Mailinglist Archive: opensuse-factory (520 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20170505 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170505

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
ImageMagick (7.0.5.4 -> 7.0.5.5)
Mesa (17.0.4 -> 17.0.5)
MozillaFirefox (52.0.2 -> 52.1.0)
MozillaFirefox-branding-openSUSE
autofs
ceph (12.0.1+git.1491557762.4e47e9f -> 12.0.2+git.1493295295.8c88dc6)
cpupower (4.10 -> 4.11)
hwinfo (21.39 -> 21.40)
libsolv (0.6.26 -> 0.6.27)
libvirt (3.2.0 -> 3.3.0)
libzypp (16.8.0 -> 16.9.0)
mxml
open-iscsi
parted
python-kiwi (9.4.10 -> 9.6.0)
samba (4.6.2+git.19.c267455e57b -> 4.6.3+git.21.0735c828d4f)
slrn (1.0.2 -> 1.0.3)
tcsh
tmux
vim
xine-ui
xmlbeans
zypper (1.13.24 -> 1.13.25)

=== Details ===

==== ImageMagick ====
Version update (7.0.5.4 -> 7.0.5.5)
Subpackages: ImageMagick-devel ImageMagick-extra libMagick++-7_Q16HDRI2
libMagickCore-7_Q16HDRI2 libMagickWand-7_Q16HDRI0 perl-PerlMagick

- updated to 7.0.5-5
* Minimize buffer copies to improve OpenCL performance.
* Morphology thinning is no longer a no-op.
* Patch two PCD writer problems, corrupt output and dark pixels.
* Support ICC based PDF's.
* Fix improper EPS clip path rendering.
- workaround failed test
+ ImageMagick-relax-filter.t.patch

==== Mesa ====
Version update (17.0.4 -> 17.0.5)
Subpackages: Mesa-dri-devel Mesa-dri-nouveau Mesa-libEGL-devel Mesa-libEGL1
Mesa-libGL-devel Mesa-libGL1 Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva
libOSMesa8 libOSMesa8-32bit libgbm1 libvdpau_nouveau libvdpau_r300
libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon
libwayland-egl1 libxatracker2

- update to 17.0.5
* fdo#97524 - Samplers referring to the same texture unit with different
types should raise GL_INVALID_OPERATION
* nvc0/ir: Properly handle a "split form" of predicate destination
* nir: Destination component count of shader_clock intrinsic is 2
* winsys/sw/dri: don't use GNU void pointer arithmetic
* st/clover: add space between &lt; and ::
* configure.ac: check require_basic_egl only if egl enabled
* st/mesa: automake: honour the vdpau header install location
* intel/fs: Use regs_written() in spilling cost heuristic for improved
accuracy
* intel/fs: Take into account amount of data read in spilling cost heuristic.
* radv: report timestampPeriod correctly
* anv/blorp: Flush the texture cache in UpdateBuffer
* anv/cmd_buffer: Flush the VF cache at the top of all primaries
* anv/cmd_buffer: Always set up a null surface state
* anv/cmd_buffer: Use the null surface state for ATTACHMENT_UNUSED
* anv/blorp: Properly handle VK_ATTACHMENT_UNUSED
* i965/vec4: Avoid reswizzling MACH instructions in opt_register_coalesce()
* st/mesa: invalidate the readpix cache in st_indirect_draw_vbo
* anv/cmd_buffer: Disable CCS on BDW input attachments
* mesa: fix remaining xfb prims check for GLES with multiple instances
* mesa: validate sampler type across the whole program
* vbo: fix gl_DrawID handling in glMultiDrawArrays
* util/queue: don't hang at exit
* mesa: fix remaining xfb prims check for GLES with multiple instances
* mesa: extract need_xfb_remaining_prims_check
* mesa: move glMultiDrawArrays to vbo and fix error handling
+ update Mesa.keyring to both upstream release managers
- u_gallivm-correct-channel-shift-logic-on-big-endian.patch:
* instead of reverse applying a change on s390x
("U_draw-use-SoA-fetch-not-AoS-one.patch") address the
issue by a real fix (bsc#1032272, fdo#100613)
- baselibs.conf: added libvulkan_intel-32bit as a requirement for
Mesa-libd3d (boo#1036282)
- No OpenCL on ppc

==== MozillaFirefox ====
Version update (52.0.2 -> 52.1.0)
Subpackages: MozillaFirefox-translations-common

- update to Firefox 52.1.0esr (boo#1035082)
MFSA 2017-12
* CVE-2017-5443 (bmo#1342661)
Out-of-bounds write during BinHex decoding
* CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
Firefox ESR 52.1
* CVE-2017-5464 (bmo#1347075)
Memory corruption with accessibility and DOM manipulation
* CVE-2017-5465 (bmo#1347617)
Out-of-bounds read in ConvolvePixel
* CVE-2017-5466 (bmo#1353975)
Origin confusion when reloading isolated data:text/html URL
* CVE-2017-5467 (bmo#1347262)
Memory corruption when drawing Skia content
* CVE-2017-5460 (bmo#1343642)
Use-after-free in frame selection
* CVE-2017-5461 (bmo#1344380)
Out-of-bounds write in Base64 encoding in NSS
* CVE-2017-5448 (bmo#1346648)
Out-of-bounds write in ClearKeyDecryptor
* CVE-2017-5449 (bmo#1340127)
Crash during bidirectional unicode manipulation with animation
* CVE-2017-5446 (bmo#1343505)
Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
* CVE-2017-5447 (bmo#1343552)
Out-of-bounds read during glyph processing
* CVE-2017-5444 (bmo#1344461)
Buffer overflow while parsing application/http-index-format content
* CVE-2017-5445 (bmo#1344467)
Uninitialized values used while parsing application/http-index-format
content
* CVE-2017-5442 (bmo#1347979)
Use-after-free during style changes
* CVE-2017-5469 (bmo#1292534)
Potential Buffer overflow in flex-generated code
* CVE-2017-5440 (bmo#1336832)
Use-after-free in txExecutionState destructor during XSLT processing
* CVE-2017-5441 (bmo#1343795)
Use-after-free with selection during scroll events
* CVE-2017-5439 (bmo#1336830)
Use-after-free in nsTArray Length() during XSLT processing
* CVE-2017-5438 (bmo#1336828)
Use-after-free in nsAutoPtr during XSLT processing
* CVE-2017-5437 (bmo#1343453)
Vulnerabilities in Libevent library
* CVE-2017-5436 (bmo#1345461)
Out-of-bounds write with malicious font in Graphite 2
* CVE-2017-5435 (bmo#1350683)
Use-after-free during transaction processing in the editor
* CVE-2017-5434 (bmo#1349946)
Use-after-free during focus handling
* CVE-2017-5433 (bmo#1347168)
Use-after-free in SMIL animation functions
* CVE-2017-5432 (bmo#1346654)
Use-after-free in text input selection
* CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686, bmo#1346140,
bmo#1346419, bmo#1348143, bmo#1349621, bmo#1349719, bmo#1353476)
Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
* CVE-2017-5459 (bmo#1333858)
Buffer overflow in WebGL
* CVE-2017-5462 (bmo#1345089)
DRBG flaw in NSS
* CVE-2017-5455 (bmo#1341191)
Sandbox escape through internal feed reader APIs
* CVE-2017-5454 (bmo#1349276)
Sandbox escape allowing file system read access through file
picker
* CVE-2017-5456 (bmo#1344415)
Sandbox escape allowing local file system access
* CVE-2017-5451 (bmo#1273537)
Addressbar spoofing with onblur event
- requires NSS 3.28.4
- rebased patches

==== MozillaFirefox-branding-openSUSE ====

- recognize Leap 42.3 (boo#1036679)

==== autofs ====

- remove rpmlintrc, review was boo#782691
- Fix spurious ELOOP on certain kinds of failures (bsc#968918):
* autofs: fix yp map age not updated in s/_/./g case
* autofs: properly handle errors in lookup_nss_mount
* Added patches:
autofs-5.1.1-properly-handle-errors-in-lookup_nss_mount.patch
autofs-5.1.1-fix-yp-map-age-not-updated-during-map-lookup.patch

==== ceph ====
Version update (12.0.1+git.1491557762.4e47e9f -> 12.0.2+git.1493295295.8c88dc6)
Subpackages: librados2 librbd1

- Update to version 12.0.2+git.1493291471.adb6a43:
+ rocksdb: sync with upstream (bsc#1025891)
+ build/ops: cmake: explicitly disable MSSE 4.2 if not supported
- _constraints: set higher disk and memory constraints so s390x
builds don't fail
- Update to version 12.0.2+git.1493238434.71681fd:
+ cmake: added empty RPATH to libceph_crypto_isal.so
- Update to version 12.0.2+git.1493227670.3396ca1:
+ rgw: use a vector for options passed to civetweb
- Update to version 12.0.2+git.1493192333.3305a0c
+ merge upstream master (0d368d2c8544247a4aed9c71c74e77b0c6bbfb22)
including 12.0.2 development release
- revert commit a9a50f690085091bb4446095418237f9fef712c8 in preparation for
rebasing against the upstream implementation. (bsc#1035937)

==== cpupower ====
Version update (4.10 -> 4.11)
Subpackages: libcpupower0

- Update to latest mainline sources
- turbostat changed versioning scheme (we now have version 17.04.12)

==== hwinfo ====
Version update (21.39 -> 21.40)
Subpackages: hwinfo-devel

- enhance documentation
- merge gh#openSUSE/hwinfo#45
- small doc changes
- 21.40

==== libsolv ====
Version update (0.6.26 -> 0.6.27)
Subpackages: libsolv-devel libsolv-tools perl-solv python-solv

- change queue resize code to use adaptive chunk sizes
- fix potential segfault in testcase_depstr [bnc#1036002]
- fix performance issues with name = md5sum dependencies
[bnc#1035946]
- improve "forcebest with uninstall" handling
- make dirid handling more robust
- build with libxml2 instead of libexpat
- bump version to 0.6.27

==== libvirt ====
Version update (3.2.0 -> 3.3.0)
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network
libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface
libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc
libvirt-daemon-driver-network libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-uml
libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu
libvirt-daemon-xen libvirt-libs

- Update to libvirt 3.3.0 RC1
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Dropped patches:
ae102b5d7-qemu-fix-regression-when-hyperv-vendor_id-feature-is-used.patch
- Bug fixes:
bsc#978121, bsc#1017017, bsc#1032863, bsc#1033117, bsc#1034024,
bsc#1034146
- libxl: add default controllers for USB devices
libxl-def-usbctrl.patch
bsc#1031056

==== libzypp ====
Version update (16.8.0 -> 16.9.0)

- PoolQuery: Treat explicit queries for 'kind:name' correctly
(bsc#1035729)
- version 16.9.0 (0)

==== mxml ====
Subpackages: libmxml1

- Add reproducible.patch to make build reproducible

==== open-iscsi ====
Subpackages: iscsiuio

- Added support for qedi ping (bsc#1036238)

==== parted ====
Subpackages: libparted0

- Use latest fdasd/vtoc code base from s390-tools (fate#321531)
- add: libparted-dasd-unify-vtoc-handling-for-cdl-ldl.patch
- add: libparted-dasd-update-and-improve-fdasd-functions.patch
- add: libparted-dasd-add-new-fdasd-functions.patch
- libparted: Don't warn if the HDIO_GET_IDENTITY ioctl isn't
supported (bsc#964012, bsc#1001967)
- add: libparted-dont-warn-if-no-HDIO_GET_IDENTITY.patch
- Amend patch description:
- libparted-open-the-device-RO-and-lazily-switch-to-RW.patch

==== python-kiwi ====
Version update (9.4.10 -> 9.6.0)
Subpackages: kiwi-pxeboot kiwi-tools

- Bump version: 9.5.0 ? 9.6.0
- Additional container commandline options
Added --set-container-derived-from and --set-container-tag
commandline options which allows to overwrite the data set
in the XML configuration
- Implement obsrepositories source on derived_from
The following reference to a derived container:
obsrepositories:/container#latest
Will be translated into the following buildservice
local path:
/usr/src/packages/SOURCES/containers/_obsrepositories/container#latest
- Implement obs source on derived_from
The following reference to a derived container:
obs:/project/repo/container#tag
Will be translated into the following buildservice
local path:
/usr/src/packages/SOURCES/containers/project/repo/container#tag
- Use urlparse to detect uri scheme
The source location postfix can contain several different
formats e.g :/, or :// or even just :, python's urlparse
is able to cope with all that which allows to work with
the url scheme base name and thus makes handling this
code more robust
- Bump version: 9.4.11 ? 9.5.0
- Include '--delete' in OCI images DataSync
This commit includes #310 patch for OCI images.
It also corrects the end of line format for kiwi/container/docker.py
and test/unit/container_image_docker_test.py, so flake tests are all
green.
- Include --delete flag in DataSync for docker images
This commit includes the --delete flag in order to synchronize the
docker images. This is relevant for derived images where the new
layer might not only add files, but also remove something from the
base image.
Fixes #309
- Define correct default locations for sources-dir and preferences-dir
In order to ensure that the defined repositories in the KIWI configuration
are set to the correct places for installing into the image, the
sources-dir and preferences-dir need to be redefined to point to the
in-image location, as it is done for the other package managers.
- Do not purge the repositories before inserting them
There are no good reasons to be purging the repo directories, especially
when it is common for some distributions (Red Hat/CentOS/Fedora, for example)
to ship repository configuration as packages. Deleting them puts the package
manager in the system into a weird state, so we want to avoid this.
- Fix default reposdir path for Yum
- Add support for OCI images
This commit adds support for OCI images. Most of the docker related
code is reused for OCI classes and Docker classes have been refactored
so now they are a splecialization of the OCI classes. It is done this
way since KIWI internally only uses OCI format to operate with
containers, therefore docker images just differ from OCI images by
the way they are packaged or unpackaged.
- Add clear attribute for entrypoint and subcommand sections
This commit adds the possibility of clearing asny subcommand or
entrypoint. This is relevant for docker derived images, as they
inherit the configuration and it might lead to some bad behavior.
- Bump version: 9.4.10 ? 9.4.11
- Add require/recommend installation support for yum
This commit adds support to install required only or required plus
recommended packages using yum as the package manager.
- Add support for required/recommended packages
This commit enables support to install only required packages
or install required plus recommended packages.
- Include 'plusRecommended' management for dnf
Add support to enable/disable installation of recommended packages
for dnf package manager. With this commit 'plusRecommended'
patternType triggers on installation of recommended packages, which
is turned off by default.
- Make sure debian repositories database is populated before install
This commit includes an 'apt-get update' call before any 'apt-get
install' command. This way the packages database is always ready,
even if no bootstrap procedure has been executed.

==== samba ====
Version update (4.6.2+git.19.c267455e57b -> 4.6.3+git.21.0735c828d4f)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0
libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0
libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit
libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit
libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0
libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit
libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit
libsmbclient-devel libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0
libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0
libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-libs
samba-libs-32bit samba-winbind samba-winbind-32bit

- Update to 4.6.3; (bsc#1036011)
+ s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
from shares with GlusterFS backend; (bso#12743).
+ Fix for Solaris C compiler; (bso#12559).
+ s3: locking: Update oplock optimization for the leases era; (bso#12628).
+ Make the Solaris C compiler happy; (bso#12693).
+ s3: libgpo: Allow skipping GPO objects that don't have the
expected LDAP attributes; (bso#12695).
+ Fix buffer overflow caused by wrong use of getgroups; (bso#12747).
+ lib: debug: Avoid negative array access; (bso#12746).
+ cleanupdb: Fix a memory read error; (bso#12748).
+ streams_xattr and kernel oplocks results in
NT_STATUS_NETWORK_BUSY; (bso#7537).
+ winbindd: idmap_autorid allocates ids for unknown SIDs from other
backends; (bso#11961).
+ vfs_fruit: Resource fork open request with
flags=O_CREAT|O_RDONLY; (bso#12565).
+ manpages/vfs_fruit: Document global options; (bso#12615).
+ lib/pthreadpool: Fix a memory leak; (bso#12624).
+ Lookup-domain for well-known SIDs on a DC; (bso#12727).
+ winbindd: Fix error handling in rpc_lookup_sids(); (bso#12728).
+ winbindd: Trigger possible passdb_dsdb initialisation; (bso#12729).
+ credentials_krb5: use gss_acquire_cred for client-side GSSAPI
use case; (bso#12611).
+ lib/crypto: Implement samba.crypto Python module for RC4; (bso#12690).
+ ctdb-readonly: Avoid a tight loop waiting for revoke to
complete; (bso#12697).
+ ctdb_event monitor command crashes if event is not specified;
(bso#12723).
+ ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'; (bso#12733).
+ smbd: Fix smb1 findfirst with DFS; (bso#12558).
+ smbd: Do an early exit on negprot failure; (bso#12610).
+ winbindd: Fix substitution for 'template homedir'; (bso#12699).
+ s4:kdc: Disable principal based autodetected referral detection;
(bso#12554).
+ idmap_autorid: Allocate new domain range if the callers knows
the sid is valid; (bso#12613).
+ LINKFLAGS_PYEMBED should not contain -L/some/path; (bso#12724).
+ PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
trusted domain; (bso#12725).
+ rpcclient: Allow -U'OTHERDOMAIN\user' again; (bso#12731).
+ winbindd: Fix password policy for pam authentication; (bso#12725).
+ s3:gse: Correctly handle external trusts with MIT; (bso#12554).
+ auth/credentials: Always set the realm if we set the principal
from the ccache; (bso#12611).
+ replace: Include sysmacros.h; (bso#12686).
+ s3:vfs_expand_msdfs: Do not open the remote address as a file;
(bso#12687).
+ s3:libsmb: Only print error message if kerberos use is forced;
(bso#12704).
+ winbindd: Child process crashes when kerberos-authenticating
a user with wrong password; (bso#12708).
+ vfs_fruit: Office document opens as read-only on macOS due to
CNID semantics; (bso#12715).
+ vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
fragmented; (bso#12737).
- Generate and update vendor-files tarball from Git
+ SuSEfirewall2 service samba-client only setup IPv4 rule; (bsc#1034416).

==== slrn ====
Version update (1.0.2 -> 1.0.3)
Subpackages: slrn-lang

- remove unused files with restrictive licenses - bsc#1036331
- Ensure neutrality in description.
- slrn 1.0.3:
* A quoted-string in the display portion of an address was not
being marked as allowing mime-encoded text.
* After calling iconv to perform a character set conversion on an
article line, call it again with just the newline character.
This resets the state for some conversion types (UTF-7).
* Disable support for SSLv3, which is vulnerable to POODLE
attacks CVE-2014-3566 bsc#1031023
* The reject_long_lines option was not working as documented.
Setting it to 0 had no effect when netiquette_warnings was set
to a non-zero value.
* replace_article_with_mime_obj, also decode
quoted-printable/base64.
* Add a file from the autoconf archive that detects libraries
needed for socket support. The old method used X_EXTRA_LIBS,
which breaks if X in not installed.
* Added support for large (>2GB) files on 32 bit unix systems.
* Updated Danish translation
* If a mime message has already been base64/QP converted, do not
try to convert it again.
* Do not use SSL_CTX_set_options if gnutls is being used
* Use labs instead of abs for long integer
* Removed compilation date info for a reproducible build
* rfc1522_encode_word: max_nbytes was not being properly limit
checked.

==== tcsh ====
Subpackages: tcsh-lang

- Add patch tcsh-6.20.00-8bit-cmdkeys.patch
Do not convert current used control bytes into wide characters
- Extend bindkey.tcsh with 8-bit controls key escape sequences

==== tmux ====

- Fix boo#1037468 - tmux_issue889.patch

==== vim ====
Subpackages: gvim vim-data

- Extend vimrc with mappings for 8-bit controls key escape sequences
- Conflict with old vim versions to fix the upgrade from 12.3
boo#1036583

==== xine-ui ====

- Add reproducible.patch to make build fully reproducible
by not having variations in mime type order in .desktop file

==== xmlbeans ====

- Buildignore xml-commons-jaxp-1.3-apis and xml-commons-resolver12
only when building xmlbeans-mini.

==== zypper ====
Version update (1.13.24 -> 1.13.25)
Subpackages: zypper-aptitude zypper-log

- Fix translation shortcut error (bsc#1035344)
- version 1.13.25

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages