Mailinglist Archive: opensuse-factory (742 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20180319 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180319

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
apulse
autogen
bluez (5.48 -> 5.49)
chrony
colord (1.4.1 -> 1.4.2)
curl (7.58.0 -> 7.59.0)
dbus-1
dbus-1-x11
elfutils (0.168 -> 0.170)
exempi (2.2.2 -> 2.4.5)
firewalld (0.5.1 -> 0.5.2)
freerdp
gnome-contacts (3.27.92 -> 3.28.0)
grub2
gtk3 (3.22.28 -> 3.22.29)
gucharmap
kernel-firmware (20180222 -> 20180312)
kernel-source (4.15.9 -> 4.15.10)
lftp
libgit2 (0.26.0 -> 0.26.3)
libiscsi
libvirt
libxml2 (2.9.7 -> 2.9.8)
lightsoff (3.27.92 -> 3.28.0)
ntp (4.2.8p10 -> 4.2.8p11)
osinfo-db (20170813 -> 20180311)
perl-GD-Graph3d
perl-GDTextUtil
perl-HTTP-Message (6.14 -> 6.15)
polkit-default-privs
python-libxml2-python (2.9.7 -> 2.9.8)
sharutils
swell-foop (3.27.92 -> 3.28.0)
systemd-presets-branding-openSUSE
thin-provisioning-tools
time (1.8 -> 1.9)
xmlto (0.0.26 -> 0.0.28)

=== Details ===

==== apulse ====
Subpackages: apulse-32bit

- Refresh spec-file via spec-cleaner.
* Add %license macro.
* Add cmake -LA option for print local variables.

==== autogen ====
Subpackages: libopts-devel libopts25

- Add autogen-reproducible-tar.patch to make .tar.gz build reproducible
( https://sourceforge.net/p/autogen/bugs/182/ )
- Add autogen-constant-timeout.patch to make build reproducible (boo#1041534)
- Set MAN_PAGE_DATE to not include build date into man pages (boo#1047218)

==== bluez ====
Version update (5.48 -> 5.49)
Subpackages: bluez-cups bluez-devel libbluetooth3

- update to version 5.49:
This is mostly a bug fix release, with fixes to features such as
AVCTP, OBEX, GATT and Mesh. There are however some notable new
features also, such as improved heartbeat management support in
meshctl as well as a new experimental ConnectDevice D-Bus method
on the Adapter interface, which can be used for quick device
object creation for testing purpose or when information about the
device has been received over some Out-of-Band channel.
- remove 0001-core-Fixes-order-InterfaceAdded.patch (upstream)

==== chrony ====

- Fix name of fillup template (was never installed before)
- Fix Requires for fillup, it's used in post, not pre.

==== colord ====
Version update (1.4.1 -> 1.4.2)
Subpackages: colord-color-profiles colord-lang libcolord2 libcolorhug2

- Update to version 1.4.2:
+ New Features:
- Add cd_icc_set_created.
- Add --enable-timestamps option for CREATED header.
+ Bugfixes:
- Avoid buffer overflow when reading profile_id.
- Fix the detection of duplicate EDIDs.
- Make udev hwdb optional by using pnp.ids as fallback.
- Raise _XOPEN_SOURCE to 700 to enable C99 on FreeBSD.
- Refactor build directory selection.
- Set cd-create-profile date to SOURCE_DATE_EPOCH.
- Pass new option enable-udev-rules=true to meson.

==== curl ====
Version update (7.58.0 -> 7.59.0)
Subpackages: libcurl-devel libcurl4

- Added message about protocol redirection not supported or
disabled to the function findprotocol() [bsc#1076446]
* Added curl-disabled-redirect-protocol-message.patch
- Update to version 7.59.0
[bsc#1084521, CVE-2018-1000120][bsc#1084524, CVE-2018-1000121]
[bsc#1084532, CVE-2018-1000122]
Changes:
* curl: add --proxy-pinnedpubkey
* added: CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T
* CURLOPT_RESOLVE: Add support for multiple IP addresses per entry
* Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
* Add new tool option --happy-eyeballs-timeout-ms
* Add CURLOPT_RESOLVER_START_FUNCTION and CURLOPT_RESOLVER_START_DATA
Bugfixes:
* openldap: check ldap_get_attribute_ber() results for NULL before using
* FTP: reject path components with control codes
* readwrite: make sure excess reads don't go beyond buffer end
* lib555: drop text conversion and encode data as ascii codes
* lib517: make variable static to avoid compiler warning
* lib544: sync ascii code data with textual data
* GSKit: restore pinnedpubkey functionality
* darwinssl: Don't import client certificates into Keychain on macOS
* parsedate: fix date parsing for systems with 32 bit long
* openssl: fix pinned public key build error in FIPS mode
* SChannel/WinSSL: Implement public key pinning
* cookies: remove verbose "cookie size:" output
* progress-bar: don't use stderr explicitly, use bar->out
* build: open VC15 projects with VS 2017
* curl_ctype: private is*() type macros and functions
* configure: set PATH_SEPARATOR to colon for PATH w/o separator
* curl_easy_reset: clear digest auth state
* curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6
* range: commonize FTP and FILE range handling
* progress-bar docs: update to match implementation
* fnmatch: do not match the empty string with a character set
* fnmatch: accept an alphanum to be followed by a non-alphanum in char set
* build: fix termios issue on android cross-compile
* getdate: return -1 for out of range
* formdata: use the mime-content type function
* openssl: Don't add verify locations when verifypeer==0
* fnmatch: optimize processing of consecutive *s and ?s pattern characters
* schannel: fix compiler warnings
* content_encoding: Add "none" alias to "identity"
* get_posix_time: only check for overflows if they can happen
* http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING
* README: language fix
* sha256: build with OpenSSL < 0.9.8
* smtp: fix processing of initial dot in data
* --tlsauthtype: works only if libcurl is built with TLS-SRP support
* tests: new tests for http raw mode
* libcurl-security.3: man page discussion security concerns when using libcurl
* curl_gssapi: make sure this file too uses our *printf()
* BINDINGS: fix curb link (and remove ruby-curl-multi)
* nss: use PK11_CreateManagedGenericObject() if available
* travis: add build with iconv enabled
* ssh: add two missing state names
* CURLOPT_HEADERFUNCTION.3: mention folded headers
* http: fix the max header length detection logic
* header callback: don't chop headers into smaller pieces
* CURLOPT_HEADER.3: clarify problems with different data sizes
* curl --version: show PSL if the run-time lib has it enabled
* examples/sftpuploadresume: resume upload via CURLOPT_APPEND
* Return error if called recursively from within callbacks
* sasl: prefer PLAIN mechanism over LOGIN
* winbuild: Use CALL to run batch scripts
* curl_share_setopt.3: connection cache is shared within multi handles
* projects/README: remove reference to dead IDN link/package
* lib655: silence compiler warning
* configure: Fix version check for OpenSSL 1.1.1
* docs/MANUAL: formfind.pl is not accessible on the site anymore
* unit1307: proper cleanup on OOM to fix torture tests
* curl_ctype: fix macro redefinition warnings
* build: get CFLAGS (including -werror) used for examples and tests
* NO_PROXY: fix for IPv6 numericals in the URL
* krb5: use nondeprecated functions
* http2: mark the connection for close on GOAWAY
* limit-rate: kick in even before "limit" data has been received
* HTTP: allow "header;" to replace an internal header with a blank one
* http2: verbose output new MAX_CONCURRENT_STREAMS values
* SECURITY: distros' max embargo time is 14 days
* curl tool: accept --compressed also if Brotli is enabled and zlib is not
* WolfSSL: adding TLSv1.3
* checksrc.pl: add -i and -m options
* CURLOPT_COOKIEFILE.3: "-" as file name means stdin
- Refreshed patch libcurl-ocloexec.patch

==== dbus-1 ====
Subpackages: dbus-1-devel libdbus-1-3 libdbus-1-3-32bit

- Don't spit out a warning if /usr/bin/dbus-daemon does not exist
when we run the pre-script.

==== dbus-1-x11 ====

- Don't spit out a warning if /usr/bin/dbus-daemon does not exist
when we run the pre-script.

==== elfutils ====
Version update (0.168 -> 0.170)
Subpackages: elfutils-lang libasm1 libdw1 libebl-plugins libelf-devel libelf1

- Update to version 0.170
libdw: Added new DWARF5 attribute, tag, character encoding, language code,
calling convention, defaulted member function and macro constants
to dwarf.h.
New functions dwarf_default_lower_bound and dwarf_line_file.
dwarf_peel_type now handles DWARF5 immutable, packed and shared tags.
dwarf_getmacros now handles DWARF5 .debug_macro sections.
strip: Add -R, --remove-section=SECTION and --keep-section=SECTION.
backends: The bpf disassembler is now always build on all platforms.
- Includes changes in 0.169
backends: Add support for EM_PPC64 GNU_ATTRIBUTES.
Frame pointer unwinding fallback support for i386, x86_64, aarch64.
translations: Update Polish translation.
- Remove obsolete 0001-backends-Add-support-for-EM_PPC64-GNU_ATTRIBUTES.patch
and ppc-machine-flags.patch
- Add elfutils-0.170-stripnothing.patch to robustify test and avoid a FAIL.
- Add elfutils-0.170-Wpackednotaligned.patch to fix build with GCC 8.
(boo#1084637)

==== exempi ====
Version update (2.2.2 -> 2.4.5)
Subpackages: libexempi-devel libexempi3

- Extend descriptions.
- Update to 2.4.5:
* Fix a buffer overflow in the PSD parser. (CVE-2018-7730 bnc#1085295)
* Fix a buffer overflow in the TIFF parser. (CVE-2018-7728 bnc#1085297)
* Fix a buffer overflow in PostScript parser. (CVE-2018-7729 bnc#1085296)
* Fix a null dereference in WEBP parser. (CVE-2018-7731 bnc#1085294)
* Properly initialize pointers in WEBP.
* Fix an infinite loop in RIFF parser.
* Fix an infinite loop in QuickTime parser.
* Fix an infinite loop in ASF parser.
* Adjust minimum version for gcc in documentation.
* Fix a buffer overrun, memcpy() on overlapping regions, use after free in
the exception handling. Fix a fatal assert with corrupt WEBP.
* Fix a crash on a corrupt file.
* Upgrade XMPCore to Adobe XMP CC 2014.12.
* New flag to optimize layout on MPEG4 files.
* GoPro MPEG4 video files support.
* Improved JPEG support.
* iXML support in WAVE files.
* Several bugs and memory leaks fixes.
* Changes from Adobe XMP CC 2013.06.
* Pluggable file handlers (not exposed yet in Exempi)
* Support for Exif 2.3 properties
* New RIFF file handler
* Better Postscript support.
* Lot of bug fixes.
* Now require (partial) C++11 support to compile (gcc 4.4.7 tested)
* WebP format handler (contributed: Frankie Dintino, The Atlantic)
* Several API improvements
* Fix potential crash with corrupt TIFF file.
* Fix header to pass -Wstrict-prototypes

==== firewalld ====
Version update (0.5.1 -> 0.5.2)
Subpackages: firewalld-lang python3-firewall

- Update to 0.5.2
* fix rule deduplication causing accidental removal of rules
* log failure to parse direct rules xml as an error
* firewall-config: Break infinite loop when firewalld is not running
* fix set-log-denied not taking effect
* po: update translations

==== freerdp ====
Subpackages: libfreerdp2 libwinpr2

- Added no_connection_to_windows_10_17101.patch to fix
Windows-connection-problem after Windows march 2018 updates.
This fix is related to boo#1085416
- Do not use xorg-x11-devel, instead buildrequire individual
x components.
- Only attempt to ge rid of __DATE__ and __TIME__ if
SOURCE_DATE_EPOCH is not set.

==== gnome-contacts ====
Version update (3.27.92 -> 3.28.0)
Subpackages: gnome-contacts-lang gnome-shell-search-provider-contacts

- Update to version 3.28.0:
+ Favorite contacts, which are shown at the top of the contact
list.
+ Sort contacts by their first name or surname.
+ Small tweaks to the UI, such as a more welcoming setup screen
and rounded avatars.
+ Performance improvements to the GNOME Shell search provider.
+ A slightly decreased memory usage.
+ Updated translations.
- Update:
+ URL tag to https://wiki.gnome.org/Apps/Contacts: currently
the Contacts' web page.
+ Package description to be a bit more verbose.
- Add geocode-glib-1.0 and gmodule-export-2.0 pkgconfig modules
BuildRequires to avoid implicit dependencies.
- Drop:
+ pkgconfig(champlain-0.12) BuildRequires: it is not a
requirement anymore.
+ update-desktop-files BuildRequires and its macro: they are no
longer required.
+ glib2_gsettings_schema_requires macro: it is not used anymore
since RPM file triggers.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin
grub2-x86_64-efi grub2-x86_64-xen

- Fix UEFI HTTPS Boot from ISO installation image (bsc#1076132)
* 0001-add-support-for-UEFI-network-protocols.patch
- fix wrong command output when default subvolume is toplevel tree with
id 5 (bsc#1078775)
* grub2-btrfs-09-get-default-subvolume.patch
- insert mdraid modules to support software RAID (bsc#1078775)
* grub2-xen-pv-firmware.cfg
- Rename grub2-btrfs-workaround-grub2-once.patch to
grub2-grubenv-in-btrfs-header.patch
- Store GRUB environment variable health_checker_flag in Btrfs header

==== gtk3 ====
Version update (3.22.28 -> 3.22.29)
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut
gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang
gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0

- Update to version 3.22.29:
+ Wayland: add an input method based on the text protocol.
+ File chooser: Stop activating without double-click.
+ Bugs fixed: bgo#710888, bgo#743975, bgo#775546, bgo#794008.
+ Updated translations.
- Drop gtk3-restore-filechooser-click-behavior.patch: fixed
upstream.

==== gucharmap ====
Subpackages: gucharmap-lang libgucharmap_2_90-7

- Drop ineffective --with-pic. Replace fragile LDFLAGS=-ldl.

==== kernel-firmware ====
Version update (20180222 -> 20180312)
Subpackages: ucode-amd

- Update to version 20180312:
* Mellanox: Add new mlxsw_spectrum firmware 13.1620.192
* qed: Add firmware 8.33.11.0
* BCM-0bb4-0306: Cypress Bluetooth firmware for HTC Vive
* linux-firmware:Update firmware patch for Intel Bluetooth 7265 (D1)
* qed: Add firmwares 8.20.0.0 8.18.9.0 and 8.14.6.0
* iwlwifi: update firmware version 34 for 9000 series

==== kernel-source ====
Version update (4.15.9 -> 4.15.10)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs
kernel-macros kernel-syms

- Linux 4.15.10 (bnc#1012628).
- RDMA/ucma: Limit possible option size (bnc#1012628).
- RDMA/ucma: Check that user doesn't overflow QP state
(bnc#1012628).
- RDMA/mlx5: Fix integer overflow while resizing CQ (bnc#1012628).
- IB/uverbs: Improve lockdep_check (bnc#1012628).
- mac80211_hwsim: don't use WQ_MEM_RECLAIM (bnc#1012628).
- net/smc: fix NULL pointer dereference on sock_create_kern()
error path (bnc#1012628).
- regulator: stm32-vrefbuf: fix check on ready flag (bnc#1012628).
- drm/i915: Check for fused or unused pipes (bnc#1012628).
- drm/i915/audio: fix check for av_enc_map overflow (bnc#1012628).
- drm/i915: Fix rsvd2 mask when out-fence is returned
(bnc#1012628).
- drm/i915: Clear the in-use marker on execbuf failure
(bnc#1012628).
- drm/i915: Disable DC states around GMBUS on GLK (bnc#1012628).
- drm/i915: Update watermark state correctly in
sanitize_watermarks (bnc#1012628).
- drm/i915: Try EDID bitbanging on HDMI after failed read
(bnc#1012628).
- drm/i915/perf: fix perf stream opening lock (bnc#1012628).
- scsi: core: Avoid that ATA error handling can trigger a kernel
hang or oops (bnc#1012628).
- scsi: qla2xxx: Fix NULL pointer crash due to active timer for
ABTS (bnc#1012628).
- drm/i915: Always call to intel_display_set_init_power() in
resume_early (bnc#1012628).
- workqueue: Allow retrieval of current task's work struct
(bnc#1012628).
- drm: Allow determining if current task is output poll worker
(bnc#1012628).
- drm/nouveau: Fix deadlock on runtime suspend (bnc#1012628).
- drm/radeon: Fix deadlock on runtime suspend (bnc#1012628).
- drm/amdgpu: Fix deadlock on runtime suspend (bnc#1012628).
- drm/nouveau: prefer XBGR2101010 for addfb ioctl (bnc#1012628).
- drm/amd/powerplay/smu7: allow mclk switching with no displays
(bnc#1012628).
- drm/amd/powerplay/vega10: allow mclk switching with no displays
(bnc#1012628).
- Revert "drm/radeon/pm: autoswitch power state when in balanced
mode" (bnc#1012628).
- drm/amd/display: check for ipp before calling cursor operations
(bnc#1012628).
- drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE
(bnc#1012628).
- drm/amd/powerplay: fix power over limit on Fiji (bnc#1012628).
- drm/amd/display: Default HDMI6G support to true. Log VBIOS
table error (bnc#1012628).
- drm/amdgpu: used cached pcie gen info for SI (v2) (bnc#1012628).
- drm/amdgpu: Notify sbios device ready before send request
(bnc#1012628).
- drm/radeon: fix KV harvesting (bnc#1012628).
- drm/amdgpu: fix KV harvesting (bnc#1012628).
- drm/amdgpu:Correct max uvd handles (bnc#1012628).
- drm/amdgpu:Always save uvd vcpu_bo in VM Mode (bnc#1012628).
- ovl: redirect_dir=nofollow should not follow redirect for
opaque lower (bnc#1012628).
- MIPS: BMIPS: Do not mask IPIs during suspend (bnc#1012628).
- MIPS: ath25: Check for kzalloc allocation failure (bnc#1012628).
- MIPS: OCTEON: irq: Check for null return on kzalloc allocation
(bnc#1012628).
- PCI: dwc: Fix enumeration end when reaching root subordinate
(bnc#1012628).
- Input: matrix_keypad - fix race when disabling interrupts
(bnc#1012628).
- Revert "Input: synaptics - Lenovo Thinkpad T460p devices should
use RMI" (bnc#1012628).
- bug: use %pB in BUG and stack protector failure (bnc#1012628).
- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug()
(bnc#1012628).
- mm/memblock.c: hardcode the end_pfn being -1 (bnc#1012628).
- loop: Fix lost writes caused by missing flag (bnc#1012628).
- virtio_ring: fix num_free handling in error case (bnc#1012628).
- KVM: s390: fix memory overwrites when not using SCA entries
(bnc#1012628).
- arm64: mm: fix thinko in non-global page table attribute check
(bnc#1012628).
- IB/core: Fix missing RDMA cgroups release in case of failure
to register device (bnc#1012628).
- Revert "nvme: create 'slaves' and 'holders' entries for hidden
controllers" (bnc#1012628).
- kbuild: Handle builtin dtb file names containing hyphens
(bnc#1012628).
- dm bufio: avoid false-positive Wmaybe-uninitialized warning
(bnc#1012628).
- IB/mlx5: Fix incorrect size of klms in the memory region
(bnc#1012628).
- bcache: fix crashes in duplicate cache device register
(bnc#1012628).
- bcache: don't attach backing with duplicate UUID (bnc#1012628).
- x86/MCE: Save microcode revision in machine check records
(bnc#1012628).
- x86/MCE: Serialize sysfs changes (bnc#1012628).
- perf tools: Fix trigger class trigger_on() (bnc#1012628).
- x86/spectre_v2: Don't check microcode versions when running
under hypervisors (bnc#1012628).
- ALSA: hda/realtek - Add support headset mode for DELL WYSE
(bnc#1012628).
- ALSA: hda/realtek - Add headset mode support for Dell laptop
(bnc#1012628).
- ALSA: hda/realtek: Limit mic boost on T480 (bnc#1012628).
- ALSA: hda/realtek - Fix dock line-out volume on Dell Precision
7520 (bnc#1012628).
- ALSA: hda/realtek - Make dock sound work on ThinkPad L570
(bnc#1012628).
- ALSA: seq: Don't allow resizing pool in use (bnc#1012628).
- ALSA: seq: More protection for concurrent write and ioctl races
(bnc#1012628).
- ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
(bnc#1012628).
- ALSA: hda: add dock and led support for HP EliteBook 820 G3
(bnc#1012628).
- ALSA: hda: add dock and led support for HP ProBook 640 G2
(bnc#1012628).
- scsi: qla2xxx: Fix NULL pointer crash due to probe failure
(bnc#1012628).
- scsi: qla2xxx: Fix recursion while sending terminate exchange
(bnc#1012628).
- dt-bindings: Document mti,mips-cpc binding (bnc#1012628).
- MIPS: CPC: Map registers using DT in
mips_cpc_default_phys_base() (bnc#1012628).
- nospec: Kill array_index_nospec_mask_check() (bnc#1012628).
- nospec: Include <asm/barrier.h> dependency (bnc#1012628).
- x86/entry: Reduce the code footprint of the 'idtentry' macro
(bnc#1012628).
- x86/entry/64: Use 'xorl' for faster register clearing
(bnc#1012628).
- x86/mm: Remove stale comment about KMEMCHECK (bnc#1012628).
- x86/asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers
(bnc#1012628).
- x86/IO-APIC: Avoid warning in 32-bit builds (bnc#1012628).
- x86/LDT: Avoid warning in 32-bit builds with older gcc
(bnc#1012628).
- x86-64/realmode: Add instruction suffix (bnc#1012628).
- Revert "x86/retpoline: Simplify vmexit_fill_RSB()"
(bnc#1012628).
- x86/speculation: Use IBRS if available before calling into
firmware (bnc#1012628).
- x86/retpoline: Support retpoline builds with Clang
(bnc#1012628).
- x86/speculation, objtool: Annotate indirect calls/jumps for
objtool (bnc#1012628).
- x86/speculation: Move firmware_restrict_branch_speculation_*()
from C to CPP (bnc#1012628).
- x86/paravirt, objtool: Annotate indirect calls (bnc#1012628).
- x86/boot, objtool: Annotate indirect jump in
secondary_startup_64() (bnc#1012628).
- x86/mm/sme, objtool: Annotate indirect call in
sme_encrypt_execute() (bnc#1012628).
- objtool: Use existing global variables for options
(bnc#1012628).
- objtool: Add retpoline validation (bnc#1012628).
- objtool: Add module specific retpoline rules (bnc#1012628).
- objtool, retpolines: Integrate objtool with retpoline support
more closely (bnc#1012628).
- objtool: Fix another switch table detection issue (bnc#1012628).
- objtool: Fix 32-bit build (bnc#1012628).
- x86/kprobes: Fix kernel crash when probing .entry_trampoline
code (bnc#1012628).
- watchdog: hpwdt: SMBIOS check (bnc#1012628).
- watchdog: hpwdt: Check source of NMI (bnc#1012628).
- watchdog: hpwdt: fix unused variable warning (bnc#1012628).
- watchdog: hpwdt: Remove legacy NMI sourcing (bnc#1012628).
- netfilter: add back stackpointer size checks (bnc#1012628).
- netfilter: ipt_CLUSTERIP: fix a race condition of proc file
creation (bnc#1012628).
- netfilter: xt_hashlimit: fix lock imbalance (bnc#1012628).
- netfilter: x_tables: fix missing timer initialization in xt_LED
(bnc#1012628).
- netfilter: nat: cope with negative port range (bnc#1012628).
- netfilter: IDLETIMER: be syzkaller friendly (bnc#1012628).
- netfilter: bridge: ebt_among: add missing match size checks
(bnc#1012628).
- netfilter: ipv6: fix use-after-free Write in
nf_nat_ipv6_manip_pkt (bnc#1012628).
- netfilter: use skb_to_full_sk in ip6_route_me_harder
(bnc#1012628).
- tpm_tis: Move ilb_base_addr to tpm_tis_data (bnc#1012628).
- tpm: Keep CLKRUN enabled throughout the duration of
transmit_cmd() (bnc#1012628).
- tpm: delete the TPM_TIS_CLK_ENABLE flag (bnc#1012628).
- tpm: remove unused variables (bnc#1012628).
- tpm: only attempt to disable the LPC CLKRUN if is already
enabled (bnc#1012628).
- x86/xen: Calculate __max_logical_packages on PV domains
(bnc#1012628).
- scsi: qla2xxx: Fix system crash for Notify ack timeout handling
(bnc#1012628).
- scsi: qla2xxx: Fix gpnid error processing (bnc#1012628).
- scsi: qla2xxx: Move session delete to driver work queue
(bnc#1012628).
- scsi: qla2xxx: Skip IRQ affinity for Target QPairs
(bnc#1012628).
- scsi: qla2xxx: Fix re-login for Nport Handle in use
(bnc#1012628).
- scsi: qla2xxx: Retry switch command on time out (bnc#1012628).
- scsi: qla2xxx: Serialize GPNID for multiple RSCN (bnc#1012628).
- scsi: qla2xxx: Fix login state machine stuck at GPDB
(bnc#1012628).
- scsi: qla2xxx: Fix NPIV host cleanup in target mode
(bnc#1012628).
- scsi: qla2xxx: Relogin to target port on a cable swap
(bnc#1012628).
- scsi: qla2xxx: Fix Relogin being triggered too fast
(bnc#1012628).
- scsi: qla2xxx: Fix PRLI state check (bnc#1012628).
- scsi: qla2xxx: Fix abort command deadlock due to spinlock
(bnc#1012628).
- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
(bnc#1012628).
- scsi: qla2xxx: Fix scan state field for fcport (bnc#1012628).
- scsi: qla2xxx: Clear loop id after delete (bnc#1012628).
- scsi: qla2xxx: Defer processing of GS IOCB calls (bnc#1012628).
- scsi: qla2xxx: Remove aborting ELS IOCB call issued as part
of timeout (bnc#1012628).
- scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref
(bnc#1012628).
- scsi: qla2xxx: Fix memory leak in dual/target mode
(bnc#1012628).
- NFS: Fix an incorrect type in struct nfs_direct_req
(bnc#1012628).
- pNFS: Prevent the layout header refcount going to zero in
pnfs_roc() (bnc#1012628).
- NFS: Fix unstable write completion (bnc#1012628).
- Refresh
patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch.
- Refresh
patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch.
- Refresh
patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
- commit 5e4329c
- Bluebooth: btusb: Fix quirk for Atheros 1525/QCA6174
(bsc#1082504).
- commit e8a80ec
- netfilter: ebtables: fix erroneous reject of last rule
(bsc#1085107).
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
(bsc#1085107).
- commit bfb5701
- brcmsmac: allocate ucode with GFP_KERNEL (bsc#1085174).
- commit 8e06b20
- mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
(CVE-2018-8087,bsc#1085053).
- commit cddf6d5

==== lftp ====

- Added openSUSE-specific patches that implement a wrapper script
called "ftp" on top of the lftp command that is compatible to
lukemftp. Those patches are maintained in a fork of the upstream
project at https://github.com/opensuse/lftp. [bsc#1083331]
* 0001-Add-content-of-the-SUSE-lftp-vi-1.1-archive.patch
* 0002-Add-content-of-lftp-compat-addfiles.patch.patch
* 0003-Add-content-of-lftp-completion.patch.patch
* 0004-Include-config.h-to-detect-gnulib-macros.patch
* 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch

==== libgit2 ====
Version update (0.26.0 -> 0.26.3)

- Update to 0.26.3:
* Fix cloning of the libgit2 project with git clone --recursive by removing an
invalid submodule from our testing data.
* Fix endianness of the port in p_getaddrinfo().
* Fix handling of negative gitignore rules with wildcards.
* Fix handling of case-insensitive negative gitignore rules.
* Fix resolving references to a tag if the reference is stored with its fully
resolved OID in the packed-refs file.
* Fix checkout not treating worktree files as modified when only their mode
has
changed.
* Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES.
* Fixes memory handling issues when reading crafted repository index files.
The issues allow for possible denial of service due to allocation of large
memory and out-of-bound reads.
(CVE-2018-8098 bnc#1085257 CVE-2018-8099 bnc#1085256)
* Updates the bundled zlib to 1.2.11. Users who build the bundled zlib are
vulnerable to security issues in the prior version.

==== libiscsi ====

- Morernise spec file with spec-clener

==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network
libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface
libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc
libvirt-daemon-driver-network libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-uml
libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu
libvirt-daemon-xen libvirt-libs

- lockd: fix typo in virtlockd-admin.socket
fb327ac2-virtlockd-admin-socket.patch
bsc#1085386
- Install correct firewall service file depending on availability
of firewalld vs SuSEfirewall2
libvirtd-relocation-server.xml
bsc#1083455
- qemu: avoid denial of service reading from QEMU guest agent
CVE-2018-1064
fbf31e1a-CVE-2018-1064.patch
bsc#1083625
- virtlockd: fix loosing lock on re-exec
464889ff-rpc-aquire-ref-dispatch.patch,
c6f1d519-rpc-simplify-dispatch.patch,
06e7ebb6-rpc-invoke-dispatch-unlocked.patch,
86cae503-rpc-fix-pre-exec.patch,
eefabb38-rpc-virtlockd-virtlogd-single-thread.patch
bsc#1076861
- libvirtd: fix potential deadlock when reloading
33c6eb96-fix-libvirtd-reload-deadlock.patch
bsc#1079150

==== libxml2 ====
Version update (2.9.7 -> 2.9.8)
Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools

- Version update to 2.9.8:
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations

==== lightsoff ====
Version update (3.27.92 -> 3.28.0)
Subpackages: lightsoff-lang

- Fix some dangling symlinks in lang subpackage if doc subpackage
is not installed: revert doc subpackage split and obsolete it and
package it into the main package instead.
- Update to version 3.28.0:
+ Updated translations.

==== ntp ====
Version update (4.2.8p10 -> 4.2.8p11)
Subpackages: ntp-doc

- Update to 4.2.8p11 (bsc#1082210):
* CVE-2016-1549: Sybil vulnerability: ephemeral association
attack. While fixed in ntp-4.2.8p7, there are significant
additional protections for this issue in 4.2.8p11.
* CVE-2018-7182, bsc#1083426: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak.
* CVE-2018-7170, bsc#1083424: Multiple authenticated ephemeral
associations.
* CVE-2018-7184, bsc#1083422: Interleaved symmetric mode cannot
recover from bad state.
* CVE-2018-7185, bsc#1083420: Unauthenticated packet can reset
authenticated interleaved association.
* CVE-2018-7183, bsc#1083417: ntpq:decodearr() can write beyond
its buffer limit.
* Obsoletes these patches: ntp-sntp-a.patch, ntp-warnings.patch
- Remove dead code from conf.start-ntpd (bsc#1082063).
- Don't use libevent's cached time stamps in sntp.
(bsc#1077445, ntp-sntp-libevent.patch)

==== osinfo-db ====
Version update (20170813 -> 20180311)

- bsc#1085757 - Leap 15 patch for osinfo-db has wrong information
in it
add-opensuse-leap-15-support.patch
- fate#322156 - Update database to version 20180311
osinfo-db-20180311.tar.xz
- Drop
add-opensuse-leap-42.3-support.patch
add-sle12sp3-support.patch
add-win2k16-support.patch

==== perl-GD-Graph3d ====

- Remove buildrequires on jpeg and xorg-x11-devel

==== perl-GDTextUtil ====

- remove buildrequires on jpeg and xorg-x11-devel, both unused.

==== perl-HTTP-Message ====
Version update (6.14 -> 6.15)

- updated to 6.15
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.15 2018-03-13 13:02:56Z
- Whenever possible, use an absolute four digit year for Time::Local (GH#97)
- Add is_cacheable_by_default() (GH#98) (Theo van Hoesel)

==== polkit-default-privs ====

- polkit-default-privs: mass amnesty whitelisting of untracked privileges. See
https://lists.opensuse.org/opensuse-factory/2018-02/msg01044.html for
rationale. This allows existing packages in Factory to continue building
after the tighter rpmlint-Factory checks become effective. Following
packages are affected:
- blueman (bsc#1083066)
- cinnamon settings-daemon (bnc#1083067)
- connman (bsc#1083069)
- flatpak (bsc#984817)
- fwupd (bsc#1083022)
- gsmartcontrol (bsc#1084693)
- gvfs (bsc#1073214)
- laptop-mode-tools (bsc#1084695)
- mate-system-monitor (bsc#1084701)
- nemo (bsc#1084702)
- nemo-extensions (bsc#1084703)
- PackageKit (bnc#993505)
- pantheon-files (bsc#1084704)
- scap-workbench (bsc#1084706)
- spice-gtk (bsc#1083025)
- sysprof (bsc#1083055)

==== python-libxml2-python ====
Version update (2.9.7 -> 2.9.8)

- Version update to 2.9.8:
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations
- Drop patch python3.6-verify_fd.patch merged upstream

==== sharutils ====
Subpackages: sharutils-lang

- Add sharutils-CVE-2018-1000097-fix_buffer_overflow.patch to fix
a possibility to overflow the stack (bsc#1085004, CVE-2018-1000097).

==== swell-foop ====
Version update (3.27.92 -> 3.28.0)
Subpackages: swell-foop-lang

- Update to version 3.28.0:
+ Updated translations.

==== systemd-presets-branding-openSUSE ====

- Enable hostinfo.service as well
- Enable hostinfo.timer

==== thin-provisioning-tools ====

- Modernise spec file with spec-cleaner

==== time ====
Version update (1.8 -> 1.9)

- time 1.9:
* reports percent CPU usage for programs lasting less then 1s
* "time -p" no longers adds the "Command exited with non-zero
status" message (POSIX compliance)
- Use %license (boo#1082318)

==== xmlto ====
Version update (0.0.26 -> 0.0.28)

- update to 0.0.28:
- fix broken temp files removal
- do not detect links browser as elinks
- includes 0.0.27:
- remove several bashisms in scripts
- new option --profile for preprocessing documents with
profiling stylesheet
- fix several potential crashes in xmlif
- cleanup with spec-cleaner
- switch urls to new fedora upstream
- patches:
* rebase xmlto-xsltopts.patch
* format xmlto-codecleanup.patch for -p1
* format xmlto-nonvoid.patch for -p1
* drop xmlto-overflow.patch (xmlif.c is regenerated anyway)
* drop xmlto-lynx-empty-file.patch (obsolete)
* renumber patches


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages