Mailinglist Archive: opensuse-factory (988 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20150712 released!
Changed packages:

==== libindi ====
Subpackages: libindi-devel libindi1 libindiAlignmentDriver1 libindidriver1

- libindi-implicit-pointer-decl.patch: fix rpmlint implicit
declaration warnings
- BuildRequire libusb-1.0 not libusb-devel
- Build C++ code with at least -fvisibility-inlines-hidden.

==== nano ====
Version update (2.4.1 -> 2.4.2)
Subpackages: nano-lang

- GNU nano 2.4.2:
* ability to resize when in modes other than the main editing window
* proper displaying of invalid UTF-8 bytes
* new syntax definitions for Elisp, Guile, and PostgreSQL
* better display of shortcuts in the help menu and file browser

==== libopenssl-devel ====
Version update (1.0.2a -> 1.0.2d)
Subpackages: libopenssl1_0_0 libopenssl1_0_0-32bit openssl

- update to 1.0.2d
* fixes CVE-2015-1793 (bsc#936746)
Alternate chains certificate forgery
During certificate verfification, OpenSSL will attempt to find an
alternative certificate chain if the first attempt to build such a chain
fails. An error in the implementation of this logic can mean that an
attacker could cause certain checks on untrusted certificates to be
bypassed, such as the CA flag, enabling them to use a valid leaf
certificate to act as a CA and "issue" an invalid certificate.
- drop openssl-fix_invalid_manpage_name.patch (upstream)
- Workaround debugit crash on ppc64le with gcc5
bsc936563_hack.patch (bsc#936563)
- update merge_from_0.9.8k.patch replacing __LP64__ by __LP64
this is a change versus previous request 309611
required to avoid build error for ppc64
- Build with no-ssl3, for details on why this is needed read
rfc7568. Contrary to the "no-ssl2" option, this does not
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
but will fail to negotiate. if removing SSL3 methods is desired
at a later time, option "no-ssl3-method" needs to be used.
- update to 1.0.2c
* Fix HMAC ABI incompatibility
- refreshed openssl-1.0.2a-fips.patch
- update to 1.0.2b
* Malformed ECParameters causes infinite loop (CVE-2015-1788)
* Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
* PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
* CMS verify infinite loop with unknown hash function (CVE-2015-1792)
* Race condition handling NewSessionTicket (CVE-2015-1791)
- refreshed patches:
* 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
* 0001-libcrypto-Hide-library-private-symbols.patch
* openssl-1.0.2a-default-paths.patch
* openssl-1.0.2a-fips.patch
* compression_methods_switch.patch
* openssl-1.0.1e-add-test-suse-default-cipher-suite.patch

==== pragha ====
Version update ( ->
Subpackages: pragha-lang pragha-plugins

- Update to
* Fixed: Not save state album_art_in_osd=false.
* Provide more app icons size.
* Set expand comment entry on tag dialog.
* Ensure menu size and fallback to 16 on library and playlist
* Updated translations: German, Ukrainian, Czech.
* New Bulgarian translation.
- Correct the project URL.
- Doesn't buildrequires fdupes.

==== xournal ====

- Use upstream command to install desktop entries, mimetypes
and icons.
- Generate and install hires icons into hicolor directory (needed
on HiDPI displays).
- Use appropriate post-scripts to update desstop menu database,
mime cache and icon-theme.
- Drop external .desktop file and icon, and use upstream bundled

Removed packages:

Added packages:
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages