Mailinglist Archive: opensuse-factory (1009 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20170406 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170406

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
ImageMagick (6.9.8.2 -> 7.0.5.4)
ccache (3.3.3 -> 3.3.4)
cmake
hylafax+ (5.5.8 -> 5.5.9)
libvirt-python (3.1.0 -> 3.2.0)
lightdm (1.21.5 -> 1.22.0)
perl-DBD-Pg
tiff
units (2.13 -> 2.14)

=== Details ===

==== ImageMagick ====
Version update (6.9.8.2 -> 7.0.5.4)
Subpackages: ImageMagick-devel ImageMagick-extra perl-PerlMagick

- updated to 7.0.5-4
* new branch, see
https://www.imagemagick.org/script/porting.php
- deleted unneded patches
. ImageMagick-6.6.8.9-doc.patch
. ImageMagick-6.6.8.9-examples.patch
. ImageMagick-6.7.6.1-no-dist-lzip.patch
. ImageMagick-6.8.4.0-dont-build-in-install.patch
. ImageMagick-6.8.4.0-rpath.patch
. ImageMagick-montage.t.patch
. ImageMagick-6.8.5.7-no-XPMCompliance.patch
- renamed patches
. ImageMagick-6.8.8-1-disable-insecure-coders.patch to
ImageMagick-disable-insecure-coders.patch

==== ccache ====
Version update (3.3.3 -> 3.3.4)

- Update to version 3.3.4:
* Documented the different cache statistics counters.
* Fixed a regression in ccache 3.3 related to potentially bad
content of dependency files when compiling identical source
code but with different source paths. This was only partially
fixed in 3.3.2 and reverts the new ?Names of included files are
no longer included in the hash of the compiler?s preprocessed
output? feature in 3.3.
* Corrected statistics counter for -optf/--options-file failure.
* Fixed undefined behavior warnings in ccache found by
- fsanitize=undefined.

==== cmake ====

- Add reproducible.patch and reproducible2.patch
to allow for reproducible builds of freerdp and other packages
- find ImageMagick 7
+ cmake-ImageMagick7.patch

==== hylafax+ ====
Version update (5.5.8 -> 5.5.9)
Subpackages: hylafax+-client

- hylafax+ 5.5.9
* fix a handful of compiler warnings for gcc v7 (13, 17 Feb 2017)
* fix job rescheduling if the proxy connection attempt fails (13 Jul 2016)
* increase the maximum number of triggers from 1024 to 4096 (13 Jul 2016)
* eliminate faxq job priority "bounding" (13 Jul 2016)
* attempt to detect premature non-ECM Phase C carrier loss (15 Jun 2016)
* add missing recvq error message indications (6 May 2016)
* fix tagtest support for multi-strip images (25 Mar 2016)
* enhance textfmt wrapping to occur on word boundaries (24 Feb 2016)

==== libvirt-python ====
Version update (3.1.0 -> 3.2.0)

- Update to 3.2.0
- Add all new APIs and constants in libvirt 3.2.0
- FATE#319684, FATE#321335, FATE#321349

==== lightdm ====
Version update (1.21.5 -> 1.22.0)
Subpackages: liblightdm-gobject-1-0 lightdm-lang

- Update to version 1.22.0:
* Allow guest sessions to talk to Mir.

==== perl-DBD-Pg ====

- Fixed sle_version macro
- Removed %clean section

==== tiff ====
Subpackages: libtiff-devel libtiff5 libtiff5-32bit

- Added patches:
* tiff-CVE-2016-10266.patch
+ Upstream fix for CVE-2016-10266, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (divide-by-zero error
and application crash) via a crafted TIFF image (bsc#1031263)
* tiff-CVE-2016-10267.patch
+ Upstream fix for CVE-2016-10267, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (divide-by-zero error
and application crash) via a crafted TIFF image (bsc#1031262)
* tiff-CVE-2016-10268.patch
+ Upstream fix for CVE-2016-10268, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (divide-by-zero error
and application crash) via a crafted TIFF image (bsc#1031255)
* tiff-CVE-2016-10269.patch
+ Upstream fix for CVE-2016-10269, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (heap-based buffer
over-read) or possibly have unspecified other impact via a
crafted TIFF image (bsc#1031254)
* tiff-CVE-2016-10270.patch
+ Upstream fix for CVE-2016-10270, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (heap-based buffer
over-read) or possibly have unspecified other impact via a
crafted TIFF image (bsc#1031250)
* tiff-CVE-2016-10271.patch
+ Upstream fix for CVE-2016-10271, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (heap-based buffer
over-read and buffer overflow) or possibly have unspecified
other impact via a crafted TIFF image (bsc#1031249)
* tiff-CVE-2016-10272.patch
+ Upstream fix for CVE-2016-10272, LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (heap-based buffer
overflow) or possibly have unspecified other impact via a
crafted TIFF image (bsc#1031247)

==== units ====
Version update (2.13 -> 2.14)

- units 2.14:
* Eliminated parser memory management limitation affecting long
input expressions (e.g. a sum of more than 100 units)
* Control characters are treated as white space rather than
producing an error about invalid UTF-8.

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages