openSUSE Kubic
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
January 2022
- 7 participants
- 61 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
gcc11 (11.2.1+git1018 -> 11.2.1+git1173)
glib-networking
libglvnd (1.3.3 -> 1.4.0)
libmodulemd
openssl (1.1.1l -> 1.1.1m)
openssl-1_1 (1.1.1l -> 1.1.1m)
python-kiwisolver (1.3.1 -> 1.3.2)
python-pandas (1.3.4 -> 1.3.5)
python-requests (2.26.0 -> 2.27.1)
systemd
zstd (1.5.0 -> 1.5.1)
=== Details ===
==== gcc11 ====
Version update (11.2.1+git1018 -> 11.2.1+git1173)
Subpackages: libgcc_s1 libgfortran5 libgomp1 libquadmath0 libstdc++6
- Update to gcc-11 branch head (d4a1d3c4b377f1d4acb), git1173
* Fix D memory corruption in -M output.
* Fix ICE in is_this_parameter with coroutines. [boo#1193659]
==== glib-networking ====
- Increase testsuite timeout
==== libglvnd ====
Version update (1.3.3 -> 1.4.0)
- update to 1.4.0:
* tests cleanups
* Update bin/symbols-check.py from mesa/mesa@6f854145
* Remove extra paragraph from license text.
* Add one more missing dep_x11_headers
* Update uthash to v2.3.0
* EGL: Add support for eglQueryDisplayAttribKHR and NV.
==== libmodulemd ====
- Drop unknown meson parameters: developer_build,
with_py2_overrides, with_py3_overrides.
==== openssl ====
Version update (1.1.1l -> 1.1.1m)
- Update to 1.1.1m release
==== openssl-1_1 ====
Version update (1.1.1l -> 1.1.1m)
Subpackages: libopenssl1_1
- Update to 1.1.1m:
* Avoid loading of a dynamic engine twice.
* Prioritise DANE TLSA issuer certs over peer certs
- Rebased patches:
* openssl-1.1.1-evp-kdf.patch
* openssl-1.1.1-system-cipherlist.patch
==== python-kiwisolver ====
Version update (1.3.1 -> 1.3.2)
- update to 1.3.2:
- Add support for Python 3.10, drop official support Python 3.6
- Remove direct accesses to ob_type in C-API use Py_TYPE instead
==== python-pandas ====
Version update (1.3.4 -> 1.3.5)
- Update to version 1.3.5
* Fixed regression in Series.equals() when comparing floats with
dtype object to None (GH44190)
* Fixed regression in merge_asof() raising error when array was
supplied as join key (GH42844)
* Fixed regression when resampling DataFrame with DateTimeIndex
with empty groups and uint8, uint16 or uint32 columns
incorrectly raising RuntimeError (GH43329)
* Fixed regression in creating a DataFrame from a timezone-aware
Timestamp scalar near a Daylight Savings Time transition
(GH42505)
* Fixed performance regression in read_csv() (GH44106)
* Fixed regression in Series.duplicated() and
Series.drop_duplicates() when Series has Categorical dtype with
boolean categories (GH44351)
* Fixed regression in GroupBy.sum() with timedelta64[ns] dtype
containing NaT failing to treat that value as NA (GH42659)
* Fixed regression in RollingGroupby.cov() and
RollingGroupby.corr() when other had the same shape as each
group would incorrectly return superfluous groups in the result
(GH42915)
==== python-requests ====
Version update (2.26.0 -> 2.27.1)
- update to 2.27.1
* Fixed parsing issue that resulted in the auth component being
dropped from proxy URLs. (#6028)
- update to 2.27.0:
* Officially added support for Python 3.10. (#5928)
* Added a `requests.exceptions.JSONDecodeError` to unify JSON exceptions between
Python 2 and 3. This gets raised in the `response.json()` method, and is
backwards compatible as it inherits from previously thrown exceptions.
Can be caught from `requests.exceptions.RequestException` as well. (#5856)
* Improved error text for misnamed `InvalidSchema` and `MissingSchema`
exceptions. This is a temporary fix until exceptions can be renamed
(Schema->Scheme). (#6017)
* Improved proxy parsing for proxy URLs missing a scheme. This will address
recent changes to `urlparse` in Python 3.9+. (#5917)
* Fixed defect in `extract_zipped_paths` which could result in an infinite loop
for some paths. (#5851)
* Fixed handling for `AttributeError` when calculating length of files obtained
by `Tarfile.extractfile()`. (#5239)
* Fixed urllib3 exception leak, wrapping `urllib3.exceptions.InvalidHeader` with
`requests.exceptions.InvalidHeader`. (#5914)
* Fixed bug where two Host headers were sent for chunked requests. (#5391)
* Fixed regression in Requests 2.26.0 where `Proxy-Authorization` was
incorrectly stripped from all requests sent with `Session.send`. (#5924)
* Fixed performance regression in 2.26.0 for hosts with a large number of
proxies available in the environment. (#5924)
* Fixed idna exception leak, wrapping `UnicodeError` with
`requests.exceptions.InvalidURL` for URLs with a leading dot (.) in the
domain. (#5414)
* Requests support for Python 2.7 and 3.6 will be ending in 2022. While we
don't have exact dates, Requests 2.27.x is likely to be the last release
series providing support.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-sysvinit udev
- Update systemd-user PAM service again
Change the default implementation of pam_setcred() again, previously
customized to run the full "auth" PAM stack and only call pam_deny.so which is
basically the SUSE default behavior without pam_warn.so.
This is considered safer, especially on SLE where a regression was spotted by
QA.
- move files related to static nodes to udev
- Replace S:$n references with SOURCE$n. Makes vim * search work.
==== zstd ====
Version update (1.5.0 -> 1.5.1)
Subpackages: libzstd1
- add noexecstack.patch (bsc#1194337)
- fix pkgconfig pc file settings by passing in right prefix during build
- update to 1.5.1:
* perf: rebalanced compression levels, to better match the intended speed/level curve
* perf: faster huffman decoder, using x64 assembly
* perf: slightly faster high speed modes (strategies fast & dfast)
* perf: improved binary size and faster compilation times
* perf: new row64 mode, used notably in level 12
* perf: faster mid-level compression speed in presence of highly repetitive patterns
* perf: minor compression ratio improvements for small data at high levels
* perf: reduced stack usage (mostly useful for Linux Kernel)
* perf: faster compression speed on incompressible data
* perf: on-demand reduced ZSTD_DCtx state size, using build macro ZSTD_DECODER_INTERNAL_BUFFER, at a small cost of performance
* build: allows hiding static symbols in the dynamic library, using build macro
* build: support for m68k (Motorola 68000's)
* build: improved AIX support
* build: improved meson unofficial build
* cli : custom memory limit when training dictionary (#2925)
* cli : report advanced parameters information when compressing in very verbose mode (``-vv`)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (21.3.1 -> 21.3.3)
Mesa-drivers (21.3.1 -> 21.3.3)
createrepo_c
double-conversion (3.1.6 -> 3.1.7)
installation-images-MicroOS (17.32 -> 17.33)
kdump (0.9.1 -> 0.9.2)
lapack
libeconf (0.4.2+git20211111.c7a2c52 -> 0.4.4+git20220104.962774f)
libjcat (0.1.8 -> 0.1.9)
libsndfile
python-prettytable (2.4.0 -> 2.5.0)
sg3_utils (1.47 -> 1.47+2.388b767)
suse-module-tools (16.0.17 -> 16.0.18)
vim (8.2.3863 -> 8.2.3995)
xorg-x11-server (21.1.2 -> 21.1.3)
zchunk
=== Details ===
==== Mesa ====
Version update (21.3.1 -> 21.3.3)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- update to 21.3.3
* Bug fixes
* Assassin?s Creed Syndicate crashes with Mesa 21.3.0+ ACO
* [21.3 regression] swr: Build failure with MSVC
* anv: dEQP-VK.graphicsfuzz.spv-stable-pillars-volatile-nontemporal-store fails
==== Mesa-drivers ====
Version update (21.3.1 -> 21.3.3)
Subpackages: Mesa-dri Mesa-gallium
- update to 21.3.3
* Bug fixes
* Assassin?s Creed Syndicate crashes with Mesa 21.3.0+ ACO
* [21.3 regression] swr: Build failure with MSVC
* anv: dEQP-VK.graphicsfuzz.spv-stable-pillars-volatile-nontemporal-store fails
==== createrepo_c ====
Subpackages: libcreaterepo_c0 python3-createrepo_c
- python3-nose is not required for the testsuite, update BuildRequires
to the actual package used, python3-setuptools.
==== double-conversion ====
Version update (3.1.6 -> 3.1.7)
- update to 3.1.7:
* Reintroduce macros, if DOUBLE_CONVERSION_NON_PREFIXED_MACROS is set
* Also add support for Synopsys ARC64 architecture
==== installation-images-MicroOS ====
Version update (17.32 -> 17.33)
- merge gh#openSUSE/installation-images#561
- Remove more binaries appearing with Ruby 3.1 (bsc#1193192)
- 17.33
==== kdump ====
Version update (0.9.1 -> 0.9.2)
- kdump-0.9.2-mkdumprd-properly-pass-compression-params.patch: Fix
malformation in passing Dracut compression parameters in mkdumprd
(bsc#1193765).
- Refresh existing patches.
- Sync with SLE15-SP4 changelog. These patches were never applied
to Factory:
* kdump-avoid-endless-loop-EAI_AGAIN.patch
* kdump-calibrate-Add-LUKS2-Argon2-requirements-to-the-reser.patch
* kdump-calibrate-Fix-kernel-command-line-parsing.patch
* kdump-do-not-add-rd.neednet.patch
* kdump-Do-not-list-all-block-devices-if-no-block-devices-ar.patch
* kdump-ensure-initrd.target.wants-directory.patch
* kdump-Enumerate-all-BTRFS-devices-for-btrfs-mount-points.patch
* kdump-Implement-KString-isHexNumber.patch
* kdump-install-etc-resolv.conf-using-resolved-path.patch
* kdump-Mount-and-device-resolution-using-libmount-and-lsblk.patch
* kdump-remove-console-hvc0-from-commandline.patch
* kdump-set-serial-console-from-Xen-cmdline.patch
- Update to 0.9.2
* Isolate fadump initrd within the default one (jsc#SLE-18272)
* Bug fixes
* Code cleanups
- Remove patches that have been upstreamed:
* kdump-mounts.cc-Include-sys-ioctl.h.patch
* kdump-Add-bootdev-to-dracut-command-line.patch
* kdump-do-not-iterate-past-end-of-string.patch
* kdump-fix-incorrect-exit-code-checking.patch
* kdump-avoid-endless-loop-on-EAI_AGAIN.patch
* kdump-install-real-resolv.conf.patch
* kdump-Store-kdump-initrd-in-kernel-image-path.patch
- Remove patches that have been solved differently:
* kdump-on-error-option-yesno.patch
==== lapack ====
Subpackages: libblas3 libcblas3 liblapack3
- Add Fix-out-of-bounds-read.patch to fix out of bound reads when
user input is not validated properly. (bsc#1193562, CVE-2021-4048)
==== libeconf ====
Version update (0.4.2+git20211111.c7a2c52 -> 0.4.4+git20220104.962774f)
- Update to version 0.4.4+git20220104.962774f:
* Fixed i586 build (#158)
- Update to version 0.4.2+git20220104.5dfd69d:
* Reading numbers with different bases (e.g. oktal) (bsc#1193632) (#157)
==== libjcat ====
Version update (0.1.8 -> 0.1.9)
- update to 0.1.9:
* Set which backends are supported in the pkgconfig file
* Use -Dcli=false to reduce the install size
* Return an error if we try to self-sign no bytes of data
* Show a more accurate output when not all engines are enabled
==== libsndfile ====
- Fix heap buffer overflow in flac_buffer_copy (CVE-2021-4156,
bsc#1194006):
libsndfile-CVE-2021-4156.patch
==== python-prettytable ====
Version update (2.4.0 -> 2.5.0)
- update to 2.5.0:
* Add Single Border table style
==== sg3_utils ====
Version update (1.47 -> 1.47+2.388b767)
Subpackages: libsgutils2-1_47-2
- Update to version 1.47+2.388b767:
* rescan-scsi-bus.sh: apply fix for '-r' (boo#1194293)
* _service: use openSUSE github repo again (with cherry-picks
from upstream)
* spec file: suppress commit ID in library version
==== suse-module-tools ====
Version update (16.0.17 -> 16.0.18)
- Update to version 16.0.18:
* cdrom: Disable autoclose by default (boo#1165047).
* Make regenerate-initrd-posttrans compatible with Dracut's
UEFI mode (unified kernel image)
==== vim ====
Version update (8.2.3863 -> 8.2.3995)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.3995, fixes the following problems
- fixed boo#1194219
* Various build flags accidentally enabled.
* Cannot disable requesting key codes from xterm.
* Vim9: compiler complains about using "try" as a struct member.
* Vim9: type checking global variables is inconsistent.
* Implementation of some list functions too complicated.
* Vim9: function test fails.
* Vim9: type checking for "any" is inconsistent.
context menu. (Gabriel Dupras)
* List.c contains code for dict and blob.
* Vim9: finddir() and uniq() return types can be more specific.
* go.mod files are not recognized.
* Cannot highlight the number column for a sign.
* gcc complains about buffer overrun.
* 'cindent' does not recognize inline namespace.
* Function does not abort after a type error in compare
* Vim9: debugger tries to read more lines than there are.
* getreg() and getregtype() contain dead code.
* Solution filter files are not recognized.
* More duplicated code in f_getreginfo().
* Crash when switching to other regexp engine fails.
* Crash when clearing the argument list while using it.
* Arglist test fails.
* Can define autocmd for every event by using "au!".
* E1135 is used for two different errors.
* The argument list may contain duplicates.
* Duplicate code for translating script-local function name.
* Vim9: type check for using v: variables is basic.
* When modifyOtherKeys is used CTRL-C is not recognized.
* Vim9: many local variables are initialized with an instruction.
* Vim9: no proper type check for first argument of call().
* Vim9: confusing error when using function() with a number.
* Vim9: no test for nested function not available later.
* Vim9: the second argument of map() and filter() is not checked at
compile time.
* Vim9: not sufficient testing for variable initialization.
* Vim9: test for map() on string fails.
* It is not easy to use a script-local function for an option.
* Vim9: Cannot set 'cpo' in main .vimrc if using Vim9 script.
* Vim9: double free with nested :def function.
* "gM" does not count tabs as expected.
* Vim9: skip expression type is not checked at compile time.
* Dockerfile using prefix name not recognized.
* Vim9 help still contains "under development" warnings.
* Error messages are spread out.
* Cannot use a script-local function for 'foldtext'.
* Containerfile using prefix name not recognized.
* When the compare function of sort() produces and error then sort()
does not abort.
* Vim9: type check for filter() does not accept unknown.
* The ins_complete() function is much too long.
* Help for expressions does not mention Vim9 syntax.
* Various spelling mistakes in comments.
* illegal memory access when completing with invalid bytes.
* No error for passing an invalid line number to append().
* The eval.txt help file is way too big.
* Function list test fails.
* Vim9: wrong argument for append() results in two errors.
* Restoring directory after using another window is inefficient.
* The way xdiff is used is inefficient.
* Cannot build with dynamic Ruby 3.1.
* Vim9: double free if a nested function has a line break in the argument
list.
* Vim9: no error if something follows :enddef in a nested function.
* Diff mode confused by NUL bytes.
* Build failure without the 'autochdir' option. (John Marriott)
* Vim9: double free when using lambda.
* Heredoc test fails.
* Using unititialized variable.
* getcmdline() argument has a misleading type.
* Coverity reports a memory leak.
* C line comment not formatted properly.
* After ":cd" fails ":cd -" is incorrect.
* Repeating line comment is undesired for "O" command.
* CTRL-U in Insert mode does not fix the indent.
* No proper test for maintaining change mark in diff mode.
* Insert mode completion function is too long.
* Line comment start is also found in a string.
* Match highlight disappears when doing incsearch for ":s/pat".
* SIGTSTP is not handled.
* Coverity reports a possible memory leak.
* Compiler warning from gcc for uninitialized variable.
* Insert mode completion functions are too long.
* Vim9: partial variable argument types are wrong, leading to a crash.
* When an internal error makes Vim exit the error is not seen.
* Unnecessary check for NULL pointer.
* Vim9: failure with partial with unknown argument count.
* Using freed memory with /\%V.
* Going beyond the end of the line with /\%V.
* Vim9: memory leak when text after a nested function.
* First line not redrawn when adding lines to an empty buffer.
* Insert completion code is too complicated.
* Vim9: no error for shadowing if script var is declared later.
* Duplicate assignment.
* Build failure compiling xxd with "-std=c2x".
* Error messages are spread out.
* Build fails for missing error message.
* Build failure with tiny and small features. (Tony Mechelynck)
* Some common lisp and scheme files not recognized.
* Vim9: no easy way to check if Vim9 script is supported.
* When using feedkeys() abbreviations may be blocked.
* Error messages are spread out.
* Build failure.
* Value of MAXCOL not available in Vim script.
* Error messages are spread out.
* Build fails.
* Error messages are spread out.
* Tiny build fails.
* Vim9: LISTAPPEND instruction does not check for a locked list.
* Error messages are spread out.
* FEARG_LAST is never used. (Dominique Pellé)
* Error messages are spread out.
* Build error when using dynamycally loaded Python 3.
* Vim9: the feature is not mentioned in the right places.
* If 'operatorfunc' invokes an operator the remembered Visual mode may be
changed. (Naohiro Ono)
* Vim9: debugging a for loop doesn't stop before it starts.
* Some lines of code not covered by tests.
* Error messages are spread out.
* Tiny build fails.
* Some insert completion code is not tested.
* Testing wrong operator.
* Vim9: error when extending dict<any> with another type that it was
initialized with.
* Wrong local-additions in the help with language mix.
* When recording a change in Select mode the first typed character appears
twice.
* Vim9: extend() complains about the type even when it was not declared.
* Not all sshconfig files are detected as such.
==== xorg-x11-server ====
Version update (21.1.2 -> 21.1.3)
Subpackages: xorg-x11-server-Xvfb
- u_xfree86-activate-GPU-screens-on-autobind.patch
* Part of the original patch by Dave Airlie has landed
078277e4d92f05a90c4715d61b89b9d9d38d68ea, this contains the
remainder of what was in SUSE before Xorg 21.1.
(github issue#1254, boo#1192751)
- Update to version 21.1.3
* This release fixes several regressions since 1.20.x and 21.1.1
+ glx/dri: Filter out fbconfigs that don't have a supported pixmap format
+ xf86/logind: Fix compilation error when built without logind/platform bus
+ xf86/logind: fix missing call to vtenter if the platform device is not paused
+ Convert more funcs to use InternalEvent.
+ os: Try to discover the current seat with the XDG_SEAT var first
==== zchunk ====
- add zstd-1.5.1.patch (gh#zchunk/zchunk/57)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
babeltrace
fmt (8.0.1 -> 8.1.0)
installation-images-MicroOS (17.32 -> 17.33)
kdump (0.9.1 -> 0.9.2)
lapack
libeconf (0.4.2+git20211111.c7a2c52 -> 0.4.4+git20220104.962774f)
python-prettytable (2.4.0 -> 2.5.0)
sg3_utils (1.47 -> 1.47+2.388b767)
suse-module-tools (16.0.17 -> 16.0.18)
vim (8.2.3863 -> 8.2.3995)
zchunk
=== Details ===
==== babeltrace ====
- reenable babeltrace on armv6/v7 (switch to excludearch)
==== fmt ====
Version update (8.0.1 -> 8.1.0)
- Update to version 8.1.0
* Optimized chrono formatting.
+ Processing of some specifiers such as %z and %Y is now up
to 10-20 times faster, for example on GCC 11 with
libstdc++.
* Implemented subsecond formatting for chrono durations.
* Fixed handling of precision 0 when formatting chrono
durations.
* Fixed an overflow on invalid inputs in the tm formatter.
* Added fmt::group_digits that formats integers with a
non-localized digit separator (comma) for groups of three
digits.
* Added support for faint, conceal, reverse and blink text
styles.
* Added experimental support for compile-time floating point
formatting.
* Added UDL-based named argument support to compile-time
format string checks.
* Implemented escaping of string range elements.
* Switched to JSON-like representation of maps and sets for
consistency with Python's str.format.
* Extended fmt::join to support C++20-only ranges.
* Optimized handling of non-const-iterable ranges and
implemented initial support for non-const-formattable types.
* Disabled implicit conversions of scoped enums to integers
that was accidentally introduced in earlier versions.
* Deprecated implicit conversion of [const] signed char* and
[const] unsigned char* to C strings.
* Deprecated _format, a legacy UDL-based format API.
* Marked format, formatted_size and to_string as [[nodiscard]].
* Added missing diagnostic when trying to format function and
member pointers as well as objects convertible to pointers
which is explicitly disallowed.
* Optimized writing to a contiguous buffer with format_to_n.
* Optimized writing to non-char buffers.
* Decimal point is now localized when using the L specifier.
* Improved floating point formatter implementation.
* Fixed handling of very large precision in fixed format.
* Made a table of cached powers used in FP formatting static.
* Resolved a lookup ambiguity with C++20 format-related
functions due to ADL.
* Removed unnecessary inline namespace qualification.
* Implemented argument forwarding in format_to_n.
* Fixed handling of implicit conversions in fmt::to_string and
format string compilation.
* Changed the default access mode of files created by
fmt::output_file to -rw-r--r-- for consistency with fopen.
* Make fmt::ostream::flush public.
* Improved C++14/17 attribute detection.
* Improved documentation.
* Improved fuzzers and added a fuzzer for chrono timepoint
formatting.
* Added the FMT_SYSTEM_HEADERS CMake option setting which
marks {fmt}'s headers as system. It can be used to suppress
warnings.
* Added the Bazel build system support.
* Improved build configuration and tests.
* Fixed various warnings and compilation issues.
==== installation-images-MicroOS ====
Version update (17.32 -> 17.33)
- merge gh#openSUSE/installation-images#561
- Remove more binaries appearing with Ruby 3.1 (bsc#1193192)
- 17.33
==== kdump ====
Version update (0.9.1 -> 0.9.2)
- kdump-0.9.2-mkdumprd-properly-pass-compression-params.patch: Fix
malformation in passing Dracut compression parameters in mkdumprd
(bsc#1193765).
- Refresh existing patches.
- Sync with SLE15-SP4 changelog. These patches were never applied
to Factory:
* kdump-avoid-endless-loop-EAI_AGAIN.patch
* kdump-calibrate-Add-LUKS2-Argon2-requirements-to-the-reser.patch
* kdump-calibrate-Fix-kernel-command-line-parsing.patch
* kdump-do-not-add-rd.neednet.patch
* kdump-Do-not-list-all-block-devices-if-no-block-devices-ar.patch
* kdump-ensure-initrd.target.wants-directory.patch
* kdump-Enumerate-all-BTRFS-devices-for-btrfs-mount-points.patch
* kdump-Implement-KString-isHexNumber.patch
* kdump-install-etc-resolv.conf-using-resolved-path.patch
* kdump-Mount-and-device-resolution-using-libmount-and-lsblk.patch
* kdump-remove-console-hvc0-from-commandline.patch
* kdump-set-serial-console-from-Xen-cmdline.patch
- Update to 0.9.2
* Isolate fadump initrd within the default one (jsc#SLE-18272)
* Bug fixes
* Code cleanups
- Remove patches that have been upstreamed:
* kdump-mounts.cc-Include-sys-ioctl.h.patch
* kdump-Add-bootdev-to-dracut-command-line.patch
* kdump-do-not-iterate-past-end-of-string.patch
* kdump-fix-incorrect-exit-code-checking.patch
* kdump-avoid-endless-loop-on-EAI_AGAIN.patch
* kdump-install-real-resolv.conf.patch
* kdump-Store-kdump-initrd-in-kernel-image-path.patch
- Remove patches that have been solved differently:
* kdump-on-error-option-yesno.patch
==== lapack ====
Subpackages: libblas3 libcblas3 liblapack3
- Add Fix-out-of-bounds-read.patch to fix out of bound reads when
user input is not validated properly. (bsc#1193562, CVE-2021-4048)
==== libeconf ====
Version update (0.4.2+git20211111.c7a2c52 -> 0.4.4+git20220104.962774f)
- Update to version 0.4.4+git20220104.962774f:
* Fixed i586 build (#158)
- Update to version 0.4.2+git20220104.5dfd69d:
* Reading numbers with different bases (e.g. oktal) (bsc#1193632) (#157)
==== python-prettytable ====
Version update (2.4.0 -> 2.5.0)
- update to 2.5.0:
* Add Single Border table style
==== sg3_utils ====
Version update (1.47 -> 1.47+2.388b767)
Subpackages: libsgutils2-1_47-2
- Update to version 1.47+2.388b767:
* rescan-scsi-bus.sh: apply fix for '-r' (boo#1194293)
* _service: use openSUSE github repo again (with cherry-picks
from upstream)
* spec file: suppress commit ID in library version
==== suse-module-tools ====
Version update (16.0.17 -> 16.0.18)
- Update to version 16.0.18:
* cdrom: Disable autoclose by default (boo#1165047).
* Make regenerate-initrd-posttrans compatible with Dracut's
UEFI mode (unified kernel image)
==== vim ====
Version update (8.2.3863 -> 8.2.3995)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.3995, fixes the following problems
- fixed boo#1194219
* Various build flags accidentally enabled.
* Cannot disable requesting key codes from xterm.
* Vim9: compiler complains about using "try" as a struct member.
* Vim9: type checking global variables is inconsistent.
* Implementation of some list functions too complicated.
* Vim9: function test fails.
* Vim9: type checking for "any" is inconsistent.
context menu. (Gabriel Dupras)
* List.c contains code for dict and blob.
* Vim9: finddir() and uniq() return types can be more specific.
* go.mod files are not recognized.
* Cannot highlight the number column for a sign.
* gcc complains about buffer overrun.
* 'cindent' does not recognize inline namespace.
* Function does not abort after a type error in compare
* Vim9: debugger tries to read more lines than there are.
* getreg() and getregtype() contain dead code.
* Solution filter files are not recognized.
* More duplicated code in f_getreginfo().
* Crash when switching to other regexp engine fails.
* Crash when clearing the argument list while using it.
* Arglist test fails.
* Can define autocmd for every event by using "au!".
* E1135 is used for two different errors.
* The argument list may contain duplicates.
* Duplicate code for translating script-local function name.
* Vim9: type check for using v: variables is basic.
* When modifyOtherKeys is used CTRL-C is not recognized.
* Vim9: many local variables are initialized with an instruction.
* Vim9: no proper type check for first argument of call().
* Vim9: confusing error when using function() with a number.
* Vim9: no test for nested function not available later.
* Vim9: the second argument of map() and filter() is not checked at
compile time.
* Vim9: not sufficient testing for variable initialization.
* Vim9: test for map() on string fails.
* It is not easy to use a script-local function for an option.
* Vim9: Cannot set 'cpo' in main .vimrc if using Vim9 script.
* Vim9: double free with nested :def function.
* "gM" does not count tabs as expected.
* Vim9: skip expression type is not checked at compile time.
* Dockerfile using prefix name not recognized.
* Vim9 help still contains "under development" warnings.
* Error messages are spread out.
* Cannot use a script-local function for 'foldtext'.
* Containerfile using prefix name not recognized.
* When the compare function of sort() produces and error then sort()
does not abort.
* Vim9: type check for filter() does not accept unknown.
* The ins_complete() function is much too long.
* Help for expressions does not mention Vim9 syntax.
* Various spelling mistakes in comments.
* illegal memory access when completing with invalid bytes.
* No error for passing an invalid line number to append().
* The eval.txt help file is way too big.
* Function list test fails.
* Vim9: wrong argument for append() results in two errors.
* Restoring directory after using another window is inefficient.
* The way xdiff is used is inefficient.
* Cannot build with dynamic Ruby 3.1.
* Vim9: double free if a nested function has a line break in the argument
list.
* Vim9: no error if something follows :enddef in a nested function.
* Diff mode confused by NUL bytes.
* Build failure without the 'autochdir' option. (John Marriott)
* Vim9: double free when using lambda.
* Heredoc test fails.
* Using unititialized variable.
* getcmdline() argument has a misleading type.
* Coverity reports a memory leak.
* C line comment not formatted properly.
* After ":cd" fails ":cd -" is incorrect.
* Repeating line comment is undesired for "O" command.
* CTRL-U in Insert mode does not fix the indent.
* No proper test for maintaining change mark in diff mode.
* Insert mode completion function is too long.
* Line comment start is also found in a string.
* Match highlight disappears when doing incsearch for ":s/pat".
* SIGTSTP is not handled.
* Coverity reports a possible memory leak.
* Compiler warning from gcc for uninitialized variable.
* Insert mode completion functions are too long.
* Vim9: partial variable argument types are wrong, leading to a crash.
* When an internal error makes Vim exit the error is not seen.
* Unnecessary check for NULL pointer.
* Vim9: failure with partial with unknown argument count.
* Using freed memory with /\%V.
* Going beyond the end of the line with /\%V.
* Vim9: memory leak when text after a nested function.
* First line not redrawn when adding lines to an empty buffer.
* Insert completion code is too complicated.
* Vim9: no error for shadowing if script var is declared later.
* Duplicate assignment.
* Build failure compiling xxd with "-std=c2x".
* Error messages are spread out.
* Build fails for missing error message.
* Build failure with tiny and small features. (Tony Mechelynck)
* Some common lisp and scheme files not recognized.
* Vim9: no easy way to check if Vim9 script is supported.
* When using feedkeys() abbreviations may be blocked.
* Error messages are spread out.
* Build failure.
* Value of MAXCOL not available in Vim script.
* Error messages are spread out.
* Build fails.
* Error messages are spread out.
* Tiny build fails.
* Vim9: LISTAPPEND instruction does not check for a locked list.
* Error messages are spread out.
* FEARG_LAST is never used. (Dominique Pellé)
* Error messages are spread out.
* Build error when using dynamycally loaded Python 3.
* Vim9: the feature is not mentioned in the right places.
* If 'operatorfunc' invokes an operator the remembered Visual mode may be
changed. (Naohiro Ono)
* Vim9: debugging a for loop doesn't stop before it starts.
* Some lines of code not covered by tests.
* Error messages are spread out.
* Tiny build fails.
* Some insert completion code is not tested.
* Testing wrong operator.
* Vim9: error when extending dict<any> with another type that it was
initialized with.
* Wrong local-additions in the help with language mix.
* When recording a change in Select mode the first typed character appears
twice.
* Vim9: extend() complains about the type even when it was not declared.
* Not all sshconfig files are detected as such.
==== zchunk ====
- add zstd-1.5.1.patch (gh#zchunk/zchunk/57)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
AppStream (0.14.6 -> 0.15.1)
gdm
gtk4 (4.4.1 -> 4.6.0)
installation-images-MicroOS (17.31 -> 17.32)
iptables
lua54
perl-libwww-perl (6.59 -> 6.60)
=== Details ===
==== AppStream ====
Version update (0.14.6 -> 0.15.1)
Subpackages: libAppStreamQt2 libappstream4
- Update to version 0.15.1
* compose: Port over font support from appstream-generator
* compose: Allow overriding unit used for locale processing
* compose: Refine legacy support for desktop-id launchables
* compose: Allow setting the custom desktop-entry translation function
* compose: Allow to run with threading (mostly) disabled
* compose: Reorganize feature flags, allow to disable l10n
* compose: Allow setting a screenshot file size limit
* compose: Allow to disable screencast processing explicitly
* compose: Allow to test whether result has a specific hint tag
* news-convert: Support a "Translators" section
* validator: Check that first rDNS component-ID parts are always lowercased
* validator: Validate capitalization for some selected text blocks
* vapi: Rename PoolFlag to PoolFlags to add the missing deprecated flags
* Fix cache always getting updated even if unnacessary on Debian systems
* Still verify download return codes if download was aborted intentionally
* compose: Warn if metainfo files are missing and data was processed anyway
- Update to version 0.15.0
* This release contains a complete rewrite of AppStream's
caching code, making use of libxmlb instead of LMDB now.
This will allow for more complex queries and simplifies the
caching code a bit.
* Allow clients to configure the addon autoresolve magic
* Allow clients to control the local metainfo preference
* qt: Add wrappers for new AsPool API
* qt: Wrap the AsPool ::changed signal
* Implement the new "Tags" tag
* Make component-ID search case-insensitive
* compose: Adjust to rsvg API changes
* qt: Align API deprecations with C library API
* Cache Flatpak data properly, and add some quirk fixes for it
- Add BuildRequires itstool
- Add BuildRequires xmlb >= 0.3.6
- Update BuildRequires glib-2.0 to >= 2.62
- Remove BuildRequires lmdb-devel
==== gdm ====
Subpackages: gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Move
%{_datadir}/glib-2.0/schemas/org.gnome.login-screen.gschema.xml
from main package to new gdm-schema split package and make
libgdm1 depend on the new gdm-schema split package. Currently,
the gdm-schema is required for gnome-shell to work, but
gnome-shell only depends on libgdm1 and not on gdm as a whole,
causing a crash of gnome-shell if the gdm main package is not
installed. By moving the gdm-schema to it's own split package and
making libgdm1 actually require it, the crash can be prevented.
Fixes boo#1194183.
==== gtk4 ====
Version update (4.4.1 -> 4.6.0)
Subpackages: gtk4-schema libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.6.0:
+ GtkProgressBar: Fix handling of "inverted".
+ GtkLabel: Add a "natural wrap mode" property to influence how
natural width is determined.
+ GtkTextView: Scroll insertion on-screen after undo / redo.
+ gsk: Abort region diffing when changes are too complex.
+ gdk:
- Avoid compressing discrete scroll events.
- Fix problems with hiding windows.
- Improve GL and GLES version checks.
+ Wayland: Support new high-contrast setting.
+ Inspector: Add DND inspection support.
+ build: Avoid deprecated meson apis.
+ Updated translations.
- Update to version 4.5.1:
+ GtkWidget sizing has been rewritten to implement
width-for-height more properly. This had some fallout, and some
widgets may still not react kindly to the new way of doing
things. See https://blog.gtk.org/2021/12/03/sizable-news/ for
details, and please file issues if you notice fallout.
+ Rename git `master` branch to `main`
+ Css:
- Fully support font-variant-caps
- Fix a crash with gradients
+ Make various widgets activatable:
- GtkComboBox
- GtkDropDown
+ GtkPopover: Make focus indicators not disappear
+ GtkTextView:
- Don't leave embedded children stranded when scrolling
- Don't insert Emoji into non-editable textviews
- Fix Emoji chooser positioning
- Fix problems with pasting text
- Improve scroll-to-mark behavior
- Support right-aligned, centered and decimal tabs
- Make child anchor replacement character settable
- Provide more context to input methods
+ GtkDragIcon: Provide default icons for paintables and files
+ GtkBuilder: Speed up template precompilation
+ Actions:
- Reduce allocations during signal emissions
- Avoid duplication and unnecessary recursion
+ Inspector:
- Show the selected im-module in the General tab
- Add a clipboard viewer
- Make the recorder record events too
- Add a graph visualizing gtk_widget_measure()
+ Gsk:
- Fix hexbox rendering
- Fix transformed linear gradient rendering
+ Printing: Fix dialog-less printing
+ X11:
- Improve behavior of windows drags on headerbar controls
- Trap errors for RANDR changes
- Fix problems with drag icons
+ Wayland: Ensure we prefer the Wayland im-module over others
+ Updated translations.
- Changes from version 4.5.0:
+ gsk:
- Drop the GL renderer in favor of NGL
- Rename NGL to GL
- Fix some coordinate overflow issues
- Reimplement texture upload and download for better support of
image formats and color spaces
- New api:
* gsk_transform_skew
* gsk_transform_to_2d_components
+ gdk:
- Support HSL in gdk_rgba_parse
- Use libpng, libjpeg and libtiff directly when loading
textures, and support more image formats (including 16bit and
float formats)
- New apis:
* gdk_texture_new_from_bytes
* gdk_texture_new_from_filename
* gdk_texture_download_float
* gdk_texture_save_to_png_bytes
* gdk_texture_save_to_tiff
* gdk_texture_save_to_tiff_bytes
* gdk_display_create_gl_context
- Implement GIcon and GLoadableIcon in GdkTexture
- Move EGL initialization to the frontend
- Use configless EGL contexts, if supported
- Use >8bit pixel formats, if supported and requested
+ css:
- Add support for line-height
- Add support for text-transform
+ theme: Fixes for buttons in toolbars
+ input:
- Update compose sequences from libX11 1.7.2
- Accept replacement string longer than 20 characters
+ text:
- Implement sloped caret drawing
- Add a gtk-hint-font-metrics setting to switch font rendering
to be more similar to GTK3
+ GtkTextView:
- Add support for line height
- Add support for text transforms
- Misc fixes for css->pango attribute translations
- Invalidate pango contexts when font settings change
- Improve undo grouping when overwriting
+ GtkListView:
- Make tree indentation more flexible with
GtkTreeExpander:indent-for-icon
+ GtkMenuButton: Support custom children
+ GtkFlowBox: Add prepend and append
+ GtkCalendar: Fix handling of weeks starting on Monday
+ GtkWindow: Add a titlebar property
+ GtkDropDown: Add a show-arrow property
+ GtkPopoverMenu: Support a use-markup attribute in menu models
+ Add GtkSymbolicPaintable
+ Tools: Support DND in gtk4-node-editor and the inspector's
recorder
+ Demos: Improve the font rendering demo
+ Build:
- Require Pango 1.49
- Require libpng, libtiff and libjpeg
- Speed up handling of resources during build
+ X11: Support touchpad gestures with XInput 2.4
+ Updated translations.
- Drop gtk4-fix-link-to-g_signal_emit.patch: fixed upstream.
- Add docutils, pkgconfig(libjpeg), pkgconfig(libpng) and
pkgconfig(libtiff-4) BuildRequires: New dependencies.
==== installation-images-MicroOS ====
Version update (17.31 -> 17.32)
- merge gh#openSUSE/installation-images#560
- Add s390x to architecture list for net_repos (boo#1193479)
- Define zsystems as the_arch for s390x
- 17.32
==== iptables ====
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Only use nftables backend when iptables-backend-nft is installed
when using libalternatives
==== lua54 ====
- Re-enable readline support in Lua, the way to do this changed
in Lua 5.4
- Because we are linking with readline add GPLv3+ only to the
main package
- Subsequently, update main_test.patch to ignore another test
- Update upstream-bugs.patch and upstream-bugs-test.patch to fix
bugs 9,10,12 for build and tests respectively. Bug 11 changes
interface of luaD_pretailcall.
==== perl-libwww-perl ====
Version update (6.59 -> 6.60)
- updated to 6.60
see /usr/share/doc/packages/perl-libwww-perl/Changes
6.60 2021-12-17 22:29:57Z
- Warn if updating modification time of mirrored file fails (GH#399) (Ville Skyttä)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
installation-images-MicroOS (17.31 -> 17.32)
iptables
lua54
=== Details ===
==== installation-images-MicroOS ====
Version update (17.31 -> 17.32)
- merge gh#openSUSE/installation-images#560
- Add s390x to architecture list for net_repos (boo#1193479)
- Define zsystems as the_arch for s390x
- 17.32
==== iptables ====
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Only use nftables backend when iptables-backend-nft is installed
when using libalternatives
==== lua54 ====
- Re-enable readline support in Lua, the way to do this changed
in Lua 5.4
- Because we are linking with readline add GPLv3+ only to the
main package
- Subsequently, update main_test.patch to ignore another test
- Update upstream-bugs.patch and upstream-bugs-test.patch to fix
bugs 9,10,12 for build and tests respectively. Bug 11 changes
interface of luaD_pretailcall.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
chrony (4.1 -> 4.2)
clutter
expat (2.4.1 -> 2.4.2)
gnome-software
gpg2 (2.3.3 -> 2.3.4)
gpgme
grub2
installation-images-MicroOS (17.30 -> 17.31)
kernel-source (5.15.8 -> 5.15.12)
libcamera
libcap (2.61 -> 2.62)
libgsf (1.14.47 -> 1.14.48)
libgusb (0.3.5 -> 0.3.9)
libical (3.0.11 -> 3.0.12)
libical-glib (3.0.11 -> 3.0.12)
libopenmpt (0.5.13 -> 0.5.14)
libqt5-qtbase (5.15.2+kde254 -> 5.15.2+kde268)
libthai (0.1.28 -> 0.1.29)
libxmlb (0.2.1 -> 0.3.6)
llvm13
mozilla-nspr (4.32 -> 4.33)
mozilla-nss (3.73 -> 3.73.1)
pango (1.50.2 -> 1.50.3)
plasma5-desktop
poppler
poppler-qt5
pulseaudio
python-SQLAlchemy (1.4.27 -> 1.4.29)
python-ordered-set
python-setuptools
qemu (6.1.0 -> 6.2.0)
raspberrypi-firmware (2021.11.16 -> 2021.12.01)
raspberrypi-firmware-config (2021.11.16 -> 2021.12.01)
sssd (2.6.1 -> 2.6.2)
wicked (0.6.67 -> 0.6.68)
yast2 (4.4.31 -> 4.4.32)
=== Details ===
==== chrony ====
Version update (4.1 -> 4.2)
Subpackages: chrony-pool-openSUSE
- Update to 4.2
* Add support for NTPv4 extension field improving synchronisation
stability and resolution of root delay and dispersion
(experimental)
* Add support for NTP over PTP (experimental)
* Add support for AES-CMAC and hash functions in GnuTLS
* Improve server interleaved mode to be more reliable and support
multiple clients behind NAT
* Update seccomp filter
* Fix RTC support with 64-bit time_t on 32-bit Linux
* Fix seccomp filter to work correctly with bind*device directives
- Obsoleted patches:
* chrony-refid-internal-md5.patch
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch
- Update clknetsim to snapshot 470b5e9.
- Add chrony-htonl.patch to work around undocumented behaviour of
htonl() in older glibc versions (SLE-12) on 64 bit big endian
architectures (s390x).
- SLE bugs that have been fixed in openSUSE up to this point
without explicit references: bsc#1183783, bsc#1184400,
bsc#1171806, bsc#1161119, bsc#1159840.
- Obsoleted SLE patches:
* chrony-fix-open.patch
* chrony-gettimeofday.patch
* chrony-ntp-era-split.patch
* chrony-pidfile.patch
* chrony-select-timeout.patch
* chrony-urandom.patch
* chrony.sysconfig
* clknetsim-glibc-2.31.patch
==== clutter ====
- Add cd4c50db38ea9421deb83f25935a27531aa756a9.patch: wayland:
Protect against enter events for empty surfaces.
==== expat ====
Version update (2.4.1 -> 2.4.2)
Subpackages: libexpat1
- update to 2.4.2:
* Link againgst libm for function "isnan"
* Include expat_config.h as early as possible
* Autotools: Include files with release archives:
- buildconf.sh
- fuzz/*.c
* Autotools: Sync CMake templates
* docs: Document that function XML_GetBuffer may return NULL
when asking for a buffer of 0 (zero) bytes size
* docs: Fix return value docs for both
XML_SetBillionLaughsAttackProtection* functions
* Version info bumped from 9:1:8 to 9:2:8
==== gnome-software ====
- Add gnome-software-flatpak-refresh-no-interaction.patch: flatpak:
Set no-interaction correctly when refreshing(bsc#1123722,
glgo#GNOME/gnome-software!1145).
==== gpg2 ====
Version update (2.3.3 -> 2.3.4)
- GnuPG 2.3.4:
* gpg: New option --min-rsa-length
* gpg: New option --forbid-gen-key
* gpg: New option --override-compliance-check
* gpgconf: New command --show-configs
* agent,dirmngr,keyboxd: New option --steal-socket
* gpg: Fix printing of binary notations
* gpg: Remove stale ultimately trusted keys from the trustdb
* gpg: Fix indentation of --print-mds and --print-md sha512
* gpg: Emit gpg 2.2 compatible Ed25519 signature
* gpgsm: Detect circular chains in --list-chain
* dirmngr: Make reading resolv.conf more robust
* dirmngr: Ask keyservers to provide the key fingerprints
* gpgconf: Allow changing gpg's deprecated keyserver option
* gpg-wks-server: Fix created file permissions
* scd: Support longer data for ssh-agent authentication with
openpgp cards
* scd: Modify DEVINFO behavior to support looping forever
* Silence warning about the rootdir under Unices w/o a mounted
/proc file system
* Fix possible build problems about missing include files
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6
- Add patches to support building bindings packages for
Python 3.10
* gpgme-D545-python310.patch -- https://dev.gnupg.org/D545
* gpgme-D546-python310.patch -- https://dev.gnupg.org/D546
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix CVE-2021-3981 (bsc#1189644)
* 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch
- Fix can't allocate initrd error (bsc#1191378)
* 0001-Factor-out-grub_efi_linux_boot.patch
* 0002-Fix-race-in-EFI-validation.patch
* 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
* 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch
* 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch
* 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
* 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
* 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
* 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
* 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch
* 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch
==== installation-images-MicroOS ====
Version update (17.30 -> 17.31)
- merge gh#openSUSE/installation-images#559
- Remove more binaries appearing with Ruby 3.0 (bsc#1193192)
- 17.31
==== kernel-source ====
Version update (5.15.8 -> 5.15.12)
- Update config files.
- commit 375fcb8
- Linux 5.15.12 (bsc#1012628).
- arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd
(bsc#1012628).
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (bsc#1012628).
- ext4: prevent partial update of the extent blocks (bsc#1012628).
- ext4: check for out-of-order index extents in
ext4_valid_extent_entries() (bsc#1012628).
- ext4: check for inconsistent extents between index and leaf
block (bsc#1012628).
- selftests: KVM: Fix non-x86 compiling (bsc#1012628).
- HID: holtek: fix mouse probing (bsc#1012628).
- HID: potential dereference of null pointer (bsc#1012628).
- NFSD: Fix READDIR buffer overflow (bsc#1012628).
- PM: sleep: Fix error handling in dpm_prepare() (bsc#1012628).
- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
(bsc#1012628).
- bus: sunxi-rsb: Fix shutdown (bsc#1012628).
- spi: change clk_disable_unprepare to clk_unprepare
(bsc#1012628).
- ucounts: Fix rlimit max values check (bsc#1012628).
- drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
(bsc#1012628).
- ASoC: meson: aiu: fifo: Add missing
dma_coerce_mask_and_coherent() (bsc#1012628).
- RDMA/hns: Fix RNR retransmission issue for HIP08 (bsc#1012628).
- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
(bsc#1012628).
- RDMA/hns: Replace kfree() with kvfree() (bsc#1012628).
- netfilter: nf_tables: fix use-after-free in
nft_set_catchall_destroy() (bsc#1012628).
- netfilter: fix regression in looped (broad|multi)cast's MAC
handling (bsc#1012628).
- ARM: dts: imx6qdl-wandboard: Fix Ethernet support (bsc#1012628).
- ice: Use xdp_buf instead of rx_buf for xsk zero-copy
(bsc#1012628).
- ice: xsk: return xsk buffers back to pool when cleaning the ring
(bsc#1012628).
- net: marvell: prestera: fix incorrect return of port_find
(bsc#1012628).
- net: marvell: prestera: fix incorrect structure access
(bsc#1012628).
- qlcnic: potential dereference null pointer of
rx_queue->page_ring (bsc#1012628).
- tcp: move inet->rx_dst_ifindex to sk->sk_rx_dst_ifindex
(bsc#1012628).
- ipv6: move inet6_sk(sk)->rx_dst_cookie to sk->sk_rx_dst_cookie
(bsc#1012628).
- inet: fully convert sk->sk_rx_dst to RCU rules (bsc#1012628).
- net: accept UFOv6 packages in virtio_net_hdr_to_skb
(bsc#1012628).
- net: skip virtio_net_hdr_set_proto if protocol already set
(bsc#1012628).
- igb: fix deadlock caused by taking RTNL in RPM resume path
(bsc#1012628).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
(bsc#1012628).
- gpio: virtio: remove timeout (bsc#1012628).
- bonding: fix ad_actor_system option setting to default
(bsc#1012628).
- fjes: Check for error irq (bsc#1012628).
- drivers: net: smc911x: Check for error irq (bsc#1012628).
- net: ks8851: Check for error irq (bsc#1012628).
- sfc: Check null pointer of rx_queue->page_ring (bsc#1012628).
- sfc: falcon: Check null pointer of rx_queue->page_ring
(bsc#1012628).
- asix: fix uninit-value in asix_mdio_read() (bsc#1012628).
- asix: fix wrong return value in asix_check_host_enable()
(bsc#1012628).
- io_uring: zero iocb->ki_pos for stream file types (bsc#1012628).
- veth: ensure skb entering GRO are not cloned (bsc#1012628).
- net: stmmac: ptp: fix potentially overflowing expression
(bsc#1012628).
- net: bridge: Use array_size() helper in copy_to_user()
(bsc#1012628).
- net: bridge: fix ioctl old_deviceless bridge argument
(bsc#1012628).
- r8152: fix the force speed doesn't work for RTL8156
(bsc#1012628).
- net: stmmac: dwmac-visconti: Fix value of
ETHER_CLK_SEL_FREQ_SEL_2P5M (bsc#1012628).
- Input: elantech - fix stack out of bound access in
elantech_change_report_id() (bsc#1012628).
- pinctrl: bcm2835: Change init order for gpio hogs (bsc#1012628).
- hwmon: (lm90) Fix usage of CONFIG2 register in detect function
(bsc#1012628).
- hwmon: (lm90) Prevent integer overflow/underflow in hysteresis
calculations (bsc#1012628).
- hwmon: (lm90) Introduce flag indicating extended temperature
support (bsc#1012628).
- hwmon: (lm90) Add basic support for TI TMP461 (bsc#1012628).
- hwmon: (lm90) Drop critical attribute support for MAX6654
(bsc#1012628).
- ARM: 9160/1: NOMMU: Reload __secondary_data after
PROCINFO_INITFUNC (bsc#1012628).
- uapi: Fix undefined __always_inline on non-glibc systems
(bsc#1012628).
- compiler.h: Fix annotation macro misplacement with Clang
(bsc#1012628).
- platform/x86/intel: Remove X86_PLATFORM_DRIVERS_INTEL
(bsc#1012628).
- kernel/crash_core: suppress unknown crashkernel parameter
warning (bsc#1012628).
- Revert "x86/boot: Pull up cmdline preparation and early param
parsing" (bsc#1012628).
- x86/boot: Move EFI range reservation after cmdline parsing
(bsc#1012628).
- ALSA: jack: Check the return value of kstrdup() (bsc#1012628).
- ALSA: drivers: opl3: Fix incorrect use of vp->state
(bsc#1012628).
- ALSA: rawmidi - fix the uninitalized user_pversion
(bsc#1012628).
- ALSA: hda/hdmi: Disable silent stream on GLK (bsc#1012628).
- ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
(bsc#1012628).
- ALSA: hda/realtek: Add new alc285-hp-amp-init model
(bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
(bsc#1012628).
- ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (bsc#1012628).
- ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s
(bsc#1012628).
- ASoC: tegra: Add DAPM switches for headphones and mic jack
(bsc#1012628).
- ASoC: tegra: Restore headphones jack name on Nyan Big
(bsc#1012628).
- Input: atmel_mxt_ts - fix double free in mxt_read_info_block
(bsc#1012628).
- ipmi: bail out if init_srcu_struct fails (bsc#1012628).
- ipmi: ssif: initialize ssif_info->client early (bsc#1012628).
- ipmi: fix initialization when workqueue allocation fails
(bsc#1012628).
- parisc: Correct completer in lws start (bsc#1012628).
- parisc: Fix mask used to select futex spinlock (bsc#1012628).
- tee: handle lookup of shm with reference count 0 (bsc#1012628).
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
(bsc#1012628).
- platform/x86: amd-pmc: only use callbacks for suspend
(bsc#1012628).
- platform/x86: intel_pmc_core: fix memleak on registration
failure (bsc#1012628).
- KVM: x86: Always set kvm_run->if_flag (bsc#1012628).
- KVM: x86/mmu: Don't advance iterator after restart due to
yielding (bsc#1012628).
- KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is
required (bsc#1012628).
- KVM: VMX: Always clear vmx->fail on emulation_required
(bsc#1012628).
- KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU ==
this vCPU (bsc#1012628).
- pinctrl: stm32: consider the GPIO offset to expose all the
GPIO lines (bsc#1012628).
- gpio: dln2: Fix interrupts when replugging the device
(bsc#1012628).
- mmc: sdhci-tegra: Fix switch to HS400ES mode (bsc#1012628).
- mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO
commands (bsc#1012628).
- mmc: core: Disable card detect during shutdown (bsc#1012628).
- mmc: mmci: stm32: clear DLYB_CR after sending tuning command
(bsc#1012628).
- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
(bsc#1012628).
- ksmbd: fix error code in ndr_read_int32() (bsc#1012628).
- ksmbd: fix uninitialized symbol 'pntsd_size' (bsc#1012628).
- ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
(bsc#1012628).
- mac80211: fix locking in ieee80211_start_ap error path
(bsc#1012628).
- mm: mempolicy: fix THP allocations escaping mempolicy
restrictions (bsc#1012628).
- mm, hwpoison: fix condition in free hugetlb page path
(bsc#1012628).
- mm/hwpoison: clear MF_COUNT_INCREASED before retrying
get_any_page() (bsc#1012628).
- mm/damon/dbgfs: protect targets destructions with kdamond_lock
(bsc#1012628).
- tee: optee: Fix incorrect page free bug (bsc#1012628).
- f2fs: fix to do sanity check on last xattr entry in
__f2fs_setxattr() (bsc#1012628).
- netfs: fix parameter of cleanup() (bsc#1012628).
- KVM: VMX: Fix stale docs for
kvm-intel.emulate_invalid_guest_state (bsc#1012628).
- arm64: dts: lx2160a: fix scl-gpios property name (bsc#1012628).
- kfence: fix memory leak when cat kfence objects (bsc#1012628).
- Input: iqs626a - prohibit inlining of channel parsing functions
(bsc#1012628).
- Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
(bsc#1012628).
- Input: goodix - add id->model mapping for the "9111" model
(bsc#1012628).
- ASoC: tas2770: Fix setting of high sample rates (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add new ADL-P variant (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add ADL-N support (bsc#1012628).
- ASoC: rt5682: fix the wrong jack type detected (bsc#1012628).
- pinctrl: mediatek: fix global-out-of-bounds issue (bsc#1012628).
- hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
(bsc#1012628).
- hwmon: (lm90) Do not report 'busy' status bit as alarm
(bsc#1012628).
- r8152: sync ocp base (bsc#1012628).
- ax25: NPD bug when detaching AX25 device (bsc#1012628).
- hamradio: defer ax25 kfree after unregister_netdev
(bsc#1012628).
- hamradio: improve the incomplete fix to avoid NPD (bsc#1012628).
- tun: avoid double free in tun_free_netdev (bsc#1012628).
- phonet/pep: refuse to enable an unbound pipe (bsc#1012628).
- Refresh
patches.suse/add-product-identifying-information-to-vmcoreinfo.patch.
- commit 202eb92
- Disable patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch (bsc#1194007)
Better to disable it completely.
- commit 730a488
- Linux 5.15.11 (bsc#1012628).
- xen/netback: don't queue unlimited number of packages
(bsc#1012628).
- xen/netback: fix rx queue stall detection (bsc#1012628).
- xen/console: harden hvc_xen against event channel storms
(bsc#1012628).
- xen/netfront: harden netfront against event channel storms
(bsc#1012628).
- xen/blkfront: harden blkfront against event channel storms
(bsc#1012628).
- Revert "xsk: Do not sleep in poll() when need_wakeup set"
(bsc#1012628).
- selftests/damon: test debugfs file reads/writes with huge count
(bsc#1012628).
- bus: ti-sysc: Fix variable set but not used warning for
reinit_modules (bsc#1012628).
- io-wq: drop wqe lock before creating new worker (bsc#1012628).
- rcu: Mark accesses to rcu_state.n_force_qs (bsc#1012628).
- io-wq: check for wq exit after adding new worker task_work
(bsc#1012628).
- io-wq: remove spurious bit clear on task_work addition
(bsc#1012628).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (bsc#1012628).
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(bsc#1012628).
- scsi: scsi_debug: Don't call kcalloc() if size arg is zero
(bsc#1012628).
- ovl: fix warning in ovl_create_real() (bsc#1012628).
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1012628).
- media: mxl111sf: change mutex_init() location (bsc#1012628).
- USB: core: Make do_proc_control() and do_proc_bulk() killable
(bsc#1012628).
- bpf: Fix extable address check (bsc#1012628).
- bpf, x64: Factor out emission of REX byte in more cases
(bsc#1012628).
- mptcp: add missing documented NL params (bsc#1012628).
- xsk: Do not sleep in poll() when need_wakeup set (bsc#1012628).
- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name
(bsc#1012628).
- can: m_can: pci: use custom bit timings for Elkhart Lake
(bsc#1012628).
- can: m_can: make custom bittiming fields const (bsc#1012628).
- Revert "can: m_can: remove support for custom bit timing"
(bsc#1012628).
- drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info
on YC (bsc#1012628).
- drm/amdgpu: don't override default ECO_BITs setting
(bsc#1012628).
- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
(bsc#1012628).
- powerpc/module_64: Fix livepatching for RO modules
(bsc#1012628).
- libata: if T_LENGTH is zero, dma direction should be DMA_NONE
(bsc#1012628).
- perf inject: Fix segfault due to perf_data__fd() without open
(bsc#1012628).
- perf inject: Fix segfault due to close without open
(bsc#1012628).
- riscv: dts: unmatched: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- riscv: dts: unleashed: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- locking/rtmutex: Fix incorrect condition in
rtmutex_spin_on_owner() (bsc#1012628).
- cifs: sanitize multiple delimiters in prepath (bsc#1012628).
- timekeeping: Really make sure wall_to_monotonic isn't positive
(bsc#1012628).
- serial: 8250_fintek: Fix garbled text for console (bsc#1012628).
- iocost: Fix divide-by-zero on donation from low hweight cgroup
(bsc#1012628).
- zonefs: add MODULE_ALIAS_FS (bsc#1012628).
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device()
(bsc#1012628).
- btrfs: check WRITE_ERR when trying to read an extent buffer
(bsc#1012628).
- btrfs: fix double free of anon_dev after failure to create
subvolume (bsc#1012628).
- Refresh
patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch.
- btrfs: fix memory leak in __add_inode_ref() (bsc#1012628).
- selinux: fix sleeping function called from invalid context
(bsc#1012628).
- USB: serial: option: add Telit FN990 compositions (bsc#1012628).
- USB: serial: cp210x: fix CP2105 GPIO registration (bsc#1012628).
- usb: gadget: u_ether: fix race in setting MAC address in setup
phase (bsc#1012628).
- usb: typec: tcpm: fix tcpm unregister port but leave a pending
timer (bsc#1012628).
- usb: cdnsp: Fix lack of spin_lock_irqsave/spin_lock_restore
(bsc#1012628).
- usb: cdnsp: Fix issue in cdnsp_log_ep trace event (bsc#1012628).
- usb: cdnsp: Fix incorrect calling of cdnsp_died function
(bsc#1012628).
- usb: cdnsp: Fix incorrect status for control request
(bsc#1012628).
- usb: xhci: Extend support for runtime power management for
AMD's Yellow carp (bsc#1012628).
- usb: xhci-mtk: fix list_del warning when enable list debug
(bsc#1012628).
- PCI/MSI: Mask MSI-X vectors only on success (bsc#1012628).
- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (bsc#1012628).
- usb: dwc2: fix STM ID/VBUS detection startup delay in
dwc2_driver_probe (bsc#1012628).
- USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
(bsc#1012628).
- tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
(bsc#1012628).
- KVM: x86: Drop guest CPUID check for host initiated writes to
MSR_IA32_PERF_CAPABILITIES (bsc#1012628).
- Revert "usb: early: convert to readl_poll_timeout_atomic()"
(bsc#1012628).
- USB: gadget: bRequestType is a bitfield, not a enum
(bsc#1012628).
- powerpc/85xx: Fix oops when CONFIG_FSL_PMC=n (bsc#1012628).
- bpf, selftests: Fix racing issue in btf_skc_cls_ingress test
(bsc#1012628).
- bpf: Fix extable fixup offset (bsc#1012628).
- arm64: kexec: Fix missing error code 'ret' warning in
load_other_segments() (bsc#1012628).
- afs: Fix mmap (bsc#1012628).
- sit: do not call ipip6_dev_free() from sit_init_net()
(bsc#1012628).
- net: systemport: Add global locking for descriptor lifecycle
(bsc#1012628).
- net/smc: Prevent smc_release() from long blocking (bsc#1012628).
- net: Fix double 0x prefix print in SKB dump (bsc#1012628).
- dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED
(bsc#1012628).
- sfc_ef100: potential dereference of null pointer (bsc#1012628).
- net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
(bsc#1012628).
- net/packet: rx_owner_map depends on pg_vec (bsc#1012628).
- netdevsim: Zero-initialize memory for new map's value in
function nsim_bpf_map_alloc (bsc#1012628).
- ixgbe: set X550 MDIO speed before talking to PHY (bsc#1012628).
- ixgbe: Document how to enable NBASE-T support (bsc#1012628).
- igc: Fix typo in i225 LTR functions (bsc#1012628).
- igbvf: fix double free in `igbvf_probe` (bsc#1012628).
- igb: Fix removal of unicast MAC filters of VFs (bsc#1012628).
- soc/tegra: fuse: Fix bitwise vs. logical OR warning
(bsc#1012628).
- mptcp: fix deadlock in __mptcp_push_pending() (bsc#1012628).
- mptcp: clear 'kern' flag from fallback sockets (bsc#1012628).
- mptcp: remove tcp ulp setsockopt support (bsc#1012628).
- drm/amd/pm: fix a potential gpu_metrics_table memory leak
(bsc#1012628).
- drm/amd/display: Set exit_optimized_pwr_state for DCN31
(bsc#1012628).
- ice: Don't put stale timestamps in the skb (bsc#1012628).
- ice: Use div64_u64 instead of div_u64 in adjfine (bsc#1012628).
- rds: memory leak in __rds_conn_create() (bsc#1012628).
- flow_offload: return EOPNOTSUPP for the unsupported mpls action
type (bsc#1012628).
- net: stmmac: fix tc flower deletion for VLAN priority Rx
steering (bsc#1012628).
- mac80211: fix lookup when adding AddBA extension element
(bsc#1012628).
- cfg80211: Acquire wiphy mutex on regulatory work (bsc#1012628).
- mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
(bsc#1012628).
- drm/i915/display: Fix an unsigned subtraction which can never
be negative (bsc#1012628).
- drm/ast: potential dereference of null pointer (bsc#1012628).
- mptcp: never allow the PM to close a listener subflow
(bsc#1012628).
- selftest/net/forwarding: declare NETIFS p9 p10 (bsc#1012628).
- net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()
(bsc#1012628).
- selftests/net: toeplitz: fix udp option (bsc#1012628).
- net/sched: sch_ets: don't remove idle classes from the
round-robin list (bsc#1012628).
- drm: simpledrm: fix wrong unit with pixel clock (bsc#1012628).
- dmaengine: st_fdma: fix MODULE_ALIAS (bsc#1012628).
- dmaengine: idxd: fix missed completion on abort path
(bsc#1012628).
- selftests: Fix IPv6 address bind tests (bsc#1012628).
- selftests: Fix raw socket bind tests with VRF (bsc#1012628).
- selftests: Add duplicate config only for MD5 VRF tests
(bsc#1012628).
- net: hns3: fix race condition in debugfs (bsc#1012628).
- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
(bsc#1012628).
- selftests: icmp_redirect: pass xfail=0 to log_test()
(bsc#1012628).
- netdevsim: don't overwrite read only ethtool parms
(bsc#1012628).
- inet_diag: fix kernel-infoleak for UDP sockets (bsc#1012628).
- sch_cake: do not call cake_destroy() from cake_init()
(bsc#1012628).
- s390/kexec_file: fix error handling when applying relocations
(bsc#1012628).
- selftests: net: Correct ping6 expected rc from 2 to 1
(bsc#1012628).
- Revert "drm/fb-helper: improve DRM fbdev emulation device names"
(bsc#1012628).
- vdpa: Consider device id larger than 31 (bsc#1012628).
- virtio/vsock: fix the transport to work with VMADDR_CID_ANY
(bsc#1012628).
- virtio: always enter drivers/virtio/ (bsc#1012628).
- iwlwifi: mvm: don't crash on invalid rate w/o STA (bsc#1012628).
- soc: imx: Register SoC device only on i.MX boards (bsc#1012628).
- clk: Don't parent clks until the parent is fully registered
(bsc#1012628).
- arm64: dts: imx8mq: remove interconnect property from lcdif
(bsc#1012628).
- ARM: socfpga: dts: fix qspi node compatible (bsc#1012628).
- ceph: initialize pathlen variable in reconnect_caps_cb
(bsc#1012628).
- ceph: fix duplicate increment of opened_inodes metric
(bsc#1012628).
- tee: amdtee: fix an IS_ERR() vs NULL bug (bsc#1012628).
- mac80211: track only QoS data frames for admission control
(bsc#1012628).
- dmaengine: idxd: fix calling wq quiesce inside spinlock
(bsc#1012628).
- dmaengine: idxd: add halt interrupt support (bsc#1012628).
- arm64: dts: rockchip: fix poweroff on helios64 (bsc#1012628).
- arm64: dts: rockchip: fix audio-supply for Rock Pi 4
(bsc#1012628).
- arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
(bsc#1012628).
- arm64: dts: rockchip: fix rk3308-roc-cc vcc-sd supply
(bsc#1012628).
- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from
rk3399-khadas-edge (bsc#1012628).
- pinctrl: amd: Fix wakeups when IRQ is shared with SCI
(bsc#1012628).
- drm/i915/hdmi: Turn DP++ TMDS output buffers back on in
encoder->shutdown() (bsc#1012628).
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915
(bsc#1012628).
- scsi: ufs: core: Retry START_STOP on UNIT_ATTENTION
(bsc#1012628).
- btrfs: remove stale comment about the btrfs_show_devname
(bsc#1012628).
- btrfs: update latest_dev when we create a sprout device
(bsc#1012628).
- btrfs: use latest_dev in btrfs_show_devname (bsc#1012628).
- btrfs: convert latest_bdev type to btrfs_device and rename
(bsc#1012628).
- audit: improve robustness of the audit queue handling
(bsc#1012628).
- dm btree remove: fix use after free in rebalance_children()
(bsc#1012628).
- ceph: fix up non-directory creation in SGID directories
(bsc#1012628).
- arm64: dts: ten64: remove redundant interrupt declaration for
gpio-keys (bsc#1012628).
- recordmcount.pl: look for jgnop instruction as well as bcrl
on s390 (bsc#1012628).
- s390/entry: fix duplicate tracking of irq nesting level
(bsc#1012628).
- vdpa: check that offsets are within bounds (bsc#1012628).
- virtio_ring: Fix querying of maximum DMA mapping size for
virtio device (bsc#1012628).
- vduse: check that offset is within bounds in get_config()
(bsc#1012628).
- vduse: fix memory corruption in vduse_dev_ioctl() (bsc#1012628).
- bpf, selftests: Update test case for atomic cmpxchg on r0 with
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
(bsc#1012628).
- bpf, selftests: Add test case trying to taint map value pointer
(bsc#1012628).
- bpf: Make 32->64 bounds propagation slightly more robust
(bsc#1012628).
- bpf: Fix signed bounds propagation after mov32 (bsc#1012628).
- bpf, selftests: Add test case for atomic fetch on spilled
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic fetch (bsc#1012628).
- firmware: arm_scpi: Fix string overflow in SCPI genpd driver
(bsc#1012628).
- mac80211: validate extended element ID is present (bsc#1012628).
- mac80211: send ADDBA requests using the tid/queue of the
aggregation session (bsc#1012628).
- mac80211: mark TX-during-stop for TX in in_reconfig
(bsc#1012628).
- mac80211: fix regression in SSN handling of addba tx
(bsc#1012628).
- mac80211: fix rate control for retransmitted frames
(bsc#1012628).
- KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid()
(bsc#1012628).
- x86/kvm: remove unused ack_notifier callbacks (bsc#1012628).
- KVM: downgrade two BUG_ONs to WARN_ON_ONCE (bsc#1012628).
- KVM: selftests: Make sure kvm_create_max_vcpus test won't hit
RLIMIT_NOFILE (bsc#1012628).
- KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled
(bsc#1012628).
- reset: tegra-bpmp: Revert Handle errors in BPMP response
(bsc#1012628).
- commit 9903b31
- Linux 5.15.10 (bsc#1012628).
- perf inject: Fix itrace space allowed for new attributes
(bsc#1012628).
- fuse: make sure reclaim doesn't write the inode (bsc#1012628).
- staging: most: dim2: use device release method (bsc#1012628).
- tracing: Fix a kmemleak false positive in tracing_map
(bsc#1012628).
- drm/amdkfd: process_info lock not needed for svm (bsc#1012628).
- drm/amd/display: add connector type check for CRC source set
(bsc#1012628).
- drm/amdkfd: fix double free mem structure (bsc#1012628).
- drm/amd/display: Fix for the no Audio bug with Tiled Displays
(bsc#1012628).
- drm/amdgpu: check atomic flag to differeniate with legacy path
(bsc#1012628).
- drm/amdgpu: cancel the correct hrtimer on exit (bsc#1012628).
- net: netlink: af_netlink: Prevent empty skb by adding a check
on len (bsc#1012628).
- i2c: rk3x: Handle a spurious start completion interrupt flag
(bsc#1012628).
- parisc/agp: Annotate parisc agp init functions with __init
(bsc#1012628).
- ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
(bsc#1012628).
- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
(bsc#1012628).
- loop: Use pr_warn_once() for loop_control_remove() warning
(bsc#1012628).
- net/mlx4_en: Update reported link modes for 1/10G (bsc#1012628).
- Revert "tty: serial: fsl_lpuart: drop earlycon entry for
i.MX8QXP" (bsc#1012628).
- s390/test_unwind: use raw opcode instead of invalid instruction
(bsc#1012628).
- KVM: arm64: Save PSTATE early on exit (bsc#1012628).
- drm/msm/dp: Avoid unpowered AUX xfers that caused crashes
(bsc#1012628).
- drm/msm/dsi: set default num_data_lanes (bsc#1012628).
- drm/msm/a6xx: Fix uinitialized use of gpu_scid (bsc#1012628).
- drm/msm: Fix null ptr access msm_ioctl_gem_submit()
(bsc#1012628).
- i2c: virtio: fix completion handling (bsc#1012628).
- vmxnet3: fix minimum vectors alloc issue (bsc#1012628).
- ice: fix FDIR init missing when reset VF (bsc#1012628).
- RDMA/irdma: Don't arm the CQ more than two times if no CE for
this CQ (bsc#1012628).
- RDMA/irdma: Report correct WC errors (bsc#1012628).
- RDMA/irdma: Fix a potential memory allocation issue in
'irdma_prm_add_pble_mem()' (bsc#1012628).
- RDMA/irdma: Fix a user-after-free in add_pble_prm (bsc#1012628).
- netfs: Fix lockdep warning from taking sb_writers whilst
holding mmap_lock (bsc#1012628).
- perf bpf_skel: Do not use typedef to avoid error on old clang
(bsc#1012628).
- clk: qcom: sm6125-gcc: Swap ops of ice and apps on sdcc1
(bsc#1012628).
- dt-bindings: media: nxp,imx7-mipi-csi2: Drop bad if/then schema
(bsc#1012628).
- inet: use #ifdef CONFIG_SOCK_RX_QUEUE_MAPPING consistently
(bsc#1012628).
- mtd: rawnand: Fix nand_choose_best_timings() on unsupported
interface (bsc#1012628).
- mtd: rawnand: Fix nand_erase_op delay (bsc#1012628).
- RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
(bsc#1012628).
- RDMA: Fix use-after-free in rxe_queue_cleanup (bsc#1012628).
- hwmon: (corsair-psu) fix plain integer used as NULL pointer
(bsc#1012628).
- nfc: fix segfault in nfc_genl_dump_devices_done (bsc#1012628).
- commit 85804f3
- Linux 5.15.9 (bsc#1012628).
- netfilter: selftest: conntrack_vrf.sh: fix file permission
(bsc#1012628).
- commit edf812e
==== libcamera ====
- Add optional pkgconfig(libtiff-4) BuildRequires.
==== libcap ====
Version update (2.61 -> 2.62)
- update to 2.62:
* Bug fix for Go package "cap" and launching
* Build cleanups
* Documentation updates: cap_max_bits has a man page entry
* Recognize default securebits as a libcap mode: HYBRID
==== libgsf ====
Version update (1.14.47 -> 1.14.48)
Subpackages: gsf-office-thumbnailer libgsf-1-114
- Update to version 1.14.48:
+ Add "zip64" readable property of GsfInfileZip.
==== libgusb ====
Version update (0.3.5 -> 0.3.9)
- Update to version 0.3.9:
- Add g_usb_device_get_string_descriptor_bytes()
- Do not double-reference USB devices
- Fix hotplug handling and signal emission during enumerate
- Add the GUsbEndpoint methods to the docs
- Add g_usb_device_get_string_descriptor_bytes_full
- Fix hotplug after threaded device removal
- Don't hard-code the list of OS supporting --version-script
==== libical ====
Version update (3.0.11 -> 3.0.12)
- update to 3.0.12:
* Fix a libicalval crash in cleanVObject
* METHOD:DECLINECOUNTER must have DTEND or DURATION
* Handle if DTEND and DURATION are both missing
* Improved FindICU (copied from official CMake)
* Buildsystem fixes (especially for the Ninja generator)
* Built-in timezones updated to tzdata2021e
==== libical-glib ====
Version update (3.0.11 -> 3.0.12)
- update to 3.0.12:
* Fix a libicalval crash in cleanVObject
* METHOD:DECLINECOUNTER must have DTEND or DURATION
* Handle if DTEND and DURATION are both missing
* Improved FindICU (copied from official CMake)
* Buildsystem fixes (especially for the Ninja generator)
* Built-in timezones updated to tzdata2021e
==== libopenmpt ====
Version update (0.5.13 -> 0.5.14)
- Update to 0.5.14:
* [Sec] Possible out-of-bounds read in Chorus plugin with NaN
plugin parameters. Most implementations of the ?fast math?
compiler optimizations will prevent this crash but it is not
guaranteed. (r16096)
* [Bug] Fixed undefined behaviour with custom tunings found with
ubsan.
* OPL: Improved channel allocation strategy when there are lots
of faded-out notes.
* MOD: Digital Tracker MODs have four unknown bytes right after
the magic bytes which seem to be ignored even by Digital
Tracker itself. Just skip over them.
* The logic when to turn off the resonant filter was broken in
some edge cases since libopenmpt 0.5.1.
* IMF: Implemented XE1-XE3 commands, which disable individual
envelopes. Command Nxy (cutoff slide + resonance) is now also
partially supported (only resonance for now).
* IMF: Filter envelopes were upside down.
* MTM: Omitting pattern loading through the load.skip_patterns
ctl caused sample data to be corrupted.
* S3M: Ignore O00 commands in files created with Scream Tracker
3.00 and 3.01, as this command only gained effect memory in
version 3.03.
* STM: Use S3M-like sample swap behaviour.
* XM: Disable arpeggio quirk for XMs made with Skale Tracker.
Fixes KAPTENFL.XM.
==== libqt5-qtbase ====
Version update (5.15.2+kde254 -> 5.15.2+kde268)
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5
- Update to version 5.15.2+kde268:
* Adapt for q_EVP_PKEY_base_id ? q_EVP_PKEY_get_base_id rename in OpenSSL 3
* Don't use a deprecated function if built/linked with OpenSSL v3
* Diffie-Hellman parameters: remove useless 'fix'
* Dont's use DTLS_MAX_VERSION when setting SSL_CTX
* Avoid mixing atomic futex changes and QAtomic
* Fix qtdeclarative baseline test failure for text tables
* Don't let text table cells shrink below their minimum width (boo#1176530)
* Don't shrink a column when it spans multiple columns
* Use icon themes in QPrintPreviewDialog [if they exist]
* QAbstractFileEngine: fix UB (data race) on qt_file_engine_handlers_in_use
* Increment reference count when restoring reference
* Reject truncated and corrupt ascii pnm images
* Fix handling of Sunday in POSIX time-zone rules
* Fix developer build
- Drop patches, support for OpenSSL < 1.1.0 is no longer necessary:
* 0001-Lower-required-version-of-OpenSSL-to-1.1.0.patch
* fix-build-openssl-1.1.0.patch
==== libthai ====
Version update (0.1.28 -> 0.1.29)
Subpackages: libthai-data libthai0
- Update to version 0.1.29.
* Rewritten thbrk test.
* More compliance with UAX#14 (Unicode Line Breaking Algorithm)
for thbrk.
* Fix a typo in TIS-620 character name in tis.h.
* Updated word break dictionary.
==== libxmlb ====
Version update (0.2.1 -> 0.3.6)
- Update to version 0.3.6:
- Add support for LZMA decompression
- Add locking for file monitors
- Modernise property declaration
- Add iterator for XbNode attributes and children
- Put tail after the node when exporting XbBuilderNode
- Ensure _IS_TOKENIZED is set if tokens are added manually
- Ensure we never add too many tokens to the silo
- Remove the G_ALIGNOF checks to fix compile with old GLib
versions
- Use the correct pkgconfig export package name in the GIR file
- Add pkgconfig(liblzma) BuildRequires: new dependency.
==== llvm13 ====
- BuildRequires: python-rpm-macros to fix Leap 15.3 build.
- More memory for GCC compile jobs.
==== mozilla-nspr ====
Version update (4.32 -> 4.33)
- update to 4.33:
* fixes to build system and export of private symbols
==== mozilla-nss ====
Version update (3.73 -> 3.73.1)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.73.1:
* Add SHA-2 support to mozilla::pkix's OSCP implementation
==== pango ====
Version update (1.50.2 -> 1.50.3)
Subpackages: libpango-1_0-0 typelib-1_0-Pango-1_0
- Update to version 1.50.3:
+ pango-view: Add --serialize-to option for easy bug reporting.
+ Revert a transformation change that broke metrics for vertical
text.
+ Handle fonts without space glyph (such as icon fonts) better.
+ Fix some corner cases of line width accounting.
+ Fix line height with emulated Small Caps.
==== plasma5-desktop ====
- Add patch to fix empty window appearing on activity switching
(kde#443968, boo#1193960):
* 0001-SwitcherBackend-Only-create-the-workaround-window-on.patch
==== poppler ====
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler116
- Use gcc11 when building in SLE/Leap since a Qt6 header file
includes <filesystem> which was still experimental in gcc7.
==== poppler-qt5 ====
- Use gcc11 when building in SLE/Leap since a Qt6 header file
includes <filesystem> which was still experimental in gcc7.
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup
- Fix a typo in padsp LD_PRELOAD setup (bsc#1194074)
==== python-SQLAlchemy ====
Version update (1.4.27 -> 1.4.29)
- Update to 1.4.29:
- truly, just plenty of small bugfixes, see the changelog on the Web
https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.29
- update to 1.4.28:
Bugfixes, see
* https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.28
==== python-ordered-set ====
- Do not disable python36 here. This package is so deep in the
dependency tree, you have to do it globally.
- Upstream supoorted only python >= 3.5, so disable python 2 and
also python 3.6 (End of support).
==== python-setuptools ====
- Remove unzip BuildRequires: the tarball is proper gz compressed,
no zip files to decompress here.
==== qemu ====
Version update (6.1.0 -> 6.2.0)
- Fix testsuite failures by not using modules when building tests
(and some other, also testsuite related, spec file problems)
- [JIRA] (SLE-20965) Make QEMU guests more failsafe when resizing
SCSI passthrough disks
* Patches added:
scsi-generic-replace-logical-block-count.patch
- Add an audio-oss sub-package
- Add some new (mostly documentation) files in the package
- Remove option --audio-drv-list because audio is detected by
meson automatically in latest version.
- Remove options --disable-jemalloc and --disable-tcmalloc
which are changed in v6.2.0.
- Update to v 6.2.0. For full release notese, see:
* https://wiki.qemu.org/ChangeLog/6.2.
Be sure to also check the following pages:
* https://qemu-project.gitlab.io/qemu/about/removed-features.html
* https://qemu-project.gitlab.io/qemu/about/deprecated.html
Some notable changes:
* virtio-mem: guest memory dumps are now fully supported, along
with pre-copy/post-copy migration and background guest snapshots
* QMP: support for nw DEVICE_UNPLUG_GUEST_ERROR to detect
guest-reported hotplug failures
* TCG: improvements to TCG plugin argument syntax, and multi-core
support for cache plugin
* 68k: improved support for Apple?s NuBus, including ability to
load declaration ROMs, and slot IRQ support
* ARM: macOS hosts with Apple Silicon CPUs now support ?hvf?
accelerator for AArch64 guests
* ARM: emulation support for Fujitsu A64FX processor model
* ARM: emulation support for kudo-mbc machine type
* ARM: M-profile MVE extension is now supported for Cortex-M55
* ARM: ?virt? machine now supports an emulated ITS (Interrupt
Translation Service) and supports more than 123 CPUs in
emulation mode
* ARM: xlnx-zcu102 and xlnx-versal-virt machines now support
BBRAM and eFUSE devices
* PowerPC: improved POWER10 support for the ?powernv? machine type
* PowerPC: initial support for POWER10 DD2.0 CPU model
* PowerPC: support for FORM2 PAPR NUMA descriptions for ?pseries? machine type
* RISC-V: support for Zb[abcs] instruction set extensions
* RISC-V: support for vhost-user and numa mem options across all boards
* RISC-V: SiFive PWM support
* x86: support for new Snowridge-v4 CPU model
* x86: guest support for Intel SGX
* x86: AMD SEV guests now support measurement of kernel binary when doing
direct kernel boot (not using a bootloader)
* Patches dropped:
9pfs-fix-crash-in-v9fs_walk.patch
block-introduce-max_hw_iov-for-use-in-sc.patch
hmp-Unbreak-change-vnc.patch
hw-acpi-ich9-Add-compat-prop-to-keep-HPC.patch
hw-i386-acpi-build-Deny-control-on-PCIe-.patch
i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch
net-vmxnet3-validate-configuration-value.patch
pcie-rename-native-hotplug-to-x-native-h.patch
plugins-do-not-limit-exported-symbols-if.patch
plugins-execlog-removed-unintended-s-at-.patch
qemu-nbd-Change-default-cache-mode-to-wr.patch
qemu-sockets-fix-unix-socket-path-copy-a.patch
target-arm-Don-t-skip-M-profile-reset-en.patch
target-i386-add-missing-bits-to-CR4_RESE.patch
tcg-arm-Fix-tcg_out_vec_op-function-sign.patch
uas-add-stream-number-sanity-checks.patch
vhost-vsock-fix-migration-issue-when-seq.patch
virtio-balloon-don-t-start-free-page-hin.patch
virtio-mem-pci-Fix-memory-leak-when-crea.patch
virtio-net-fix-use-after-unmap-free-for-.patch
==== raspberrypi-firmware ====
Version update (2021.11.16 -> 2021.12.01)
- Update to 1a0297bfbf (2021-12-01):
* firmware: board_info: Add upstream dtb names for cm1 & 3
* firmware: board_info: Add upstream dtb name for cm4
See: #1660
* firmware: platform: Allow users to disable camera boot HMAC check
See: #1657
* firmware: clock: 2711: Fix potential API issue in 2711 VCO setup
* firmware: arm_loader: Enable USB MSD boot mode on Zero 2 W
* firmware: isp: Fix Rec.709 colour space problems
==== raspberrypi-firmware-config ====
Version update (2021.11.16 -> 2021.12.01)
- Update to 1a0297bfbf (2021-12-01):
* firmware: board_info: Add upstream dtb names for cm1 & 3
* firmware: board_info: Add upstream dtb name for cm4
See: #1660
* firmware: platform: Allow users to disable camera boot HMAC check
See: #1657
* firmware: clock: 2711: Fix potential API issue in 2711 VCO setup
* firmware: arm_loader: Enable USB MSD boot mode on Zero 2 W
* firmware: isp: Fix Rec.709 colour space problems
==== sssd ====
Version update (2.6.1 -> 2.6.2)
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Update to release 2.6.2
* Quick log out and log in did not correctly refresh user's
initgroups in no_session PAM schema due to lingering systemd
processes.
==== wicked ====
Version update (0.6.67 -> 0.6.68)
Subpackages: wicked-service
- version 0.6.68
- sysctl: process sysctl.d directories as in sysctl --system
- sysctl: fix sysctl values for loopback device (bsc#1181163, bsc#1178357)
- dhcp4: add option to set route pref-src to dhcp IP (bsc#1192353)
- cleanup: warnings, time calculations and dhcp fixes (bsc#1188019)
- wireless: reconnect on unexpected wpa_supplicant restart (bsc#1183495)
- tuntap: avoid sysfs attr read error (bsc#1192311)
- ifstatus: fix warning of unexpected interface flag combination (bsc#1192164)
==== yast2 ====
Version update (4.4.31 -> 4.4.32)
- properly pass named arguments in ruby3 (bsc#1193192)
- 4.4.32
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
chrony (4.1 -> 4.2)
expat (2.4.1 -> 2.4.2)
gpg2 (2.3.3 -> 2.3.4)
gpgme
grub2
installation-images-MicroOS (17.30 -> 17.31)
kernel-source (5.15.8 -> 5.15.12)
kubernetes1.22
libcap (2.61 -> 2.62)
libthai (0.1.28 -> 0.1.29)
pango (1.50.2 -> 1.50.3)
python-SQLAlchemy (1.4.27 -> 1.4.29)
python-ordered-set
python-setuptools
qemu (6.1.0 -> 6.2.0)
raspberrypi-firmware (2021.11.16 -> 2021.12.01)
raspberrypi-firmware-config (2021.11.16 -> 2021.12.01)
sssd (2.6.1 -> 2.6.2)
wicked (0.6.67 -> 0.6.68)
yast2 (4.4.31 -> 4.4.32)
=== Details ===
==== chrony ====
Version update (4.1 -> 4.2)
Subpackages: chrony-pool-openSUSE
- Update to 4.2
* Add support for NTPv4 extension field improving synchronisation
stability and resolution of root delay and dispersion
(experimental)
* Add support for NTP over PTP (experimental)
* Add support for AES-CMAC and hash functions in GnuTLS
* Improve server interleaved mode to be more reliable and support
multiple clients behind NAT
* Update seccomp filter
* Fix RTC support with 64-bit time_t on 32-bit Linux
* Fix seccomp filter to work correctly with bind*device directives
- Obsoleted patches:
* chrony-refid-internal-md5.patch
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch
- Update clknetsim to snapshot 470b5e9.
- Add chrony-htonl.patch to work around undocumented behaviour of
htonl() in older glibc versions (SLE-12) on 64 bit big endian
architectures (s390x).
- SLE bugs that have been fixed in openSUSE up to this point
without explicit references: bsc#1183783, bsc#1184400,
bsc#1171806, bsc#1161119, bsc#1159840.
- Obsoleted SLE patches:
* chrony-fix-open.patch
* chrony-gettimeofday.patch
* chrony-ntp-era-split.patch
* chrony-pidfile.patch
* chrony-select-timeout.patch
* chrony-urandom.patch
* chrony.sysconfig
* clknetsim-glibc-2.31.patch
==== expat ====
Version update (2.4.1 -> 2.4.2)
- update to 2.4.2:
* Link againgst libm for function "isnan"
* Include expat_config.h as early as possible
* Autotools: Include files with release archives:
- buildconf.sh
- fuzz/*.c
* Autotools: Sync CMake templates
* docs: Document that function XML_GetBuffer may return NULL
when asking for a buffer of 0 (zero) bytes size
* docs: Fix return value docs for both
XML_SetBillionLaughsAttackProtection* functions
* Version info bumped from 9:1:8 to 9:2:8
==== gpg2 ====
Version update (2.3.3 -> 2.3.4)
- GnuPG 2.3.4:
* gpg: New option --min-rsa-length
* gpg: New option --forbid-gen-key
* gpg: New option --override-compliance-check
* gpgconf: New command --show-configs
* agent,dirmngr,keyboxd: New option --steal-socket
* gpg: Fix printing of binary notations
* gpg: Remove stale ultimately trusted keys from the trustdb
* gpg: Fix indentation of --print-mds and --print-md sha512
* gpg: Emit gpg 2.2 compatible Ed25519 signature
* gpgsm: Detect circular chains in --list-chain
* dirmngr: Make reading resolv.conf more robust
* dirmngr: Ask keyservers to provide the key fingerprints
* gpgconf: Allow changing gpg's deprecated keyserver option
* gpg-wks-server: Fix created file permissions
* scd: Support longer data for ssh-agent authentication with
openpgp cards
* scd: Modify DEVINFO behavior to support looping forever
* Silence warning about the rootdir under Unices w/o a mounted
/proc file system
* Fix possible build problems about missing include files
==== gpgme ====
- Add patches to support building bindings packages for
Python 3.10
* gpgme-D545-python310.patch -- https://dev.gnupg.org/D545
* gpgme-D546-python310.patch -- https://dev.gnupg.org/D546
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix CVE-2021-3981 (bsc#1189644)
* 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch
- Fix can't allocate initrd error (bsc#1191378)
* 0001-Factor-out-grub_efi_linux_boot.patch
* 0002-Fix-race-in-EFI-validation.patch
* 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
* 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch
* 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch
* 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
* 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
* 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
* 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
* 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch
* 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch
==== installation-images-MicroOS ====
Version update (17.30 -> 17.31)
- merge gh#openSUSE/installation-images#559
- Remove more binaries appearing with Ruby 3.0 (bsc#1193192)
- 17.31
==== kernel-source ====
Version update (5.15.8 -> 5.15.12)
- Update config files.
- commit 375fcb8
- Linux 5.15.12 (bsc#1012628).
- arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd
(bsc#1012628).
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (bsc#1012628).
- ext4: prevent partial update of the extent blocks (bsc#1012628).
- ext4: check for out-of-order index extents in
ext4_valid_extent_entries() (bsc#1012628).
- ext4: check for inconsistent extents between index and leaf
block (bsc#1012628).
- selftests: KVM: Fix non-x86 compiling (bsc#1012628).
- HID: holtek: fix mouse probing (bsc#1012628).
- HID: potential dereference of null pointer (bsc#1012628).
- NFSD: Fix READDIR buffer overflow (bsc#1012628).
- PM: sleep: Fix error handling in dpm_prepare() (bsc#1012628).
- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
(bsc#1012628).
- bus: sunxi-rsb: Fix shutdown (bsc#1012628).
- spi: change clk_disable_unprepare to clk_unprepare
(bsc#1012628).
- ucounts: Fix rlimit max values check (bsc#1012628).
- drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
(bsc#1012628).
- ASoC: meson: aiu: fifo: Add missing
dma_coerce_mask_and_coherent() (bsc#1012628).
- RDMA/hns: Fix RNR retransmission issue for HIP08 (bsc#1012628).
- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
(bsc#1012628).
- RDMA/hns: Replace kfree() with kvfree() (bsc#1012628).
- netfilter: nf_tables: fix use-after-free in
nft_set_catchall_destroy() (bsc#1012628).
- netfilter: fix regression in looped (broad|multi)cast's MAC
handling (bsc#1012628).
- ARM: dts: imx6qdl-wandboard: Fix Ethernet support (bsc#1012628).
- ice: Use xdp_buf instead of rx_buf for xsk zero-copy
(bsc#1012628).
- ice: xsk: return xsk buffers back to pool when cleaning the ring
(bsc#1012628).
- net: marvell: prestera: fix incorrect return of port_find
(bsc#1012628).
- net: marvell: prestera: fix incorrect structure access
(bsc#1012628).
- qlcnic: potential dereference null pointer of
rx_queue->page_ring (bsc#1012628).
- tcp: move inet->rx_dst_ifindex to sk->sk_rx_dst_ifindex
(bsc#1012628).
- ipv6: move inet6_sk(sk)->rx_dst_cookie to sk->sk_rx_dst_cookie
(bsc#1012628).
- inet: fully convert sk->sk_rx_dst to RCU rules (bsc#1012628).
- net: accept UFOv6 packages in virtio_net_hdr_to_skb
(bsc#1012628).
- net: skip virtio_net_hdr_set_proto if protocol already set
(bsc#1012628).
- igb: fix deadlock caused by taking RTNL in RPM resume path
(bsc#1012628).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
(bsc#1012628).
- gpio: virtio: remove timeout (bsc#1012628).
- bonding: fix ad_actor_system option setting to default
(bsc#1012628).
- fjes: Check for error irq (bsc#1012628).
- drivers: net: smc911x: Check for error irq (bsc#1012628).
- net: ks8851: Check for error irq (bsc#1012628).
- sfc: Check null pointer of rx_queue->page_ring (bsc#1012628).
- sfc: falcon: Check null pointer of rx_queue->page_ring
(bsc#1012628).
- asix: fix uninit-value in asix_mdio_read() (bsc#1012628).
- asix: fix wrong return value in asix_check_host_enable()
(bsc#1012628).
- io_uring: zero iocb->ki_pos for stream file types (bsc#1012628).
- veth: ensure skb entering GRO are not cloned (bsc#1012628).
- net: stmmac: ptp: fix potentially overflowing expression
(bsc#1012628).
- net: bridge: Use array_size() helper in copy_to_user()
(bsc#1012628).
- net: bridge: fix ioctl old_deviceless bridge argument
(bsc#1012628).
- r8152: fix the force speed doesn't work for RTL8156
(bsc#1012628).
- net: stmmac: dwmac-visconti: Fix value of
ETHER_CLK_SEL_FREQ_SEL_2P5M (bsc#1012628).
- Input: elantech - fix stack out of bound access in
elantech_change_report_id() (bsc#1012628).
- pinctrl: bcm2835: Change init order for gpio hogs (bsc#1012628).
- hwmon: (lm90) Fix usage of CONFIG2 register in detect function
(bsc#1012628).
- hwmon: (lm90) Prevent integer overflow/underflow in hysteresis
calculations (bsc#1012628).
- hwmon: (lm90) Introduce flag indicating extended temperature
support (bsc#1012628).
- hwmon: (lm90) Add basic support for TI TMP461 (bsc#1012628).
- hwmon: (lm90) Drop critical attribute support for MAX6654
(bsc#1012628).
- ARM: 9160/1: NOMMU: Reload __secondary_data after
PROCINFO_INITFUNC (bsc#1012628).
- uapi: Fix undefined __always_inline on non-glibc systems
(bsc#1012628).
- compiler.h: Fix annotation macro misplacement with Clang
(bsc#1012628).
- platform/x86/intel: Remove X86_PLATFORM_DRIVERS_INTEL
(bsc#1012628).
- kernel/crash_core: suppress unknown crashkernel parameter
warning (bsc#1012628).
- Revert "x86/boot: Pull up cmdline preparation and early param
parsing" (bsc#1012628).
- x86/boot: Move EFI range reservation after cmdline parsing
(bsc#1012628).
- ALSA: jack: Check the return value of kstrdup() (bsc#1012628).
- ALSA: drivers: opl3: Fix incorrect use of vp->state
(bsc#1012628).
- ALSA: rawmidi - fix the uninitalized user_pversion
(bsc#1012628).
- ALSA: hda/hdmi: Disable silent stream on GLK (bsc#1012628).
- ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
(bsc#1012628).
- ALSA: hda/realtek: Add new alc285-hp-amp-init model
(bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
(bsc#1012628).
- ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (bsc#1012628).
- ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s
(bsc#1012628).
- ASoC: tegra: Add DAPM switches for headphones and mic jack
(bsc#1012628).
- ASoC: tegra: Restore headphones jack name on Nyan Big
(bsc#1012628).
- Input: atmel_mxt_ts - fix double free in mxt_read_info_block
(bsc#1012628).
- ipmi: bail out if init_srcu_struct fails (bsc#1012628).
- ipmi: ssif: initialize ssif_info->client early (bsc#1012628).
- ipmi: fix initialization when workqueue allocation fails
(bsc#1012628).
- parisc: Correct completer in lws start (bsc#1012628).
- parisc: Fix mask used to select futex spinlock (bsc#1012628).
- tee: handle lookup of shm with reference count 0 (bsc#1012628).
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
(bsc#1012628).
- platform/x86: amd-pmc: only use callbacks for suspend
(bsc#1012628).
- platform/x86: intel_pmc_core: fix memleak on registration
failure (bsc#1012628).
- KVM: x86: Always set kvm_run->if_flag (bsc#1012628).
- KVM: x86/mmu: Don't advance iterator after restart due to
yielding (bsc#1012628).
- KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is
required (bsc#1012628).
- KVM: VMX: Always clear vmx->fail on emulation_required
(bsc#1012628).
- KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU ==
this vCPU (bsc#1012628).
- pinctrl: stm32: consider the GPIO offset to expose all the
GPIO lines (bsc#1012628).
- gpio: dln2: Fix interrupts when replugging the device
(bsc#1012628).
- mmc: sdhci-tegra: Fix switch to HS400ES mode (bsc#1012628).
- mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO
commands (bsc#1012628).
- mmc: core: Disable card detect during shutdown (bsc#1012628).
- mmc: mmci: stm32: clear DLYB_CR after sending tuning command
(bsc#1012628).
- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
(bsc#1012628).
- ksmbd: fix error code in ndr_read_int32() (bsc#1012628).
- ksmbd: fix uninitialized symbol 'pntsd_size' (bsc#1012628).
- ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
(bsc#1012628).
- mac80211: fix locking in ieee80211_start_ap error path
(bsc#1012628).
- mm: mempolicy: fix THP allocations escaping mempolicy
restrictions (bsc#1012628).
- mm, hwpoison: fix condition in free hugetlb page path
(bsc#1012628).
- mm/hwpoison: clear MF_COUNT_INCREASED before retrying
get_any_page() (bsc#1012628).
- mm/damon/dbgfs: protect targets destructions with kdamond_lock
(bsc#1012628).
- tee: optee: Fix incorrect page free bug (bsc#1012628).
- f2fs: fix to do sanity check on last xattr entry in
__f2fs_setxattr() (bsc#1012628).
- netfs: fix parameter of cleanup() (bsc#1012628).
- KVM: VMX: Fix stale docs for
kvm-intel.emulate_invalid_guest_state (bsc#1012628).
- arm64: dts: lx2160a: fix scl-gpios property name (bsc#1012628).
- kfence: fix memory leak when cat kfence objects (bsc#1012628).
- Input: iqs626a - prohibit inlining of channel parsing functions
(bsc#1012628).
- Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
(bsc#1012628).
- Input: goodix - add id->model mapping for the "9111" model
(bsc#1012628).
- ASoC: tas2770: Fix setting of high sample rates (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add new ADL-P variant (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add ADL-N support (bsc#1012628).
- ASoC: rt5682: fix the wrong jack type detected (bsc#1012628).
- pinctrl: mediatek: fix global-out-of-bounds issue (bsc#1012628).
- hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
(bsc#1012628).
- hwmon: (lm90) Do not report 'busy' status bit as alarm
(bsc#1012628).
- r8152: sync ocp base (bsc#1012628).
- ax25: NPD bug when detaching AX25 device (bsc#1012628).
- hamradio: defer ax25 kfree after unregister_netdev
(bsc#1012628).
- hamradio: improve the incomplete fix to avoid NPD (bsc#1012628).
- tun: avoid double free in tun_free_netdev (bsc#1012628).
- phonet/pep: refuse to enable an unbound pipe (bsc#1012628).
- Refresh
patches.suse/add-product-identifying-information-to-vmcoreinfo.patch.
- commit 202eb92
- Disable patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch (bsc#1194007)
Better to disable it completely.
- commit 730a488
- Linux 5.15.11 (bsc#1012628).
- xen/netback: don't queue unlimited number of packages
(bsc#1012628).
- xen/netback: fix rx queue stall detection (bsc#1012628).
- xen/console: harden hvc_xen against event channel storms
(bsc#1012628).
- xen/netfront: harden netfront against event channel storms
(bsc#1012628).
- xen/blkfront: harden blkfront against event channel storms
(bsc#1012628).
- Revert "xsk: Do not sleep in poll() when need_wakeup set"
(bsc#1012628).
- selftests/damon: test debugfs file reads/writes with huge count
(bsc#1012628).
- bus: ti-sysc: Fix variable set but not used warning for
reinit_modules (bsc#1012628).
- io-wq: drop wqe lock before creating new worker (bsc#1012628).
- rcu: Mark accesses to rcu_state.n_force_qs (bsc#1012628).
- io-wq: check for wq exit after adding new worker task_work
(bsc#1012628).
- io-wq: remove spurious bit clear on task_work addition
(bsc#1012628).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (bsc#1012628).
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(bsc#1012628).
- scsi: scsi_debug: Don't call kcalloc() if size arg is zero
(bsc#1012628).
- ovl: fix warning in ovl_create_real() (bsc#1012628).
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1012628).
- media: mxl111sf: change mutex_init() location (bsc#1012628).
- USB: core: Make do_proc_control() and do_proc_bulk() killable
(bsc#1012628).
- bpf: Fix extable address check (bsc#1012628).
- bpf, x64: Factor out emission of REX byte in more cases
(bsc#1012628).
- mptcp: add missing documented NL params (bsc#1012628).
- xsk: Do not sleep in poll() when need_wakeup set (bsc#1012628).
- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name
(bsc#1012628).
- can: m_can: pci: use custom bit timings for Elkhart Lake
(bsc#1012628).
- can: m_can: make custom bittiming fields const (bsc#1012628).
- Revert "can: m_can: remove support for custom bit timing"
(bsc#1012628).
- drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info
on YC (bsc#1012628).
- drm/amdgpu: don't override default ECO_BITs setting
(bsc#1012628).
- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
(bsc#1012628).
- powerpc/module_64: Fix livepatching for RO modules
(bsc#1012628).
- libata: if T_LENGTH is zero, dma direction should be DMA_NONE
(bsc#1012628).
- perf inject: Fix segfault due to perf_data__fd() without open
(bsc#1012628).
- perf inject: Fix segfault due to close without open
(bsc#1012628).
- riscv: dts: unmatched: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- riscv: dts: unleashed: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- locking/rtmutex: Fix incorrect condition in
rtmutex_spin_on_owner() (bsc#1012628).
- cifs: sanitize multiple delimiters in prepath (bsc#1012628).
- timekeeping: Really make sure wall_to_monotonic isn't positive
(bsc#1012628).
- serial: 8250_fintek: Fix garbled text for console (bsc#1012628).
- iocost: Fix divide-by-zero on donation from low hweight cgroup
(bsc#1012628).
- zonefs: add MODULE_ALIAS_FS (bsc#1012628).
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device()
(bsc#1012628).
- btrfs: check WRITE_ERR when trying to read an extent buffer
(bsc#1012628).
- btrfs: fix double free of anon_dev after failure to create
subvolume (bsc#1012628).
- Refresh
patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch.
- btrfs: fix memory leak in __add_inode_ref() (bsc#1012628).
- selinux: fix sleeping function called from invalid context
(bsc#1012628).
- USB: serial: option: add Telit FN990 compositions (bsc#1012628).
- USB: serial: cp210x: fix CP2105 GPIO registration (bsc#1012628).
- usb: gadget: u_ether: fix race in setting MAC address in setup
phase (bsc#1012628).
- usb: typec: tcpm: fix tcpm unregister port but leave a pending
timer (bsc#1012628).
- usb: cdnsp: Fix lack of spin_lock_irqsave/spin_lock_restore
(bsc#1012628).
- usb: cdnsp: Fix issue in cdnsp_log_ep trace event (bsc#1012628).
- usb: cdnsp: Fix incorrect calling of cdnsp_died function
(bsc#1012628).
- usb: cdnsp: Fix incorrect status for control request
(bsc#1012628).
- usb: xhci: Extend support for runtime power management for
AMD's Yellow carp (bsc#1012628).
- usb: xhci-mtk: fix list_del warning when enable list debug
(bsc#1012628).
- PCI/MSI: Mask MSI-X vectors only on success (bsc#1012628).
- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (bsc#1012628).
- usb: dwc2: fix STM ID/VBUS detection startup delay in
dwc2_driver_probe (bsc#1012628).
- USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
(bsc#1012628).
- tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
(bsc#1012628).
- KVM: x86: Drop guest CPUID check for host initiated writes to
MSR_IA32_PERF_CAPABILITIES (bsc#1012628).
- Revert "usb: early: convert to readl_poll_timeout_atomic()"
(bsc#1012628).
- USB: gadget: bRequestType is a bitfield, not a enum
(bsc#1012628).
- powerpc/85xx: Fix oops when CONFIG_FSL_PMC=n (bsc#1012628).
- bpf, selftests: Fix racing issue in btf_skc_cls_ingress test
(bsc#1012628).
- bpf: Fix extable fixup offset (bsc#1012628).
- arm64: kexec: Fix missing error code 'ret' warning in
load_other_segments() (bsc#1012628).
- afs: Fix mmap (bsc#1012628).
- sit: do not call ipip6_dev_free() from sit_init_net()
(bsc#1012628).
- net: systemport: Add global locking for descriptor lifecycle
(bsc#1012628).
- net/smc: Prevent smc_release() from long blocking (bsc#1012628).
- net: Fix double 0x prefix print in SKB dump (bsc#1012628).
- dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED
(bsc#1012628).
- sfc_ef100: potential dereference of null pointer (bsc#1012628).
- net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
(bsc#1012628).
- net/packet: rx_owner_map depends on pg_vec (bsc#1012628).
- netdevsim: Zero-initialize memory for new map's value in
function nsim_bpf_map_alloc (bsc#1012628).
- ixgbe: set X550 MDIO speed before talking to PHY (bsc#1012628).
- ixgbe: Document how to enable NBASE-T support (bsc#1012628).
- igc: Fix typo in i225 LTR functions (bsc#1012628).
- igbvf: fix double free in `igbvf_probe` (bsc#1012628).
- igb: Fix removal of unicast MAC filters of VFs (bsc#1012628).
- soc/tegra: fuse: Fix bitwise vs. logical OR warning
(bsc#1012628).
- mptcp: fix deadlock in __mptcp_push_pending() (bsc#1012628).
- mptcp: clear 'kern' flag from fallback sockets (bsc#1012628).
- mptcp: remove tcp ulp setsockopt support (bsc#1012628).
- drm/amd/pm: fix a potential gpu_metrics_table memory leak
(bsc#1012628).
- drm/amd/display: Set exit_optimized_pwr_state for DCN31
(bsc#1012628).
- ice: Don't put stale timestamps in the skb (bsc#1012628).
- ice: Use div64_u64 instead of div_u64 in adjfine (bsc#1012628).
- rds: memory leak in __rds_conn_create() (bsc#1012628).
- flow_offload: return EOPNOTSUPP for the unsupported mpls action
type (bsc#1012628).
- net: stmmac: fix tc flower deletion for VLAN priority Rx
steering (bsc#1012628).
- mac80211: fix lookup when adding AddBA extension element
(bsc#1012628).
- cfg80211: Acquire wiphy mutex on regulatory work (bsc#1012628).
- mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
(bsc#1012628).
- drm/i915/display: Fix an unsigned subtraction which can never
be negative (bsc#1012628).
- drm/ast: potential dereference of null pointer (bsc#1012628).
- mptcp: never allow the PM to close a listener subflow
(bsc#1012628).
- selftest/net/forwarding: declare NETIFS p9 p10 (bsc#1012628).
- net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()
(bsc#1012628).
- selftests/net: toeplitz: fix udp option (bsc#1012628).
- net/sched: sch_ets: don't remove idle classes from the
round-robin list (bsc#1012628).
- drm: simpledrm: fix wrong unit with pixel clock (bsc#1012628).
- dmaengine: st_fdma: fix MODULE_ALIAS (bsc#1012628).
- dmaengine: idxd: fix missed completion on abort path
(bsc#1012628).
- selftests: Fix IPv6 address bind tests (bsc#1012628).
- selftests: Fix raw socket bind tests with VRF (bsc#1012628).
- selftests: Add duplicate config only for MD5 VRF tests
(bsc#1012628).
- net: hns3: fix race condition in debugfs (bsc#1012628).
- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
(bsc#1012628).
- selftests: icmp_redirect: pass xfail=0 to log_test()
(bsc#1012628).
- netdevsim: don't overwrite read only ethtool parms
(bsc#1012628).
- inet_diag: fix kernel-infoleak for UDP sockets (bsc#1012628).
- sch_cake: do not call cake_destroy() from cake_init()
(bsc#1012628).
- s390/kexec_file: fix error handling when applying relocations
(bsc#1012628).
- selftests: net: Correct ping6 expected rc from 2 to 1
(bsc#1012628).
- Revert "drm/fb-helper: improve DRM fbdev emulation device names"
(bsc#1012628).
- vdpa: Consider device id larger than 31 (bsc#1012628).
- virtio/vsock: fix the transport to work with VMADDR_CID_ANY
(bsc#1012628).
- virtio: always enter drivers/virtio/ (bsc#1012628).
- iwlwifi: mvm: don't crash on invalid rate w/o STA (bsc#1012628).
- soc: imx: Register SoC device only on i.MX boards (bsc#1012628).
- clk: Don't parent clks until the parent is fully registered
(bsc#1012628).
- arm64: dts: imx8mq: remove interconnect property from lcdif
(bsc#1012628).
- ARM: socfpga: dts: fix qspi node compatible (bsc#1012628).
- ceph: initialize pathlen variable in reconnect_caps_cb
(bsc#1012628).
- ceph: fix duplicate increment of opened_inodes metric
(bsc#1012628).
- tee: amdtee: fix an IS_ERR() vs NULL bug (bsc#1012628).
- mac80211: track only QoS data frames for admission control
(bsc#1012628).
- dmaengine: idxd: fix calling wq quiesce inside spinlock
(bsc#1012628).
- dmaengine: idxd: add halt interrupt support (bsc#1012628).
- arm64: dts: rockchip: fix poweroff on helios64 (bsc#1012628).
- arm64: dts: rockchip: fix audio-supply for Rock Pi 4
(bsc#1012628).
- arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
(bsc#1012628).
- arm64: dts: rockchip: fix rk3308-roc-cc vcc-sd supply
(bsc#1012628).
- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from
rk3399-khadas-edge (bsc#1012628).
- pinctrl: amd: Fix wakeups when IRQ is shared with SCI
(bsc#1012628).
- drm/i915/hdmi: Turn DP++ TMDS output buffers back on in
encoder->shutdown() (bsc#1012628).
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915
(bsc#1012628).
- scsi: ufs: core: Retry START_STOP on UNIT_ATTENTION
(bsc#1012628).
- btrfs: remove stale comment about the btrfs_show_devname
(bsc#1012628).
- btrfs: update latest_dev when we create a sprout device
(bsc#1012628).
- btrfs: use latest_dev in btrfs_show_devname (bsc#1012628).
- btrfs: convert latest_bdev type to btrfs_device and rename
(bsc#1012628).
- audit: improve robustness of the audit queue handling
(bsc#1012628).
- dm btree remove: fix use after free in rebalance_children()
(bsc#1012628).
- ceph: fix up non-directory creation in SGID directories
(bsc#1012628).
- arm64: dts: ten64: remove redundant interrupt declaration for
gpio-keys (bsc#1012628).
- recordmcount.pl: look for jgnop instruction as well as bcrl
on s390 (bsc#1012628).
- s390/entry: fix duplicate tracking of irq nesting level
(bsc#1012628).
- vdpa: check that offsets are within bounds (bsc#1012628).
- virtio_ring: Fix querying of maximum DMA mapping size for
virtio device (bsc#1012628).
- vduse: check that offset is within bounds in get_config()
(bsc#1012628).
- vduse: fix memory corruption in vduse_dev_ioctl() (bsc#1012628).
- bpf, selftests: Update test case for atomic cmpxchg on r0 with
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
(bsc#1012628).
- bpf, selftests: Add test case trying to taint map value pointer
(bsc#1012628).
- bpf: Make 32->64 bounds propagation slightly more robust
(bsc#1012628).
- bpf: Fix signed bounds propagation after mov32 (bsc#1012628).
- bpf, selftests: Add test case for atomic fetch on spilled
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic fetch (bsc#1012628).
- firmware: arm_scpi: Fix string overflow in SCPI genpd driver
(bsc#1012628).
- mac80211: validate extended element ID is present (bsc#1012628).
- mac80211: send ADDBA requests using the tid/queue of the
aggregation session (bsc#1012628).
- mac80211: mark TX-during-stop for TX in in_reconfig
(bsc#1012628).
- mac80211: fix regression in SSN handling of addba tx
(bsc#1012628).
- mac80211: fix rate control for retransmitted frames
(bsc#1012628).
- KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid()
(bsc#1012628).
- x86/kvm: remove unused ack_notifier callbacks (bsc#1012628).
- KVM: downgrade two BUG_ONs to WARN_ON_ONCE (bsc#1012628).
- KVM: selftests: Make sure kvm_create_max_vcpus test won't hit
RLIMIT_NOFILE (bsc#1012628).
- KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled
(bsc#1012628).
- reset: tegra-bpmp: Revert Handle errors in BPMP response
(bsc#1012628).
- commit 9903b31
- Linux 5.15.10 (bsc#1012628).
- perf inject: Fix itrace space allowed for new attributes
(bsc#1012628).
- fuse: make sure reclaim doesn't write the inode (bsc#1012628).
- staging: most: dim2: use device release method (bsc#1012628).
- tracing: Fix a kmemleak false positive in tracing_map
(bsc#1012628).
- drm/amdkfd: process_info lock not needed for svm (bsc#1012628).
- drm/amd/display: add connector type check for CRC source set
(bsc#1012628).
- drm/amdkfd: fix double free mem structure (bsc#1012628).
- drm/amd/display: Fix for the no Audio bug with Tiled Displays
(bsc#1012628).
- drm/amdgpu: check atomic flag to differeniate with legacy path
(bsc#1012628).
- drm/amdgpu: cancel the correct hrtimer on exit (bsc#1012628).
- net: netlink: af_netlink: Prevent empty skb by adding a check
on len (bsc#1012628).
- i2c: rk3x: Handle a spurious start completion interrupt flag
(bsc#1012628).
- parisc/agp: Annotate parisc agp init functions with __init
(bsc#1012628).
- ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
(bsc#1012628).
- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
(bsc#1012628).
- loop: Use pr_warn_once() for loop_control_remove() warning
(bsc#1012628).
- net/mlx4_en: Update reported link modes for 1/10G (bsc#1012628).
- Revert "tty: serial: fsl_lpuart: drop earlycon entry for
i.MX8QXP" (bsc#1012628).
- s390/test_unwind: use raw opcode instead of invalid instruction
(bsc#1012628).
- KVM: arm64: Save PSTATE early on exit (bsc#1012628).
- drm/msm/dp: Avoid unpowered AUX xfers that caused crashes
(bsc#1012628).
- drm/msm/dsi: set default num_data_lanes (bsc#1012628).
- drm/msm/a6xx: Fix uinitialized use of gpu_scid (bsc#1012628).
- drm/msm: Fix null ptr access msm_ioctl_gem_submit()
(bsc#1012628).
- i2c: virtio: fix completion handling (bsc#1012628).
- vmxnet3: fix minimum vectors alloc issue (bsc#1012628).
- ice: fix FDIR init missing when reset VF (bsc#1012628).
- RDMA/irdma: Don't arm the CQ more than two times if no CE for
this CQ (bsc#1012628).
- RDMA/irdma: Report correct WC errors (bsc#1012628).
- RDMA/irdma: Fix a potential memory allocation issue in
'irdma_prm_add_pble_mem()' (bsc#1012628).
- RDMA/irdma: Fix a user-after-free in add_pble_prm (bsc#1012628).
- netfs: Fix lockdep warning from taking sb_writers whilst
holding mmap_lock (bsc#1012628).
- perf bpf_skel: Do not use typedef to avoid error on old clang
(bsc#1012628).
- clk: qcom: sm6125-gcc: Swap ops of ice and apps on sdcc1
(bsc#1012628).
- dt-bindings: media: nxp,imx7-mipi-csi2: Drop bad if/then schema
(bsc#1012628).
- inet: use #ifdef CONFIG_SOCK_RX_QUEUE_MAPPING consistently
(bsc#1012628).
- mtd: rawnand: Fix nand_choose_best_timings() on unsupported
interface (bsc#1012628).
- mtd: rawnand: Fix nand_erase_op delay (bsc#1012628).
- RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
(bsc#1012628).
- RDMA: Fix use-after-free in rxe_queue_cleanup (bsc#1012628).
- hwmon: (corsair-psu) fix plain integer used as NULL pointer
(bsc#1012628).
- nfc: fix segfault in nfc_genl_dump_devices_done (bsc#1012628).
- commit 85804f3
- Linux 5.15.9 (bsc#1012628).
- netfilter: selftest: conntrack_vrf.sh: fix file permission
(bsc#1012628).
- commit edf812e
==== kubernetes1.22 ====
- Tidy up merge marker
==== libcap ====
Version update (2.61 -> 2.62)
- update to 2.62:
* Bug fix for Go package "cap" and launching
* Build cleanups
* Documentation updates: cap_max_bits has a man page entry
* Recognize default securebits as a libcap mode: HYBRID
==== libthai ====
Version update (0.1.28 -> 0.1.29)
Subpackages: libthai-data libthai0
- Update to version 0.1.29.
* Rewritten thbrk test.
* More compliance with UAX#14 (Unicode Line Breaking Algorithm)
for thbrk.
* Fix a typo in TIS-620 character name in tis.h.
* Updated word break dictionary.
==== pango ====
Version update (1.50.2 -> 1.50.3)
- Update to version 1.50.3:
+ pango-view: Add --serialize-to option for easy bug reporting.
+ Revert a transformation change that broke metrics for vertical
text.
+ Handle fonts without space glyph (such as icon fonts) better.
+ Fix some corner cases of line width accounting.
+ Fix line height with emulated Small Caps.
==== python-SQLAlchemy ====
Version update (1.4.27 -> 1.4.29)
- Update to 1.4.29:
- truly, just plenty of small bugfixes, see the changelog on the Web
https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.29
- update to 1.4.28:
Bugfixes, see
* https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.28
==== python-ordered-set ====
- Do not disable python36 here. This package is so deep in the
dependency tree, you have to do it globally.
- Upstream supoorted only python >= 3.5, so disable python 2 and
also python 3.6 (End of support).
==== python-setuptools ====
- Remove unzip BuildRequires: the tarball is proper gz compressed,
no zip files to decompress here.
==== qemu ====
Version update (6.1.0 -> 6.2.0)
- Fix testsuite failures by not using modules when building tests
(and some other, also testsuite related, spec file problems)
- [JIRA] (SLE-20965) Make QEMU guests more failsafe when resizing
SCSI passthrough disks
* Patches added:
scsi-generic-replace-logical-block-count.patch
- Add an audio-oss sub-package
- Add some new (mostly documentation) files in the package
- Remove option --audio-drv-list because audio is detected by
meson automatically in latest version.
- Remove options --disable-jemalloc and --disable-tcmalloc
which are changed in v6.2.0.
- Update to v 6.2.0. For full release notese, see:
* https://wiki.qemu.org/ChangeLog/6.2.
Be sure to also check the following pages:
* https://qemu-project.gitlab.io/qemu/about/removed-features.html
* https://qemu-project.gitlab.io/qemu/about/deprecated.html
Some notable changes:
* virtio-mem: guest memory dumps are now fully supported, along
with pre-copy/post-copy migration and background guest snapshots
* QMP: support for nw DEVICE_UNPLUG_GUEST_ERROR to detect
guest-reported hotplug failures
* TCG: improvements to TCG plugin argument syntax, and multi-core
support for cache plugin
* 68k: improved support for Apple?s NuBus, including ability to
load declaration ROMs, and slot IRQ support
* ARM: macOS hosts with Apple Silicon CPUs now support ?hvf?
accelerator for AArch64 guests
* ARM: emulation support for Fujitsu A64FX processor model
* ARM: emulation support for kudo-mbc machine type
* ARM: M-profile MVE extension is now supported for Cortex-M55
* ARM: ?virt? machine now supports an emulated ITS (Interrupt
Translation Service) and supports more than 123 CPUs in
emulation mode
* ARM: xlnx-zcu102 and xlnx-versal-virt machines now support
BBRAM and eFUSE devices
* PowerPC: improved POWER10 support for the ?powernv? machine type
* PowerPC: initial support for POWER10 DD2.0 CPU model
* PowerPC: support for FORM2 PAPR NUMA descriptions for ?pseries? machine type
* RISC-V: support for Zb[abcs] instruction set extensions
* RISC-V: support for vhost-user and numa mem options across all boards
* RISC-V: SiFive PWM support
* x86: support for new Snowridge-v4 CPU model
* x86: guest support for Intel SGX
* x86: AMD SEV guests now support measurement of kernel binary when doing
direct kernel boot (not using a bootloader)
* Patches dropped:
9pfs-fix-crash-in-v9fs_walk.patch
block-introduce-max_hw_iov-for-use-in-sc.patch
hmp-Unbreak-change-vnc.patch
hw-acpi-ich9-Add-compat-prop-to-keep-HPC.patch
hw-i386-acpi-build-Deny-control-on-PCIe-.patch
i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch
net-vmxnet3-validate-configuration-value.patch
pcie-rename-native-hotplug-to-x-native-h.patch
plugins-do-not-limit-exported-symbols-if.patch
plugins-execlog-removed-unintended-s-at-.patch
qemu-nbd-Change-default-cache-mode-to-wr.patch
qemu-sockets-fix-unix-socket-path-copy-a.patch
target-arm-Don-t-skip-M-profile-reset-en.patch
target-i386-add-missing-bits-to-CR4_RESE.patch
tcg-arm-Fix-tcg_out_vec_op-function-sign.patch
uas-add-stream-number-sanity-checks.patch
vhost-vsock-fix-migration-issue-when-seq.patch
virtio-balloon-don-t-start-free-page-hin.patch
virtio-mem-pci-Fix-memory-leak-when-crea.patch
virtio-net-fix-use-after-unmap-free-for-.patch
==== raspberrypi-firmware ====
Version update (2021.11.16 -> 2021.12.01)
- Update to 1a0297bfbf (2021-12-01):
* firmware: board_info: Add upstream dtb names for cm1 & 3
* firmware: board_info: Add upstream dtb name for cm4
See: #1660
* firmware: platform: Allow users to disable camera boot HMAC check
See: #1657
* firmware: clock: 2711: Fix potential API issue in 2711 VCO setup
* firmware: arm_loader: Enable USB MSD boot mode on Zero 2 W
* firmware: isp: Fix Rec.709 colour space problems
==== raspberrypi-firmware-config ====
Version update (2021.11.16 -> 2021.12.01)
- Update to 1a0297bfbf (2021-12-01):
* firmware: board_info: Add upstream dtb names for cm1 & 3
* firmware: board_info: Add upstream dtb name for cm4
See: #1660
* firmware: platform: Allow users to disable camera boot HMAC check
See: #1657
* firmware: clock: 2711: Fix potential API issue in 2711 VCO setup
* firmware: arm_loader: Enable USB MSD boot mode on Zero 2 W
* firmware: isp: Fix Rec.709 colour space problems
==== sssd ====
Version update (2.6.1 -> 2.6.2)
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Update to release 2.6.2
* Quick log out and log in did not correctly refresh user's
initgroups in no_session PAM schema due to lingering systemd
processes.
==== wicked ====
Version update (0.6.67 -> 0.6.68)
Subpackages: wicked-service
- version 0.6.68
- sysctl: process sysctl.d directories as in sysctl --system
- sysctl: fix sysctl values for loopback device (bsc#1181163, bsc#1178357)
- dhcp4: add option to set route pref-src to dhcp IP (bsc#1192353)
- cleanup: warnings, time calculations and dhcp fixes (bsc#1188019)
- wireless: reconnect on unexpected wpa_supplicant restart (bsc#1183495)
- tuntap: avoid sysfs attr read error (bsc#1192311)
- ifstatus: fix warning of unexpected interface flag combination (bsc#1192164)
==== yast2 ====
Version update (4.4.31 -> 4.4.32)
- properly pass named arguments in ruby3 (bsc#1193192)
- 4.4.32
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cups
libcap (2.61 -> 2.62)
=== Details ===
==== cups ====
Subpackages: cups-client cups-config libcups2 libcupsimage2
- Provide /usr/share/cups/ppdc/ in the "cups" main package
to avoid that "lpinfo -m" results in /var/log/cups/error_log
things like "ppdc: Unable to find include file font.defs"
or "ppdc: Unable to find include file hp.h" and then
"Bad driver information file /usr/share/cups/drv/sample.drv"
(bsc#1186843)
- When cupsd creates directories with specific owner group
and permissions (usually owner is 'root' and group matches
"configure --with-cups-group=lp") specify same owner group and
permissions in the RPM spec file to ensure those directories
are installed by RPM with the right settings because if those
directories were installed by RPM with different settings then
cupsd would use them as is and not adjust its specific owner
group and permissions which could lead to privilege escalation
from 'lp' user to 'root' via symlink attacks e.g. if owner is
falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161)
- upstream_pull_174.patch is
https://github.com/OpenPrinting/cups/pull/174
"Use 60s timeout for read_thread, revert read limits"
to fix printing with older USB printers
- New upstream URL https://openprinting.github.io/cups
- Disable testsuite for now via "bcond_with testsuite"
until https://github.com/OpenPrinting/cups/issues/155 is fixed
- Add "testsuite" conditional that disables anything within %check
- fix-negotiate-authentication-between-CGIs-and-scheduler.patch
fixes web UI Kerberos authentication (bsc#1175960)
- Upstream changed to https://github.com/OpenPrinting/cups
- Added %check section to specfile that executes
the old 'make check' and the new (see 2.3.3op1) 'make test'
- Version upgrade to 2.3.3op2:
* Security: Fixed a buffer (read) overflow
in the ippReadIO function (CVE-2020-10001)
* Clarified the documentation for the "Listen" directive
* Fixed duplicate ColorModel entries for AirPrint printers
* Fixed directory/permission defaults for Debian
kfreebsd-based systems
* Fixed crash bug in ppdOpen
* Fixed regression in snprintf emulation function
* The scheduler's systemd service file now waits
for the nslcd service to start
* The libusb-based USB backend now uses a simpler read timer
implementation to avoid a regression in a previous change
* The PPD caching code now only tracks the APPrinterIconPath
value on macOS
* Fixed segfault in help.cgi when searching in man pages
* Root certificates were incorrectly stored in "~/.cups/ssl".
* Version upgrade to 2.3.3op1:
* The automated test suite can now be activated using make test
for consistency with other projects and CI environments - the
old make check continues to work as well, and the previous test
server behavior can be accessed by running make testserver.
* ippeveprinter now supports multiple icons and strings files.
* ippeveprinter now uses the system's FQDN with Avahi.
* ippeveprinter now supports Get-Printer-Attributes on "/".
* ippeveprinter now uses a deterministic "printer-uuid" value.
* ippeveprinter now uses system sounds on macOS
for Identify-Printer.
* Updated ippfind to look for files in "~/Desktop" on Windows.
* Updated ippfind to honor SKIP-XXX directives with PAUSE.
* Updated IPP Everywhere support to work around printers that only
advertise color raster support but really also support grayscale
* ipptool now supports DNS-SD URIs like
ipps://My%20Printer._ipps._tcp.local
* The scheduler now allows root backends to have world read
permissions but not world execute permissions
* Failures to bind IPv6 listener sockets no longer cause errors
if IPv6 is disabled on the host
* The SNMP backend now supports the HP and Ricoh vendor MIBs
* The scheduler no longer includes a timestamp in files it writes
* The systemd service names are now "cups.service"
and "cups-lpd.service"
* The scheduler no longer adds the local hostname to
the ServerAlias list
* Added LogFileGroup directive in "cups-files.conf" to control
the group owner of log files
* Added --with-max-log-size configure option
* Added --enable-sync-on-close configure option
* Added --with-error-policy configure option
* IPP Everywhere PPDs could have an "unknown" default InputSlot
* The httpAddrListen function now uses a listen backlog of 128.
* Added USB quirks
* Fixed IPP Everywhere v1.1 conformance issues in ippeveprinter.
* Fixed DNS-SD name collision support in ippeveprinter.
* Fixed compiler and code analyzer warnings.
* Fixed TLS support on Windows.
* Fixed ippfind sub-type searches with Avahi.
* Fixed the default hostname used by ippeveprinter on macOS.
* Fixed resolution of local IPP-USB printers with Avahi.
* Fixed coverity issues
* Fixed httpAddrConnect issues
* Fixed web interface device URI issue
* Fixed lp/lpr "printer/class not found" error reporting
* Fixed xinetd support for LPD clients
* Fixed libtool build issue
* Fixed a memory leak in the scheduler
* Fixed a potential integer overflow in the PPD hashing code
* Fixed output-bin and print-quality handling issues
* Fixed PPD options getting mapped to odd IPP values
like "tray---4"
* Fixed remote access to the cupsd.conf and log files
* Fixed the automated test suite when running in certain
build/CI environments
* Fixed a logging regression caused by a previous change
for Apple issue #5604
* Fixed fax phone number handling with GNOME
* Fixed potential rounding error in rastertopwg filter
* Fixed the "uri-security-supported" value from the scheduler
* Fixed IPP backend crash bug with "printer-alert" values
* Removed old Solaris inetconv(1m) reference in cups-lpd man page
* Fixed default options that incorrectly use the "custom" prefix
* Fixed a memory leak when resolving DNS-SD URIs
* Fixed systemd status reporting by adopting the notify interface
* Fixed crash in rastertopwg
* Fixed cupsManualCopies values in IPP Everywhere PPDs
- Removed let-cupsd-start-after-network.patch
as it is no longer required
- Removed CVE-2020-10001.patch as a fix as been merged upstream
- Removed section of specfile responsible for
renaming "org.cups.cups*" systemd files to cups*, due to
upstream renaming these files
- Remove code comments from expanded scriptlets to reduce size
cf. https://build.opensuse.org/request/show/879976
- CVE-2020-10001.patch fixes CVE-2020-10001 (bsc#1180520)
access to uninitialized buffer in ipp.c
- Version upgrade to 2.3.3:
* CVE-2020-3898: The 'ppdOpen' function did not handle invalid UI
constraint. 'ppdcSource::get_resolution' function did not
handle invalid resolution strings.
* CVE-2019-8842: The 'ippReadIO' function may under-read an
extension field.
* Fixed WARNING_OPTIONS support for GCC 9.x
Changes in CUPS 2.3.2:
Localization updates
Changes in CUPS 2.3.1:
* CVE-2019-2228: The 'ippSetValuetag' function did not validate
the default language value.
* Fixed a crash bug in the web interface.
* The PPD cache code now looks up page sizes using their
dimensions.
* PPD files containing "custom" option keywords did not work.
* Added a workaround for the scheduler's systemd support.
* Added a DigestOptions directive for the 'client.conf' file to
control whether MD5-based Digest authentication is allowed.
* Fixed a bug in the handling of printer resource files.
* The libusb-based USB backend now reports an error when the
distribution permissions are wrong.
* Added paint can labels to Dymo driver.
* The 'ippeveprinter' program now supports authentication.
* The 'ippeveprinter' program now advertises DNS-SD services on
the correct interfaces, and provides a way to turn them off.
* The '--with-dbusdir' option was ignored by the configure
script.
* Sandboxed applications were not able to get the default
printer.
* Log file access controls were not preserved by 'cupsctl'.
* Default printers set with 'lpoptions' did not work in all
cases.
* Fixed an error in the jobs web interface template.
* Fixed an off-by-one error in 'ippEnumString'.
* Fixed some new compiler warnings.
* Fixed a few issues with the Apple Raster support.
* The IPP backend did not detect all cases where a job should be
retried using a raster format.
* Fixed spelling of "fold-accordion".
* Fixed the default common name for TLS certificates used by
'ippeveprinter'.
* Fixed the option names used for IPP Everywhere finishing
options.
* Added support for the second roll of the DYMO Twin/DUO label
printers.
Changes in CUPS v2.3.0:
* CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows.
* Added a GPL2/LGPL2 exception to the new CUPS license terms.
* Fixed a bug in the scheduler job cleanup code.
* Fixed builds when there is no TLS library.
* "make" failed with GZIP options.
* Fixed potential excess logging from the scheduler when removing
job files.
* Fixed a NULL pointer dereference bug in 'httpGetSubField2'.
* Added FIPS-140 workarounds for GNU TLS.
* The scheduler no longer provides a default value for the
description.
* The scheduler now logs jobs held for authentication using the
error level so it is clear what happened.
* The 'lpadmin' command did not always update the PPD file for
changes to the 'cupsIPPSupplies' and 'cupsSNMPSupplies' keywords.
* The scheduler now uses both the group's membership list as well
as the various OS-specific membership functions to determine
whether a user belongs to a named group.
* Added USB quirks rule for HP LaserJet 1015.
* Fixed some PPD parser issues.
* The IPP parser no longer allows invalid member attributes in
collections.
* The configure script now treats the "wheel" group as a
potential system group.
* Fixed IPP buffer overflow.
* Fixed memory disclosure issue in the scheduler.
* Fixed DoS issues in the scheduler.
* Fixed an issue with unsupported "sides" values in the IPP
backend.
* The scheduler would restart continuously when idle and printers
were not shared.
* Fixed an issue with 'EXPECT !name WITH-VALUE ...' tests.
* Fixed a command ordering issue in the Zebra ZPL driver.
* Fixed a memory leak in 'ppdOpen'.
Changes in CUPS v2.3rc1:
* The 'cups-config' script no longer adds extra libraries when linking against
shared libraries.
* The supplied example print documents have been optimized for
size.
* The 'cupsctl' command now prevents setting "cups-files.conf"
directives.
* The "forbidden" message in the web interface is now explained.
* The footer in the web interface covered some content on small
displays.
* The libusb-based USB backend now enforces read limits,
improving print speed in many cases.
* The 'ippeveprinter' command now looks for print commands in
the "command" subdirectory.
* The 'ipptool' command now supports '$date-current' and
'$date-start' variables to insert the current and starting date
and time values, as well as ISO-8601 relative time values such
as "PT30S" for 30 seconds in the future.
Changes in CUPS v2.3b8
* Media size matching now uses a tolerance of 0.5mm.
* The lpadmin command would hang with a bad PPD file.
* Fixed a potential crash bug in cups-driverd.
* Fixed a performance regression with large PPDs.
* Fixed a memory reallocation bug in HTTP header value expansion.
* Timed out job submission now yields an error.
* Restored minimal support for the 'Emulators' keyword in PPD
files to allow old Samsung printer drivers to continue to work.
* The scheduler did not encode octetString values like
"job-password" correctly for the print filters.
* The 'cupsCheckDestSupported' function did not check octetString
values correctly.
* Added support for 'UserAgentTokens' directive in "client.conf".
* Updated the systemd service file for cupsd.
* The 'ippValidateAttribute' function did not catch all instances
of invalid UTF-8 strings.
* Fixed an issue with the self-signed certificates generated by
GNU TLS.
* Fixed a potential memory leak when reading at the end of a
file.
* Fixed potential unaligned accesses in the string pool.
* Fixed a potential memory leak when loading a PPD file.
* Added a USB quirks rule for the Lexmark E120n.
* Updated the USB quirks rule for Zebra label printers.
* The lpadmin command, web interface, and scheduler all queried
an IPP Everywhere printer differently, resulting in different
PPDs for the same printer.
* The web interface no longer provides access to the log files.
* Non-Kerberized printing to Windows via IPP was broken.
* The scheduler no longer stops a printer if an error occurs when
a job is canceled or aborted.
* Added a USB quirks rule for the DYMO 450 Turbo.
* Added a USB quirks rule for Xerox printers.
* The scheduler's self-signed certificate did not include all of
the alternate names for the server when using GNU TLS.
* Fixed some PPD caching and IPP Everywhere PPD
accounting/password bugs.
* Fixed 'PreserveJobHistory' bug with time values.
* The scheduler no longer advertises the HTTP methods it
supports.
* The scheduler did not always idle exit as quickly as it could.
* Added a new 'ippeveprinter' command based on the old ippserver
sample code.
Changes in CUPS v2.3b7
* Running ppdmerge with the same input and output filenames did
not work as advertised.
* Rebase let-cupsd-start-after-network.patch and
cups-config-libs.patch.
* Drop issue5509-fix-utf-8-validation-issue.patch and
issue5453.patch: fixed upstream.
- make cups-devel pull in cups-rpm-helper to fix printer driver
provides (boo#1172407)
- Fixes for %_libexecdir changing to /usr/libexec
- Add issue5509-fix-utf-8-validation-issue.patch (bsc#1118118)
Fixes https://github.com/apple/cups/issues/5509
- Remove libcupscgi1, libcupsmime1, libcupsppdc1 from
baselibs.conf
- Version upgrade to 2.3b6:
This is the sixth beta of the CUPS 2.3 series which adopts the
new CUPS license, adds support for IPP presets and finishing
templates, and fixes a number of bugs and "polish" issues.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Backward incompatible changes:
* The cupsaddsmb program has been removed (Issue #5449)
* The cupstestdsc program has been removed (Issue #5450)
* The cupscgi, cupsmime, and cupsppdc support libraries
are no longer installed as shared libraries.
Changes include:
* CVE-2018-4700: Linux session cookies used a predictable
random number seed.
* The lpoptions command now works with IPP Everywhere printers
that have not yet been added as local queues (Issue #5045)
* The lpadmin command would create a non-working printer
in some error cases (Issue #5305)
* The scheduler would crash if an empty AccessLog directive
was specified (Issue #5309)
* The scheduler did not idle-exit on some
Linux distributions (Issue #5319)
* Fixed a regression in the changes to ippValidateAttribute
(Issue #5322, Issue #5330)
* Fixed a crash bug in the Epson dot matrix driver (Issue #5323)
* Automatic debug logging of job errors did not work
with systemd (Issue #5337)
* The web interface did not list the
IPP Everywhere "driver" (Issue #5338)
* The scheduler did not report all of the supported job options
and values (Issue #5340)
* The IPP Everywhere "driver" now properly supports
face-up printers (Issue #5345)
* Fixed some typos in the label printer drivers (Issue #5350)
* Setting the Community name to the empty string in snmp.conf
now disables SNMP supply level monitoring by all the
standard network backends (Issue #5354)
* Multi-file jobs could get stuck if the backend failed
(Issue #5359, Issue #5413)
* The IPP Everywhere "driver" no longer does local filtering
when printing to a shared CUPS printer (Issue #5361)
* The lpadmin command now correctly reports IPP errors
when configuring an IPP Everywhere printer (Issue #5370)
* Fixed some memory leaks discovered by Coverity (Issue #5375)
* The PPD compiler incorrectly terminated JCL options
(Issue #5379)
* The cupstestppd utility did not generate errors for
missing/mismatched CloseUI/JCLCloseUI keywords (Issue #5381)
* The scheduler now reports the actual location
of the log file (Issue #5398)
* The generated PPD files for IPP Everywhere printers
did not contain the cupsManualCopies keyword (Issue #5433)
* Kerberos credentials might be truncated (Issue #5435)
* The handling of MaxJobTime 0 did not match the documentation
(Issue #5438)
* Fixed a bug adding a queue with the -E option (Issue #5440)
* The scheduler did not validate that required initial request
attributes were in the operation group (rdar://41098178)
* Fixed an issue with HTTP Digest authentication
(rdar://41709086)
* The scheduler could crash when job history was purged
(rdar://42198057)
* Fixed a crash bug when mapping PPD duplex options
to IPP attributes (rdar://46183976)
* Fixed a memory leak for some IPP (extension) syntaxes.
* The snmp backend is now deprecated.
- issue5453.patch fixes https://github.com/apple/cups/issues/5453
- Version upgrade to 2.3b5:
This is the fifth beta of the CUPS 2.3 series which adopts the
new CUPS license, adds support for IPP presets and finishing
templates, and fixes a number of bugs and "polish" issues.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Changes include:
* The ipptool program no longer checks for duplicate attributes
when running in list or CSV mode (Issue #5278)
* The cupsCreateJob, cupsPrintFile2, and cupsPrintFiles2 APIs
did not use the supplied HTTP connection (Issue #5288)
* Fixed another crash in the scheduler when adding an IPP
Everywhere printer (Issue #5290)
* Added a workaround for certain web browsers that
do not support multiple authentication schemes
in a single response header (Issue #5289)
* Fixed policy limits containing the All operation (Issue #5296)
* The scheduler was always restarted after idle-exit
with systemd (Issue #5297)
* The mailto notifier did not wait for the
welcome message (Issue #5312)
* Fixed a parsing bug in the pstops filter (Issue #5321)
* The scheduler allowed environment variables to be specified
in the cupsd.conf file (rdar://37836779, rdar://37836995,
rdar://37837252, rdar://37837581)
* Fax queues did not support pause (p) or
wait-for-dialtone (w) characters (rdar://39212256)
* The scheduler did not validate notify-recipient-uri values
properly (rdar://40068936)
* The IPP parser allowed invalid group tags (rdar://40442124)
* Fixed a parsing bug in the new authentication code.
- issue5296_fix_policy_limits_using_All.patch is obsolete
because it is fixed upstream (see "Issue #5296" above)
- Add patch let-cupsd-start-after-network.patch
Let cuspd start after possible network connection (boo#1111351)
This let cupsd also stop before a used network connection goes
down, hence the cusp does not lock due waiting on remote printers.
- Fix warning message upon update (boo#1050845): Remove template
service cups-lpd@ from service_* macro in scriptlets.
- issue5296_fix_policy_limits_using_All.patch fixes
https://github.com/apple/cups/issues/5296
by only the actually relevant part of
https://github.com/apple/cups/commit/0873f681e43c04972b3d6bc90bdbdedb29e6e9…
(follow-up of boo#936309 and bsc#577936 starting at comment 13)
- Version upgrade to 2.3b4:
This is the fourth beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Changes include:
* Additional security fixes for:
bsc#1061066 DBUS library aborts caller process
in _dbus_check_is_valid_utf8 (in particular that aborts cupsd)
and
bsc#1087018 CVE-2017-18248: cups: The add_job function in
scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is
enabled, can be crashed by remote attackers by sending print
jobs with an invalid username, related to a D-Bus notification
which are the CUPS upstream issues
https://github.com/apple/cups/issues/5143
Remote DoS attack against cupsd via invalid username
and malicious D-Bus library
and
https://github.com/apple/cups/issues/5186
squash non-UTF-8 strings into ASCII on plain IPP level
and
https://github.com/apple/cups/issues/5229
persistently substitute invalid job attributes
with default values - not only in add_job
see also
bsc#1087072 dbus-1:
Disable assertions to prevent un-expected DDoS attacks
* NOTICE: Raw print queues are now deprecated (Issue #5269)
so that now there is a warning message when you
add or modify a queue to use the "raw driver" but
raw printing will continue to work through CUPS 2.3.x, cf.
https://lists.cups.org/pipermail/cups/2018-March/074060.html
* Kerberized printing to another CUPS server did not work
correctly (Issue #5233)
* The scheduler now supports using temporary print queues
for older IPP/1.1 print queues like those shared by CUPS 1.3
and earlier (Issue #5241)
* Systemd did not restart cupsd when configuration changes
were made that required a restart (Issue #5263)
* Fixed an Avahi crash bug in the scheduler (Issue #5268)
* TLS connections now properly timeout (rdar://34938533)
* Removed support for the '-D_PPD_DEPRECATED=""' developer
cheat - the PPD API should no longer be used.
* Removed support for '-D_IPP_PRIVATE_STRUCTURES=1' developer
cheat - the IPP accessor functions should be used instead.
* The symlink rastertodymo -> rastertolabel
in /usr/lib/cups/filter is no longer provided.
- Removed fix_filter_Makefile.patch
because since CUPS 2.3b4 it is fixed in the upstream code via
https://github.com/apple/cups/issues/5247 more precisely via
https://github.com/apple/cups/commit/ab89234de2d9bf36bb59f2aa4873d98e95ca4d…
- Version upgrade to 2.3b3:
This is the third beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
Changes include:
* More fixes for printing to old CUPS servers (Issue #5211)
* Additional changes for the scheduler to substitute
default values for invalid job attributes
when running in "relaxed conformance" mode
(Issue #5229 - a follow-up of issues #5186 and #5143)
A detailed list of changes can be found in the CHANGES.md file.
- fix_filter_Makefile.patch fixes
https://github.com/apple/cups/issues/5247
- Version upgrade to 2.3b2:
This is the second beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
Changes include:
* Printing to old CUPS servers has been fixed (Issue #5211)
A detailed list of changes can be found in the CHANGES.md file.
==== libcap ====
Version update (2.61 -> 2.62)
- update to 2.62:
* Bug fix for Go package "cap" and launching
* Build cleanups
* Documentation updates: cap_max_bits has a man page entry
* Recognize default securebits as a libcap mode: HYBRID
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cups
libcap (2.61 -> 2.62)
=== Details ===
==== cups ====
Subpackages: cups-config libcups2
- Provide /usr/share/cups/ppdc/ in the "cups" main package
to avoid that "lpinfo -m" results in /var/log/cups/error_log
things like "ppdc: Unable to find include file font.defs"
or "ppdc: Unable to find include file hp.h" and then
"Bad driver information file /usr/share/cups/drv/sample.drv"
(bsc#1186843)
- When cupsd creates directories with specific owner group
and permissions (usually owner is 'root' and group matches
"configure --with-cups-group=lp") specify same owner group and
permissions in the RPM spec file to ensure those directories
are installed by RPM with the right settings because if those
directories were installed by RPM with different settings then
cupsd would use them as is and not adjust its specific owner
group and permissions which could lead to privilege escalation
from 'lp' user to 'root' via symlink attacks e.g. if owner is
falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161)
- upstream_pull_174.patch is
https://github.com/OpenPrinting/cups/pull/174
"Use 60s timeout for read_thread, revert read limits"
to fix printing with older USB printers
- New upstream URL https://openprinting.github.io/cups
- Disable testsuite for now via "bcond_with testsuite"
until https://github.com/OpenPrinting/cups/issues/155 is fixed
- Add "testsuite" conditional that disables anything within %check
- fix-negotiate-authentication-between-CGIs-and-scheduler.patch
fixes web UI Kerberos authentication (bsc#1175960)
- Upstream changed to https://github.com/OpenPrinting/cups
- Added %check section to specfile that executes
the old 'make check' and the new (see 2.3.3op1) 'make test'
- Version upgrade to 2.3.3op2:
* Security: Fixed a buffer (read) overflow
in the ippReadIO function (CVE-2020-10001)
* Clarified the documentation for the "Listen" directive
* Fixed duplicate ColorModel entries for AirPrint printers
* Fixed directory/permission defaults for Debian
kfreebsd-based systems
* Fixed crash bug in ppdOpen
* Fixed regression in snprintf emulation function
* The scheduler's systemd service file now waits
for the nslcd service to start
* The libusb-based USB backend now uses a simpler read timer
implementation to avoid a regression in a previous change
* The PPD caching code now only tracks the APPrinterIconPath
value on macOS
* Fixed segfault in help.cgi when searching in man pages
* Root certificates were incorrectly stored in "~/.cups/ssl".
* Version upgrade to 2.3.3op1:
* The automated test suite can now be activated using make test
for consistency with other projects and CI environments - the
old make check continues to work as well, and the previous test
server behavior can be accessed by running make testserver.
* ippeveprinter now supports multiple icons and strings files.
* ippeveprinter now uses the system's FQDN with Avahi.
* ippeveprinter now supports Get-Printer-Attributes on "/".
* ippeveprinter now uses a deterministic "printer-uuid" value.
* ippeveprinter now uses system sounds on macOS
for Identify-Printer.
* Updated ippfind to look for files in "~/Desktop" on Windows.
* Updated ippfind to honor SKIP-XXX directives with PAUSE.
* Updated IPP Everywhere support to work around printers that only
advertise color raster support but really also support grayscale
* ipptool now supports DNS-SD URIs like
ipps://My%20Printer._ipps._tcp.local
* The scheduler now allows root backends to have world read
permissions but not world execute permissions
* Failures to bind IPv6 listener sockets no longer cause errors
if IPv6 is disabled on the host
* The SNMP backend now supports the HP and Ricoh vendor MIBs
* The scheduler no longer includes a timestamp in files it writes
* The systemd service names are now "cups.service"
and "cups-lpd.service"
* The scheduler no longer adds the local hostname to
the ServerAlias list
* Added LogFileGroup directive in "cups-files.conf" to control
the group owner of log files
* Added --with-max-log-size configure option
* Added --enable-sync-on-close configure option
* Added --with-error-policy configure option
* IPP Everywhere PPDs could have an "unknown" default InputSlot
* The httpAddrListen function now uses a listen backlog of 128.
* Added USB quirks
* Fixed IPP Everywhere v1.1 conformance issues in ippeveprinter.
* Fixed DNS-SD name collision support in ippeveprinter.
* Fixed compiler and code analyzer warnings.
* Fixed TLS support on Windows.
* Fixed ippfind sub-type searches with Avahi.
* Fixed the default hostname used by ippeveprinter on macOS.
* Fixed resolution of local IPP-USB printers with Avahi.
* Fixed coverity issues
* Fixed httpAddrConnect issues
* Fixed web interface device URI issue
* Fixed lp/lpr "printer/class not found" error reporting
* Fixed xinetd support for LPD clients
* Fixed libtool build issue
* Fixed a memory leak in the scheduler
* Fixed a potential integer overflow in the PPD hashing code
* Fixed output-bin and print-quality handling issues
* Fixed PPD options getting mapped to odd IPP values
like "tray---4"
* Fixed remote access to the cupsd.conf and log files
* Fixed the automated test suite when running in certain
build/CI environments
* Fixed a logging regression caused by a previous change
for Apple issue #5604
* Fixed fax phone number handling with GNOME
* Fixed potential rounding error in rastertopwg filter
* Fixed the "uri-security-supported" value from the scheduler
* Fixed IPP backend crash bug with "printer-alert" values
* Removed old Solaris inetconv(1m) reference in cups-lpd man page
* Fixed default options that incorrectly use the "custom" prefix
* Fixed a memory leak when resolving DNS-SD URIs
* Fixed systemd status reporting by adopting the notify interface
* Fixed crash in rastertopwg
* Fixed cupsManualCopies values in IPP Everywhere PPDs
- Removed let-cupsd-start-after-network.patch
as it is no longer required
- Removed CVE-2020-10001.patch as a fix as been merged upstream
- Removed section of specfile responsible for
renaming "org.cups.cups*" systemd files to cups*, due to
upstream renaming these files
- Remove code comments from expanded scriptlets to reduce size
cf. https://build.opensuse.org/request/show/879976
- CVE-2020-10001.patch fixes CVE-2020-10001 (bsc#1180520)
access to uninitialized buffer in ipp.c
- Version upgrade to 2.3.3:
* CVE-2020-3898: The 'ppdOpen' function did not handle invalid UI
constraint. 'ppdcSource::get_resolution' function did not
handle invalid resolution strings.
* CVE-2019-8842: The 'ippReadIO' function may under-read an
extension field.
* Fixed WARNING_OPTIONS support for GCC 9.x
Changes in CUPS 2.3.2:
Localization updates
Changes in CUPS 2.3.1:
* CVE-2019-2228: The 'ippSetValuetag' function did not validate
the default language value.
* Fixed a crash bug in the web interface.
* The PPD cache code now looks up page sizes using their
dimensions.
* PPD files containing "custom" option keywords did not work.
* Added a workaround for the scheduler's systemd support.
* Added a DigestOptions directive for the 'client.conf' file to
control whether MD5-based Digest authentication is allowed.
* Fixed a bug in the handling of printer resource files.
* The libusb-based USB backend now reports an error when the
distribution permissions are wrong.
* Added paint can labels to Dymo driver.
* The 'ippeveprinter' program now supports authentication.
* The 'ippeveprinter' program now advertises DNS-SD services on
the correct interfaces, and provides a way to turn them off.
* The '--with-dbusdir' option was ignored by the configure
script.
* Sandboxed applications were not able to get the default
printer.
* Log file access controls were not preserved by 'cupsctl'.
* Default printers set with 'lpoptions' did not work in all
cases.
* Fixed an error in the jobs web interface template.
* Fixed an off-by-one error in 'ippEnumString'.
* Fixed some new compiler warnings.
* Fixed a few issues with the Apple Raster support.
* The IPP backend did not detect all cases where a job should be
retried using a raster format.
* Fixed spelling of "fold-accordion".
* Fixed the default common name for TLS certificates used by
'ippeveprinter'.
* Fixed the option names used for IPP Everywhere finishing
options.
* Added support for the second roll of the DYMO Twin/DUO label
printers.
Changes in CUPS v2.3.0:
* CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows.
* Added a GPL2/LGPL2 exception to the new CUPS license terms.
* Fixed a bug in the scheduler job cleanup code.
* Fixed builds when there is no TLS library.
* "make" failed with GZIP options.
* Fixed potential excess logging from the scheduler when removing
job files.
* Fixed a NULL pointer dereference bug in 'httpGetSubField2'.
* Added FIPS-140 workarounds for GNU TLS.
* The scheduler no longer provides a default value for the
description.
* The scheduler now logs jobs held for authentication using the
error level so it is clear what happened.
* The 'lpadmin' command did not always update the PPD file for
changes to the 'cupsIPPSupplies' and 'cupsSNMPSupplies' keywords.
* The scheduler now uses both the group's membership list as well
as the various OS-specific membership functions to determine
whether a user belongs to a named group.
* Added USB quirks rule for HP LaserJet 1015.
* Fixed some PPD parser issues.
* The IPP parser no longer allows invalid member attributes in
collections.
* The configure script now treats the "wheel" group as a
potential system group.
* Fixed IPP buffer overflow.
* Fixed memory disclosure issue in the scheduler.
* Fixed DoS issues in the scheduler.
* Fixed an issue with unsupported "sides" values in the IPP
backend.
* The scheduler would restart continuously when idle and printers
were not shared.
* Fixed an issue with 'EXPECT !name WITH-VALUE ...' tests.
* Fixed a command ordering issue in the Zebra ZPL driver.
* Fixed a memory leak in 'ppdOpen'.
Changes in CUPS v2.3rc1:
* The 'cups-config' script no longer adds extra libraries when linking against
shared libraries.
* The supplied example print documents have been optimized for
size.
* The 'cupsctl' command now prevents setting "cups-files.conf"
directives.
* The "forbidden" message in the web interface is now explained.
* The footer in the web interface covered some content on small
displays.
* The libusb-based USB backend now enforces read limits,
improving print speed in many cases.
* The 'ippeveprinter' command now looks for print commands in
the "command" subdirectory.
* The 'ipptool' command now supports '$date-current' and
'$date-start' variables to insert the current and starting date
and time values, as well as ISO-8601 relative time values such
as "PT30S" for 30 seconds in the future.
Changes in CUPS v2.3b8
* Media size matching now uses a tolerance of 0.5mm.
* The lpadmin command would hang with a bad PPD file.
* Fixed a potential crash bug in cups-driverd.
* Fixed a performance regression with large PPDs.
* Fixed a memory reallocation bug in HTTP header value expansion.
* Timed out job submission now yields an error.
* Restored minimal support for the 'Emulators' keyword in PPD
files to allow old Samsung printer drivers to continue to work.
* The scheduler did not encode octetString values like
"job-password" correctly for the print filters.
* The 'cupsCheckDestSupported' function did not check octetString
values correctly.
* Added support for 'UserAgentTokens' directive in "client.conf".
* Updated the systemd service file for cupsd.
* The 'ippValidateAttribute' function did not catch all instances
of invalid UTF-8 strings.
* Fixed an issue with the self-signed certificates generated by
GNU TLS.
* Fixed a potential memory leak when reading at the end of a
file.
* Fixed potential unaligned accesses in the string pool.
* Fixed a potential memory leak when loading a PPD file.
* Added a USB quirks rule for the Lexmark E120n.
* Updated the USB quirks rule for Zebra label printers.
* The lpadmin command, web interface, and scheduler all queried
an IPP Everywhere printer differently, resulting in different
PPDs for the same printer.
* The web interface no longer provides access to the log files.
* Non-Kerberized printing to Windows via IPP was broken.
* The scheduler no longer stops a printer if an error occurs when
a job is canceled or aborted.
* Added a USB quirks rule for the DYMO 450 Turbo.
* Added a USB quirks rule for Xerox printers.
* The scheduler's self-signed certificate did not include all of
the alternate names for the server when using GNU TLS.
* Fixed some PPD caching and IPP Everywhere PPD
accounting/password bugs.
* Fixed 'PreserveJobHistory' bug with time values.
* The scheduler no longer advertises the HTTP methods it
supports.
* The scheduler did not always idle exit as quickly as it could.
* Added a new 'ippeveprinter' command based on the old ippserver
sample code.
Changes in CUPS v2.3b7
* Running ppdmerge with the same input and output filenames did
not work as advertised.
* Rebase let-cupsd-start-after-network.patch and
cups-config-libs.patch.
* Drop issue5509-fix-utf-8-validation-issue.patch and
issue5453.patch: fixed upstream.
- make cups-devel pull in cups-rpm-helper to fix printer driver
provides (boo#1172407)
- Fixes for %_libexecdir changing to /usr/libexec
- Add issue5509-fix-utf-8-validation-issue.patch (bsc#1118118)
Fixes https://github.com/apple/cups/issues/5509
- Remove libcupscgi1, libcupsmime1, libcupsppdc1 from
baselibs.conf
- Version upgrade to 2.3b6:
This is the sixth beta of the CUPS 2.3 series which adopts the
new CUPS license, adds support for IPP presets and finishing
templates, and fixes a number of bugs and "polish" issues.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Backward incompatible changes:
* The cupsaddsmb program has been removed (Issue #5449)
* The cupstestdsc program has been removed (Issue #5450)
* The cupscgi, cupsmime, and cupsppdc support libraries
are no longer installed as shared libraries.
Changes include:
* CVE-2018-4700: Linux session cookies used a predictable
random number seed.
* The lpoptions command now works with IPP Everywhere printers
that have not yet been added as local queues (Issue #5045)
* The lpadmin command would create a non-working printer
in some error cases (Issue #5305)
* The scheduler would crash if an empty AccessLog directive
was specified (Issue #5309)
* The scheduler did not idle-exit on some
Linux distributions (Issue #5319)
* Fixed a regression in the changes to ippValidateAttribute
(Issue #5322, Issue #5330)
* Fixed a crash bug in the Epson dot matrix driver (Issue #5323)
* Automatic debug logging of job errors did not work
with systemd (Issue #5337)
* The web interface did not list the
IPP Everywhere "driver" (Issue #5338)
* The scheduler did not report all of the supported job options
and values (Issue #5340)
* The IPP Everywhere "driver" now properly supports
face-up printers (Issue #5345)
* Fixed some typos in the label printer drivers (Issue #5350)
* Setting the Community name to the empty string in snmp.conf
now disables SNMP supply level monitoring by all the
standard network backends (Issue #5354)
* Multi-file jobs could get stuck if the backend failed
(Issue #5359, Issue #5413)
* The IPP Everywhere "driver" no longer does local filtering
when printing to a shared CUPS printer (Issue #5361)
* The lpadmin command now correctly reports IPP errors
when configuring an IPP Everywhere printer (Issue #5370)
* Fixed some memory leaks discovered by Coverity (Issue #5375)
* The PPD compiler incorrectly terminated JCL options
(Issue #5379)
* The cupstestppd utility did not generate errors for
missing/mismatched CloseUI/JCLCloseUI keywords (Issue #5381)
* The scheduler now reports the actual location
of the log file (Issue #5398)
* The generated PPD files for IPP Everywhere printers
did not contain the cupsManualCopies keyword (Issue #5433)
* Kerberos credentials might be truncated (Issue #5435)
* The handling of MaxJobTime 0 did not match the documentation
(Issue #5438)
* Fixed a bug adding a queue with the -E option (Issue #5440)
* The scheduler did not validate that required initial request
attributes were in the operation group (rdar://41098178)
* Fixed an issue with HTTP Digest authentication
(rdar://41709086)
* The scheduler could crash when job history was purged
(rdar://42198057)
* Fixed a crash bug when mapping PPD duplex options
to IPP attributes (rdar://46183976)
* Fixed a memory leak for some IPP (extension) syntaxes.
* The snmp backend is now deprecated.
- issue5453.patch fixes https://github.com/apple/cups/issues/5453
- Version upgrade to 2.3b5:
This is the fifth beta of the CUPS 2.3 series which adopts the
new CUPS license, adds support for IPP presets and finishing
templates, and fixes a number of bugs and "polish" issues.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Changes include:
* The ipptool program no longer checks for duplicate attributes
when running in list or CSV mode (Issue #5278)
* The cupsCreateJob, cupsPrintFile2, and cupsPrintFiles2 APIs
did not use the supplied HTTP connection (Issue #5288)
* Fixed another crash in the scheduler when adding an IPP
Everywhere printer (Issue #5290)
* Added a workaround for certain web browsers that
do not support multiple authentication schemes
in a single response header (Issue #5289)
* Fixed policy limits containing the All operation (Issue #5296)
* The scheduler was always restarted after idle-exit
with systemd (Issue #5297)
* The mailto notifier did not wait for the
welcome message (Issue #5312)
* Fixed a parsing bug in the pstops filter (Issue #5321)
* The scheduler allowed environment variables to be specified
in the cupsd.conf file (rdar://37836779, rdar://37836995,
rdar://37837252, rdar://37837581)
* Fax queues did not support pause (p) or
wait-for-dialtone (w) characters (rdar://39212256)
* The scheduler did not validate notify-recipient-uri values
properly (rdar://40068936)
* The IPP parser allowed invalid group tags (rdar://40442124)
* Fixed a parsing bug in the new authentication code.
- issue5296_fix_policy_limits_using_All.patch is obsolete
because it is fixed upstream (see "Issue #5296" above)
- Add patch let-cupsd-start-after-network.patch
Let cuspd start after possible network connection (boo#1111351)
This let cupsd also stop before a used network connection goes
down, hence the cusp does not lock due waiting on remote printers.
- Fix warning message upon update (boo#1050845): Remove template
service cups-lpd@ from service_* macro in scriptlets.
- issue5296_fix_policy_limits_using_All.patch fixes
https://github.com/apple/cups/issues/5296
by only the actually relevant part of
https://github.com/apple/cups/commit/0873f681e43c04972b3d6bc90bdbdedb29e6e9…
(follow-up of boo#936309 and bsc#577936 starting at comment 13)
- Version upgrade to 2.3b4:
This is the fourth beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
or the CHANGES.md file.
Changes include:
* Additional security fixes for:
bsc#1061066 DBUS library aborts caller process
in _dbus_check_is_valid_utf8 (in particular that aborts cupsd)
and
bsc#1087018 CVE-2017-18248: cups: The add_job function in
scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is
enabled, can be crashed by remote attackers by sending print
jobs with an invalid username, related to a D-Bus notification
which are the CUPS upstream issues
https://github.com/apple/cups/issues/5143
Remote DoS attack against cupsd via invalid username
and malicious D-Bus library
and
https://github.com/apple/cups/issues/5186
squash non-UTF-8 strings into ASCII on plain IPP level
and
https://github.com/apple/cups/issues/5229
persistently substitute invalid job attributes
with default values - not only in add_job
see also
bsc#1087072 dbus-1:
Disable assertions to prevent un-expected DDoS attacks
* NOTICE: Raw print queues are now deprecated (Issue #5269)
so that now there is a warning message when you
add or modify a queue to use the "raw driver" but
raw printing will continue to work through CUPS 2.3.x, cf.
https://lists.cups.org/pipermail/cups/2018-March/074060.html
* Kerberized printing to another CUPS server did not work
correctly (Issue #5233)
* The scheduler now supports using temporary print queues
for older IPP/1.1 print queues like those shared by CUPS 1.3
and earlier (Issue #5241)
* Systemd did not restart cupsd when configuration changes
were made that required a restart (Issue #5263)
* Fixed an Avahi crash bug in the scheduler (Issue #5268)
* TLS connections now properly timeout (rdar://34938533)
* Removed support for the '-D_PPD_DEPRECATED=""' developer
cheat - the PPD API should no longer be used.
* Removed support for '-D_IPP_PRIVATE_STRUCTURES=1' developer
cheat - the IPP accessor functions should be used instead.
* The symlink rastertodymo -> rastertolabel
in /usr/lib/cups/filter is no longer provided.
- Removed fix_filter_Makefile.patch
because since CUPS 2.3b4 it is fixed in the upstream code via
https://github.com/apple/cups/issues/5247 more precisely via
https://github.com/apple/cups/commit/ab89234de2d9bf36bb59f2aa4873d98e95ca4d…
- Version upgrade to 2.3b3:
This is the third beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
Changes include:
* More fixes for printing to old CUPS servers (Issue #5211)
* Additional changes for the scheduler to substitute
default values for invalid job attributes
when running in "relaxed conformance" mode
(Issue #5229 - a follow-up of issues #5186 and #5143)
A detailed list of changes can be found in the CHANGES.md file.
- fix_filter_Makefile.patch fixes
https://github.com/apple/cups/issues/5247
- Version upgrade to 2.3b2:
This is the second beta of the CUPS 2.3 series.
For details see https://github.com/apple/cups/releases
Changes include:
* Printing to old CUPS servers has been fixed (Issue #5211)
A detailed list of changes can be found in the CHANGES.md file.
- Version upgrade to 2.3b1:
This is the first beta of the CUPS 2.3 series which
adopts the new CUPS license (Apache License, Version 2.0),
adds support for IPP presets and finishing templates,
and fixes a number of bugs and "polish" issues.
For details see https://github.com/apple/cups/releases
Changes include:
* CUPS is now provided under the Apache License, Version 2.0
* The CUPS library now supports the latest HTTP Digest
authentication specification including support for SHA-256
(Issue #4862)
* Dropped RSS subscription management from the
web interface (Issue #5012)
* The lpadmin command now provides a better error message when
an unsupported System V interface script is used (Issue #5111)
* The SSLOptions directive now supports MinTLS and MaxTLS
options to control the minimum and maximum TLS versions
that will be allowed, respectively (Issue #5119)
* Dropped hard-coded CGI scripting language support (Issue #5124)
* The scheduler now substitutes default values for invalid
job attributes when running in "relaxed conformance"
mode (Issue #5186 - a follow-up of issue #5143)
A detailed list of changes can be found in the CHANGES.md file.
- Make sure cups-libs-<targettype> is removed.
- Version upgrade to 2.2.6:
CUPS 2.2.6 is a general bug fix release.
For details see https://github.com/apple/cups/releases
Changes include:
* DBUS notifications could crash the scheduler (Issue #5143)
(see also bsc#1061066 "DBUS library aborts caller process")
A detailed list of changes can be found in the CHANGES.md file.
- Use again the baselibs.conf from Fri Oct 13 11:11:10 UTC 2017
that got broken by the change on Wed Oct 18 06:11:10 UTC 2017.
- Version upgrade to 2.2.5:
CUPS 2.2.5 is a general bug fix release.
For details see https://github.com/apple/cups/releases
- Version upgrade to 2.2.4:
CUPS 2.2.4 is a general bug fix release.
For details see https://github.com/apple/cups/releases
- Removed
0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch
0002-Save-work-on-Avahi-code.patch
0003-Avahi-fixes-for-cupsEnumDests.patch
because since CUPS 2.2.4 it is fixed in the upstream code
via https://github.com/apple/cups/pull/4989 more precisely via
https://github.com/apple/cups/commit/a2187a63425a3d6c05de1e1cbf8c26fd39a1ac…
https://github.com/apple/cups/commit/657c5b5f91e6d5120c4ad7b118cf9098dd27f0…
https://github.com/apple/cups/commit/3fae3b337df0be1a766857be741173d8a9915d…
- Fix typo in requires
- Implement shared library packaging guideline [boo#862112]
- Update package descriptions.
- Remove redundant Requires(pre) line ? the use of %post -p
already implies it.
- Pre-require user(lp) in cups-libs
- In /usr/lib/tmpfiles.d/cups.conf use
group 'root' for /run/cups/certs (boo#1042916).
- Major backward incompatible change since CUPS 2.2.0:
There is no longer the directory /etc/cups/interfaces because
since CUPS 2.2.0 so called "System V style Interface Scripts"
are no longer supported for security reasons (see below the
entry about the changes included in CUPS 2.2.0).
- Disabled cups-2.1.0-cups-systemd-socket.patch
because it does no longer apply which needs to be examined
and decided by someone who knows about systemd internals.
- Disabled
0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch
0002-Save-work-on-Avahi-code.patch
0003-Avahi-fixes-for-cupsEnumDests.patch
because they do no longer apply which needs to be examined
and decided by someone who knows about Avahi internals.
- Version upgrade to 2.2.3:
CUPS 2.2.3 is a general bug fix release.
See https://github.com/apple/cups/releases
Changes include:
* The IPP backend could get into an infinite loop for certain
errors, causing a hung queue (rdar://problem/28008717)
* The scheduler could pause responding to client requests in
order to save state changes to disk (rdar://problem/28690656)
* Added support for PPD finishing keywords
(Issue #4960, Issue #4961, Issue #4962)
* The IPP backend did not send a media-col attribute for just
the source or type (Issue #4963)
* IPP Everywhere print queues did not always support all print
qualities supported by the printer (Issue #4953)
* IPP Everywhere print queues did not always support all media
types supported by the printer (Issue #4953)
* The IPP Everywhere PPD generator did not return useful error
messages (Issue #4954)
* The IPP Everywhere finishings support did not work correctly
with common UI or command-line options (Issue #4976)
* Fixed an error handling issue for the network backends
(Issue #4979)
* The "reprint job" option was not available for some canceled
jobs (Issue #4915)
* Updated the job listing in the web interface (Issue #4978)
A detailed list of changes can be found in the CHANGES.txt file.
- Version upgrade to 2.2.2:
CUPS 2.2.2 is a general bug fix release.
See https://github.com/apple/cups/releases
Changes include:
* Fixed some issues with IPP Everywhere printer support
(Issue #4893, Issue #4909, Issue #4916, Issue #4921,
Issue #4923, Issue #4932, Issue #4933, Issue #4938)
* The rastertopwg filter could crash with certain input
(Issue #4942)
* The scheduler did not detect when an encrypted connection
was closed by the client on Linux (Issue #4901)
* The cups-lpd program did not catch all legacy usage
of ISO-8859-1 (Issue #4899)
* The scheduler no longer creates log files on startup
(<rdar://problem/28332470>)
* The ippContainsString function now uses case-insensitive
comparisons for mimeMediaType, name, and text values in
conformance with RFC 2911.
* The network backends now log the addresses that were found
for a printer (<rdar://problem/29268474>)
* Let's Encrypt certificates did not work when the hostname
contained uppercase letters (Issue #4919)
* Fixed reporting of printed pages in the web interface
(Issue #4924)
* Updated systemd config files (Issue #4935)
A detailed list of changes can be found in the CHANGES.txt file.
- Version upgrade to 2.2.1:
CUPS 2.2.1 is a general bug fix release.
See https://github.com/apple/cups/releases
Changes include:
* Added "CreateSelfSignedCerts" directive for cups-files.conf
to control whether the scheduler automatically creates
its own self-signed X.509 certificates for TLS connections
(Issue #4876)
* http*Connect did not handle partial failures (Issue #4870)
* cupsHashData did not use the correct hashing algorithm
(<rdar://problem/28209220>)
* Updated man pages (PR #4885)
A detailed list of changes can be found in the CHANGES.txt file.
- Version upgrade to 2.2.0:
CUPS 2.2.0 adds support for local IPP Everywhere print queues
and includes several performance and security improvements.
See https://github.com/apple/cups/releases
Changes include:
* Normalized the TLS certificate validation code and added
additional error messages to aid troubleshooting.
* http*Connect did not work on Linux when cupsd was not running
(Issue #4870)
* The --no-remote-any option of cupsctl had no effect
(Issue #4866)
* http*Connect did not return early when all addresses failed
(Issue #4870)
* The IPP backend did not validate TLS credentials properly.
* The printer-state-message attribute was not cleared after a
print job with no errors (Issue #4851)
* The CUPS-Add-Modify-Class and CUPS-Add-Modify-Printer
operations did not always return an error for failed
adds (Issue #4854)
* PPD files with names longer than 127 bytes did not work
(Issue #4860)
* CUPS now supports Let's Encrypt certificates on Linux.
* All CUPS commands now support POSIX options (Issue #4813)
* The scheduler now restarts faster (Issue #4760)
* Improved performance of web interface with large numbers
of jobs (Issue #3819)
* Encrypted printing can now be limited to only trusted
printers and servers (<rdar://problem/25711658>)
* The scheduler now advertises PWG Raster attributes for
IPP Everywhere clients (Issue #4428)
* The scheduler now logs informational messages for jobs
at LogLevel "info" (Issue #4815)
* The scheduler now uses the getgrouplist function
when available (Issue #4611)
* The IPP backend no longer enables compression by default
except for certain raster formats that generally benefit
from it (<rdar://problem/25166952>)
* The scheduler did not handle out-of-disk situations
gracefully (Issue #4742)
* The LPD mini-daemon now detects invalid UTF-8 sequences
in job, document, and user names (Issue #4748)
* The IPP backend now continues on to the next job
when the remote server/printer puts the job on hold
(<rdar://problem/24858548>)
* The scheduler did not cancel multi-document jobs immediately
(<rdar://problem/24854834>)
* The scheduler did not return non-shared printers to local
clients unless they connected to the domain socket
(<rdar://problem/24566996>)
* The scheduler now reads the spool directory if one or more
job cache entries point to deleted jobs
(<rdar://problem/24048846>)
* Added support for disc media sizes (<rdar://problem/20219536>)
* The httpAddrConnect and httpConnect* APIs now try connecting
to multiple addresses in parallel (<rdar://problem/20643153>)
* Interface scripts are no longer supported for security reasons
(<rdar://problem/23135640>)
A detailed list of changes can be found in the CHANGES.txt file.
- Version upgrade to 2.1.4:
CUPS 2.1.4 is a general bug fix release.
See https://github.com/apple/cups/releases
Changes include:
* Fixed reporting of 1284 Device IDs (Issue #3835, PR #3836)
* Fixed printing of multiple files to raw queues (Issue #4782)
* The scheduler did not implement the Hold-New-Jobs opertion
correctly (Issue #4767)
* The cups-lpd mini-daemon incorrectly included the document-name
attribute when creating a job. It should only be included when
sending a job (Issue #4790)
A detailed list of changes can be found in the CHANGES.txt file.
- Replace krb5-devel BuildRequires with pkgconfig(krb5) on
suse_version >= 1315: give OBS a better chance to break up build
cycles.
- Drop cups-1.7.5-cupsEnumDests-react-to-all-for-now.diff and add
0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch,
0002-Save-work-on-Avahi-code.patch and
0003-Avahi-fixes-for-cupsEnumDests.patch which is what upstream
finally commited to cups 2.2 sources in response to
https://github.com/apple/cups/pull/4989 in order to fix cupsEnumDests
to react to the ALL_FOR_NOW avahi event (and also include a similar
fix for the dnssd case). Related to bsc#955432.
- Add cups-2.1.3-cupsEnumDests-react-to-all-for-now.diff .
Avahi sends an ALL_FOR_NOW event when it finishes sending
its cache contents. This patch makes cupsEnumDests finish
when the signal is received so it doesn't block the caller
doing nothing until the timeout finishes (related to bsc#955432,
submitted upstream at https://github.com/apple/cups/pull/4989)
- Add /etc/cups to cups-libs package [bsc#1025689]
- Replace pkgconfig(libsystemd-daemon) BuildRequires with
pkgconfig(libsystemd) on openSUSE 13.2 and newer: the various
sub-libraries have been merged into libsystemd since version 209.
openSUSE 13.1 was the last product to ship systemd 208.
- Remove CUPS.desktop and pixmap
* Obsoletes patch cups-1.3.9-desktop_file.patch
- Version upgrade to 2.1.3:
CUPS 2.1.3 fixes some issues in the scheduler, sample drivers,
and user commands.
A detailed list of changes can be found in the CHANGES.txt file.
Changes include (excerpt):
* The scheduler should not exit under memory pressure
(<rdar://problem/23255001>)
* Fixed some issues in ipptool for skipped tests
(<rdar://problem/24137160>)
* The "lp -H resume" command did not reset the
"job-state-reasons" attribute value (STR #4752)
* The scheduler did not allow access to resource files
(icons, etc.) when the web interface was disabled (STR #4755)
- Version upgrade to 2.1.2:
CUPS 2.1.2 fixes an issue in the 2.1.1 source archives which
actually contained a current 2.2 snapshot.
There are no other changes.
- Version upgrade to 2.1.1:
CUPS 2.1.1 fixes a number of USB and IPP printing issues,
addresses some error reporting and hardening issues in
the scheduler, and updates some localizations.
A detailed list of changes can be found in the CHANGES.txt file.
Changes include (excerpt):
* Security hardening fixes (<rdar://problem/23131948>,
<rdar://problem/23132108>, <rdar://problem/23132353>,
<rdar://problem/23132803>, <rdar://problem/23133230>,
<rdar://problem/23133393>, <rdar://problem/23133466>,
<rdar://problem/23133833>, <rdar://problem/23133998>,
<rdar://problem/23134228>, <rdar://problem/23134299>,
<rdar://problem/23134356>, <rdar://problem/23134415>,
<rdar://problem/23134506>, <rdar://problem/23135066>,
<rdar://problem/23135122>, <rdar://problem/23135207>,
<rdar://problem/23144290>, <rdar://problem/23144358>,
<rdar://problem/23144461>)
* The cupsGetPPD* functions did not work with IPP printers
(STR #4725)
* Some older HP LaserJet printers need a delayed close when
printing using the libusb-based USB backend (STR #4549)
* The libusb-based USB backend did not unload the kernel usblp
module if it was preventing the backend from accessing the
printer (STR #4707)
* Current Primera printers were incorrectly reported as Fargo
printers (STR #4708)
* The IPP backend did not always handle jobs getting canceled
at the printer (<rdar://problem/22716820>)
* Added USB quirk for Canon MP530 (STR #4730)
* The scheduler did not deliver job notifications for jobs
submitted to classes (STR #4733)
* Changing the printer-is-shared value for a remote queue
did not produce an error (STR #4738)
* The IPP backend incorrectly included the job-password
attribute in Validate-Job requests (<rdar://problem/23531939>)
- add -devel to build a 32bit wine on 64bit only Leap systems.
- Version upgrade to 2.1.0:
CUPS 2.1.0 offers improved support for IPP Everywhere,
adds support for advanced logging using journald on Linux, and
includes new security features for encrypted printing and
reduced network visibility in the default configuration.
A detailed list of changes can be found in the CHANGES.txt file.
Changes include (excerpt):
* Added support for 3D printers (basic types only,
no built-in filters) based on PWG white paper.
* The IPP backend now stops sending print data
if the printer indicates the job has been aborted
or canceled (<rdar://problem/17837631>)
* The IPP backend now sends the job-pages-per-set
attribute when printing multiple copy jobs with
finishings (<rdar://problem/16792757>)
* The IPP backend now updates the cupsMandatory values when the
printer configuration changes (<rdar://problem/18126570>)
* No longer install banner files since third-party banner
filters now supply their own (STR #4518)
* The scheduler no longer listens on the loopback
interface unless the web interface or printer sharing
are enabled (<rdar://problem/9136448>)
* Added a PPD generator for IPP Everywhere printers (STR #4258)
* Now install "default" versions of more configuration
files (<rdar://problem/19024491>) in particular
cups-files.conf.default and snmp.conf.default
* Added SSLOptions values to allow Diffie-Hellman key exchange
and disable TLS/1.0 support.
* Updated the scheduler to support more IPP Everywhere
attributes (STR #4630)
* The scheduler now supports advanced ASL and journald logging
when "syslog" output is configured (STR #4474)
* The scheduler now supports logging to stderr when running
in the foreground (STR #4505)
- Adapted patches so that they apply to CUPS 2.1.0 sources:
* cups-2.1.0-choose-uri-template.patch replaces
cups-1.2rc1-template.patch
* cups-2.1.0-default-webcontent-path.patch replaces
cups-1.4.3-default-webcontent-path.patch
* cups-2.1.0-cups-systemd-socket.patch replaces
cups-systemd-socket.patch
- Fix bnc#943950, escape the macro call %systemd-tmpfiles
in comment.
- Add gpg verification for the tarball
- Version update to 2.0.4:
* Fixed a bug in cupsRasterWritePixels (STR #4650)
* Fixed redirection in the web interface (STR #4538)
* The IPP backend did not respond to side-channel
requests (STR #4645)
* The scheduler did not start all pending jobs
at once (STR #4646)
* The web search incorrectly searched time-at-xxx
values (STR #4652)
* Fixed an RPM spec file issue (STR #4657)
* The scheduler incorrectly started jobs while canceling
multiple jobs (STR #4648)
* Fixed processing of server overrides without
port numbers (STR #4675)
* Documentation changes (STR #4651, STR #4674)
- cups-2.0.3-additional_policies.patch replaces
cups-1.7-additional_policies.patch that still adds the same
"allowallforanybody" policy but now with separated "Limit All"
to avoid https://www.cups.org/str.php?L4659 (boo#936309).
- Added "-p /bin/bash" to RPM shell commands scriptlets that
enforces bash to be safe against any possible "bashisms", cf
https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets
- Fix the previous commit by using direct systemd call and
ensuring we work even on older distros
- Fix postin-without-tmpfile-creation and run %tmpfiles_create
macro on our cups.conf
- Version upgrade to 2.0.3:
The new release addresses two security vulnerabilities,
add localizations for German and Russian, and includes several
general bug fixes. Changes include (excerpt):
* Security: Fixed CERT VU #810572 CVE-2015-1158 CVE-2015-1159
exploiting the dynamic linker (STR #4609) (bsc#924208)
* Security: The scheduler could hang with malformed gzip data
(STR #4602)
* Restored missing generic printer icon file (STR #4587)
* Fixed logging of configuration errors to show up as errors
(STR #4582)
* Fixed potential buffer overflows in raster code and filters
(STR #4598, STR #4599, STR #4600, STR #4601)
* Fixed <Limit> inside <Location> (STR #4575)
* Fixed lpadmin when both -m and -o are used (STR #4578)
* The web interface always showed support for 2-sided printing
(STR #4595)
* cupsRasterReadHeader did not fully validate the raster header
(STR #4596)
* The rastertopwg filter did not check for truncated input
(STR #4597)
* The cups-lpd mini-daemon did not check for request parameters
(STR #4603)
* The scheduler could get caught in a busy loop (STR #4605)
* The sample Epson driver could crash (STR #4616)
* The IPP backend now correctly monitors jobs
(<rdar://problem/20495955>)
* The ppdhtml and ppdpo utilities crashed when the -D option
was used before a driver information file (STR #4627)
* ippfind incorrectly substituted "=port" for service_port.
* The IPP/1.1 test file did not handle the initial print job
completing early (STR #4576)
* Fixed a memory leak in cupsConnectDest (STR #4634)
* PWG Raster Format output contained invalid ImageBox values
(<rdar://problem/21144309>)
* Added Russian translation (STR #4577)
* Added German translation (STR #4635)
- cups-busy-loop.patch fixed STR #4605 is obsolete because
it is fixed upstream (see above).
- cleaned up this whole RPM changlog (wrapped too long lines if
possible and removed trailing whitespaces).
- Add patch cups-busy-loop.patch to fix rh#1179596 , cups#4605
- Add back the posttrans cleanup script as it is needed
- Add patch cups-systemd-socket.patch to fix socket activation
and to match socket approach Fedora has.
- Version bump to 2.0.2:
* Security: cupsRasterReadPixels buffer overflow with invalid
page header and compressed raster data (STR #4551)
* Mapping of PPD keywords to IPP keywords did not work if the PPD
keyword was already an IPP keyword (<rdar://problem/19121005>)
* cupsGetPPD* sent bad requests (STR #4567)
* For detailed list see CHANGES.txt file
- Enable PIE for build
- Remove legacy paralel-port support as it is not really needed
as most do not want it
- Update descriptions to just state what changed and let user
find it out.
- Add back comment about %fdupes
- Remove exit 0 on scriptlets as it is provided by
the %service bla ones already
- Fix the comment about openSUSE version on tmpfilesdir declaration
- cups-2.0.1 update:
* lengthy list of changes see the upstream CHANGES.txt that is
distributed with the package
* Disabling of sslv3 to mitigate poodle
- Use gnutls to provide SSLOPtions configuration directive
* openssl is no longer supported upstream
* Remove the with-openssl-exception from license
- Remove cups.sysconfig as it is not used with systemd based distros
- Purposely lose support for SLE11 as it doubles size of some of the
sections and keep suppor for openSUSE+SLE12
* even with the conditions we would have to go unencrypted only
as needs newer gnutls, so don't bother with keeping the compat
- Use upstream service and socket files to allow more working tools
- Removed patches:
* cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch
* cups-0002-systemd-listen-only-on-localhost-for-socket-activation.patch
* cups-0003-systemd-secure-cups.service-unit-file.patch
* cups-1.3.6-access_conf.patch
* cups-1.5-additional_policies.patch
* cups-1.5.4-CVE-2012-5519.patch
* cups-1.5.4-strftime.patch
* cups-move-everything-to-run.patch
* cups-polld_avoid_busy_loop.patch
* cups-provides-cupsd-service.patch
* str4190.patch
* str4351.patch
* str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch
- Refreshed patches:
* cups-1.3.9-desktop_file.patch
* cups-config-libs.patch
- Added patches:
* cups-1.7-additional_policies.patch
* cups-systemd-socket.patch
- change BuildRequires for systemd to pkgconfig(systemd)
and pkgconfig(libsystemd-daemon) to avoid build-cycles
- Version upgrade to 1.7.5:
CUPS 1.7.5 addresses some minor issues and expands upon the
symlink security protection. Changes include (excerpt):
* Security: Addressed some more situations where symlinked
files would be served by the web interface (CVE-2014-5029
CVE-2014-5030 CVE-2014-5031 STR #4455 and bnc#887240).
* The LPD backend did not work with some versions
of glibc (STR #4452)
* CGI scripts did not work (STR #4454)
- str4455-1.7.patch (see the previous entry below)
is obsolete because it is fixed upstream since CUPS 1.7.5.
- Let fdupes only create symlinks in /usr/share/cups/templates/ to
avoid a symlink /usr/share/cups/webcontent/images/cups-icon.png
because since CUPS 1.7.4/1.7.5 the cupsd web server does
no longer follow symlinks to avoid the security issues
mentioned in the previous two entries below
(fixes bnc#892587 a regression of bnc#887240).
- str4455-1.7.patch complements the incomplete fix for
CVE-2014-3537 STR#445 in the CUPS 1.7.4 sources
to fix the subsequent CVE-2014-5029 CVE-2014-5030
CVE-2014-5031 STR#4455 (bnc#887240).
- Version upgrade to 1.7.4:
CUPS 1.7.4 fixes several networking and build issues,
and addresses a symlink security issue CVE-2014-3537.
Changes since 1.7.3 include (excerpt):
* Security: The web interface incorrectly served symlinked files
and files that were not world-readable, potentially leading to
a disclosure of information (CVE-2014-3537, STR #4450,
and bnc#887240).
* The "snmp" option did not work with the network backends
(STR #4422).
* The User directive in client.conf did not override the USER
environment variable (STR #4426).
* The web interface now properly shows a "Go" button for
all text-based browsers (STR #4425).
* The MaxJobTime directive now properly supports time
values (STR #4434).
* Fixed an "IPP read error" race condition issue (STR #4440).
- Version upgrade to 1.7.3:
CUPS 1.7.3 includes a number of general bug fixes.
Changes since 1.7.2 include (excerpt):
* Fixed mapping of OutputBin values such as "Tray1".
* Several ippGet* functions incorrectly returned -1
instead of 0 on error.
* Fixed an authentication race condition in
cupsSendRequest (STR #4403).
* The scheduler did not add the "job-hold-until-specified"
reason when holding a job using the lp command (STR #4405).
* Auto-typing of PWG Raster files did not work (STR #4417).
* IPP queues using hardcoded credentials would ask
for credentials (STR #4371).
- Version upgrade to 1.7.2:
CUPS 1.7.2 addresses a web interface redirection security issue,
some scheduler crashed on Linux, and other general bug fixes.
Changes since 1.7.1 include (excerpt):
* CVE-2014-2856: The scheduler now blocks URLs containing
embedded HTML (STR #4356 and bnc#873899).
* cupsDoIORequest could miss the server status, causing failed
lpadmin and other administrative commands (STR #4386).
* Fixed a D-BUS threading issue that caused the scheduler
to crash (STR #4347).
* The scheduler now automatically reconnects to Avahi
as needed (STR #4370, STR #4373).
- str4351.patch that fixed STR #4351: cups-lpd hugh jobs (>2G) fail
is obsolete because it is fixed upstream since CUPS 1.7.2.
- Removed the CUPS banner files in /usr/share/cups/banners/ and
the CUPS testpage /usr/share/cups/data/testprint (which is also
a CUPS banner file type) because they do no longer work
since CUPS >= 1.6 (see http://www.cups.org/str.php?L4120)
because there is no longer a filter for Linux that can convert
the CUPS banner files. Since CUPS >= 1.6 only the banner files
and testpage in the cups-filters package work via the
cups-filters PDF workflow and the cups-filters package also
provides the matching bannertopdf filter (bnc#873376).
- In case of systemd use --with-rundir=/run/cups
instead of --with-rundir=/run (bnc#871640).
- str4351.patch from CUPS upstream fixes
https://www.cups.org/str.php?L4351
"STR #4351 cups-lpd hugh jobs (>2G) fail"
(bnc#864782).
- Version upgrade to 1.7.1 (fate#314630):
CUPS >= 1.6 has major incompatible changes compared to CUPS
up to version 1.5.4 in particular when printing via network:
* The IPP protocol default version increased form 1.1 to 2.0.
Older IPP servers like CUPS 1.3.x (e.g. in SLE11)
reject IPP 2.0 requests with "Bad Request" (STR #4231).
By adding '/version=1.1' to ServerName in client.conf
(e.g. ServerName older.server.example.com/version=1.1)
or the CUPS_SERVER environment variable value or by
adding it to the server name value of the '-h' opion
(e.g. lpstat -h older.server.example.com/version=1.1 -p)
the older IPP protocol version for older servers
must be explicitly specified.
* CUPS Browsing is dropped in CUPS but the new package
cups-filters provides the cups-browsed that provides
basic CUPS Browsing and Polling functionality.
The native protocol in CUPS for automatic client discovery
of printers is now DNS-SD.
* Some printing filters and backends are dropped in CUPS
but the new package cups-filters provides them so that
cups-filters is usually needed (recommended by RPM)
but cups-filters is not strictly required.
* The cupsd configuration directives are split into two files
cupsd.conf (can also be modified via HTTP PUT e.g. via cupsctl)
and cups-files.conf (can only be modified manually by root)
to have better default protection against misuse of privileges
by normal users who have been specifically allowed
by root to do cupsd configuration changes
(STR #4223 CVE-2012-5519 bnc#789566).
See the entries below for more information.
For details see the openSUSE Bugzilla bnc#735404 issue.
CUPS 1.7.1 improves network and USB printing, fixes some
scheduler issues, and addresses a minor security issue
in the lppasswd program.
Changes since 1.7.0 include (excerpt):
* Security: the lppasswd program incorrectly used settings
from ~/.cups/client.conf (STR #4319)
* ATTR messages could cause string pool memory corruption
in the scheduler (<rdar://problem/15382819>)
* Printing to a raw queue could result in corrupt output
due to opportunistic compression (<rdar://problem/15008524>)
* Japanese PPDs using with the Shift-JIS encoding
did not work (<rdar://problem/15427759>)
* The libusb-based USB backend incorrectly used write
timeouts (<rdar://problem/15564888>)
* The IPP backend did not wait for a busy printer
to become available before attempting to print
(<rdar://problem/15465667>)
* Using "@IF(name)" in an Allow or Deny rule
did not work (STR #4328)
* The D-BUS notifier did not remove its lockfile (STR #4314)
* CUPS incorrectly used the USER environment variable when
the name did not match the user ID (STR #4327)
For details see the CHANGES.txt file.
- cups-1.7-additional_policies.patch adds the 'allowallforanybody'
policy to cupsd.conf (fate#303515) and replaces
cups-1.6.2-adapt_cupsd.conf_defaults_for_SUSE.patch
- Clean up of systemd unit files (bnc#857372):
Make it working again as simple and secure as it worked
all the time in the past by providing only one single
systemd unit file cups.service. In particular currently YaST
cannot manage services with additional other systemd unit files.
Furthermore systemd socket activation is currently insecure
in case of IPv6 (CVE-2012-6094 bnc#795624).
- Clean up how cupsd is launched (via SysVinit or systemd)
by maintaining strictly separated sections in cups.spec:
Either for launching cupsd via systemd (if have_systemd is set)
or for launching cupsd via SysVinit (if have_systemd is not set).
SysVinit support cannot be removed because CUPS 1.7.1 still
builds and can be used even for SLE11.
- The default group of users who are allowed to do cupsd
configuration changes via requests to the running cupsd
(i.e. the SystemGroup directive in cupsd.conf) is set
to 'root' only (related to STR #4223 CVE-2012-5519 bnc#789566).
In this context a general security advice:
When root allows normal users to do system administration tasks
(in particular when root allows normal users to administer
system processes - i.e. processes that run as root), then
this or that kind of privilege escalation will be possible.
Only trustworthy users who do not misuse their privileges
may get allowed to do specific system administration tasks.
- Version upgrade to 1.7.0
CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5.
See the entries below for more information.
For details see the openSUSE Bugzilla bnc#735404 issue.
Changes since 1.7rc1 include (excerpt):
* The lpadmin command did not send the PPD name from
the "-m" option (<rdar://problem/15264697>).
* The scheduler did not respond using the hostname
specified by the client (<rdar://problem/14583574>).
* Fixed a couple memory leaks in ippfind that were
reported by Clang.
* Fixed a compile issue on 64-bit Linux with Clang - need
to use the -pie option instead of -Wl,-pie now
(<rdar://problem/14480938>).
* The scheduler incorrectly did not pass a FINAL_CONTENT_TYPE
environment variable to the filters or backend
(<rdar://problem/14355011>).
For details see the CHANGES.txt file.
- Version upgrade to 1.7rc1 only for testing purpose.
CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5.
After a version upgrade to CUPS >= 1.6 printing in the network
would no longer work as it did up to CUPS 1.5.
For details regarding incompatible changes in CUPS >= 1.6 see
https://bugzilla.novell.com/show_bug.cgi?id=735404
and follow the links therein.
The 1.7 series is primarily a "polish" release with improved
support for paid, PIN, and release printing, expanded support
for IPP Everywhere, automatic support for data compression,
and improved CUPS APIs.
CUPS 1.7rc1 is the first release candidate for CUPS 1.7.0
and includes the fixes from CUPS 1.6.3, adds a new
ippfind utility, fixes some issues in the ipptool utility,
and fixes some general printing bugs.
For details what is new in CUPS 1.7 see the CHANGES.txt file.
Excerpt:
* Printer xxx-default values were not reported by
Get-Printer-Attributes or lpoptions (<rdar://problem/14401795>)
* Added a new ippfind tool for finding IPP printers and
other Bonjour services (<rdar://problem/13876199>)
- Version upgrade to 1.6.3
CUPS 1.6.3 fixes some compatibility issues with servers
running CUPS 1.3.12 or older, fixes some general printing bugs,
and fixes some minor security issues.
For details what is new in CUPS 1.6 see the CHANGES-1.6.txt file.
Excerpt:
* The lp, lpq, lpr, and lpstat now display an error message
advising the use of the /version=1.1 ServerName option
(<rdar://problem/14290628>)
* Added documentation about the /version=1.1 option to ServerName
in client.conf (<rdar://problem/14216262>)
* The lp, lpq, lpr, and lpstat commands incorrectly ignored
the default printer set in the lpoptions file
(<rdar://problem/14216472>)
* Printing using "ipps" URIs was not encrypted.
- Version upgrade to 1.6.2.
CUPS 1.6 has major incompatible changes compared to CUPS 1.5.
For details regarding incompatible changes in CUPS 1.6 see
https://bugzilla.novell.com/show_bug.cgi?id=735404
and follow the links therein.
For details what is new in CUPS 1.6 see the CHANGES.txt file.
Excerpt:
* Security: All file, directory, user, and group settings
are now stored in a separate cups-files.conf configuration
file that cannot be set through the CUPS web interface
or APIs (STR #4223).
* The IPP backend could crash if the printer disconnects
early (STR #4284).
* cupsGetPPD did not work with statically-configured CUPS
shared queues (STR #4178).
* Bad IPP responses could crash ipptool (STR #4262).
* Updated USB quirk rules for various printers
(STR #4217, STR #4263, STR #4286).
* Added USB blacklisting for printers that require a custom
backend (STR #4218).
* The CUPS library did not always detect a timed out connection
to the server which could cause temporary loss of printing
from applications (STR #4187).
* The IPP backend now stops queues when the server configuration
prevents successful job submission (STR #4125).
* CUPS 1.6 clients using the ServerName directive in client.conf
did not work with CUPS 1.3.x or older servers
(STR #4231, STR #4291).
* The scheduler could crash when using Avahi
(STR #4183, STR #4192, STR #4200, STR #4213).
* The IPP backend could get stuck in an endless loop on certain
network errors (STR #4194).
* The scheduler no longer allows job-name values that are
not valid network Unicode strings (STR #4072).
* The network backends now support disabling of SNMP supply
level queries via the "snmp" URI option (STR #4106).
* The IPP backend did not specify the compression used
(STR #4181).
* The scheduler did not recognize dnssd: or ipps: URIs as
Bonjour shared queues (STR #4158).
* Applications could not get the PPD file for
statically-configured Bonjour-shared print queues (STR #4159).
* Fixed a USB backend compatibility issue on systems using
libusb (STR #4155, STR #4191).
* Some Bonjour features were not available on systems
with Avahi (STR #4156).
- cups-1.6.1-revertSTR3929_to_default_IPP_1.1_again.patch is
obsolete because it is fixed upstream (STR #4231, STR #4291).
- cups-1.6.2-adapt_cupsd.conf_defaults_for_SUSE.patch
replaces cups-1.6.1-adapt_cupsd.conf_defaults_for_SUSE.patch
- Adapted cups-client.conf template file for CUPS 1.6.
- cups-1.6.1-adapt_cupsd.conf_defaults_for_SUSE.patch
adapts the defaults in cupsd.conf for SUSE.
It replaces cups-1.3.6-access_conf.patch that
added 'Allow 127.0.0.2' to cupsd.conf to allow access
for the loopback IP address 127.0.0.2 which is set for
the hostname by SUSE in /etc/hosts at least up to
SLE10 products.
It also replaces cups-1.5-additional_policies.patch
that added the 'allowallforanybody' policy to cupsd.conf
see https://fate.novell.com/303515
Furthermore it fixes some issues with the CUPS upstream
defaults i.e. removal of no longer supported keywords
BrowseOrder BrowseAllow DefaultAuthType (otherwise cupsd
prints error messages of the form "Unknown directive
BrowseOrder on line 22").
- cups-1.6.1-revertSTR3929_to_default_IPP_1.1_again.patch
reverts the incompatible change in CUPS 1.6
that makes IPP version 2.0 default
(see https://www.cups.org/str.php?L3929)
back to using IPP version 1.1 by default.
Otherwise CUPS 1.6 on clients cannot talk to older CUPS
servers in particular not to CUPS 1.3.9 on SLE11.
E.g. on a CUPS 1.6 client "lpstat -h sle11.cups.server -p"
would fail on the client with "lpstat: Bad Request" and
the CUPS 1.3.9 server logs in /var/log/cups/error_log the
lines "E ... cupsdReadClient: ... IPP Read Error!"
and "D ... cupsdSendError: ... code=400 (Bad Request)".
- Version upgrade to 1.6.1.
CUPS 1.6 has major incompatible changes compared to CUPS 1.5.
After a version upgrade to CUPS 1.6 printing in the network
would no longer work as it did up to CUPS 1.5.
For an overview about what is new in CUPS 1.6 see
http://www.cups.org/documentation.php/doc-1.6/whatsnew.html
For details regarding incompatible changes in CUPS 1.6 see
https://bugzilla.novell.com/show_bug.cgi?id=735404
and follow the links therein.
For details what is new in CUPS 1.6 see the CHANGES.txt file.
Excerpt:
* CUPS now supports color management using colord (STR #3808).
* CUPS now supports Bonjour using Avahi (STR #3066).
* The "brightness", "columns", "fitplot", "gamma", "hue",
"natural-scaling", "penwidth", "position", "ppi",
"saturation", and "scaling" options are not longer
supported (STR #4010).
* Added new destination connection and enumeration functions
via new dynamic destination APIs (STR #3924).
* Added new option, localization, and job submission functions
via new APIs that do not depend on PPD files (STR #3925).
* The scheduler now supports a DefaultAuthType of "auto" to
automatically choose between Basic (username/password)
and Negotiate (Kerberos) authentication.
* CUPS no longer supports automatic remote printers or
implicit classes via the CUPS, LDAP, or SLP protocols
(STR #3922, STR #3923).
* The PPD APIs are now deprecated and will be removed
in a future version of CUPS (STR #3927).
* The default IPP version for requests is now 2.0 (STR #3929).
* The IPP APIs no longer expose the ipp_t or ipp_attribute_t
structures and instead provide accessor functions (STR #3928).
* The scheduler will no longer run programs with group write
permission.
* The PHP module has been removed (STR #3932).
* The bannertops, commandtoescpx, commandtopclx, imagetops,
imagetoraster, pdftops, rastertoescpx, rastertopclx,
and texttops filters have been removed (STR #3930).
* The serial and parallel backends have been removed (STR #3935).
- Adapted cups-config-libs.patch for CUPS 1.6.1
(IMGLIBS is no longer present in cups-config.in).
- buildrequire systemd through the pkgconfig provide to get
systemd-mini in build environment (to break cycle)
- Version upgrade to 1.5.4 (mainly a bugfix release) that fixes
some IPP printing issues.
Excerpt:
* The IPP backend no longer tries to get the job status for
printers that do not implement the required operation
(STR #4083).
* Sending a document in an unsupported format to an IPP printer
now automatically cancels the job (STR #4093).
* The IPP backend now treats the client-error-not-possible
status code as a job history issue, allowing IPP printing to
Windows to work(STR #4047).
For a complete list see the CHANGES.txt file.
- revert_cups-ssl.m4_to_1.5.2.patch is now obsolete because of
an upstream fix.
- license update: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1
Apple grant an openssl linking exception (and an exception for
linking on Apple owned operating systems).
- Save /etc/cups/cupsd.conf and /etc/cups/cupsd.conf.default
from becoming hardlinked via the fdupes run in cups.spec
(see the 'Wed Aug 26 21:43:03 CEST 2009' entry below)
by making their content different and at the same time
fix the misleading comment (openSUSE Bugzilla bnc#773971).
- Minor clean-up in cups.spec (the "Remove unpackaged files"
via "rm -rf <some_man-pages>") is no longer needed because
those man pages are no longer installed.
- Upgraded to CUPS 1.5.3 (mainly a bugfix release) that fixes
a number of PostScript, SSL, authenticated printing,
and networking issues.
Excerpt:
* The scheduler could crash if a PPD file contained
an invalid paper size (STR #4049).
* Missing localizations caused empty output (STR #4033).
* Changed how timeouts are implemented in the LPD backend
(STR #4013).
* The default InputSlot setting was never used (STR #3957).
* Fixed the IPP backend's handling of HTTP/1.0 compatibility
(STR #3988).
For a complete list see the CHANGES.txt file.
- revert_cups-ssl.m4_to_1.5.2.patch reverts cups-ssl.m4 to what
it was in CUPS 1.5.2 so that autoconf produces a syntactically
correct configure script otherwise "bash -n configure" fails
with "syntax error: unexpected end of file",
see http://www.cups.org/str.php?L4084
- No longer require Ghostscript but only "Recommends: ghostscript"
because the Ghostscript device "cups" is needed by several CUPS
filters (in particular the "rasterto..." filters) but those
filters are not used on all systems (e.g. on a print server
with only "raw" queues) so that a weak Recommends fits better.
Furthermore this avoids a build dependency cycle between the
main-packages cups and ghostscript.
- No longer require /usr/bin/pdftops but only a "Recommends"
because the CUPS filter /usr/lib/cups/filter/pdftops
(which calls /usr/bin/pdftops) is not used on all systems
(e.g. on a print server with only "raw" queues) so that
a weak Recommends fits better.
- In cups.spec only "Requires: ghostscript" but no longer require
ghostscript-fonts-std in cups.spec because in ghostscript.spec
there is already "Requires: ghostscript-fonts-std"
(related to openSUSE Bugzilla bnc#735824).
- In cups.spec remove the Obsoletes/Provides cups-SUSE-ppds-dat
because cups-SUSE-ppds-dat.rpm existed only up to SLE10
but it does no longer exist since 11.1/SLE11
and CUPS 1.5.x is not provided for SLE10.
- Use traditional bash scriptlets for post/postun with
an explicite "exit 0" line at the end to be fail safe and
therefore also "PreReq: /sbin/ldconfig" explicitly for the
cups-libs sub-package, see the "Shared_libraries" section in
http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets
- Upgraded to CUPS 1.5.2 (mainly a bugfix release). This release
fixes a number of printing, encryption, and ipptool issues.
Excerpt:
* The scheduler incorrectly used free() on a POSIX ACL value,
which could cause a crash (STR #3970).
* Encryption was broken with OpenSSL (probably STR #3933
and bnc#739410 ).
* Badly formed GIF files could cause the image filters
to crash (STR #3914).
For a complete list see the CHANGES.txt file.
- Use explicit buildrequires on the needed libraries.
otherwise build will fail after libtiff-devel deps cleanup
- Cleanup requires of -devel package, which only needs glibc-devel
- cups-config-libs.patch fixes cups-config script,
which with option --libs adds:
LIBS="-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lssl -lcrypto
- lz -lpthread -lm -lcrypt "
IMGLIBS="-ltiff -ljpeg -lpng"
This only makes sense when using static linking but we do not
ship static libraries and it will only bloat dependant packages.
- Update systemd patch, Bind to datagram socket as well in
systemd cups.socket unit file, to prevent that port being
stolen by another service (from RH).
- There is no need to use -fno-strict-aliasing
in cflags any longer.
- Update systemd patch to a newer version that uses
libsystemd-daemon instead of bundling sd-daemon wrappers.
- cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch
adds complete systemd support, the hardware stuff is handled in
builtin udev rules (see /lib/udev/rules.d/99-systemd.rules).
See also http://0pointer.de/blog/projects/socket-activation2.html
- Upgraded to CUPS 1.5.0 (openSUSE Bugzilla bnc#722057)
Backward incompatible changes:
* The main header cups/cups.h no longer includes the PPD header
cups/ppd.h which may require code changes to applications.
* CUPS no longer supports the old ~/.cupsrc or ~/.lpoptions files
from CUPS 1.1.x. The ~/.cups/client.conf and ~/.cups/lpoptions
files that were introduced in CUPS 1.2 must now be used.
* The scheduler now requires that filters and backends
have group write permissions disabled (security).
* The HP-GL/2 filter is no longer included (STR #3322).
* The SCSI backend is no longer included (STR #3500).
Other changes:
* Updated the PostScript filter to support IncludeFeature
in more circumstances (STR #3417).
* The scheduler now sets the process group for child processes
and manages the group (STR #2829).
* The scheduler now more carefully creates and removes
configuration, cache, and state files (STR #3715).
* The lpadmin command now allows default option values
to be deleted (STR #2959).
* Restored support for GNU TLS and OpenSSL with threading
enabled (STR #3605, STR #3461).
Therefore cups-1.4.4-str3461-1.4.reverted.patch
is no longer needed (openSUSE Bugzilla bnc#617026).
* Increased the default RIPCache value to 128MB (STR #3535).
Therefore cups-1.4.4-set_default_RIPCache_128m.patch
is no longer needed (openSUSE Bugzilla bnc#628233).
* Updated PDF filter to support Ghostscript ps2write (STR #3766).
* Updated PDF filter to support Poppler option to preserve page
sizes in PDF files when the user has not selected a particular
media size (STR #3689).
* Added new PWG Raster filter for IPP Everywhere printer support.
* Added support for a new cupsFilter2 keyword in PPD files
to allow for the propagation of the actual MIME media type
produced by a filter.
* Name resolution errors no longer no longer cause
queues to stop (STR #3719, STR #3753). See also
https://bugzilla.novell.com/show_bug.cgi?id=337794#c16
* Added a new cups-exec helper program that applies security
profiles to filters, port monitors, backends, CGI programs,
and mini-daemons.
* The web interface can now be disabled using the WebInterface
directive in cupsd.conf (STR #2625).
* The ipptest tool is now a first-class user program (STR #3484).
For a complete list see the CHANGES.txt file.
- cups-1.4.4-str3461-1.4.reverted.patch (bnc#617026) and
cups-1.4.4-set_default_RIPCache_128m.patch (bnc#628233)
are no longer needed because the issues are fixed upstream.
cups-1.5-additional_policies.patch (fate#303515) replaces the
cups-1.4-additional_policies.patch which does no longer apply.
- add libtool as buildrequire to make the spec file more reliable
- Reverted the change from meissner below dated
"Fri Sep 23 09:54:39 CEST 2011" so that baselibs.conf again
contains only one line "cups-libs" as before because the
submitrequest 85423 Printing/cups -> openSUSE:Factory/cups
was declined by coolo with the following reason:
"cups-devel-32bit requires cups-32bit (default requires),
which does not exist".
- Upgraded to CUPS 1.4.8
* network backends could crash if a printer returned a value
of 0 for the maximum capacity for a supply (STR #3875)
* For a complete list see the CHANGES.txt file.
- Upgraded to CUPS 1.4.7
* imageto* filters could crash with bad GIF files (STR #3867)
* CUPS did not work with some printers that incorrectly
implemented the HTTP/1.1 standard (STR #3778, STR #3791)
* Fixed crash in scheduler when the application/octet-stream
MIME type was not defined (STR #3690)
* The web interface no longer tries to use multi-part delivery
when adding printers (STR #3455) using Epiphany or IE
* "lp" and "lpr" failed with Kerberos enabled (STR #3768)
* Remote printer URIs with options did not work (STR #3717)
* The scheduler now only looks up interface hostnames
if HostNameLookups are enabled (STR #3737)
* The scheduler could crash if a browsed printer times out
while a job is printing (STR #3754)
* For a complete list see the CHANGES.txt file.
- cups-1.4.4-set_default_RIPCache_128m.patch enlarges
the CUPS upstream default RIPCache from 8m to 128m
to avoid various kind of printout failures
(STR #3535, and Novell/openSUSE Bugzilla bnc#628233).
- cups-devel baselibs package for Wine 32bit on 64bit building
(added "cups-devel requires cups-libs..." to baselibs.conf).
- Remove redundant tags/sections from specfile
(removed "norootforbuild" and the "clean" section).
- "no" locale is "nb" (norwegian bokmal) these days
(move /usr/share/locale/no to /usr/share/locale/nb).
- "zh" is probably meant as "zh_CN", as "zh_TW" exists
(move /usr/share/locale/zh to /usr/share/locale/zh_CN).
- Cleaned up the RPM Requires:
Removed the needless "Suggests: poppler-tools" because there
is "Requires: /usr/bin/pdftops" which should be sufficient.
Replaced the RPM Requires for foomatic-filters by Recommends
because foomatic-rip is only needed by CUPS in a few cases
and printer driver packages which need foomatic-rip require
foomatic-filters on their own.
- Upgraded to CUPS 1.4.6
CUPS 1.4.6 fixes in particular a regression:
* A change was made in CUPS 1.4.5's pstops filter
that it did not support landscape printing
of PostScript files (STR #3722)
* For a complete list see the CHANGES.txt file.
- Fixed coolo's quick and ditry unconditioned
"PreReq: sysvinit(syslog)" stuff from below because build fails
everywhere except openSUSE:Factory (i.e. openSUSE 11.4)
because sysvinit(syslog) is nowhere else provided.
Now the PreReq is only if suse_version > 1130.
- prereq init script syslog
- Upgraded to CUPS 1.4.5
CUPS 1.4.5 fixes several scheduler and printing bugs
as well as a reported security bug, in particular:
* Fixed a IPP parsing memory corruption bug
(CVE-2010-2941, STR #3648, Novell/Suse Bugzilla bnc#649256)
* Fixed a PPD loader bug that could crash the cupsd (STR #3680)
* The scheduler restarts jobs while shutting down (STR #3679)
* Did not initialize Kerberos in all cases (STR #3662)
* The socket backend could go into an infinite loop
with certain printers (STR #3622)
* Moving a job via the web interface failed without
asking for authentication (STR #3559)
* The web interface did not allow a user to change
the driver (STR #3537, STR #3601)
* For a complete list see the CHANGES.txt file.
- Fixed /etc/init.d/cups (cups.init source file) so that stopping
the cupsd waits up to 10 seconds until the cupsd had actually
finished (if not SIGKILL would be sent to it) to make sure
that "rccups restart" and "rccups stop ; rccups start" work
correctly (see Novell/Suse Bugzilla bnc#622058).
- cups-1.4.4-str3461-1.4.reverted.patch reverts changes
by CUPS STR #3461 as band-aid workaround for now to avoid
that Mozilla.org applications crash when they try to print
(STR #3461, STR #3605, and Novell/Suse Bugzilla bnc#617026).
- Upgraded to CUPS 1.4.4
CUPS 1.4.4 fixes several security, scheduler, printing,
and conformance issues, in particular:
* The web interface now includes additional CSRF protection
(CVE-2010-0540, STR #3498, STR #3593, and
Novell/Suse Bugzilla bnc#601830)
* The texttops filter did not check the results of allocations
(CVE-2010-0542, STR #3516, Novell/Suse Bugzilla bnc#601352)
* The web admin interface could disclose the contents of memory
(CVE-2010-1748, STR #3577, Novell/Suse Bugzilla bnc#604271)
* The fix for CVE-2009-3553 (STR #3200) was incomplete
for systems that use kqueue or epoll (STR #3490)
* CUPS could overwrite files as root in directories owned or
writable by non-root users (STR #3510)
* The OpenSSL interfaces have been made thread-safe and
the GNU TLS interface is explicitly forbidden
when threading is enabled (STR #3461)
* The scheduler could crash on restart if classes
were defined (STR #3524)
* The socket backend no longer waits for back-channel data
on platforms other than Mac OS X (STR #3495)
* For a complete list see the CHANGES.txt file.
- Update cups-1.3.9-desktop_file.patch: add the Settings category
(required since we use HardwareSettigns) and add NotShowIn=GNOME:
in GNOME, the configuration tool we want to use is
system-config-printer.
- Explicitly set configure option '--enable-debug' because
otherwise the cups-debuginfo RPM would be empty.
- Removed no longer recognized configure option '--enable-pie'
(it compiles and links with '-pie -fPIE -fPIC' by default).
- Disabled .SILENT in Makedefs.in so that make is verbose as usual.
- In cups.spec removed '-r' from the suse_update_desktop_file call
to not replace valid (and previously patched via
cups-1.3.9-desktop_file.patch) categories of the desktop file
so that it shows up in the right place (this is particularly
an issue with the LXDE/XFCE menu).
- cups-1.4.3-default-webcontent-path.patch changes the default path
whereto the web content is installed from /usr/share/doc/...
to /usr/share/cups/webcontent because the files of the CUPS
web content are no documentation (see CUPS STR #3578 and
Novell/Suse Bugzilla bnc#546023 starting at comment#6).
- In cups.spec replaced usage of the RPM macro 'name' by the
explicite value 'cups' (except for the BuildRoot) so that
CUPS could be built as well with a different package name
(e.g. when someone likes to provide a CUPS SVN revision
as 'cupsSVN' or a specifically adapted CUPS as 'cups4me').
- cups-krb5-config wrapper script for krb5-config is no longer
needed because since April 2008 krb5-config works correctly
(see Novell/Suse Bugzilla bnc#378270 and compare STR #3556).
- In cups.xinetd replaced '@LIB@' by '/usr/lib' and removed
the perl substitute calls regarding '@LIB@' in cups.spec because
since the upstream compliant CUPS 1.4 it is '/usr/lib/cups/'
on all platforms (see Novell/Suse Bugzilla bnc#575544).
- Upgraded to CUPS 1.4.3:
* The scheduler could try responding on a closed client
connection, leading to a crash
(CVE-2009-3553, STR #3200, and bnc#554861).
* The lppasswd program allowed the localization files
to be overridden when running in setuid mode
(CVE-2010-0393, STR #3482, and bnc#574336).
* The scheduler would crash when an active printer was deleted.
* The DBUS notifier did not build (STR #3447).
* The scheduler did not reset the SIGPIPE handler
of child processes (STR #3399).
* For a complete list see the CHANGES.txt file.
- cups-1.3.9-CVE-2009-3553.patch has become
obsolete because it is fixed in the source.
- CUPS 1.3 -> 1.4 version upgrade and major cleanup:
For the CUPS upstream changes see the CHANGES.txt file.
Such a major version upgrade is the perfect chance
to drop almost all our own patches to enforce a
reset to almost 100% compliance with upstream.
Here our openSUSE CUPS versions and their number of patches
(i.e. the "Patch" entries in the cups.spec files):
CUPS version 1.2.12 in openSUSE 10.3: 37
CUPS version 1.3.7 in openSUSE 11.0: 29
CUPS version 1.3.9 in openSUSE 11.1: 26
CUPS version 1.3.11 in openSUSE 11.2: 17
Of course this includes patches with backported bug fixes
via our maintenance but nevertheless there were really
too much openSUSE specific patches.
Therefore I would like to provide CUPS 1.4 "as is" to the
furthest possible extent (there are still 6 patches left).
Then let's see if we get bug reports because of this.
I did such a reset to 100% compliance with upstream
already in the past for sane-backends and guess what:
I got no single bug report at all because of this.
I guess what they do at upstream is actually not so bad ;-)
- Added the explicite path to '--with-cachedir=/var/cache/cups'
in cups.spec to avoid that the fallback value 'yes' results
the cache directory '/etc/cups/yes/'.
- cups-1.3.11-CVE-2009-2820-regression-fix.patch and
cups-1.3.11-CVE-2009-2820.patch have become
obsolete because it is fixed in the source.
- cups-1.4-full_path_to_configure_with-pdftops.patch has become
obsolete because it is fixed in the source.
- add baselibs.conf as a source
- enable parallel building
- Fixed the URL and MD5 sum comments for Source0 in cups.spec.
- cups-1.3.9-CVE-2009-3553.patch fixes a use-after-free bug
in the scheduler which leads to remote denial of service,
(CVE-2009-3553, CUPS STR #3200,
and Novell/Suse Bugzilla bnc#554861)
- cups-1.3.11-CVE-2009-2820-regression-fix.patch
fixes a regression which was introduced by
the previous cups-1.3.11-CVE-2009-2820.patch
which lets adding a class via CUPS Web Interface fail
with an 'Unknown operation "{op}"' error message
(CUPS STR #3401 and
Novell/Suse Bugzilla bnc#548317 starting at comment #24).
- cups-1.3.11-CVE-2009-2820.patch fixes CUPS Web Interface
Cross-Site Scripting (XSS) and CRLF injection in HTTP headers
(CVE-2009-2820 and CUPS STR #3367 and
Novell/Suse Bugzilla bnc#548317).
- updated patches to apply with fuzz=0
- Fixed as-needed issues when compiling additional tools
by using the right ordering of source and linked library
in 'gcc -opoll_ppd_base ... SOURCE1 -lcups'
and 'gcc -olphelp ... SOURCE2 -lcups' which
obsoletes the 'export SUSE_ASNEEDED=0' workaround,
see the 'Fri Jul 10 12:34:54 CEST 2009' entry below.
- Run fdupes.
- full_path_to_configure_with-pdftops.patch
adds support to specify a full path in
'configure --with-pdftops=/usr/bin/pdftops'
to avoid 'BuildRequires: xpdf-tools' which would
bloat the build system but would be only needed to
satisfy 'AC_PATH_PROG(CUPS_PDFTOPS, pdftops)'
in cups-pdf.m4 if only 'configure --with-pdftops=pdftops'
was possible (Novell/Suse Bugzilla bnc#526847).
- Upgraded to CUPS 1.3.11:
* The scheduler and cupsfilter utility would crash with
certain MIME .types rules (CUPS STR #3159).
* cups-1.3.10-fix-DNS-rebinding-protection.patch
(Novell/Suse Bugzilla bnc#516511 and CUPS STR #3238)
is obsolete since CUPS 1.3.11 because it is fixed
in the source (it is fixed via CUPS STR #3164).
* For a complete list see the CHANGES.txt file.
- Set 'export SUSE_ASNEEDED=0' in cups.spec because build fails
with --as-needed so that this is for now simply disabled.
- cups-1.3.10-fix-DNS-rebinding-protection.patch fixes
a regression of the CUPS 1.3.10 DNS rebinding protection which
lets e.g. "lpoptions -h localhost -p <queue> -l" fail with
"lpoptions: Unable to get PPD file for <queue>: Bad Request"
and in /var/log/cups/error_log there is the warning
W ... Request from "localhost" using invalid Host: field "::1"
but "::1" is the IPv6 loopback IP address for "localhost"
(Novell/Suse Bugzilla bnc#489624 comment#19 and bnc#516511).
- Upgraded to CUPS 1.3.10:
* Use a wrapper program filter/pdftops.c which only calls
/usr/bin/pdftops (via configure --with-pdftops=/usr/bin/pdftops)
instead of the CUPS fork of the Xpdf source code which was in
the pdftops directory (CUPS STR #3129). Because of this
cups-1.4svn-pdftops_as_filter.patch and
cups-1.4svn-pdftops_dont_fail_on_cancel.patch are obsolete
since CUPS 1.3.10 (the latter was fixed via CUPS STR #2808).
* The scheduler now protects against DNS rebinding attacks
(CUPS STR #3118 and Novell/Suse Bugzilla bnc#489624).
* cups-1.3.9-cupstestppd.patch is obsolete since CUPS 1.3.10
because it is fixed in the source (CUPS STR #2979).
* cups-1.3.9-max_subscription.patch is obsolete
since CUPS 1.3.10 because it is fixed in the source
(no CUPS STR but mentioned in CHANGES.txt "The scheduler
would crash if you exceeded the MaxSubscriptions limit").
* cups-1.3.9-filter_png_overflow2.patch is obsolete
since CUPS 1.3.10 because it is fixed in the source
(CUPS STR #2974 and Novell/Suse Bugzilla bnc#448631).
* cups-1.3.9-hpgltops2.patch is obsolete since CUPS 1.3.10
because it is fixed in the source (CUPS STR #2966 which is the
successor of CUPS STR #2911 and Novell/Suse Bugzilla bnc#430543).
* cups-1.3.9-cupsImageReadTiff.patch is obsolete
since CUPS 1.3.10 because it is fixed in the source
(CUPS STR #3031 and Novell/Suse Bugzilla bnc#485895).
* For a complete list see the CHANGES.txt file.
- cups-1.1.21rc2-preauth_security.patch and
cups-1.1.21rc2-usermode.patch and
cups-1.1.21-umlaut_printer.patch and
cups-1.1.23-testpage.patch are finally removed
since CUPS 1.3.10 because they were made for CUPS 1.1 and
were no longer applied since CUPS 1.2 in Suse Linux 10.3.
In particular cups-1.1.21rc2-usermode.patch can no longer
apply since CUPS 1.2 because RunAsUser in cupsd.conf is
no longer supported since CUPS 1.2, for more info see e.g. the
"RunAsUser removed; reassurance wanted" mails on cups(a)easysw.com.
Furthermore we neither got any Suse Linux/openSUSE user request
nor any SLE11 beta-tester/customer request for them.
- Replaced "--enable-static" by "--disable-static" in configure
so that the static libraries /usr/lib[64]/libcups.a and
/usr/lib[64]/libcupsimage.a are no longer built and included
in the cups-devel package to enforce detection of other software
which might be built with static CUPS libraries so that those
other software could be fixed to use the dynamic libraries
(see also Novell/Suse Bugzilla bnc#509945).
- Set BROADCAST="ipp" in cups.SuSEfirewall2 source file (which
gets installed as /etc/sysconfig/SuSEfirewall2.d/services/cups)
so that adding "cups" to allowed services in the firewall
also allows CUPS Browsing information via UDP broadcasts
(Novell/Suse Bugzilla bnc#498429).
- cups-1.3.9-cupsImageReadTiff.patch fixes an integer overflow
in the "_cupsImageReadTIFF()" function CVE-2009-0163
(CUPS STR #3031 and Novell/Suse Bugzilla bnc#485895).
- added directory %{libdir}/cups/driver to %files of cups
(bnc#465794)
- obsolete old cups-libs-XXbit and cups-devel-XXbit correctly
- use Obsoletes: -XXbit only for ppc64 to help solver during
distupgrade (bnc#437293)
- fixed permission of snmp.conf (bnc#449570)
- fix for png size validation CVE-2008-??? (bnc#448631)
- correction for hpgl pen selection fix CVE-2008-3641 (bnc#430543)
- fixed rss subscription issue (bnc#446975)
- missed to fix a further PPD file: stcolor2.ppd
- Obsoletes: cups-SUSE-ppds-dat (bnc#438763)
- obsolete old -XXbit packages (bnc#437293)
- fixed issues in PPD files: failing through internal tests
- update to 1.3.9, which is mainly a bugfix version. For a complete
list see included CHANGES.txt file, but important changes were
already included via patches before.
Deleted patches:
cups-1.3.8-custom_ppd_fix.patch (CUPS STR #2889)
cups-1.3.8-ssl_firefox.patch (CUPS STR #2892)
cups-1.3.8-cupsfilter_path.patch (CUPS STR #2908)
cups-1.3.8-pjl_ready_message.patch (CUPS STR #2909)
cups-1.3.8-listener_compare.patch (CUPS STR #2910)
cups-1.3.8-manyjob_finish.patch (CUPS STR #2913)
cups-1.3.8-resolver_reinit.patch (CUPS STR #2920)
cups-1.3.8-startstop_msg.patch (CUPS STR #2927)
cups-1.3.8-noclobber_symlink.patch (CUPS STR #2937)
cups-1.3.8-more_debuginfo.patch (CUPS STR #2943)
cups-1.3.8-hostlookup.patch (CUPS STR #2946)
cups-1.3.8-ipp_stop_after_pause.patch
cups-1.3.8-lose_printers_on_allowed_users.patch
Updated patches:
cups-1.2.5-desktop_file.patch
- bugfixes:
* printer stops after IPP pause
* pritners got lost when users are set in Set Allowed Users Dialog
- added und integrated latest patches from upstream bugzilla:
cups-1.3.8-custom_ppd_fix.patch (CUPS STR #2889)
cups-1.3.8-ssl_firefox.patch (CUPS STR #2892)
cups-1.3.8-cupsfilter_path.patch (CUPS STR #2908)
cups-1.3.8-pjl_ready_message.patch (CUPS STR #2909)
cups-1.3.8-listener_compare.patch (CUPS STR #2910)
cups-1.3.8-manyjob_finish.patch (CUPS STR #2913)
cups-1.3.8-resolver_reinit.patch (CUPS STR #2920)
cups-1.3.8-startstop_msg.patch (CUPS STR #2927)
cups-1.3.8-noclobber_symlink.patch (CUPS STR #2937)
cups-1.3.8-more_debuginfo.patch (CUPS STR #2943)
cups-1.3.8-hostlookup.patch (CUPS STR #2946)
- removed hplip in init script: hplip is no more (bnc#390663)
- beautified $BUILD_DISTRIBUTION_NAME setting
- Remove -p from fillups call.
- update to version 1.3.8:
* bugfix version, which includes CVE-2008-1722
* also includes some performance changes
* refer to included CHANGES.txt file for full information
- removed obsolete patches
- removed deprecated use of %run_ldconfig
- added avahi-compat-mDNSResponder-devel to BuildRequieres
(bnc#398700)
- fixed typo in Policy "easy"
- added two additional policies to cupsd.conf (fate#303515)
- fixed abuild failure: ownership of lppasswd
- fix directory/setgid permissions for lppasswd use (bnc#404142)
- crash on startup when BrowseAddress has no value (bnc#396969)
- added pdftops_any for 11.0 to Requires: (bugzilla#378434)
- renamed use of CUPS_PDFTOPS to HAVE_PDFTOPS in pdftops.c, to
avoid execute of gs (bnc#390435)
- removed earlykdm from init script, due to new less CPU consuming
start of daemon now (bnc#388007)
- merged both pdftops patches to one
- removed "recommended" remover (bnc#387267)
- new version of pdftops filter from svn extracted
- changed the perror() calls in pdftops.c for cups-1.3.x
compatibility
- fixed the ghostscript call via new variable
(unnecessary -> removed)
- grabbed and applied the wait() fix for childs from cups STR
- fix for integer overflow in png filter CVE-2008-1722
(bugzilla#378335)
- not affected: CVE-2008-1693 (bugzilla#377872)
- added /usr/bin/pdftops to Requires:, and poppler-tools
to Suggests:
- explicitly specify pdftops binary for configure to avoid
adding buildrequires just for a binary path
- take out poppler for now to break the cycle, Klaus will
fix correctly later
- changes for PDF.ppd
- added baselibs.conf file to build xxbit packages
for multilib support
- pdftops uses now system command e.g. xpdf-tools
(as in cups-1.4svn)
- due to requests: client.conf is back in /etc/cups
- fix for buildsystem: added wrapper script for krb5-config as the
original output shows $CFLAGS $LIBDIR of cups.spec
and rpath flags (bugzilla#378270)
- added missing directory /var/cache/cups to %files
- added pstopdf filter (from cups-mailto project at sourceforge.net)
- enabled krb5 support on request (bugzilla#377645)
- enabled further configure options: gcc's relro, gssapi
- and for run of cupsd: java, php, python (needs further activation)
- update to version 1.3.7:
bugfix version only, includes CVE-2008-0047 and CVE-2008-1373.
Refer to included CHANGES.txt file for full information
- worked on INFO in init file
- removed references to version SUSE 8.01 in specfile
- fixed issue in cgi-bin search CVE-2008-0047 (bugzilla#367225)
- update to version 1.3.6:
* Documentation updates
* Fixed a problem with the web interface "Use Kerberos
Authentication" check box
* The scheduler unconditionally overwrote the printer-state-
message with "process-name failed" when a filter or backend
failed, preventing a useful error message from being shown
to the user.
* Policies on CUPS-Move-Job didn't work as expected
* The configure script only supported D-BUS on Linux
* The scheduler did not support </LimitExcept>
* The scheduler did not reset the job-hold-until attribute after
a job's hold time was reached.
* The scheduler did not support printer supply attributes
* The Kerberos credentials provided by some Windows KDCs were
still too large - now use a dynamic buffer to support
credentials up to 64k in size
* Printing a test page from the web interface incorrectly
defaulted to the "guest" user
* The cupsEncodeOptions2() function did not parse multiple-
value attribute values properly
* The scheduler incorrectly sent printer-stopped events for
status updates from the print filters
* The IPP backend could crash when handling printer errors
* Multi-file jobs did not print to remote CUPS servers
* The scheduler did not provide the Apple language ID to job
filters.
* Kerberos authentication did not work with the web interface
* The requesing-user-name-allowed and -denied functionality
did not work for Kerberos-authenticated usernames
* CUPS didn't compile on HP-UX 11i
* cupsEncodeOptions2() did not handle option values like "What's
up, doc?" properly.
* Added lots of memory allocation checks (Fortify)
* The scheduler would crash if it was unable to add a job file
(Fortify)
* ppdOpen*() did not check all memory allocations (Coverity)
* ippReadIO() did not check all memory allocations (Coverity)
* The PostScript filter did not detect read errors (Coverity)
* The scheduler did not check for a missing job-sheets-completed
attribute when sending an event notification (Coverity)
* "Set Printer Options" might not work with raw queues (Coverity)
* cupsRasterInterpretPPD() could crash on certain PostScript
errors (Coverity)
* The USB backend did not check for back-channel support properly
on all systems (Coverity)
* Fixed memory leaks in the GIF and PNM image loading code
(Coverity)
* Removed some dead code in the CUPS API and scheduler (Coverity)
* Fixed two overflow bugs in the HP-GL/2 filter (Coverity)
* Fixed another ASN1 string parsing bug
* The RSS notifier directory was not installed with the correct
permissions.
* The standard CUPS backends could use 100% CPU while waiting for
print data
* Filename-based MIME rules did not work
* The cups-polld program did not exit if the scheduler crashed
* The scheduler would crash if you tried to set the port-monitor
on a raw queue
* The scheduler could crash if a polled remote printer was
converted to a class
* The web interface and cupsctl did not correctly reflect the
"allow printing from the Internet" state
* The scheduler incorrectly treated MIME types as case- sensitive
* The Java support classes did not send UTF-8 strings to the
scheduler
* The CGI code did not handle interrupted POST requests properly
* The PostScript filter incorrectly handled number-up when the
number of pages was evenly divisible by the number-up value.
* The PDF filter incorrectly filtered pages when page-ranges and
number-up were both specified
* The IPP backend did not handle printing of pictwps files to a
non-Mac CUPS server properly.
* The scheduler did not detect network interface changes on
operating systems other than Mac OS X
* The scheduler now logs the UNIX error message when it is unable
to create a request file such as a print job.
* Added support for --enable-pie on Mac OS X.
- adapted access_conf.patch to 1.3.6
- changed permissions in %files according to cups (bugzilla#342772)
- update to version 1.3.5:
* The SNMP backend did not check for negative string lengths
* The scheduler incorrectly removed auth-info attributes,
potentially leading to a loss of all options for a job.
* The scheduler stopped sending CUPS browse packets on a restart
when using fixed addresses
* Fixed PDF filter security issues (CVE-2007-4352 CVE-2007-5392
CVE-2007-5393)
* Changing settings would always change the DefaultAuthType and
Allow lines
* The scheduler would crash when submitting an undefined format
file from Samba with LogLevel debug2
* The scheduler did not use poll() when epoll() was not supported
by the running kernel
* Fixed a compile problem with Heimdal Kerberos
* The USB backend now retries connections to a printer
indefinitely rather than stopping the queue.
* Printers with untranslated JCL options were not exported to
Samba correctly
* The USB backend did not work with some Minolta USB printers
* The strcasecmp() emulation code did not compile
* The scheduler would crash if a job was sent to an empty class
* The lpc command did not work in non-UTF-8 locales
* Subscriptions for printer-stopped events also received other
state changes
* cupstestppd incorrectly reported translation errors for the
"en" locale.
* ppdOpen() did not handle custom options properly when the
Custom attribute appeared before the OpenUI for that option.
* The scheduler could crash when deleting a printer or listing
old jobs.
* The Mac OS X USB backend did not allow for requeuing of jobs
submitted to a class.
* lpmove didn't accept a job ID by itself.
* The scheduler incorrectly removed job history information for
remote print jobs.
* The scheduler incorrectly sent the
"com.apple.printerListChanged" message for printer state
changes.
* The PostScript filter drew the page borders (when enabled)
outside the imageable area.
* The LPD and IPP backends did not default to the correct port
numbers when using alternate scheme names.
* The scheduler incorrectly deleted hardwired remote printers on
system sleep.
* The scheduler would abort if a bad browse protocol name was
listed in the cupsd.conf file.
* The online cupsd.conf help file incorrectly showed "dns-sd"
instead of "dnssd" for Bonjour sharing.
* The scheduler could crash changing the port-monitor value.
* The scheduler generated CoreFoundation errors when run as a
background process.
* When printing with number-up > 1, it was possible to get an
extra blank page.
- removed CVE patches, which are already applied upstream
- Add dbus-1-devel to the BuildRequires.
- Add the --enable-dbus flag to the configure line to
send DBUS signals out for queue change events. This helps
fix 345163.
- upgrade to version 1.3.4:
* Documentation updates
* CUPS now maps the "nb" locale to "no" on all platforms
* CUPS did not work with a Windows 2003 R2 KDC
* ippReadIO() could read past the end of a buffer
* The scheduler would crash on shutdown if it was unable to
create a Kerberos context.
* Multiple AuthTypes in cupsd.conf did not work
* The snmp.conf file referenced the wrong man page
* The cupsaddsmb program didn't handle domain sockets properly
* The scheduler now validates device URIs when adding printers.
* Updated httpSeparateURI() to support hostnames with the
backslash character.
* Updated the Japanese localization
* The parallel backend now gets the current IEEE-1284 device ID
string on Linux
* The IPP backend now checks the job status at variable
intervals (from 1 to 10 seconds) instead of every 10 seconds
for faster remote printing
* "lpr -p" and "lpr -l" did not work
* Compilation failed when a previous version of CUPS was
installed and was included in the SSL include path
* The scheduler did not reject requests with charsets other
than US-ASCII or UTF-8, and the CUPS API incorrectly passed
the locale charset to the scheduler instead of UTF-8
* cups-deviced did not filter out duplicate devices.
* The AppleTalk backend incorrectly added a scheme listing when
AppleTalk was disabled or no printers were found.
* The PostScript filter generated N^2 copies when the printer
supported collated copies and user requested reverse-order
output.
* The scheduler did not reprint all of the files in a job that
was held.
* The scheduler did not update the printcap file after removing
stale remote queues.
* The cupsd.conf man page incorrectly referenced "AuthType
Kerberos" instead of "AuthType Negotiate".
- fixes for xpdf CVE-2007-4352, CVE-2007-5393, CVE-2007-5392
(bugzilla#335637)
- fix for IPP boundaries swamp-14294, CVE-2007-4351
(bugzilla#335635)
- upgrade to version 1.3.3. Main features to 1.2.x:
* Networking
* Kerberos: CUPS now supports Kerberos authentication
* Mac OS X Authorization Services: CUPS now supports the
Authorization Services framework, providing role-based
access control in addition to the tradition UNIX model
* Peer Credentials: CUPS now supports authentication using
peer credentials provided over UNiX domain sockets
* SNMP Support: SNMP lookups are no longer performed by
default, and IPP is no longer used for discovered printers
* LPD Support; The LPD backend now supports a faster streaming
mode that does not require a temporary file
* Browsing
* CUPS Browsing: The default configuration now shows shared
printers from any address (not just @LOCAL)
* DNS-SD (Bonjour/Zeroconf) Support: CUPS now supports printer
sharing via DNS service discovery
* LDAP w/SSL: CUPS now supports encrypted LDAP sessions
* Web Interface
* Internet Printer Sharing: You can now share printers over the
Internet via the basic server settings
* Improved On-Line Help: Searching the on-line help now shows
results for all text, not just headings and links
* Printer Setup: The available printer list is now only show
when requested and the Add This Printer button now allows you
to change the default name, location, and description
* Printer Configuration: Raw printers and classes can now be
configured using the Set Printer Options button
* IPP Support
* Job Printer Attributes: CUPS now provides
job-printer-state-message and job-printer-state-reasons
attributes containing copies of the corresponding printer
attributes to provide important history information with each
job
* PPD Operations and Attributes: The new CUPS_GET_PPD operation
allows you to retrieve PPD files from the scheduler; also,
CUPS_GET_PPDS now reports more information and supports more
value filters
* Printer Defaults: The document-forma-default,
notify-events-default, and notify-lease-duration-default
attributes can be set for each printer and class
* PWG Printer Alert Support: CUPS now supports the
printer-alert and printer-alert-description attributes
* Server-Side Options: Server-side default options can now be
retrieved using the "printer-defaults" group keyword
* Scheduler
* Client Support: The scheduler now uses poll(), epoll(), or
/dev/kqueue on platforms that provide them to support large
numbers of clients
* "Default" Authentication: You can now specify an AuthType of
Default in locations and policies, which maps to the
DefaultAuthType value
* Larger Numbers of Clients: The scheduler now uses poll(),
epoll(), or /dev/kqueue instead of select() when possible
* New cupsctl Command: The new cupsctl command allows you to
perform basic server configuration from the command-line
* Printer Drivers
* cupstestppd Improvements: The test utility now provides more
extensive tests and options
* Label Printer Driver: Added support for the Intellibar label
printers
* Localized Printer Drivers: The CUPS sample drivers are now
localized in several languages
* PJL Support: New cupsPJLCharset attribute controls character
set for PJL strings
* Pre-Filter Support: Drivers can now register format-specific
filters to pre-screen print jobs
* Side-Channel API; This new API provides out-of-band control
of devices
* CUPS API
* Administration API: New cupsAdminGetServerSettings() and
cupsAdminSetServerSettings() functions
* Array API: New cupsArrayGetIndex(), cupsArrayGetInsert(),
and cupsArrayNew2() functions
* Destination API: New cupsRemoveDest() and
cupsSetDefaultDest() functions
* HTTP API: The http_t structure is now completely private
* PPD API: New ppdLocalizeIPPReason()function and greatly
improved ppdConflicts() performance
- added new files, adapted patches, and removed already
included ones
- fix for missing newline before EOF in compressed files
(bugzilla#309823)
- fix for exitcode on uiconstraints in cupstestppd
(bugzilla#309822)
- patch: "None" needs to be valid value for cupstestppd
(bugzilla#309219)
- fix for xpdf bugzilla#291690, CVE-2007-3387, swamp-11865
- upgrade to cups-1.2.12:
* The PHP cups_print_file() function crashed if the options
array contained non-string option values
* The image/tiff file matching rule incorrectly identified some
text files as TIFF files
* The filter(7) man page incorrectly documented the "PAGE: total
[#]-pages" message
* PCL text files were mis-identified as HP-GL/2 and caused the
HP-GL/2 filter to hang
* When printing to a queue with user ACLs, the scheduler
incorrectly returned a quota error instead of a "not allowed
to print" error
* cupsaddsmb could get in a loop if no printer drivers were
installed
* cupsRasterReadHeader() did not byte-swap the header properly
when compiled with certain versions of GCC.
* The IPP backend did not send the document-format attribute for
filtered jobs
* Some PPD files could cause a crash in ppdOpen2
* The web admin interface incorrectly handled the "share
printers" and "show remote printers" settings
* The scheduler's log messages about AuthClass and AuthGroupName
advised using a replacement directive but had the wrong syntax
* Updated the PostScript/PJL and HP-GL/2 MIME rules to look in
the first 4k of the file, not just the first 1k
* Updated the Italian localization
- updated the mime and the psrewrite patch
- added quosnmp script to %doc
- removed rccupsrenice: cups-1.2.x does no longer traversing of
filesystem during startup. reason no longer present.
- fixed as many rpmlint errors as possible
- Upgrade to cups-1.2.11:
* "make distclean" didn't remove all generated files
* Fixed a bug in the advertisement of classes
* The IPP backend now stays running until the job is actually
printed by the remote server; previously it would stop
monitoring the job if it was held or temporarily stopped
* PDF files were not always printed using the correct orientation
* The scheduler could crash if you specified a bad file: URI for
a printer
* The Renew-Subscription operation now returns the
notify-lease-duration value that was used
* The IPP backend sent job options to IPP printers, however some
printers tried to override the options embedded in the PS/PCL
stream with those job options
* ppdLocalize() now also tries a country-specific localization
for when localizing to a generic locale name.
* The cupstestppd program now allows for partial localizations to
reduce the size of universal PPD files.
* Chinese PPD files were incorrectly tagged with the "cn" locale
(should have been "zh")
* The backends now manage the printer-state-reasons attribute
more accurately
* Java, PHP, Perl, and Python scripts did not work properly
* The scheduler would take forever to start if the maximum number
of file descriptors was set to "unlimited"
* The page-ranges option was incorrectly applied to the banner
pages
* Fixed some GCC compile warnings
* The DBUS notification code was broken for older versions of
DBUS
* The IPv6 code did not compile on HP-UX 11.23
* PPD constraints did not work properly with custom options.
* Regular PPD options with the name "CustomFoo" did not work.
* The USB backend did not work on NetBSD
* The printer-state-reasons attribute was incorrectly cleared
after a job completed
* The scheduler did not set the printer operation policy on
startup, only on soft reload
* The AP_FIRSTPAGE_InputSlot option did not clear any ManualFeed
setting that was made, which caused problems with some PPD
files
* cupsDoFileRequest() and cupsDoRequest() did not abort when
getting an error in the response
* The scheduler did not schedule jobs properly to remote or
nested classes
* Updated the mime.types and mime.convs headers to warn that the
files are overwritten when CUPS is installed. Local changes
should go in local.types or local.convs, respectively
* The scheduler could get in an infinite loop if a printer in an
implicit class disappeared
* The pstops filter did not handle %%EndFeature comments properly
* Fixed a problem with the Polish web page printer icons
* ppdLocalize() now also localizes the cupsICCProfile attributes.
* The scheduler still had a reference to the incorrect
"notify-recipient" attribute
* The "make check" and "make test" subscription tests did not set
the locale
* The "make check" and "make test" subscription tests incorrectly
used the notify-recipient attribute instead of
notify-recipient-uri
* cupsRasterInterpretPPD() incorrectly limited the
cupsBorderlessScalingFactor when specified in the job options.
- adapted cupstestppd patch
- added SuSEfirewall2 rules (bugzilla#247746)
- Upgrade to cups-1.2.10:
* ppdLocalize() now supports localizing for Japanese using the
"jp" locale name used by the ppdmerge program from the CUPS
DDK 1.1.0
* _cupsAdminSetServerSettings() did not support changing of
top-level directives as designed.
* The init script path check was broken.
* CUPS incorrectly used the attribute "notify-recipient" instead
of "notify-recicpient-uri" in several places
* Fixed a configure script bug on MirBSD
* The pdftops filter did not limit the amount of recursion of
page sets
* Custom page sizes with fractional point sizes did not work
* The lpoptions command would crash when adding or removing
options on a system with no printers
* The scheduler did not use the default job-sheets (banners) for
implicit classes
* The scheduler could crash when listing complete jobs that had
been unloaded from memory
* The French localization was doubled up
* Build system fixes for several platforms
* The scheduler's openssl certificate generation code was broken
on some platforms
* The scheduler's log rotation check for devices was broken
* The LPD mini-daemon did not handle the document-format option
correctly
* The pdftops filter ignored the "match" size option in the
pdftops.conf file
* cupstestppd now validates UTF-8 text strings in globalized PPD
files
* The outputorder=reverse option did not work with all printers
* Classes containing other classes did not always work
* Printer location and description information was lost if the
corresponding string contained the "#" character
* cupsRemoveOption() did not work properly
* The USB backend did not work with some USB to parallel cables
on Mac OS X.
* The test page did not print the rulers properly on large media
sizes
* The text filter could crash when pretty printing certain types
of files
- removed already included security patch xpdf_CVE_2007_0104
- Upgrade to cups-1.2.8:
* Documentation fixes
* The HTTP upgrade redirection used by the scheduler did not work
with Internet Explorer
* Members of a class with Unicode names did not appear correctly
in the web interface
* Changing the "Save debugging information" setting in the web
interface no longer affects the other server settings
* The scheduler did not choose SSL certificates correctly on Mac
OS X
* The scheduler could get in an infinite loop when printing to a
remote class
* The jobs web page did not have separating space after the
number of pages column
* Added French localization
* Updated Spanish localization
* Updated Japanese localization
* cupsBorderlessScalingFacter was limited to a range of 0.9 to
1.1, but some printers need larger values
* Landscape printing of PDF files did not always work
* Fixed slow USB printing on Minolta printers
* The ZPL label printer driver could produce stretched output
* The IPP backend now clears the printer-state-message when there
are no outstanding errors or warnings
* The CUPS Java scripting support did not work with recent
versions of Java due to the use of Sun's private Base64 class
* The scheduler did not pass HTTP GET form variables to custom
CGI programs
* The lpoptions command now displays the reason why a PPD file
cannot be found
* The scheduler did not accept "none" as a browse protocol name
* The scheduler still loaded the remote printer cache, even when
browsing was disabled
* The SNMP backend now shows OfficeJet printers with the "HP"
manufacturer prefix
* Web interface HTML cleanup
* The parallel backend consumed 100% CPU on FreeBSD due to an
apparently common parallel port driver bug
* ippReadIO() incorrectly returned IPP_IDLE when the initial IPP
message header could not be read
* cupsRasterInterpretPPD() did not support custom options
* Collated output produced by the PostScript filter could lose
some options
* job-hold-until with time values for the next day would be held
for 60 days
* Some types of Sun raster files did not print correctly
* Raw PBM files did not print correctly
* The SNMP backend no longer uses IPP with HP printers, as some
recent firmware versions appear to not work
* cupsMarkOptions() did not handle the multiple-document-handling
option
* lpstat did not show the local job ID of active printers
* The backends incorrectly used STATUS: media-tray-empty-error
messages for out-of-paper conditions
* cupsGetPPD2() returned the wrong error when the PPD file did
not exist
* cupsDoAuthentication() did not translate the password prompt
* httpGetLength2() did not handle error messages without content
correctly
* Added support for 32/64-bit libraries on HP-UX Itanium systems
* Fixed a configure script problem with the 32/64-bit library
support
* The PostScript filter did not properly output document setup
commands for reversed output
* The scheduler did not parse IPv6 netmasks properly
- removed backported, unnecessary patches
- fixed tcp_wrapper warnings (bugzilla#230730)
- fixed ps interpretation (bugzilla#242042)
- backported fixes from various issues, only in svn avail atm
- enabled LDAP on request (bugzilla#223007), no build cycle present
- fix for xpdf bugzilla#233113, CVE-2007-0104, swamp-7887
- added Required-Start: to rccupsrenice (bugzilla#231675)
- Fixed devel dependencies.
- removed broken locale patch: PS generation fails
(bugzilla#227205)
- Upgrade to 1.2.7 (another bugfix version):
* Documentation updates
* The PostScript filter now rotates the bounding box values
as needed
* The scheduler no longer loads the remote printer cache when
browsing is disabled
* The scheduler no longer writes a new launchd configuration file
if it doesn't have to
* The scheduler now picks up on changes to IPv6
and DNS configuration
* The lpstat program could still hang
* Fixed an inefficiency in the SNMP IPP detection code
* The SSL negotiation code did not implement short timeouts
- fixed non conform PPD values in PSLEVEL*.PPD (bugzilla#219779)
- fixed perm problem of /etc/cups regarding lppasswd
(bugzilla#218745)
- Upgrade to 1.2.6 (bugfix version):
* "lpc status" did not show the number of queued jobs for
disabled queues
* The lpstat program could hang
* The serial backend did not support the new USB serial filenames
on Linux
* The parallel backend did not support bidirectional I/O properly
* The network backends now log the numeric address that is being
used
* Fixed a compile error when using libpaper
* Fixed a compile error when compiling on Solaris with threading
enabled
* Missing printer-state-changed event for printer-state-message
updates
- coolo's patch seems not to work, now using desktop-launch
(bugzilla#207915)
- fixed cups.desktop file (bugzilla#207915)
- suse_update_desktop_file produces strange results in my xterm.
redirecting output to /dev/null
- removed duplicate entry in %files: %{_libdir}/cups/monitor/*
- Upgrade to 1.2.5:
* Documentation updates
* The SNMP backend no longer uses IPP for Epson printers
* Updated the configure script for Tru64 UNIX 5.1
* Tru64 5.1B's getaddrinfo() and getnameinfo() functions leak file
descriptors
* cupsAddDest() didn't add the parent destination's options and
attributes.
* ppdConflicts() did not handle custom option constraints.
* Raw printing of gzip'd files did not work
* The scheduler no longer preserves default option choices when
the new PPD no longer provides the old default choice
* The Linux SCSI backend is now only built if the SCSI development
headers are installed.
* USB printing to Minolta printers did not work
* Windows clients could not monitor the queue status
* The scheduler didn't log the operation name in the access_log
file for Create*Job and Print-Job requests.
* The PostScript filter now separates collated copies with any
required JCL commands so that JCL*based finishing options act on
the individual copies and not all of the copies as a single
document.
* The PostScript filter now disables duplex printing when printing
a 1*page document.
* cups-lpd didn't pass the correct job-originating-host-name value
* Fixed some speling errors in the German message catalog
* cupstestppd did not catch PPD files with bad UIConstraints
values
* The USB backend did not work with the current udev- created
printers if the first printer was disconnected
* Mirrored and rotated printing did not work with some documents
* 2-sided printing with banners did not work properly on some
printers
* Updated the raw type rule to handle PJL within the first 4k of a
print job
* Added an Estonian translation
* Clarified the documentation for the cupsd.conf @LOCAL and
@IF(name) allow/deny functionality
* The PostScript filters did not escape the Title and For comments
in the print job header
* The scheduler would use 100% CPU if browsing was disabled and
the cupsd.conf file contained BrowsePoll lines
* The cupsDirRead() function did not work properly on
non*POSIX-compliant systems
* The cupsFile functions didn't handle read/write errors properly
- CUPS 1.2.4 fixes a number of web interface, scheduler,
and CUPS API issues.
Changes include:
- The --with-printcap configure option did not work
- The character set reported by cupsLangGet() did not always
reflect the default character set of a given locale
- Older Lexmark and Tektronix printers did not work with IPP
- Failsafe printing did not work
- Some web interface redirects did not work
- The web interface change settings button could introduce
a "Port 0" line in cupsd.conf if there was no loopback
connection available
- The web interface change settings and edit configuration file
buttons would truncate the cupsd.conf file
- The German web interface used the wrong printer icon images
- The "All Documents" link in the on-line help was missing a
trailing slash
- The Polish web interface translation used the wrong URLs for
the job history
- The "reprint job" button did not work
- The scheduler did not always report printer or job events
properly
- The scheduler always stopped the queue on error, regardless
of the exit code, if the error policy was set to "stop-printer"
- ppdEmitJCL() included UTF-8 characters in the JCL job name,
which caused problems on some printers
- Fixed a buffering problem that cause high CPU usage
- The command-line applications did not convert command-line
strings to UTF-8 as needed
- cupsDirRead() incorrectly aborted when reading a symbolic link
that pointed to a file/directory that did not exist
- The cupsInterpretRasterPPD() function did not handle custom page
sizes properly.
- Upgrade to 1.2.3:
* The scheduler did not send job-state or job-config-changed events
when a job was held, released, or changed
* The scheduler now aborts if the configuration file and directory
checks fail
* Fixed a problem with ippPort() not using the port number that was
set via the client.conf file or CUPS_SERVER environment variable
* HTTP headers were not buffered
* Some IPP printers (HP) did not like UTF-8 job names
* The CUPS desktop icon is now localized for Polish
* Printer options were not always honored when printing
* The openssl command would lock up the scheduler when generating
an encryption certificate on some platforms due to a lack of
entropy for the random number generator
* The web admin page did not recognize that "Listen 631" enabled
remote access
* The web admin page did not check whether changes were made to the
Basic Server Settings check boxes
* The IPP backend could generate N*N copies in certain edge cases.
* The scheduler did not restore remote printers properly when
BrowseShortNames was enabled
* Polling did not handle changes to the network environment on Mac
OS X
* The "make test" subscription tests used invalid
notify-recipient-uri values
* Printers could be left in an undefined state on system sleep
* The Berkeley and System V commands did not always use the
expected character set
* Remote printing fixes
* The cupstestppd utility did not validate translation strings for
custom options properly.
* Multi-language PPD files were not properly localized in the web
interface
* The admin page's simple settings options did not check for local
domain socket or IPv6 addresses and did not use "localhost" as
the listen address.
* An empty BrowseProtocols, BrowseLocalProtocols, or
BrowseRemoteProtocols line would crash the scheduler instead of
disabling the corresponding browsing options.
* The scheduler now logs IPP operation status as debug messages
instead of info or error.
* cupsFileRewind() didn't clear the end-of-file state.
* cupstestppd didn't report the actual misspelling of the
1284DeviceID attribute
* BrowseRelay didn't work on Debian
* configure --without-languages didn't work
* Manually added remote printers did not work
* The <cups/backend.h> header was not installed.
* Updated the build files for Autoconf 2.60
* The scheduler incorrectly terminated the polling processes after
receiving a partial log line.
* The cups-lpd mini-daemon reported "No printer-state attribute
found" errors when reporting the queue status
* SNMP backend improvements
* The scheduler erroneously reported an error with the CGI pipe
* Fixed HP-UX compile problems
* cupstestppd crashed with some PPD files
* The <cups/dir.h> and <cups/file.h> header files did not work with
C++.
- upgrade to version 1.2.2, which fixes several build, platform,
notification, and printing bugs. Changes include:
* Documentation updates
* CUPS didn't know about alternate character set names for
Asian text
* The lpoptions -o and -r options did not work unless you
specified a printer.
* The lpoptions command incorrectly allowed users to set
printer attributes like printer-type
* httpWait() did not flush the write buffer, causing
"bad request" errors when communicating with CUPS 1.1.x
servers
* Polling did not sanitize the printer description, location,
or make and model strings like broadcasts did.
* Polled printers did not show the server's default job-sheets
option value.
* The Samba password prompt was not properly localized
* Added a German translation
* The scheduler now creates self-signed SSL certficates
automatically when using OpenSSL and CDSA for encryption,
just as for GNU TLS.
* The SNMP backend sporatically reported some printers
as "unknown"
* The scheduler now forces BrowseTimeout to be at least twice
the BrowseInterval value and non-zero to avoid common
configuration errors.
* The scheduler incorrectly returned printer URIs of the form
"ipp://server/printers/classname" for classes
* Updated Japanese localization
* The scheduler's SSL certificate/key directory was not created
on installation
* Added a mailto.conf man page and help page
* The parallel and USB backends no longer wait for the printer
to go on-line - this caused problems with certain printers
that don't follow with the IEEE-1284 standard
* The scheduler could crash on a reload when implicit classes
were present
* The IPP backend incorrectly used the CUPS_ENCRYPTION
environment variable to determine the default encryption
mode when printing
* USB printing did not work on Solaris
* The scheduler sorted job priorities in the wrong order
* The scheduler did not automatically restart notifiers
that exited or crashed
* IPv6 support did not work on NetBSD
* The EPM packaging file did not work
* The scheduler used up the CPU if BrowseRemoteProtocols
was empty
* Custom page sizes did not work
* The SNMP backend could crash on some systems when SNMP
logging was enabled
* Browsing could produce some funny printer names when
ServerName was set to an IP address
* Fixed the log message for BrowseRelay
* Fixes to allow CUPS to compile on MirBSD
* The scheduler incorrectly set the FINAL_CONTENT_TYPE
environment variable
* The pdftops filter incorrectly embedded a "produced by"
comment, causing PDF printing not to work on some
operating systems
* Sending raw jobs from a client system could cause the
client's scheduler to eventually crash
* The scheduler now checks that the notifier exists prior
to accepting a new subscription request.
* The scheduler now reports the supported notify-recipient
schemes based on the contents of the ServerBin/notifier
directory.
* Event notifications did not include the
notify-sequence-number or other required attributes
* Allow/Deny addresses of the form "11.22.33.*" did not work
on Linux
* cupsGetPPD() did not work if the scheduler was only
listening on a domain socket
* The scheduler could crash advertising a class
* The scheduler could crash if the default printer was deleted
* Added a new default CUPS raster format (v3) which does not
compress the raster stream in order to provide the same
cupsRasterReadPixels() and cupsRasterWritePixels()
performance as CUPS 1.1.x.
* The cupsaddsmb man page listed the wrong files for
the CUPS driver.
* Some configure --with options did not work
* "Allow @IF(name)" didn't work if "name" wasn't the first
network interface
* The lpstat command did not use the correct character set
when reporting the date and time
* The cupsaddsmb command and web interface did not update
the Windows PPD files properly, resulting in corrupt PPD
files for the Windows client to use
* The cupsd.conf man page didn't describe the Listen domain
socket syntax
* The scheduler no longer tries to support more than
FD_SETSIZE file descriptors.
* CDSA (encryption) support fixes for MacOS X.
* The lppasswd program needs to be setuid to root to create
and update the /etc/cups/passwd.md5 file
* 32/64-bit library installation was broken
* The USB backend now reports a "no such device" error
when using the old filename-based USB URIs instead of
the "success" error.
* Increased the HTTP and IPP read timeouts to 10 seconds,
as 1 second was too short on congested networks
* The SNMP backend now uses the device description over the
printer-make-and-model attribute when the attribute
contains a generic name
* Fixed another file descriptor leak when printing raw files
* Raw queues were not shared via LDAP
* The pstops filter didn't always embed PageSetup commands
from the PPD file
* "make install" didn't work if you disabled all of the
localizations.
* The scheduler didn't always choose the least costly filter.
* Fixed parsing of IPv6 addresses in Allow, Deny, BrowseAllow,
BrowseDeny, and BrowseRelay directives
* Printers that were shared via LDAP did not get added to
the LDAP server properly
* LDAP browsing would crash the scheduler if a required value
was missing
* Special cases for the "localhost" hostname did not work,
causing printing to not work when the /etc/hosts file
did not contain a localhost entry
* Updated the Spanish translation
* Reverse-order page output was broken when N-up or landscape
orientations were used
* The parallel, serial, socket, and USB backends needed print
data before they would report back-channel data, causing
problems with several new drivers
- fixed randomly crash when testing many PPD files
(bugzilla#193354)
- moved 3.0 from BETA to STABLE
- do not use deprecated libpng function png_read_destroy
- reinjected lost --datadir into configure
- upgrade to version 1.2.1: a major release after long (>1y)
development with new functions, many enhancements, bugfixes
and new bugs
- removed Required-Start: in rccupsrenice; real fix for
(bugzilla#172708)
- Only activate cupsrenice on initial install; [#172708].
- fixed pswrite.patch (bugzilla#169068)
- fixed the usb naming for special HP printers (bugzilla#163833)
- converted neededforbuild to BuildRequires
- Move cups-config to the libs sub package. Then we do not bother
anyone as cups-libs is required by cups-devel and cups; [#142004].
- Use -fstack-protector.
- moved cups-config into main package (bugzilla#142004)
- fixed %files for /etc/cups/printcap (bugzilla#140308)
- fixed various xpdf security issues (bugzilla#137156)
CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627,
CVE-2005-3628, CVE-2005-3193
- fixed xpdf overflow CVE-2005-3193 (bugzilla#137156)
- fixed the info of last printer in printcap file (bugzilla#132152)
- added global lpoptions file (bugzilla#118982)
- fixed $ppid test in rccupsrenice (bugzilla#119822)
- fixed short description in rccupsrenice (bugzilla#121873)
- changed filtering of mozilla-ps (bugzilla#130623)
- fixed segfault in cupstestppd (bugzilla#116468)
- fixed rccupsrenice: can handle mutliple pids in $ppid now
(bugzilla#115863)
- fixed rccupsrenice: link points to correct script
- fixed rccupsrenice: requires changed to cupsd (bugzilla#115261)
- fixed length of stftime array in lpstat (bugzilla#105732)
- rccupsrenice checks if cupsd is running before processing
(bugzilla#114650)
- coolo wants a speedup of system boot:
rccups: cupsd gets now a lower ionice value if booting in level 5
and rccupsrenice (new introduced) brings those io values back,
later when system is up and running
- removed backends pipe and novell; now in cups-backends
- further changes for PIE
- renamed latest patches to my naming schema
- build with -fPI[CE] (not -fpi[ce]) to avoid GOT overflows in
certain packages (e.g. scribus) on s390*
- build as PIE
- Bugzilla #41006 "Charset detection in CUPS":
add missing includes and fix charset and language detection.
- removed permissions file from package (bugzilla#66305)
- changed permission of xinetd.d file
- fixed SUSE version in testpage (bugzilla#78075)
- gcc4.0 compilation fixes (thx to mls)
- fixed problem in lppasswd file generation (bugzilla#64370)
- fixed problem in library with authorization
- cupstestppd checks now PageSize more properly
- fixed lpstat segfault issue (bugzilla#66328)
- added "hplip" to rccups (bugzilla#65378)
- introduced norootforbuild
- update to version 1.1.23 and adaption of patches
- added xpdf buffer overflow fix; CAN-2005-0064 (bugzilla#49840)
- Use <owner>:<group> in permissions file.
- added additional xpdf buffer overflow patches (missing in this
version)
- updated novell backend (bugzilla#41773)
- updated pipe backend (bugzilla#33659)
- updated to cups-1.1.22
- adapted spec file, patches, etc.
- Include common-* PAM config files in cups configuration
- added creation of group ntadmin in %pre (bugzilla#45719)
- cupstestppd fails on some doubtful Sharp PPDs (bugzilla#45648)
- removed ed from neededforbuild list
- fix for umlaut names when download of queue ppds (bugzilla#44975)
- cups-1.1.21 is now released
- cupsomatic removed (will be replaced by
foomatic-rip/foomatic-filters)
- more useable messages in preauth patch
- ignores now short living childs in ppds.dat generation case
- fixed security problem in cupsomatic, CAN-2004-0801
(bugzilla#44233)
- first try for cups-1.1.21rc2
- renumbered patches
- adapted old SuSE patches to this version
- removed /var/adm/notify -- ancient and no longer needed
- added test for /.buildenv to make users happy (bugzilla#43503)
- removed needless "rm -rf $RPM_BUILD_ROOT" in %install
- added -fno-strict-aliasing compile option (*sic*)
- added missing mime handling of pswrite (bugzilla#33862)
- removed x-devel-packages from neededforbuild
- fixed segfault in library (bugzilla#38381) - tested and
works fine
- fixed image links in web interface (bugzilla#36403)
- fixed cupstestppd (bugzilla#36688)
- cupstestppd failed if PPD file has default for non-existance
names (STR#476)
- patch for CPU excess if CGI is sending faster than client
receiving (STR#595)
- faster scan of ppd files (bugzilla#33222)
- patch for broken HTTP authentication cache (STR#517)
- redirect administration tasks to primary server (STR#491)
- added pswrite filter script to produce PostScript1 output
- beautified filter ogonki
"mktemp -q /tmp/dvitops.XXXXXX" -> ogonki.XXXXXX
- removed cups-1.1.19-no_dvi.patch, fixed cups-mime.patch instead
- added PS1 and PS2 PPD files (bugzilla#34938)
- backport of signed char usage for weird platforms (STR#518)
- cups-lpd mini-daemon rejects jobs if queue behing is
rejecting (STR#515)
- fix for too fast CGI data delivery (STR#484)
- backport of fixes in CVS repository for scheduler and library,
with many fixes, like crash on remote reject, close client on
errors, propper http flushing, etc. -- first print tests
work fine.
- many backports of fixes in CVS repository
- upgrade of pdftops to version 2.03
- memory overwrite fixed in rastertoepson
- fixed md5sum revealing problem (bugzilla#32862)
- fixed naming of some usb printers
- activated incidentally removed usermode patch (bugzilla#34438)
- added "printbill" to rccups
- Add pam-devel to neededforbuild
- fixed permission of directory interfaces (bugzilla#33337)
- added new option "-p" to generate ppds.dat only and exit
(bugzilla#33222)
- added openslp support
- upgraded to 1.1.20 (final)
- changed LC_MESSAGES -> LC_CTYPE (= fixed bugzilla#26006)
- update to 1.1.20rc2
- authentication method for /admin changed (bugzilla#31158)
- fixed PPDs defaults: Letter -> A4 (bugzilla#30662)
- Set sticky bit for /var/spool/cups/tmp
- changed rcfile, as suggested in bugzilla#28444
- fixed typo in configuration for preauth security patch
- fix for the SLP browsing patch (missing/wrong initialize
of variables)
- fix for boolean options in filters (CUPS STR#249)
- fix for check of written bytes in 4 backends (CUPS STR#253)
- fix for segfault when browsing and SLP is set on (CUPS STR#259)
- fix for restart problem of processed jobs (CUPS STR#226)
- fix for LPD port number in URI (CUPS STR#249)
- fix for Landscape PDF offset rotation position (CUPS STR#243)
- generated /etc/cups/printcap and link /etc/printcap due
to UserMode (bugzilla#29671)
- fixed %_libdir problem in xinetd.d/cups-lpd (bugzilla#29877)
- last fix of bugzilla#29418 didn't work in reality. on specfile
again.
- "-y" for fillup_and_insserv
- DOCDIR removed to fix bugzilla#29418
- specfile: daemon has now security patches -> start it on boot
per default
- specfile: restart of daemon on package update
- Set explicit correct permissions of /etc/cups contents, else
cups will do it.
- changed attributes for files (bugzilla#28736)
- fix for locale destroying (bugzilla#29218)
- made restrictrions in cupsd.conf to take preauthorization effect
- cupsd runs now as lp:lp (as suggested in bugzilla#28444)
- added preauthorization patch from okir - seems to work - thx
- fixed USB backend to report manufacturer and model, if
description string is missing (cups STR#174)
- fixed problem with some embedded Type1C fonts (cups STR#177)
- fixed problem when reading files and using the POSIX locale
(cups STR#159)
- added official patch for cupstestppd problem (bugzilla#27950)
- fixed problem with "keepalive on" (bugzilla#28154)
- fixed encode options to honor "yes" and "on" as values too
- fixed metadata in sysconfig file (bugzilla#28861)
- fixed cupstestppd (bugzilla#27950)
- don't strip explicitly, but let the brp scripts handle it
- fixed ogonkify (bugzilla#28307)
- fixed 64bit problem in printers.cgi (bugzilla#24786)
- removed dvi printing support due to missing packages
(bugzilla#27032)
- splitted out foomatic-filters package, which is cups independed
(except Coolo's faulty checking)
- fixed mandir problem under non-i386 architecture
- remove smb backand from file list and init script; it's now part
of the samba-client package
- added ptal to Should-Start in rccups (bugzilla#27159)
- Add missing directories to filelist
- 1.1.19 is released -> updated
- remove unpackaged files from buildroot
- updated to 1.1.19rc3
- removed unnecessary patches
- removed README.SuSE (bugzilla#26479)
- added patch for cgi-interface: hostname is now mapped
to localhost
- updated PrintAnalyzer script
- fixed "endless attempts to print" problem (bugzilla#25152)
- installs now correct pam file (bugzilla#23277)
- fixed location of foomatic-rip filters -> /usr/bin
- added link for foomatic-rip
- updated foomatic-rip (to latest, fixed version)
- fixed typo for manpage installation of foomatic-rip
- fixed file list of cups and cups-client (foomatic-rip is part
of cups and therefore the corresponding package should contain
the manpage too)
- updated cupsomatic to linuxprinting.org (hopefully fixed
accounting problem)
- fix for add printer with KDE util (from CVS head)
- fixed again filelist :)
- fixed documenation path (buzgzilla#24083)
- fixed PPD file parsing (from CVS head)
- tested daemon
- fix filelist (file listed twice)
- updated foomatic-gswrapper
- added new foomatic-rip: filter, config file and manpage
- updated backends novell and pipe
- renamed sysconfig metadata: sysconfig.cups -> cups.sysconfig
- renamed permissions file: permissions.cups -> cups.permissions
- fixed problem in lpoptions (no more loops! :)
- Add sysconfig metadata [#22629]
- Use pam_unix2.so instead of pam_unix.so
- fixed "Error message when starting cups daemon" problem
(bugzilla#22472)
- removed unnecessary DocumentRoot setting cupsd.conf
- changed replacement of distribution in testprint.ps
- rccups: moved hotplug from required start to should-start
(bugzilla#23054)
- added /usr/bin/cupstestppd (bugzilla#23143)
- created xinetd.d file for cups-lpd
- added usb patch (for epson printers)
- added herrno patch in IPP protocol
- added two backends (pipe + novell), written by jsrain(a)suse.cz
- welcome back foomatic filter (makes more sense to have it here)
- updated to 1.1.18, adapted testpage.diff for new version
- fixed test for link problem in rccups
- removed foomatic filter. with next suse release will be
in pkg cups-drivers
- updated to version 1.1.17, removed lib64 patch (now already
in source tree)
- updated %files for all cups subpackages.
(Now new cups files are included too :-)
- removed debuging option in spec file.
- updated to version 1.1.16, removed or adapted SuSE patches
- added prereq for groupadd (#19300)
- fix postinstall
- changed %post: removed "insserv" to make yast2 and security happy
- changed cupsd.conf for 127.0.0.2 access (bugzilla#18764)
- added directory /usr/share/cups/drivers for cupsaddsmb/samba
- fixed foomatic and foomatic-gswrapper (bugzilla#18425)
- gave %files sections a %deffattr and gave special files and dirs
a required %attr permissions of lp.sys (bugzilla#18126)
- fixed hardcoded path CUPS_SERVERBIN (fixes ghostscript on lib64
archs)
- Correct PreReq
- cups-devel now requires exact matching version of cups-libs
- added /var/log/cups to cups-libs (bugzilla#17617)
- add %run_ldconfig
- fix for author patch: crashed on reload signal
(tested for stability)
- using now fillup to generate sysconfig file
- replaced delayed exit patch by CUPS authors one
- again rccups: rc.config only parsed, if present
(for backward compatibility)
- updated rccups to satisfy new SuSE requirements
- added delayed exit of cupsd patch (for processing many PPD files)
- adapted the pam file for SuSE (according to Thorstens proposal)
- upgraded to version 1.1.15 and adapted all the old patches
- moved %{_sysconfdir}/cups to libs (as suggested by jsmeix)
- added symbolic link /usr/bin/lpc (bugzilla #16652)
- changed umask in rccups (bugzilla #16567)
- Running cupsd if no printer is configured makes no sense.
Do not activate cupsd after installation in %post.
- fixed g++/cups-config problems in other cups subpackages
- added 'cups-config' to devel
- fixed linker problem (rpath) under x86_64
- therefore old x86_64 fix is no longer necessary: removed.
- added %ifarch x86_64 to avoid linking problems in specfile.
- updated to 1.1.14
- removed unnecessary patches
- adapted testpage.ps patch to new file
- fixed permission problem with lppasswd
- fixed %files section (now includes all %dirs too)
- don't call autoreconf, we can't use autoheader and automake here
- fixed too restrictive IPP security fix
- fixed documentation path (#13889)
- reorganized online documentation. old structure might confuse
people (#13849)
- completed the IPP security fix again (hopefully the last time)
- completed the IPP security fix
- updated perl scripts cupsomatic, and foomatic-gswrapper
- made patch cups-cs-utf8.dif again. got build problems with
last version.
- Added iso-8859-2 patch for czech utf-8 locale.
Thanks to Petr Blahos <pblahos(a)suse.cz>.
- added IPP security fix
- log tcp-wrappers based connection refusals to cups' own logfiles
instead of syslog.
- changed neededforbuild <libpng> to <libpng-devel-packages>
- added support for tcp-wrappers (cups-1.1.12-libwrap-addition.dif)
token for /etc/hosts.{allow,deny} is "cupsd".
- Fix gcc version check.
- cups-client does not provide print_daemon anymore. print_daemon
is required by aps but cups-client does not satisfy aps
regarding this.
- START_CUPS variable removed
- up to 1.1.12
- fixes specfile
- add standard postscript PPD
- set DefaultPage{Size,Region} to A4 in ppd files
- now reqiures ghostscript_any
- add /etc/permissions.d/cups-client (#4094)
- personalize test page
- move old font directory if existing and send mail
- up to 1.1.11
- remove ghostscript-fonts-std from neededforbuild, this is only
a runtime requirement
- work around cups' broken tmp file handling (#10142)
- move client.conf to libs package
- activate cat8 man pages
- add README.SuSE
- update lphelp
- split into cups-client and cups(-server) package
- add %ghosty smb printer backend support
- re-add ogonky for non-latin1 charsets (#9864)
- add printanalyzer script in doc
- removed cups.conf (now provided by susehelp)
- Remove -j parameter from spec file
- update to 1.1.10-1 (many fixes)
- fix output for dvi's (bug #9862)
- new poll_ppd_base
- split out cups-libs from cups
- add ssl directory
- make correct links for cups libraries
- use ghostscript fonts which are the same as the cups fonts
and adjust dependecy for ghostscript-fonts-std
- enable SSL
- correct init script
- new version 1.1.9 .
- updated init script to new skeleton (Bug #8981).
- added support for PS files created by Netscape.
- Fix missing declarations.
- moved foomatic-gswrapper and cupsomatic
from cups-drivers to cups
- patched cupsd to use /dev/urandom instead of /dev/random.
This fixes bug #6703
- spec file overhaul
- using RPM_BUILD_ROOT now
- removed /etc/printcap from file list
- removed dependency to cups-drivers
- Wake up Epson Stylus USB printers before sending the print job.
- Added czech translations (czech.dif).
- added cups.conf for susehelp
- USB printers can be now addressed using URI
usb:<device_without_number>?vendor=<xxxx>&prod_id=<yyyy>
where <xxxx> and <yyyy> are USB identification numbers. (e.g.
usb:/dev/usb/lp?vendor=04a9&prod_id=1052 for Canon BJC-6100)
- fixed pplication/dvi -> application/dvi in conf/mime.convs
- update to 1.1.6-3 (fixing several security issues)
- update to 1.1.6 (fixes possible DoS attack)
- added missing reqiures for cups-drivers
- update to version 1.1.5
- cups configuration changed - Browsing now Off by default
- added DVI filter
- fixed spec
- fixed startscript
- added rc.config fillup and SuSEconfig script to automatically
set browse address if demanded
- split into system and development package
- documentation root changed
- update to version 1.1.4
- small changes in spec file
- make post-script succeed unconditionally
- update to version 1.1.3
- restart daemon if already started
- added two little tools (poll_ppd_base, lphelp)
- added a few compatibility links
- turned automatic generation of printcap on
- turned implicit classes off since they are buggy
- fixed directory structure
- added links to lpd and rclpd
- added Conflicts line
- initial package
==== libcap ====
Version update (2.61 -> 2.62)
- update to 2.62:
* Bug fix for Go package "cap" and launching
* Build cleanups
* Documentation updates: cap_max_bits has a man page entry
* Recognize default securebits as a libcap mode: HYBRID
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cups
expat (2.4.1 -> 2.4.2)
kernel-source (5.15.8 -> 5.15.12)
libcamera
libgsf (1.14.47 -> 1.14.48)
mozilla-nspr (4.32 -> 4.33)
mozilla-nss (3.73 -> 3.73.1)
plasma5-desktop
pulseaudio
python-ordered-set
=== Details ===
==== cups ====
Subpackages: cups-client cups-config libcups2 libcupsimage2
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_cups.service.patch
==== expat ====
Version update (2.4.1 -> 2.4.2)
Subpackages: libexpat1
- update to 2.4.2:
* Link againgst libm for function "isnan"
* Include expat_config.h as early as possible
* Autotools: Include files with release archives:
- buildconf.sh
- fuzz/*.c
* Autotools: Sync CMake templates
* docs: Document that function XML_GetBuffer may return NULL
when asking for a buffer of 0 (zero) bytes size
* docs: Fix return value docs for both
XML_SetBillionLaughsAttackProtection* functions
* Version info bumped from 9:1:8 to 9:2:8
==== kernel-source ====
Version update (5.15.8 -> 5.15.12)
- Update config files.
- commit 375fcb8
- Linux 5.15.12 (bsc#1012628).
- arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd
(bsc#1012628).
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (bsc#1012628).
- ext4: prevent partial update of the extent blocks (bsc#1012628).
- ext4: check for out-of-order index extents in
ext4_valid_extent_entries() (bsc#1012628).
- ext4: check for inconsistent extents between index and leaf
block (bsc#1012628).
- selftests: KVM: Fix non-x86 compiling (bsc#1012628).
- HID: holtek: fix mouse probing (bsc#1012628).
- HID: potential dereference of null pointer (bsc#1012628).
- NFSD: Fix READDIR buffer overflow (bsc#1012628).
- PM: sleep: Fix error handling in dpm_prepare() (bsc#1012628).
- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
(bsc#1012628).
- bus: sunxi-rsb: Fix shutdown (bsc#1012628).
- spi: change clk_disable_unprepare to clk_unprepare
(bsc#1012628).
- ucounts: Fix rlimit max values check (bsc#1012628).
- drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
(bsc#1012628).
- ASoC: meson: aiu: fifo: Add missing
dma_coerce_mask_and_coherent() (bsc#1012628).
- RDMA/hns: Fix RNR retransmission issue for HIP08 (bsc#1012628).
- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
(bsc#1012628).
- RDMA/hns: Replace kfree() with kvfree() (bsc#1012628).
- netfilter: nf_tables: fix use-after-free in
nft_set_catchall_destroy() (bsc#1012628).
- netfilter: fix regression in looped (broad|multi)cast's MAC
handling (bsc#1012628).
- ARM: dts: imx6qdl-wandboard: Fix Ethernet support (bsc#1012628).
- ice: Use xdp_buf instead of rx_buf for xsk zero-copy
(bsc#1012628).
- ice: xsk: return xsk buffers back to pool when cleaning the ring
(bsc#1012628).
- net: marvell: prestera: fix incorrect return of port_find
(bsc#1012628).
- net: marvell: prestera: fix incorrect structure access
(bsc#1012628).
- qlcnic: potential dereference null pointer of
rx_queue->page_ring (bsc#1012628).
- tcp: move inet->rx_dst_ifindex to sk->sk_rx_dst_ifindex
(bsc#1012628).
- ipv6: move inet6_sk(sk)->rx_dst_cookie to sk->sk_rx_dst_cookie
(bsc#1012628).
- inet: fully convert sk->sk_rx_dst to RCU rules (bsc#1012628).
- net: accept UFOv6 packages in virtio_net_hdr_to_skb
(bsc#1012628).
- net: skip virtio_net_hdr_set_proto if protocol already set
(bsc#1012628).
- igb: fix deadlock caused by taking RTNL in RPM resume path
(bsc#1012628).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
(bsc#1012628).
- gpio: virtio: remove timeout (bsc#1012628).
- bonding: fix ad_actor_system option setting to default
(bsc#1012628).
- fjes: Check for error irq (bsc#1012628).
- drivers: net: smc911x: Check for error irq (bsc#1012628).
- net: ks8851: Check for error irq (bsc#1012628).
- sfc: Check null pointer of rx_queue->page_ring (bsc#1012628).
- sfc: falcon: Check null pointer of rx_queue->page_ring
(bsc#1012628).
- asix: fix uninit-value in asix_mdio_read() (bsc#1012628).
- asix: fix wrong return value in asix_check_host_enable()
(bsc#1012628).
- io_uring: zero iocb->ki_pos for stream file types (bsc#1012628).
- veth: ensure skb entering GRO are not cloned (bsc#1012628).
- net: stmmac: ptp: fix potentially overflowing expression
(bsc#1012628).
- net: bridge: Use array_size() helper in copy_to_user()
(bsc#1012628).
- net: bridge: fix ioctl old_deviceless bridge argument
(bsc#1012628).
- r8152: fix the force speed doesn't work for RTL8156
(bsc#1012628).
- net: stmmac: dwmac-visconti: Fix value of
ETHER_CLK_SEL_FREQ_SEL_2P5M (bsc#1012628).
- Input: elantech - fix stack out of bound access in
elantech_change_report_id() (bsc#1012628).
- pinctrl: bcm2835: Change init order for gpio hogs (bsc#1012628).
- hwmon: (lm90) Fix usage of CONFIG2 register in detect function
(bsc#1012628).
- hwmon: (lm90) Prevent integer overflow/underflow in hysteresis
calculations (bsc#1012628).
- hwmon: (lm90) Introduce flag indicating extended temperature
support (bsc#1012628).
- hwmon: (lm90) Add basic support for TI TMP461 (bsc#1012628).
- hwmon: (lm90) Drop critical attribute support for MAX6654
(bsc#1012628).
- ARM: 9160/1: NOMMU: Reload __secondary_data after
PROCINFO_INITFUNC (bsc#1012628).
- uapi: Fix undefined __always_inline on non-glibc systems
(bsc#1012628).
- compiler.h: Fix annotation macro misplacement with Clang
(bsc#1012628).
- platform/x86/intel: Remove X86_PLATFORM_DRIVERS_INTEL
(bsc#1012628).
- kernel/crash_core: suppress unknown crashkernel parameter
warning (bsc#1012628).
- Revert "x86/boot: Pull up cmdline preparation and early param
parsing" (bsc#1012628).
- x86/boot: Move EFI range reservation after cmdline parsing
(bsc#1012628).
- ALSA: jack: Check the return value of kstrdup() (bsc#1012628).
- ALSA: drivers: opl3: Fix incorrect use of vp->state
(bsc#1012628).
- ALSA: rawmidi - fix the uninitalized user_pversion
(bsc#1012628).
- ALSA: hda/hdmi: Disable silent stream on GLK (bsc#1012628).
- ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
(bsc#1012628).
- ALSA: hda/realtek: Add new alc285-hp-amp-init model
(bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
(bsc#1012628).
- ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (bsc#1012628).
- ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s
(bsc#1012628).
- ASoC: tegra: Add DAPM switches for headphones and mic jack
(bsc#1012628).
- ASoC: tegra: Restore headphones jack name on Nyan Big
(bsc#1012628).
- Input: atmel_mxt_ts - fix double free in mxt_read_info_block
(bsc#1012628).
- ipmi: bail out if init_srcu_struct fails (bsc#1012628).
- ipmi: ssif: initialize ssif_info->client early (bsc#1012628).
- ipmi: fix initialization when workqueue allocation fails
(bsc#1012628).
- parisc: Correct completer in lws start (bsc#1012628).
- parisc: Fix mask used to select futex spinlock (bsc#1012628).
- tee: handle lookup of shm with reference count 0 (bsc#1012628).
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
(bsc#1012628).
- platform/x86: amd-pmc: only use callbacks for suspend
(bsc#1012628).
- platform/x86: intel_pmc_core: fix memleak on registration
failure (bsc#1012628).
- KVM: x86: Always set kvm_run->if_flag (bsc#1012628).
- KVM: x86/mmu: Don't advance iterator after restart due to
yielding (bsc#1012628).
- KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is
required (bsc#1012628).
- KVM: VMX: Always clear vmx->fail on emulation_required
(bsc#1012628).
- KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU ==
this vCPU (bsc#1012628).
- pinctrl: stm32: consider the GPIO offset to expose all the
GPIO lines (bsc#1012628).
- gpio: dln2: Fix interrupts when replugging the device
(bsc#1012628).
- mmc: sdhci-tegra: Fix switch to HS400ES mode (bsc#1012628).
- mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO
commands (bsc#1012628).
- mmc: core: Disable card detect during shutdown (bsc#1012628).
- mmc: mmci: stm32: clear DLYB_CR after sending tuning command
(bsc#1012628).
- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
(bsc#1012628).
- ksmbd: fix error code in ndr_read_int32() (bsc#1012628).
- ksmbd: fix uninitialized symbol 'pntsd_size' (bsc#1012628).
- ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
(bsc#1012628).
- mac80211: fix locking in ieee80211_start_ap error path
(bsc#1012628).
- mm: mempolicy: fix THP allocations escaping mempolicy
restrictions (bsc#1012628).
- mm, hwpoison: fix condition in free hugetlb page path
(bsc#1012628).
- mm/hwpoison: clear MF_COUNT_INCREASED before retrying
get_any_page() (bsc#1012628).
- mm/damon/dbgfs: protect targets destructions with kdamond_lock
(bsc#1012628).
- tee: optee: Fix incorrect page free bug (bsc#1012628).
- f2fs: fix to do sanity check on last xattr entry in
__f2fs_setxattr() (bsc#1012628).
- netfs: fix parameter of cleanup() (bsc#1012628).
- KVM: VMX: Fix stale docs for
kvm-intel.emulate_invalid_guest_state (bsc#1012628).
- arm64: dts: lx2160a: fix scl-gpios property name (bsc#1012628).
- kfence: fix memory leak when cat kfence objects (bsc#1012628).
- Input: iqs626a - prohibit inlining of channel parsing functions
(bsc#1012628).
- Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
(bsc#1012628).
- Input: goodix - add id->model mapping for the "9111" model
(bsc#1012628).
- ASoC: tas2770: Fix setting of high sample rates (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add new ADL-P variant (bsc#1012628).
- ASoC: SOF: Intel: pci-tgl: add ADL-N support (bsc#1012628).
- ASoC: rt5682: fix the wrong jack type detected (bsc#1012628).
- pinctrl: mediatek: fix global-out-of-bounds issue (bsc#1012628).
- hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
(bsc#1012628).
- hwmon: (lm90) Do not report 'busy' status bit as alarm
(bsc#1012628).
- r8152: sync ocp base (bsc#1012628).
- ax25: NPD bug when detaching AX25 device (bsc#1012628).
- hamradio: defer ax25 kfree after unregister_netdev
(bsc#1012628).
- hamradio: improve the incomplete fix to avoid NPD (bsc#1012628).
- tun: avoid double free in tun_free_netdev (bsc#1012628).
- phonet/pep: refuse to enable an unbound pipe (bsc#1012628).
- Refresh
patches.suse/add-product-identifying-information-to-vmcoreinfo.patch.
- commit 202eb92
- Disable patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch (bsc#1194007)
Better to disable it completely.
- commit 730a488
- Linux 5.15.11 (bsc#1012628).
- xen/netback: don't queue unlimited number of packages
(bsc#1012628).
- xen/netback: fix rx queue stall detection (bsc#1012628).
- xen/console: harden hvc_xen against event channel storms
(bsc#1012628).
- xen/netfront: harden netfront against event channel storms
(bsc#1012628).
- xen/blkfront: harden blkfront against event channel storms
(bsc#1012628).
- Revert "xsk: Do not sleep in poll() when need_wakeup set"
(bsc#1012628).
- selftests/damon: test debugfs file reads/writes with huge count
(bsc#1012628).
- bus: ti-sysc: Fix variable set but not used warning for
reinit_modules (bsc#1012628).
- io-wq: drop wqe lock before creating new worker (bsc#1012628).
- rcu: Mark accesses to rcu_state.n_force_qs (bsc#1012628).
- io-wq: check for wq exit after adding new worker task_work
(bsc#1012628).
- io-wq: remove spurious bit clear on task_work addition
(bsc#1012628).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (bsc#1012628).
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(bsc#1012628).
- scsi: scsi_debug: Don't call kcalloc() if size arg is zero
(bsc#1012628).
- ovl: fix warning in ovl_create_real() (bsc#1012628).
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1012628).
- media: mxl111sf: change mutex_init() location (bsc#1012628).
- USB: core: Make do_proc_control() and do_proc_bulk() killable
(bsc#1012628).
- bpf: Fix extable address check (bsc#1012628).
- bpf, x64: Factor out emission of REX byte in more cases
(bsc#1012628).
- mptcp: add missing documented NL params (bsc#1012628).
- xsk: Do not sleep in poll() when need_wakeup set (bsc#1012628).
- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name
(bsc#1012628).
- can: m_can: pci: use custom bit timings for Elkhart Lake
(bsc#1012628).
- can: m_can: make custom bittiming fields const (bsc#1012628).
- Revert "can: m_can: remove support for custom bit timing"
(bsc#1012628).
- drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info
on YC (bsc#1012628).
- drm/amdgpu: don't override default ECO_BITs setting
(bsc#1012628).
- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
(bsc#1012628).
- powerpc/module_64: Fix livepatching for RO modules
(bsc#1012628).
- libata: if T_LENGTH is zero, dma direction should be DMA_NONE
(bsc#1012628).
- perf inject: Fix segfault due to perf_data__fd() without open
(bsc#1012628).
- perf inject: Fix segfault due to close without open
(bsc#1012628).
- riscv: dts: unmatched: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- riscv: dts: unleashed: Add gpio card detect to mmc-spi-slot
(bsc#1012628).
- locking/rtmutex: Fix incorrect condition in
rtmutex_spin_on_owner() (bsc#1012628).
- cifs: sanitize multiple delimiters in prepath (bsc#1012628).
- timekeeping: Really make sure wall_to_monotonic isn't positive
(bsc#1012628).
- serial: 8250_fintek: Fix garbled text for console (bsc#1012628).
- iocost: Fix divide-by-zero on donation from low hweight cgroup
(bsc#1012628).
- zonefs: add MODULE_ALIAS_FS (bsc#1012628).
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device()
(bsc#1012628).
- btrfs: check WRITE_ERR when trying to read an extent buffer
(bsc#1012628).
- btrfs: fix double free of anon_dev after failure to create
subvolume (bsc#1012628).
- Refresh
patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch.
- btrfs: fix memory leak in __add_inode_ref() (bsc#1012628).
- selinux: fix sleeping function called from invalid context
(bsc#1012628).
- USB: serial: option: add Telit FN990 compositions (bsc#1012628).
- USB: serial: cp210x: fix CP2105 GPIO registration (bsc#1012628).
- usb: gadget: u_ether: fix race in setting MAC address in setup
phase (bsc#1012628).
- usb: typec: tcpm: fix tcpm unregister port but leave a pending
timer (bsc#1012628).
- usb: cdnsp: Fix lack of spin_lock_irqsave/spin_lock_restore
(bsc#1012628).
- usb: cdnsp: Fix issue in cdnsp_log_ep trace event (bsc#1012628).
- usb: cdnsp: Fix incorrect calling of cdnsp_died function
(bsc#1012628).
- usb: cdnsp: Fix incorrect status for control request
(bsc#1012628).
- usb: xhci: Extend support for runtime power management for
AMD's Yellow carp (bsc#1012628).
- usb: xhci-mtk: fix list_del warning when enable list debug
(bsc#1012628).
- PCI/MSI: Mask MSI-X vectors only on success (bsc#1012628).
- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (bsc#1012628).
- usb: dwc2: fix STM ID/VBUS detection startup delay in
dwc2_driver_probe (bsc#1012628).
- USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
(bsc#1012628).
- tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
(bsc#1012628).
- KVM: x86: Drop guest CPUID check for host initiated writes to
MSR_IA32_PERF_CAPABILITIES (bsc#1012628).
- Revert "usb: early: convert to readl_poll_timeout_atomic()"
(bsc#1012628).
- USB: gadget: bRequestType is a bitfield, not a enum
(bsc#1012628).
- powerpc/85xx: Fix oops when CONFIG_FSL_PMC=n (bsc#1012628).
- bpf, selftests: Fix racing issue in btf_skc_cls_ingress test
(bsc#1012628).
- bpf: Fix extable fixup offset (bsc#1012628).
- arm64: kexec: Fix missing error code 'ret' warning in
load_other_segments() (bsc#1012628).
- afs: Fix mmap (bsc#1012628).
- sit: do not call ipip6_dev_free() from sit_init_net()
(bsc#1012628).
- net: systemport: Add global locking for descriptor lifecycle
(bsc#1012628).
- net/smc: Prevent smc_release() from long blocking (bsc#1012628).
- net: Fix double 0x prefix print in SKB dump (bsc#1012628).
- dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED
(bsc#1012628).
- sfc_ef100: potential dereference of null pointer (bsc#1012628).
- net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
(bsc#1012628).
- net/packet: rx_owner_map depends on pg_vec (bsc#1012628).
- netdevsim: Zero-initialize memory for new map's value in
function nsim_bpf_map_alloc (bsc#1012628).
- ixgbe: set X550 MDIO speed before talking to PHY (bsc#1012628).
- ixgbe: Document how to enable NBASE-T support (bsc#1012628).
- igc: Fix typo in i225 LTR functions (bsc#1012628).
- igbvf: fix double free in `igbvf_probe` (bsc#1012628).
- igb: Fix removal of unicast MAC filters of VFs (bsc#1012628).
- soc/tegra: fuse: Fix bitwise vs. logical OR warning
(bsc#1012628).
- mptcp: fix deadlock in __mptcp_push_pending() (bsc#1012628).
- mptcp: clear 'kern' flag from fallback sockets (bsc#1012628).
- mptcp: remove tcp ulp setsockopt support (bsc#1012628).
- drm/amd/pm: fix a potential gpu_metrics_table memory leak
(bsc#1012628).
- drm/amd/display: Set exit_optimized_pwr_state for DCN31
(bsc#1012628).
- ice: Don't put stale timestamps in the skb (bsc#1012628).
- ice: Use div64_u64 instead of div_u64 in adjfine (bsc#1012628).
- rds: memory leak in __rds_conn_create() (bsc#1012628).
- flow_offload: return EOPNOTSUPP for the unsupported mpls action
type (bsc#1012628).
- net: stmmac: fix tc flower deletion for VLAN priority Rx
steering (bsc#1012628).
- mac80211: fix lookup when adding AddBA extension element
(bsc#1012628).
- cfg80211: Acquire wiphy mutex on regulatory work (bsc#1012628).
- mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
(bsc#1012628).
- drm/i915/display: Fix an unsigned subtraction which can never
be negative (bsc#1012628).
- drm/ast: potential dereference of null pointer (bsc#1012628).
- mptcp: never allow the PM to close a listener subflow
(bsc#1012628).
- selftest/net/forwarding: declare NETIFS p9 p10 (bsc#1012628).
- net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()
(bsc#1012628).
- selftests/net: toeplitz: fix udp option (bsc#1012628).
- net/sched: sch_ets: don't remove idle classes from the
round-robin list (bsc#1012628).
- drm: simpledrm: fix wrong unit with pixel clock (bsc#1012628).
- dmaengine: st_fdma: fix MODULE_ALIAS (bsc#1012628).
- dmaengine: idxd: fix missed completion on abort path
(bsc#1012628).
- selftests: Fix IPv6 address bind tests (bsc#1012628).
- selftests: Fix raw socket bind tests with VRF (bsc#1012628).
- selftests: Add duplicate config only for MD5 VRF tests
(bsc#1012628).
- net: hns3: fix race condition in debugfs (bsc#1012628).
- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
(bsc#1012628).
- selftests: icmp_redirect: pass xfail=0 to log_test()
(bsc#1012628).
- netdevsim: don't overwrite read only ethtool parms
(bsc#1012628).
- inet_diag: fix kernel-infoleak for UDP sockets (bsc#1012628).
- sch_cake: do not call cake_destroy() from cake_init()
(bsc#1012628).
- s390/kexec_file: fix error handling when applying relocations
(bsc#1012628).
- selftests: net: Correct ping6 expected rc from 2 to 1
(bsc#1012628).
- Revert "drm/fb-helper: improve DRM fbdev emulation device names"
(bsc#1012628).
- vdpa: Consider device id larger than 31 (bsc#1012628).
- virtio/vsock: fix the transport to work with VMADDR_CID_ANY
(bsc#1012628).
- virtio: always enter drivers/virtio/ (bsc#1012628).
- iwlwifi: mvm: don't crash on invalid rate w/o STA (bsc#1012628).
- soc: imx: Register SoC device only on i.MX boards (bsc#1012628).
- clk: Don't parent clks until the parent is fully registered
(bsc#1012628).
- arm64: dts: imx8mq: remove interconnect property from lcdif
(bsc#1012628).
- ARM: socfpga: dts: fix qspi node compatible (bsc#1012628).
- ceph: initialize pathlen variable in reconnect_caps_cb
(bsc#1012628).
- ceph: fix duplicate increment of opened_inodes metric
(bsc#1012628).
- tee: amdtee: fix an IS_ERR() vs NULL bug (bsc#1012628).
- mac80211: track only QoS data frames for admission control
(bsc#1012628).
- dmaengine: idxd: fix calling wq quiesce inside spinlock
(bsc#1012628).
- dmaengine: idxd: add halt interrupt support (bsc#1012628).
- arm64: dts: rockchip: fix poweroff on helios64 (bsc#1012628).
- arm64: dts: rockchip: fix audio-supply for Rock Pi 4
(bsc#1012628).
- arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
(bsc#1012628).
- arm64: dts: rockchip: fix rk3308-roc-cc vcc-sd supply
(bsc#1012628).
- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from
rk3399-khadas-edge (bsc#1012628).
- pinctrl: amd: Fix wakeups when IRQ is shared with SCI
(bsc#1012628).
- drm/i915/hdmi: Turn DP++ TMDS output buffers back on in
encoder->shutdown() (bsc#1012628).
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915
(bsc#1012628).
- scsi: ufs: core: Retry START_STOP on UNIT_ATTENTION
(bsc#1012628).
- btrfs: remove stale comment about the btrfs_show_devname
(bsc#1012628).
- btrfs: update latest_dev when we create a sprout device
(bsc#1012628).
- btrfs: use latest_dev in btrfs_show_devname (bsc#1012628).
- btrfs: convert latest_bdev type to btrfs_device and rename
(bsc#1012628).
- audit: improve robustness of the audit queue handling
(bsc#1012628).
- dm btree remove: fix use after free in rebalance_children()
(bsc#1012628).
- ceph: fix up non-directory creation in SGID directories
(bsc#1012628).
- arm64: dts: ten64: remove redundant interrupt declaration for
gpio-keys (bsc#1012628).
- recordmcount.pl: look for jgnop instruction as well as bcrl
on s390 (bsc#1012628).
- s390/entry: fix duplicate tracking of irq nesting level
(bsc#1012628).
- vdpa: check that offsets are within bounds (bsc#1012628).
- virtio_ring: Fix querying of maximum DMA mapping size for
virtio device (bsc#1012628).
- vduse: check that offset is within bounds in get_config()
(bsc#1012628).
- vduse: fix memory corruption in vduse_dev_ioctl() (bsc#1012628).
- bpf, selftests: Update test case for atomic cmpxchg on r0 with
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
(bsc#1012628).
- bpf, selftests: Add test case trying to taint map value pointer
(bsc#1012628).
- bpf: Make 32->64 bounds propagation slightly more robust
(bsc#1012628).
- bpf: Fix signed bounds propagation after mov32 (bsc#1012628).
- bpf, selftests: Add test case for atomic fetch on spilled
pointer (bsc#1012628).
- bpf: Fix kernel address leakage in atomic fetch (bsc#1012628).
- firmware: arm_scpi: Fix string overflow in SCPI genpd driver
(bsc#1012628).
- mac80211: validate extended element ID is present (bsc#1012628).
- mac80211: send ADDBA requests using the tid/queue of the
aggregation session (bsc#1012628).
- mac80211: mark TX-during-stop for TX in in_reconfig
(bsc#1012628).
- mac80211: fix regression in SSN handling of addba tx
(bsc#1012628).
- mac80211: fix rate control for retransmitted frames
(bsc#1012628).
- KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid()
(bsc#1012628).
- x86/kvm: remove unused ack_notifier callbacks (bsc#1012628).
- KVM: downgrade two BUG_ONs to WARN_ON_ONCE (bsc#1012628).
- KVM: selftests: Make sure kvm_create_max_vcpus test won't hit
RLIMIT_NOFILE (bsc#1012628).
- KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled
(bsc#1012628).
- reset: tegra-bpmp: Revert Handle errors in BPMP response
(bsc#1012628).
- commit 9903b31
- Linux 5.15.10 (bsc#1012628).
- perf inject: Fix itrace space allowed for new attributes
(bsc#1012628).
- fuse: make sure reclaim doesn't write the inode (bsc#1012628).
- staging: most: dim2: use device release method (bsc#1012628).
- tracing: Fix a kmemleak false positive in tracing_map
(bsc#1012628).
- drm/amdkfd: process_info lock not needed for svm (bsc#1012628).
- drm/amd/display: add connector type check for CRC source set
(bsc#1012628).
- drm/amdkfd: fix double free mem structure (bsc#1012628).
- drm/amd/display: Fix for the no Audio bug with Tiled Displays
(bsc#1012628).
- drm/amdgpu: check atomic flag to differeniate with legacy path
(bsc#1012628).
- drm/amdgpu: cancel the correct hrtimer on exit (bsc#1012628).
- net: netlink: af_netlink: Prevent empty skb by adding a check
on len (bsc#1012628).
- i2c: rk3x: Handle a spurious start completion interrupt flag
(bsc#1012628).
- parisc/agp: Annotate parisc agp init functions with __init
(bsc#1012628).
- ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
(bsc#1012628).
- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
(bsc#1012628).
- loop: Use pr_warn_once() for loop_control_remove() warning
(bsc#1012628).
- net/mlx4_en: Update reported link modes for 1/10G (bsc#1012628).
- Revert "tty: serial: fsl_lpuart: drop earlycon entry for
i.MX8QXP" (bsc#1012628).
- s390/test_unwind: use raw opcode instead of invalid instruction
(bsc#1012628).
- KVM: arm64: Save PSTATE early on exit (bsc#1012628).
- drm/msm/dp: Avoid unpowered AUX xfers that caused crashes
(bsc#1012628).
- drm/msm/dsi: set default num_data_lanes (bsc#1012628).
- drm/msm/a6xx: Fix uinitialized use of gpu_scid (bsc#1012628).
- drm/msm: Fix null ptr access msm_ioctl_gem_submit()
(bsc#1012628).
- i2c: virtio: fix completion handling (bsc#1012628).
- vmxnet3: fix minimum vectors alloc issue (bsc#1012628).
- ice: fix FDIR init missing when reset VF (bsc#1012628).
- RDMA/irdma: Don't arm the CQ more than two times if no CE for
this CQ (bsc#1012628).
- RDMA/irdma: Report correct WC errors (bsc#1012628).
- RDMA/irdma: Fix a potential memory allocation issue in
'irdma_prm_add_pble_mem()' (bsc#1012628).
- RDMA/irdma: Fix a user-after-free in add_pble_prm (bsc#1012628).
- netfs: Fix lockdep warning from taking sb_writers whilst
holding mmap_lock (bsc#1012628).
- perf bpf_skel: Do not use typedef to avoid error on old clang
(bsc#1012628).
- clk: qcom: sm6125-gcc: Swap ops of ice and apps on sdcc1
(bsc#1012628).
- dt-bindings: media: nxp,imx7-mipi-csi2: Drop bad if/then schema
(bsc#1012628).
- inet: use #ifdef CONFIG_SOCK_RX_QUEUE_MAPPING consistently
(bsc#1012628).
- mtd: rawnand: Fix nand_choose_best_timings() on unsupported
interface (bsc#1012628).
- mtd: rawnand: Fix nand_erase_op delay (bsc#1012628).
- RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
(bsc#1012628).
- RDMA: Fix use-after-free in rxe_queue_cleanup (bsc#1012628).
- hwmon: (corsair-psu) fix plain integer used as NULL pointer
(bsc#1012628).
- nfc: fix segfault in nfc_genl_dump_devices_done (bsc#1012628).
- commit 85804f3
- Linux 5.15.9 (bsc#1012628).
- netfilter: selftest: conntrack_vrf.sh: fix file permission
(bsc#1012628).
- commit edf812e
==== libcamera ====
- Add optional pkgconfig(libtiff-4) BuildRequires.
==== libgsf ====
Version update (1.14.47 -> 1.14.48)
Subpackages: gsf-office-thumbnailer libgsf-1-114
- Update to version 1.14.48:
+ Add "zip64" readable property of GsfInfileZip.
==== mozilla-nspr ====
Version update (4.32 -> 4.33)
- update to 4.33:
* fixes to build system and export of private symbols
==== mozilla-nss ====
Version update (3.73 -> 3.73.1)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.73.1:
* Add SHA-2 support to mozilla::pkix's OSCP implementation
==== plasma5-desktop ====
- Add patch to fix empty window appearing on activity switching
(kde#443968, boo#1193960):
* 0001-SwitcherBackend-Only-create-the-workaround-window-on.patch
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup
- Fix a typo in padsp LD_PRELOAD setup (bsc#1194074)
==== python-ordered-set ====
- Do not disable python36 here. This package is so deep in the
dependency tree, you have to do it globally.
- Upstream supoorted only python >= 3.5, so disable python 2 and
also python 3.6 (End of support).
1
0