Mailinglist Archive: opensuse-factory (930 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20170318 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170318

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
argyllcms (1.8.3 -> 1.9.2)
cifs-utils
dhcp
dtc (1.4.3 -> 1.4.4)
gpg2
jasper
kiwi (7.04.28 -> 7.04.29)
open-iscsi
perl-XML-LibXML (2.0128 -> 2.0129)
pthread-stubs (0.3 -> 0.4)
publicsuffix (20170206 -> 20170303)
qemu (2.7.0 -> 2.8.0)
qemu-linux-user (2.7.0 -> 2.8.0)
sssd (1.15.1 -> 1.15.2)
texlive
wayland
wxWidgets-3_0
wxWidgets-3_0-nostl
xf86-input-wacom

=== Details ===

==== argyllcms ====
Version update (1.8.3 -> 1.9.2)

- Update to version 1.9.2 and update patches
* Added CMYKOGB and CMYKRGB 7 channel ink preset, and made targen
more flexible in matching pre-conditioning profiles to targen ink
selection.
* Fix oeminst for OS X save location.
* Fix oeminst for OS X Spyder 4 CD calibration file location.
* Improved robustness of ChromeCast discovery, and added some minimal
diagnostics.
* Improved robustness of targen ofps patch generation when using less
well behaved pre-conditioning profiles.
* Fixed oeminst so that it locates cdrom's in Linuxes latest mount
point of /run/media/$USER/.
* Fixed bug in i1pro2 driver, in which strip calibration would fail
if instrument had been first calibrated with ARGYLL_DISABLE_I1PRO2_DRIVER
set, and then calibrated with ARGYLL_DISABLE_I1PRO2_DRIVER unset.
* Added option to icclib to write Output profiles using 'chad' tag if
the ARGYLL_CREATE_DISPLAY_PROFILE_WITH_CHAD environment variable is
set. This is not recommended for normal use, but may assist
compatibility with other systems.
* Added JETI spectraval support, including Bluetooth access.
* Added support for the Klein K10 connecting via a serial port.
* Fixed bug in Colormunki Smile driver that causes crash on Ubuntu
16.04.1 LTS.
* Modified "lp" intent to greatly reduce eliminate Helmholtz-Kohlrausch
appearance modelling.
* Fixed problem with targen -g, in that the corresponding XYZ values
had double the power applied, rather than none. This was causing
problems with printtarg spacer colors.
* Extensive re-write of colorimetric nearest clipping code in rspl/rev.c
to restore precision that was lost in the speedups made in V1.0.0. The
nnrev setup now takes a lot longer with high resolution CMYK profiles
though. This corrects a "green becoming too yellow" problem for mapping
from ProPhoto space with some RGB devices.
* Change dispwin to properly set X11 DirectColor and take account of
TrueColor Colormap. This fixes problem with NVidia linux driver 364.12
exposing a VideoLUT depth that is different from the frame buffer depth.
* Change icclib to automatically repair icmTextDescription strings that
have an allocation that is longer than their size.
* Added i1Pro Lamp Drift test and fix functions to spotread (-Y l|L options).
* Change colprof so that -s -S will accept general compression percentage
as an alternative to a source colorspace/image gamut.
* Added optional conversion from native Gretag-MacBeth & X-Rite reflective
calibration standards to/from XRGA.
* Changed OS X GUI support code so as not to switch to "interact with the
Dock" mode until actual GUI element is to be displayed. This prevents
batch commands with optional GUI elements from blocking normal GUI
interactions.
* Re-jigged OS X UI code to use the main thread to avoid window
creation timing issues and a warning backtrace on OS X 10.11.
* Added CMP_Digital_Target-7.cht
* Fix spec2cie to cope with .ti3 files that are missing device values,
so that it can process a wider range of input CIE reference files.
* Changed implementation of ARGYLL_NOT_INTERACTIVE on MSWin to make
it more reliable when operated progromatically.
* Fixed chartread so that if you are reading patch by patch, the
location strings can be arbitrary (i.e. they don't have to conform
to an alpha/num strip/patch pattern.)
* Added support for Sencore ColorPro V, IV & III colorimeters
(based on Sequel Chroma colorimeter.).
- Drop argyllcms-udev151.patch
- Drop argyllcms-1.4.0-warnings.patch

==== cifs-utils ====

- Get rid of init script on everything based off SLE12+ (bsc#1025471).

==== dhcp ====
Subpackages: dhcp-client dhcp-doc dhcp-relay dhcp-server

- Relax permission of dhclient-script for libguestfs(bsc#987170)

==== dtc ====
Version update (1.4.3 -> 1.4.4)

- Update to version 1.4.4:
* fdtput: Remove star from value_len documentation
* fdtget: Use @return to document the return value
* tests: Make realloc_fdt() really allocate *fdt
* libfdt: overlay: Check the value of the right variable
* dtc: Simplify asm_emit_string() implementation
* libfdt: Change names of sparse helper macros
* Fix assorted sparse warnings
* Clean up gcc attributes
* dtc: Don't abuse struct fdt_reserve_entry
- Refresh patches
- Make building more verbose
- Run tests

==== gpg2 ====

- Use stronger defaults for new users, using SHA-2 digest family
for certificates and message signatures - FATE#323084
adding gnupg-2.1.19-stronger-defaults.patch

==== jasper ====
Subpackages: libjasper-devel libjasper1 libjasper1-32bit

- Added patches:
* jasper-CVE-2017-5498.patch
- Upstream changes putting braces and belts around
CVE-2017-5498, bsc#1020353, left-shift undefined behaviour
* jasper-CVE-2016-9600.patch
- Upstream fix for "Null Pointer Dereference due to missing
check for UNKNOWN color space in JP2 encoder" (CVE-2016-9600,
bsc#1018088)
- Added patch:
* jasper-CVE-2016-10251.patch
- Upstream fix for bsc#1029497, CVE-2016-10251: Use of
uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)

==== kiwi ====
Version update (7.04.28 -> 7.04.29)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot
kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-templates

- v7.04.29 released
- Make sure the disk symlink is removed before moving ovf folder
This commit deletes a relative symlink of the vmx disk before
moving ovf files from a temporary folder to the destination folder.
Fixes #633

==== open-iscsi ====
Subpackages: iscsiuio

- Updated from latest upstream patches, including
ability to disable auto-scans and README cleanup

==== perl-XML-LibXML ====
Version update (2.0128 -> 2.0129)

- updated to 2.0129
see /usr/share/doc/packages/perl-XML-LibXML/Changes
2.0129 2017-03-14
- Add example/create-sample-html-document.pl .
- https://rt.cpan.org/Ticket/Display.html?id=117923
- Add support for the set_document_locator() SAX method .
- Thanks to Alexander Batyrshin for the pull-request.
- Make parsing of large perl strings much faster.
- https://github.com/shlomif/perl-XML-LibXML/pull/5
- Thanks to Cedric Cellier for the pull-request.

==== pthread-stubs ====
Version update (0.3 -> 0.4)

- release 0.4
* This new release stops providing stubs, but instead expects
libc to do so. On platforms where this is not the case,
"-pthread" is injected via our pkg-config file instead. This
was done to make loading libpthread (indirectly) via dlopen()
work correctly in the presence of pthread-stubs.

==== publicsuffix ====
Version update (20170206 -> 20170303)

- Update to version 20170303:
* Add new gTLDs up to 2017-02-23 (#405)
* adding storj.farm for Storj Labs Inc. (#400)

==== qemu ====
Version update (2.7.0 -> 2.8.0)
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster
qemu-block-iscsi qemu-block-rbd qemu-block-ssh qemu-extra qemu-ipxe qemu-ksm
qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools
qemu-vgabios qemu-x86

- Buildignore for the global gcc-PIE, as this package enables PIE
on its own and has troubles if all use it. (meissner@xxxxxxxx)
- Address various security/stability issues
* Fix OOB access in virito-gpu-3d (CVE-2016-10028 bsc#1017084
bsc#1016503)
0057-display-virtio-gpu-3d-check-virgl-c.patch
* Fix DOS in Intel 6300ESB device emulation (CVE-2016-10155 bsc#1021129)
0058-watchdog-6300esb-add-exit-function.patch
* Fix DOS in virtio-gpu-3d (CVE-2017-5552 bsc#1021195)
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
* Fix DOS in virtio-gpu (CVE-2017-5578 bsc#1021481)
0060-virtio-gpu-fix-memory-leak-in-resou.patch
* Fix cause of infrequent migration failures from bad virtio device
state. (bsc#1020928)
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
* Fix DOS in es1370 emulated audio device (CVE-2017-5526 bsc#1020589)
0062-audio-es1370-add-exit-function.patch
* Fix DOS in ac97 emulated audio device (CVE-2017-5525 bsc#1020491)
0063-audio-ac97-add-exit-function.patch
* Fix DOS in megasas device emulation (CVE-2017-5856 bsc#1023053)
0064-megasas-fix-guest-triggered-memory-.patch
* Fix various inaccuracies in cirrus vga device emulation
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
* Fix OOB access in cirrus vga emulation (CVE-2017-2615 bsc#1023004)
0067-cirrus-fix-oob-access-issue-CVE-201.patch
* Fix DOS in usb CCID card device emulator (CVE-2017-5898 bsc#1023907)
0068-usb-ccid-check-ccid-apdu-length.patch
* Fix OOB access in SDHCI device emulation (CVE-2017-5667 bsc#1022541)
0069-sd-sdhci-check-data-length-during-d.patch
* Fix DOS in virtio-gpu-3d (CVE-2017-5857 bsc#1023073)
0070-virtio-gpu-fix-resource-leak-in-vir.patch
* Fix cirrus patterncopy checks
0071-cirrus-fix-patterncopy-checks.patch
* Fix OOB access in cirrus vga emulation (CVE-2017-2620 bsc#1024972)
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
- Fix name of s390x specific sysctl configuration file to end with
.conf (bsc#1026583)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Check that sysfs path exists before running test which requires
it. This allows qemu-testsuite to succeed in local build service
chroot based package build.
0056-tests-check-path-to-avoid-a-failing.patch
- Factory and SLE12-SP3 got a name change in the dtc devel package:
libfdt1-devel -> libfdt-devel. Adjust our spec file accordingly.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches added:
0055-linux-user-exclude-cpu-model-code-w.patch
- Make sure qemu guest agent is usable as soon as qemu-guest-agent
package is installed. The previous post script was still not
doing the job.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Fix potential hang/crash rebooting s390x guest
0053-s390x-kvm-fix-small-race-reboot-vs..patch
* Fix s390x linux-user failure since v2.8.0 update
0054-target-s390x-use-qemu-cpu-model-in-.patch
- Merge qemu packages from openSUSE and SUSE SLE releases together
for the v2.8 qemu update. The qemu.changes file is the openSUSE
version with this entry providing CVE, FATE, and bugzilla
references from the SUSE SLE qemu package to date (see below)
- Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8
* For SUSE SLE-12-SP3, update relates to fate#319684, fate#321331,
fate#321335, fate#321339, fate#321349, fate#321857
* For best compatibility, qemu-ifup and kvm_stat scripts now owned
by qemu package
* Build ipxe roms with gcc6 to maintain SLE legacy migration
compatibility requirements
* qmp-commands.txt file removed, to resurface in future doc reorganization
* qemu-tech.html file merged into other existing doc
* trace-events renamed to trace-events-all
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches dropped (upstream):
0013-linux-user-lock-tcg.patch
0014-linux-user-Run-multi-threaded-code-.patch
0015-linux-user-lock-tb-flushing-too.patch
0017-linux-user-implement-FS_IOC_GETFLAG.patch
0018-linux-user-implement-FS_IOC_SETFLAG.patch
0034-xen-SUSE-xenlinux-unplug-for-emulat.patch
0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch
0041-vmsvga-correct-bitmap-and-pixmap-si.patch
0042-scsi-mptconfig-fix-an-assert-expres.patch
0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch
0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch
0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch
0046-scsi-mptsas-use-g_new0-to-allocate-.patch
0047-scsi-pvscsi-limit-process-IO-loop-t.patch
0048-virtio-add-check-for-descriptor-s-m.patch
0049-net-mcf-limit-buffer-descriptor-cou.patch
0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch
0051-xhci-limit-the-number-of-link-trbs-.patch
0052-9pfs-allocate-space-for-guest-origi.patch
0053-9pfs-fix-memory-leak-in-v9fs_link.patch
0054-9pfs-fix-potential-host-memory-leak.patch
0055-9pfs-fix-information-leak-in-xattr-.patch
0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
0057-9pfs-fix-memory-leak-in-v9fs_write.patch
0058-char-serial-check-divider-value-aga.patch
0059-net-pcnet-check-rx-tx-descriptor-ri.patch
0060-net-eepro100-fix-memory-leak-in-dev.patch
0061-net-rocker-set-limit-to-DMA-buffer-.patch
0062-net-vmxnet-initialise-local-tx-desc.patch
0063-net-rtl8139-limit-processing-of-rin.patch
0064-audio-intel-hda-check-stream-entry-.patch
0065-virtio-gpu-fix-memory-leak-in-virti.patch
0066-9pfs-fix-integer-overflow-issue-in-.patch
slof_xhci.patch
* Patches renamed:
0016-linux-user-Fake-proc-cpuinfo.patch ->
0013-linux-user-Fake-proc-cpuinfo.patch
0019-linux-user-XXX-disable-fiemap.patch ->
0014-linux-user-XXX-disable-fiemap.patch
0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch
0021-vnc-password-file-and-incoming-conn.patch ->
0016-vnc-password-file-and-incoming-conn.patch
0022-linux-user-use-target_ulong.patch ->
0017-linux-user-use-target_ulong.patch
0023-block-Add-support-for-DictZip-enabl.patch ->
0018-block-Add-support-for-DictZip-enabl.patch
0024-block-Add-tar-container-format.patch ->
0019-block-Add-tar-container-format.patch
0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch ->
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
0026-console-add-question-mark-escape-op.patch ->
0021-console-add-question-mark-escape-op.patch
0027-Make-char-muxer-more-robust-wrt-sma.patch ->
0022-Make-char-muxer-more-robust-wrt-sma.patch
0028-linux-user-lseek-explicitly-cast-no.patch ->
0023-linux-user-lseek-explicitly-cast-no.patch
0029-virtfs-proxy-helper-Provide-__u64-f.patch ->
0024-virtfs-proxy-helper-Provide-__u64-f.patch
0030-configure-Enable-PIE-for-ppc-and-pp.patch ->
0025-configure-Enable-PIE-for-ppc-and-pp.patch
0031-AIO-Reduce-number-of-threads-for-32.patch ->
0026-AIO-Reduce-number-of-threads-for-32.patch
0032-dictzip-Fix-on-big-endian-systems.patch ->
0027-dictzip-Fix-on-big-endian-systems.patch
0033-xen_disk-Add-suse-specific-flush-di.patch ->
0028-xen_disk-Add-suse-specific-flush-di.patch
0035-qemu-bridge-helper-reduce-security-.patch ->
0029-qemu-bridge-helper-reduce-security-.patch
0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch ->
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0037-configure-Fix-detection-of-seccomp-.patch ->
0031-configure-Fix-detection-of-seccomp-.patch
0038-linux-user-properly-test-for-infini.patch ->
0032-linux-user-properly-test-for-infini.patch
0040-linux-user-remove-all-traces-of-qem.patch ->
0033-linux-user-remove-all-traces-of-qem.patch
0067-dma-rc4030-limit-interval-timer-rel.patch ->
0034-dma-rc4030-limit-interval-timer-rel.patch
0068-net-imx-limit-buffer-descriptor-cou.patch ->
0035-net-imx-limit-buffer-descriptor-cou.patch
0069-roms-Makefile-pass-a-packaging-time.patch ->
0036-roms-Makefile-pass-a-packaging-time.patch
* Patches added:
0037-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0046-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
ipxe-use-gcc6-for-more-compact-code.patch
* SLE patches dropped (accounted for in above listed changes):
0002-qemu-0.9.0.cvs-binfmt.patch
0009-block-vmdk-Support-creation-of-SCSI.patch
0010-linux-user-add-binfmt-wrapper-for-a.patch
0011-PPC-KVM-Disable-mmu-notifier-check.patch
0012-linux-user-fix-segfault-deadlock.patch
0013-linux-user-binfmt-support-host-bina.patch
0014-linux-user-Ignore-broken-loop-ioctl.patch
0015-linux-user-lock-tcg.patch
0016-linux-user-Run-multi-threaded-code-.patch
0017-linux-user-lock-tb-flushing-too.patch
0018-linux-user-Fake-proc-cpuinfo.patch
0019-linux-user-implement-FS_IOC_GETFLAG.patch
0020-linux-user-implement-FS_IOC_SETFLAG.patch
0021-linux-user-XXX-disable-fiemap.patch
0022-slirp-nooutgoing.patch
0023-vnc-password-file-and-incoming-conn.patch
0024-linux-user-add-more-blk-ioctls.patch
0025-linux-user-use-target_ulong.patch
0026-block-Add-support-for-DictZip-enabl.patch
0027-block-Add-tar-container-format.patch
0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
0029-console-add-question-mark-escape-op.patch
0030-Make-char-muxer-more-robust-wrt-sma.patch
0031-linux-user-lseek-explicitly-cast-no.patch
0032-virtfs-proxy-helper-Provide-_u64-f.patch
0033-configure-Enable-PIE-for-ppc-and-pp.patch
0034-Raise-soft-address-space-limit-to-h.patch
0035-increase-x86_64-physical-bits-to-42.patch
0036-vnc-provide-fake-color-map.patch
0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0038-i8254-Fix-migration-from-SLE11-SP2.patch
0039-acpi_piix4-Fix-migration-from-SLE11.patch
0040-qtest-Increase-socket-timeout-to-ac.patch
0041-dictzip-Fix-on-big-endian-systems.patch
0043-xen_disk-Add-suse-specific-flush-di.patch
0044-Split-large-discard-requests-from-b.patch
0045-fix-xen-hvm-direct-kernel-boot.patch
0046-xen-introduce-dummy-system-device.patch
0047-xen-write-information-about-support.patch
0048-xen-add-pvUSB-backend.patch
0049-xen-move-xen_sysdev-to-xen_backend..patch
0050-vnc-add-configurable-keyboard-delay.patch
0051-xen-SUSE-xenlinux-unplug-for-emulat.patch
0052-configure-add-echo_version-helper.patch
0053-configure-support-vte-2.91.patch
0054-scsi-esp-fix-migration.patch
0055-hw-arm-virt-mark-the-PCIe-host-cont.patch
0056-xen-when-removing-a-backend-don-t-r.patch
0057-xen-drain-submit-queue-in-xen-usb-b.patch
0058-qcow2-avoid-extra-flushes-in-qcow2.patch
0059-qemu-bridge-helper-reduce-security-.patch
0060-xen-use-a-common-function-for-pv-an.patch
0061-xen_platform-unplug-also-SCSI-disks.patch
0062-virtio-check-vring-descriptor-buffe.patch
0063-net-vmxnet3-check-for-device_active.patch
0064-net-vmxnet-initialise-local-tx-desc.patch
0065-scsi-pvscsi-avoid-infinite-loop-whi.patch
0066-ARM-KVM-Enable-in-kernel-timers-wit.patch
0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch
0068-vmsvga-correct-bitmap-and-pixmap-si.patch
0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch
0070-virtio-add-check-for-descriptor-s-m.patch
0071-net-mcf-limit-buffer-descriptor-cou.patch
0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch
0073-xhci-limit-the-number-of-link-trbs-.patch
0074-9pfs-allocate-space-for-guest-origi.patch
0075-9pfs-fix-memory-leak-in-v9fs_link.patch
0076-9pfs-fix-potential-host-memory-leak.patch
0077-9pfs-fix-memory-leak-in-v9fs_write.patch
0078-char-serial-check-divider-value-aga.patch
0079-net-pcnet-check-rx-tx-descriptor-ri.patch
0080-net-eepro100-fix-memory-leak-in-dev.patch
0081-net-rocker-set-limit-to-DMA-buffer-.patch
0082-net-rtl8139-limit-processing-of-rin.patch
0083-audio-intel-hda-check-stream-entry-.patch
0084-virtio-gpu-fix-memory-leak-in-virti.patch
0085-9pfs-fix-integer-overflow-issue-in-.patch
0086-dma-rc4030-limit-interval-timer-rel.patch
0087-net-imx-limit-buffer-descriptor-cou.patch
0088-target-i386-Implement-CPUID-0xB-Ext.patch
0089-target-i386-present-virtual-L3-cach.patch
0090-migration-fix-inability-to-save-VM-.patch
0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch
0092-gtk-don-t-leak-the-GtkBorder-with-V.patch
0093-xen-fix-ioreq-handling.patch
0094-macio-Use-blk_drain-instead-of-blk_.patch
0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch
0096-virtio-blk-Release-s-rq-queue-at-sy.patch
0097-virtio-blk-Remove-stale-comment-abo.patch
0098-block-reintroduce-bdrv_flush_all.patch
0099-qemu-use-bdrv_flush_all-for-vm_stop.patch
0100-block-backend-remove-blkflush_all.patch
0101-char-fix-missing-return-in-error-pa.patch
0102-rbd-shift-byte-count-as-a-64-bit-va.patch
0103-mirror-use-bdrv_drained_begin-bdrv_.patch
0104-block-curl-Use-BDRV_SECTOR_SIZE.patch
0105-block-curl-Fix-return-value-from-cu.patch
0106-block-curl-Remember-all-sockets.patch
0107-block-curl-Do-not-wait-for-data-bey.patch
0108-virtio-allow-per-device-class-legac.patch
0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch
0110-vhost-adapt-vhost_verify_ring_mappi.patch
0111-ivshmem-Fix-64-bit-memory-bar-confi.patch
0112-intel_iommu-fix-incorrect-device-in.patch
0113-9pfs-fix-information-leak-in-xattr-.patch
0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
0115-net-mcf-check-receive-buffer-size-r.patch
0116-virtio-gpu-fix-memory-leak-in-updat.patch
0117-virtio-gpu-fix-information-leak-in-.patch
0118-9pfs-adjust-the-order-of-resource-c.patch
0119-9pfs-add-cleanup-operation-in-FileO.patch
0120-9pfs-add-cleanup-operation-for-hand.patch
0121-9pfs-add-cleanup-operation-for-prox.patch
0122-virtio-gpu-call-cleanup-mapping-fun.patch
0123-string-input-visitor-Fix-uint64-par.patch
0124-test-string-input-visitor-Add-int-t.patch
0125-test-string-input-visitor-Add-uint6.patch
0126-tests-Add-QOM-property-unit-tests.patch
0127-tests-Add-scsi-disk-test.patch
0128-usb-ehci-fix-memory-leak-in-ehci_in.patch
0129-usbredir-free-vm_change_state_handl.patch
0130-virtio-gpu-fix-information-leak-in-.patch
ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
ipxe-ath-Fix-building-with-GCC-6.patch
ipxe-efi-fix-garbage-bytes-in-device-path.patch
ipxe-efi-fix-uninitialised-data-in-HII.patch
ipxe-legacy-Fix-building-with-GCC-6.patch
ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
ipxe-sis190-Fix-building-with-GCC-6.patch
ipxe-skge-Fix-building-with-GCC-6.patch
ipxe-util-v5.24-perl-errors-on-redeclare.patch
- SLE CVE, FATE, and bugzilla references not otherwise listed in
this changelog file. The intent of this list is to indicate that
the fix or feature continues the line of inheritance in the
development stream of this package. The list is intended to
satisfy searches only - refer to the SLE-12-SP2 changelog file
for additional details.
* fate#314468 fate#314497 fate#315125 fate#315467 fate#317015
fate#317741 fate#317763 fate#318349 fate#319660 fate#319979
fate#321010
* bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870
bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339
bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805
bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770
bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845
bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020
bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491
bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725
bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782
bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365
bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858
bsc#999212
bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769
bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764
bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112
bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779
* CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840
CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154
CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815
CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345
CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613
CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568
CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710
CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155
CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846
CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913
CVE-2016-9921 CVE-2016-9922

==== qemu-linux-user ====
Version update (2.7.0 -> 2.8.0)

- Buildignore for the global gcc-PIE, as this package enables PIE
on its own and has troubles if all use it. (meissner@xxxxxxxx)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches added:
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches added:
0056-tests-check-path-to-avoid-a-failing.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches added:
0055-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Fix s390x linux-user failure since v2.8.0 update
* Patches added:
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
- Merge qemu-linux-user packages from openSUSE and SUSE SLE releases
together for the v2.8 qemu update. The qemu-linux-user.changes
file is the openSUSE version with this entry providing CVE, FATE,
and bugzilla references from the SUSE SLE qemu package to date
(see below) - (the qemu-linux-user package derives from the same
sources as qemu, and the vast majority of fixes are targeted only
towards the qemu package.)
- Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
* Patches dropped (upstream):
0013-linux-user-lock-tcg.patch
0014-linux-user-Run-multi-threaded-code-.patch
0015-linux-user-lock-tb-flushing-too.patch
0017-linux-user-implement-FS_IOC_GETFLAG.patch
0018-linux-user-implement-FS_IOC_SETFLAG.patch
0034-xen-SUSE-xenlinux-unplug-for-emulat.patch
0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch
0041-vmsvga-correct-bitmap-and-pixmap-si.patch
0042-scsi-mptconfig-fix-an-assert-expres.patch
0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch
0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch
0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch
0046-scsi-mptsas-use-g_new0-to-allocate-.patch
0047-scsi-pvscsi-limit-process-IO-loop-t.patch
0048-virtio-add-check-for-descriptor-s-m.patch
0049-net-mcf-limit-buffer-descriptor-cou.patch
0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch
0051-xhci-limit-the-number-of-link-trbs-.patch
0052-9pfs-allocate-space-for-guest-origi.patch
0053-9pfs-fix-memory-leak-in-v9fs_link.patch
0054-9pfs-fix-potential-host-memory-leak.patch
0055-9pfs-fix-information-leak-in-xattr-.patch
0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
0057-9pfs-fix-memory-leak-in-v9fs_write.patch
0058-char-serial-check-divider-value-aga.patch
0059-net-pcnet-check-rx-tx-descriptor-ri.patch
0060-net-eepro100-fix-memory-leak-in-dev.patch
0061-net-rocker-set-limit-to-DMA-buffer-.patch
0062-net-vmxnet-initialise-local-tx-desc.patch
0063-net-rtl8139-limit-processing-of-rin.patch
0064-audio-intel-hda-check-stream-entry-.patch
0065-virtio-gpu-fix-memory-leak-in-virti.patch
0066-9pfs-fix-integer-overflow-issue-in-.patch
slof_xhci.patch
* Patches renamed:
0016-linux-user-Fake-proc-cpuinfo.patch ->
0013-linux-user-Fake-proc-cpuinfo.patch
0019-linux-user-XXX-disable-fiemap.patch ->
0014-linux-user-XXX-disable-fiemap.patch
0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch
0021-vnc-password-file-and-incoming-conn.patch ->
0016-vnc-password-file-and-incoming-conn.patch
0022-linux-user-use-target_ulong.patch ->
0017-linux-user-use-target_ulong.patch
0023-block-Add-support-for-DictZip-enabl.patch ->
0018-block-Add-support-for-DictZip-enabl.patch
0024-block-Add-tar-container-format.patch ->
0019-block-Add-tar-container-format.patch
0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch ->
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
0026-console-add-question-mark-escape-op.patch ->
0021-console-add-question-mark-escape-op.patch
0027-Make-char-muxer-more-robust-wrt-sma.patch ->
0022-Make-char-muxer-more-robust-wrt-sma.patch
0028-linux-user-lseek-explicitly-cast-no.patch ->
0023-linux-user-lseek-explicitly-cast-no.patch
0029-virtfs-proxy-helper-Provide-__u64-f.patch ->
0024-virtfs-proxy-helper-Provide-__u64-f.patch
0030-configure-Enable-PIE-for-ppc-and-pp.patch ->
0025-configure-Enable-PIE-for-ppc-and-pp.patch
0031-AIO-Reduce-number-of-threads-for-32.patch ->
0026-AIO-Reduce-number-of-threads-for-32.patch
0032-dictzip-Fix-on-big-endian-systems.patch ->
0027-dictzip-Fix-on-big-endian-systems.patch
0033-xen_disk-Add-suse-specific-flush-di.patch ->
0028-xen_disk-Add-suse-specific-flush-di.patch
0035-qemu-bridge-helper-reduce-security-.patch ->
0029-qemu-bridge-helper-reduce-security-.patch
0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch ->
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0037-configure-Fix-detection-of-seccomp-.patch ->
0031-configure-Fix-detection-of-seccomp-.patch
0038-linux-user-properly-test-for-infini.patch ->
0032-linux-user-properly-test-for-infini.patch
0040-linux-user-remove-all-traces-of-qem.patch ->
0033-linux-user-remove-all-traces-of-qem.patch
0067-dma-rc4030-limit-interval-timer-rel.patch ->
0034-dma-rc4030-limit-interval-timer-rel.patch
0068-net-imx-limit-buffer-descriptor-cou.patch ->
0035-net-imx-limit-buffer-descriptor-cou.patch
0069-roms-Makefile-pass-a-packaging-time.patch ->
0036-roms-Makefile-pass-a-packaging-time.patch
* Patches added:
0037-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0046-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
ipxe-use-gcc6-for-more-compact-code.patch
* SLE patches dropped (accounted for in above listed changes):
0002-qemu-0.9.0.cvs-binfmt.patch
0009-block-vmdk-Support-creation-of-SCSI.patch
0010-linux-user-add-binfmt-wrapper-for-a.patch
0011-PPC-KVM-Disable-mmu-notifier-check.patch
0012-linux-user-fix-segfault-deadlock.patch
0013-linux-user-binfmt-support-host-bina.patch
0014-linux-user-Ignore-broken-loop-ioctl.patch
0015-linux-user-lock-tcg.patch
0016-linux-user-Run-multi-threaded-code-.patch
0017-linux-user-lock-tb-flushing-too.patch
0018-linux-user-Fake-proc-cpuinfo.patch
0019-linux-user-implement-FS_IOC_GETFLAG.patch
0020-linux-user-implement-FS_IOC_SETFLAG.patch
0021-linux-user-XXX-disable-fiemap.patch
0022-slirp-nooutgoing.patch
0023-vnc-password-file-and-incoming-conn.patch
0024-linux-user-add-more-blk-ioctls.patch
0025-linux-user-use-target_ulong.patch
0026-block-Add-support-for-DictZip-enabl.patch
0027-block-Add-tar-container-format.patch
0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
0029-console-add-question-mark-escape-op.patch
0030-Make-char-muxer-more-robust-wrt-sma.patch
0031-linux-user-lseek-explicitly-cast-no.patch
0032-virtfs-proxy-helper-Provide-_u64-f.patch
0033-configure-Enable-PIE-for-ppc-and-pp.patch
0034-Raise-soft-address-space-limit-to-h.patch
0035-increase-x86_64-physical-bits-to-42.patch
0036-vnc-provide-fake-color-map.patch
0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0038-i8254-Fix-migration-from-SLE11-SP2.patch
0039-acpi_piix4-Fix-migration-from-SLE11.patch
0040-qtest-Increase-socket-timeout-to-ac.patch
0041-dictzip-Fix-on-big-endian-systems.patch
0043-xen_disk-Add-suse-specific-flush-di.patch
0044-Split-large-discard-requests-from-b.patch
0045-fix-xen-hvm-direct-kernel-boot.patch
0046-xen-introduce-dummy-system-device.patch
0047-xen-write-information-about-support.patch
0048-xen-add-pvUSB-backend.patch
0049-xen-move-xen_sysdev-to-xen_backend..patch
0050-vnc-add-configurable-keyboard-delay.patch
0051-xen-SUSE-xenlinux-unplug-for-emulat.patch
0052-configure-add-echo_version-helper.patch
0053-configure-support-vte-2.91.patch
0054-scsi-esp-fix-migration.patch
0055-hw-arm-virt-mark-the-PCIe-host-cont.patch
0056-xen-when-removing-a-backend-don-t-r.patch
0057-xen-drain-submit-queue-in-xen-usb-b.patch
0058-qcow2-avoid-extra-flushes-in-qcow2.patch
0059-qemu-bridge-helper-reduce-security-.patch
0060-xen-use-a-common-function-for-pv-an.patch
0061-xen_platform-unplug-also-SCSI-disks.patch
0062-virtio-check-vring-descriptor-buffe.patch
0063-net-vmxnet3-check-for-device_active.patch
0064-net-vmxnet-initialise-local-tx-desc.patch
0065-scsi-pvscsi-avoid-infinite-loop-whi.patch
0066-ARM-KVM-Enable-in-kernel-timers-wit.patch
0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch
0068-vmsvga-correct-bitmap-and-pixmap-si.patch
0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch
0070-virtio-add-check-for-descriptor-s-m.patch
0071-net-mcf-limit-buffer-descriptor-cou.patch
0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch
0073-xhci-limit-the-number-of-link-trbs-.patch
0074-9pfs-allocate-space-for-guest-origi.patch
0075-9pfs-fix-memory-leak-in-v9fs_link.patch
0076-9pfs-fix-potential-host-memory-leak.patch
0077-9pfs-fix-memory-leak-in-v9fs_write.patch
0078-char-serial-check-divider-value-aga.patch
0079-net-pcnet-check-rx-tx-descriptor-ri.patch
0080-net-eepro100-fix-memory-leak-in-dev.patch
0081-net-rocker-set-limit-to-DMA-buffer-.patch
0082-net-rtl8139-limit-processing-of-rin.patch
0083-audio-intel-hda-check-stream-entry-.patch
0084-virtio-gpu-fix-memory-leak-in-virti.patch
0085-9pfs-fix-integer-overflow-issue-in-.patch
0086-dma-rc4030-limit-interval-timer-rel.patch
0087-net-imx-limit-buffer-descriptor-cou.patch
0088-target-i386-Implement-CPUID-0xB-Ext.patch
0089-target-i386-present-virtual-L3-cach.patch
0090-migration-fix-inability-to-save-VM-.patch
0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch
0092-gtk-don-t-leak-the-GtkBorder-with-V.patch
0093-xen-fix-ioreq-handling.patch
0094-macio-Use-blk_drain-instead-of-blk_.patch
0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch
0096-virtio-blk-Release-s-rq-queue-at-sy.patch
0097-virtio-blk-Remove-stale-comment-abo.patch
0098-block-reintroduce-bdrv_flush_all.patch
0099-qemu-use-bdrv_flush_all-for-vm_stop.patch
0100-block-backend-remove-blkflush_all.patch
0101-char-fix-missing-return-in-error-pa.patch
0102-rbd-shift-byte-count-as-a-64-bit-va.patch
0103-mirror-use-bdrv_drained_begin-bdrv_.patch
0104-block-curl-Use-BDRV_SECTOR_SIZE.patch
0105-block-curl-Fix-return-value-from-cu.patch
0106-block-curl-Remember-all-sockets.patch
0107-block-curl-Do-not-wait-for-data-bey.patch
0108-virtio-allow-per-device-class-legac.patch
0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch
0110-vhost-adapt-vhost_verify_ring_mappi.patch
0111-ivshmem-Fix-64-bit-memory-bar-confi.patch
0112-intel_iommu-fix-incorrect-device-in.patch
0113-9pfs-fix-information-leak-in-xattr-.patch
0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
0115-net-mcf-check-receive-buffer-size-r.patch
0116-virtio-gpu-fix-memory-leak-in-updat.patch
0117-virtio-gpu-fix-information-leak-in-.patch
0118-9pfs-adjust-the-order-of-resource-c.patch
0119-9pfs-add-cleanup-operation-in-FileO.patch
0120-9pfs-add-cleanup-operation-for-hand.patch
0121-9pfs-add-cleanup-operation-for-prox.patch
0122-virtio-gpu-call-cleanup-mapping-fun.patch
0123-string-input-visitor-Fix-uint64-par.patch
0124-test-string-input-visitor-Add-int-t.patch
0125-test-string-input-visitor-Add-uint6.patch
0126-tests-Add-QOM-property-unit-tests.patch
0127-tests-Add-scsi-disk-test.patch
0128-usb-ehci-fix-memory-leak-in-ehci_in.patch
0129-usbredir-free-vm_change_state_handl.patch
0130-virtio-gpu-fix-information-leak-in-.patch
ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
ipxe-ath-Fix-building-with-GCC-6.patch
ipxe-efi-fix-garbage-bytes-in-device-path.patch
ipxe-efi-fix-uninitialised-data-in-HII.patch
ipxe-legacy-Fix-building-with-GCC-6.patch
ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
ipxe-sis190-Fix-building-with-GCC-6.patch
ipxe-skge-Fix-building-with-GCC-6.patch
ipxe-util-v5.24-perl-errors-on-redeclare.patch
- SLE CVE, FATE, and bugzilla references not otherwise listed in
this changelog file. The intent of this list is to indicate that
the fix or feature continues the line of inheritance in the
development stream of this package. The list is intended to
satisfy searches only - refer to the SLE-12-SP2 changelog file
for additional details.
* fate#314468 fate#314497 fate#315125 fate#315467 fate#317015
fate#317741 fate#317763 fate#318349 fate#319660 fate#319979
fate#321010
* bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870
bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339
bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805
bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770
bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845
bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020
bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491
bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725
bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782
bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365
bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858
bsc#999212
bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769
bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764
bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112
bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779
* CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840
CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154
CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815
CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345
CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613
CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568
CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710
CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155
CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846
CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913
CVE-2016-9921 CVE-2016-9922

==== sssd ====
Version update (1.15.1 -> 1.15.2)
Subpackages: libnfsidmap-sss libsss_idmap0 libsss_nss_idmap0 libsss_simpleifp0
sssd-32bit sssd-krb5-common sssd-ldap

- Introduce mandatory runtime requirement "cyrus-sasl-gssapi" to
krb5-common sub-package. Address bsc#1024836.
- Update to new upstream release 1.15.2
* It is now possible to configure certain parameters of a
trusted domain in a configuration file sub-section.
* Several issues related to socket-activating the NSS service,
especially if SSSD was configured to use a non-privileged
userm were fixed. The NSS service now does not change the
ownership of its log files to avoid triggering a name-service
lookup while the NSS service is not running yet.
Additionally, the NSS service is started before any other
service to make sure username resolution works and the other
service can resolve the SSSD user correctly.
* A new option "cache_first" allows the administrator to change
the way multiple domains are searched. When this option is
enabled, SSSD will first try to "pin" the requested name or
ID to a domain by searching the entries that are already
cached and contact the domain that contains the cached entry
first. Previously, SSSD would check the cache and the remote
server for each domain. This option brings performance
benefit for setups that use multiple domains (even
auto-discovered trusted domains), especially for ID lookups
that would previously iterate over all domains. Please note
that this option must be enabled with care as the
administrator must ensure that the ID space of domains does
not overlap.
* The SSSD D-Bus interface gained two new methods:
"FindByNameAndCertificate" and "ListByCertificate". These
methods will be used primarily by IPA and
`mod_lookup_identity
<https://github.com/adelton/mod_lookup_identity/> to
correctly match multple users who use the same certificate
for Smart Card login.
* A bug where SSSD did not properly sanitize a username with a
newline character in it was fixed.

==== texlive ====

- Modify patch kpathsea_cnf.dif to remove mpost from the allowed
shell escaping commands (bsc#1028271, CVE-2016-10243)

==== wayland ====
Subpackages: libwayland-client0 libwayland-client0-32bit libwayland-cursor0
libwayland-server0 libwayland-server0-32bit

- Add 0001-tests-Fix-new-ID-type-handling-in-argument_from_va_l.patch
to resolve testsuite failure on s390x

==== wxWidgets-3_0 ====
Subpackages: libwx_baseu-suse3 libwx_baseu_net-suse3 libwx_baseu_xml-suse3
libwx_gtk2u_adv-suse3 libwx_gtk2u_aui-suse3 libwx_gtk2u_core-suse3
libwx_gtk2u_gl-suse3 libwx_gtk2u_html-suse3 libwx_gtk2u_media-suse3
libwx_gtk2u_propgrid-suse3 libwx_gtk2u_qa-suse3 libwx_gtk2u_richtext-suse3
libwx_gtk2u_stc-suse3 libwx_gtk2u_webview-suse3 libwx_gtk2u_xrc-suse3

- Fix devel package description.

==== wxWidgets-3_0-nostl ====
Subpackages: libwx_baseu-suse-nostl3 libwx_baseu_net-suse-nostl3
libwx_baseu_xml-suse-nostl3 libwx_gtk2u_adv-suse-nostl3
libwx_gtk2u_core-suse-nostl3 libwx_gtk2u_html-suse-nostl3
libwx_gtk2u_qa-suse-nostl3

- Actually apply relax-abi.diff and fix devel package description.

==== xf86-input-wacom ====

- switched input-tools required to linuxconsoletools (bsc#1029489)

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages