Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.0&build=183.1&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.0 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: LibVNCServer Mesa Mesa-drivers augeas (1.9.0 -> 1.10.1) btrfsmaintenance (0.4 -> 0.4.1) colord (1.4.1 -> 1.4.2) digikam (5.8.0 -> 5.9.0) empathy (3.25.90 -> 3.12.14) gnome-dictionary graphite2 java-11-openjdk (11.0.0.0~4 -> 11.0.0.0~5) libgcrypt libgit2 (0.26.0 -> 0.26.3) libidn libnettle libnss_usrfiles libqt5-qtmultimedia libqt5-qtwebkit mozc nautilus-sendto re2 (20180201 -> 20180301) transmission (2.92 -> 2.93) unar unixODBC (2.3.4 -> 2.3.6) vinagre === Details === ==== LibVNCServer ==== - security update * CVE-2018-7225 [bsc#1081493] + LibVNCServer-CVE-2018-7225.patch ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 libwayland-egl1 - Update to 18.0.0-rc5 * The fifth and final release candidate for Mesa 18.0.0. Modulo serious regressions, it is anticipated that it will become Mesa 18.0.0 this Friday (2018-03-23) around 16:00 GMT - supersedes u_glsl-linker-error.patch - no longer try to use non-existing python3-mako as BuildRequires on Leap 42.3 - u_st-dri-don-t-set-queryDmaBufFormats-queryDmaBufModif.patch * Fixes laggy mouse in Wayland. (fdo#104926) ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - Update to 18.0.0-rc5 * The fifth and final release candidate for Mesa 18.0.0. Modulo serious regressions, it is anticipated that it will become Mesa 18.0.0 this Friday (2018-03-23) around 16:00 GMT - supersedes u_glsl-linker-error.patch - no longer try to use non-existing python3-mako as BuildRequires on Leap 42.3 - u_st-dri-don-t-set-queryDmaBufFormats-queryDmaBufModif.patch * Fixes laggy mouse in Wayland. (fdo#104926) ==== augeas ==== Version update (1.9.0 -> 1.10.1) Subpackages: augeas-lenses libaugeas0 - update to 1.10.1: General changes/additions New CLI utility 'augmatch' to print the tree for a file and select some of its contents New command 'count' in augtool New function 'not(bool) -> bool' for path expressions The path expression 'label[. = "value"]' can now be written more concisely as 'label["value"]' API changes libfa has now a function fa_json to export an FA as a JSON file, and fa_state_* functions that make it possible to iterate over the FA's states and transitions. (Pedro Valero Mejia) Add functions aug_ns_label, aug_ns_value, aug_ns_count, and aug_ns_path to get the label (with index), the value, the number of nodes, and the fully qualified path for nodes stored in a nodeset in a variable efficiently Lens changes/additions Grubenv: new lens to process /boot/grub/grubenv (omgold) Httpd: also read files from /etc/httpd/conf.modules.d/*.conf (Tomas Meszaros) (Issue #537) Nsswitch: allow comments at the end of a line (Philip Hahn) (Issue #517) Ntp: accept 'ntpsigndsocket' statement (Philip Hahn) (Issue #516) Properties: accept empty comments with DOS line endings (Issue #161) Rancid: new lens for RANCiD router databases (Matt Dainty) Resolv: accept empty comments with DOS line endings (Issue #161) Systemd: also process /etc/systemd/logind.conf (Pat Riehecky) YAML: process a document that is just a sequence (John Vandenberg) - drop chrpath dependency, the offending dump binary is no longer shipped - Use %license (boo#1082318) ==== btrfsmaintenance ==== Version update (0.4 -> 0.4.1) - update to version 0.4.1 - defrag plugin: python2 and 3 compatibility - defrag plugin: target extent size lowered to 32MiB (#43) - shell compatibility fixes - systemd unit type fixes - Removed patch: python3-support-bsc1070322.diff (upstream) - Add missing btrfsmaintenance-refresh.path [bsc#1084871] - Use %license [bsc#1082318] ==== colord ==== Version update (1.4.1 -> 1.4.2) Subpackages: colord-color-profiles colord-lang libcolord2 libcolorhug2 - Update to version 1.4.2: + New Features: - Add cd_icc_set_created. - Add --enable-timestamps option for CREATED header. + Bugfixes: - Avoid buffer overflow when reading profile_id. - Fix the detection of duplicate EDIDs. - Make udev hwdb optional by using pnp.ids as fallback. - Raise _XOPEN_SOURCE to 700 to enable C99 on FreeBSD. - Refactor build directory selection. - Set cd-create-profile date to SOURCE_DATE_EPOCH. - Pass new option enable-udev-rules=true to meson. - Modernize spec-file by calling spec-cleaner ==== digikam ==== Version update (5.8.0 -> 5.9.0) Subpackages: digikam-doc digikam-lang kipi-plugins kipi-plugins-lang libdigikamcore5 showfoto - Update to 5.9.0: * https://www.digikam.org/news/2018-03-25-5.9.0_release_announcement/ - New features (from NEWS): General : Libraw updated to last 0.18.8. - 45 bugs fixed - Drop upstream patches: * fix-font-size-in-tooltips.patch * digikam-5.8.0.fix-db-migration-0001.patch * digikam-5.8.0.fix-db-migration-0002.patch * digikam-5.8.0.fix-db-migration-0003.patch * digikam-5.8.0.fix-db-migration-0004.patch * update-internal-libraw-to-last-stable-0.18.7.patch * update-internal-libraw-to-last-0.18.8.patch - Drop fix-italian-docs-with-older-kdoctools.patch, Leap 42.2 is no longer supported - Don't try to delete libkvkontakte translations, they are no longer installed (kde#369517) - Also don't try to delete *.a files and locale/x-test, no longer necessary ==== empathy ==== Version update (3.25.90 -> 3.12.14) Subpackages: empathy-lang telepathy-mission-control-plugin-goa - Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). - Revert to version 3.12.14. ==== gnome-dictionary ==== Subpackages: gnome-dictionary-lang - Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). ==== graphite2 ==== - Use python3 everywhere - Drop fonttools test dep as it pulls TON of py3 packages ==== java-11-openjdk ==== Version update (11.0.0.0~4 -> 11.0.0.0~5) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11+5 * Fixes: + S8160767: [TEST_BUG] java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java + S8182684: Further clarify InputStream#available() + S8183554: Add constructors with Charset parameter for FileReader and FileWriter + S8187635: On Windows Swing changes keyboard layout on a window activation + S8188240: Reflection Proxy should skip static methods + S8189230: JDK method: java.lang.Integer.numberOfLeadingZeros(int) can be optimized + S8190347: [TESTBUG] Test javax/swing/JWindow/ /ShapedAndTranslucentWindows/TranslucentJComboBox.java fails + S8190767: if JFrame is maximized on OS X, all new JFrames will be maximized by default + S8193017: Import freetype sources into OpenJDK source tree + S8193584: (testbug) TestSocketFactory fails intermittently with ConcurrentModificationException + S8194767: Regression automated Test 'javax/swing/JEditorPane/6917744/bug6917744.java' fails + S8194943: Regression automated test 'open/test/jdk/javax/ /swing/JInternalFrame/8020708/bug8020708.java' fails + S8195738: scroll poistion in ScrollPane is reset after calling validate() + S8196435: Regression automated Test 'java/awt/Mouse/ /GetMousePositionTest/GetMousePositionWithOverlay.java' fails + S8196748: tools/jar tests need to tolerate unrelated warnings + S8197785: javax.accessibility.AccessibleBundle will reload the ResourceBundle for every call to toDisplayString + S8198406: Test TestAATMorxFont is unstable + S8198605: Touch keyboard is shown for a non-focusable text component + S8198606: Touch keyboard does not hide, when a text component looses focus + S8198613: Test cases result in failure or timeout when run with OpenGL backend + S8198777: JList.getPreferredScrollableViewportSize(): fix mistake in doc for height calc + S8198889: Clarify the throwing of exceptions from ConstantBootstraps.invoke + S8198922: Provide instrumentation for sanity/client/SwingSet/src/ButtonDemoScreenshotTest.java + S8198989: Provide more diagnostic IAE messages + S8199009: test/jdk/java/util/Locale/SoftKeys.java fails with OutOfMemoryError + S8199022: New failures should be added to ProblemList + S8199215: Re-examine getFreePort method in test infrastructure library + S8199258: BigInteger.bitLength() should explicitly specify behavior when the value is zero + S8199329: Remove code that attempts to read bytes after connection reset reported + S8199420: Update javadoc tags in java.lang.System and related + S8199423: Create builds-infra Mach5 job + S8199428: install-file macro fails on filenames with space on Solaris + S8199443: Nashorn multithread bottleneck with "use strict" + S8199451: Create linux-aarch64 cross-compilation devkit, and fix cross-compilation + S8199453: Enable link-time generation of constructor forms + S8199462: Use Reference.reachabilityFence in direct ByteBuffer methods + S8199464: Remove remaining vestiges of Java_sun_reflect_Reflection_getCallerClass + S8199469: Disable generate-jli-classes when building interim-image + S8199470: Remove unused property file.encoding.pkg + S8199471: Enable generation of callSiteForms at link time + S8199473: Support Visual Studio BuildTools with VS2017 + S8199483: Clean up some non-standard LDFLAGS usage + S8199606: Set -lc as global LIBS on solstudio + S8199611: (se) Minor selector implementation clean-up + S8199616: Fix @module declarations in tier1 tests + S8199636: Unify naming for jaas_unix and jaas_nt + S8199639: Introduce SetupJdkLibrary and SetupJdkExecutable + S8199640: Split up BUILD_LIBKRB5 into the two, unrelated compilations it consists of + S8199647: java/util/Locale/SoftKeys.java fails with OutOfMemoryError again + S8199668: make/lib cleanup + S8199681: Remove boilerplate code from creating native jtreg tests + S8199745: JDK-8199668 introduced a build race on macosx - Modified patches: * system-pcsclite.patch * java10-improved-fonts.patch -> java11-improved-fonts.patch + Rediff to changed context ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-32bit - Use %license (boo#1082318) ==== libgit2 ==== Version update (0.26.0 -> 0.26.3) - Update to 0.26.3: * Fix cloning of the libgit2 project with git clone --recursive by removing an invalid submodule from our testing data. * Fix endianness of the port in p_getaddrinfo(). * Fix handling of negative gitignore rules with wildcards. * Fix handling of case-insensitive negative gitignore rules. * Fix resolving references to a tag if the reference is stored with its fully resolved OID in the packed-refs file. * Fix checkout not treating worktree files as modified when only their mode has changed. * Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES. * Fixes memory handling issues when reading crafted repository index files. The issues allow for possible denial of service due to allocation of large memory and out-of-bound reads. (CVE-2018-8098 bnc#1085257 CVE-2018-8099 bnc#1085256) * Updates the bundled zlib to 1.2.11. Users who build the bundled zlib are vulnerable to security issues in the prior version. - Modernize spec-file by calling spec-cleaner ==== libidn ==== - Add patch to fix bsc#1056450 CVE-2017-14062: * libidn-CVE-2017-14062.patch - Use %license (boo#1082318) ==== libnettle ==== Subpackages: libhogweed4 libnettle6 - Use %license (boo#1082318) ==== libnss_usrfiles ==== - Use %license instead of %doc [bsc#1082318] - The default nsswitch.conf has changed again back to the old values [bsc#1074515] ==== libqt5-qtmultimedia ==== - Enable openal requirement in openSUSE only * For SLE where that dependency is not available (bsc#886207) ==== libqt5-qtwebkit ==== Subpackages: libQt5WebKit5 libQt5WebKit5-imports libQt5WebKitWidgets5 - Set minimum amount of RAM in _constraints to 8 GiB for aarch64, use the default value of 6 GiB for armv7/armv6 ==== mozc ==== Subpackages: fcitx-mozc ibus-mozc ibus-mozc-candidate-window mozc-gui-tools - add excludearch for ppc/ppc64/s390/s390x as the code assumes little endian all over the place (bsc#1086763) ==== nautilus-sendto ==== Subpackages: nautilus-sendto-lang - Rewrite description and summary to be more accurate with current package features set. ==== re2 ==== Version update (20180201 -> 20180301) - update to 2018-03-01: * no longer linking against librd and libm * other developer visible changes ==== transmission ==== Version update (2.92 -> 2.93) Subpackages: transmission-common transmission-gtk transmission-gtk-lang - Remove marketing from description. - Update to version 2.93: + Mitigate dns rebind attacks against daemon CVE-2018-5702). + Fix crash on handshake if establishing DH shared secret fails. + Fix crash when switching to next tracker during announcement. + Fix potential issue during password salt extraction in OOM situation. + Workaround glib_DEFUN- and glib_REQUIRE-related configuration issue. + Fix building against OpenSSL 1.1.0+. - Drop 0001-transmission-build-against-openssl-1.1.0.patch: fixed upstream (commit id f91cf5a). - Drop 0002-Fix-coding-style-and-building-with-TR_LIGHTWEIGHT.patch: fixed upstream (commit id 8c8386a). - Drop CVE-2018-5072.patch: fixed upstream (commit id cf7173df). - Cleanup with spec-cleaner. - Use https url. - Use qmake/make_jobs macros for building qt binary. ==== unar ==== - revert changes from the last submission and move unrar_wrapper script to a separate package as it seems that openSUSE:Factory is not ready to obsolete unrar by unar yet [bsc#1083834], [fate#323896] ==== unixODBC ==== Version update (2.3.4 -> 2.3.6) - Add BuildRequires: pkgconfig since we install .pc files - Add unixODBC-rpmlintrc: devel files are in the right place - bsc#1062860: Recommend psqlODBC to stay feature complete - bsc#1082060: Update to 2.3.6: * Fix order of arguments in SQLWriteFileDSN.c, fix unwanted free() in iusql.c * Add pkg-config files - bsc#1082290 (CVE-2018-7409): Buffer overflow in unicode_to_ansi_copy() was fixed in 2.3.5 - bsc#1082484 (CVE-2018-7485): Swapped arguments in SQLWriteFileDSN() in odbcinst/SQLWriteFileDSN.c - Remove unixODBC-2.3.1-bison.patch: upstreamed - Remove unixODBC-iaddr.patch: upstreamed - Adapt unixODBC-2.3.1-declarations.patch to unixODBC-2.3.6-declarations.patch - Update unixODBC-gccwarnings.patch ==== vinagre ==== Subpackages: vinagre-lang - Add vinagre-invisible-fullscreen-toolbar.patch: Fix showing of toolbar as invisible in fullscreen mode (bgo#770484, boo#1008585); patch taken from upstream bug comment. - Only run post scripts for openSUSE < 1500; for newer versions these runs are taken care of rpm file triggers and no longer needed. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org