49494 - python 2 bytes mode. - Ticket 49471 - heap-buffer-overflow in ss_unescape - Ticket 48184 - close connections at shutdown cleanly. - Ticket 49218 - Certmap - support TLS tests - Ticket 49470 - overflow in pblock_get - Ticket 49443 - Add CI test case - Ticket 49484 - Minor cli tool fixes. - Ticket 49486 - change ns stress core to use absolute int width. - Ticket 49445 - Improve regression test to detect memory leak. - Ticket 49445 - Memory leak in ldif2db - Ticket 49485 - Typo in gccsec_defs - Ticket 49479 - Remove unused ?batch? argument from lib389 - Ticket 49480 - Improvements to support IPA install. - Ticket 49474 - sasl allow mechs does not operate correctly - Ticket 49449 - Load sysctl values on rpm upgrade. - Ticket 49374 - Add CI test case - Ticket 49325 - fix rust linking. - Ticket 49475 - docker poc improvements. - Ticket 49461 - Improve db2index handling for test 49290 - Ticket 47536 - Add Python 3 support and move test case to suites - Ticket 49444 - huaf in task.c during high load import - Ticket 49460 - replica_write_ruv log a failure even when it succeeds - Ticket 49298 - Ticket with test case and remove-ds.pl - Ticket 49408 - Add a test case for nsds5ReplicaId checks - Ticket 3 lib389 - python 3 support for subset of pwd cases - Ticket 35 lib389 - dsconf automember support - drop patches: 0003-fix-rm-non-existent-man-pages.patch simplify-lib389-setup-py.patch tw.patch - new BuildRequires: - cracklib-devel - rsync - synced lib389 setup.py: python-ldap argparse-manpage - use %license - new subpackages libsvrcore* - provide/obsolete svrcore-devel ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add files/directories created by tmpfiles.d under /var as ghost entries to the rpm filelist. ==== alsa ==== Version update (1.1.6 -> 1.1.7) Subpackages: libasound2 libasound2-32bit - Fix the incorrect UCM profile for Dell WD15 dock (bsc#1112292): 0001-conf-ucm-Dell-WD15-Dock-Fix-incorrect-device-names.patch - Updated to alsa-lib 1.1.7: * change the location for add-on configs to /etc/alsa/conf.d * topology: Fix bclk and fsync inversion in set_link_hw_format() * topology: Add missing clock gating parameter when parsing hw_configs * topology: Add definitions for mclk_direction values * topology: Add alias conf parameter names for hw_configs * softvol: Allow up to 90 dB of gain * ucm: adding the folder of card_long_name when finding verb conf file * TLV macro cleanup and fixes * conf: USB-audio: Fix for Xonar U7 SPDIF device * pcm: add missing flags initialization for the fallback control data * pcm ioplug: fix some coverity issues * pcm: dmix: Fix hwptr updates at status call * New UCM files: bytcr-rt5640, chtnau8824, Dell WD-dock * UCM fixes: VEYRON-I2S, bytcr-rt5645, bytcr-rt5651, bytcr-rt5640, chtrt5645 * Comment fixes * pcm: Define refine mask bits for DSD * pcm: snd_interval_refine_first/last fix * pcm: ioplug: Provide avail helper function for plugins * pcm: rate: Add error check for snd_pcm_avail_update() * pcm: Fix header guard in pcm_plugin.h * pcm: ioplug: Transfer all available data * control_hw: Fix issue when applying seccomp policy * seq: Fix signedness in MIDI encoder/decoder - Remove obsoleted patches: 0001-ucm-adding-the-folder-of-card_long_name-when-finding.patch 0002-conf-ucm-increase-the-input-volume-for-LineIn.patch 0003-conf-ucm-chtrt5645-Cleanup-and-playback-fixes.patch 0004-conf-ucm-chtrt5645-Microphone-recording-fixes.patch 0005-conf-ucm-chtrt5645-Fix-recording-from-internal-analo.patch 0006-conf-ucm-chtrt5645-At-config-for-the-Asus-T100HA.patch 0007-conf-ucm-chtrt5645-At-config-for-the-Lenovo-Ideapad-.patch 0008-conf-ucm-Add-a-UCM-profile-for-Dell-WD15-Dock-USB-au.patch ==== alsa-plugins ==== Version update (1.1.6 -> 1.1.7) Subpackages: alsa-plugins-pulse alsa-plugins-pulse-32bit - Updated to alsa-plugins 1.1.7: * configure: add --with-alsaaddondir, add default config files for plugins * configure: change --with-alsaaddondir to --with-alsagconfdir and --with-alsalconfdir * samplerate: fix unused variable warning * Renamve rate-lavc to rate-lav * configure script cleanups / fixes * Add explicit -lpthread to *_LIBADD * usb_stream: Fix leaks when us_set_hw_constraint() fails * oss: Fix leaks when oss_hw_constraint() fails * jack: Fix leaks when jack_set_hw_constraint() fails * a52: Fix leaks when a52_set_hw_constraint() fails * jack: Only allow ALSA periods multiple of JACKd period * jack: Allow build with older alsa-lib * jack: Update poll_fd also in draining state * jack: Avoid call to snd_pcm_avail_update() from JACK thread - Renamed subpackage alsa-plugins-lavcrate to alsa-plugins-lavrate ==== alsa-utils ==== Version update (1.1.6 -> 1.1.7) - remove "Obsoletes: bat <= 0.1.0" - it triggers uninstall of the unrelated "bat" (cat clone) package - Updated to alsa-utils 1.1.7: * aplay: Fix invalid file size check for non-regular files * speaker-test: Support S24_3LE sample format * speaker-test: Allow sampling rates up to 768000 * alsabat: Allow custom sample format for round trip latency test * alsaucm: add alsa-ucm udev rules for PAZ00 (Toshiba AC100/Dynabook AZ) * alsatplg: add man file * alsactl: improved disconnection handling * compile warning fixes * aplay: add missing block brackets ==== amavisd-new ==== Version update (2.11.0 -> 2.11.1) Subpackages: amavisd-new-docs - update to version 2.11.1 * removed a trailing dot element from @INC, as a workaround for a perl vulnerability CVE-2016-1238 * amavis-services: bumping up syslog level from LOG_NOTICE to LOG_ERR for a message "PID <pid> went away", and removed redundant newlines from some log messages * safe_decode() and safe_decode_utf8(): avoid warning messages "Use of uninitialized value in subroutine entry" in Encode::MIME::Header when the $check argument is undefined * @sa_userconf_maps has been extended to allow loading of per-recipient (or per-policy bank, or global) SpamAssassin configuration set from LDAP. For consistency with SQL a @sa_userconf_maps entry prefixed with 'ldap:' will load SpamAssassin configuration set using the load_scoreonly_ldap() method; a patch by Atanas Karashenski * add some Sanesecurity.Foxhole false positives to the default list @virus_name_to_spam_score_maps * updated some comments - update amavis-milter to version 2.6.1 * Fixed bug when creating amavisd-new policy bank names ==== apache2 ==== Version update (2.4.35 -> 2.4.37) Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - updated to 2.4.37 * mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1. [Rainer Jung] * mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set, when client certificates are available from the original handshake but were originally not verified and should get verified now. This is a regression in 2.4.36 (unreleased). [Ruediger Pluem] * mod_ssl: Correctly merge configurations that have client certificates set by SSLProxyMachineCertificate{File|Path}. [Ruediger Pluem] - updated to 2.4.36 * mod_brotli, mod_deflate: Restore the separate handling of 304 Not Modified responses. Regression introduced in 2.4.35. * mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the body of the response. [Jim Jagielski] * mod_http2: adding defensive code for stream EOS handling, in case the request handler missed to signal it the normal way (eos buckets). Addresses github issues https://github.com/icing/mod_h2/issues/164, https://github.com/icing/mod_h2/issues/167 and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] * ab: Add client certificate support. [Graham Leggett] * ab: Disable printing temp key for OpenSSL before version 1.0.2. SSL_get_server_tmp_key is not available there. [Rainer Jung] * mod_ssl: Fix a regression that the configuration settings for verify mode and verify depth were taken from the frontend connection in case of connections by the proxy to the backend. PR 62769. [Ruediger Pluem] * MPMs: Initialize all runtime/asynchronous objects on a dedicated pool and before signals handling to avoid lifetime issues on restart or shutdown. PR 62658. [Yann Ylavic] * mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3. TLSv1.3 has behavioural changes compared to v1.2 and earlier; client and configuration changes should be expected. SSLCipherSuite is enhanced for TLSv1.3 ciphers, but applies at vhost level only. [Stefan Eissing, Yann Ylavic, Ruediger Pluem, Joe Orton] * mod_auth_basic: Be less tolerant when parsing the credencial. Only spaces should be accepted after the authorization scheme. \t are also tolerated. [Christophe Jaillet] * mod_proxy_hcheck: Fix issues with interval determination. PR 62318 [Jim Jagielski] * mod_proxy_hcheck: Fix issues with TCP health checks. PR 61499 [Dominik Stillhard <dominik.stillhard united-security-providers.ch>] * mod_proxy_hcheck: take balancer's SSLProxy* directives into account. [Jim Jagielski] * mod_status, mod_echo: Fix the display of client addresses. They were truncated to 31 characters which is not enough for IPv6 addresses. This is done by deprecating the use of the 'client' field and using the new 'client64' field in worker_score. PR 54848 [Bernhard Schmidt <berni birkenwald de>, Jim Jagielski] ==== bluedevil5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: bluedevil5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== breeze ==== Version update (5.14.1 -> 5.14.2) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== breeze-gtk ==== Version update (5.14.1 -> 5.14.2) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * GTK theme treeview style typo/bug fix ==== breeze4-style ==== Version update (5.14.1 -> 5.14.2) Subpackages: libbreezecommon4-5 - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== bubblewrap ==== Version update (0.3.0 -> 0.3.1) - update to version 0.3.1: * New feature in this release is --bind-try (as well as --dev-bind-try and --ro-bind-try) which works like the regular versions if the source exists, but does nothing if it doesn't exist. * The mount type for the root tmpfs was also changed to "tmpfs" instead of being empty, as the later could cause problems with some programs when parsing the mountinfo files in /proc. ==== chrony ==== Version update (3.3 -> 3.4) - Update the keyring and uncomment it in the spec file - Comment out bad signature - Added %{_tmpfilesdir}/%{name}.conf - Updated clknetsim - Update to version 3.4 * Enhancements + Add filter option to server/pool/peer directive + Add minsamples and maxsamples options to hwtimestamp directive + Add support for faster frequency adjustments in Linux 4.19 + Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit + Disable sub-second polling intervals for distant NTP sources + Extend range of supported sub-second polling intervals + Get/set IPv4 destination/source address of NTP packets on FreeBSD + Make burst options and command useful with short polling intervals + Modify auto_offline option to activate when sending request failed + Respond from interface that received NTP request if possible + Add onoffline command to switch between online and offline state according to current system network configuration + Improve example NetworkManager dispatcher script * Bug fixes + Avoid waiting in Linux getrandom system call + Fix PPS support on FreeBSD and NetBSD ==== discount ==== Version update (2.2.3a -> 2.2.4) - Update to version 2.2.4: * No changelog provided ==== discover ==== Version update (5.14.1 -> 5.14.2) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Too many changes to list here ==== dracut ==== - Add nfit module (bsc#1110519) * adds 0581-kernel-modules-add-nfit.patch ==== drbd ==== Version update (9.0.15+git.c46d2790 -> 9.0.16+git.ab9777df) - Update to 9.0.16-1 * Fix regression (introduced with 9.0.15) in handling request timeouts * Fix a possible distributed loop when establishing a connection * Fix a corner case in case a resync "overtakes" an other one * Fix clearing of the PRIMARY_LOST_QUORUM flag * Check peers before generating new current UUID after loosing a node * In case the locally configured address of a connection is not available keep on retrying until it comes back ==== drkonqi5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: drkonqi5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== epiphany ==== Version update (3.30.1 -> 3.30.2) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.30.2: + Fix application mode toolbar in small windows. + Fix Google Search in Russian localization. + Fix some critical warnings caused by a mistake in the reader mode code. ==== exiv2 ==== - update to latest 0.26 branch: * Fixes CVE-2018-12264, CVE-2018-12265 (bsc#1097599) ==== file ==== Version update (5.33 -> 5.35) Subpackages: file-magic libmagic1 - Update to file version 5.35 * Add FreeBSD ELF core file support (John Baldwin) * PR/30: Allow all parameter values to be set (don't treat 0 specially) * handle default annotations on the softmagic match instead at the end. * PR/23: Recognize JSON files * PR/18: file --mime-encoding should not print mime-type - Modify the patches * file-5.16-ocloexec.patch * file-5.17-option.dif * file-5.19-biorad.dif * file-5.19-printf.dif * file-5.22-elf.dif * file-5.23-endian.patch * file-5.24-nitpick.dif * file-secure_getenv.patch - Modify and rename patch file-5.34.dif which becomes file-5.35.dif - Update new signing key file as well ==== flatpak ==== Version update (1.0.0 -> 1.0.3) Subpackages: libflatpak0 typelib-1_0-Flatpak-1_0 - Add rpmlintrc to ignore files being installed under /etc not marked as %config (since they're not). - Don't run "flatpak remote-list --system" on %post anymore since it's not needed nowadays. Also let /var/lib/flatpak be created on demand since writing to /var should be avoided for transactional updates (boo#1111385, fate#325524). - Update to version 1.0.3: + run: You can now use --system to run an app that otherwise would run the user version. + New permission --allow=canbus that filters out access to AF_CAN sockets. + lib: New install flags FLATPAK_INSTALL_FLAGS_NO_TRIGGERS and new function flatpak_installation_run_triggers() + lib: Better error reporting, including some new error values that replace the generic FAILED. + uninstall --unused: Improve handling of which .Locale extensions are used + run: Make flatpak run on systems where $XDG_RUNTIME_DIR contains a symlink beneath /var (commonly /var/run -> /run). + Don't export any desktop/dbus/mimetype files in subdirectories. + build-init: We now record the base ref (if used) in the metadata. Nothing uses this atm, but it can be used by tools. + We now respect the upstream ostree.deploy-collection-id instead of the flatpak-specific xa.collection-id metadata key to decide whether to switch to collection ids for a remote. This is useful, because if you use the new one, only new clients (that support it better) will use it. + create-usb: Fix assertion failure in some error cases + create-usb: Always create archive-z2 repos + create-usb: Don't create unnecessary summary in repo + permissions: Avoid errors if there is no permissions table + repo: Fix flatpak repo sometimes using the wrong ostree-metadata ref. + Avoid fsync when updating $installation/.changed. + Add the missing appstream2 ref to the xa.cache metadata + The test-suite got some modifications to make it easier to maintain. + Documentation updates + Translation updates - Changges from version 1.0.2: + The dbus proxy is now available in a separate git module, xdg-dbus-portal, which is imported into flatpak as a submodule. It is possible to build flatpak against the system xdg-dbus-portal instead, but this is not currently very useful as no other applications yet depend on xdg-dbus-portal. + Build regressions with older versions of glib have been fixed. + Flatpak ps now also tracks the pid the main process inside the sandbox. + Added flatpak override --reset to reset overrides for an app. + Added flatpak override --show to show overrides for an app. + flatpak install now automatically pick user or system based on the remote name given (unless the remote exists in both). + flatpak uninstall --unused now does not remove SDKs if some installed app refers to them. + Fixed bug where flatpak uninstall --unused prompted for uninstall twice. + Set IO class on the system helper to "idle", which should cause background updates to affect the system less. + Fixed regression in flatpak uninstall --no-related. + Better handling of empty collection ids in flatpak bundles. + Cleaned up some error messages. + Various documentation fixes and cleanups. + Updated translations. - Changes from version 1.0.1: + This fixes various build and test failures that were detected when packaging 1.0, as well as translations and doc udpates. It also has some minor features, including a new subcommand "flatpak ps" to list the running flatpak instances for your user. + Print application tags in the prompt when installing/updating. + Make sure we don't accidentally leak the host /proc into the sandbox. + Translation updates. + Added a "flatpak ps" command that lists running flatpak instances. + Improve error reporting when exporting documents. + Improve detection of dynamic p2p remotes. + Build fixes for older versions of glib. + Fix threading issue in the OCI support that was causing the installed tests to sometimes fail. + Fix OCI AppStream support on 32bit architectures. + Fix utf8 issue in the dbus API description. + Some install fixes to make installed tests work + Make the tests work with python3 (as well as python2) + Improve introspection annotations in libflatpak + Improve libflatpak API docs ==== gjs ==== Version update (1.54.1 -> 1.54.2) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.54.2: + context: - Defer and therefore batch forced GC runs. - Use timeout with seconds to schedule a gc trigger. + fundamental: Check if gtype is valid before using it. + Backported a fix for a crash in the interactive interpreter when executing something like `throw "foo"`. + Backported various maintenance from 3.31. ==== gnome-games ==== Version update (3.30.1 -> 3.30.2) Subpackages: gnome-games-lang - Update to version 3.30.2: + Fix search filter not updating when switching between collection views. + Fix header bar buttons grabbing arrow keys in fullscreen. ==== gnome-shell ==== Version update (3.30.0 -> 3.30.1) Subpackages: gnome-shell-browser-plugin gnome-shell-calendar gnome-shell-lang - Update to version 3.30.1: + Cancel search on overview hiding (glgo#GNOME/gnome-shell!205). + Fix disappearing network icon (glgo#GNOME/gnome-shell#140). + Improve switch-monitor shortcut handling (glgo#GNOME/gnome-shell!208). + Fix missing key information in keyring dialog (glgo#GNOME/gnome-shell#574). + De-duplicate all entries in run command history (glgo#GNOME/gnome-shell#524). + Fix frozen disk unlock dialogs (glgo#GNOME/gnome-shell#565). + Fix unresponsive-app dialog blocking input in other windows (glgo#GNOME/gnome-shell#273). + Fix handling of forward-key-event input method signal (glgo#GNOME/gnome-shell#531). + Misc. bug fixes: glgo#GNOME/gnome-shell#520, bgo#791233, glgo#GNOME/gnome-shell!188, glgo#GNOME/gnome-shell#539, glgo#GNOME/gnome-shell!217, glgo#GNOME/gnome-shell#536, glgo#GNOME/gnome-shell#537, glgo#GNOME/gnome-shell#578, glgo#GNOME/gnome-shell!236, glgo#GNOME/gnome-shell#579, glgo#GNOME/gnome-shell!228, glgo#GNOME/gnome-shell#618, glgo#GNOME/gnome-shell#471, glgo#GNOME/gnome-shell!255. + Updated translations. - Rebase patches with quilt and some manual touchup. ==== gnutls ==== Version update (3.6.3 -> 3.6.4) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - Temporarily disable failing psk-file test (race condition) * add disable-psk-file-test.patch - Version update to 3.6.4 (bsc#1111757): * * libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol. * * libgnutls: Corrected regression since 3.6.3 in the callbacks set with gnutls_certificate_set_retrieve_function() which could not handle the case where no certificates were returned, or the callbacks were set to NULL (see #528). * * libgnutls: gnutls_handshake() on server returns early on handshake when no certificate is presented by client and the gnutls_init() flag GNUTLS_ENABLE_EARLY_START is specified. * * libgnutls: Added session ticket key rotation on server side with TOTP. The key set with gnutls_session_ticket_enable_server() is used as a master key to generate time-based keys for tickets. The rotation relates to the gnutls_db_set_cache_expiration() period. * * libgnutls: The 'record size limit' extension is added and preferred to the 'max record size' extension when possible. * * libgnutls: Provide a more flexible PKCS#11 search of trust store certificates. This addresses the problem where the CA certificate doesn't have a subject key identifier whereas the end certificates have an authority key identifier (#569) * * libgnutls: gnutls_privkey_export_gost_raw2(), gnutls_privkey_import_gost_raw(), gnutls_pubkey_export_gost_raw2(), gnutls_pubkey_import_gost_raw() import and export GOST parameters in the "native" little endian format used for these curves. This is an intentional incompatible change with 3.6.3. * * libgnutls: Added support for seperately negotiating client and server certificate types as defined in RFC7250. This mechanism must be explicitly enabled via the GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init(). - Drop upstreamed patch: * gnutls-3.6.3-backport-upstream-fixes.patch ==== grilo-plugins ==== Subpackages: grilo-plugin-tracker grilo-plugin-youtube grilo-plugins-lang - Avoid em dashes in summaries. ==== ibus-libzhuyin ==== Version update (1.8.0 -> 1.8.92) - Update version to 1.8.92 * fixes easy symbol and user symbol * update read method * use model11.text.tar.gz * translate input method name in ibus menu * fixes cursor move * fixes application shortcut issue * fixes numpad issue ==== iio-sensor-proxy ==== Version update (2.4 -> 2.5) - Update to version 2.5: + Fix a number of build warnings and bugs. + Ensure some devices have non-0 update frequencies. + Set sensor scale to 1.0 when the device does not export one. ==== installation-images-Kubic ==== Version update (14.385 -> 14.387) - merge gh#openSUSE/installation-images#269 - don't use 'iterm' terminfo (fate#325746) - 14.387 - merge gh#openSUSE/installation-images#268 - pick better fonts for fbiterm (fate#325746) - 14.386 ==== inxi ==== Version update (3.0.26 -> 3.0.27) - Update to version 3.0.27: * See /usr/share/doc/packages/inxi/inxi.changelog ==== java-11-openjdk ==== Version update (11.0.0.0 -> 11.0.1.0) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.1+13 (Oracle October 2018 CPU) * Security fixes: + S8202936, CVE-2018-3183, bsc#1112148: Improve script engine support + S8199226, CVE-2018-3169, bsc#1112146: Improve field accesses + S8199177, CVE-2018-3149, bsc#1112144: Enhance JNDI lookups + S8202613, CVE-2018-3180, bsc#1112147: Improve TLS connections stability + S8208209, CVE-2018-3180, bsc#1112147: Improve TLS connection stability again + S8199172, CVE-2018-3150, bsc#1112145: Improve jar attribute checks + S8200648, CVE-2018-3157, bsc#1112149: Make midi code more sound + S8194534, CVE-2018-3136, bsc#1112142: Manifest better support + S8208754, CVE-2018-3136, bsc#1112142: The fix for JDK-8194534 needs updates + S8196902, CVE-2018-3139, bsc#1112143: Better HTTP Redirection * Security-In-Depth fixes: + S8194546: Choosier FileManagers + S8195874: Improve jar specification adherence + S8196897: Improve PRNG support + S8197881: Better StringBuilder support + S8201756: Improve cipher inputs + S8203654: Improve cypher state updates + S8204497: Better formatting of decimals + S8200666: Improve LDAP support + S8199110: Address Internet Addresses * Fixes + S7017058: Malayalam glyph substitution is failing for Malayalam with Windows Kartika font. + S8130655: OS X: keyboard input in textfield is not possible if the window contained textfield is owned by EmbeddedFrame + S8160104: CORBA communication improvements + S8163237: Restrict the use of EXPORT cipher suites + S8172525: Improve key keying case + S8174756: Extra validation for public keys + S8174962: Better interface invocations + S8175075: Add 3DES to the default disabled algorithm security property + S8175932: Improve host instance supports + S8176450: Revise default document styling + S8178449: Improve LDAP logins + S8178458: Better use of certificates in LDAP + S8178466: Better RSA parameters + S8179533: Cleaner print job handling + S8179990: Cleaner palette entry handling + S8180011: Cleaner native graphics device handling + S8180015: Cleaner AWT robot handling + S8180020: Improve SymbolHashMap entry handling + S8180869: Cleaner image file reading handling + S8180877: More deeply colored ICC spaces + S8181664: Improve JVM UTF String handling + S8181670: Improve implementation of keystores + S8182125: Improve reliability of DNS lookups + S8182362: Update CipherOutputStream Usage + S8182387: Improve PKCS usage + S8182601: Improve usage messages + S8183032: Upgrade to LittleCMS 2.9 + S8185292: Stricter key generation + S8185325: Improve GTK initialization + S8186032: Disable XML Signatures signed with EC keys less than 224 bits + S8186080: Transform XML interfaces + S8186212: Improve GSS handling + S8186600: Improve property negotiations + S8186606: Improve LDAP lookup robustness + S8186998: Improve JMX supportive features + S8187496: Possible memory leak in java.apple.security.KeychainStore.addItemToKeychain + S8189123: More consistent classloading + S8189284: More refactoring for deserialization cases + S8189969: Manifest better manifest entries + S8189977: Improve permission portability + S8189981: Improve queuing portability + S8189985: Improve tabular data portability + S8189989: Improve container portability + S8189993: Improve document portability + S8189997: Enhance keystore mechanisms + S8190227: Forward port 8188880 to JDK10CPU + S8190289: More refactoring for client deserialization cases + S8190478: Improved interface method selection + S8190789: sun/security/provider/certpath/LDAPCertStore/ /TestURICertStoreParameters.java fails after JDK-8186606 + S8190877: Better handling of abstract classes + S8191130: Sinhala text rendering problem with C+VIRAMA+ZWJ+RA/YA+V + S8191142: More refactoring for naming deserialization cases + S8191178: [macos] Problem with input of yen symbol + S8191239: Improve desktop file usage + S8191358: Restore TSA certificate expiration check + S8191696: Better mouse positioning + S8191907: PPC64 and s390 parts of JDK-8174962: Better interface invocations + S8192025: Less referential references + S8192030: Better MTSchema support + S8192757: Improve stub classes implementation + S8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile + S8193409: Improve AES supporting classes + S8193414: Improvements in MethodType lookups + S8193419: Better Internet address support + S8194233: Improve support for array handles + S8194238: Trying exceptions in MethodHandles + S8194259: keytool error: java.io.IOException: Invalid secret key format + S8195662: Add T6587786.java to problem list before JDK-8195589 is resolved + S8195836: opentype:Bengali: "Khanda Ta" shaping issue with U+09A4 TA, U+09CD virama, U+200D ZWJ + S8196224: Even better Internet address support + S8196289: Update src/java.desktop/share/legal/lcms.md for LCMS 2.9 + S8197443: ArrayIndexOutOfBoundsException in UcryptoException.getError + S8197925: Better stack walking + S8199547: Exception to Pattern Syntax + S8200332: Improve GCM counting + S8204667: Resources not freed on exception + S8205479: OS X: requestFocus() does not work properly for embedded frame + S8205491: adjust reflective access checks + S8206389: JarEntry.setCreation/LastAccessTime without setLastModifiedTime causes Invalid CEN header + S8206392: [macosx] Cycling through windows (JFrames) does not work with keyboard shortcut + S8206473: Revert changes of JDK-8202613 in jdk-cpu and jdk11u-cpu + S8206884: Bump update version for jdk11.0.1 cpu forest + S8207057: No debug info for assembler files + S8207153: Some intrinsic tests take long time to run + S8207745: serviceability/sa/TestJmapCore.java times out parsing a 4GB hprof file + S8207775: Better management of CipherCore buffers + S8207941: javax/swing/plaf/basic/BasicGraphicsUtils/8132119/ /bug8132119.java fails on machines without Arial font [testbug] + S8207948: JDK 11 L10n resource file update msg drop 10 + S8208091: SA: jhsdb jstack --mixed throws UnmappedAddressException on i686 + S8208268: 11.0.1 b03 java.net bundles - Release Date is wrong + S8208350: Disable all DES cipher suites + S8208583: Better management of internal KeyStore buffers + S8208595: [parfait] Better X11 font support + S8208654: Please change jdk 11.0.1 milestone to FCS + S8208661: JDK 11.0.1 l10n resource file update + S8208746: ISO 4217 Amendment #168 update + S8209129: Further improvements to cipher buffer management + S8209639: assert failure in coalesce.cpp: attempted to spill a non-spillable item + S8209775: ISO 4217 Amendment #169 update + S8209786: JDK12 fails to build on s390x with gcc 7.3 + S8209862: CipherCore performance improvement + S8209889: RedefineStress tests crash + S8209916: NPE in SupportedGroupsExtension + S8209942: [epsilon] range function for EpsilonTLABElasticity causes compiler warning + S8209996: [PPC64] Fix JFR profiling + S8210153: localized currency symbol of VES + S8210259: [testbug] IncompatibleOptions.java fails if VM configured without ZGC + S8210335: Clipping problems with complex affine transforms: negative scaling factors or small scaling factors + S8210345: The Japanese message of FileNotFoundException garbled + S8210432: Add additional TeliaSonera root certificate + S8210497: [PPC64] Vector registers not saved across safepoint + S8210502: jdeps does not handle properly on analyzing a mixture of MR JARs and non-MR JARs + S8210647: libsaproc is being compiled without optimization. + S8210703: vmStructs.cpp compiled with -O0 + S8210736: jdk/javax/xml/crypto/dsig/GenerationTests.java slow on linux + S8210761: libjsig is being compiled without optimization + S8210775: JVM TI Spec missing copyright + S8210810: Escaped character at specific position in argument file is not handled properly + S8210836: Build fails with warn_unused_result in openjdk/src/jdk.hotspot.agent/linux/native/libsaproc/ps_core.c + S8210846: TLSv.1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth + S8211065: Private method check in linkResolver is incorrect + S8211105: AArch64: Disable cos/sin and log intrinsics in jdk11u pending fix + S8211107: LDAPS communication failure with jdk 1.8.0_181 + S8211165: License header is absent in a few J2Ddemo source code files + S8211208: make AllocateHeapAt an unsupported option on AIX + S8211387: [Zero] atomic_copy64: Use ldrexd for atomic reads on ARMv7 + S8211731: Reconsider default option for ClassPathURLCheck change done in JDK-8195874 + S8211768: [s390] Implement JFR profiling + S8211856: [ppc, s390] ProblemList some failing tests. + S8211916: Javadoc -link makes broken links if module name matches package name + S8212110: Build of saproc.dll broken on Windows 32 bit after JDK-8210647 + S8212204: [TESTBUG] test/hotspot/jtreg/compiler/intrinsics/ /base64/TestBase64.java fails - Removed patches: * RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch * RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch + Integrated upstream ==== jhead ==== - Renamed CVE-2018-16554.patch to CVE-2018-17088.patch, because it is in fact fix of boo#1108672 - Buffer overflow fix (boo#1108480) CVE-2018-16554.patch ==== kactivitymanagerd ==== Version update (5.14.1 -> 5.14.2) Subpackages: kactivitymanagerd-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kcm_sddm ==== Version update (5.14.1 -> 5.14.2) Subpackages: kcm_sddm-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kde-cli-tools5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kde-cli-tools5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kde-gtk-config5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kde-gtk-config5-gtk2 kde-gtk-config5-gtk3 kde-gtk-config5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kde-user-manager ==== Version update (5.14.1 -> 5.14.2) Subpackages: kde-user-manager-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kdeconnect-kde ==== Version update (1.3.1 -> 1.3.2) Subpackages: kdeconnect-kde-lang - Update to 1.3.2 * Also allow modern algorithms, for compat with future apps * Remove characters from UUID that aren't legal in URLs * Add new notifications at the top of the list * Change the 'Dismiss all notifications' icon * Fix DBus signals in Mprisremote ==== kdevelop5 ==== Subpackages: kdevelop5-lang kdevplatform kdevplatform-lang libkdevplatform52 - Use WebEngine instead of WebKit ==== kgamma5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kgamma5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== khotkeys5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: khotkeys5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kinfocenter5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kinfocenter5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kmenuedit5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kmenuedit5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== krb5 ==== Version update (1.15.3 -> 1.16.1) Subpackages: krb5-32bit - Upgrade to 1.16.1 * kdc client cert matching on client principal entry * Allow ktutil addent command to ignore key version and use non-default salt string. * add kpropd pidfile support * enable "encrypted_challenge_indicator" realm option on tickets obtained using FAST encrypted challenge pre-authentication. * dates through 2106 accepted * KDC support for trivially renewable tickets * stop caching referral and alternate cross-realm TGTs to prevent duplicate credential cache entries ==== kscreen5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kscreenlocker ==== Version update (5.14.1 -> 5.14.2) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== ksshaskpass5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: ksshaskpass5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== ksysguard5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: ksysguard5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kwayland-integration ==== Version update (5.14.1 -> 5.14.2) - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== kwin5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: kwin5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== ldmtool ==== Subpackages: libldm-1_0-0 - fix deprecated api g_type_class_add_private() - Added patches: * Remove-deprecated-g_type_class_add_private.patch ==== libHX ==== Version update (3.23 -> 3.24) Subpackages: libHX28 libHX28-32bit - Update to new upstream release 3.24 * Make "HXOPT_AUTOHELP" behave the same in C++ as C * Avoid compiler warning when using HX_list_for_each in C++ ==== libdrm ==== Version update (2.4.95 -> 2.4.96) Subpackages: libdrm-devel libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 - Update to version 2.4.96 * libdrm: Allow dynamic drm majors on linux * amdgpu/test: Allow BO mapping flags to be passed in tests * amdgpu/test: Fix deadlock tests for AI and RV v2 * xf86drmHash: remove redundant zero init * freedreno/msm: get rid of ring_bo unref hack * freedreno: expose refcnt'ing on ringbuffers * freedreno: add flags param for rb creation * freedreno/msm: support suballocation for stateobj rb's * freedreno: remove deprecated ringmarker API * freedreno/msm: remove reset of linked rings * freedreno/msm: simplify emit_reloc_ring() vfunc * freedreno/msm: use hashtable to track submit.cmds table * freedreno/msm: simplify msm_ringbuffer_flush() * freedreno/msm: handle ring-reloc to other stateobjs * freedreno/kgsl: fix build * freedreno/msm: fix c90 warning ==== libepoxy ==== Version update (1.5.0 -> 1.5.3) - Update to version 1.5.3: + Fix build with uClibc + Fix GLES3 symbol lookup + Fix conditional compilation + Require Meson 0.47 + Fix Autotools build with EGL-X11 support - Changes from version 1.5.2: + Fix the detection of the -z,relro linker flag + Query the EGL context version when bootstrapping on GLES + Avoid inadvertedly loading libraries when probing for them + Consistently use abort() instead of exit() for internal state checks + Fix a performance regression in the global function pointer trampolines introduced by using -Bsymbolic-functions + Improve performance when using GL function pointers like glAlphaFunc - Changes from version 1.5.1: + Generalise checks for dlvsym + Add an option for disabling building the test suite + Typo fixes in the comments and documentation + Simplify the Meson configuration logic for EGL and GLX + Use assert when no context is found + Remove a test superceded by GLVND + Avoid Meson warnings when testing for linker arguments - Pass tests=false to meson, ensure we do not build the test-suite. - Drop la files removal, they are no longer built. - Run spec-cleaner, modernize spec. ==== libfm ==== Version update (1.2.5 -> 1.3.0.2) Subpackages: libfm-gtk4 libfm-lang libfm4 - Update to 1.3.0.2: * Fixed launching menu entries shortcuts on desktop which was broken by making them all executable in 1.3.0 - those should be launchable still. * Fixed installing modules into non-standard path: libtool couldn't relink them properly. * Added emblem support by reading the "metadata::emblems" attribute provided by GFileInfo. The metadata is provided by gio/gvfs and are currently stored in $XDG_DATA_HOME/gvfs-metadata. * Fixed typo: occured -> occurred. * Made desktop entries treaten as executables. Now clicking on a native desktop file opens a confirmation dialog instead of executing it. Trashed desktop files are only opened as text files and desktop files under system menu (i.e. menu://applications/) are executed without prompt as before. * Fixed build error with vala 0.36.1. * Fixed crash on launching nonexistent link targets. * Added tooltips for attributes of copying files. * Fixed thumbnails generation for files in the thumbnails cache directory which actually should never be done. * Fixed crash on pasting large string when completion matches. * Prevented creation corrupted image thumbnails with gdk-pixbuf2 >= 2.36.1. * Fixed crash in fm_config_load_from_file(). * Dropped displaying "extension" for a directory. * Fixed crash on pasting a file into the search folder, show an error message when the copy destination doesn't exist instead. * Added new API for FmAction new object type, to replace old VALA-generated code. New API is more convenient, C instead of VALA, and should support all DES-API specification features, not just limited set. * Migrated module 'gtk-menu-actions' to new DES-EMA actions API. * Added display of data transferred to progress dialog. * Fixed wrong names for files, copied from Google Drive and similar places. - Remove libfm-1.2.5-gtk-doc-workaround.patch: upstreamed ==== libfm-extra ==== Version update (1.2.5 -> 1.3.0.2) - Update to 1.3.0.2: * Fixed launching menu entries shortcuts on desktop which was broken by making them all executable in 1.3.0 - those should be launchable still. * Fixed installing modules into non-standard path: libtool couldn't relink them properly. * Added emblem support by reading the "metadata::emblems" attribute provided by GFileInfo. The metadata is provided by gio/gvfs and are currently stored in $XDG_DATA_HOME/gvfs-metadata. * Fixed typo: occured -> occurred. * Made desktop entries treaten as executables. Now clicking on a native desktop file opens a confirmation dialog instead of executing it. Trashed desktop files are only opened as text files and desktop files under system menu (i.e. menu://applications/) are executed without prompt as before. * Fixed build error with vala 0.36.1. * Fixed crash on launching nonexistent link targets. * Added tooltips for attributes of copying files. * Fixed thumbnails generation for files in the thumbnails cache directory which actually should never be done. * Fixed crash on pasting large string when completion matches. * Prevented creation corrupted image thumbnails with gdk-pixbuf2 >= 2.36.1. * Fixed crash in fm_config_load_from_file(). * Dropped displaying "extension" for a directory. * Fixed crash on pasting a file into the search folder, show an error message when the copy destination doesn't exist instead. * Added new API for FmAction new object type, to replace old VALA-generated code. New API is more convenient, C instead of VALA, and should support all DES-API specification features, not just limited set. * Migrated module 'gtk-menu-actions' to new DES-EMA actions API. * Added display of data transferred to progress dialog. * Fixed wrong names for files, copied from Google Drive and similar places. ==== libkdecoration2 ==== Version update (5.14.1 -> 5.14.2) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private6 - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== libkscreen2 ==== Version update (5.14.1 -> 5.14.2) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== libksysguard5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: libksysguard5-helper libksysguard5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== libnumbertext ==== Version update (1.0.2 -> 1.0.5) Subpackages: libnumbertext-1_0-0 libnumbertext-data - Update to 1.0.5: * Various fixes in numerical calculations and issues reported on libreoffice tracker - Drop merged libnumbertext-oldgcc.patch ==== libssh ==== Version update (0.8.3 -> 0.8.4) - Update to version 0.8.4 * Fixed CVE-2018-10933; (bsc#1108020) * Fixed building without globbing support * Fixed possible memory leaks * Avoid SIGPIPE on sockets ==== lxtask ==== Version update (0.1.7 -> 0.1.8) Subpackages: lxtask-lang - new upstream release 0.1.8 * Fixed UID shown instead of EUID ==== lz4 ==== Version update (1.8.2 -> 1.8.3) Subpackages: liblz4-1 liblz4-1-32bit - lz4 1.8.3: * minor decompression speed improvement (~+2%) with gcc * fix corruption in v1.8.2 at level 9 for files > 64KB under rare conditions * Add new command --fast * api: LZ4_decompress_safe_partial() now decodes exactly the number of bytes requested ==== messagelib ==== Subpackages: messagelib-lang - Add 0001-Check-QtWebEngine-version-instead-of-Qt-s.patch to fix behavior of the PgUp/PgDown and Space keys in the messageviewer when QtWebEngine 5.10+ is used in combination with Qt 5.9 as in Leap 15 (boo#1105461, kde#397349) ==== milou5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: milou5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== mozilla-nspr ==== Version update (4.19 -> 4.20) - update to version 4.20 * abstract socket address support for Linux (incl. Android) * aarch64 support for Windows * support for riscv64 ==== mozilla-nss ==== Version update (3.38 -> 3.39) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - update to NSS 3.39 * required by Firefox 63.0 Notable bug fixes * NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random (CVE-2018-12384) (bmo#1483128) New functionality * The tstclnt and selfserv utilities added support for configuring the enabled TLS signature schemes using the -J parameter. * NSS will use RSA-PSS keys to authenticate in TLS. Support for these keys is disabled by default but can be enabled using SSL_SignatureSchemePrefSet(). * certutil added the ability to delete an orphan private key from an NSS key database. * Added the nss-policy-check utility, which can be used to check an NSS policy configuration for problems. * A PKCS#11 URI can be used as an identifier for a PKCS#11 token. Notable changes * The TLS 1.3 implementation uses the final version number from RFC 8446. * Previous versions of NSS accepted an RSA PKCS#1 v1.5 signature where the DigestInfo structure was missing the NULL parameter. Starting with version 3.39, NSS requires the encoding to contain the NULL parameter. * The tstclnt and selfserv test utilities no longer accept the -z parameter, as support for TLS compression was removed in a previous NSS version. * The CA certificates list was updated to version 2.26. * The following CA certificates were Added: - OU = GlobalSign Root CA - R6 - CN = OISTE WISeKey Global Root GC CA * The following CA certificate was Removed: - CN = ComSign * The following CA certificates had the Websites trust bit disabled: - CN = Certplus Root CA G1 - CN = Certplus Root CA G2 - CN = OpenTrust Root CA G1 - CN = OpenTrust Root CA G2 - CN = OpenTrust Root CA G3 ==== nautilus ==== Version update (3.30.1 -> 3.30.2) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 nautilus-lang - Update to version 3.30.2: + Fix Google Drive files not opening. + Fix crashes when searching. + Fix triple click in pathbar to minimize the window. + Fix '/' and '~' not opening the location bar. + Fix header bar styling for 3rd party themes again. + Disable and warn about security risks when libseccomp and bwrap are disabled on unsupported cpus. + Fix various leaks. ==== net-snmp ==== Version update (5.7.3 -> 5.8) Subpackages: libsnmp30 perl-SNMP snmp-mibs - Update to net-snmp-5.8. Fixes included: * Fix remote DoS in agent/helpers/table.c (bsc#1111122, CVE-2018-18065) * Fix agentx freezing on timeout (bsc#1027353) * swintst_rpm: Protect against unspecified Group name (bsc#1102775) - Add tsm and tlstm MIBs and the USM security module. (bsc#1081164) - Rename and refactor patches and remove those that are already included inside the new version. Added: * net-snmp-5.8-socket-path.patch * net-snmp-5.8-testing-empty-arptable.patch * net-snmp-5.8-pie.patch * net-snmp-5.8-net-snmp-config-headercheck.patch * net-snmp-5.8-perl-tk-warning.patch * net-snmp-5.8-velocity-mib.patch * net-snmp-5.8-netgroups.patch * net-snmp-5.8-snmpstatus-suppress-output.patch * net-snmp-5.8-fix-Makefile.PL.patch * net-snmp-5.8-modern-rpm-api.patch * net-snmp-5.8-fix-python3.patch Removed: * net-snmp-5.7.3-socket-path.patch * net-snmp-5.7.3-testing-empty-arptable.patch * net-snmp-5.7.3-pie.patch * net-snmp-5.7.3-net-snmp-config-headercheck.patch * net-snmp-5.7.3-perl-tk-warning.patch * net-snmp-5.7.3-velocity-mib.patch * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.3-netgroups.patch * net-snmp-5.7.3-snmpstatus-suppress-output.patch * net-snmp-5.7.3-fix-snmp_pdu_parse-incomplete.patch * net-snmp-5.7.3-Remove-U64-typedef.patch * net-snmp-5.7.3-Fix-Makefile.PL.patch * net-snmp-5.7.3-build-with-openssl-1.1.patch * net-snmp-5.7.3-modern-rpm-api.patch * net-snmp-python3.patch * net-snmp-5.7.2-systemd.patch * net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch ==== nodejs10 ==== Version update (10.9.0 -> 10.12.0) Subpackages: nodejs10-devel npm10 - node-gyp-addon-gypi.patch: patch fixes (bsc#1094617) - add support for runnign valgrind tests during check, disabled by default - valgrind_fixes.patch: valgrind fixes - New upstream version 10.12.0: * cli: + The options parser now normalizes _ to - in all multi-word command-line flags, e.g. --no_warnings == --no-warnings + Added bash completion for the node binary. To generate a bash completion script, run node --completion-bash. * crypto: + Added support for PEM-level encryption. + Added an API asymmetric key pair generation. * fs: Added a recursive option to fs.mkdir and fs.mkdirSync. * http2: + Added support for the ORIGIN frame. + Added a 'ping' event to Http2Session that is emitted whenever a non-ack PING is received. + Updated nghttp2 to 1.34.0. This adds RFC 8441 extended connect protocol support to allow use of WebSockets over HTTP/2. * module: Added module.createRequireFromPath(filename). This new method can be used to create a custom require function that will resolve modules relative to the filename path. * process: Added a 'multipleResolves' process event that is emitted whenever a Promise is attempted to be resolved multiple times, e.g. if the resolve and reject functions are both called in a Promise executor. * url: Added url.fileURLToPath(url) and url.pathToFileURL(path) * util: + Added the sorted option to util.inspect() + Added support for BigInt numbers in util.format() * V8 API: A number of V8 C++ APIs have been marked as deprecated * Workers: + Added debugging support for Workers via DevTools protocol + The public inspector module is now enabled in Workers. - fix_ci_tests.patch: updated - fix_ci_tests.patch: fix unit tests - New upstream version 10.11.0: * fs: Fixed fsPromises.readdir withFileTypes. * http2: Added http2stream.endAfterHeaders property. * util: Added util.types.isBoxedPrimitive(value). - 21257.diff: drop the patch in favour of running node compilation by redirecting stdio through a FIFO - versioned.patch: refreshed - fix_ci_tests.patch: explicity disable doc target in unit tests - New upstream version 10.10.0: * child_process: TypedArray and DataView values are now accepted as input by execFileSync and spawnSync. * coverage: Native V8 code coverage information can now be output to disk by setting the environment variable NODE_V8_COVERAGE to a directory. * deps: The bundled npm was upgraded to version 6.4.1. * fs: + The methods fs.read, fs.readSync, fs.write, fs.writeSync, fs.writeFile and fs.writeFileSync now all accept TypedArray and DataView objects. + A new boolean option, withFileTypes, can be passed to fs.readdir and fs.readdirSync. If set to true, the methods return an array of directory entries. These are objects that can be used to determine the type of each entry and filter them based on that without calling fs.stat. * http2: The http2 module is no longer experimental. * os: Added two new methods: os.getPriority and os.setPriority, allowing to manipulate the scheduling priority of processes. * process: Added process.allowedNodeEnvironmentFlags. This object can be used to programmatically validate and list flags that are allowed in the NODE_OPTIONS environment variable. * src: Deprecated option variables in public C++ API. * vm: Added vm.compileFunction, a method to create new JavaScript functions from a source body, with options similar to those of the other vm methods. - 21257.diff: refresh patch (and make it forward apply) - versioned.patch, env_shebang.path: refreshed ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Updated SPEC file with Obsoletes for library, and disclaimer abot updating SPEC file directly. Also, added using KBUILD_BUILD_TIMESTAMP to create reproducable man pages (bsc#1047218) - Upgraded to upstream open-iscsi version 2.0.877, which will be merged with our (few) changes and tagged 2.0.877-suse. See the Changelog file for a details list of changes in this upstream update. This update replaces: * open-iscsi-2.0.876-suse.tar.bz2 (old) with * open-iscsi-2.0.877-suse.tar.bz2 (new) and resets the file: * open-iscsi-SUSE-latest.diff.bz2 to be our local changes since version 2.0.877-suse. The spec file is updated as well. ==== openssh ==== Version update (7.7p1 -> 7.8p1) Subpackages: openssh-helpers - Remove the mention of the SLE12 in the README.SUSE - Install firewall rules only when really needed (<SLE15) - Version update to 7.8p1: * For most details see release notes file * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format - Rebase patches to apply on 7.8p1 release: * openssh-7.7p1-fips.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-gssapi_key_exchange.patch * openssh-7.7p1-audit.patch * openssh-7.7p1-openssl_1.1.0.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch * openssh-7.7p1-disable_short_DH_parameters.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-pam_check_locks.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-systemd-notify.patch * openssh-7.7p1-X11_trusted_forwarding.patch - Dropped patches: * openssh-7.7p1-lastlog.patch * openssh-7.7p1-blocksigalrm.patch - Do not use env in script cavs_driver-ssh.pl - Added pam_keyinit to pam configuration file [bsc#1081947] - Format with spec-cleaner - Reduce conditionals to support SLE12+ only - Split out bundled patches to be normal patches applied over the package (use -p1 for patches): * openssh-7.7p1-allow_root_password_login.patch * openssh-7.7p1-X11_trusted_forwarding.patch * openssh-7.7p1-lastlog.patch * openssh-7.7p1-enable_PAM_by_default.patch * openssh-7.7p1-eal3.patch * openssh-7.7p1-blocksigalrm.patch * openssh-7.7p1-send_locale.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-remove_xauth_cookies_on_exit.patch * openssh-7.7p1-pts_names_formatting.patch * openssh-7.7p1-pam_check_locks.patch * openssh-7.7p1-disable_short_DH_parameters.patch * openssh-7.7p1-seccomp_getuid.patch * openssh-7.7p1-seccomp_geteuid.patch * openssh-7.7p1-seccomp_stat.patch * openssh-7.7p1-seccomp_ipc_flock.patch * openssh-7.7p1-seccomp_ioctl_s390_EP11.patch * openssh-7.7p1-fips.patch * openssh-7.7p1-cavstest-ctr.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-systemd-notify.patch * openssh-7.7p1-gssapi_key_exchange.patch * openssh-7.7p1-audit.patch * openssh-7.7p1-openssl_1.1.0.patch * openssh-7.7p1-disable_openssl_abi_check.patch * openssh-7.7p1-no_fork-no_pid_file.patch * openssh-7.7p1-host_ident.patch * openssh-7.7p1-sftp_force_permissions.patch * openssh-7.7p1-X_forward_with_disabled_ipv6.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch ==== opus ==== Version update (1.2.1 -> 1.3) - Update to 1.3: - improved speech/music detection based on a neural network - low-bitrate speech improvements - support for immersive audio using ambisonics - tone quality improvements - updates to the Opus standard (rfc 8251) are on by default - security improvements - Clean up SPEC to the latest standards ==== oxygen5 ==== Version update (5.14.1 -> 5.14.2) - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== pcmanfm ==== Version update (1.2.5 -> 1.3.0) Subpackages: pcmanfm-lang - Trim bias and history lesson from description. - new upstream release of pcmanfm 1.3.0 * Fixed potential access violation, use runtime user dir instead of tmp diri for single instance socket. * Fixed an issue with losing icons on desktop, when file name has a ?[? char. * Added a missing tooltip for ?New Window? toolbar button. * Fixed an issue when single instance socket directory did not exist (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874753). ==== pcsc-lite ==== Version update (1.8.23 -> 1.8.24) Subpackages: libpcsclite1 - Updated to version 1.8.24 * SCardGetStatusChange(): Fix a rare race condition * SCardReleaseContext(): do not release a lock owned by another context * SCardReconnect(): suspend card auto power off * Allow "=" in serial driver filenames * Add the thread id in the pcscd log lines * pcsc-spy: correctly handle incomplete log file * Simclist: avoid to divide by zero in list_findpos() * Some other minor improvements ==== plasma-browser-integration ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma-browser-integration-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * Lower Qt dependency to 5.9 ==== plasma-nm5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma-nm5-lang plasma-nm5-openconnect plasma-nm5-openvpn plasma-nm5-pptp plasma-nm5-vpnc - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * Show correct current download and upload speed - Revert yet another commit for 42.3: * 0001-Revert-Show-correct-current-download-and-upload-spee.patch ==== plasma5-addons ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma5-addons-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * [Minimize All Plasmoid] Import QtQuick 2.7 (kde#399947) ==== plasma5-desktop ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma5-desktop-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * Remove. * Focus handling fixes (kde#399566) * [Kicker] Rename id column to itemColumn * Add accessibility information to desktop icons ==== plasma5-integration ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.14.2 ==== plasma5-pa ==== Version update (5.14.1 -> 5.14.2) Subpackages: plasma5-pa-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== plasma5-workspace ==== Version update (5.14.1 -> 5.14.2) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - Changes since 5.14.1: * Plasmashell freezes when trying to get free space info from mounted remote filesystem after losing connection to it (kde#397537) * [Lock Screen] Do not try to unlock when unvisible (kde#395671) * KRunner: remove no longer existant and unused column from SQL query (kde#398305) - Don't require plasma-nm5, recommend it only - Add mkfontdir requires ==== plymouth ==== Version update (0.9.3+git20180827.0a66272 -> 0.9.3+git20181016.a588b3f) Subpackages: libply-boot-client4 libply-splash-core4 libply-splash-graphics4 libply4 plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft plymouth-plugin-script plymouth-plugin-two-step plymouth-scripts - Update to version 0.9.3+git20180827.0a66272: * boot-server: free the argument and triggers * event-loop: fix leak in error path * script: fix various memory leaks * key-file: ply_key_file_get_value returns duplicated memory, fix memory leaks. * event-loop: fix leak in error path * boot-splash: fix memory leak in error path * populate-initrd: drop unused local variable ==== polkit-kde-agent-5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: polkit-kde-agent-5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== powerdevil5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: powerdevil5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== purple-carbons ==== Version update (0.2.0 -> 0.2.1) - Update to version 0.2.1: * Add a missing null check. * Delete some unused constants. - Remove purple-carbons-fix-omemo-crash.patch: Merged upstream. ==== python-cffi ==== Subpackages: python2-cffi python3-cffi - Fix calling of py.test executor. ==== python-kiwi ==== Version update (9.16.18 -> 9.16.27) - Bump version: 9.16.26 ? 9.16.27 - Use %{ix86} rather than %ix86 in spec template Clear macro annotation prevents clarity issues - Fixed spec file for gfxboot requires Require gfxboot but only for the x86 architecture - Bump version: 9.16.25 ? 9.16.26 - Move the default rpm database path into Defaults class - Handle default uri mime type in Defaults class - Add a hardcoded rpm database path to import trusted keys This commits adds a hardcoded rpm database location to make sure the imported keys are in the expected location for zypper. Fixes #855 - Allow simple path source in Uri class This patch is needed as follow up fix for the setup of the package cache in local repositories. The is_remote method from the Uri class is used to identify if a repostory source is remote or local. At that point the initial repository source was already translated into its components. In case of a local repository the Uri instance now receives a simple path and the is_remote method raised with a style error. This patch allows the Uri class to be more friendly and initializes a local path as file:/ typed source. Related to Issue #847 - Bump version: 9.16.24 ? 9.16.25 - Add timestamp to logfile entries On the console output we use a log format with timestamps This is useful for the logfile contents too - sort package list which accompanies the image This makes it much easier to diff the lists of two images to find out the differences in package versions. - Don't cache packages from local repos for zypper Access to packages from local repositories is as fast as reading them from a cache location. The additional package copy and cache update is superfluous and should be avoided. This Fixes #847 - Bump version: 9.16.23 ? 9.16.24 - Update /etc/machine-id management docs Updates the information about how /etc/machine-id is treated in KIWI and provides some hints for old systems where /var/lib/dbus/machine-id is not a symlink to /etc/machine-id Related to #843 - Unpack root.tar.gz file for LVM integration test - Added LVM integration test build - Bump version: 9.16.22 ? 9.16.23 - Added machine id setup in dracut preparation In case of a dracut booted image we empty out the systemd machine-id configuration file to trigger the rebuild of that information by the dracut boot code at boot time. This allows for unique systemd identifiers if the same image gets deployed on different machines. This also makes the script implementations people put in in config.sh or images.sh to solve this problem obsolete. This Fixes #843 - Fix use of uri type in debootstrap call Referencing a file in a debootstrap call is done using the file:/ source type. However when using file:// debootstrap does something different and failed to find the file. The additional / had a bad impact to the call. - Bump version: 9.16.21 ? 9.16.22 - Delete obsolete rhel/fedora doc move With the fix to use the rpm macro consistently it is no longer required to move around the docs - Bump version: 9.16.20 ? 9.16.21 - Fixed package specs for dracut modules on fedora dracut-network is a separate package on Fedora/RHEL too - Add alternative search path for syslinux binaries On debian/ubuntu systems /usr/lib/ISOLINUX is a valid search path for syslinux binaries like isolinux.bin. This Fixes #839 - Fixed package doc install target The spec file uses the %{_defaultdocdir} macro but the corresponding Makefile target used a hardcoded path which lead to inconsistencies on debian/ubuntu based systems. This Fixes #838 - Fixed package specs for dracut modules on debian btrfs tools are provided by btrfs-tools package and not by btrfs-progs. In addition dracut-network is a separate package on debian/ubuntu based distributions. This Fixes #837 - Don't require gfxboot on rhel/fedora - Fixup zypper calls in documentation The way the documentation describes the zypper call to add a repository was wrong in several places. - Added gfxboot to required packages in spec kiwi calls gfxboot as tool when building live iso images. Thus this tool provided by the gfxboot package should be a requirement for kiwi - Bump version: 9.16.19 ? 9.16.20 - rebuild auto generated code with stable generateDS For some reason the xml_parse code generated by generateDS v2.29.24 caused warnings on simple type XSD patterns. Therefore I rebuild the code with the stable build version v2.29.14 which fixed that issue - Fixup README travis and codacy status badges - Adding bugfix trace for bsc#1110869 bsc#1108508 ticket was fixed with request #831 from SUSE/fix_uri_handler - Include livenet module with dmsquash-live support The upstream dracut dmsquash-live module supports network mode with the livenet module. But that module must be explicitly included and is not fetched automatically. This Fixes #827 - Bump version: 9.16.18 ? 9.16.19 - Rename private method to be more expressive - Add Codec utils for bytes literals decoding In case of a literal decoding failure it tries to decode the result in utf-8. This is handy in python2 environments where python and the host might be using different charset configurations. In python3 this issue seams to be solved. Fixes #829 and bsc#1110871 - Fixed URI handling with token query option So far only the query format ?credentials=... was supported. In case of ?random_token_data the returned uri was truncated and also the format check on the query caused a python trace. This Fixes #830 and Fixes #828 - Make use of the quiet flag of mountpoint command This commit sets the use of -q flag of mountpoint. Kiwi only checks the return code, thus any stdout is useless in this case. Fixes #829 - Eliminate redundant code Create a helper method, _create_volume_no_zero, which calls the lvreate command with appropriate options and calls the vgscan command immeditately afterwards to create any missing /dev nodes. - Fixed broken link to ec2uploadimg tool - Update contact information We moved from IRC to Matrix as chat platform. Thus the documentation needs to be updated accordingly - Fixes LVM based image creation in OBS While attempting to create LVM based images under the Open Build Service I recently ran into some issues related to the fact that there is no udev running in the chroot environment used to build kiwi based images. Two workarounds have been implemented in this patch: (1) When calling lvcreate, include the `-Zn` option to disable the automatic zeroing of the header of the newly created LV device; doing so requires that the LV device's /dev entry exists immediately after it has been created, but in a chroot'd environment udev isn't going to be running to automatically populate /dev/<vg_name>/<lv_name> or /dev/mapper/<vg_name>-<lv_name>. This should be safe to do since the LV is being created within a loopback device based partition, which is backed by a zero filled file, created by qemu-img. (2) After creating an LV we need to run `vgscan --mknodes` to create the required device nodes under /dev, which won't be automatically created since udev isn't running in the chroot'd environment. Unit tests updated to account for additional `-Zn` arguments that are being passed to `lvcreate` and for additional call that is being made to `vgscan --mknodes`. This fixes #824. ==== python-matplotlib ==== Version update (3.0.0 -> 3.0.1) Subpackages: python3-matplotlib python3-matplotlib-cairo python3-matplotlib-gtk3 - Update to version 3.0.1 * Fix failure to import bug when on Python 3.6.7 and 3.7.1 * Fixed a number of failure to import bugs around finding fonts * Fix Qt4 backend * Fix bug on OSX that recursively searched current directory for fonts * Fix bouncing-rocket on OSX when doing backend fallback and not selecting OSX * Temporarily restore several private APIs to unbreak cartopy * Make pyplot more tolerant of varying signatures in 3rd-party sub-classe * Improve datetime64 unit handling * Fixed several poor interactions with tight_layout ==== python-pycryptodome ==== - remove pycryptodomex copy in this package container ==== qqc2-desktop-style ==== Version update (5.50.0 -> 5.51.0) - Run spec-cleaner - Update to 5.51.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.51.0.php - Changes since 5.50.0: * small default padding when there is a background * Make it compile with "KDEFrameworkCompilerSettings" ==== re2 ==== Version update (20180901 -> 20181001) - update to 2018-10-01: * developer visible changes only ==== remmina ==== Version update (1.2.31.4 -> 1.2.32) Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp - new plugin remmina-plugin-st (simple terminal) - Upgraded to 1.2.32 * Avoid to save last_success property if stats are not enabled. * GW auth data was saved in the server auth data. * Do not register socket plugins when X11 is not available. * Screenshot enhancements. * RDP GW authentication. * Adding global preference for search bar visibility. * Allow wayland backend again when GTK >= 3.22.27. * Added turkish translation. * Add option to honour https_proxy and http_proxy environment variable. * Force program name to app id. * Printing builds flags with remmina --full-version command option. * Fix KB grabbing when switching workspace. * Dealing correcthly with some deprecations, getting rid of most of G_GNUC_BEGIN_IGNORE_DEPRECATIONS. * Improving file type hadling. * Adding error check on remmina_pref_save. * Many bug fixing as usual. ==== rpm ==== Version update (4.14.1 -> 4.14.2.1) Subpackages: rpm-build rpm-devel - update to rpm-4.14.2.1 * fix regression in --setperms and --setugids - update to rpm-4.14.2 * new configurable, mandatory package verification level * new package verification phase in rpmtsRun() * new --setcaps and --restore options * new --whatobsoletes and --whatconflicts query options - dropped patches: * disttag-macro.diff * reproducible-debuginfo.patch * debugedit-bnc1076819.diff * hardlinks.diff * debugedit-riscv.patch * safesymlinks.diff * verifynodup.diff ==== rubygem-bundler ==== Version update (1.16.3 -> 1.16.6) - update to version 1.16.6 Changes: - Add an error message when adding a gem with `bundle add` that's already in the bundle ([#6341](https://github.com/bundler/bundler/issues/6341), @agrim123) - Add Homepage, Source Code and Chanagelog URI metadata fields to the `bundle gem` gemspec template (@walf443) Bugfixes: - Fix issue where updating a gem resulted in the gem's version being downgraded when `BUNDLE_ONLY_UPDATE_TO_NEWER_VERSIONS` was set ([#6529](https://github.com/bundler/bundler/issues/6529), @theflow) - Fix some rescue calls that don't specifiy error type (@utilum) - Fix an issue when the Lockfile would contain platform-specific gems that it didn't need ([#6491](https://github.com/bundler/bundler/issues/6491), @segiddins) - Improve handlding of adding new gems with only a single group to the Gemfile in `bundle add` (@agrim123) - Refactor check for OpenSSL in `bundle env` (@voxik) - Remove an unnecessary assignment in Metadata (@voxik) Documentation: - Update docs to reflect revised guidance to check in Gemfile.lock into version control for gems ([#5879](https://github.com/bundler/bundler/issues/5879), @arbonap) - Add documentation for the `--all` flag in `bundle update` (@agrim123) - Update README to use `bundle add` in usage examples (@hdf1986) - changes from version 1.16.5 Changes: - Add support for TruffleRuby (@eregon) Bugfixes: - Avoid printing git errors when checking the version on incorrectly packaged versions of Bundler ([#6453](https://github.com/bundler/bundler/issues/6453), @greysteil) - Fix issue where Bundler does not check the given class when comparing equality in DepProxy (@ChrisBr) - Handle `RangeNotSatisfiable` error in Compact Index (@MaxLap) - Check for initialized `search` variable in `LazySpecification` (@voxik) - Fix LoadError occurring in nested bundle exec calls ([#6537](https://github.com/bundler/bundler/issues/6537), @colby-swandale) - Check that Bundler::Deprecate is not an autoload constant ([#6163](https://github.com/bundler/bundler/issues/6163), @eregon) - Prefer non-pre-release versions when performing a `bundle update --patch` ([#6684](https://github.com/bundler/bundler/issues/6684), @segiddins) - updated to version 1.16.4 see installed CHANGELOG.md [#]# 1.16.4 (2017-08-17) Changes: - Welcome new members to the Bundler core team (@indirect) - Don't mutate original error trees when determining version_conflict_message (@greysteil) - Update vendored Molinillo to 0.6.6 (@segiddins) Bugfixes: - Reword bundle update regression message to be more clear to the user when a gem's version is downgraded ([#6584](https://github.com/bundler/bundler/issues/6584), @ralphbolo) - Respect --conservative flag when updating a dependency group ([#6560](https://github.com/bundler/bundler/issues/6560), @greysteil) - Fix issue where a pre-release version was not being selected when it's specified in the Gemfile ([#6449](https://github.com/bundler/bundler/issues/6449), @akihiro17) - Fix issue where `Etc` was not loaded when getting the user's home dir ([#6640](https://github.com/bundler/bundler/issues/6640), @colby-swandale) - Use UTF-8 for reading files including Gemfile ([#6660](https://github.com/bundler/bundler/issues/6660), @eregon) - Remove unnecessary `while` loop in path resolver helper (@ojab) Documentation: - Document that `bundle show [--paths]` sorts results by name (@kemitchell) ==== rubygem-commander ==== Version update (4.4.5 -> 4.4.6) - updated to version 4.4.6 see installed History.rdoc === 4.4.6 / 2018-07-31 * Fix unexpected internal behavior change introduced in 4.4.5. ==== rubygem-devise ==== Version update (4.4.3 -> 4.5.0) - updated to version 4.5.0 see installed CHANGELOG.md [#]## 4.5.0 - 2018-08-15 * enhancements * Use `before_action` instead of `before_filter` (by @edenthecat) * Allow people to extend devise failure app, through invoking `ActiveSupport.run_load_hooks` once `Devise::FailureApp` is loaded (by @wnm) * Use `update` instead of `update_attributes` (by @koic) * Split IP resolution from `update_tracked_fields` (by @mckramer) * upgrade dependencies for rails and responders (by @lancecarlson) * Add `autocomplete="new-password"` to new password fields (by @gssbzn) * Add `autocomplete="current-password"` to current password fields (by @gssbzn) * Remove redundant `self` from `database_authenticatable` module (by @abhishekkanojia) * Update `simple_form` templates with changes from https://github.com/plataformatec/devise/commit/16b3d6d67c7e017d461ea17ed29ea... and https://github.com/plataformatec/devise/commit/6260c29a867b9a656f1e1557abe34... (by @gssbzn) * Remove `:trackable` from the default modules in the generators, to be more GDPR-friendly (by @fakenine) * bug fixes * Use same string on failed login regardless of whether account exists when in paranoid mode (by @TonyMK9068) * Fix error when params is not a hash inside `Devise::ParameterSanitizer` (by @b0nn1e) * Look for `secret_key_base` inside `Rails.application` (by @gencer) * Ensure `Devise::ParameterFilter` does not add missing keys when called with a hash that has a `default` / `default_proc` configured (by @joshpencheon) * Adds `is_navigational_format?` check to `after_sign_up_path_for` to keep consistency (by @iorme1) ==== rubygem-fluentd ==== Version update (1.2.3 -> 1.2.5) - updated to version 1.2.5 see installed CHANGELOG.md [#]# Release v1.2.5 - 2018/08/22 [#]## Bug fixes * in_tail: Fix resource leak by file rotation https://github.com/fluent/fluentd/pull/2105 * fix typos [#]# Release v1.2.4 - 2018/08/01 [#]## Bug fixes * output: Consider timezone when calculate timekey https://github.com/fluent/fluentd/pull/2054 * output: Fix bug in suppress_emit_error_log_interval https://github.com/fluent/fluentd/pull/2069 * server-helper: Fix connection leak by close timing issue. https://github.com/fluent/fluentd/pull/2087 ==== rubygem-grape ==== Version update (1.0.3 -> 1.1.0) - updated to version 1.1.0 see installed CHANGELOG.md [#]## 1.1.0 (8/4/2018) [#]### Features * [#1759](https://github.com/ruby-grape/grape/pull/1759): Instrument serialization as `'format_response.grape'` - [@zvkemp](https://github.com/zvkemp). [#]### Fixes * [#1762](https://github.com/ruby-grape/grape/pull/1763): Fix unsafe HTML rendering on errors - [@ctennis](https://github.com/ctennis). * [#1759](https://github.com/ruby-grape/grape/pull/1759): Update appraisal for rails_edge - [@zvkemp](https://github.com/zvkemp). * [#1758](https://github.com/ruby-grape/grape/pull/1758): Fix expanding load_path in gemspec - [@2maz](https://github.com/2maz). * [#1765](https://github.com/ruby-grape/grape/pull/1765): Use 415 when request body is of an unsupported media type - [@jdmurphy](https://github.com/jdmurphy). * [#1771](https://github.com/ruby-grape/grape/pull/1771): Fix param aliases with 'given' blocks - [@jereynolds](https://github.com/jereynolds). ==== rubygem-hashie ==== Version update (3.5.7 -> 3.6.0) - updated to version 3.6.0 see installed CHANGELOG.md [#]# [3.6.0] - 2018-08-13 [3.6.0]: https://github.com/intridea/hashie/compare/v3.5.7...v3.6.0 [#]## Added * [#455](https://github.com/intridea/hashie/pull/455): Allow overriding methods when passing in a hash - [@lnestor](https://github.com/lnestor). [#]## Fixed * [#435](https://github.com/intridea/hashie/pull/435): Mash `default_proc`s are now propagated down to nested sub-Hashes - [@michaelherold](https://github.com/michaelherold). * [#436](https://github.com/intridea/hashie/pull/436): Ensure that `Hashie::Extensions::IndifferentAccess` injects itself after a non-destructive merge - [@michaelherold](https://github.com/michaelherold). * [#437](https://github.com/intridea/hashie/pull/437): Allow codependent properties to be set on Dash - [@michaelherold](https://github.com/michaelherold). * [#438](https://github.com/intridea/hashie/pull/438): Fix: `NameError (uninitialized constant Hashie::Extensions::Parsers::YamlErbParser::Pathname)` in `Hashie::Mash.load` - [@onk](https://github.com/onk). * [#457](https://github.com/intridea/hashie/pull/457): Fix `Trash` to allow it to copy properties from other properties - [@michaelherold](https://github.com/michaelherold). [#]## Miscellaneous * [#433](https://github.com/intridea/hashie/pull/433): Update Rubocop to the most recent version - [@michaelherold](https://github.com/michaelherold). * [#434](https://github.com/intridea/hashie/pull/434): Add documentation around Mash sub-Hashes - [@michaelherold](https://github.com/michaelherold). * [#439](https://github.com/intridea/hashie/pull/439): Add an integration spec for Elasticsearch - [@michaelherold](https://github.com/michaelherold). ==== squid ==== - Create runtime directories needed when SMP mode is enabled. (bsc#1112695, bsc#1112066) - Make changelog entries format consistent ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-coredump systemd-logger systemd-sysvinit udev - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. While at it, don't ship this script (as well as systemd-sysv-convert) when sysvcompat is not defined. - Import commit 19b3868d32af20f1ecc86fe3c997144ff456fd65 06c2284d64 core: introduce systemd.early_core_pattern= kernel cmdline option 479b002083 core: add missing 'continue' statement c7fbccc62e journald: don't ship systemd-journald-audit.socket (bsc#1109252) f17a6c790c detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) 5a1aa84544 compat-rules: generate more compat by-id symlinks for NVMe devices (bsc#1095096) ==== systemsettings5 ==== Version update (5.14.1 -> 5.14.2) Subpackages: systemsettings5-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== thunar ==== Version update (1.8.1 -> 1.8.2) Subpackages: libthunarx-3-0 thunar-lang - update to 1.8.2: - Custom actions without an icon could caused the file manager to crash (Bug #14464) - Fixed segfault while clicking or typing when using wayland (Bug #14461) - Spinner still active after user cancels to mount volume (Bug #14536) - Fix standard view border during drag and drop (Bug #14523) - Fix build without HAVE_GIO_UNIX (Bug #12863) - Fix messed up row-height with disabled "automatically expand columns as needed" in detailed view. (Bug #14548) - Add custom date format Bug (#14527) - Avoid segfault on file operations (Bug #14281) - Update progress when deleting files (Bug #14102) - More options for thumbnail size (Bug #14451) - Show numeric(%) progress in file operation dialog (Bug #14102) - Add Ctrl+= as alternative accelerator for Zoom In (Bug #14586) - Fix UCA forgets keyboard shortcut (Bug #14617) - Add preference to open new thunar instances as tabs (Bug #13314) - Add support for folder.jpg (Bug #14576) - Show file size in binary units by default (Bug #14653) - Removed start limit from Bulk Renamer to rename by number (Bug #14437) - Added preferences item to toggle 'delete' in the context menu (Bug #13327) - Added infobox to preferences in order to inform about missing gvfs - Right mouse click will not display icons for custom actions (Bug #14685) - Allow tabs switch with Ctrl + PgUp/PgDown (Bug #9585) - Many minor styling fixes - Translation updates ==== tiff ==== Subpackages: libtiff5 libtiff5-32bit - security update * CVE-2018-17795 [bsc#1110358] % tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to tiff-CVE-2017-9935,CVE-2018-17795.patch * CVE-2018-16335 [bsc#1106853] % tiff-CVE-2017-11613.patch renamed to tiff-CVE-2017-11613,CVE-2018-16335,15209.patch - add a possibility to build with ASAN - security update * CVE-2018-17100 [bsc#1108637] + tiff-CVE-2018-17100.patch * CVE-2018-17101 [bsc#1108627] + tiff-CVE-2018-17101.patch ==== timezone ==== Version update (2018e -> 2018g) - timezone update 2018g: * Morocco switches to permanent +01 on 2018-10-27 (bsc#1113554) * code fixes for zic on 32 bit - Avoid build failures of timezone-java with javazic SLE/Leap 15 by using an alternative notation for a 1948-1951 DST transition in Japan. add timezone-2018f-bsc1112310.patch, fixes boo#1112310 - timezone update 2018f: * Volgograd moves from +03 to +04 on 2018-10-28. * Fiji ends DST 2019-01-13, not 2019-01-20. * Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700) * Corrections to past timestamps of DST transitions * Use "PST" and "PDT" for Philippine time * minor code changes to zic handling of the TZif format * documentation updates ==== timezone-java ==== Version update (2018e -> 2018g) - timezone update 2018g: * Morocco switches to permanent +01 on 2018-10-27 (bsc#1113554) * code fixes for zic on 32 bit - Avoid build failures of timezone-java with javazic SLE/Leap 15 by using an alternative notation for a 1948-1951 DST transition in Japan. add timezone-2018f-bsc1112310.patch, fixes boo#1112310 - timezone update 2018f: * Volgograd moves from +03 to +04 on 2018-10-28. * Fiji ends DST 2019-01-13, not 2019-01-20. * Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700) * Corrections to past timestamps of DST transitions * Use "PST" and "PDT" for Philippine time * minor code changes to zic handling of the TZif format * documentation updates ==== tomcat ==== Version update (9.0.10 -> 9.0.12) Subpackages: tomcat-admin-webapps tomcat-el-3_0-api tomcat-jsp-2_3-api tomcat-lib tomcat-servlet-4_0-api tomcat-webapps - Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch ==== transactional-update ==== Version update (2.6 -> 2.10) - Update to version 2.10 - Introduce /etc overlays - Each root file system snapshot now has a dedicated /etc overlay in /var/lib/snapshots/<snapshot number>/etc - Changes in older snapshots will be visible in newer snapshots (if the file hasn't been changed in both snapshots), but not the other way around; this makes it possible to roll back to a previous snapshot even if the configuration is broken - The /etc state of the oldest active snapshot will be synchronized into the new snapshot to prevent ever growing overlays - Removed creation of /etc backup snapshots - Removed complex overlayfs cleanup handling during dracut early boot; only thing left is to output a warning if files have been changed in old and new overlay after snapshot creation - Unused overlays will be removed during "cleanup" operation - Add compatibility with snapper >= 0.7.0 - Correctly detect BTRFS ID when using multiple snapper configurations - Fix disappearing prompt in "shell" command when application was updated - Prevent accidental rollback on fast reboots (boo#1111786) - Use zypper attribute packages-to-change if available (boo#1105992 & boo#1097619) - Add kexec as reboot alternative - Added explicit --with-doc / --without-doc build configure opttions for enforcing or excluding documentation build - Removed precompiled documentation (boo#1088676) - Added more dependency checks to configure script - Small improvements to documentation - Restored compatibility with older rsync versions not supporting the -x filter - Small bugfixes for cleanup in error situations - Fix possible incorrect detection of snapshots numbers during cleanup - Mention parent in snapshot description - Add dependencies for documentation build (boo#1088676) ==== transmission ==== Subpackages: transmission-common transmission-gtk transmission-gtk-lang - fix boo#1111323 transmission-qt try to load translations from /usr/bin + upstream issue#736 recommends to use cmake instead of autotools because codes related to autotools are deprecated. Nowadays we manually install transmission-qt translations into /usr/ share/qt5/ directory where is designed for official Qt project only, while cmake will install to the right location /usr/share/ transmission/translations. + switch build time configuration from autotools to cmake - refactored transmission-appdata.patch to cmake-oriented. + handle transmission-gtk.appdata.xml translations with intltool-merge which is used by upstream for desktop files in gtk/CMakeLists.txt + handle transmission-qt.appdata.xml installation in qt/CMakeLists.txt instead of in specfile, because anyway we binary patch the -gtk.appdata.xml.in, we'd better not binary patch one while add another one as Source. so the SOURCE4 is also dropped. - add transmission-3rdparty-no-download.patch + transmission's cmake configuration will download and build some 3rd-party libraries that could not be found in system. we patch its ExternalProject_Add() method to avoid the download because there are already source codes for such 3rd-party libraries located in third-party directory. Also, our OBS build machine doesn't support downloading in the build VM. - mark COPYING with %license tag instead of %doc tag - add extras/{rpc-spec.txt,send-email-when-torrent-done.sh} as doc since upstream installs them as doc too ==== tumbler ==== Version update (0.2.1 -> 0.2.3) Subpackages: libtumbler-1-0 tumbler-lang - update to version 0.2.3 - Test sparse files only for regular files (bxo#14693). - Fix uninitialized variable (bxo#14688) - Added check to avoid sparse files, that cause high cpu and memory load. (bxo#12259). - Use hash table to avoid scanning xdg user path twice when searching for desktop thumbnailers. - Close desktop thumbnailers directory when done from it. - Accept network paths in ffmpeg thumbnailer plugin. - Use pkg-config to find FreeType > 2.9.1. - Translation Updates ==== vim ==== Version update (8.1.0451 -> 8.1.0479) Subpackages: gvim vim-data vim-data-common - Updated to revision 479, fixes the following problems * resolve() was not tested with a symlink cycle. * Checking for empty quickfix stack is not consistent. * Running test hangs when the input file is being edited. * Win32 console: key mappings don't work. * Ml_get error and crash when using "do". * Test_executable fails when there is a dog in the system. * assert_fails() does not take a message argument * Quickfix code uses too many /* */ comments. * When using ConPTY Vim can be a child process. * "simalt ~x" in .vimrc blocks swap file prompt. * Client-server test fails. * Autocmd test fails. * Too often indexing in qf_lists[]. * Pointer ownership around fname_expand() is unclear. * Some tests are flaky or fail on some systems. * Dosinst command has a few flaws. * User doesn't notice file does not exist when swap file does. * Directory where if_perl.c is written is inconsistent. * Memory not freed on exit when quit in autocmd. * Memory leaks in test_escaped_glob. * Tiny build fails. * Failure when setting 'varsofttabstop' to end in a comma. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - boo#1112729 - Add missing python3-six dep introduced by patch 0003-virtinst-python3-avoid-using-long-type.patch - Fix selection of network volumes (bsc#1100558) 5a7698c7-fix-select-network-vol.patch ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Re-enable building with python 3 for SLE/Leap 15 and Tumbleweed - Update webkit2gtk3-python3.patch. ==== wpa_supplicant ==== Subpackages: wpa_supplicant-gui - Renamed patches: - wpa-supplicant-log-file-permission.patch -> wpa_supplicant-log-file-permission.patch - wpa-supplicant-log-file-cloexec.patch -> wpa_supplicant-log-file-cloexec.patch - wpa_supplicant-log-file-permission.patch: Using O_WRONLY flag - Enabled timestamps in log files (bsc#1080798) - compile eapol_test binary to allow testing via radius proxy and server (note: this does not match CONFIG_EAPOL_TEST which sets -Werror and activates an assert call inside the code of wpa_supplicant) (bsc#1111873), (fate#326725) - add patch to fix wrong operator precedence in ieee802_11.c wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch - add patch to avoid redefinition of __bitwise macro wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch - Added wpa-supplicant-log-file-permission.patch: Fixes the default file permissions of the debug log file to more sane values, i.e. it is no longer world-readable (bsc#1098854). - Added wpa-supplicant-log-file-cloexec.patch: Open the debug log file with O_CLOEXEC, which will prevent file descriptor leaking to child processes (bsc#1098854). - Added rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). ==== xdg-desktop-portal-kde ==== Version update (5.14.1 -> 5.14.2) Subpackages: xdg-desktop-portal-kde-lang - Update to 5.14.2 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.14.2.php - No code changes since 5.14.1 ==== xf86-input-libinput ==== Version update (0.28.0 -> 0.28.1) - Update to version 0.28.1 * Only two commits, only one that really matters: previously the driver used the per-device slot number to fetch the tracking IDs from a driver-internal array. Because devices re-use slots, this could cause a tracking ID mismatch when two touchscreens had the finger down at the same time. This is now fixed by switching to libinput's seat-wide slot number instead. ==== xf86-video-nouveau ==== - Add ppc64le to ExclusiveArch. No need to exclude. ==== xfce4-panel-plugin-battery ==== Version update (1.1.0 -> 1.1.1) Subpackages: xfce4-panel-plugin-battery-lang - update to version 1.1.1: - Avoid memory leaks - Bump to minimal Gtk to 3.16 - Only set progressbar width or height depending on the orientation (bxo#12942) - Create a single GtkCssProvider in setup_battmon() (bxo#12975) - Improved spacing and layout in dialogs (bxo#14659) - use %license tag for license files ==== xfce4-panel-plugin-cpufreq ==== Version update (1.2.0 -> 1.2.1) Subpackages: xfce4-panel-plugin-cpufreq-lang - update to 1.2.1: * Improved spacing in dialogs (bxo#14661) * Check if each cpu is online (bxo#14641) * Use xfce_panel_plugin_lookup_rc_file (bxo#11823) * Translation updates ==== xfce4-panel-plugin-weather ==== Version update (0.8.10 -> 0.9.0) Subpackages: xfce4-panel-plugin-weather-lang - update to 0.9.0 * Port to GTK+ 3 - Preferences dialog ported to Glade - Replaced individual header includes - Replaced deprecated symbols - Replaced direct access with accessor functions - Improved forecast background with dark and light themes - Improved spacing in the preference and forecast dialogs - Added small (3px) padding between weather icon and scrollbox - Fixed full debug builds * Port to libsoup 2.42 * Use HTTPS where possible * Translation updates ==== xfce4-panel-plugin-whiskermenu ==== Version update (2.2.1 -> 2.3.0) Subpackages: xfce4-panel-plugin-whiskermenu-lang - update to 2.3.0: * Fix sidebar wider than iconless categories. * Add buttons for individual logout commands. (bxo#14639) * Add option to stay visible when focus is lost. (bxo#12240) * Always allow positioning commands next to search. * Improve preferences spacing. (bxo#14683) * Translation updates ==== xfce4-session ==== Subpackages: libxfsm-4_6-0 xfce4-session-lang - add add-light-locker-support.patch to add support to light-locker -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org