Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180218 When you reply to report some issues, make sure to change the subject. It is not helpful to keep the release announcement subject in a thread while discussing a specific problem. Packages changed: bind btrfsprogs ceph (13.0.1.1567+gae149ea5f9 -> 13.0.1.1987+g4a523803f8) chrome-gnome-shell (9 -> 10) curl (7.57.0 -> 7.58.0) dleyna-connector-dbus (0.2.0 -> 0.3.0) dleyna-server (0.5.0 -> 0.6.0) evolution-data-server evolution-rss (0.3.95+git.20161130 -> 0.3.95+git.20171129) flatpak (0.10.3 -> 0.10.4) kmediaplayer (5.42.0 -> 5.43.0) libsolv (0.6.31 -> 0.6.32) messagelib perl-Params-ValidationCompiler (0.26 -> 0.27) pulseaudio qqc2-desktop-style (5.42.0 -> 5.43.0) suil (0.8.2 -> 0.10.0) tiff vala (0.38.7 -> 0.38.8) vim virt-manager virtualbox xen (4.10.0_10 -> 4.10.0_12) === Details === ==== bind ==== Subpackages: bind-chrootenv bind-doc bind-utils libbind9-160 libdns169 libirs160 libisc166 libisccc160 libisccfg160 liblwres160 python3-bind - Add /dev/urandom to chroot env ==== btrfsprogs ==== Subpackages: btrfsprogs-udev-rules libbtrfs0 - use documentation shipped by upstream tar, reduce dependencies - enable static build again, zstd now has static version ==== ceph ==== Version update (13.0.1.1567+gae149ea5f9 -> 13.0.1.1987+g4a523803f8) Subpackages: librados2 librbd1 - Update to version 13.0.1-1987-g4a523803f8: + py3 MGR fixes (bsc#1080758) + spec file: * test/bench: remove smallio bench tools ==== chrome-gnome-shell ==== Version update (9 -> 10) - Update to version 10: + FreeBSD is supported again. + Enabled GNOME Shell extensions synchronization in Firefox. + Added option to check updates of enabled only GNOME Shell extensions. + Added GNOME proxy support for update checks. + Update errors will not produce desktop notifications anymore. All errors now goes to browser console. + Chrome managed policies no longer got installed so browser extensions will not be force installed along with connector. + It's possible to use inline installation of browser extensions through https://extensions.gnome.org website now. + Added light icon for dark browser themes. Use options page to switch icon. + Various fixes for options page in Firefox. + Updated translations. - Drop chrome-gnome-shell-nb-translation.patch: Fixed upstream. - No longer rm chrome-gnome-shell.json, upstream stopped installing it. ==== curl ==== Version update (7.57.0 -> 7.58.0) Subpackages: libcurl-devel libcurl4 - ignore all test failures for PowerPC as bypass boo#1075219 (not only the 1501 previously skipped) * Added patch ignore_runtests_failure.patch - Build curl with libssh.org libssh offers a lot more features than libssh2, for example: * Key Exchange Methods: curve25519-sha256@libssh.org * Hostkey Types: ssh-ed25519 * Authentication: gssapi-with-mic - Update to version 7.58.0 [bsc#1076360,CVE-2018-1000005][bsc#1077001,CVE-2018-1000007] Changes: * new libssh-powered SSH SCP/SFTP back-end * curl-config: add --ssl-backends Bugfixes: * http2: fix incorrect trailer buffer size * http: prevent custom Authorization headers in redirects * travis: add boringssl build * examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL * SSL: Avoid magic allocation of SSL backend specific data * lib: don't export all symbols, just everything curl_* * libssh2: send the correct CURLE error code on scp file not found * libssh2: return CURLE_UPLOAD_FAILED on failure to upload * openssl: enable pkcs12 in boringssl builds * libssh2: remove dead code from SSH_SFTP_QUOTE * sasl_getmesssage: make sure we have a long enough string to pass * conncache: fix several lock issues * threaded-shared-conn.c: new example * conncache: only allow multiplexing within same multi handle * configure: check for netinet/in6.h * URL: tolerate backslash after drive letter for FILE: * openldap: add commented out debug possibilities * include: get netinet/in.h before linux/tcp.h * CONNECT: keep close connection flag in http_connect_state struct * BINDINGS: another PostgreSQL client * curl: limit -# update frequency for unknown total size * configure: add AX_CODE_COVERAGE only if using gcc * curl.h: remove incorrect comment about ERRORBUFFER * openssl: improve data-pending check for https proxy * curl: remove __EMX__ #ifdefs * CURLOPT_PRIVATE.3: fix grammar * sftp: allow quoted commands to use relative paths * CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE * RESOLVE: output verbose text when trying to set a duplicate name * multi_done: prune DNS cache * tests: update .gitignore for libtests * tests: mark data files as non-executable in git * CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference * curl.1: documented two missing valid exit codes * curl.1: mention http:// and https:// as valid proxy prefixes * vtls: replaced getenv() with curl_getenv() * setopt: less *or equal* than INT_MAX/1000 should be fine * examples/smtp-mail.c: use separate defines for options and mail * curl: support >256 bytes warning messsages * conncache: fix a return code * krb5: fix a potential access of uninitialized memory * rand: add a clang-analyzer work-around * CURLOPT_READFUNCTION.3: refer to argument with correct name * brotli: allow compiling with version 0.6.0 * content_encoding: rework zlib_inflate * curl_easy_reset: release mime-related data * examples/rtsp: fix error handling macros * curl: Support size modifiers for --max-filesize * examples/cacertinmem: ignore cert-already-exists error * brotli: data at the end of content can be lost * curl_version_info.3: call the argument 'age' * openssl: fix memory leak of SSLKEYLOGFILE filename * build: remove HAVE_LIMITS_H check * --mail-rcpt: fix short-text description * scripts: allow all perl scripts to be run directly * progress: calculate transfer speed on milliseconds if possible * system.h: check __LONG_MAX__ for defining curl_off_t * easy: fix connection ownership in curl_easy_pause * setopt: reintroduce non-static Curl_vsetopt() for OS400 support * setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values * configure.ac: append extra linker flags instead of prepending them * HTTP: bail out on negative Content-Length: values * docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata * mime: clone mime tree upon easy handle duplication * openssl: enable SSLKEYLOGFILE support by default * smtp/pop3/imap_get_message: decrease the data length too... * CURLOPT_TCP_NODELAY.3: fix typo * SMB: fix numeric constant suffix and variable types * ftp-wildcard: fix matching an empty string with "*[^a]" * curl_fnmatch: only allow 5 '*' sections in a single pattern * openssl: fix potential memory leak in SSLKEYLOGFILE logic * SSH: Fix state machine for ssh-agent authentication * examples/url2file.c: add missing curl_global_cleanup() call * http2: don't close connection when single transfer is stopped * libcurl-env.3: first version * curl: progress bar refresh, get width using ioctl() * CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support ==== dleyna-connector-dbus ==== Version update (0.2.0 -> 0.3.0) - Update to version 0.3.0: + Don't crash when trying to unwatch non-existent client. + [m4]: - Don't use bash arrays in m4 macros. - Don't use bash "let" builtin. - Use AS_VAR_APPEND macro instead of "+=". - Do a minor spec cleanup. - Add libtool BuildRequires and pass autoreconf, bootstrap tarball. - Pass --disable-static to configure, ensure we do not build any static files. ==== dleyna-server ==== Version update (0.5.0 -> 0.6.0) - Update to version 0.6.0: + [Props]: Fix ChildCount property type. + Added new core.c and core.h to Makefile.am. + Add Artist and AlbumArtURL to MediaContainer2. + ifaddrs.h for Andriod compile. + [m4]: - Don't use bash arrays in m4 macros. - Don't use bash "let" builtin. - Use AS_VAR_APPEND macro instead of "+=". + Fix possible use-after-free on exit. + Invalid log line. + Dereference of undefined pointer value. + Result of operation is garbage or undefined. + Include libgupnp/gupnp-context-manager.h. - Drop dleyna-server-includes.patch: Fixed upstream. - Do a minor spec cleanup. - Add libtool BuildRequires and pass autoreconf, bootstrap tarball. - Pass --disable-static to configure, ensure we do not build any static files. ==== evolution-data-server ==== Subpackages: evolution-data-server-lang libcamel-1_2-60 libebackend-1_2-10 libebook-1_2-19 libebook-contacts-1_2-2 libecal-1_2-19 libedata-book-1_2-25 libedata-cal-1_2-28 libedataserver-1_2-22 libedataserverui-1_2-1 - Format with spec-cleaner. - Move license to %license tag. - Allow building with python3 instead of python2: + Add eds-python3.patch: find python3 as valid interpreter. + Add python3-base BuildRequires: needed during build, and we don't want to rely any longer on an implicit python interpreter being pulled in. - Drop obsolete obsoletes for 64bit and 32bit packages ==== evolution-rss ==== Version update (0.3.95+git.20161130 -> 0.3.95+git.20171129) Subpackages: evolution-plugin-rss evolution-plugin-rss-lang - Update to version 0.3.95+git.20171129: + Crash when importing OPML file with feeds without 'title' attribute. + gschema: Fix gettext-domain + Updated translations. ==== flatpak ==== Version update (0.10.3 -> 0.10.4) Subpackages: libflatpak0 typelib-1_0-Flatpak-1_0 - Update to version 0.10.4: * allow personality syscall in devel mode * configure: Fix copy_file_range detection * Add --disable-document-portal configure option * lib: Make gnome-software work with an empty /var/lib/flatpak * dir: Emit an error on non-root downgrade attempts * common/dir: Skip progress reporting while setting up extra-data * doc: Fix docs for --update-appstream * flatpak remote-ls -u: only consider apps from the current remote * extract_appstream: allow component IDs not to end in .desktop * common/dir: Fix a memory leak ==== kmediaplayer ==== Version update (5.42.0 -> 5.43.0) Subpackages: kmediaplayer-devel libKF5MediaPlayer5 - Update to 5.43.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.43.0.php - Changes since 5.42.0: * None ==== libsolv ==== Version update (0.6.31 -> 0.6.32) Subpackages: libsolv-devel libsolv-tools perl-solv python-solv - fixed bug that could make fileconflict detection very slow in some cases [bnc#953130] - bump version to 0.6.32 ==== messagelib ==== Subpackages: messagelib-lang - Add kde389592.patch to fix "Disable Emoticons" option not being remembered (boo#1078174, kde#389592) ==== perl-Params-ValidationCompiler ==== Version update (0.26 -> 0.27) - updated to 0.27 see /usr/share/doc/packages/perl-Params-ValidationCompiler/Changes 0.27 2018-02-11 - Fixed a bug with inlining Moose types. If a type's parent needed environment variables those would not get closed over. Reported by Mark Fowler. GH #22. - Added a debug option to dump the source of the subroutine before it is eval'd. ==== pulseaudio ==== Subpackages: libpulse-devel libpulse-mainloop-glib0 libpulse0 pulseaudio-bash-completion pulseaudio-lang pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils - Add pulseaudio-glibc2.27.patch: Fix build with glibc 2.27 (boo#1081023, fdo#104733). ==== qqc2-desktop-style ==== Version update (5.42.0 -> 5.43.0) - Update to 5.43.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.43.0.php - Changes since 5.42.0: * use the inactive or disabled color group when needed * Apply some C++11 niceties, styling consistency * Add BusyIndicator to the styled controls list * remove flicker when hovering scrollbar * Cache KColorScheme instances ==== suil ==== Version update (0.8.2 -> 0.10.0) - Fixed supplements lines - Update to version 0.10.0 * Add support for X11 in Gtk3 * Add support for Qt5 in Gtk2 * Add suil_init() to support early initialization and passing any necessary information that may be needed in the future (thanks Stefan Westerfeld) * Fix minor memory errors * Fix building with X11 against custom LV2 install path (thanks Robin Gareus) version 0.8.4 * Configure based on compiler target OS for cross-compilation * Add Cocoa in Gtk wrapper (patch from Robin Gareus) * Various Windows fixes (patches from Robin Gareus) * Center X11 UIs in Gtk (patch from Robin Gareus) * Fix initial size of resizable X11 UIs in Gtk (patch from Robin Gareus) * Bubble X11 key events up to Gtk parent (patch from Filipe Coelho) * Add Gtk2 and X11 in Qt5 wrappers (patch from Rui Nuno Capela) * Fix compilation with -Wl,--no-undefined * Fix a few minor/unlikely memory errors * Gracefully handle failure to open wrapper * Only report suil_ui_supported() if necessary wrapper is compiled in * Upgrade to waf 1.8.14 - Dropped qt4 plugins - Split plugins into separate packages so that only actually required libraries are pulled in ==== tiff ==== Subpackages: libtiff-devel libtiff5 libtiff5-32bit - bsc#1046077: Add tiff-4.0.9-bsc1046077-CVE-2017-9935.patch Fix Heap-based buffer overflow in t2p_write_pdf ==== vala ==== Version update (0.38.7 -> 0.38.8) Subpackages: libvala-0_38-0 - Update to version 0.38.8: + Various bug fixes: - Fix GDestroyNotify of delegate parameters in delegate declaration (bgo#639059). - Avoid critical when connecting dynamic signals. - compiler: Prefix headers for set_cheader_override() if includedir is given (bgo#793299). - Don't warn about unused internal methods which are meant to be visible on DBus (bgo#593902). - libvaladoc: Prevent WITH_CGRAPH conditional having an impact on generated sources. + Bindings: - gio-2.0: Cherry-pick some DBusProxy fixes from 0.40. - gstreamer-1.0: Update from 1.13+ git master. - gdk-3.0,gtk+-3.0: Update to 3.22.27. - Update vala_priority define to 38, something we should have done when stable 0.38.0 was released. ==== vim ==== Subpackages: gvim vim-data - Split vim-data into vim-data-common package for low-disk usage scenarios bsc#1078722 bsc#1078554 bsc#1075541 - Make set mouse= default in suse.vimrc bsc#1079185 bsc#1078564 bsc#1067890 bsc#1064068 bsc#1062691 ==== virt-manager ==== Subpackages: virt-install virt-manager-common - Upstream bug fix (bsc#1027942) 4c7c4590-manager-Fix-mem-disk-net-stats-graphs.patch ==== virtualbox ==== Subpackages: virtualbox-guest-kmp-default virtualbox-guest-tools virtualbox-guest-x11 - Fix bug in video capture - boo#1081281. The variable used to store the time code is only 16 bits, but needs to be 32-bits long. File "fix_videocapture.patch" is added to fix the problem. ==== xen ==== Version update (4.10.0_10 -> 4.10.0_12) Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU - tools-domU: Add support for qemu guest agent. New files 80-xen-channel-setup.rules and xen-channel-setup.sh configure a xen-pv-channel for use by the guest agent FATE#324963 - Remove outdated /etc/xen/README* - bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with MSR emulation (XSA-253) 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch - bsc#1074562 - VUL-0: xen: Information leak via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org