Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170815
When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.
Packages changed:
Mesa (17.1.5 -> 17.1.6)
MozillaFirefox (52.2.1 -> 52.3.0)
apr-util
autoyast2 (3.3.2 -> 3.3.3)
busybox (1.25.1 -> 1.26.2)
ca-certificates (2+git20151110.c15593c -> 2+git20170807.10b2785)
chromaprint
ddskk
drbd-utils
ffmpeg (3.3.2 -> 3.3.3)
fltk
gnome-logs (3.24.1 -> 3.24.2)
gnome-settings-daemon
gnome-shell
kde-gtk-config5
kde-l10n (17.04.3 -> 17.08.0)
kmod
libfastjson (0.99.5 -> 0.99.6)
libgit2-glib (0.25.0 -> 0.26.0)
libpng16 (1.6.30 -> 1.6.31)
libquvi-scripts
libreoffice
libsndfile
libsrtp (1.5.4 -> 1.6.0)
libwnck (3.24.0 -> 3.24.1)
libxkbcommon (0.7.1 -> 0.7.2)
man-pages (4.11 -> 4.12)
mono-core
mpg123 (1.25.4 -> 1.25.6)
ncurses
open-iscsi
openssl-1_0_0
perl-Error (0.17024 -> 0.17025)
plasma-nm5
plasma5-workspace
poppler (0.56.0 -> 0.57.0)
poppler-qt5 (0.56.0 -> 0.57.0)
powerman
procps
python-appdirs (1.4.1 -> 1.4.3)
python-decorator (4.0.11 -> 4.1.2)
python-matplotlib (2.0.0 -> 2.0.2)
python-pyOpenSSL
python-pycurl
python-pyserial (3.3 -> 3.4)
python-requests (2.18.1 -> 2.18.2)
python-urllib3 (1.21.1 -> 1.22)
rdma-core
rsyslog (8.28.0 -> 8.29.0)
rubygem-fast_gettext (1.4.0 -> 1.4.1)
samba
smartmontools
snapper (0.5.0 -> 0.5.1)
taglib (1.11 -> 1.11.1)
unbound
update-alternatives
virtualbox
yast2 (3.3.7 -> 3.3.8)
yast2-control-center (3.1.6 -> 3.3.0)
yast2-installation (3.3.3 -> 3.3.5)
yast2-kdump (3.3.1 -> 3.3.2)
yast2-network (3.3.5 -> 3.3.6)
=== Details ===
==== Mesa ====
Version update (17.1.5 -> 17.1.6)
Subpackages: Mesa-dri-devel Mesa-dri-nouveau Mesa-libEGL-devel Mesa-libEGL1 Mesa-libGL-devel Mesa-libGL1 Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa8 libOSMesa8-32bit libgbm1 libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_radeon libwayland-egl1 libxatracker2
- n_glesv2.pc-Add-lGL-for-libglvnd-builds-boo-1052776.patch
glesv2.pc: Add "-lGL" for libglvnd builds (boo#1052776)
- update to 17.1.6
* fdo#97957 - Awful screen tearing in a separate X server with DRI3
* fdo#101683 - Some games hang while loading when compositing is shut
off or absent
* fdo#101867 - Launch options window renders black in Feral Games
in current Mesa trunk
* and some other fixes as usualy
==== MozillaFirefox ====
Version update (52.2.1 -> 52.3.0)
Subpackages: MozillaFirefox-translations-common
- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
- update to Firefox 52.3esr (boo#1052829)
MFSA 2017-19
* CVE-2017-7798 (bmo#1371586, bmo#1372112)
XUL injection in the style editor in devtools
* CVE-2017-7800 (bmo#1374047)
Use-after-free in WebSockets during disconnection
* CVE-2017-7801 (bmo#1371259)
Use-after-free with marquee during window resizing
* CVE-2017-7784 (bmo#1376087)
Use-after-free with image observers
* CVE-2017-7802 (bmo#1378147)
Use-after-free resizing image elements
* CVE-2017-7785 (bmo#1356985)
Buffer overflow manipulating ARIA attributes in DOM
* CVE-2017-7786 (bmo#1365189)
Buffer overflow while painting non-displayable SVG
* CVE-2017-7753 (bmo#1353312)
Out-of-bounds read with cached style data and pseudo-elements#
* CVE-2017-7787 (bmo#1322896)
Same-origin policy bypass with iframes through page reloads
* CVE-2017-7807 (bmo#1376459)
Domain hijacking through AppCache fallback
* CVE-2017-7792 (bmo#1368652)
Buffer overflow viewing certificates with an extremely long OID
* CVE-2017-7804 (bmo#1372849)
Memory protection bypass through WindowsDllDetourPatcher
* CVE-2017-7791 (bmo#1365875)
Spoofing following page navigation with data: protocol and modal alerts
* CVE-2017-7782 (bmo#1344034)
WindowsDllDetourPatcher allocates memory without DEP protections
* CVE-2017-7803 (bmo#1377426)
CSP containing 'sandbox' improperly applied
* CVE-2017-7779
Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
==== apr-util ====
Subpackages: apr-util-devel libapr-util1
- Replace unusual *.?a match by *.la.
- Fix RPM groups, diversify summaries.
==== autoyast2 ====
Version update (3.3.2 -> 3.3.3)
Subpackages: autoyast2-installation
- Classes/rules will be ignored: Due to self-update, the evaluation
of classes/rules will be called twice. So we have to initialize
the stack for each run again. (bnc#1051483)
- 3.3.3
==== busybox ====
Version update (1.25.1 -> 1.26.2)
- update to 1.26.2:
* many updates and fixes to individual tools
==== ca-certificates ====
Version update (2+git20151110.c15593c -> 2+git20170807.10b2785)
- Update to version 2+git20170807.10b2785:
* Check TRANSACTIONAL_UPDATE is set (boo#1045942)
* Add systemd units
- Run update-ca-certificate by systemd unit when the content of
one of the paths changes. Needed for read-only root and/or
transactional updates.
==== chromaprint ====
- Fix RPM groups.
==== ddskk ====
Subpackages: skkdic
- Add ddskk-drop-build-date.patch to fix build-compare (boo#1047218)
==== drbd-utils ====
- bsc#1052352, support block drbd for legacy format.
- Add Update-block-drbd-script-to-support-xen.patch
==== ffmpeg ====
Version update (3.3.2 -> 3.3.3)
Subpackages: libavcodec57 libavfilter6 libavformat57 libavresample3 libavutil55 libpostproc54 libswresample2 libswscale4
- Update to maintenance release 3.3.3
* Various fixes for integer overflows, too-large bit shifts
and buffer length checks.
- Drop 0001-avcodec-apedec-Fix-integer-overflow.patch
(included upstream)
==== fltk ====
- Trim description, drop TM/R marks according to guidelines.
==== gnome-logs ====
Version update (3.24.1 -> 3.24.2)
- Update to version 3.24.2:
+ Improved scrolling performance.
+ Updated translations.
==== gnome-settings-daemon ====
- Rebase gnome-settings-daemon-initial-keyboard.patch (bsc#1050812)
==== gnome-shell ====
Subpackages: gnome-shell-browser-plugin gnome-shell-calendar
- Update sle-classic patches to version 3.24.3:
+ Update aboutMenu.js
+ Update endSession-dialog-update-time-label-every-sec.patch
+ Update gnome-shell-1007468-lock-screen-SUSE-logo-missing.patch
+ Update gnome-shell-864872-unlock-by-mouse-motion.patch
+ Update gnome-shell-878951-hide-list-with-no-user.patch
+ Update gnome-shell-domain.patch
+ Update gnome-shell-gdm-login-applet.patch
+ Update gnome-shell-lock-bg-on-primary.patch
+ Update
gnome-shell-login-fix-session-button-can-be-clicked.patch
+ Update gnome-shell-screen-disappear.patch
+ Update gs-fate318433-prevent-same-account-multi-logins.patch
+ Update gs-sle-classic-ext.patch
==== kde-gtk-config5 ====
- Split GTK2 and GTK3 parts to shrink deps
- Suggest breeze, not oxygen
- Remove obsolete check for openSUSE 13.2
- Unconditionally recommend the -lang subpackage
==== kde-l10n ====
Version update (17.04.3 -> 17.08.0)
Subpackages: kde-l10n-cs kde-l10n-da kde-l10n-da-data kde-l10n-da-doc kde-l10n-de kde-l10n-de-data kde-l10n-de-doc kde-l10n-el kde-l10n-en_GB kde-l10n-en_GB-data kde-l10n-en_GB-doc kde-l10n-es kde-l10n-es-data kde-l10n-es-doc kde-l10n-fr kde-l10n-fr-data kde-l10n-hu kde-l10n-it kde-l10n-it-data kde-l10n-it-doc kde-l10n-ja kde-l10n-pl kde-l10n-pl-data kde-l10n-pt kde-l10n-pt_BR kde-l10n-pt_BR-data kde-l10n-ru kde-l10n-ru-data kde-l10n-zh_CN kde-l10n-zh_TW
- Update to 17.08.0
==== kmod ====
Subpackages: kmod-compat libkmod2
- Add versioned requires between kmod-compat -> kmod
==== libfastjson ====
Version update (0.99.5 -> 0.99.6)
- update to 0.99.6:
* fixes for platforms other than GNU/Linux
==== libgit2-glib ====
Version update (0.25.0 -> 0.26.0)
- Update to version 0.26.0:
+ Port to libgit2 0.26.x.
==== libpng16 ====
Version update (1.6.30 -> 1.6.31)
Subpackages: libpng16-16 libpng16-16-32bit libpng16-compat-devel libpng16-devel
- update to 1.6.31:
* Guard the definition of _POSIX_SOURCE in pngpriv.h.
* Revised pngpriv.h to work around failure to compile
arm/filter_neon.S.
* Added "Requires: zlib" to libpng.pc.in.
* Added special case for FreeBSD in arm/filter_neon.S.
* Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent
possible integer overflow.
* Added eXIf chunk support.
- remove upstreamed
0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch
==== libquvi-scripts ====
- Require the lua53-luasocket depending on suse_version > 1320.
Leap 42.3 was the last one to ship 'luasocket', after that, the
package was prepared for mutliple lua versions on the system.
- Do not BuildRequire lua-devel/lua51-devel: libquvi has long been
ported to lua52 already. And we don't need the corresponding
lua-devel here.
==== libreoffice ====
Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreofficekit
- Add gnome-documents-check-ntimeoutid.patch: fix intermittent
crash opening files from gnome-documents (bsc#1047714).
==== libsndfile ====
Subpackages: libsndfile-devel libsndfile1
- Fix Heap-based Buffer Overflow in the psf_binheader_writef
(CVE-2017-12562, bsc#1052476):
0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
==== libsrtp ====
Version update (1.5.4 -> 1.6.0)
- Update to new upstream release 1.6.0
* Fix incorrect result of rdb_increment on overflow
* Cipher type cleanup for AES.
When libSRTP is compiled with OpenSSL and the AES 256 ICM
cipher is used with RTCP, an incorrect initialization vector
is formed. This change will break backwards compatibility
with older versions (1.5, 2.0) of libSRTP when using the AES
256 ICM cipher with OpenSSL for RTCP.
* Sequence number incorrectly masked for AES GCM IV.
==== libwnck ====
Version update (3.24.0 -> 3.24.1)
Subpackages: libwnck-3-0 typelib-1_0-Wnck-3_0
- Update to version 3.24.1:
+ Fixed regression causing not working pin window.
+ Fixed Localedir.
==== libxkbcommon ====
Version update (0.7.1 -> 0.7.2)
Subpackages: libxkbcommon-x11-0 libxkbcommon0
- Update to new upstream release 0.7.2
* Added new keysym definitions from xproto.
* New APIs: XKB_KEY_XF86Keyboard, XKB_KEY_XF86WWAN,
XKB_KEY_XF86RFKill, XKB_KEY_XF86AudioPreset.
==== man-pages ====
Version update (4.11 -> 4.12)
- update to 4.12:
* Newly documented interfaces in existing page
namespaces.7
Document the /proc/[pid]/ns/pid_for_children file
* see Changes for details
==== mono-core ====
Subpackages: libmono-2_0-1 libmono-2_0-devel libmonosgen-2_0-1 libmonosgen-2_0-devel mono-data mono-data-sqlite mono-extras mono-mvc mono-wcf mono-web mono-winforms mono-winfxcore
- ucontext.patch: use ucontext_t instead of struct ucontext
==== mpg123 ====
Version update (1.25.4 -> 1.25.6)
Subpackages: libmpg123-0 libmpg123-0-32bit mpg123-esound mpg123-openal mpg123-pulse
- Update to version 1.25.6
* Hotfix for bug 255: Overflow reading frame data bits in layer
II decoding. Now, all-zero data is returned if the frame data
is exhausted. This might have a slight impact on performance,
but not easily measurable so far.
- Update to version 1.25.5
* Avoid another buffer read overflow in the ID3 parser on 32 bit
platforms (bug 254).
==== ncurses ====
Subpackages: libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base
- Add ncurses patch 20170729
+ update interix entry using tack and SFU on Windows 7 Ultimate -TD
+ use ^? for kdch1 in interix (reported by Jonathan de Boyne Pollard)
+ add "rep" to xterm-new, available since 1997/01/26 -TD
+ move SGR 24 and 27 from vte-2014 to vte-2012 (request by Alain
Williams) -TD
+ add a check in newline_forces_scroll() in case a program moves the
cursor outside scrolling margins (report by Robert King).
+ improve _nc_tparm_analyze, using that to extend the checks made by
tic for reporting inconsistencies between the expected number of
parameters for a capability and the actual.
+ amend handling of repeat_char capability in EmitRange (adapted from
report/patch by Dick Wesseling):
+ translate the character to the alternate character set when the
alternate character set is enabled.
+ do not use repeat_char for characters past 255.
+ document "_nc_free_tinfo" in manual page, because it could be used in
tack for memory-leak checking.
+ add "--without-tack" configure option to refine "--with-progs"
configure option. Normally tack is no longer built in-tree, but
a few packagers combine it during the build. If term_entry.h is
installed, there is no advantage to in-tree builds.
+ adjust configure-script to define HAVE_CURSES_DATA_BOOLNAMES symbol
needed for tack 1.08 when built in-tree. Rather than relying upon
internal "_nc_" functions, tack now uses the boolean, number and
string capability name-arrays provided by ncurses and SVr4 Unix
curses. It still uses term_entry.h for the definitions of the
extended capability arrays.
+ add an overlooked null-pointer check in mvcur changes from 20170722
- Modify patch ncurses-5.7-tack.dif and ncurses-6.0.dif to get
position independent executables as well
==== open-iscsi ====
Subpackages: iscsiuio
- Clear errno before calling strotull in iscsiadm
(bsc#1029364). Note that this changes the file:
* open-iscsi-SUSE-latest.diff.bz2
which is changed each and every time this package is updated.
==== openssl-1_0_0 ====
Subpackages: libopenssl-1_0_0-devel libopenssl1_0_0 libopenssl1_0_0-32bit
- Diversity -devel subpackage boilerplate summary.
==== perl-Error ====
Version update (0.17024 -> 0.17025)
- updated to 0.17025
see /usr/share/doc/packages/perl-Error/ChangeLog
Aug 07 2017