Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20171114 When you reply to report some issues, make sure to change the subject. It is not helpful to keep the release announcement subject in a thread while discussing a specific problem. Packages changed: Mesa (17.2.4 -> 17.2.5) babl (0.1.30 -> 0.1.34) build (20171023 -> 20171027) deltarpm doxygen enca (1.16 -> 1.19) expect (5.45 -> 5.45.3) fetchmail fontconfig (2.12.4 -> 2.12.6) gdb git glew (2.0.0 -> 2.1.0) gpg2 (2.2.1 -> 2.2.2) gpgme gstreamer-plugins-bad gtk4 (3.91.2 -> 3.92.1) hdf5 (1.10.0 -> 1.10.1) icedtea-web ifplugd installation-images-Kubic (14.339 -> 14.340) libinput (1.9.0 -> 1.9.1) liblogging libpsl (0.18.0 -> 0.19.1) libreoffice libserf libsmbios libxml2 (2.9.5 -> 2.9.7) libxslt (1.1.30 -> 1.1.32) libxslt-python (1.1.30 -> 1.1.32) lzop (1.03 -> 1.04) mercurial (4.4 -> 4.4.1) newt obs-service-set_version opencc opusfile (0.8 -> 0.9) parcellite (1.1.9 -> 1.2.1) patterns-base patterns-xfce (20170319 -> 20171113) pciutils (3.5.4 -> 3.5.5) perl-Crypt-SSLeay perl-Set-Object (1.36 -> 1.38) pesign-obs-integration poppler (0.57.0 -> 0.59.0) poppler-qt5 (0.57.0 -> 0.59.0) presage publicsuffix (20170910 -> 20171028) python-libxml2-python (2.9.5 -> 2.9.7) rdma-core re2c (1.0.2 -> 1.0.3) rp-pppoe samba (4.7.0+git.23.4e3f0fb9d15 -> 4.7.1+git.26.1ac2944c965) swig systemd-rpm-macros texlive tslib (1.11 -> 1.13) virtualbox wavpack (4.60.99 -> 5.1.0) xscreensaver yast2-python-bindings (3.1.1 -> 4.0.0) yp-tools ypbind === Details === ==== Mesa ==== Version update (17.2.4 -> 17.2.5) Subpackages: Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libGL-devel Mesa-libGL1 Mesa-libglapi0 Mesa-libva libgbm1 libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_radeon libwayland-egl1 libxatracker2 - update to 17.2.5 * In Core, a GL error related to the ARB_ES3_1_compatibility spec noticed with the GFXBench 5 Aztec Ruins has been corrected. * The GLSL compiler is not giving a linker error for mismatching uniform precision with GLSL ES 1.00 any more. This enables, specially, several Android applications which violate this rule, e.g., Forge of Empires. * The SPIR-V compiler has corrected an assert triggered when support for the simple memory model was claimed. * NIR has also received a correction related with gl_SubGroupG{e,t}MaskARB. * Intel drivers, specially i965, got several fixes, including a plug for a memory leak and another one in the compiler to avoid GPU hangs on Broxton. * The gallium i915g driver for Intel has seen an important fix. * AMD drivers (mostly radv) have received several fixes, including a correction for a DCC corruption that was visible with Rust, breaking an endless loop in r600, avoiding a GPU hang with vulkan dota2 in VR mode and a plug for a memory leak. * Broadcom's vc4 gotten a fix to exclude some code that shouldn't be there in release builds. ==== babl ==== Version update (0.1.30 -> 0.1.34) - Update to version 0.1.34: + Brown paper bag release + Fix indexed / custom primaries conflict + Re-export a symbol used by old GEGL/GIMPs - Changes from version 0.1.32: + Added custom primaries and TRC support through ICC parsing + Improved float<->half performance + Rewrite of all conversions functions to adhere to new signature ==== build ==== Version update (20171023 -> 20171027) Subpackages: build-mkbaselibs build-mkdrpms - fixes syntax error fissile support - various container handling improvements - support new debian control.tar.xz files ==== deltarpm ==== - Correct provides/obsoletes for python2 subpackage - Build python3 bindings as well - Rename python2 subpackage to name consistent with current python packaging - Drop patch.sles8 - there does not seem to be any reason for it ==== doxygen ==== - Update licensing information - Explicitly require python2 for building - Use more cmake macros - Run spec-cleaner ==== enca ==== Version update (1.16 -> 1.19) - update to version 1.19 + fix possible memory leak + make utf-8 detection work even on one character - includes changes from 1.18 + fix installation of devhelp documentation - includes changes from 1.17 + Fixed conversion of GB2312 encoding with iconv + Fixed iconv conversion on OSX + Fixed execution of external converters with ACLs + Documentation improvements - cleanup with spec-cleaner - use %make_install macro - list binaries and man pages explicitly ==== expect ==== Version update (5.45 -> 5.45.3) - New version 5.45.3: * expect.c: On finding a full buffer during matching the sliding window mechanism slides too far, truncating the whole buffer and preventing matches across the boundary. Fix is shortening the slide distance (slide only one 1/3). * expect.c: Replaced a cc==0 check with proper Tcl_Eof() check. - Includes changes from 5.45.2: * configure: Extended Tcl header detection for OS X Mountain Lion. * expect.c: Replaced memcpy with memmove to properly handle overlapping memory. - Includes changes from 5.45.1: * exp_chan.c: Fix a problem when talking a tty where the writer dies. Some operating systems report the condition as EIO with nothing read, while this actually an EOF. Previously, returned data was incomplete due to the error causing data in buffers to be dropped. * exp_chan.c: Fix a problem with the iteration over the expect channel list where the loop code may modify the list, breaking the iterator. * Fixes for exp_chan.c and exp_command.h * expect.c: Convert #bytes information to #chars to prevent later code to fail when copying strings around and miscalculating how much to copy, for strings containing non-ASCII utf chars. * exp_inter.c: Hack access to TCL_REG_BOSONLY when not present, became private with Tcl 8.5 and higher. * expect.h: Remove the local fiddling with the memory allocation and panic macros. * example/unbuffer: Prevent unbuffer from swallowing exit code of the command it ran (regular mode only, not -p) * Various deduplications and cleanups - cleanup with spec-cleaner - use %make_install macro ==== fetchmail ==== - drop SSLv3 support to build with openssl 1.1 (bsc#1066940) * add fetchmail-openssl11.patch ==== fontconfig ==== Version update (2.12.4 -> 2.12.6) Subpackages: fontconfig-32bit fontconfig-devel - Update to 2.12.6: * conf.d: Drop aliases for (URW)++ fonts (upstreamed) * other minor fixes - Includes changes from 2.12.5: * update docs * Accept 4 digit script tag in FcLangNormalize(). * fc-blanks: fall back to the static data available in repo if downloaded data is corrupted * emoji related fixes * various cleanups * support listing named instances ==== gdb ==== - switch to Python 3 for Tumbleweed 1320 and up - Remove %clean section. ==== git ==== Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - Build with the external libsha1detectcoll (bsc#1042644) ==== glew ==== Version update (2.0.0 -> 2.1.0) - Update to 2.1.0 * Enhancements: + OpenGL 4.6 support added + Improved cmake build support + Improved Mac OSX build support * Bug fixes: + Resovled crash when glXGetCurrentDisplay() is NULL + CMake: only install PDB files with MSVC + wglGetProcAddress crash with NOGDI defined + Mac: using -Os rather than -O2 * 33 new extensions - move to github - new so_ver ==== gpg2 ==== Version update (2.2.1 -> 2.2.2) Subpackages: gpg2-lang - GnuPG 2.2.2: * gpg: Avoid duplicate key imports by concurrently running gpg processes * gpg: Fix creating on-disk subkey with on-card primary key * gpg: Fix validity retrieval for multiple keyrings * gpg: Fix --dry-run and import option show-only for secret keys * gpg: Print "sec" or "sbb" for secret keys with import option import-show * gpg: Make import less verbose * gpg: Add alias "Key-Grip" for parameter "Keygrip" and new parameter "Subkey-Grip" to unattended key generation * gpg: Improve "factory-reset" command for OpenPGP cards * gpg: Ease switching Gnuk tokens into ECC mode by using the magic keysize value 25519 * gpgsm: Fix --with-colon listing in crt records for fields > 12. * gpgsm: Do not expect X.509 keyids to be unique * agent: Fix stucked Pinentry when using --max-passphrase-days * agent: New option --s2k-count * dirmngr: Do not follow https-to-http redirects * dirmngr: Reduce default LDAP timeout from 100 to 15 seconds * gpgconf: Ignore non-installed components for commands - -apply-profile and --apply-defaults * Add configure option --enable-werror ==== gpgme ==== Subpackages: libgpgme-devel libgpgme11 libgpgmepp6 libqgpgme7 - Make python package naming consistent with python singlespec ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbadbase-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstgl-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0 - Disable %glib2_gsettings_schema_post/postun scriptlets on suse_version >= 1330: this functionality is now covered by file triggers and the macros expand to %nil. - Enable gobject introspection bindings: + Add gobject-introspection-devel BuildRequires: allow the build system to find the needed infrastructure. + Pass --enable-introspection to configure: enable the introspection support. + Split out new typelib- packages: - typelib-1_0-GstBadAllocators-1_0 - typelib-1_0-GstGL-1_0 - typelib-1_0-GstInsertBin-1_0 - typelib-1_0-GstMpegts-1_0 - typelib-1_0-GstPlayer-1_0 - Move pkgconfig(mjpegtools) BuildRequires to orig-addon: mplex without mpeg2enc support is pointless, so keep those two in the same build conditional. ==== gtk4 ==== Version update (3.91.2 -> 3.92.1) - Update to version 3.92.1: + Drop autotools support. Meson 0.42.1 is now required + Implement most of CSS3 font-variant + Add an Emoji chooser to GtkEntry + Add new input hints for Emoji input + Remaining widgets have been ported to GtkSnapshot + GtkLabel and GtkEntry have been ported to use GSK + Add a way for GtkOverlay to blur behind children. This is has a demo in gtk4-demo + Add support for native file choosers on older OS X versions + Add support for libcloudproviders in GtkPlacesSidebar + Non-windowed widgets are now allowed to have a size of 0x0 + Allow tiled windows to be resized. Under wayland, this uses version 2 of the gtk-shell protocol. Under X, it uses the _GTK_EDGE_CONSTRAINTS property + Input handling changes - GdkEvent has new accessors for fields - Traditional event signals (eg ::key-press-event) are now emitted from an event controller - Most widgets inside gtk have stopped using traditional event signals - GDK_SEAT_CAPABILITY_ALL_POINTING now includes touch events + Scrollbars allow middle-click to jump to a position again + Bugs fixed: bgo#639931, bgo#644248, bgo#701296, bgo#705640, bgo#728452, bgo#763517, bgo#766909, bgo#773299, bgo#775074, bgo#775126, bgo#778382, bgo#778811, bgo#780750, bgo#780758, bgo#781757, bgo#782981, bgo#783649, bgo#783669, bgo#784016, bgo#784421, bgo#785210, bgo#785306, bgo#785736, bgo#786144, bgo#786209, bgo#786400, bgo#786469, bgo#786485, bgo#786492, bgo#786553, bgo#786613, bgo#786673, bgo#786794, bgo#786885, bgo#786931, bgo#786932, bgo#786938, bgo#786940, bgo#786956, bgo#786960, bgo#786964, bgo#786966, bgo#787021, bgo#787103, bgo#787172, bgo#787279, bgo#787302, bgo#787303, bgo#787410, bgo#787416, bgo#787444, bgo#787531, bgo#787600, bgo#787669, bgo#787757, bgo#787866, bgo#788230, bgo#788458, bgo#788534, bgo#788573, bgo#788614, bgo#788787, bgo#788905. + Updated translations. - Add meson BuildRequires and replace configure/make/make_install calls with meson/meson_build and meson_install: follow upstreams port to meson as build system. - Add gcc-c++ BuildRequires: small parts of GTK+ now are written in C++. - Add gtk-doc BuildRequires: in order to build man-pages, documentation needs to be enabled, which in turn requires gtk-doc. In the past, we provided upstream shipped documentation. - Add gtk4-return-nonvoid.patch: Fix 'reaches end of non-void function without return value', taken from git. - Add rpmlintrc: multiple GTK4 libraries are not goint to be supported in parallel and the name will stabilize. ==== hdf5 ==== Version update (1.10.0 -> 1.10.1) - Update to 1.10.1: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.1/src/hdf... - Fix-warnings-for-missing-returns.patch: replace: hdf5-non_void_return.patch - PPC64LE-Fix-long-double-handling.patch: replace: hdf5-ldouble-ppc64le.patch - Disable-phdf5-tests.patch: replace: hdf5_disable_testphdf5.patch - Disabling validation tests for the MPI variant for now as they seem to cause issues in OBS. ==== icedtea-web ==== Subpackages: icedtea-web-javadoc - Added patch: * icedtea-web-jdk10.patch + Allow build/run with jdk10 ==== ifplugd ==== - Rename README.SuSE to README.SUSE, adhering to the correct spelling. - add ifplugd-nlapi-increase-packetsize.diff [bsc#1030382] - small spec-file cleanups to reduce rpmlint warnings ==== installation-images-Kubic ==== Version update (14.339 -> 14.340) - merge gh#openSUSE/installation-images#210 - include modules from kernel/drivers/phy (bsc#1064128) - 14.340 ==== libinput ==== Version update (1.9.0 -> 1.9.1) Subpackages: libinput-udev libinput10 - Update to version 1.9.1: + Stop a crash when a lid was opened/closed multiple times while typing. + Reduction of the palm edge zone to a maximum width of 8mm (this notably helps users of recent macs that have large touchpads) + Benjamin's fix to the device groups enables touch arbitration on the Dell Canvas 27 (still needs libwacom changes) - Remove name specification from %setup, not needed ==== liblogging ==== - Use python3 version of rst2man when available - Run spec-cleaner ==== libpsl ==== Version update (0.18.0 -> 0.19.1) - update to 0.19.1: * New function psl_free_string() * psl_make_dafsa now works with python2 and python3 * psl_*count() functions now return -1 if info is not available * Fixed unsigned integer overflow in _mem_is_ascii() * Add -fsanitize-address-use-after-scope to --enable-asan if available ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreofficekit - Disable the verbosity of the build again, getting complaints of build log is too long... - Switch to bundled gpgme on old distros where it is not possible to update - Rebase scp2-user-config-suse.diff to apply again - Fix pyuno paths wrt bsc#1059720 ==== libserf ==== Subpackages: libserf-1-1 libserf-devel - Add libserf-python3.patch and libserf-python3-2.patch to fix building with python3 ==== libsmbios ==== Subpackages: python-smbios smbios-utils-python - Do not store build logs in the package to make the package build result reproducible ==== libxml2 ==== Version update (2.9.5 -> 2.9.7) Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools - Version update to 2.9.7 release: * Bug Fixes: + xmlcatalog: restore ability to query system catalog easily + Fix comparison of nodesets to strings * Improvements: + Add Makefile rules to rebuild HTML man pages + Remove generated file python/setup.py from version control + Fix mixed decls and code in timsort.h + Rework handling of return values in thread tests + Fix unused variable warnings in testrecurse + Fix -Wimplicit-fallthrough warnings + Upgrade timsort.h to latest revision + Fix a couple of warnings in dict.c and threads.c + Fix unused variable warnings in nanohttp.c + Don't include winsock2.h in xmllint.c + Use __linux__ macro in generated code * Portability: + Add declaration for DllMain + Fix preprocessor conditional in threads.h + Fix macro redefinition warning + many Windows specific improvements * Documentation: + xmlcatalog: refresh man page wrt. quering system catalog easily - Includes bug fixes from 2.9.6: * Fix XPath stack frame logic * Report undefined XPath variable error message * Fix regression with librsvg * Handle more invalid entity values in recovery mode * Fix structured validation errors * Fix memory leak in LZMA decompressor * Set memory limit for LZMA decompression * Handle illegal entity values in recovery mode * Fix debug dump of streaming XPath expressions * Fix memory leak in nanoftp * Fix memory leaks in SAX1 parser - Drop libxml2-bug787941.patch * upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8 ==== libxslt ==== Version update (1.1.30 -> 1.1.32) Subpackages: libxslt-devel libxslt-tools libxslt1 - Update to version 1.1.32 * fixes xml-config detection regression (boo#1066525) ==== libxslt-python ==== Version update (1.1.30 -> 1.1.32) - Update to version 1.1.32 * fixes xml-config detection regression (boo#1066525) ==== lzop ==== Version update (1.03 -> 1.04) - Use cmake for building - Run tests during build - update to 1.0.4: * Added CMake build support * Assorted minor updates - clean with spec-cleaner - remove patches * lzop-1.03-gcc5_ppc64.patch * lzop-1.03-gcc6.patch ==== mercurial ==== Version update (4.4 -> 4.4.1) Subpackages: mercurial-lang - Mercurial 4.4.1 1. Notable changes * Git and Subversion subrepos have been disabled by default to mitigate a potential security risk if files overlapping with a subrepo managed to be committed to a repository. * Subrepos are now more paranoid about symlink traversal. * The share extension handles drive letters on Windows better. It is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked in to the repository in Mercurial 4.4 and earlier. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically. ==== newt ==== - Use current factory dependencies - Always build python3 bindings - Small cleanup with spec-clenaer ==== obs-service-set_version ==== - add requires to python3, since Leap 15.0 still does not have the fileprovides - Update to version 0.5.7: * added gitignore * added target 'clean' in Makefile * Added new target 'test' to Makefile * fix flake8 error 'do not use bare except' * Reverting patch for setlocale as it breaks in containers ==== opencc ==== Subpackages: libopencc2 opencc-data - Cleanup spec file a bit - Use more of cmake macros ==== opusfile ==== Version update (0.8 -> 0.9) - Update to version 0.9: + Fix an invalid free with tag handling. + Improve handling of corrupt streams. + Improve performance on streams with many chain segments. + Improve TLS host validation. + Align op_raw_total to work better with op_raw_seek. + Documentation and build improvements. ==== parcellite ==== Version update (1.1.9 -> 1.2.1) - new upstream version 1.2.1 * Implemented patch from Christopher Oliver that fixes a memory access bug on history clear. * Fixed minor missing fclose bug in save_history credits dcb. * Fixed bug 144, Clipboard text quoted for action commands. - changelog from 1.1.9 to 1.2.0 * Removed -d option. * Fixed bug 151, history clear not working. * Fixed bug 150, Command line examples not working. Note: parcellite must be running already. * Fixed bug 147, resource leak on history file. * Fixed bug 144, Clipboard text quoted for action commands. * Fixed bug 143, Parcellite fails to start as daemon. Also fixes Debian bug 785472. * Added TW_zh .po file. ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-apparmor_opt patterns-base-base patterns-base-basesystem patterns-base-console patterns-base-enhanced_base patterns-base-enhanced_base_opt patterns-base-minimal_base patterns-base-minimal_base_conflicts patterns-base-sw_management patterns-base-x11 patterns-base-x11_opt patterns-base-x86 - move plymouth from base to X11. No need to have a fancy boot splash that pulls in extra deps for a text console (boo#1066510) ==== patterns-xfce ==== Version update (20170319 -> 20171113) Subpackages: patterns-xfce-xfce patterns-xfce-xfce_basis patterns-xfce-xfce_laptop patterns-xfce-xfce_office - recommend polkit-gnome (bnc#1047500) ==== pciutils ==== Version update (3.5.4 -> 3.5.5) Subpackages: libpci3 pciutils-devel - Update to version 3.5.5 * Better decoding of AER capability. * "Slot Implemented" flag is decoded for PCI/PCI-X to PCIe bridges. * Minor fixes of decoding other capabilities. * As usual, updated pci.ids to the current snapshot of the database. - cleanup with spec-cleaner - switch from ftp to https - track signature ==== perl-Crypt-SSLeay ==== - Disable SSLv2/3 to fix build with OpenSSL 1.1 (bsc#1067188) * add Crypt-SSLeay-use_TLS_instead_of_SSL.patch ==== perl-Set-Object ==== Version update (1.36 -> 1.38) - updated to 1.38 see /usr/share/doc/packages/perl-Set-Object/Changes.pod =head1 1.38, 2017-11-11 =over =item * Add test_cover and release targets =back =head1 1.37, 2017-11-11 =over =item * Test fixes for -Ddefault_inc_excludes_dot, RT #120540 =item * Skip failing threads test <= 5.10.0 =item * Add CI hooks =back ==== pesign-obs-integration ==== - Modified modsign-repackage, using certificate to try to decrypt the signature of kernel module. It can be used to verify the integrity of signature. ==== poppler ==== Version update (0.57.0 -> 0.59.0) Subpackages: libpoppler-cpp0 libpoppler-devel libpoppler-glib8 poppler-tools - Update package summaries and RPM categorizations. - Drop some idempotent %if..%endif markers whose presence has no effect on the files being output. - Apply CVE-2017-14517.patch from upstream to fix a NULL pointer dereference in the XRef::parseEntry() function that may have lead to potential denial-of-service attack when handling malicious PDF files. [CVE-2017-14517, bsc#1059066] - Apply CVE-2017-14518.patch to remedy a floating point exception in Splash.cc that could have been exploited using a specially crafted PDF document. [CVE-2017-14518, bsc#1059101] - Update to version 0.59.0: + core: Fix infinite recursion in NameTree parsing in broken files. + utils: - pdfunite: Fix API porting error that caused abort in some cases. - pdfinfo: . Fix crashes and memory leaks when using -dests. . Use GooString.append instead of sprintf/strcat. - pdfimages: Fix warning when compiling with cygwin. + build system: - Fix cygwin 32-bit compile. - Cmake tweaks. - Bump soversion following upstream changes. - Update to version 0.58.0: + core: - CairoOutputDev: cairo 1.14 now has high quality downscaling. - Signature related improvements (fdo#99271). - Tweak which cmap we use (fdo#101855). - Memory leak fixes. - Substantial rework of the internals. - win32: call ANSI functions directly (fdo#100312). - Add some documentation. + qt5: - Expose signature information. - ArthurOutputDev: initialize the image with the paper color (fdo#102129). - Fix copy'n'paste bugs: Qt4 -> Qt5. - ArthurOutputDev: Properly set the QPainter transformation. - ArthurOutputDev: Use Qt::SvgMiterJoin instead of Qt::MiterJoin (fdo#102356). + utils: - pdfinfo: add -dests option to print named destinations (fdo#97262). - pdftocairo: add -jpegopt for setting jpeg compression parameters (fdo#45727). - pdftoppm: add -jpegopt for setting jpeg compression parameters (fdo#45727). - pdfimages: support listing/extracting inline images (fdo#25625). + build system: - cmake: Various Windows fixes. - cmake: Use -std=c++11 instead of -std=gnu++11. + cpp: Fix page.text() not taking page orientation into account (fdo#94517). - Bump soversion following upstream changes. ==== poppler-qt5 ==== Version update (0.57.0 -> 0.59.0) Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel - Update package summaries and RPM categorizations. - Drop some idempotent %if..%endif markers whose presence has no effect on the files being output. - Apply CVE-2017-14517.patch from upstream to fix a NULL pointer dereference in the XRef::parseEntry() function that may have lead to potential denial-of-service attack when handling malicious PDF files. [CVE-2017-14517, bsc#1059066] - Apply CVE-2017-14518.patch to remedy a floating point exception in Splash.cc that could have been exploited using a specially crafted PDF document. [CVE-2017-14518, bsc#1059101] - Update to version 0.59.0: + core: Fix infinite recursion in NameTree parsing in broken files. + utils: - pdfunite: Fix API porting error that caused abort in some cases. - pdfinfo: . Fix crashes and memory leaks when using -dests. . Use GooString.append instead of sprintf/strcat. - pdfimages: Fix warning when compiling with cygwin. + build system: - Fix cygwin 32-bit compile. - Cmake tweaks. - Bump soversion following upstream changes. - Update to version 0.58.0: + core: - CairoOutputDev: cairo 1.14 now has high quality downscaling. - Signature related improvements (fdo#99271). - Tweak which cmap we use (fdo#101855). - Memory leak fixes. - Substantial rework of the internals. - win32: call ANSI functions directly (fdo#100312). - Add some documentation. + qt5: - Expose signature information. - ArthurOutputDev: initialize the image with the paper color (fdo#102129). - Fix copy'n'paste bugs: Qt4 -> Qt5. - ArthurOutputDev: Properly set the QPainter transformation. - ArthurOutputDev: Use Qt::SvgMiterJoin instead of Qt::MiterJoin (fdo#102356). + utils: - pdfinfo: add -dests option to print named destinations (fdo#97262). - pdftocairo: add -jpegopt for setting jpeg compression parameters (fdo#45727). - pdftoppm: add -jpegopt for setting jpeg compression parameters (fdo#45727). - pdfimages: support listing/extracting inline images (fdo#25625). + build system: - cmake: Various Windows fixes. - cmake: Use -std=c++11 instead of -std=gnu++11. + cpp: Fix page.text() not taking page orientation into account (fdo#94517). - Bump soversion following upstream changes. ==== presage ==== Subpackages: libpresage1 presage-data - Drop obsolete and unused libgnome-devel BuildRequires: No longer needed. ==== publicsuffix ==== Version update (20170910 -> 20171028) - Update to version 20171028: * remove .htc TLD (#548) * Delete "REMOVED" TLDs (#536) * .br updated - 19 new 2nd level city domains (#546) ==== python-libxml2-python ==== Version update (2.9.5 -> 2.9.7) - clean with spec-cleaner ==== rdma-core ==== Subpackages: libibcm1 libibumad3 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 rdma-core-devel rsocket - Backport upstream patches * bnxt_re-lib-fix-the-memory-barrier-call-during-poll-cq.patch Fix memory ordering issue * bnxt_re-lib-increment-psn-in-case-of-0-length-packets.patch Fix PSN getting out of sync when sending 0 length packet * verbs-Do-not-block-QP-attr_masks-used-by-older-kernels.patch Fix bits detection to allow RDMA CM to work on older kernsl - Refresh older patches to include commit logs: * ibacm-Incorrect-list-used-for-subnet-list-causes-a-segfault.patch * ibacm-Incorrect-usage-of-BE-byte-order-of-MLID-attach-detach_mcast.patch * libibumad-umad.c-In-get_port-ignore-sysfs-rate-file-errors.patch * libqedr-fix-inline-data-copy.patch - Add libibumad-umad.c-In-get_port-ignore-sysfs-rate-file-errors.patch * Fix issue with umad when QSFP is not plugged in (bnc#1058539) ==== re2c ==== Version update (1.0.2 -> 1.0.3) - Update to version 1.0.3: * Fixes build failure on Mac OS X 10.5.8 with gcc 4.2.1 * Documentation fix * 2 examples removed ==== rp-pppoe ==== - Refresh pppoe.spec via spec-cleaner. ==== samba ==== Version update (4.7.0+git.23.4e3f0fb9d15 -> 4.7.1+git.26.1ac2944c965) Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-dsdb-modules samba-kdc samba-kdc-32bit samba-libs samba-libs-32bit samba-python samba-winbind samba-winbind-32bit - Run all daemons in the foreground and let systemd handle it; (bsc#1065551). - Update to 4.7.1; + Fix exporting subdirs with shadow_copy2; (bso#13091); + Currently if getwd() fails after a chdir(), we panic; (bso#13027); + Ensure default SMB_VFS_GETWD() call can't return a partially completed struct smb_filename; (bso#13068); + sys_getwd() can leak memory or possibly return the wrong errno on older systems; (bso#13069); + smbclient doesn't correctly canonicalize all local names before use; (bso#13093); + Fix broken linked attribute handling; (bso#13095); + Missing LDAP query escapes in DNS rpc server; (bso#12994); + Link to -lbsd when building replace.c by hand; (bso#13087); + Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem; (bso#6133); + Map SYNCHRONIZE acl permission statically in zfs_acl vfs module; (bso#7909); + Samba fails to honor SEC_STD_WRITE_OWNER bit with the acl_xattr module; (bso#7933); + Missing assignment in sl_pack_float; (bso#12991); + Wrong Samba access checks when changing DOS attributes; (bso#12995); + samba_runcmd_send() leaves zombie processes on timeout; (bso#13062); + groupmap cleanup should not delete BUILTIN mappings; (bso#13065); + Enabling vfs_fruit results in loss of Finder tags and other xattrs; (bso#13076); + man pages: Properly ident lists; (bso#9613); + smb.conf.5: Sort parameters alphabetically; (bso#13081); + Fix GUID string format on GetPrinter info; (bso#12993); + Remote serverid check doesn't check for the unique id; (bso#13042); + CTDB starts consuming memory if there are dead nodes in the cluster; (bso#13056); + ctdb-common: Ignore event scripts with multiple '.'s; (bso#13070); + libgpo doesn't sort the GPOs in the correct order; (bso#13046); + Remote serverid check doesn't check for the unique id; (bso#13042); + vfs_catia: Fix a potential memleak; (bso#13090); + Fix file change notification for renames; (bso#12903); + Samba DNS server does not honour wildcards; (bso#12952); + Can't change password in samba from a Windows client if Samba runs on IPv6 only interface; (bso#13079); + vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR; (bso#13086); + Apple client can't cope with SMB2 async replies when creating symlinks; (bso#13047); + s4:rpc_server:backupkey: Move variable into scope; (bso#12959); + Fix ntstatus_gen.h generation on 32bit; (bso#13099); + Fix a double free in vfs_gluster_getwd(); (bso#13100); + Fix resouce leaks and pointer issues; (bso#13101); + vfs_solarisacl: Fix build for samba 4.7 and up; (bso#13049); ==== swig ==== - Run python2 and python3 tests for Factory ==== systemd-rpm-macros ==== - Remove a useless test in %service_add_pre() The test was placed where the condition '[ "$FIRST_ARG" -gt 1 ]' was always true. ==== texlive ==== - Add yet an other patch source-poppler-0.59.1.dif for poppler 0.59 and up (boo#1060652) ==== tslib ==== Version update (1.11 -> 1.13) - Update to version 1.13: * This release includes libts version 0.8.0 and the following changes: - Added ts_open_restricted() and ts_close_restricted() API - Added TSLIB_MT_VALID bit definition for ts_sample_mt's valid flag - module_raw galax is now disabled in the default configuration. Please use module_raw input instead. * Bugfixes - Changes for version 1.12: * This release includes libts version 0.7.2 and the following changes: - Generate a tracking ID value for multitouch type A devices - Add experimental --with-sdl2 configuration option for ts_calibrate and ts_test_mt * Bugfix ==== virtualbox ==== Subpackages: virtualbox-host-kmp-default virtualbox-qt - Update "fixes_for_leap15.patch" for wait queue API changes. - Add file "fixes_for_python.patch". - Modify "fixes_for_leap15.patch" to handle SKB_GSO_UDP API change. - Addresses VUL-0: CVE-2017-10392,CVE-2017-10407,CVE-2017-10408,CVE-2017-3733,CVE-2017-10428 as noted in bsc #1064200 ==== wavpack ==== Version update (4.60.99 -> 5.1.0) - Update to version 5.1.0 * new: command-line tagging utility (wvtag) * added: option to import ID3v2.3 tags from Sony DSF files * fixed: fuzz test failures from AFL reported on SourceForge * improved: DSD decimation filter (less HF rolloff & CPU use) * fixed: non-byte audio depths (12-bit, 20-bit) not showing * fixed: rare case of noise-shaping triggering a lossy mute * fixed: recognize UTF-8 BOM when reading text files * fixed: a few portability issues - Includes changes from 5.0.0: * new: input formats (RF64, Wave64, and CAF) * removed: support for legacy WavPack files (< 4.0) * added: lossless DSD audio in Philips DSDIFF and Sony DSF files * fixed: seeking in > 2GB WavPack files (new stream reader) * fixed: accept > 4GB source audio files (all formats) * improved: increase maximum samples from 2^32 to 2^40 * added: block checksums for robustness to corruption * added: support for non-standard channel identities * added: block decoder for streaming applications * added: new pdf documentation - For other changes, see upstream: * https://github.com/dbry/WavPack/blob/master/ChangeLog - cleanup with spec-cleaner - remove wavpack-fix_pkgconfig.patch, fixed upstream in: * d440649aa113797a50e94285c8c037dc2ad7a5a9 * 779a2e62783acc6a46f75dd89359e95079ef708a * 7846e95eb1c3fa97da41dfe96de532c2df5ad281 - remove license.txt, use upstream copying file instead - Drop Requires, Provides and Obsoletes, as the SUSE versions they were needed for are now EOL. ==== xscreensaver ==== Subpackages: xscreensaver-data xscreensaver-data-extra xscreensaver-lang - Fix requires for /sbin/unix2_chkpwd [bsc#1067103] ==== yast2-python-bindings ==== Version update (3.1.1 -> 4.0.0) - Rewrite the python bindings using swig fate#324146 ==== yp-tools ==== - Cleanup dangling symlinks after de-installation - Prepare for transactional update and read-only root filesystem - create /var/yp with tmpfiles.d ==== ypbind ==== - Fix cleanup of /var/yp/binding dirctory on de-installation - Use tmpfiles.d for /var/yp hierachy in preparation of read-only root filesystem and transactional-updates -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org