Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180424 When you reply to report some issues, make sure to change the subject. It is not helpful to keep the release announcement subject in a thread while discussing a specific problem. Packages changed: Mesa (18.0.0 -> 18.0.1) Mesa-drivers (18.0.0 -> 18.0.1) apache2 (2.4.29 -> 2.4.33) apparmor (2.12 -> 2.13) apr babl (0.1.44 -> 0.1.46) bash branding-openSUSE ccache (3.3.6 -> 3.4.2) ceph (13.0.1.3204+g17e0216271 -> 13.0.2.984+g852d3f1411) corosync (2.4.3 -> 2.4.4) deja-dup (37.1 -> 38.0) desktop-translations (84.87.20180416.e6c83e49 -> 84.87.20180423.2e342f3a) device-mapper dmidecode dpdk (18.02_k4.16.2_1 -> 18.02.1_k4.16.3_1) dracut epiphany (3.28.1 -> 3.28.1.1) ethtool (4.15 -> 4.16) firewalld gcc7 gcc8 (8.0.1+r258445 -> 8.0.1+r259467) gdm (3.28.0 -> 3.28.1) gegl (0.3.30 -> 0.3.34) geoclue2 (2.4.7 -> 2.4.8) gjs (1.52.0 -> 1.52.2) gnome-session (3.28.0 -> 3.28.1) gnome-shell (3.28.0 -> 3.28.1+20180418.b476e851b) gpgme (1.10.0 -> 1.11.1) grub2 gtk2 gtk3 (3.22.29 -> 3.22.30) gtk3-branding-openSUSE (42.1 -> 15.0) ibus iputils kde-l10n kernel-firmware (20180402 -> 20180416) kernel-source (4.16.2 -> 4.16.3) libapparmor (2.12 -> 2.13) libblockdev libeXosip2 libglvnd (0.1.2~20170620~d850cdd -> 1.0.0) libinput (1.10.4 -> 1.10.5) libopenmpt (0.3.7 -> 0.3.8) lvm2 man mutter (3.28.0 -> 3.28.1+20180416.d3d5eb8e1) obs-service-tar_scm (0.8.0.1507129410.0cb2d44 -> 0.8.0.1520581079.e26b0ae) open-iscsi openafs openconnect osinfo-db (20180311 -> 20180416) patch patterns-gnome pcre php7 plasma5-integration pulseaudio python-certifi (2018.1.18 -> 2018.4.16) python-decorator (4.2.1 -> 4.3.0) python-ipaddress (1.0.19 -> 1.0.22) python-qt5 (5.10 -> 5.10.1) rpm samba spice-gtk subversion (1.9.7 -> 1.10.0) sudo sushi (3.24.0 -> 3.28.3) transactional-update (1.28 -> 1.29) udisks2 unbound (1.6.8 -> 1.7.0) usb_modeswitch (2.5.1 -> 2.5.2) util-linux util-linux-systemd wxWidgets-3_0 (3.0.3 -> 3.0.4) xlockmore xorg-x11-server yast2-ftp-server (4.0.4 -> 4.0.5) === Details === ==== Mesa ==== Version update (18.0.0 -> 18.0.1) Subpackages: Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libGL-devel Mesa-libGL1 Mesa-libglapi0 libgbm1 libwayland-egl1 - Update to 18.0.1 * In this release we have: * On the build system to highlight Meson is get improved thorugh several patches that fix issues around it. * On the drivers part, RADV get several fixes: one for multisample regressions on Vega, another around GFX9 buffer views, and a couple of them more to related with avoiding emitting unneeded vertex state. * St/Nine get fixes around face register, lighting constants, math check for inversible matrix, implicit conversions and bad tracking of vertex textures. * Freedreno/a5xx get fixes around missaligned heigh for PIPE_BUFFER, and around page faults. * Several fixes are also enqueued for Intel driver: set right channel_sizes for MOV_INDIRECT sources, set right config registration for uploading to kernel, return the fourcc stored in __DRIimage when possible, fix negative sign in 64-bit return values, fix null destination register in assembly instructions with 3 source operands, a fix for failed TCS/TES shader compilation * Queue also contains a couple of fixes around Gallium drivers, one to fix a typo in code that was causing wrong return value, and another one to fix an unitialized modifier for DRI2. * Mesa core gets a couple of patches to fix issues around overriding OpenGL/ES supported version through environment variables, and a patch to fix an issue with texture samples found in "The Witness" through Wine. * A couple of bugs around unrolling loops have also been fixed, these patches were applied for NIR and GLSL. * On top of above, NIR gets more fixes in a couple of lowering functions used: coalesce in lower_vec_to_movs if vec had a SSA destination, and interp_var_at intrinsic support in lower_indirect_derefs. It also gets a fix around vars_to_ssa function. * Finally, there are other fixes affecting Radeonsi, AC, EGL/Wayland and SPIR-V compiler. - enabled opencl and that way also Mesa-gallium on 42.3 since we now build against llvm 6; this also fixes the requirements from Mesa-32bit to Mesa-gallium-32bit in baselibs.conf (reported by community) ==== Mesa-drivers ==== Version update (18.0.0 -> 18.0.1) Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_radeon libxatracker2 - Update to 18.0.1 * In this release we have: * On the build system to highlight Meson is get improved thorugh several patches that fix issues around it. * On the drivers part, RADV get several fixes: one for multisample regressions on Vega, another around GFX9 buffer views, and a couple of them more to related with avoiding emitting unneeded vertex state. * St/Nine get fixes around face register, lighting constants, math check for inversible matrix, implicit conversions and bad tracking of vertex textures. * Freedreno/a5xx get fixes around missaligned heigh for PIPE_BUFFER, and around page faults. * Several fixes are also enqueued for Intel driver: set right channel_sizes for MOV_INDIRECT sources, set right config registration for uploading to kernel, return the fourcc stored in __DRIimage when possible, fix negative sign in 64-bit return values, fix null destination register in assembly instructions with 3 source operands, a fix for failed TCS/TES shader compilation * Queue also contains a couple of fixes around Gallium drivers, one to fix a typo in code that was causing wrong return value, and another one to fix an unitialized modifier for DRI2. * Mesa core gets a couple of patches to fix issues around overriding OpenGL/ES supported version through environment variables, and a patch to fix an issue with texture samples found in "The Witness" through Wine. * A couple of bugs around unrolling loops have also been fixed, these patches were applied for NIR and GLSL. * On top of above, NIR gets more fixes in a couple of lowering functions used: coalesce in lower_vec_to_movs if vec had a SSA destination, and interp_var_at intrinsic support in lower_indirect_derefs. It also gets a fix around vars_to_ssa function. * Finally, there are other fixes affecting Radeonsi, AC, EGL/Wayland and SPIR-V compiler. - enabled opencl and that way also Mesa-gallium on 42.3 since we now build against llvm 6; this also fixes the requirements from Mesa-32bit to Mesa-gallium-32bit in baselibs.conf (reported by community) ==== apache2 ==== Version update (2.4.29 -> 2.4.33) Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - Updated description for SSLProtocol option. [bsc#1086854] - Updated description (PCI DSS) for SSLProtocol option. [bsc#1086854] - SSLProtocol TLSv1.2 [bsc#1086854] ==== apparmor ==== Version update (2.12 -> 2.13) Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit perl-apparmor python3-apparmor - add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545) - create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package - update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec) - Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch ==== apr ==== Subpackages: apr-devel libapr1 - Add gcc8-integer-overflow.patch to handle an undefined behavior (boo#1090085). ==== babl ==== Version update (0.1.44 -> 0.1.46) - Update to version 0.1.46: + Added extensions with more coverage for u32, half and other utilit fast paths. + Improving fast path coverage. ==== bash ==== Subpackages: bash-doc bash-lang - Add patch bash-4.4-wait-sigint-handler.patch to fix bug bsc#1086247 that is repeating self inserting trap due external command in the trap. ==== branding-openSUSE ==== Subpackages: grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE xfce4-splash-branding-openSUSE yast2-qt-branding-openSUSE - Don't hard-code the system role text color (bsc#1087399) ==== ccache ==== Version update (3.3.6 -> 3.4.2) - Update to version 3.4.2 [bsc#1089879] * The cleanup algorithm has been fixed to not misbehave when files are removed by another process while the cleanup process is running. Previously, too many files could be removed from the cache if multiple cleanup processes were triggered at the same time, in extreme cases trimming the cache to a much smaller size than the configured limits. * Correctly hash preprocessed headers located in a ?.gch directory?. Previously, ccache would not pick up changes to such precompiled headers, risking false positive cache hits. * Fixed build failure when using the bundled zlib sources. * ccache 3.3.5 added a workaround for not triggering Clang errors when a precompiled header?s dependency has an updated timestamp (but identical content). That workaround is now only applied when the compiler is Clang. * Made it possible to perform out-of-source builds in dev mode again. - AUTHORS.*, MANUAL.* and NEWS.* files are now located in the doc directory - Update to version 3.4.1: * Fixed printing of version number in ccache --version. - Changes for version 3.4.0: * The compiler option form --sysroot arg is now handled like the documented --sysroot=arg form. * Added support for caching .su files generated by GCC flag - fstack-usage. * ccache should now work with distcc?s ?pump? wrapper. * The optional unifier is no longer disabled when the direct mode is enabled. * Added support for nvcc compiler options --compiler-bindir/-ccbin, - -output-directory/-odir and --libdevice-directory/-ldir. * Boolean environment variable settings no longer accept the following (case-insensitive) values: 0, false, disable and no. All other values are accepted and taken to mean ?true?. This is to stop users from setting e.g. CCACHE_DISABLE=0 and then expect the cache to be used. * Improved support for run_second_cpp = false: If combined with passing -fdirectives-only (GCC) or frewrite-includes (Clang) to the compiler, diagnostics warnings and similar will be correct. * An implicit -MQ is now passed to the preprocessor only if the object file extension is non-standard. This should make it easier to use EDG-based compilers (e.g. GHS) which don?t understand -MQ. * ccache now treats an unreadable configuration file just like a missing configuration file. * Documented more pitfalls with enabling hard_links (CCACHE_HARDLINK). * Documented caveats related to colored warnings from compilers. * File size and number counters are now updated correctly when files are overwritten in the cache, e.g. when using CCACHE_RECACHE. * run_second_cpp is now forced for nvcc. * Fixed how the nvcc options -optf and -odir are handled. ==== ceph ==== Version update (13.0.1.3204+g17e0216271 -> 13.0.2.984+g852d3f1411) Subpackages: librados2 librbd1 - Update to 13.0.2-984-g852d3f1411: + based on upstream master aaac83abb516f824f1caef470686b1bffeffa8b4 + fixes s390x build failure (bsc#1089291) + introduces liboath0 runtime dependency (bsc#1089302) + fixes RGW SSL deployment - Update to 13.0.2-819-gf64b021d4c: + based on upstream master 3ab655b55d2b363c0352dfbb90caed2ffcd42432 - reduce ceph-test constraints for ppc64le and s390x - Reduce ceph-test constraints on aarch64 ==== corosync ==== Version update (2.4.3 -> 2.4.4) Subpackages: libcmap4 libcorosync_common4 - corosync-2.4.4 is available now(bsc#1089836) man:fix in corosync-qdevice.8 quorumtool: remove duplicated help message cfg: nodeid should be unsigned int coroparse: Use readdir instead of readdir_r wd: fix snprintf warnings Fix compile errors in qdevice on FreeBSD qdevice: mv free(str) after port validation Fix various typos Fix typo: recomended -> recommended man: support SOURCE_DATE_EPOCH configure: add --with-initconfigdir option Use static case blocks to determine distro flavor Use RuntimeDirectory instead of tmpfiles.d coroparse: Do not convert empty uid, gid to 0 sam: Fix snprintf compiler warnings quorumtool: Use full buffer size in snprintf man: Add note about qdevice parallel cmds start sync: Remove unneeded determine sync code sync: Call sync_init of all services at once corosync.conf: publicize nodelist.node.name totemudp[u]: Drop truncated packets on receive logging: Make blackbox configurable logging: Close before and open blackbox after fork init: Quote subshell result properly blackbox: Quote subshell result properly qdevice: quote certutils scripts properly sam_test_agent: Remove unused assignment qdevice: Fix NULL pointer dereference quorumtool: Don't set our_flags without v_handle qdevice: Nodelist is set into string not array qdevice: Check if user_data can be dereferenced qdevice: Add safer wrapper of strtoll qdevice: Replace strtol by strtonum qnetd: Replace strtol by strtonum main: Set errno before calling of strtol totemcrypto: Implement bad crypto header guess cpg: Use list_del instead of qb_list_del totemcrypto: Check length of the packet totemsrp: Implement sanity checks of received msgs totemsrp: Check join and leave msg length totemudp: Check lenght of message to sent qdevice msgio: Fix reading of msg longer than i32 logsys: Avoid redundant callsite section checking man: corosync-qdevice: fix formatting vs. punctuation man: corosync-qdevice: some more stylistics man: fix cpg_mcast_joined.3.in libcpg: Fix issue with partial big packet assembly totempg: Fix fragmentation segfault totempg: use iovec[i].iov_len instead of copy_len totempg: Fix corrupted messages cpg: Handle fragmented message sending interrupt corosync.aug: Add missing options systemd: Delete unnecessary soft_margin Added: corosync-2.4.4.tar.gz 0010-qdevice-net-instance.c-optarg-should-be-str.patch Deleted: 0007-sync-Call-sync_init-of-all-services-at-once.patch 0008-wd-fix-snprintf-warnings.patch 0009-add-config-for-corosync-qnetd.patch 0010-qdevice-mv-free-str-after-port-validation.patch 0011-libcpg-Fix-issue-with-partial-big-packet-assembly.patch 0012-totemudp-u-Drop-truncated-packets-on-receive.patch 0013-logging-Make-blackbox-configurable.patch 0014-logging-Close-before-and-open-blackbox-after-fork.patch 0015-coverity-fixes.patch 0018-bsc#1089346-corosync-Integer-overflow-in-totemcrypto.patch corosync-2.4.3.tar.gz Renamed: 0009-add-config-for-corosync-qnetd.patch -> 0007-add-config-for-corosync-qnetd.patch 0016-bsc#1083561-upgrade-from-1-x-y.patch -> 0008-bsc#1083561-upgrade-from-1-x-y.patch 0017-bsc#1088619-add-version.patch -> 0009-bsc#1088619-add-version.patch ==== deja-dup ==== Version update (37.1 -> 38.0) Subpackages: deja-dup-lang nautilus-deja-dup - Update to version 38.0: + Drop ulimit for monitor process, it was causing crashes. + Fix autoscrolling in progress window. + Exclude snap cache directories by default. + Updated translations. - Add gio-2.0, gio-unix-2.0 and goa-backend-1.0 pkgconfig modules and glib2-tools package BuildRequires to avoid implicit dependencies. - Replace pkgconfig(appstream-builder), dbus-1-x11, update-desktop\ - files and perl-gettext BuildRequires with appstream-glib, dbus-\ 1, desktop-file-utils and gettext-runtime respectively, what meson really looks for. ==== desktop-translations ==== Version update (84.87.20180416.e6c83e49 -> 84.87.20180423.2e342f3a) - Update to version 84.87.20180423.2e342f3a: * Translated using Weblate (Chinese (China)) * Translated using Weblate (Italian) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Slovak) * Translated using Weblate (Spanish) ==== device-mapper ==== Subpackages: libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit - Fix handling of udev CHANGE events with systemd (bsc#1067312) + lvm2-69-dm-lvm-metad.rules-explicit-pvscan-rule.patch + lvm2-69-dm-lvm-metad.rules-set-systemd-vars-on-chang.patch ==== dmidecode ==== - dmioem-reflect-hpe-new-company-name.patch: Reflect HPE's new company name. - dmidecode-fix-tpm-device-firmware-version.patch: Fix firmware version of TPM device. - dmioem-fix-hpe-type-219-uefi-flag.patch: Fix the reporting of HP/HPE UEFI feature. ==== dpdk ==== Version update (18.02_k4.16.2_1 -> 18.02.1_k4.16.3_1) - Update to 18.02.1 - Restrict untrusted guest to misuse virtio to corrupt host application(ovs-dpdk) memory which can lead all VM to lose connectivity(CVE-2018-1059,bsc#1089638). Changes: * Add deprecation notice for rte_vhost_gpa_to_vva() * Patch vhost-net and vhost-scsi examples * Fixes checkpatch warnings * Take VIRTIO_RING_F_EVENT_IDX into account when ring size (Tiwei) * Fix next chuncks translation access rights in Rx paths (Tiwei) * vhost: fix indirect descriptors table translation size * vhost: check all range is mapped when translating GPAs * vhost: introduce safe API for GPA translation * vhost: ensure all range is mapped when translating QVAs * vhost: add support for non-contiguous indirect descs tables * vhost: handle virtually non-contiguous buffers in Tx * vhost: handle virtually non-contiguous buffers in Rx * vhost: handle virtually non-contiguous buffers in Rx-mrg * examples/vhost: move to safe GPA translation API * examples/vhost_scsi: move to safe GPA translation API * vhost/crypto: move to safe GPA translation API * vhost: deprecate unsafe GPA translation API - Enable MLX4/5 PMD only in Factory and >= SLES15 It needs rdma-core >= v16. ==== dracut ==== - Do not attempt to run purge-kernels.service on ro rootfs (bsc#1087880) - 95nfs: If no server is configured, read BOOTSERVERADDR from wicked's leaseinf (boo#1089332) * adds 0566-95nfs-If-no-server-is-configured-read-BOOTSERVERADDR.patch - Remove RH-specific s390 modules (bsc#1086216) ==== epiphany ==== Version update (3.28.1 -> 3.28.1.1) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.28.1.1: + Fix two crashes (bgo#783756 and bgo#794784/bgo#795370). ==== ethtool ==== Version update (4.15 -> 4.16) - Update to new upstream release 4.16 * Feature: add support for extra RSS contexts and RSS steering filters * Feature: Add SFF 8636 date code parsing support * Fix: don't fall back to grxfhindir when context was specified * Fix: correct display of VF when showing vf/queue filters * Fix: show VF and queue in the help for -N * Fix: correct VF index values for the ring_cookie parameter - Fix build for targets not (fully) supporting %license macro ==== firewalld ==== Subpackages: firewall-macros firewalld-lang python3-firewall - Backport upstream patches to add additional services (bsc#1082033) * firewalld-add-additional-services.patch ==== gcc7 ==== Subpackages: cpp7 gcc7-c++ gcc7-fortran gcc7-info gcc7-locale gcc7-objc libasan4 libcilkrts5 libgfortran4 libstdc++6-devel-gcc7 libstdc++6-gcc7-locale libubsan0 - Update gcc7-bnc1087550.diff with latest changes. [bnc#1087550] ==== gcc8 ==== Version update (8.0.1+r258445 -> 8.0.1+r259467) Subpackages: libatomic1 libgcc_s1 libgcc_s1-32bit libgomp1 libitm1 liblsan0 libmpx2 libmpxwrappers2 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libtsan0 - Update to SVN trunk head (r259467). - Update to SVN trunk head (r259308). * contains fix for ios_base::failure ABI breakage. [bnc#1087550] - Remove now obsolete gcc7-bnc1087550.diff. - Set SUSE_ASNEEDED to zero during %install so libasan keeps its NEEDED entry for libstdc++.so. [GCC#84428] - Update to SVN trunk head (r259162). - Enable --enable-fix-cortex-a53-835769 for aarch64. - Add gcc7-bnc1087550.diff to revert the ios_base::failure ABI back to compatible behavior with the default ABI. [bnc#1087550] - Update to SVN trunk head (r259024). * Includes gcc8-pr84990.patch. - Enable --enable-fix-cortex-a53-843419 for aarch64. [bnc#1084812] - Update to SVN trunk head (r258674). * Add gcc8-pr84990.patch to fix bootstrap with Ada. - Switch to release-checking builds. ==== gdm ==== Version update (3.28.0 -> 3.28.1) Subpackages: gdm-lang gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Update to version 3.28.1: + Properly stop boot splash even if local login screen is disabled (bsc#1083646 bgo#795120). + Updated translations. - Rename gdm-disable-wayland-on-mgag200-chipsets.patch to gdm-disable-wayland-on-unsupported-chipsets.patch: add rules for ASPEED ast drivers (boo#1088539). - Clean up specfile: Enable Wayland unconditionally. ==== gegl ==== Version update (0.3.30 -> 0.3.34) Subpackages: gegl-0_3 gegl-0_3-lang libgegl-0_3-0 - Update to version 0.3.34 (CVE-2018-10114): + Core: Change GeglParamSpecSeed from int to uint to match the value range of GeglRandom's seed. + Operations: Limit allocations in ppm-load to 2GB (CVE-2018-10114). - Changes from version 0.3.32: + Operations: - panorama-projection: added reverse transform, which permits using GIMP for retouching zenith, nadir or other arbitrary gaze directions in equirectangular, also known as 360x180 panoramas. - Added abyss-policy to base class for scale ops, making it possible to achieve hard edges on rescaled buffers. + GeglBuffer: - Improved performance and correctness, avoid incorrectly gamma/ungamma correcting alpha in u8 formats, for a tiny 2-3% performance boost. - Keep track of valid/invalid areas on smaller granularity than tiles in mipmap. - Various micro-optimizations in display paths, with minuscle performance impact. ==== geoclue2 ==== Version update (2.4.7 -> 2.4.8) Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0 - Update to version 2.4.8: + Fix threshold for detecting too old location update. + Explain in the configuration what the applications white-list is meant for. + Allow instant location updates from modem-based GPS. + Fix a deadlock case in the helper library. ==== gjs ==== Version update (1.52.0 -> 1.52.2) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.52.2: + This is an unscheuled release in order to revert a commit that causes a crash on exit, with some Cairo versions. + Closed bugs and merge requests: - heapgraph.py: adjust terminal output style (glgo#gnome/gjs#120). - Warn about compilation warnings (glgo#gnome/gjs#125). - Miscellaneous commits. - Update to version 1.52.1: + In addition to System.dumpHeap(), you can now dump a heap from a running Javascript program by starting it with the environment variable GJS_DEBUG_HEAP_OUTPUT=some_name, and sending it SIGUSR1. + Closed bugs: - Crash when resolving promises if exception is pending (glgo#GNOME/gjs#18). - Tools for examining heap graph (glgo#GNOME/gjs#116). - Add support for passing flags to Gio.DBusProxy in makeProxyWrapper (glgo#GNOME/gjs#122). - Cannot instantiate Cairo.Context (glgo#GNOME/gjs#126). - GISCAN GjsPrivate-1.0.gir fails (glgo#GNOME/gjs#128). - Invalid read of g_object_finalized flag (glgo#GNOME/gjs#129). - Pick a different C++ linter. - profiler: Don't assume layout of struct sigaction. - Update tweener.js. - Various maintenance. ==== gnome-session ==== Version update (3.28.0 -> 3.28.1) Subpackages: gnome-session-core gnome-session-default-session gnome-session-lang gnome-session-wayland - Update to version 3.28.1: + Tell libICE to stop opening a TCP socket. + Shore up permissions of .config. + Updated translations. - Add pkgconfig(gio-2.0) to avoid implicit dependencies. - Drop update-desktop-files and suse_update_desktop_file macro, tcpd devel package and xau, xext, xrender and xsts pkgconfig modules BuildRequires: they are no longer used/required anymore. ==== gnome-shell ==== Version update (3.28.0 -> 3.28.1+20180418.b476e851b) Subpackages: gnome-shell-browser-plugin gnome-shell-calendar gnome-shell-lang - Update to version 3.28.1+20180418.b476e851b: + workspaceThumbnail: - Only update _porthole if the overview is visible - Rebuild thumbnails if workareas size changed - Initialize porthole based on workArea + popupMenu: Fix wrong call to clutter_actor_add_child() + utils: Simplify URL regex to only support one layer of parentheses + polkitAgent: Hide authentication dialogs while locked + workspace: Don't move focus unconditionally + networkAgent: Use libnm for plugin loading + worldClock: Handle named timezones - Switch back to using git-checkout via source-service, upstream seems unable to produce tarballs. - Drop unneeded NetworkManager-gnome Recommends. ==== gpgme ==== Version update (1.10.0 -> 1.11.1) Subpackages: libgpgme-devel libgpgme11 libgpgmepp6 libqgpgme7 - update to 1.11.1: * Fixed build problems in the 1.11.0 releas drop gpgme-1.11-fix-gpgme-json-rpath.patch, drop gpgme-1.11-fix-tests.patch * Added C++ interfaces which were planned for 1.11.0 - Update to 1.11 * New encryption API to support direct key specification including hidden recipients option and taking keys from a file. This also allows to enforce the use of a subkey. * New encryption flag for the new API to enforce the use of plain mail addresses (addr-spec). * The import API can now tell whether v3 keys are skipped. These old and basically broken keys are not anymore supported by GnuPG 2.1. * The decrypt and verify API will now return the MIME flag as specified by RFC-4880bis. * The offline mode now has an effect on gpg by disabling all network access. * A failed OpenPGP verification how returns the fingerprint of the intended key if a recent gpg version was used for signature creation. * Various minor fixes. - Dropped patch 0001-core-Tweak-STATUS_FAILURE-handling.patch, since it is included upstream now. - add gpgme-1.11-fix-gpgme-json-rpath.patch to remove rpath - add gpgme-1.11-fix-tests.patch to fix tests ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Fallback to raw mode if Open Firmware returns invalid ihandler (bsc#1071559) * grub2-ieee1275-open-raw-mode.patch ==== gtk2 ==== Subpackages: gtk2-data gtk2-devel gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-vietnamese gtk2-immodule-xim gtk2-lang gtk2-tools gtk2-tools-32bit libgtk-2_0-0 libgtk-2_0-0-32bit typelib-1_0-Gtk-2_0 - Update _service to point to new https://gitlab.gnome.org/GNOME/gtk.git home. ==== gtk3 ==== Version update (3.22.29 -> 3.22.30) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Update to version 3.22.30: + gtk-demo has a new 'Widgetbowl' demo. + The wayland backend now supports the stable xdg-shell protocol. + Bugs fixed: glgo#GNOME/GTK#28, glgo#GNOME/GTK#83, glgo#GNOME/GTK#88, glgo#GNOME/GTK#114, glgo#GNOME/GTK#129, glgo#GNOME/GTK#132, glgo#GNOME/GTK#141, glgo#GNOME/GTK#146, glgo#GNOME/GTK#156, glgo#GNOME/GTK#157, glgo#GNOME/GTK#163, bgo#705509, bgo#745128, bgo#748784, bgo#791939, bgo#792632, bgo#793062. ==== gtk3-branding-openSUSE ==== Version update (42.1 -> 15.0) - Mark /etc/gtk-3.0/settings.ini as config(noreplace) (boo#1087507). - Build package for SLE and openSUSE using multibuild. ==== ibus ==== Subpackages: ibus-gtk ibus-gtk-32bit ibus-gtk3 ibus-lang libibus-1_0-5 libibus-1_0-5-32bit typelib-1_0-IBus-1_0 - Fix filelist for SLE. ==== iputils ==== Subpackages: rarpd - Backport license information from upstream (bnc#1082788): iputils-add-license-info.diff ==== kde-l10n ==== Subpackages: kde-l10n-cs kde-l10n-da kde-l10n-da-data kde-l10n-da-doc kde-l10n-de kde-l10n-de-data kde-l10n-de-doc kde-l10n-el kde-l10n-en_GB kde-l10n-en_GB-data kde-l10n-en_GB-doc kde-l10n-es kde-l10n-es-data kde-l10n-es-doc kde-l10n-fr kde-l10n-fr-data kde-l10n-hu kde-l10n-it kde-l10n-it-data kde-l10n-it-doc kde-l10n-ja kde-l10n-pl kde-l10n-pl-data kde-l10n-pt kde-l10n-pt_BR kde-l10n-pt_BR-data kde-l10n-ru kde-l10n-ru-data kde-l10n-zh_CN kde-l10n-zh_TW - Remove kopete mo files which are conflicting with the tarball ==== kernel-firmware ==== Version update (20180402 -> 20180416) Subpackages: ucode-amd - Update to version 20180416: * linux-firmware: update wil6210 firmware to 5.2.0.18 * linux-firmware: rsi: update firmware images for Redpine 9113 chipset * iwlwifi: update firmwares for 3160, 3168 and 7265 * iwlwifi: add some new FW versions and update older ones - fixed new style modalias detection too for AMD CPUs in ucode-amd, it can only use 1 : (bsc#1084687) ==== kernel-source ==== Version update (4.16.2 -> 4.16.3) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Linux 4.16.3 (bnc#1012628). - cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012628). - rds: MP-RDS may use an invalid c_path (bnc#1012628). - slip: Check if rstate is initialized before uncompressing (bnc#1012628). - vhost: fix vhost_vq_access_ok() log check (bnc#1012628). - l2tp: fix races in tunnel creation (bnc#1012628). - l2tp: fix race in duplicate tunnel detection (bnc#1012628). - ip_gre: clear feature flags when incompatible o_flags are set (bnc#1012628). - vhost: Fix vhost_copy_to_user() (bnc#1012628). - lan78xx: Correctly indicate invalid OTP (bnc#1012628). - sparc64: Properly range check DAX completion index (bnc#1012628). - media: v4l2-compat-ioctl32: don't oops on overlay (bnc#1012628). - media: v4l: vsp1: Fix header display list status check in continuous mode (bnc#1012628). - ipmi: Fix some error cleanup issues (bnc#1012628). - parisc: Fix out of array access in match_pci_device() (bnc#1012628). - parisc: Fix HPMC handler by increasing size to multiple of 16 bytes (bnc#1012628). - iwlwifi: add a bunch of new 9000 PCI IDs (bnc#1012628). - Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bnc#1012628). - PCI: hv: Serialize the present and eject work items (bnc#1012628). - PCI: hv: Fix 2 hang issues in hv_compose_msi_msg() (bnc#1012628). - KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode (bnc#1012628). - perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012628). - perf intel-pt: Fix sync_switch (bnc#1012628). - perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012628). - perf intel-pt: Fix timestamp following overflow (bnc#1012628). - perf/core: Fix use-after-free in uprobe_perf_close() (bnc#1012628). - radeon: hide pointless #warning when compile testing (bnc#1012628). - x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bnc#1012628). - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bnc#1012628). - x86/mce/AMD: Get address from already initialized block (bnc#1012628). - ath9k: Protect queue draining by rcu_read_lock() (bnc#1012628). - x86/uapi: Fix asm/bootparam.h userspace compilation errors (bnc#1012628). - x86/apic: Fix signedness bug in APIC ID validity checks (bnc#1012628). - sunrpc: remove incorrect HMAC request initialization (bnc#1012628). - f2fs: fix heap mode to reset it back (bnc#1012628). - block: Change a rcu_read_{lock,unlock}_sched() pair into rcu_read_{lock,unlock}() (bnc#1012628). - nvme: Skip checking heads without namespaces (bnc#1012628). - lib: fix stall in __bitmap_parselist() (bnc#1012628). - zboot: fix stack protector in compressed boot phase (bnc#1012628). - blk-mq: Directly schedule q->timeout_work when aborting a request (bnc#1012628). - blk-mq: order getting budget and driver tag (bnc#1012628). - blk-mq: make sure that correct hctx->next_cpu is set (bnc#1012628). - blk-mq: don't keep offline CPUs mapped to hctx 0 (bnc#1012628). - ovl: Set d->last properly during lookup (bnc#1012628). - ovl: fix lookup with middle layer opaque dir and absolute path redirects (bnc#1012628). - ovl: set i_ino to the value of st_ino for NFS export (bnc#1012628). - ovl: set lower layer st_dev only if setting lower st_ino (bnc#1012628). - xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bnc#1012628). - hugetlbfs: fix bug in pgoff overflow checking (bnc#1012628). - nfsd: fix incorrect umasks (bnc#1012628). - scsi: scsi_dh: Don't look for NULL devices handlers by name (bnc#1012628). - scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bnc#1012628). - Revert "scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte()" (bnc#1012628). - apparmor: fix logging of the existence test for signals (bnc#1012628). - apparmor: fix display of .ns_name for containers (bnc#1012628). - apparmor: fix resource audit messages when auditing peer (bnc#1012628). - block/loop: fix deadlock after loop_set_status (bnc#1012628). - nfit: fix region registration vs block-data-window ranges (bnc#1012628). - s390/qdio: don't retry EQBS after CCQ 96 (bnc#1012628). - s390/qdio: don't merge ERROR output buffers (bnc#1012628). - s390/ipl: ensure loadparm valid flag is set (bnc#1012628). - s390/compat: fix setup_frame32 (bnc#1012628). - get_user_pages_fast(): return -EFAULT on access_ok failure (bnc#1012628). - mm/gup_benchmark: handle gup failures (bnc#1012628). - getname_kernel() needs to make sure that ->name != ->iname in long case (bnc#1012628). - Bluetooth: Fix connection if directed advertising and privacy is used (bnc#1012628). - Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low (bnc#1012628). - rtl8187: Fix NULL pointer dereference in priv->conf_mutex (bnc#1012628). - Refresh patches.suse/0001-AppArmor-basic-networking-rules.patch. - commit 771261a - resource: fix integer overflow at reallocation (bsc#1086739). - commit 4cf2593 - Update tags of upstreamed patches Refresh patches.suse/Revert-drm-amd-display-disable-CRTCs-with-NULL-FB.patch patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch - commit e2aa76d - objtool, perf: Fix GCC 8 -Wrestrict error (bsc#1084620). - commit 0c6114f - supported.conf: update from openSUSE-15.0 - commit 4ef3f17 - Revert "drm/amd/display: disable CRTCs with NULL FB on their primary plane (V2)" (bsc#1089615, bsc#1088902). - commit e881e16 - arm64: Update config files. (bsc#1089764) Increase NR_CPUS to 384 - commit 6f06d9e ==== libapparmor ==== Version update (2.12 -> 2.13) Subpackages: libapparmor-devel libapparmor1 libapparmor1-32bit - update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog ==== libblockdev ==== Subpackages: libblockdev2 - Resplit plugins to avoid pulling clusterlvm support by default into the dependency chain (bsc#1086447). ==== libeXosip2 ==== Subpackages: libeXosip2-12 libeXosip2-devel - apply openssl110-fix.patch for Leap >= 15.0 only ==== libglvnd ==== Version update (0.1.2~20170620~d850cdd -> 1.0.0) Subpackages: libglvnd-32bit libglvnd-devel - update to release 1.0.0 * Now that both the EGL and GLX interfaces are defined and stable, set the package version to 1.0.0. * Changes + GLX: Fix an error in handling GLX dispatch stubs. + EGL: Fix handling a malloc failure in eglQueryString. + GLdispatch: Clean up the assembly dispatch code. + GLdispatch aarch64: Align the dispatch stubs to a 64K page size. + Fix typo in _LIBRARY_FEATURE_NAMES. + Merge pull request #131 from michalsrb/fix-missing-gles-symbols + Merge branch 'fix-aarch64-page-size' + Convert lq/stq instructions + Merge pull request #125 from kbrenneman/ppc64le-convert-lq-stq + Don't #define USE_ASM (defined(USE_X86_ASM) || ... ) + Remove -Wno-misleading-indentation + Remove the cJSON README and tests + Update cJSON to version 1.5.9 + Merge pull request #135 from aaronp24/remove-misleading-indentation + Fix memory leak in LoadVendorsFromConfigDir + Cleanup winsys dispatch index list on EGL mapping teardown + Merge pull request #137 from polarina/memleak + Set package version to 1.0.0. - supersedes U_Fix-typo-in-LIBRARY_FEATURE_NAMES.patch ==== libinput ==== Version update (1.10.4 -> 1.10.5) Subpackages: libinput-udev libinput10 - Update to new bugfix release 1.10.5 * The Logitech K400 has button debouncing disabled to avoid missing double-taps. The Dell XPS13 L322X had the touchpad pressure ranges added to provide better responsiveness. And the Lenovo T440, T450s and X280 laptops had the trackpoint ranges added to provide better trackpoint acceleration. ==== libopenmpt ==== Version update (0.3.7 -> 0.3.8) Subpackages: libmodplug1 libopenmpt0 - Update to 0.3.8 * [Sec] Possible out-of-bounds memory read with IT / ITP / MO3 files containing pattern loops. * Keep track of active SFx macro during seeking. * The "note cut" duplicate note action did not volume-ramp the previously playing sample. * A song starting with non-existing patterns could not be played. * DSM: Support restart position and 16-bit samples. * DTM: Import global volume. ==== lvm2 ==== Subpackages: liblvm2app2_2 liblvm2cmd2_02 - Fix handling of udev CHANGE events with systemd (bsc#1067312) + lvm2-69-dm-lvm-metad.rules-explicit-pvscan-rule.patch + lvm2-69-dm-lvm-metad.rules-set-systemd-vars-on-chang.patch ==== man ==== - Skip cron job for cleaning /var/cache/man as there exists /usr/lib/tmpfiles.d/man-db.conf ==== mutter ==== Version update (3.28.0 -> 3.28.1+20180416.d3d5eb8e1) Subpackages: libmutter-2-0 mutter-data mutter-lang - Update to version 3.28.1+20180416.d3d5eb8e1: + idle-monitor: Add ResetIdletime API, for testing purposes + backend: Reset idle when lid is opened or resuming from suspend + idle-monitor: Take idle inhibition into account + x11: Allow XTest and core events to reset idletime + backends: Remove X11 idle-monitor backend + wayland: Plug surface pending state contents leak + monitor-manager: fix output ids returned by GetResources + native: Disable the use of KMS modifiers by default + Updated translations. - Switch back to using git-checkout via source-service, upstream seems unable to produce tarballs. - Following the above, add libtool BuildRequires and pass autogen.sh to bootstrap. ==== obs-service-tar_scm ==== Version update (0.8.0.1507129410.0cb2d44 -> 0.8.0.1520581079.e26b0ae) Subpackages: obs-service-obs_scm obs-service-obs_scm-common - python-unittest2 is only required for the optional make check - Update to version 0.8.0.1520581079.e26b0ae: * make installation of scm's optional * add a lot more detail to README * Git clone with --no-checkout in prepare_working_copy * Refactor and simplify git prepare_working_copy * Cleanup flake8 checks * Only use current dir if it actually looks like git (Fixes #202) * reactivate test_obscpio_extract_d * fix broken test create_archive * fix broken tests for broken-links * changed PREFIX in Gnumakefile to /usr * new cli option --skip-cleanup * fix for broken links * fix reference to snapcraft YAML file * fix docstring typo in TarSCM.scm.tar.fetch_upstream * acknowledge deficiencies in dev docs * wrap long lines in README ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_1_0 - Added upstream patch to allow host_id of 0 (bsc#1089687), updating: * open-iscsi-SUSE-latest.diff.bz2 - Added 2 upstream commits to address issue of iscsi_if.h stayig in sync with kernel vesion (bsc#1086344), updating: * open-iscsi-SUSE-latest.diff.bz2 ==== openafs ==== Subpackages: openafs-client openafs-kmp-default - remove package krb5-mit. It contained binaries for server and client. Besides, client and server already had an implicit dependency on krb5. Put the binaries to client and server-package respectively. - Remove openafs-1.8.x.heimdal.patch and everything heimdal-related. SUSE does not provide a proper heimdal and it's untested for a long time. ==== openconnect ==== Subpackages: openconnect-devel openconnect-lang - Add BuildRequires pkgconfig(libpcsclite/libpskc) to enable liboath (TOTP/HOTP) and yubikey support. ==== osinfo-db ==== Version update (20180311 -> 20180416) - fate#322156 - Update database to version 20180416 osinfo-db-20180416.tar.xz ==== patch ==== - Add ed as BuildRequires so ed-style patches can be checked by the test suite. Fix CVE-2018-1000156 (bsc#1088420, savannah#53566). - ed-style-01-missing-input-files.patch: Allow input files to be missing for ed-style patches. - ed-style-02-fix-arbitrary-command-execution.patch, ed-style-03-update-test-Makefile.patch: Fix arbitrary command execution in ed-style patches. - ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead of using the shell. - ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script. - ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure. ==== patterns-gnome ==== Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_ide patterns-gnome-gnome_imaging patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia patterns-gnome-gnome_office patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome - Do not recommend pulseaudio-modules-lirc/bluetooth/zeroconf, use supplements in pulseaudio subpackages instead (bsc#1087207). ==== pcre ==== Subpackages: libpcre1 libpcre1-32bit libpcre16-0 libpcrecpp0 libpcreposix0 pcre-devel - Do not run profiling 'check' in parallel to make package build reproducible (boo#1040589) ==== php7 ==== Subpackages: apache2-mod_php7 php7-bcmath php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-devel php7-dom php7-exif php7-fastcgi php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-json php7-ldap php7-mbstring php7-mysql php7-odbc php7-openssl php7-pdo php7-pear php7-pear-Archive_Tar php7-pgsql php7-shmop php7-snmp php7-sockets php7-sqlite php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-wddx php7-xmlreader php7-xmlwriter php7-xsl php7-zip php7-zlib - apache2-mod_php7 does not provide libphp7.so [bsc#1089487] ==== plasma5-integration ==== Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Add Fix-initial-directory-selection-for-remote-files.patch to show the proper (remote) directory also for remote files when opening KDE's file dialog (boo#1085364, kde#374913) ==== pulseaudio ==== Subpackages: libpulse-devel libpulse-mainloop-glib0 libpulse0 pulseaudio-bash-completion pulseaudio-lang pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils - Add Supplements: packageand on zeroconf, lirc, bluetooth subpackages to have them selected for installation automatically instead of relying on patterns (bsc#1087207). ==== python-certifi ==== Version update (2018.1.18 -> 2018.4.16) - update to 2018.4.16 * Remove Elektronik Sertifika Hizket from cacert.pem - This is noop as we use our cacert list from /etc/ssl/ca-bundle.pem ==== python-decorator ==== Version update (4.2.1 -> 4.3.0) Subpackages: python2-decorator python3-decorator - Ensure neutrality of description. - update to version 4.3.0: * Extended the decorator family facility to work with positional arguments and updated the documentation. Removed decorator.getargspec and provided decorator.getfullargspec instead. This is convenient for users of Python 2.6/2.7, the others can just use inspect.getfullargspec. ==== python-ipaddress ==== Version update (1.0.19 -> 1.0.22) - Install license file - update to version v1.0.22: * Avoid using assertRaises as a context manager ==== python-qt5 ==== Version update (5.10 -> 5.10.1) Subpackages: python-qt5-utils python3-qt5 - Remove source URL to workaround SourceForge's unreliability - Update to version v5.10.1 * Added support for Qt v5.10.1. * Added the missing qmlClearTypeRegistrations() to the QtQml module. * Added the --disabled-feature option to configure.py. ==== rpm ==== Subpackages: rpm-build rpm-devel - move -fprofile-update=atomic before -fprofile-generate - Enable -fprofile-update=atomic for PGO (boo#1040589). ==== samba ==== Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-dsdb-modules samba-kdc samba-kdc-32bit samba-libs samba-libs-32bit samba-python samba-winbind samba-winbind-32bit - Use new foreground execution flags for systemd samba daemons; (bsc#1088574); (bsc#1071090); (bsc#1065551); + Add %post scriptlet to clear old sysconfig flags - Update vendor-files to commit 880b3e7. + Set samba sysconfig template variables to "" + Add required daemon flags directly to systemd unit ==== spice-gtk ==== Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper libspice-client-gtk-3_0-5 libspice-controller0 typelib-1_0-SpiceClientGlib-2_0 typelib-1_0-SpiceClientGtk-3_0 - Partially fix bsc#1074144, where we have keymapping issues under Xwayland. + Add the following upstream patch: + Use-scancode-instead-of-keycode-names.patch ==== subversion ==== Version update (1.9.7 -> 1.10.0) Subpackages: libsvn_auth_gnome_keyring-1-0 subversion-bash-completion subversion-devel subversion-perl subversion-python subversion-server subversion-tools - Apache Subversion 1.10.0: * new conflict resolver * Many bug fixes and enhancements * lz4 compression for the repositories * https://subversion.apache.org/docs/release-notes/1.10.html - Packaging changes; * Convert dependencies to pkgconfig counterparts * Add dependency on liblz4 and utf8proc * Use %license (boo#1082318) * build with KDE5 KWallet support - Refresh patches: * subversion-1.8.0-rpath.patch * subversion-no-build-date.patch * subversion-fix-parallel-build-support-for-perl-bindings.patch * subversion-perl-underlinking.patch - dropped patches: * subversion-1.8.11-autocheck-time.patch, upstream * subversion-1.9.0-allow-httpd-2.4.6.patch, no longer required - Add subversion-1.10.0-fix-svn-version-gnome-keyring.patch to list GNOME keyring support in svn --version when using libsecret ==== sudo ==== - integrate pam_keyinit pam module [bsc#1081947] * add sudo-i.pamd PAM configuration file and install it as /etc/pam.d/sudo-i * add "session optional pam_keyinit.so revoke" to sudo.pamd and "session optional pam_keyinit.so force revoke" to sudo-i.pamd * add "--with-pam-login" build option to enable specific PAM session for "sudo -i" - make pam configuration files (noreplace) - reorganize Sources ==== sushi ==== Version update (3.24.0 -> 3.28.3) Subpackages: sushi-lang - Update to version 3.28.3: + Fix another LibreOffice to PDF conversion regression (hopefully for good this time). - Update to version 3.28.2: + Fix another LibreOffice to PDF conversion regression. - Changes from version 3.28.1: + Fix LibreOffice to PDF conversion regression. + Add support for docx/pptx/xlsx MIME types. - Changes from version 3.28.0: + Add support for GIF animations. + Use LibreOffice directly instead of unoconv. + Prefer LibreOffice from flatpak when installed. - Drop unoconv BuildRequires and Recommends, following upstream changes. - Replace gobject-introspection-devel with pkgconfig(gobject-introspection-1.0) BuildRequires. - Drop no longer needed post(un) handling of glib2_gsettings_schema_post(un) and glib2_gsettings_schema_requires macro. ==== transactional-update ==== Version update (1.28 -> 1.29) - Update to version 1.29 - Implement self-update - Disable optical media on dup - Ignore certain zypper return codes ==== udisks2 ==== Subpackages: libudisks2-0 udisks2-lang - Require specific libblockdev plugins in due udisks2's modules, following libblockdev's plugins split (bsc#1086447). - Drop redundant libblockdev-devel BuildRequires: it is not needed once its pkgconfig module is already a requirement. ==== unbound ==== Version update (1.6.8 -> 1.7.0) Subpackages: libunbound2 unbound-anchor - Commented configuration directive dlv-anchor-file: in unbound.conf (see bsc#1055060). The DLV key file is deliberately still shipped in the package so users could easily re-enable this. - update to 1.7.0 Features - auth-zone provides a way to configure RFC7706 from unbound.conf, eg. with auth-zone: name: "." for-downstream: no for-upstream: yes fallback-enabled: yes and masters or a zonefile with data. - Aggressive use of NSEC implementation. Use cached NSEC records to generate NXDOMAIN, NODATA and positive wildcard answers. - Accept tls-upstream in unbound.conf, the ssl-upstream keyword is also recognized and means the same. Also for tls-port, tls-service-key, tls-service-pem, stub-tls-upstream and forward-tls-upstream. - [dnscrypt] introduce dnscrypt-provider-cert-rotated option, from Manu Bretelle. This option allows handling multiple cert/key pairs while only distributing some of them. In order to reliably match a client magic with a given key without strong assumption as to how those were generated, we need both key and cert. Likewise, in order to know which ES version should be used. On the other hand, when rotating a cert, it can be desirable to only serve the new cert but still be able to handle clients that are still using the old certs's public key. The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not publish the cert as part of the DNS's provider_name's TXT answer. - Update B root ipv4 address. - make ip-transparent option work on OpenBSD. - Fix #2801: Install libunbound.pc. - ltrace.conf file for libunbound in contrib. - Fix #3598: Fix swig build issue on rhel6 based system. configure --disable-swig-version-check stops the swig version check. Bug Fixes - Fix #1749: With harden-referral-path: performance drops, due to circular dependency in NS and DS lookups. - [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert duplicates - Better documentation for cache-max-negative-ttl. - Fixed libunbound manual typo. - Fix #1949: [dnscrypt] make provider name mismatch more obvious. - Fix #2031: Double included headers - Document that errno is left informative on libunbound config read fail. - iana port update. - Fix #1913: ub_ctx_config is under circumstances thread-safe. - Fix #2362: TLS1.3/openssl-1.1.1 not working. - Fix #2034 - Autoconf and -flto. - Fix #2141 - for libsodium detect lack of entropy in chroot, print a message and exit. - Fix #2492: Documentation libunbound. - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is set for stub zone. It no longer searches for DNSSEC information. - Fix #3299 - forward CNAME daisy chain is not working - Fix link failure on OmniOS. - Check whether --with-libunbound-only is set when using --with-nettle or --with-nss. - Fix qname-minimisation documentation (A QTYPE, not NS) - Fix that DS queries with referral replies are answered straight away, without a repeat query picking the DS from cache. The correct reply should have been an answer, the reply is fixed by the scrubber to have the answer in the answer section. - Fix that expiration date checks don't fail with clang -O2. - Fix queries being leaked above stub when refetching glue. - Copy query and correctly set flags on REFUSED answers when cache snooping is not allowed. - make depend: code dependencies updated in Makefile. - Fix #3397: Fix that cachedb could return a partial CNAME chain. - Fix #3397: Fix that when the cache contains an unsigned DNAME in the middle of a cname chain, a result without the DNAME could be returned. - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file for startup scripts to get the full pathname(s) of anchor file(s). - Print fatal errors about remote control setup before log init, so that it is printed to console. - Use NSEC with longest ce to prove wildcard absence. - Only use *.ce to prove wildcard absence, no longer names. - Fix unfreed locks in log and arc4random at exit of unbound. - Fix lock race condition in dns cache dname synthesis. - Fix #3451: dnstap not building when you have a separate build dir. And removed protoc warning, set dnstap.proto syntax to proto2. - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test) - Unit test for auth zone https url download. - tls-cert-bundle option in unbound.conf enables TLS authentication. - Fixes for clang static analyzer, the missing ; in edns-subnet/addrtree.c after the assert made clang analyzer produce a failure to analyze it. - Fix #3505: Documentation for default local zones references wrong RFC. - Fix #3494: local-zone noview can be used to break out of the view to the global local zone contents, for queries for that zone. - Fix for more maintainable code in localzone. - more robust cachedump rrset routine. - Save wildcard RRset from answer with original owner for use in aggressive NSEC. - Fixup contrib/fastrpz.patch so that it applies. - Fix compile without threads, and remove unused variable. - Fix compile with staticexe and python module. - Fix nettle compile. - Fix to check define of DSA for when openssl is without deprecated. - iana port update. - Fix #3582: Squelch address already in use log when reuseaddr option causes same port to be used twice for tcp connections. - Reverted fix for #3512, this may not be the best way forward; although it could be changed at a later time, to stay similar to other implementations. - Fix for windows compile. - Fixed contrib/fastrpz.patch, even though this already applied cleanly for me, now also for others. - patch to log creates keytag queries, from A. Schulze. - patch suggested by Debian lintian: allow to -> allow one to, from A. Schulze. - Attempt to remove warning about trailing whitespace. - Added documentation for aggressive-nsec: yes. ==== usb_modeswitch ==== Version update (2.5.1 -> 2.5.2) Subpackages: usb_modeswitch-data - Update to version 2.5.2 * Bugfix release: fixed additional MessageContent parameters not working, reported by Frank Schmirler (see http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18369). * Fixed "early crash" when killed before libusb context initialization (see https://bugzilla.redhat.com/show_bug.cgi?id=1358472), reported by Lubomir Rinteln. * Fixed bad string reference, reported by Lubomir Rintel, (see http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18238). * Fixed detection of systemd if /sbin/init is a cascaded symlink (see http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18218). * Fixed quirk in help message from usb_modeswitch binary. ==== util-linux ==== Subpackages: libblkid-devel libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit util-linux-lang - Integrate pam_keyinit pam module (boo#1081947, su-l.pamd, runuser-l.pamd, runuser.pamd). - su.default: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7); add one-time wrapper forcing ALWAYS_SET_PATH on upgrade. ==== util-linux-systemd ==== - Integrate pam_keyinit pam module (boo#1081947, su-l.pamd, runuser-l.pamd, runuser.pamd). - su.default: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7); add one-time wrapper forcing ALWAYS_SET_PATH on upgrade. ==== wxWidgets-3_0 ==== Version update (3.0.3 -> 3.0.4) - Bump soversion.diff for 3.0.4 - update to 3.0.4 * Don't crash on trailing '%' in wxDateTime::Format(). * Fix various problems when parsing invalid ZIP files. * Fix generic wxTimePickerCtrl to accept max values from keyboard. * Multiple surrogate-related fixes in UTF-16 support. * Fix reading wide character data in wxFile::ReadAll(). * Make parsing WAV data more robust. * Fix copy ctor in numeric validators classes. * Fix memory leak when wxDataViewCtrl is deleted. * Avoid some GTK+ run-time errors when using wx{File,Dir}PickerCtrl. - rebase patch soversion.diff ==== xlockmore ==== - remove dependency on gpg-offline, part of source services now ==== xorg-x11-server ==== Subpackages: xorg-x11-server-sdk xorg-x11-server-wayland - U_glx-Do-not-call-into-Composite-if-it-is-disabled.patch * Fixes crash when GLX is enabled and Composite disabled. (bnc#1079607) - n_add-dummy-xf86DisableRandR.patch * Add dummy xf86DisableRandR to fix linking with drivers that still call it. See explanation inside the patch. (bnc#1089601) - U_xfree86-Remove-broken-RANDR-disabling-logic-v4.patch * Fix crash on initialization when fbdev and modesetting are used together. (bnc#1068961) - u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch * Fix crash when using randr when fbdev and modesetting are used together. (bnc#1068961) ==== yast2-ftp-server ==== Version update (4.0.4 -> 4.0.5) - bsc#1090387 - Do not cache widgets description until the ftp dialog is really run to avoid showing an out of date firewall description (the vsftpd package provides the firewalld service definition) - 4.0.5 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org