Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.0&build=128.1&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.0 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: aaa_base (84.87+git20180130.ae1f262 -> 84.87+git20180205.2d2832f) bash cfitsio (3.410 -> 3.420) digikam filesystem glibc glibc hugin (2017.0.0 -> 2018.0.0) hwinfo (21.51 -> 21.52) kwayland libqt5-qttranslations (5.9.3 -> 5.9.4) libqt5-qtvirtualkeyboard (5.9.3 -> 5.9.4) libreoffice (6.0.0.2 -> 6.0.0.3) libyui-qt (2.47.3 -> 2.49.1) linux-glibc-devel (4.14 -> 4.15) patterns-fonts perl-Task-Weaken (1.04 -> 1.05) postgresql10 (10.1 -> 10.2) postgresql96 (9.6.6 -> 9.6.7) python-rpm (4.14.0 -> 4.14.1) rpm (4.14.0 -> 4.14.1) sg3_utils sysdig (0.19.1_k4.12.14_lp150.4 -> 0.20.0_k4.12.14_lp150.4) systemd texlive util-linux (2.31 -> 2.31.1) util-linux-systemd (2.31 -> 2.31.1) === Details === ==== aaa_base ==== Version update (84.87+git20180130.ae1f262 -> 84.87+git20180205.2d2832f) Subpackages: aaa_base-extras aaa_base-malloccheck - Update to version 84.87+git20180205.2d2832f: * Move /lib/aaa_base/convert_sysctl to /usr/lib/base-scripts/convert_sysctl to cleanup filesystem. * Don't create /etc/init.d/{boot.local,after.local,halt.local} in aaa_base.pre section. * Remove dead code from pre/post install sections. - Add /var/adm/backup subdirectories to aaa_base-extras, they are only needed by this package. - Update to version 84.87+git20180204.875cba8: * Move sysconfig.backup into extra subpackage, where all the scripts using it are, too. * Create systemd timer for the cron.daily scripts for backup-rpmdb, backup-sysconfig and check-battery. Move scripts to /usr/lib/base-scripts. * Remove suse.de-cron-local. If somebody really still has a /root/cron.daily.local file, he can move it to /etc/cron.daily. * Don't modify data in root's home directory * Don't create userdel.local, this isn't in use since many years ==== bash ==== Subpackages: bash-doc bash-lang libreadline7 readline-doc - Add patches 13-18 to bash-4.4-patches.tar.bz2 * 13: If a here-document contains a command substitution, the command substitution can get access to the file descriptor used to write the here-document. * 14: Under some circumstances, functions that return via the `return' builtin do not clean up memory they allocated to keep track of FIFOs. * 15: Process substitution can leak internal quoting to the parser in the invoked subshell. * 16: Bash can perform trap processing while reading command substitution output instead of waiting until the command completes. * 17: There is a memory leak when `read -e' is used to read a line using readline. * 18: Under certain circumstances (e.g., reading from /dev/zero), read(2) will not return -1 even when interrupted by a signal. The read builtin needs to check for signals in this case. - partial cleanup with spec-cleaner ==== cfitsio ==== Version update (3.410 -> 3.420) - Update to version 3.420: * added https support to the collection of drivers handled in cfileio.c and drvrnet.c. This also handles the case where http transfers are rerouted to https. Note that this enhancement introduces a dependency on the libcurl development package. If this package is absent, CFITSIO will still build but will not have https capability. * made fix to imcomp_init_table function in imcompress.c. It now writes ZSIMPLE keyword only to a compressed image that will be placed in the primary header. * fix made to fits_get_col_display_width for case of a vector column of strings. * in ftp_open_network and in ftp_file_exist, added code to repeatedly attempt to make a ftp connection if the ftp server does not respond to the first request. (some ftp servers don't appear to be 100% reliable). * in drvrnet.c added many calls to 'fclose' to close unneeded files, to avoid exceeding the maximum allowed number of files that can be open at once. * made substantial changes to the ftp_checkfile and http_checkfile routines to streamline the process of checking for the existence of a .gz or .Z compressed version of the file before opening the uncompressed file (when using http or ftp to open the file). * modified the code in ftp_open_network to send "\r\n" as end-of-line characters instead of just "\n". Some ftp servers (in particular, at heasarc.gsfc.nasa.gov) now require both characters, otherwise the network connection simply hangs. * modified the http_open_network routine to handle HTTP 301 or 302 redirects to a FTP url. This is needed to support the new configuration on the heasarc HTTP server which sometimes redirects http URLS to a ftp URL. - Added new build requirement libcurl-devel. ==== digikam ==== Subpackages: digikam-doc digikam-lang kipi-plugins kipi-plugins-lang libdigikamcore5 showfoto - Drop xorg-x11-devel BuildRequires, all x11 dependencies are via Qt and covered by the Qt5* BuildRequires - Drop BuildRequires on gphoto binary, the version is discovered using pkgconfig now. - Rebase 0001-Disable-detection-of-OpenGL-for-GLES-platforms.patch ==== filesystem ==== - Adjust aaa_base test for latest aaa_base changes - Remove /var/adm/fillup-templates, already prohibited by rpmlint - Remove /var/adm/backup/{rpmdb,sysconfig}, they belong to aaa_base-extras only. ==== glibc ==== Subpackages: glibc-32bit glibc-locale-32bit - memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774) - fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142) - Avoid duplicate source rpm ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale nscd - memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774) - fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142) - Avoid duplicate source rpm ==== hugin ==== Version update (2017.0.0 -> 2018.0.0) - update to version 2018.0.0 The version 2018.0 is mainly a bug fix release and introduce some minor new features. Several improvements for optimizer tabs: * mark deselected images * allow changing optimizer variables for all selected images at once * option to ignore line cp * hugin_stacker: New tool to stack overlapping images with several averaging modes (e.g. mean, median). * Hugin: Added option to disable auto-rotation of images in control point and mask editor. * Nona, verdandi and hugin_stacker can now write BigTIFF images * Added expression parser to GUI: This allows to manipulate several image variables at once. (This is the same as running pto_var - -set from the command line.) This can be used e.g. to prealigns the images in a given setup and then run cpfind --prealigned to search control points only in overlapping images. * Add user-defined assistant and expose it in the GUI. It allows to set up different assistant strategies without the need to recompiling. Provide also some examples (scanned images, multi-row panoramas with orphaned images, single-shot panorama cameras). - drop python dependencies ==== hwinfo ==== Version update (21.51 -> 21.52) - merge gh#openSUSE/hwinfo#57 - add another sanity check on scsi serial id (bsc#1078511) - 21.52 ==== kwayland ==== - Add 0001-server-Don-t-crash-when-a-subsurface-gets-commited-w.patch * Upstream fix to prevent kwin from crashing when opening systemsettings (kde#389231) ==== libqt5-qttranslations ==== Version update (5.9.3 -> 5.9.4) - Update to 5.9.4: * New bugfix release * For more details, see http://code.qt.io/cgit/qt/qttranslations.git/tree/dist/changes-5.9.4/?h=v5.9... ==== libqt5-qtvirtualkeyboard ==== Version update (5.9.3 -> 5.9.4) - Update to 5.9.4: * New bugfix release * For more details, see http://code.qt.io/cgit/qt/qtvirtualkeyboard.git/tree/dist/changes-5.9.4/?h=v... ==== libreoffice ==== Version update (6.0.0.2 -> 6.0.0.3) Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-kde4 libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreofficekit - Disable one more test that fails - Do not depend on procps - Version update to 6.0.0.3: * RC3 phase of libreoffice 6.0.0 release ==== libyui-qt ==== Version update (2.47.3 -> 2.49.1) - Prevent segfault if an open dialog is left over (bsc#1074596): Don't do anything widget related after the QApplication is destroyed, in particular not deleting other widgets, even if indirectly via YDialog::deleteAllDialogs() in YUI. [#] 2.49.1 - Don't probe X11 display, for better integration with Wayland (bsc#1072411) - 2.48.1 - Send a widget ID with Shift-F6 for automated testing (fate#324098) - 2.48.0 ==== linux-glibc-devel ==== Version update (4.14 -> 4.15) - Update to kernel headers 4.15 - Add support for riscv ==== patterns-fonts ==== Subpackages: patterns-fonts-fonts patterns-fonts-fonts_opt - do not recommend liberation2-fonts, it is dead [bsc#1077375] [rh#856239] ==== perl-Task-Weaken ==== Version update (1.04 -> 1.05) - updated to 1.05 see /usr/share/doc/packages/perl-Task-Weaken/Changes ==== postgresql10 ==== Version update (10.1 -> 10.2) Subpackages: libpq5 postgresql10-server - Upate to PostgreSQL 10.2 * https://www.postgresql.org/docs/10/static/release-10-2.html * CVE-2018-1052, bsc#1080253: Fix processing of partition keys containing multiple expressions. * CVE-2018-1053, bsc#1077983: Ensure that all temporary files made by pg_upgrade are non-world-readable. * bsc#1079757: Rename pg_rewind's copy_file_range function to avoid conflict with new Linux system call of that name. - Use Python 3 for building PL/Python (boo#1067699). - Don't %config the symlinks to /etc/alternatives to avoid rpmlint warnings. ==== postgresql96 ==== Version update (9.6.6 -> 9.6.7) Subpackages: postgresql96-server - Upate to PostgreSQL 9.6.7 * https://www.postgresql.org/docs/9.6/static/release-9-6-7.html * CVE-2018-1053, bsc#1077983: Ensure that all temporary files made by pg_upgrade are non-world-readable. * bsc#1079757: Rename pg_rewind's copy_file_range function to avoid conflict with new Linux system call of that name. - Don't %config the symlinks to /etc/alternatives to avoid rpmlint warnings. ==== python-rpm ==== Version update (4.14.0 -> 4.14.1) - update to rpm-4.14.1 ==== rpm ==== Version update (4.14.0 -> 4.14.1) Subpackages: rpm-32bit - Use ksym-provides tool (bsc#1077692). - Update %remove_and_set: This macro needs no fallback to /var/adm/fillup-templates, as it does not work on files provided by the packages, but rather constructs temporary files inside fillup_dir. - remove shebang from python-macro-helper - update to rpm-4.14.1 * Fix arbitrary code execution when evaluating common python-related macros * new artifact file marker * less strict signature header verification [bnc#1078284] - dropped patches: * bigarchive.diff * editdwarf.diff * hardlink.diff * rofs.diff * transfiletriggerpostun.diff ==== sg3_utils ==== Subpackages: libsgutils2-1_43-2 - Update to svn r751: * NVMe bugfixes * sg_seek: new utility * sg_stream_ctl: new utility program - 54-before-scsi-sg3_id.rules: compability rule for systemd (bsc#1079873) - Add dracut.conf to install new rule with dracut - Merge local patch with git repository * Delete sgut-libversioning.diff - Update to svn r744: * sg_write_x: new command for normal/atomic/orwrite etc SCSI WRITE variants * sg_ses: add NVMe support * sg_inq: decode NVMe controller / NSIDs - rescan_scsi_bus.sh: Fix manpage for --forcerescan - 55-scsi-sg3_id.rules: fixes for scsi_id compability (bsc#1079873) - 55-scsi-sg3_id.rules: run sg_inq for SPC devices (bsc#1079873) ==== sysdig ==== Version update (0.19.1_k4.12.14_lp150.4 -> 0.20.0_k4.12.14_lp150.4) - Update to version 0.20.0: * Use dithered boxes to increase the number of available colors for spectrogram/subsecoffset views [#961] [#963] [#966] * Add the ability to log json parse errors to a separate log file [#975] [#981] [#990] * Update the embedded jsonpp implementation to 0.10.6 [#975] [#982] * Reduce inactive container scan time from 20 minutes to 30 seconds [#985] * Added the ability to parse and represent RAW sockets [#991] * Handle finit_module syscall [#996] [#1001] * Add error message when scap_open() is called with incorrect mode [#997] * Use explicit versions for all Docker API Endpoints [#1000] * Report more detailed errors when PPM_IOCTL_GET_N_TRACEPOINT_HIT fails [#1016] * Add support for bpf/seccomp syscalls [#1031] [#1033] * When trying to build the kernel module using dkms fails, include dkms.log output along with the failure [#1038] ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-bash-completion systemd-sysvinit udev - Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224) But we still ship a copy in /var. Users who want to use tmpfs on /tmp are supposed to add a symlink in /etc/ pointing to the copy shipped in /var. To support the update path we automatically create the symlink if tmp.mount in use is located in /usr. - Enable systemd-networkd on Leap distros only (bsc#1071311) - Don't build seccomp support in the mini package - Don't build-require selinux for the mini package - Drop libgcrypt.m4 The mini package builds fine without it so it doesn't seem necessary anymore. - Import commit d5a5df298ccf490eb1da5cd671922dcda5ec17e1 531a00c84 Restore "restore /var/run and /var/lock bind mount if they aren't symlink"" - Import commit fd4e9389d87901c420a5a05dd016a002bc9e85b2 7fb9ea39a Revert "restore /var/run and /var/lock bind mount if they aren't symlink" 23ce1207a meson.build: make docdir configurable (#8068) - Import commit 08eebc34ac22b2175321f3a8814ed0aca3bc88bb 07c6ee3eb compat-rules: get rid of scsi_id when generating compat symlinks for NVMe devices (bsc#1051465) - Drop 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch It's been merged in branch "compats/udev-compat-symlinks" which was merged in branch "SLE15" in its turn. - Import commit b4e4c090b2238e80f4d82b11739bc428d3f0e00f 37da1facb core: disable session keyring per system sevice entirely for now (bnc#1045886) 8a1ae0449 strv: fix buffer size calculation in strv_join_quoted() 2b8971b8a tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on (bsc#1077925 CVE-2017-18078) 8c2bcac25 tmpfiles: change ownership of symlinks too - Drop 0001-core-disable-session-keyring-per-system-sevice-entir.patch It's been merged in branch "SUSE/v234". - Import commit b8dab767c4df0fba4766f1e2b9977a2cd329b20e 3d60486f7 core/timer: Prevent timer looping when unit cannot start (bsc#1068588) 54c0add7c logind: store a timestamp when the ACPI power button is pressed (bsc#981830 bsc#888612 bsc#1072933) 460bd0cd6 Revert "handle SYSTEMCTL_OPTIONS environment variable" (fate#323393) - Drop 0001-Revert-handle-SYSTEMCTL_OPTIONS-environment-variable.patch The patch has been merged in SUSE/v234 since its counterpart in YaST has been accepted in Factory and SLE15. - Drop 0001-logind-store-a-timestamp-when-the-ACPI-power-button-.patch The patch has been verified on Beta5 and hence has been merged in "SLE15" branch. ==== texlive ==== Subpackages: libkpathsea6 libsynctex1 libtexlua52-5 libtexluajit2 texlive-a2ping-bin texlive-accfonts-bin texlive-adhocfilelist-bin texlive-afm2pl-bin texlive-amstex-bin texlive-arara-bin texlive-asymptote-bin texlive-bibtex-bin texlive-bibtex8-bin texlive-bibtexu-bin texlive-bundledoc-bin texlive-checkcites-bin texlive-checklistings-bin texlive-chktex-bin texlive-context-bin texlive-cslatex-bin texlive-csplain-bin texlive-ctanify-bin texlive-ctanupload-bin texlive-ctie-bin texlive-cweb-bin texlive-de-macro-bin texlive-detex-bin texlive-dosepsbin-bin texlive-dtl-bin texlive-dtxgen-bin texlive-dviasm-bin texlive-dvicopy-bin texlive-dvidvi-bin texlive-dviinfox-bin texlive-dviljk-bin texlive-dvipdfmx-bin texlive-dvipng-bin texlive-dvipos-bin texlive-dvips-bin texlive-dvisvgm-bin texlive-epstopdf-bin texlive-findhyph-bin texlive-fontinst-bin texlive-fontools-bin texlive-fontware-bin texlive-fragmaster-bin texlive-gsftopk-bin texlive-kpathsea-bin texlive-lacheck-bin texlive-latex-bin-bin texlive-latex-git-log-bin texlive-latex-papersize-bin texlive-latex2man-bin texlive-latex2nemeth-bin texlive-latexdiff-bin texlive-latexfileversion-bin texlive-latexindent-bin texlive-latexmk-bin texlive-latexpand-bin texlive-lcdftypetools-bin texlive-listings-ext-bin texlive-ltxfileinfo-bin texlive-ltximg-bin texlive-lua2dox-bin texlive-luaotfload-bin texlive-luatex-bin texlive-lwarp-bin texlive-make4ht-bin texlive-makeindex-bin texlive-match_parens-bin texlive-metafont-bin texlive-metapost-bin texlive-mex-bin texlive-mf2pt1-bin texlive-mflua-bin texlive-mfware-bin texlive-mkjobtexmf-bin texlive-mptopdf-bin texlive-patgen-bin texlive-pdfbook2-bin texlive-pdfcrop-bin texlive-pdfjam-bin texlive-pdflatexpicscale-bin texlive-pdftex-bin texlive-pdftools-bin texlive-pdfxup-bin texlive-pfarrei-bin texlive-pkfix-bin texlive-pkfix-helper-bin texlive-ps2pk-bin texlive-pst-pdf-bin texlive-pstools-bin texlive-purifyeps-bin texlive-pygmentex-bin texlive-pythontex-bin texlive-seetexk-bin texlive -srcredact-bin texlive-sty2dtx-bin texlive-synctex-bin texlive-tetex-bin texlive-tex-bin texlive-tex4ebook-bin texlive-tex4ht-bin texlive-texconfig-bin texlive-texcount-bin texlive-texdef-bin texlive-texdiff-bin texlive-texdirflatten-bin texlive-texdoc-bin texlive-texfot-bin texlive-texliveonfly-bin texlive-texloganalyser-bin texlive-texosquery-bin texlive-texware-bin texlive-thumbpdf-bin texlive-tie-bin texlive-tpic2pdftex-bin texlive-ttfutils-bin texlive-typeoutfileinfo-bin texlive-ulqda-bin texlive-vlna-bin texlive-web-bin texlive-xdvi-bin texlive-xetex-bin - drop freetype-devel buildrequires, we use freetype2 here. ==== util-linux ==== Version update (2.31 -> 2.31.1) Subpackages: libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid1 libuuid1-32bit util-linux-lang - Update to version 2.31.1: * blkid: Add support for LUKS2 and new LABEL attributes. * move rfkill to /usr/sbin (boo#1076134). * fsck.cramfs: Fix bus error on broken file system. * hwclock: add iso-8601 overflow check * libmount: * Allow MNT_FORCE and MNT_DETACH at umount * add nsfs between pseudo filesystems * lscpu: Treat read failure on Xen Hypervisor properties as non-fatal * sha1: endian fixes (affects util_linux_bigendian.patch) * documentation updates * other fixes and improvements - Fix regressions in 2.31.1: * sha1 on s390* (update util_linux_bigendian.patch) * fsck.cramfs on ppc64le (util-linux-cramfs.patch) * fincore/count (disable, util-linux-fincore-count.patch) ==== util-linux-systemd ==== Version update (2.31 -> 2.31.1) - Update to version 2.31.1: * blkid: Add support for LUKS2 and new LABEL attributes. * move rfkill to /usr/sbin (boo#1076134). * fsck.cramfs: Fix bus error on broken file system. * hwclock: add iso-8601 overflow check * libmount: * Allow MNT_FORCE and MNT_DETACH at umount * add nsfs between pseudo filesystems * lscpu: Treat read failure on Xen Hypervisor properties as non-fatal * sha1: endian fixes (affects util_linux_bigendian.patch) * documentation updates * other fixes and improvements - Fix regressions in 2.31.1: * sha1 on s390* (update util_linux_bigendian.patch) * fsck.cramfs on ppc64le (util-linux-cramfs.patch) * fincore/count (disable, util-linux-fincore-count.patch) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org