Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.1&build=463.2&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.1 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: ImageMagick autoyast2 (4.1.4 -> 4.1.5) freerdp gnome-session jasper java-11-openjdk (11.0.2.0 -> 11.0.3.0) kdump libgcrypt libvirt mozc ntfs-3g_ntfsprogs os-prober unbound xen (4.12.0_08 -> 4.12.0_10) yast2-network (4.1.44 -> 4.1.45) yast2-packager (4.1.36 -> 4.1.37) yast2-storage-ng (4.1.77 -> 4.1.83) yast2-users (4.1.11 -> 4.1.12) zlib === Details === ==== ImageMagick ==== Subpackages: libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI6 libMagickWand-7_Q16HDRI6 - provide two new packages with configuration [bsc#1122033]: * ImageMagick-config-upstream - provides configuration provided by upstream (no restrictions) * ImageMagick-config-SUSE (preferred) - provides configuration provided by SUSE (with security restrictions) and use update-alternatives for selecting configurations. - deleted patches - ImageMagick-disable-insecure-coders.patch (renamed) - added patches + ImageMagick-configuration-SUSE.patch - security update - added patches CVE-2019-11007 [bsc#1132060] + ImageMagick-CVE-2019-11007.patch CVE-2019-11008 [bsc#1132054] + ImageMagick-xwd.c-update.patch - security update - added patches CVE-2019-10650 [bsc#1131317] + ImageMagick-CVE-2019-10650.patch CVE-2019-9956 [bsc#1130330] + ImageMagick-CVE-2019-9956.patch ==== autoyast2 ==== Version update (4.1.4 -> 4.1.5) Subpackages: autoyast2-installation - Removed check for available devices. When there are no devices, the proposal issues will be shown (needed for bsc#1130256). - 4.1.5 ==== freerdp ==== Subpackages: libfreerdp2 libwinpr2 - Add Requires: lib%{name}%{major_version} = %{version}-%{release}: freerdp should depend on the same release of libfreerdp2 (boo#1129193) ==== gnome-session ==== Subpackages: gnome-session-core gnome-session-default-session gnome-session-lang gnome-session-wayland - Add gnome-session-presence-Enable-idle-detection-when-screen-locked.patch: Enable dimming screen when screen is locked (bsc#1118286 glgo#GNOME/gnome-shell#900). - Add gnome-session-s390-not-require-g-s-d_wacom.patch: Remove the gnome session runtime requirement of g-s-d Wacom plugin because it is not build on s390 (bsc#1129412). ==== jasper ==== - bsc#1117505 CVE-2018-19542 Fix NULL pointer dereference jp2_decode: Add jasper-CVE-2018-19542.patch - bsc#1010783 CVE-2016-9396 Fix reachable assertion in jpc_cox_getcompparms: * Rename 0001-jpc_cs-reject-all-but-JPC_COX_INS-and-JPC_COX_RFT.patch to jasper-CVE-2016-9396.patch - bsc#1117511 CVE-2018-19539 Fix access violation in jas_image_readcmpt: * Add jasper-CVE-2018-19539.patch ==== java-11-openjdk ==== Version update (11.0.2.0 -> 11.0.3.0) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.3+7 (April 2019 CPU) * Security fixes + S8211936, CVE-2019-2602, bsc#1132728: Better String parsing + S8214809: CDS storage improvements + S8218453, CVE-2019-2684, bsc#1132732: More dynamic RMI interactions * Other changes + S8034802: (zipfs) newFileSystem throws UOE when the zip file is located in a custom file system + S8165675: Trace event for thread park has incorrect unit for timeout + S8172695: (scanner) java/util/Scanner/ScanTest.java fails + S8187364: Unable to enter zero width non-joiner (ZWNJ) symbol in Swing text component + S8197398: (zipfs) Files.walkFileTree walk indefinitelly while processing JAR file with "/" as a directory inside. + S8200109: NMT: diff_malloc_site assert(early->flags() == current->flags(), "Must be the same memory type") + S8201818: [macosx] Printing attributes break page size set via "java.awt.print.Book" object + S8204142: AWT hang occurs when sequenced events arrive out of sequence in multiple AppContexts + S8205432: Replace the placeholder Japanese era name + S8206120: Add test cases for lenient Japanese era parsing + S8207070: Webstart app popup on wrong screen in a one-screen setup changing to multi-monitor + S8207258: Distrust TLS server certificates anchored by Symantec Root CAs + S8207760: SAXException: Invalid UTF-16 surrogate detected: d83c ? + S8207829: FlightRecorderMXBeanImpl is leaking the first classloader which calls it + S8207849: Allow the addition of more number to the Java version string + S8208275: C2 crash in Node::add_req(Node*) + S8208656: Move java/util/Calendar/CalendarTestScripts tests into OpenJDK + S8209615: ParseError in XMLEventReader on a valid input + S8209758: 2 classes with same name G1PrintCollectionSetClosure cause crash when logging is enabled + S8209960: -Xlog:jfr* doesn't work with the JFR + S8210192: Hsperf counter ParNew::CMS should be ParNew:CMS + S8210394: (zipfs) jdk/nio/zipfs/ZFSTests.java rootdir.zip: The process cannot access the file because it is being used by another process + S8210633: Cannot parse JapaneseDate string with DateTimeFormatterBuilder Mapped-values + S8210874: Test for JDK-8209615 + S8210974: No extensions debug log for ClientHello + S8210989: RSASSA-PSS certificate cannot be selected for client auth on TLSv1.2 + S8211049: Second parameter of "initialize" method is not used + S8211064: [AArch64] Interpreter and c1 don't correctly handle jboolean results in native calls + S8211100: hotspot C1 issue with comparing long numbers on x86 32-bit + S8211163: UNIX version of Java_java_io_Console_echo does not return a clean boolean + S8211267: StackOverflowError happened by TextField.setFont(...) + S8211295: DriverManager.getConnection fails when called from com.sun.rowset.JdbcRowSetImpl + S8211320: Aarch64: unsafe.compareAndSetByte() and unsafe.compareAndSetShort() c2 intrinsics broken with negative expected value + S8211382: ISO2022JP and GB18030 NIO converter issues + S8211398: Square character support for the Japanese new era + S8211698: Crash in C2 compiled code during execution of double array heavy processing code + S8211765: JarFile constructor throws undocumented exception + S8211787: javax/net/ssl/TLSCommon/TLSTest.java throws java.net.SocketTimeoutException: Read timed out + S8211821: PrintStringTableStatistics crashes JVM + S8212173: Thread._stack_base/_stack_size initialized too late for new threads + S8212232: Wrong metadata for the configuration of the cutoff for old object sample events + S8212233: javadoc fails on jdk12 with "The code being documented uses modules but the packages defined in $URL are in the unnamed module." + S8212885: TLS 1.3 resumed session does not retain peer certificate chain + S8212941: Support new Japanese era in java.time.chrono.JapaneseEra + S8213183: InputMethod cannot be used after its restarting + S8213202: Possible race condition in TLS 1.3 session resumption + S8213419: C2 may hang in MulLNode::Ideal()/MulINode::Ideal() with gcc 8.2.1 + S8213421: Line number information for execution samples always 0 + S8213583: Error while opening the JFileChooser when desktop contains shortcuts pointing to deleted files + S8213754: PPC64: Add Intrinsics for isDigit/isLowerCase/isUpperCase/isWhitespace + S8213782: NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers + S8213829: Remove circular dependency between g1CollectedHeap and g1ConcurrentMark + S8213952: Relax DNSName restriction as per RFC 1123 + S8213966: The ZGC JFR events should be marked as experimental + S8213983: [macosx] Keyboard shortcut ?cmd +`? stops working properly if popup window is displayed + S8214063: OpenJDK will not build on AIX while using the xlc 13.1 compiler + S8214100: use of keystore probing results in unnecessary exception thrown + S8214118: HeapRegions marked as archive even if CDS mapping fails + S8214122: JDWP is broken on 32 bit Windows: transport library missing onLoad entry + S8214129: SSL session resumption/SNI with TLS1.2 causes StackOverflowError + S8214189: test/hotspot/jtreg/compiler/intrinsics/mathexact/ /MulExactLConstantTest.java fails on Windows x64 when run with - XX:-TieredCompilation + S8214206: Fix for JDK-8213419 is broken on 32-bit + S8214339: SSLSocketImpl erroneously wraps SocketException + S8214352: C1: Unnecessary "compilation bailout: block join failed" with JVMTI + S8214451: PPC64/s390: Clean up unused CRC32 prototype and function + S8214513: A PKCS12 keystore from Java 8 using custom PBE parameters cannot be read in Java 11 + S8214688: TLS 1.3 session resumption with hello retry request failed with "illegal_parameter" + S8214827: Incorrect call ClassLoaders.toFileURL("jrt:/java.compiler") + S8215100: AArch64: fix compareTo intrinsic with four-character Latin/Unicode + S8215175: Inconsistencies in JFR event metadata + S8215202: AArch64: jtreg test test/jdk/sun/nio/cs/FindEncoderBugs.java fails + S8215317: [GRAAL] unit test CheckGraalIntrinsics failed after 8213754 + S8215330: javax.xml.catalog.CatalogResolverImpl: GroupEntry.matchURI fails to match + S8215362: JFR GTest JfrTestNetworkUtilization fails + S8215397: jsig.c missing classpath exception + S8215727: Restore JFR thread sampler loop to old / previous behavior + S8215947: JVM crash with -XX:+DumpSharedSpaces + S8215951: AArch64: jtreg test vmTestbase/nsk/jvmti/PopFrame/popframe005 segfaults + S8215962: Support ThreadPriorityPolicy mode 1 for non-root users on linux/bsd + S8216049: stringTable::intern creates redundant String when looking up existing one + S8216060: [PPC64] Vector CRC implementation should be used by interpreter and be faster for short arrays + S8216280: Allow later Symantec Policy distrust date for two Apple SubCAs + S8216302: StackTraceElement::fill_in can use cached Class.name + S8216308: StackTraceElement::fill_in can use injected Class source-file + S8216350: AArch64: monitor unlock fast path not called + S8216546: Support new Japanese era in java.lang.Character for Java SE 11 + S8216578: Remove unused/obsolete method in JFR code + S8216965: crash in freetypeScaler.c CopyBW2Grey8 + S8217014: Epsilon should not ignore Metadata GC causes + S8217315: Proper units should print more significant digits + S8217321: [TESTBUG] utilities/test_globalDefinitions.cpp should use _LP64, not LP64 + S8217342: Build failed with excluding JFR + S8217378: UseCriticalCMSThreadPriority is broken + S8217427: (dc) nio/channels/DatagramChannel/UseDGWithIPv6.java fails without IPv6 + S8217432: MetaspaceGC::_capacity_until_GC exceeds MaxMetaspaceSize + S8217459: [PPC64] Cleanup non-vector version of CRC32 + S8217471: [TESTBUG] gc/epsilon/TestClasses.java fails on some platforms - OOME Metaspace + S8217520: Remove vm.opt.MaxGCPauseMillis == "null" from TestOldGenCollectionUsage.java + S8217579: TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled after 8211883 + S8217597: [TESTBUG] old version docker does not support --cpus + S8217609: New era placeholder not recognized by java.text.SimpleDateFormat + S8217628: Verbose ArrayIndexOutOfBoundsException message also in JNI calls. + S8217657: Move the test for default value of jdk.includeInExceptions into own test + S8217994: os::print_hex_dump should be more resilient against unreadable memory + S8218156: "jcmd VM.metaspace basic" misreports free chunk space + S8218192: Remove copy constructor for MemRegion + S8218915: Change isJavaIdentifierStart and isJavaIdentifierPart to handle new code points + S8219251: Langtools tests default memory size needs to be 768m + S8219260: Default number of test jobs needs to be consistently calculated + S8219461: Bump update version for OpenJDK jdk11.0.3 + S8219650: [Testbug] Fix potential crashes in new test hotspot gtest "test_print_hex_dump" + S8219651: compiler/ciReplay/TestServerVM.java is failing on windows + S8219714: [testbug] com/sun/jdi/RedefineNestmateAttr/ /TestNestmateAttr.java must pass classpath to subprocess + S8219789: [TESTBUG] TestOptionsWithRanges.java produces hs_err_pidXXXXX.log file for VMThreadStackSize=9007199254740991 + S8219890: Calendar.getDisplayName() returns empty string for new Japanese Era on some locales + S8220283: ZGC fails to build on GCC 4.4.7: ATTRIBUTE_ALIGNED compatibility issue + S8220294: ZGC fails to build on GCC 4.4.7: Type parameter issue + S8221769: Revert JDK-8221767 mistakenly pushed to jdk11u 11.0.3 - Modified patch: * java11-improved-fonts.patch + Adapted to changed context ==== kdump ==== - kdump-kdumprd-Look-for-boot-image-and-boot-Image.patch: kdumprd: Look for /boot/image-* and /boot/Image-* (bsc#1132799). - kdump-Add-skip_balance-option-to-BTRFS-mounts.patch: Add skip_balance option to BTRFS mounts (bsc#1108255). ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-32bit - remove section of libgcrypt-binary_integrity_in_non-FIPS.patch that caused some tests to be executed twice. - Fixed a race condition in initialization. * Added libgcrypt-1.8.4-allow_FSM_same_state.patch - libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests are invoked as well as the state transition, adjust the code so a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) * update libgcrypt-binary_integrity_in_non-FIPS.patch - Enforce the minimal RSA keygen size in fips mode (bsc#1125740) * add libgcrypt-fips_rsa_no_enforced_mode.patch - Don't run full self-tests from constructor (bsc#1097073) * Don't call global_init() from the constructor, _gcry_global_constructor() from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary integrity check instead. * Only the binary checksum will be verified, the remaining self-tests will be run upon the library initialization - Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch - Drop libgcrypt-init-at-elf-load-fips.patch and libgcrypt-fips_run_selftest_at_constructor.patch - Skip all the self-tests except for binary integrity when called from the constructor (bsc#1097073) * Added libgcrypt-1.8.3-fips-ctor.patch ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs - Revert commits 5f1e6a7d and f6c5babb to avoid loading conntrack module at libvird start revert-7431b3eb.patch, revert-8b967198.patch bsc#1133229 ==== mozc ==== Subpackages: fcitx-mozc ibus-mozc ibus-mozc-candidate-window mozc-gui-tools - update to support the Japanese new era, Reiwa (boo#1132450) * add-Japanese-new-era-reiwa-ligature-to-dict.patch * add-Japanese-new-era-reiwa-to-date_rewriter.patch * add-Japanese-new-era-reiwa-to-dict.patch - update zip code dictionary - add gcc-8.1-ZeroQueryDict-iterator.patch * fix a build error with gcc 8 - add excludearch for ppc/ppc64/s390/s390x as the code assumes little endian all over the place (bsc#1086763) - update 2.18.2612.102 * fixed unexpected size bloat of the APK * fixed duplicate candidates after undo * fixed suggestion-only user dictionary entry may not work * fixed abbreviation user dictionary entry may not work * fixed suppression word may not work * fixed single character noun user dictionary entry may not work - fcitx-mozc updated to 2.18.2612.102 * dropped patch: fcitx-mozc-2.17.2102.102.1.patch * added patch: fcitx-mozc-2.18.2612.102.1.patch - protobuf updated to 3.1.0 * dropped patch: protobuf-atomic.patch, upstreamed * dropped patch: protobuf-generic-atomic.patch, upstreamed - gyp updated to latest master@940a15e - added patch: mozc-gen_zip_code_seed_py.patch - Disable fcitx on SLE again. - fix unnecessary "BuildRequires: protobuf-devel" - remove ExcludeArch as related failure caused by workaround - remove workaround https://llvm.org/bugs/show_bug.cgi?id=22248 in spec as now using gcc not clang. remove mozc-stack-protector.patch - Add mozc-build-gcc.patch, Force mozc build with gcc(g++). Exclude PPC, PPC64, PPC64LE and AARCH64 build target.(bsc#990844) - Update Japanese zip code / address table (June 2016) - Upstream update to 2.17.2313.102 * "-j" option is deprecated * Calculator supports inputs starting with "=" * ibus-mozc supports "icon_prop_key" and input mode labels are shown on tray icon * Minor updates and refactoring - Update ibus-provide-layout-variations.patch - Update mozc-ninja-verbose-build.patch - Upstream update to 2.17.2123.102 * Update system dictionary * Support rule-based zero query suggestion in 2.16.2080.102 * GYP repository is switched from code.google.com to chromium.googlesource.com * Fix: ibus predict window is shown at the previous cursor position * Fix: Preedit and candidate changes buffer modification flag * Fix a typo * Fix: Possible build failure due to missing dependency on commands_proto from key_info_util * Fix: ibus-mozc should enable undo-commit if and only if IBUS_CAP_SURROUNDING_TEXT is set * ibus-mozc no longer tries to align suggestion window to the left edge of the composing text - add fcitx-mozc-2.17.2102.102.1.patch - remove fcitx-mozc-2.16.2037.102.2.patch - Specify GYP_DEFINES="use_libzinnia=1" to link to system-installed Zinnia - Fix ibus-mozc does not allow to remove tha last character of preedit text on Qt5 application * workaround for the Qt5 bug (boo#947013) * Add ibus-qt5-hide_preedit_text-workaround.patch - Enable PowerPC builds. * Add generic atomics on Power (protobuf-generic-atomic.patch , protobuf-atomic.patch) * Workaround llvm bug https://llvm.org/bugs/show_bug.cgi?id=22248 (mozc-stack-protector.patch) - ExcludeArch ppc ppc64 ppc64le because no support in third_party/protobuf/src/google/protobuf/stubs/ atomicops - add fcitx-mozc-2.16.2037.102.2.patch - add mozc-ninja-verbose-build.patch - update gyp 20150628 - use-libprotobuf=0 for internal protobuf to workaround system one's symbol undefined errors caused by gcc-5 - Upstream update to 2.16.2037.102 * Fix: Inconsistency between suggestion candidates and conversion candidates * add llvm-clang as build dependence - Upstream update to 2.16.2020.102 * Fix Noisy candidate "itsumo" due to language aware conversion * Fix AssertionError in gen_zip_code_seed.py - Upstream update to 2.16.2003.102 * Updated main dictionary, Emoji dictionary, emoticon dictionary, and single kanji dictionary * Fix IME crashes when using US International hardware keyboard * Fix ibus-mozc + XIM: preedit text is not cleared after preedit commit triggered by focus change * Fix An empty word can be suggested in the candidate list - Remove boo906143-revert-session.patch: Merged by upstream - Update gyp to r2012 - Add boo906143-revert-session.patch * Fix pre-edit is not reset after focus lost (boo#906143) - Upstream update to 1.15.1917.102 * Fix Warning message from keymap editor should be updated - Upstream update to 1.15.1895.102 * Fix Partial suggestion for numbers are not annotated by <????> ==== ntfs-3g_ntfsprogs ==== Subpackages: libntfs-3g87 ntfs-3g ntfsprogs - Add CVE-2019-9755.patch to fix a heap-based buffer overflow issue (CVE-2019-9755, boo#1130165). ==== os-prober ==== - Fix accidental deletion of btrfs subvolume (boo#1130669) * os-prober-use-tmp-over-var-lib-for-transient-files.patch ==== unbound ==== Subpackages: libunbound2 unbound-anchor - Add systemd require in unbound-anchor to reflect new dependency (due to systemd-timers) ==== xen ==== Version update (4.12.0_08 -> 4.12.0_10) - bsc#1131811 - [XEN] internal error: libxenlight failed to create new domain. This patch is a workaround for a systemd issue. See patch header for additional comments. xenstore-launch.patch - bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest after upgrading host from sle11sp4 to sle15sp1 pygrub-python3-conversion.patch - Fix "TypeError: virDomainDefineXML() argument 2 must be str or None, not bytes" when converting VMs from using the xm/xend toolstack to the libxl/libvirt toolstack. (bsc#1123378) xen2libvirt.py - bsc#1124560 - Fully virtualized guests crash on boot 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1121391 - GCC 9: xen build fails 5c8f752c-x86-e820-build-with-gcc9.patch - Upstream bug fixes (bsc#1027519) 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch - Install pkgconfig files into libdir instead of datadir ==== yast2-network ==== Version update (4.1.44 -> 4.1.45) - Fix mode/second_stage value initialization (bsc#1132057) - 4.1.45 ==== yast2-packager ==== Version update (4.1.36 -> 4.1.37) - Update proposal: Showing product obsoletes. (bsc#1131503) - 4.1.37 ==== yast2-storage-ng ==== Version update (4.1.77 -> 4.1.83) - Partitioner: fixed translation issues related to bcache (bsc#1126822). - 4.1.83 - AutoYaST: new format for importing/exporting NFS drives. - Related to bsc#1130256. - 4.1.82 - Partitioner: when editing a block device, clean-up useless LVM PV metadata from it (bsc#1129663) - 4.1.81 - Fix NFS root detection when installing with AutoYaST (needed for bsc#1130256). - 4.1.80 - Fix initial proposal to make a clean copy of initial settings before switching to another candidate device (bsc#1130392). - Related to bsc#1102026 and bsc#1090383. - 4.1.79 - Add support for installing over NFS with AutoYaST (bsc#1130256). - 4.1.78 ==== yast2-users ==== Version update (4.1.11 -> 4.1.12) - AY creating user: Improved checking of already existing home directories (bsc#1130158) - 4.1.12 ==== zlib ==== Subpackages: libminizip1 libz1 libz1-32bit - Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: * zlib-power8-fate325307.patch -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org