Mailinglist Archive: opensuse-factory (673 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20160612 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

Packages changed:
AppStream (0.9.5 -> 0.9.6)
MozillaFirefox (46.0.1 -> 47.0)
kernel-firmware (20160516 -> 20160609)
kernel-source (4.6.1 -> 4.6.2)
libinput (1.3.0 -> 1.3.1)
librsvg (2.40.15 -> 2.40.16)
libxml2 (2.9.3 -> 2.9.4)
mozilla-nss (3.22.3 -> 3.23)
python-M2Crypto (0.22.5 -> 0.24.0)
python-cryptography (1.3.1 -> 1.3.4)
python-libxml2 (2.9.3 -> 2.9.4)
swig (3.0.8 -> 3.0.9)
tidy (5.1.9 -> 5.2.0)
xkeyboard-config (2.17 -> 2.18)
yast2 (3.1.191 -> 3.1.193)

=== Details ===

==== AppStream ====
Version update (0.9.5 -> 0.9.6)
Subpackages: libappstream3

- Update to version 0.9.6
* Improve metadata file decompression code (Matthias Klumpp)
* validator: Simplify loading of data too (Matthias Klumpp)
* Make it easy to compile with Address Sanitizer enabled (Matthias Klumpp)
* Allow compiling with UBSan as well (Matthias Klumpp)
* Add back support for Travis CI (Matthias Klumpp)
* yaml: Write Releases field (Matthias Klumpp)
* qt: Properly check for component validity (Matthias Klumpp)
* Ensure decompressed metadata is null-terminated (Neil Mayhew)
* validator: Long descriptions are not needed for generic components
(Matthias Klumpp)
* Make VAPI generation depend on GIR typelibs explicitly (Matthias Klumpp)
* Be more verbose when failing to move the cache directory (Matthias Klumpp)
* Handle format errors when parsing YAML metadata (Neil Mayhew)

==== MozillaFirefox ====
Version update (46.0.1 -> 47.0)
Subpackages: MozillaFirefox-translations-common

- update to Firefox 47.0 (boo#983549)
* Enable VP9 video codec for users with fast machines
* Embedded YouTube videos now play with HTML5 video if Flash is
not installed
* View and search open tabs from your smartphone or another
computer in a sidebar
* Allow no-cache on back/forward navigations for https resources
security fixes:
* MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
(bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
bmo#1269729, bmo#1273202, bmo#1273701)
Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
* MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
Buffer overflow parsing HTML5 fragments
* MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
Use-after-free deleting tables from a contenteditable document
* MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
Addressbar spoofing though the SELECT element
* MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
Out-of-bounds write with WebGL shader
* MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
Partial same-origin-policy through setting
through data URI
* MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
Use-after-free when textures are used in WebGL operations
after recycle pool destruction
* MFSA 2016-57/CVE-2016-2829 (boo#983644) (bmo#1248329)
Incorrect icon displayed on permissions notifications
* MFSA 2016-58/CVE-2016-2831 (boo#983643) (bmo#1261933)
Entering fullscreen and persistent pointerlock without user
* MFSA 2016-59/CVE-2016-2832 (boo#983632) (bmo#1025267)
Information disclosure of disabled plugins through CSS
* MFSA 2016-60/CVE-2016-2833 (boo#983640) (bmo#908933)
Java applets bypass CSP protections
* MFSA 2016-62/CVE-2016-2834 (boo#983639) (bmo#1206283,
bmo#1221620, bmo#1241034, bmo#1241037)
Network Security Services (NSS) vulnerabilities
fixed by requiring NSS 3.23
packaging changes:
* cleanup configure options (boo#981695):
- notably remove GStreamer support which is gone from FF
* remove obsolete patches
- mozilla-libproxy.patch
- mozilla-repo.patch

==== alsa ====
Subpackages: alsa-devel libasound2 libasound2-32bit

- Backport upstream fixes: fixing PCM dmix & co suspend/resume,
namehint parser fixes, stackable async handler:

==== branding-openSUSE ====
Subpackages: gfxboot-branding-openSUSE grub2-branding-openSUSE
plymouth-branding-openSUSE wallpaper-branding-openSUSE

- Add yast2-qt-branding-openSUSE back and remove Supplements
- Much less breakage
- Drop yast2-qt-branding-openSUSE (boo#955381)
- Fix xfce4-splash-branding-openSUSE conflicts

==== curl ====
Subpackages: libcurl-devel libcurl4

- Depend on libssh2 >= 1.6.0 since curl depends on the
libssh2_scp_recv2 symbol now. Fixes boo#983170

==== kaccounts-integration ====

- Require ktp-accounts-kcm, kcm_kaccounts is not useful at all
without it (boo#983036)
- Recommend kaccounts-providers for additional providers (Google)

==== kde-branding-openSUSE ====
Subpackages: kdelibs4-branding-openSUSE ksplash-qml-branding-openSUSE

- Add yast2-qt-branding-openSUSE back and remove Supplements
- Much less breakage
- Drop yast2-qt-branding-openSUSE (boo#955381)
- Fix xfce4-splash-branding-openSUSE conflicts
- grub2 theme: use blueish color for timeout bar.

==== kernel-firmware ====
Version update (20160516 -> 20160609)
Subpackages: ucode-amd

- Update to version 20160609:
* linux-firmware: update audio firmware for Braswell platform
* radeon: add new CI smc firmware
* radeon: add new SI smc firmware
* linux-firmware: Update firmware patch for Intel Bluetooth 7265 (D1)
* linux-firmware: Update firmware patch for Intel Bluetooth 7265 (C0/D0)
* linux-firmware: Update firmware file for Intel Bluetooth 8260
- Update to version 20160602:
* qed: Add FW
* linux-firmware: intel: Add Broxton audio firmware
* linux-firmware: Update firmware patch for Intel Bluetooth 7260 (B3/B4)
* linux-firmware: Update firmware patch for Intel Bluetooth 7260 (B5/B6)

==== kernel-source ====
Version update (4.6.1 -> 4.6.2)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs
kernel-macros kernel-syms

- ecryptfs: don't allow mmap when the lower file system doesn't
allow it (bsc#983143 CVE-2016-1583).
- commit 8777776
- arm64: mm: always take dirty state from new pte in
ptep_set_access_flags (bsc#983458).
- Update config files.
- commit d662464
- Linux 4.6.2.
- commit b664f9a
- x86/pat: Document the PAT initialization sequence (bnc#982991,
bnc#974257, bnc#982991).
- x86/xen, pat: Remove PAT table init code from Xen (bnc#982991,
bnc#974257, bnc#982991).
- x86/mtrr: Fix PAT init handling when MTRR is disabled
(bnc#982991, bnc#974257, bnc#982991).
- x86/mtrr: Fix Xorg crashes in Qemu sessions (bnc#982991,
bnc#974257, bnc#982991).
- x86/mm/pat: Replace cpu_has_pat with boot_cpu_has() (bnc#982991,
bnc#974257, bnc#982991).
- x86/mm/pat: Add pat_disable() interface (bnc#982991, bnc#974257,
- x86/mm/pat: Add support of non-default PAT MSR setting
(bnc#982991, bnc#974257, bnc#982991).
- commit 3988263
- Delete patches.suse/xen-pv-devmem_is_allowed.patch (bnc#982991)
- commit 23cb422
- Refresh

Upstream status.
- commit 2720edf
- rtlwifi: Fix scheduling while atomic error from commit
49f86ec21c01 (boo#983036).
- commit 5a9c4b2

==== lcms2 ====
Subpackages: liblcms2-2 liblcms2-2-32bit liblcms2-devel

- Update to GNOME 3.20 Fate#318572

==== libinput ====
Version update (1.3.0 -> 1.3.1)
Subpackages: libinput-devel libinput-udev libinput10

- Update to new upstream release 1.3.1
* The pressure change check we used to detect finger releases has
been adjusted to just apply to the Lenovo *50 and *60 series,
it didn't work too well on other touchpads and resulted in
jerky motion.
* An error message was generated for 3-finger swipes on some touchads that had
gestures disabled, this is fixed now.

==== libpst ====

- Update to GNOME 3.20 Fate#318572

==== librsvg ====
Version update (2.40.15 -> 2.40.16)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 librsvg-devel

- Update to version 2.40.16:
+ Support for building the introspection files under MSVC.
+ Make the zooming options in rsvg-convert(1) work again for
scaling the resulting image (bgo#760262).
+ Wikipedia generates equations as SVGs and renders them, but
uses fill="currentColor". Since we don't let caller specify a
starting state for CSS, we need to start with opaque black as
the default current color (bgo#764808).
+ Added documentation for how to replace the deprecated
- Drop librsvg-Fix-rsvg-convert.patch: Fixed upstream.

==== libusb-1_0 ====
Subpackages: libusb-1_0-0 libusb-1_0-0-32bit libusb-1_0-devel

- Update to GNOME 3.20.2 FATE#318572

==== libxml2 ====
Version update (2.9.3 -> 2.9.4)
Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools

- add libxml2-2.9.4-fix_attribute_decoding.patch to fix attribute
decoding during XML schema validation [bnc#983288]
- Update libxml2 to version libxml2-2.9.4. The new version is
resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835,
CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838,
CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and
- Remove obsolete patches libxml2-2.9.1-CVE-2016-3627.patch,
and libxml2-2.9.3-bogus_UTF-8_encoding_error.patch.

==== metamail ====

- add patches:
* metamail-2.7-19-provide-filenames-for-attachments.patch
rebased from Immanuel Halupczok original debian patch:

==== mozilla-nss ====
Version update (3.22.3 -> 3.23)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-devel

- update to NSS 3.23
New functionality:
* ChaCha20/Poly1305 cipher and TLS cipher suites now supported
* Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use.
New functions:
* SSL_SetDowngradeCheckVersion - Set maximum version for new
ServerRandom anti-downgrade mechanism. Clients that perform a
version downgrade (which is generally a very bad idea) call this
with the highest version number that they possibly support.
This gives them access to the version downgrade protection from
TLS 1.3.
Notable changes:
* The copy of SQLite shipped with NSS has been updated to version
* The list of TLS extensions sent in the TLS handshake has been
reordered to increase compatibility of the Extended Master Secret
with with servers
* The build time environment variable NSS_ENABLE_ZLIB has been
* The build time environment variable NSS_DISABLE_CHACHAPOLY was
added, which can be used to prevent compilation of the
ChaCha20/Poly1305 code.
* The following CA certificates were Removed
- Staat der Nederlanden Root CA
- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
- NetLock Kozjegyzoi (Class A) Tanusitvanykiado
- NetLock Uzleti (Class B) Tanusitvanykiado
- NetLock Expressz (Class C) Tanusitvanykiado
- VeriSign Class 1 Public PCA ? G2
- VeriSign Class 3 Public PCA
- VeriSign Class 3 Public PCA ? G2
- CA Disig
* The following CA certificates were Added
+ Certum Trusted Network CA 2
* The following CA certificate had the Email trust bit turned on
+ Actalis Authentication Root CA
Security fixes:
* CVE-2016-2834: Memory safety bugs (boo#983639)
MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037
- removed obsolete nss_gcc6_change.patch

==== polkit ====
Subpackages: libpolkit0 polkit-devel typelib-1_0-Polkit-1_0

- Use pkgconfig() instead of requiring systemd package names directly.
- systemd.pc is shipped by systemd main package (bsc#983167)
Strangely polkit wants systemd.pc to detect that the target system
is running systemd even if its configured to build systemd support...

==== python-M2Crypto ====
Version update (0.22.5 -> 0.24.0)

- update to 0.24.0
* No changelog provided
- README is no longer included
- Removed obsolete python-M2Crypto-SWIG-3.0.5.patch

==== python-cryptography ====
Version update (1.3.1 -> 1.3.4)

- fix download urls
- update to upstream release 1.3.4
* Added new OpenSSL functions to the bindings to support an upcoming
``pyOpenSSL`` release.
- correct source urls
- update to upstream release 1.3.2
* Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2h.
* Fixed an issue preventing ``cryptography`` from compiling against
LibreSSL 2.3.x.

==== python-keyring ====

- require python-setuptools (see bsc#983147)

==== python-libxml2 ====
Version update (2.9.3 -> 2.9.4)

- Update python-libxml2 to version libxml2-2.9.4. The new version
is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835,
CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838,
CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and

==== sddm ====
Subpackages: sddm-branding-openSUSE

- Fix build requirements on systemd (bsc#983167)
Use pkgconfig() so we don't need to rely on package names. For the
record, systemd.pc is now part of systemd main package.

==== signon-plugin-oauth2 ====

- Conflict with libproxy1-config-kde4, that's the actual name of
the package, and having it installed makes the plugin crash

==== suse-module-tools ====

- Run dos2unix on the modhash script.
- Add modhash tool to calculate hash of signed module.
It strips X.509 or PKCS#7 signature before hash kernel module.
- Remove -x bit from 50-kernel-uname_r.conf (bsc#981291).

==== swig ====
Version update (3.0.8 -> 3.0.9)

- Update to 3.0.9
- Add support for Python's implicit namespace packages.
- Fixes to support Go 1.6.
- C++11 std::array support added for Java.
- Improved C++ multiple inheritance support for Java/C# wrappers.
- Various other minor fixes and improvements for C#, D, Go, Java,
Javascript, Lua, Python, R, Ruby, Scilab.
- drop swig308-Fix-li_boost_array-test.patch, upstream

==== systemd-presets-branding-openSUSE ====

- don't require systemd to avoid dependency loop (boo#983986)
- added a prereq for coreutils to make sure the macro in %pre
works when using touch and mkdir. (bsc#982337)

==== systemd-rpm-macros ====

- %service_add_post() suppress daemon-reload when in installation
system (bsc#982343)

==== tidy ====
Version update (5.1.9 -> 5.2.0)
Subpackages: libtidy5

- new upstream version 5.2.0
+ added support for HTML5
- new upstream authors at
- remove
+ not needed
- remove tidy-fix-buffer-overflow.patch
+ upstreamed
- add fix_doxygen_paths.diff
+ patch Doxygen config file to build documentation from buld
- add test_fixes.diff
+ fix build paths
+ remove pauses via `read` bash builtin
+ don't hide logging in log files
- add dynamic_library_build.diff
+ use standard cmake BUILD_SHARED_LIBS instead of BUILD_SHARED_LIB
+ build both static and dynamic libraries by default, instead
of just static
+ link vs. dynamic by default
- add
+ used to fetch latest documentation configuration sources
- add compat_headers.diff
+ upstream changed some header names, so provide compatible header
wrappers with a compile time warning
- change library subpackage according to new soname
- build libtidy-devel instead of having soname in devel package name
- add CVE to previous changelog entry
- add tidy-fix-buffer-overflow.patch in order to fix a heap-based
buffer overflow in tidy/libtidy (gh#htacg/tidy-html5#217
boo#933588) CVE-2015-5522 CVE-2015-5523
- license update: W3C
SPDX format (the license corresponds to the W3C Software License)
- fix libtidy-0_99-0-devel not providing/obsoleting libtidy-devel
- updated to CVS snapshot 20100202
- cleaned up
* included script to generate a tarball from CVS
* consistent usage of license tag
* removed erroneously packaged files
* more concise description conforming to packaging policy
* lint clean
* renamed libtidy(-devel) to libtidy-0_99-0(-devel)
* removed trailing period from libtidy-dev summary
* split documentation into tidy-doc subpackage
- remove static libraries
- fix changelog entry order
- added directory to filelist
- copying package from buildservice package to autobuild
(adding .changes file)

==== util-linux ====
Subpackages: libblkid-devel libblkid1 libblkid1-32bit libfdisk1 libmount1
libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit

- blkid: Wipe corect area for probes with offset (bsc#976141,
- Remove incorrect --with-bashcompletiondir that breaks
bash-completion, use path in bash-completion.pc instead
- Add librtas-devel to BuildRequires on Power platforms. Needed for
proper function of lscpu (bsc#975082).

==== util-linux-systemd ====

- blkid: Wipe corect area for probes with offset (bsc#976141,
- Remove incorrect --with-bashcompletiondir that breaks
bash-completion, use path in bash-completion.pc instead
- Add librtas-devel to BuildRequires on Power platforms. Needed for
proper function of lscpu (bsc#975082).

==== xkeyboard-config ====
Version update (2.17 -> 2.18)

- Run over with spec-cleaner - pkgconfig/perl deps conversion
- Use post dependency on coreutils instead of prereq
- Disable silent rules to see whats happening
- Tweak configure options to match what contains and what
is needed
- Remove path provides on the old /etc location, should not be needed
after all those years
- Update to version 2.18
* Add Ctrl+Win keyboard layout switch.
* rules: Giving the caps:ctrl_modifier option a distinctive description.
* Sorting the Caps Lock options in a consistent manner.
* symbols: add explicit definition for Group2 to win_space_toggle
* Added Bone layout (including the q/eszett variant) and Neo qwertz/qwerty
* Added the Ruble signe
* Added us(carpalx)
* Add Algerian layout with variants
* Added some Asian layouts
* Added US layout for IBM Arabic 238L
* Synced descriptions
* Added Armenian dram sign to Armenian phonetic
* Fixed ISO codes for Jawi

==== yast2 ====
Version update (3.1.191 -> 3.1.193)

- Fixed displaying the file conflicts callbacks when the Progress
dialog is not displayed (bsc#983464)
- 3.1.193
- Drop yast2-devel-doc package (fate#320356)
- 3.1.192

To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages