Mailinglist Archive: opensuse-factory (930 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20180424 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180424

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
Mesa (18.0.0 -> 18.0.1)
Mesa-drivers (18.0.0 -> 18.0.1)
apache2 (2.4.29 -> 2.4.33)
apparmor (2.12 -> 2.13)
apr
babl (0.1.44 -> 0.1.46)
bash
branding-openSUSE
ccache (3.3.6 -> 3.4.2)
ceph (13.0.1.3204+g17e0216271 -> 13.0.2.984+g852d3f1411)
corosync (2.4.3 -> 2.4.4)
deja-dup (37.1 -> 38.0)
desktop-translations (84.87.20180416.e6c83e49 -> 84.87.20180423.2e342f3a)
device-mapper
dmidecode
dpdk (18.02_k4.16.2_1 -> 18.02.1_k4.16.3_1)
dracut
epiphany (3.28.1 -> 3.28.1.1)
ethtool (4.15 -> 4.16)
firewalld
gcc7
gcc8 (8.0.1+r258445 -> 8.0.1+r259467)
gdm (3.28.0 -> 3.28.1)
gegl (0.3.30 -> 0.3.34)
geoclue2 (2.4.7 -> 2.4.8)
gjs (1.52.0 -> 1.52.2)
gnome-session (3.28.0 -> 3.28.1)
gnome-shell (3.28.0 -> 3.28.1+20180418.b476e851b)
gpgme (1.10.0 -> 1.11.1)
grub2
gtk2
gtk3 (3.22.29 -> 3.22.30)
gtk3-branding-openSUSE (42.1 -> 15.0)
ibus
iputils
kde-l10n
kernel-firmware (20180402 -> 20180416)
kernel-source (4.16.2 -> 4.16.3)
libapparmor (2.12 -> 2.13)
libblockdev
libeXosip2
libglvnd (0.1.2~20170620~d850cdd -> 1.0.0)
libinput (1.10.4 -> 1.10.5)
libopenmpt (0.3.7 -> 0.3.8)
lvm2
man
mutter (3.28.0 -> 3.28.1+20180416.d3d5eb8e1)
obs-service-tar_scm (0.8.0.1507129410.0cb2d44 -> 0.8.0.1520581079.e26b0ae)
open-iscsi
openafs
openconnect
osinfo-db (20180311 -> 20180416)
patch
patterns-gnome
pcre
php7
plasma5-integration
pulseaudio
python-certifi (2018.1.18 -> 2018.4.16)
python-decorator (4.2.1 -> 4.3.0)
python-ipaddress (1.0.19 -> 1.0.22)
python-qt5 (5.10 -> 5.10.1)
rpm
samba
spice-gtk
subversion (1.9.7 -> 1.10.0)
sudo
sushi (3.24.0 -> 3.28.3)
transactional-update (1.28 -> 1.29)
udisks2
unbound (1.6.8 -> 1.7.0)
usb_modeswitch (2.5.1 -> 2.5.2)
util-linux
util-linux-systemd
wxWidgets-3_0 (3.0.3 -> 3.0.4)
xlockmore
xorg-x11-server
yast2-ftp-server (4.0.4 -> 4.0.5)

=== Details ===

==== Mesa ====
Version update (18.0.0 -> 18.0.1)
Subpackages: Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libGL-devel
Mesa-libGL1 Mesa-libglapi0 libgbm1 libwayland-egl1

- Update to 18.0.1
* In this release we have:
* On the build system to highlight Meson is get improved thorugh several
patches
that fix issues around it.
* On the drivers part, RADV get several fixes: one for multisample
regressions on
Vega, another around GFX9 buffer views, and a couple of them more to related
with avoiding emitting unneeded vertex state.
* St/Nine get fixes around face register, lighting constants, math check for
inversible matrix, implicit conversions and bad tracking of vertex textures.
* Freedreno/a5xx get fixes around missaligned heigh for PIPE_BUFFER, and
around
page faults.
* Several fixes are also enqueued for Intel driver: set right channel_sizes
for
MOV_INDIRECT sources, set right config registration for uploading to kernel,
return the fourcc stored in __DRIimage when possible, fix negative sign in
64-bit return values, fix null destination register in assembly instructions
with 3 source operands, a fix for failed TCS/TES shader compilation
* Queue also contains a couple of fixes around Gallium drivers, one to fix a
typo
in code that was causing wrong return value, and another one to fix an
unitialized modifier for DRI2.
* Mesa core gets a couple of patches to fix issues around overriding OpenGL/ES
supported version through environment variables, and a patch to fix an issue
with texture samples found in "The Witness" through Wine.
* A couple of bugs around unrolling loops have also been fixed, these patches
were
applied for NIR and GLSL.
* On top of above, NIR gets more fixes in a couple of lowering functions used:
coalesce in lower_vec_to_movs if vec had a SSA destination, and
interp_var_at
intrinsic support in lower_indirect_derefs. It also gets a fix around
vars_to_ssa function.
* Finally, there are other fixes affecting Radeonsi, AC, EGL/Wayland and
SPIR-V
compiler.
- enabled opencl and that way also Mesa-gallium on 42.3 since we
now build against llvm 6; this also fixes the requirements from
Mesa-32bit to Mesa-gallium-32bit in baselibs.conf (reported by
community)

==== Mesa-drivers ====
Version update (18.0.0 -> 18.0.1)
Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau
libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_radeon libxatracker2

- Update to 18.0.1
* In this release we have:
* On the build system to highlight Meson is get improved thorugh several
patches
that fix issues around it.
* On the drivers part, RADV get several fixes: one for multisample
regressions on
Vega, another around GFX9 buffer views, and a couple of them more to related
with avoiding emitting unneeded vertex state.
* St/Nine get fixes around face register, lighting constants, math check for
inversible matrix, implicit conversions and bad tracking of vertex textures.
* Freedreno/a5xx get fixes around missaligned heigh for PIPE_BUFFER, and
around
page faults.
* Several fixes are also enqueued for Intel driver: set right channel_sizes
for
MOV_INDIRECT sources, set right config registration for uploading to kernel,
return the fourcc stored in __DRIimage when possible, fix negative sign in
64-bit return values, fix null destination register in assembly instructions
with 3 source operands, a fix for failed TCS/TES shader compilation
* Queue also contains a couple of fixes around Gallium drivers, one to fix a
typo
in code that was causing wrong return value, and another one to fix an
unitialized modifier for DRI2.
* Mesa core gets a couple of patches to fix issues around overriding OpenGL/ES
supported version through environment variables, and a patch to fix an issue
with texture samples found in "The Witness" through Wine.
* A couple of bugs around unrolling loops have also been fixed, these patches
were
applied for NIR and GLSL.
* On top of above, NIR gets more fixes in a couple of lowering functions used:
coalesce in lower_vec_to_movs if vec had a SSA destination, and
interp_var_at
intrinsic support in lower_indirect_derefs. It also gets a fix around
vars_to_ssa function.
* Finally, there are other fixes affecting Radeonsi, AC, EGL/Wayland and
SPIR-V
compiler.
- enabled opencl and that way also Mesa-gallium on 42.3 since we
now build against llvm 6; this also fixes the requirements from
Mesa-32bit to Mesa-gallium-32bit in baselibs.conf (reported by
community)

==== apache2 ====
Version update (2.4.29 -> 2.4.33)
Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork
apache2-utils

- Updated description for SSLProtocol option. [bsc#1086854]
- Updated description (PCI DSS) for SSLProtocol option. [bsc#1086854]
- SSLProtocol TLSv1.2 [bsc#1086854]

==== apparmor ====
Version update (2.12 -> 2.13)
Subpackages: apparmor-abstractions apparmor-docs apparmor-parser
apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang
pam_apparmor pam_apparmor-32bit perl-apparmor python3-apparmor

- add fix-apparmor-systemd-perms.diff - fix permissions of
/lib/apparmor/apparmor.systemd (boo#1090545)
- create and package precompiled cache (/usr/share/apparmor/cache,
read-only) (boo#1069906, boo#1074429)
- change (writeable) cache directory to /var/cache/apparmor/ - with the
new btrfs layout, the only reason for using /var/lib/apparmor/cache/
(which was "it's part of the / subvolume") is gone, and /var/cache
makes more sense for the cache
- adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both
cache locations
- clear cache also in %post of abstractions package
- update to AppArmor 2.13
- add support for multiple cache directories and cache overlays
(boo#1069906, boo#1074429)
- add support for conditional includes in policy
- remove group restrictions from aa-notify (boo#1058787)
- aa-complain etc.: set flags for profiles represented by a glob
- aa-status: split profile from exec name
- several profile and abstraction updates
- see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13
for the detailed upstream changelog
- drop upstreamed patches and files:
- aa-teardown
- apparmor.service
- apparmor.systemd
- 32-bit-no-uid.diff
- disable-cache-on-ro-fs.diff
- dovecot-stats.diff
- parser-write-cache-warn-only.diff
- set-flags-for-profiles-represented-by-glob.patch
- fix-regression-in-set-flags.patch
- drop spec code that handled installing aa-teardown, apparmor.service
and apparmor.systemd (now part of upstream Makefile)
- simplify "make -C profiles parser-check" call (upstream Makefile bug
that required to call "cd" was fixed)
- add aa-teardown-path.diff - install aa-teardown in /usr/sbin/
- move 'exec' symlink to parser package (belongs to aa-exec)
- Set flags for profiles represented by glob (bsc#1086154)
set-flags-for-profiles-represented-by-glob.patch
fix-regression-in-set-flags.patch

==== apr ====
Subpackages: apr-devel libapr1

- Add gcc8-integer-overflow.patch to handle an undefined
behavior (boo#1090085).

==== babl ====
Version update (0.1.44 -> 0.1.46)

- Update to version 0.1.46:
+ Added extensions with more coverage for u32, half and other
utilit fast paths.
+ Improving fast path coverage.

==== bash ====
Subpackages: bash-doc bash-lang

- Add patch bash-4.4-wait-sigint-handler.patch to fix bug bsc#1086247
that is repeating self inserting trap due external command in the
trap.

==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE plymouth-branding-openSUSE
wallpaper-branding-openSUSE xfce4-splash-branding-openSUSE
yast2-qt-branding-openSUSE

- Don't hard-code the system role text color (bsc#1087399)

==== ccache ====
Version update (3.3.6 -> 3.4.2)

- Update to version 3.4.2 [bsc#1089879]
* The cleanup algorithm has been fixed to not misbehave when
files are removed by another process while the cleanup process
is running. Previously, too many files could be removed from
the cache if multiple cleanup processes were triggered at the
same time, in extreme cases trimming the cache to a much
smaller size than the configured limits.
* Correctly hash preprocessed headers located in a
?.gch directory?. Previously, ccache would not pick up changes
to such precompiled headers, risking false positive cache hits.
* Fixed build failure when using the bundled zlib sources.
* ccache 3.3.5 added a workaround for not triggering Clang errors
when a precompiled header?s dependency has an updated timestamp
(but identical content). That workaround is now only applied
when the compiler is Clang.
* Made it possible to perform out-of-source builds in dev mode
again.
- AUTHORS.*, MANUAL.* and NEWS.* files are now located in the doc
directory
- Update to version 3.4.1:
* Fixed printing of version number in ccache --version.
- Changes for version 3.4.0:
* The compiler option form --sysroot arg is now handled like the
documented --sysroot=arg form.
* Added support for caching .su files generated by GCC flag
- fstack-usage.
* ccache should now work with distcc?s ?pump? wrapper.
* The optional unifier is no longer disabled when the direct mode
is enabled.
* Added support for nvcc compiler options --compiler-bindir/-ccbin,
- -output-directory/-odir and --libdevice-directory/-ldir.
* Boolean environment variable settings no longer accept the
following (case-insensitive) values: 0, false, disable and no.
All other values are accepted and taken to mean ?true?. This is
to stop users from setting e.g. CCACHE_DISABLE=0 and then
expect the cache to be used.
* Improved support for run_second_cpp = false: If combined with
passing -fdirectives-only (GCC) or frewrite-includes (Clang) to
the compiler, diagnostics warnings and similar will be correct.
* An implicit -MQ is now passed to the preprocessor only if the
object file extension is non-standard. This should make it
easier to use EDG-based compilers (e.g. GHS) which don?t
understand -MQ.
* ccache now treats an unreadable configuration file just like a
missing configuration file.
* Documented more pitfalls with enabling hard_links
(CCACHE_HARDLINK).
* Documented caveats related to colored warnings from compilers.
* File size and number counters are now updated correctly when
files are overwritten in the cache, e.g. when using
CCACHE_RECACHE.
* run_second_cpp is now forced for nvcc.
* Fixed how the nvcc options -optf and -odir are handled.

==== ceph ====
Version update (13.0.1.3204+g17e0216271 -> 13.0.2.984+g852d3f1411)
Subpackages: librados2 librbd1

- Update to 13.0.2-984-g852d3f1411:
+ based on upstream master aaac83abb516f824f1caef470686b1bffeffa8b4
+ fixes s390x build failure (bsc#1089291)
+ introduces liboath0 runtime dependency (bsc#1089302)
+ fixes RGW SSL deployment
- Update to 13.0.2-819-gf64b021d4c:
+ based on upstream master 3ab655b55d2b363c0352dfbb90caed2ffcd42432
- reduce ceph-test constraints for ppc64le and s390x
- Reduce ceph-test constraints on aarch64

==== corosync ====
Version update (2.4.3 -> 2.4.4)
Subpackages: libcmap4 libcorosync_common4

- corosync-2.4.4 is available now(bsc#1089836)
man:fix in corosync-qdevice.8
quorumtool: remove duplicated help message
cfg: nodeid should be unsigned int
coroparse: Use readdir instead of readdir_r
wd: fix snprintf warnings
Fix compile errors in qdevice on FreeBSD
qdevice: mv free(str) after port validation
Fix various typos
Fix typo: recomended -> recommended
man: support SOURCE_DATE_EPOCH
configure: add --with-initconfigdir option
Use static case blocks to determine distro flavor
Use RuntimeDirectory instead of tmpfiles.d
coroparse: Do not convert empty uid, gid to 0
sam: Fix snprintf compiler warnings
quorumtool: Use full buffer size in snprintf
man: Add note about qdevice parallel cmds start
sync: Remove unneeded determine sync code
sync: Call sync_init of all services at once
corosync.conf: publicize nodelist.node.name
totemudp[u]: Drop truncated packets on receive
logging: Make blackbox configurable
logging: Close before and open blackbox after fork
init: Quote subshell result properly
blackbox: Quote subshell result properly
qdevice: quote certutils scripts properly
sam_test_agent: Remove unused assignment
qdevice: Fix NULL pointer dereference
quorumtool: Don't set our_flags without v_handle
qdevice: Nodelist is set into string not array
qdevice: Check if user_data can be dereferenced
qdevice: Add safer wrapper of strtoll
qdevice: Replace strtol by strtonum
qnetd: Replace strtol by strtonum
main: Set errno before calling of strtol
totemcrypto: Implement bad crypto header guess
cpg: Use list_del instead of qb_list_del
totemcrypto: Check length of the packet
totemsrp: Implement sanity checks of received msgs
totemsrp: Check join and leave msg length
totemudp: Check lenght of message to sent
qdevice msgio: Fix reading of msg longer than i32
logsys: Avoid redundant callsite section checking
man: corosync-qdevice: fix formatting vs. punctuation
man: corosync-qdevice: some more stylistics
man: fix cpg_mcast_joined.3.in
libcpg: Fix issue with partial big packet assembly
totempg: Fix fragmentation segfault
totempg: use iovec[i].iov_len instead of copy_len
totempg: Fix corrupted messages
cpg: Handle fragmented message sending interrupt
corosync.aug: Add missing options
systemd: Delete unnecessary soft_margin
Added:
corosync-2.4.4.tar.gz
0010-qdevice-net-instance.c-optarg-should-be-str.patch
Deleted:
0007-sync-Call-sync_init-of-all-services-at-once.patch
0008-wd-fix-snprintf-warnings.patch
0009-add-config-for-corosync-qnetd.patch
0010-qdevice-mv-free-str-after-port-validation.patch
0011-libcpg-Fix-issue-with-partial-big-packet-assembly.patch
0012-totemudp-u-Drop-truncated-packets-on-receive.patch
0013-logging-Make-blackbox-configurable.patch
0014-logging-Close-before-and-open-blackbox-after-fork.patch
0015-coverity-fixes.patch
0018-bsc#1089346-corosync-Integer-overflow-in-totemcrypto.patch
corosync-2.4.3.tar.gz
Renamed:
0009-add-config-for-corosync-qnetd.patch ->
0007-add-config-for-corosync-qnetd.patch
0016-bsc#1083561-upgrade-from-1-x-y.patch ->
0008-bsc#1083561-upgrade-from-1-x-y.patch
0017-bsc#1088619-add-version.patch -> 0009-bsc#1088619-add-version.patch

==== deja-dup ====
Version update (37.1 -> 38.0)
Subpackages: deja-dup-lang nautilus-deja-dup

- Update to version 38.0:
+ Drop ulimit for monitor process, it was causing crashes.
+ Fix autoscrolling in progress window.
+ Exclude snap cache directories by default.
+ Updated translations.
- Add gio-2.0, gio-unix-2.0 and goa-backend-1.0 pkgconfig modules
and glib2-tools package BuildRequires to avoid implicit
dependencies.
- Replace pkgconfig(appstream-builder), dbus-1-x11, update-desktop\
- files and perl-gettext BuildRequires with appstream-glib, dbus-\
1, desktop-file-utils and gettext-runtime respectively, what
meson really looks for.

==== desktop-translations ====
Version update (84.87.20180416.e6c83e49 -> 84.87.20180423.2e342f3a)

- Update to version 84.87.20180423.2e342f3a:
* Translated using Weblate (Chinese (China))
* Translated using Weblate (Italian)
* Translated using Weblate (Portuguese (Brazil))
* Translated using Weblate (Slovak)
* Translated using Weblate (Spanish)

==== device-mapper ====
Subpackages: libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit

- Fix handling of udev CHANGE events with systemd (bsc#1067312)
+ lvm2-69-dm-lvm-metad.rules-explicit-pvscan-rule.patch
+ lvm2-69-dm-lvm-metad.rules-set-systemd-vars-on-chang.patch

==== dmidecode ====

- dmioem-reflect-hpe-new-company-name.patch: Reflect HPE's new
company name.
- dmidecode-fix-tpm-device-firmware-version.patch: Fix firmware
version of TPM device.
- dmioem-fix-hpe-type-219-uefi-flag.patch: Fix the reporting of
HP/HPE UEFI feature.

==== dpdk ====
Version update (18.02_k4.16.2_1 -> 18.02.1_k4.16.3_1)

- Update to 18.02.1
- Restrict untrusted guest to misuse virtio to corrupt
host application(ovs-dpdk) memory which can lead all VM to lose
connectivity(CVE-2018-1059,bsc#1089638).
Changes:
* Add deprecation notice for rte_vhost_gpa_to_vva()
* Patch vhost-net and vhost-scsi examples
* Fixes checkpatch warnings
* Take VIRTIO_RING_F_EVENT_IDX into account when ring size (Tiwei)
* Fix next chuncks translation access rights in Rx paths (Tiwei)
* vhost: fix indirect descriptors table translation size
* vhost: check all range is mapped when translating GPAs
* vhost: introduce safe API for GPA translation
* vhost: ensure all range is mapped when translating QVAs
* vhost: add support for non-contiguous indirect descs tables
* vhost: handle virtually non-contiguous buffers in Tx
* vhost: handle virtually non-contiguous buffers in Rx
* vhost: handle virtually non-contiguous buffers in Rx-mrg
* examples/vhost: move to safe GPA translation API
* examples/vhost_scsi: move to safe GPA translation API
* vhost/crypto: move to safe GPA translation API
* vhost: deprecate unsafe GPA translation API
- Enable MLX4/5 PMD only in Factory and >= SLES15
It needs rdma-core >= v16.

==== dracut ====

- Do not attempt to run purge-kernels.service on ro rootfs (bsc#1087880)
- 95nfs: If no server is configured, read BOOTSERVERADDR from wicked's leaseinf
(boo#1089332)
* adds 0566-95nfs-If-no-server-is-configured-read-BOOTSERVERADDR.patch
- Remove RH-specific s390 modules (bsc#1086216)

==== epiphany ====
Version update (3.28.1 -> 3.28.1.1)
Subpackages: epiphany-lang gnome-shell-search-provider-epiphany

- Update to version 3.28.1.1:
+ Fix two crashes (bgo#783756 and bgo#794784/bgo#795370).

==== ethtool ====
Version update (4.15 -> 4.16)

- Update to new upstream release 4.16
* Feature: add support for extra RSS contexts and RSS steering filters
* Feature: Add SFF 8636 date code parsing support
* Fix: don't fall back to grxfhindir when context was specified
* Fix: correct display of VF when showing vf/queue filters
* Fix: show VF and queue in the help for -N
* Fix: correct VF index values for the ring_cookie parameter
- Fix build for targets not (fully) supporting %license macro

==== firewalld ====
Subpackages: firewall-macros firewalld-lang python3-firewall

- Backport upstream patches to add additional services (bsc#1082033)
* firewalld-add-additional-services.patch

==== gcc7 ====
Subpackages: cpp7 gcc7-c++ gcc7-fortran gcc7-info gcc7-locale gcc7-objc
libasan4 libcilkrts5 libgfortran4 libstdc++6-devel-gcc7 libstdc++6-gcc7-locale
libubsan0

- Update gcc7-bnc1087550.diff with latest changes. [bnc#1087550]

==== gcc8 ====
Version update (8.0.1+r258445 -> 8.0.1+r259467)
Subpackages: libatomic1 libgcc_s1 libgcc_s1-32bit libgomp1 libitm1 liblsan0
libmpx2 libmpxwrappers2 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit
libtsan0

- Update to SVN trunk head (r259467).
- Update to SVN trunk head (r259308).
* contains fix for ios_base::failure ABI breakage. [bnc#1087550]
- Remove now obsolete gcc7-bnc1087550.diff.
- Set SUSE_ASNEEDED to zero during %install so libasan keeps its
NEEDED entry for libstdc++.so. [GCC#84428]
- Update to SVN trunk head (r259162).
- Enable --enable-fix-cortex-a53-835769 for aarch64.
- Add gcc7-bnc1087550.diff to revert the ios_base::failure ABI
back to compatible behavior with the default ABI. [bnc#1087550]
- Update to SVN trunk head (r259024).
* Includes gcc8-pr84990.patch.
- Enable --enable-fix-cortex-a53-843419 for aarch64. [bnc#1084812]
- Update to SVN trunk head (r258674).
* Add gcc8-pr84990.patch to fix bootstrap with Ada.
- Switch to release-checking builds.

==== gdm ====
Version update (3.28.0 -> 3.28.1)
Subpackages: gdm-lang gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0

- Update to version 3.28.1:
+ Properly stop boot splash even if local login screen is
disabled (bsc#1083646 bgo#795120).
+ Updated translations.
- Rename gdm-disable-wayland-on-mgag200-chipsets.patch to
gdm-disable-wayland-on-unsupported-chipsets.patch: add rules for
ASPEED ast drivers (boo#1088539).
- Clean up specfile: Enable Wayland unconditionally.

==== gegl ====
Version update (0.3.30 -> 0.3.34)
Subpackages: gegl-0_3 gegl-0_3-lang libgegl-0_3-0

- Update to version 0.3.34 (CVE-2018-10114):
+ Core: Change GeglParamSpecSeed from int to uint to match the
value range of GeglRandom's seed.
+ Operations: Limit allocations in ppm-load to 2GB
(CVE-2018-10114).
- Changes from version 0.3.32:
+ Operations:
- panorama-projection: added reverse transform, which permits
using GIMP for retouching zenith, nadir or other arbitrary
gaze directions in equirectangular, also known as 360x180
panoramas.
- Added abyss-policy to base class for scale ops, making it
possible to achieve hard edges on rescaled buffers.
+ GeglBuffer:
- Improved performance and correctness, avoid incorrectly
gamma/ungamma correcting alpha in u8 formats, for a tiny 2-3%
performance boost.
- Keep track of valid/invalid areas on smaller granularity than
tiles in mipmap.
- Various micro-optimizations in display paths, with minuscle
performance impact.

==== geoclue2 ====
Version update (2.4.7 -> 2.4.8)
Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0

- Update to version 2.4.8:
+ Fix threshold for detecting too old location update.
+ Explain in the configuration what the applications white-list
is meant for.
+ Allow instant location updates from modem-based GPS.
+ Fix a deadlock case in the helper library.

==== gjs ====
Version update (1.52.0 -> 1.52.2)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0

- Update to version 1.52.2:
+ This is an unscheuled release in order to revert a commit that
causes a crash on exit, with some Cairo versions.
+ Closed bugs and merge requests:
- heapgraph.py: adjust terminal output style
(glgo#gnome/gjs#120).
- Warn about compilation warnings (glgo#gnome/gjs#125).
- Miscellaneous commits.
- Update to version 1.52.1:
+ In addition to System.dumpHeap(), you can now dump a heap from
a running Javascript program by starting it with the
environment variable GJS_DEBUG_HEAP_OUTPUT=some_name, and
sending it SIGUSR1.
+ Closed bugs:
- Crash when resolving promises if exception is pending
(glgo#GNOME/gjs#18).
- Tools for examining heap graph (glgo#GNOME/gjs#116).
- Add support for passing flags to Gio.DBusProxy in
makeProxyWrapper (glgo#GNOME/gjs#122).
- Cannot instantiate Cairo.Context (glgo#GNOME/gjs#126).
- GISCAN GjsPrivate-1.0.gir fails (glgo#GNOME/gjs#128).
- Invalid read of g_object_finalized flag (glgo#GNOME/gjs#129).
- Pick a different C++ linter.
- profiler: Don't assume layout of struct sigaction.
- Update tweener.js.
- Various maintenance.

==== gnome-session ====
Version update (3.28.0 -> 3.28.1)
Subpackages: gnome-session-core gnome-session-default-session
gnome-session-lang gnome-session-wayland

- Update to version 3.28.1:
+ Tell libICE to stop opening a TCP socket.
+ Shore up permissions of .config.
+ Updated translations.
- Add pkgconfig(gio-2.0) to avoid implicit dependencies.
- Drop update-desktop-files and suse_update_desktop_file macro,
tcpd devel package and xau, xext, xrender and xsts pkgconfig
modules BuildRequires: they are no longer used/required anymore.

==== gnome-shell ====
Version update (3.28.0 -> 3.28.1+20180418.b476e851b)
Subpackages: gnome-shell-browser-plugin gnome-shell-calendar gnome-shell-lang

- Update to version 3.28.1+20180418.b476e851b:
+ workspaceThumbnail:
- Only update _porthole if the overview is visible
- Rebuild thumbnails if workareas size changed
- Initialize porthole based on workArea
+ popupMenu: Fix wrong call to clutter_actor_add_child()
+ utils: Simplify URL regex to only support one layer of
parentheses
+ polkitAgent: Hide authentication dialogs while locked
+ workspace: Don't move focus unconditionally
+ networkAgent: Use libnm for plugin loading
+ worldClock: Handle named timezones
- Switch back to using git-checkout via source-service, upstream
seems unable to produce tarballs.
- Drop unneeded NetworkManager-gnome Recommends.

==== gpgme ====
Version update (1.10.0 -> 1.11.1)
Subpackages: libgpgme-devel libgpgme11 libgpgmepp6 libqgpgme7

- update to 1.11.1:
* Fixed build problems in the 1.11.0 releas
drop gpgme-1.11-fix-gpgme-json-rpath.patch,
drop gpgme-1.11-fix-tests.patch
* Added C++ interfaces which were planned for 1.11.0
- Update to 1.11
* New encryption API to support direct key specification including
hidden recipients option and taking keys from a file. This also
allows to enforce the use of a subkey.
* New encryption flag for the new API to enforce the use of plain
mail addresses (addr-spec).
* The import API can now tell whether v3 keys are skipped. These
old and basically broken keys are not anymore supported by GnuPG
2.1.
* The decrypt and verify API will now return the MIME flag as
specified by RFC-4880bis.
* The offline mode now has an effect on gpg by disabling all
network access.
* A failed OpenPGP verification how returns the fingerprint of the
intended key if a recent gpg version was used for signature
creation.
* Various minor fixes.
- Dropped patch 0001-core-Tweak-STATUS_FAILURE-handling.patch, since
it is included upstream now.
- add gpgme-1.11-fix-gpgme-json-rpath.patch to remove rpath
- add gpgme-1.11-fix-tests.patch to fix tests

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin
grub2-x86_64-efi grub2-x86_64-xen

- Fallback to raw mode if Open Firmware returns invalid ihandler (bsc#1071559)
* grub2-ieee1275-open-raw-mode.patch

==== gtk2 ====
Subpackages: gtk2-data gtk2-devel gtk2-immodule-amharic gtk2-immodule-inuktitut
gtk2-immodule-thai gtk2-immodule-vietnamese gtk2-immodule-xim gtk2-lang
gtk2-tools gtk2-tools-32bit libgtk-2_0-0 libgtk-2_0-0-32bit typelib-1_0-Gtk-2_0

- Update _service to point to new
https://gitlab.gnome.org/GNOME/gtk.git home.

==== gtk3 ====
Version update (3.22.29 -> 3.22.30)
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut
gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang
gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0

- Update to version 3.22.30:
+ gtk-demo has a new 'Widgetbowl' demo.
+ The wayland backend now supports the stable xdg-shell protocol.
+ Bugs fixed: glgo#GNOME/GTK#28, glgo#GNOME/GTK#83,
glgo#GNOME/GTK#88, glgo#GNOME/GTK#114, glgo#GNOME/GTK#129,
glgo#GNOME/GTK#132, glgo#GNOME/GTK#141, glgo#GNOME/GTK#146,
glgo#GNOME/GTK#156, glgo#GNOME/GTK#157, glgo#GNOME/GTK#163,
bgo#705509, bgo#745128, bgo#748784, bgo#791939, bgo#792632,
bgo#793062.

==== gtk3-branding-openSUSE ====
Version update (42.1 -> 15.0)

- Mark /etc/gtk-3.0/settings.ini as config(noreplace)
(boo#1087507).
- Build package for SLE and openSUSE using multibuild.

==== ibus ====
Subpackages: ibus-gtk ibus-gtk-32bit ibus-gtk3 ibus-lang libibus-1_0-5
libibus-1_0-5-32bit typelib-1_0-IBus-1_0

- Fix filelist for SLE.

==== iputils ====
Subpackages: rarpd

- Backport license information from upstream (bnc#1082788):
iputils-add-license-info.diff

==== kde-l10n ====
Subpackages: kde-l10n-cs kde-l10n-da kde-l10n-da-data kde-l10n-da-doc
kde-l10n-de kde-l10n-de-data kde-l10n-de-doc kde-l10n-el kde-l10n-en_GB
kde-l10n-en_GB-data kde-l10n-en_GB-doc kde-l10n-es kde-l10n-es-data
kde-l10n-es-doc kde-l10n-fr kde-l10n-fr-data kde-l10n-hu kde-l10n-it
kde-l10n-it-data kde-l10n-it-doc kde-l10n-ja kde-l10n-pl kde-l10n-pl-data
kde-l10n-pt kde-l10n-pt_BR kde-l10n-pt_BR-data kde-l10n-ru kde-l10n-ru-data
kde-l10n-zh_CN kde-l10n-zh_TW

- Remove kopete mo files which are conflicting with the tarball

==== kernel-firmware ====
Version update (20180402 -> 20180416)
Subpackages: ucode-amd

- Update to version 20180416:
* linux-firmware: update wil6210 firmware to 5.2.0.18
* linux-firmware: rsi: update firmware images for Redpine 9113 chipset
* iwlwifi: update firmwares for 3160, 3168 and 7265
* iwlwifi: add some new FW versions and update older ones
- fixed new style modalias detection too for AMD CPUs in ucode-amd,
it can only use 1 : (bsc#1084687)

==== kernel-source ====
Version update (4.16.2 -> 4.16.3)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs
kernel-macros kernel-syms

- Linux 4.16.3 (bnc#1012628).
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
(bnc#1012628).
- rds: MP-RDS may use an invalid c_path (bnc#1012628).
- slip: Check if rstate is initialized before uncompressing
(bnc#1012628).
- vhost: fix vhost_vq_access_ok() log check (bnc#1012628).
- l2tp: fix races in tunnel creation (bnc#1012628).
- l2tp: fix race in duplicate tunnel detection (bnc#1012628).
- ip_gre: clear feature flags when incompatible o_flags are set
(bnc#1012628).
- vhost: Fix vhost_copy_to_user() (bnc#1012628).
- lan78xx: Correctly indicate invalid OTP (bnc#1012628).
- sparc64: Properly range check DAX completion index
(bnc#1012628).
- media: v4l2-compat-ioctl32: don't oops on overlay (bnc#1012628).
- media: v4l: vsp1: Fix header display list status check in
continuous mode (bnc#1012628).
- ipmi: Fix some error cleanup issues (bnc#1012628).
- parisc: Fix out of array access in match_pci_device()
(bnc#1012628).
- parisc: Fix HPMC handler by increasing size to multiple of 16
bytes (bnc#1012628).
- iwlwifi: add a bunch of new 9000 PCI IDs (bnc#1012628).
- Drivers: hv: vmbus: do not mark HV_PCIE as perf_device
(bnc#1012628).
- PCI: hv: Serialize the present and eject work items
(bnc#1012628).
- PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()
(bnc#1012628).
- KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode
(bnc#1012628).
- perf intel-pt: Fix overlap detection to identify consecutive
buffers correctly (bnc#1012628).
- perf intel-pt: Fix sync_switch (bnc#1012628).
- perf intel-pt: Fix error recovery from missing TIP packet
(bnc#1012628).
- perf intel-pt: Fix timestamp following overflow (bnc#1012628).
- perf/core: Fix use-after-free in uprobe_perf_close()
(bnc#1012628).
- radeon: hide pointless #warning when compile testing
(bnc#1012628).
- x86/mce/AMD: Pass the bank number to smca_get_bank_type()
(bnc#1012628).
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
(bnc#1012628).
- x86/mce/AMD: Get address from already initialized block
(bnc#1012628).
- ath9k: Protect queue draining by rcu_read_lock() (bnc#1012628).
- x86/uapi: Fix asm/bootparam.h userspace compilation errors
(bnc#1012628).
- x86/apic: Fix signedness bug in APIC ID validity checks
(bnc#1012628).
- sunrpc: remove incorrect HMAC request initialization
(bnc#1012628).
- f2fs: fix heap mode to reset it back (bnc#1012628).
- block: Change a rcu_read_{lock,unlock}_sched() pair into
rcu_read_{lock,unlock}() (bnc#1012628).
- nvme: Skip checking heads without namespaces (bnc#1012628).
- lib: fix stall in __bitmap_parselist() (bnc#1012628).
- zboot: fix stack protector in compressed boot phase
(bnc#1012628).
- blk-mq: Directly schedule q->timeout_work when aborting a
request (bnc#1012628).
- blk-mq: order getting budget and driver tag (bnc#1012628).
- blk-mq: make sure that correct hctx->next_cpu is set
(bnc#1012628).
- blk-mq: don't keep offline CPUs mapped to hctx 0 (bnc#1012628).
- ovl: Set d->last properly during lookup (bnc#1012628).
- ovl: fix lookup with middle layer opaque dir and absolute path
redirects (bnc#1012628).
- ovl: set i_ino to the value of st_ino for NFS export
(bnc#1012628).
- ovl: set lower layer st_dev only if setting lower st_ino
(bnc#1012628).
- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling
(bnc#1012628).
- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012628).
- nfsd: fix incorrect umasks (bnc#1012628).
- scsi: scsi_dh: Don't look for NULL devices handlers by name
(bnc#1012628).
- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on
probe failure (bnc#1012628).
- Revert "scsi: core: return BLK_STS_OK for DID_OK in
__scsi_error_from_host_byte()" (bnc#1012628).
- apparmor: fix logging of the existence test for signals
(bnc#1012628).
- apparmor: fix display of .ns_name for containers (bnc#1012628).
- apparmor: fix resource audit messages when auditing peer
(bnc#1012628).
- block/loop: fix deadlock after loop_set_status (bnc#1012628).
- nfit: fix region registration vs block-data-window ranges
(bnc#1012628).
- s390/qdio: don't retry EQBS after CCQ 96 (bnc#1012628).
- s390/qdio: don't merge ERROR output buffers (bnc#1012628).
- s390/ipl: ensure loadparm valid flag is set (bnc#1012628).
- s390/compat: fix setup_frame32 (bnc#1012628).
- get_user_pages_fast(): return -EFAULT on access_ok failure
(bnc#1012628).
- mm/gup_benchmark: handle gup failures (bnc#1012628).
- getname_kernel() needs to make sure that ->name != ->iname in
long case (bnc#1012628).
- Bluetooth: Fix connection if directed advertising and privacy
is used (bnc#1012628).
- Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always
being active-low (bnc#1012628).
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex
(bnc#1012628).
- Refresh patches.suse/0001-AppArmor-basic-networking-rules.patch.
- commit 771261a
- resource: fix integer overflow at reallocation (bsc#1086739).
- commit 4cf2593
- Update tags of upstreamed patches
Refresh
patches.suse/Revert-drm-amd-display-disable-CRTCs-with-NULL-FB.patch
patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
- commit e2aa76d
- objtool, perf: Fix GCC 8 -Wrestrict error (bsc#1084620).
- commit 0c6114f
- supported.conf: update from openSUSE-15.0
- commit 4ef3f17
- Revert "drm/amd/display: disable CRTCs with NULL FB on their
primary plane (V2)" (bsc#1089615, bsc#1088902).
- commit e881e16
- arm64: Update config files. (bsc#1089764)
Increase NR_CPUS to 384
- commit 6f06d9e

==== libapparmor ====
Version update (2.12 -> 2.13)
Subpackages: libapparmor-devel libapparmor1 libapparmor1-32bit

- update to AppArmor 2.13
- add support for multiple cache directories and cache overlays
(boo#1069906, boo#1074429)
- see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13
for the detailed upstream changelog

==== libblockdev ====
Subpackages: libblockdev2

- Resplit plugins to avoid pulling clusterlvm support by default
into the dependency chain (bsc#1086447).

==== libeXosip2 ====
Subpackages: libeXosip2-12 libeXosip2-devel

- apply openssl110-fix.patch for Leap >= 15.0 only

==== libglvnd ====
Version update (0.1.2~20170620~d850cdd -> 1.0.0)
Subpackages: libglvnd-32bit libglvnd-devel

- update to release 1.0.0
* Now that both the EGL and GLX interfaces are defined and stable,
set the package version to 1.0.0.
* Changes
+ GLX: Fix an error in handling GLX dispatch stubs.
+ EGL: Fix handling a malloc failure in eglQueryString.
+ GLdispatch: Clean up the assembly dispatch code.
+ GLdispatch aarch64: Align the dispatch stubs to a 64K page size.
+ Fix typo in _LIBRARY_FEATURE_NAMES.
+ Merge pull request #131 from michalsrb/fix-missing-gles-symbols
+ Merge branch 'fix-aarch64-page-size'
+ Convert lq/stq instructions
+ Merge pull request #125 from kbrenneman/ppc64le-convert-lq-stq
+ Don't #define USE_ASM (defined(USE_X86_ASM) || ... )
+ Remove -Wno-misleading-indentation
+ Remove the cJSON README and tests
+ Update cJSON to version 1.5.9
+ Merge pull request #135 from aaronp24/remove-misleading-indentation
+ Fix memory leak in LoadVendorsFromConfigDir
+ Cleanup winsys dispatch index list on EGL mapping teardown
+ Merge pull request #137 from polarina/memleak
+ Set package version to 1.0.0.
- supersedes U_Fix-typo-in-LIBRARY_FEATURE_NAMES.patch

==== libinput ====
Version update (1.10.4 -> 1.10.5)
Subpackages: libinput-udev libinput10

- Update to new bugfix release 1.10.5
* The Logitech K400 has button debouncing disabled to avoid
missing double-taps. The Dell XPS13 L322X had the touchpad
pressure ranges added to provide better responsiveness. And
the Lenovo T440, T450s and X280 laptops had the trackpoint
ranges added to provide better trackpoint acceleration.

==== libopenmpt ====
Version update (0.3.7 -> 0.3.8)
Subpackages: libmodplug1 libopenmpt0

- Update to 0.3.8
* [Sec] Possible out-of-bounds memory read with IT / ITP / MO3
files containing pattern loops.
* Keep track of active SFx macro during seeking.
* The "note cut" duplicate note action did not volume-ramp the
previously playing sample.
* A song starting with non-existing patterns could not be played.
* DSM: Support restart position and 16-bit samples.
* DTM: Import global volume.

==== lvm2 ====
Subpackages: liblvm2app2_2 liblvm2cmd2_02

- Fix handling of udev CHANGE events with systemd (bsc#1067312)
+ lvm2-69-dm-lvm-metad.rules-explicit-pvscan-rule.patch
+ lvm2-69-dm-lvm-metad.rules-set-systemd-vars-on-chang.patch

==== man ====

- Skip cron job for cleaning /var/cache/man as there exists
/usr/lib/tmpfiles.d/man-db.conf

==== mutter ====
Version update (3.28.0 -> 3.28.1+20180416.d3d5eb8e1)
Subpackages: libmutter-2-0 mutter-data mutter-lang

- Update to version 3.28.1+20180416.d3d5eb8e1:
+ idle-monitor: Add ResetIdletime API, for testing purposes
+ backend: Reset idle when lid is opened or resuming from suspend
+ idle-monitor: Take idle inhibition into account
+ x11: Allow XTest and core events to reset idletime
+ backends: Remove X11 idle-monitor backend
+ wayland: Plug surface pending state contents leak
+ monitor-manager: fix output ids returned by GetResources
+ native: Disable the use of KMS modifiers by default
+ Updated translations.
- Switch back to using git-checkout via source-service, upstream
seems unable to produce tarballs.
- Following the above, add libtool BuildRequires and pass
autogen.sh to bootstrap.

==== obs-service-tar_scm ====
Version update (0.8.0.1507129410.0cb2d44 -> 0.8.0.1520581079.e26b0ae)
Subpackages: obs-service-obs_scm obs-service-obs_scm-common

- python-unittest2 is only required for the optional make check
- Update to version 0.8.0.1520581079.e26b0ae:
* make installation of scm's optional
* add a lot more detail to README
* Git clone with --no-checkout in prepare_working_copy
* Refactor and simplify git prepare_working_copy
* Cleanup flake8 checks
* Only use current dir if it actually looks like git (Fixes #202)
* reactivate test_obscpio_extract_d
* fix broken test create_archive
* fix broken tests for broken-links
* changed PREFIX in Gnumakefile to /usr
* new cli option --skip-cleanup
* fix for broken links
* fix reference to snapcraft YAML file
* fix docstring typo in TarSCM.scm.tar.fetch_upstream
* acknowledge deficiencies in dev docs
* wrap long lines in README

==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_1_0

- Added upstream patch to allow host_id of 0 (bsc#1089687),
updating:
* open-iscsi-SUSE-latest.diff.bz2
- Added 2 upstream commits to address issue of iscsi_if.h
stayig in sync with kernel vesion (bsc#1086344), updating:
* open-iscsi-SUSE-latest.diff.bz2

==== openafs ====
Subpackages: openafs-client openafs-kmp-default

- remove package krb5-mit. It contained binaries for server and client.
Besides, client and server already had an implicit dependency on krb5.
Put the binaries to client and server-package respectively.
- Remove openafs-1.8.x.heimdal.patch and everything heimdal-related.
SUSE does not provide a proper heimdal and it's untested for a long
time.

==== openconnect ====
Subpackages: openconnect-devel openconnect-lang

- Add BuildRequires pkgconfig(libpcsclite/libpskc) to enable
liboath (TOTP/HOTP) and yubikey support.

==== osinfo-db ====
Version update (20180311 -> 20180416)

- fate#322156 - Update database to version 20180416
osinfo-db-20180416.tar.xz

==== patch ====

- Add ed as BuildRequires so ed-style patches can be checked by
the test suite.
Fix CVE-2018-1000156 (bsc#1088420, savannah#53566).
- ed-style-01-missing-input-files.patch: Allow input files to be
missing for ed-style patches.
- ed-style-02-fix-arbitrary-command-execution.patch,
ed-style-03-update-test-Makefile.patch: Fix arbitrary command
execution in ed-style patches.
- ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead
of using the shell.
- ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script.
- ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.

==== patterns-gnome ====
Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basis
patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games
patterns-gnome-gnome_ide patterns-gnome-gnome_imaging
patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia
patterns-gnome-gnome_office patterns-gnome-gnome_utilities
patterns-gnome-gnome_x11 patterns-gnome-gnome_yast
patterns-gnome-sw_management_gnome

- Do not recommend pulseaudio-modules-lirc/bluetooth/zeroconf,
use supplements in pulseaudio subpackages instead (bsc#1087207).

==== pcre ====
Subpackages: libpcre1 libpcre1-32bit libpcre16-0 libpcrecpp0 libpcreposix0
pcre-devel

- Do not run profiling 'check' in parallel
to make package build reproducible (boo#1040589)

==== php7 ====
Subpackages: apache2-mod_php7 php7-bcmath php7-bz2 php7-calendar php7-ctype
php7-curl php7-dba php7-devel php7-dom php7-exif php7-fastcgi php7-ftp php7-gd
php7-gettext php7-gmp php7-iconv php7-json php7-ldap php7-mbstring php7-mysql
php7-odbc php7-openssl php7-pdo php7-pear php7-pear-Archive_Tar php7-pgsql
php7-shmop php7-snmp php7-sockets php7-sqlite php7-sysvsem php7-sysvshm
php7-tidy php7-tokenizer php7-wddx php7-xmlreader php7-xmlwriter php7-xsl
php7-zip php7-zlib

- apache2-mod_php7 does not provide libphp7.so [bsc#1089487]

==== plasma5-integration ====
Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang

- Add Fix-initial-directory-selection-for-remote-files.patch to
show the proper (remote) directory also for remote files when
opening KDE's file dialog (boo#1085364, kde#374913)

==== pulseaudio ====
Subpackages: libpulse-devel libpulse-mainloop-glib0 libpulse0
pulseaudio-bash-completion pulseaudio-lang pulseaudio-module-bluetooth
pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc
pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils

- Add Supplements: packageand on zeroconf, lirc, bluetooth
subpackages to have them selected for installation automatically
instead of relying on patterns (bsc#1087207).

==== python-certifi ====
Version update (2018.1.18 -> 2018.4.16)

- update to 2018.4.16
* Remove Elektronik Sertifika Hizket from cacert.pem
- This is noop as we use our cacert list from /etc/ssl/ca-bundle.pem

==== python-decorator ====
Version update (4.2.1 -> 4.3.0)
Subpackages: python2-decorator python3-decorator

- Ensure neutrality of description.
- update to version 4.3.0:
* Extended the decorator family facility to work with positional
arguments and updated the documentation. Removed
decorator.getargspec and provided decorator.getfullargspec
instead. This is convenient for users of Python 2.6/2.7, the
others can just use inspect.getfullargspec.

==== python-ipaddress ====
Version update (1.0.19 -> 1.0.22)

- Install license file
- update to version v1.0.22:
* Avoid using assertRaises as a context manager

==== python-qt5 ====
Version update (5.10 -> 5.10.1)
Subpackages: python-qt5-utils python3-qt5

- Remove source URL to workaround SourceForge's unreliability
- Update to version v5.10.1
* Added support for Qt v5.10.1.
* Added the missing qmlClearTypeRegistrations() to the QtQml module.
* Added the --disabled-feature option to configure.py.

==== rpm ====
Subpackages: rpm-build rpm-devel

- move -fprofile-update=atomic before -fprofile-generate
- Enable -fprofile-update=atomic for PGO (boo#1040589).

==== samba ====
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0
libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0
libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit
libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit
libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0
libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit
libsamba-policy0 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit
libsmbclient-devel libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2
libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0
libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-dsdb-modules
samba-kdc samba-kdc-32bit samba-libs samba-libs-32bit samba-python
samba-winbind samba-winbind-32bit

- Use new foreground execution flags for systemd samba daemons;
(bsc#1088574); (bsc#1071090); (bsc#1065551);
+ Add %post scriptlet to clear old sysconfig flags
- Update vendor-files to commit 880b3e7.
+ Set samba sysconfig template variables to ""
+ Add required daemon flags directly to systemd unit

==== spice-gtk ====
Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper
libspice-client-gtk-3_0-5 libspice-controller0 typelib-1_0-SpiceClientGlib-2_0
typelib-1_0-SpiceClientGtk-3_0

- Partially fix bsc#1074144, where we have keymapping issues under Xwayland.
+ Add the following upstream patch:
+ Use-scancode-instead-of-keycode-names.patch

==== subversion ====
Version update (1.9.7 -> 1.10.0)
Subpackages: libsvn_auth_gnome_keyring-1-0 subversion-bash-completion
subversion-devel subversion-perl subversion-python subversion-server
subversion-tools

- Apache Subversion 1.10.0:
* new conflict resolver
* Many bug fixes and enhancements
* lz4 compression for the repositories
* https://subversion.apache.org/docs/release-notes/1.10.html
- Packaging changes;
* Convert dependencies to pkgconfig counterparts
* Add dependency on liblz4 and utf8proc
* Use %license (boo#1082318)
* build with KDE5 KWallet support
- Refresh patches:
* subversion-1.8.0-rpath.patch
* subversion-no-build-date.patch
* subversion-fix-parallel-build-support-for-perl-bindings.patch
* subversion-perl-underlinking.patch
- dropped patches:
* subversion-1.8.11-autocheck-time.patch, upstream
* subversion-1.9.0-allow-httpd-2.4.6.patch, no longer required
- Add subversion-1.10.0-fix-svn-version-gnome-keyring.patch to list
GNOME keyring support in svn --version when using libsecret

==== sudo ====

- integrate pam_keyinit pam module [bsc#1081947]
* add sudo-i.pamd PAM configuration file and install it as
/etc/pam.d/sudo-i
* add "session optional pam_keyinit.so revoke" to sudo.pamd and
"session optional pam_keyinit.so force revoke" to sudo-i.pamd
* add "--with-pam-login" build option to enable specific PAM
session for "sudo -i"
- make pam configuration files (noreplace)
- reorganize Sources

==== sushi ====
Version update (3.24.0 -> 3.28.3)
Subpackages: sushi-lang

- Update to version 3.28.3:
+ Fix another LibreOffice to PDF conversion regression (hopefully
for good this time).
- Update to version 3.28.2:
+ Fix another LibreOffice to PDF conversion regression.
- Changes from version 3.28.1:
+ Fix LibreOffice to PDF conversion regression.
+ Add support for docx/pptx/xlsx MIME types.
- Changes from version 3.28.0:
+ Add support for GIF animations.
+ Use LibreOffice directly instead of unoconv.
+ Prefer LibreOffice from flatpak when installed.
- Drop unoconv BuildRequires and Recommends, following upstream
changes.
- Replace gobject-introspection-devel with
pkgconfig(gobject-introspection-1.0) BuildRequires.
- Drop no longer needed post(un) handling of
glib2_gsettings_schema_post(un) and
glib2_gsettings_schema_requires macro.

==== transactional-update ====
Version update (1.28 -> 1.29)

- Update to version 1.29
- Implement self-update
- Disable optical media on dup
- Ignore certain zypper return codes

==== udisks2 ====
Subpackages: libudisks2-0 udisks2-lang

- Require specific libblockdev plugins in due udisks2's modules,
following libblockdev's plugins split (bsc#1086447).
- Drop redundant libblockdev-devel BuildRequires: it is not needed
once its pkgconfig module is already a requirement.

==== unbound ====
Version update (1.6.8 -> 1.7.0)
Subpackages: libunbound2 unbound-anchor

- Commented configuration directive dlv-anchor-file: in unbound.conf
(see bsc#1055060). The DLV key file is deliberately still
shipped in the package so users could easily re-enable this.
- update to 1.7.0
Features
- auth-zone provides a way to configure RFC7706 from unbound.conf,
eg. with auth-zone: name: "." for-downstream: no for-upstream: yes
fallback-enabled: yes and masters or a zonefile with data.
- Aggressive use of NSEC implementation. Use cached NSEC records to
generate NXDOMAIN, NODATA and positive wildcard answers.
- Accept tls-upstream in unbound.conf, the ssl-upstream keyword is
also recognized and means the same. Also for tls-port,
tls-service-key, tls-service-pem, stub-tls-upstream and
forward-tls-upstream.
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
from Manu Bretelle.
This option allows handling multiple cert/key pairs while only
distributing some of them.
In order to reliably match a client magic with a given key without
strong assumption as to how those were generated, we need both key and
cert. Likewise, in order to know which ES version should be used.
On the other hand, when rotating a cert, it can be desirable to only
serve the new cert but still be able to handle clients that are still
using the old certs's public key.
The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not
publish the cert as part of the DNS's provider_name's TXT answer.
- Update B root ipv4 address.
- make ip-transparent option work on OpenBSD.
- Fix #2801: Install libunbound.pc.
- ltrace.conf file for libunbound in contrib.
- Fix #3598: Fix swig build issue on rhel6 based system.
configure --disable-swig-version-check stops the swig version check.
Bug Fixes
- Fix #1749: With harden-referral-path: performance drops, due to
circular dependency in NS and DS lookups.
- [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert
duplicates
- Better documentation for cache-max-negative-ttl.
- Fixed libunbound manual typo.
- Fix #1949: [dnscrypt] make provider name mismatch more obvious.
- Fix #2031: Double included headers
- Document that errno is left informative on libunbound config read
fail.
- iana port update.
- Fix #1913: ub_ctx_config is under circumstances thread-safe.
- Fix #2362: TLS1.3/openssl-1.1.1 not working.
- Fix #2034 - Autoconf and -flto.
- Fix #2141 - for libsodium detect lack of entropy in chroot, print
a message and exit.
- Fix #2492: Documentation libunbound.
- Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is
set for stub zone. It no longer searches for DNSSEC information.
- Fix #3299 - forward CNAME daisy chain is not working
- Fix link failure on OmniOS.
- Check whether --with-libunbound-only is set when using --with-nettle
or --with-nss.
- Fix qname-minimisation documentation (A QTYPE, not NS)
- Fix that DS queries with referral replies are answered straight
away, without a repeat query picking the DS from cache.
The correct reply should have been an answer, the reply is fixed
by the scrubber to have the answer in the answer section.
- Fix that expiration date checks don't fail with clang -O2.
- Fix queries being leaked above stub when refetching glue.
- Copy query and correctly set flags on REFUSED answers when cache
snooping is not allowed.
- make depend: code dependencies updated in Makefile.
- Fix #3397: Fix that cachedb could return a partial CNAME chain.
- Fix #3397: Fix that when the cache contains an unsigned DNAME in
the middle of a cname chain, a result without the DNAME could
be returned.
- Fix that unbound-checkconf -f flag works with auto-trust-anchor-file
for startup scripts to get the full pathname(s) of anchor file(s).
- Print fatal errors about remote control setup before log init,
so that it is printed to console.
- Use NSEC with longest ce to prove wildcard absence.
- Only use *.ce to prove wildcard absence, no longer names.
- Fix unfreed locks in log and arc4random at exit of unbound.
- Fix lock race condition in dns cache dname synthesis.
- Fix #3451: dnstap not building when you have a separate build dir.
And removed protoc warning, set dnstap.proto syntax to proto2.
- Added tests with wildcard expanded NSEC records (CVE-2017-15105 test)
- Unit test for auth zone https url download.
- tls-cert-bundle option in unbound.conf enables TLS authentication.
- Fixes for clang static analyzer, the missing ; in
edns-subnet/addrtree.c after the assert made clang analyzer
produce a failure to analyze it.
- Fix #3505: Documentation for default local zones references
wrong RFC.
- Fix #3494: local-zone noview can be used to break out of the view
to the global local zone contents, for queries for that zone.
- Fix for more maintainable code in localzone.
- more robust cachedump rrset routine.
- Save wildcard RRset from answer with original owner for use in
aggressive NSEC.
- Fixup contrib/fastrpz.patch so that it applies.
- Fix compile without threads, and remove unused variable.
- Fix compile with staticexe and python module.
- Fix nettle compile.
- Fix to check define of DSA for when openssl is without deprecated.
- iana port update.
- Fix #3582: Squelch address already in use log when reuseaddr option
causes same port to be used twice for tcp connections.
- Reverted fix for #3512, this may not be the best way forward;
although it could be changed at a later time, to stay similar to
other implementations.
- Fix for windows compile.
- Fixed contrib/fastrpz.patch, even though this already applied
cleanly for me, now also for others.
- patch to log creates keytag queries, from A. Schulze.
- patch suggested by Debian lintian: allow to -> allow one to, from
A. Schulze.
- Attempt to remove warning about trailing whitespace.
- Added documentation for aggressive-nsec: yes.

==== usb_modeswitch ====
Version update (2.5.1 -> 2.5.2)
Subpackages: usb_modeswitch-data

- Update to version 2.5.2
* Bugfix release: fixed additional MessageContent parameters not
working, reported by Frank Schmirler (see
http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18369).
* Fixed "early crash" when killed before libusb context
initialization (see
https://bugzilla.redhat.com/show_bug.cgi?id=1358472), reported
by Lubomir Rinteln.
* Fixed bad string reference, reported by Lubomir Rintel, (see
http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18238).
* Fixed detection of systemd if /sbin/init is a cascaded symlink
(see
http://draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=18218).
* Fixed quirk in help message from usb_modeswitch binary.

==== util-linux ====
Subpackages: libblkid-devel libblkid1 libblkid1-32bit libfdisk1 libmount1
libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit
util-linux-lang

- Integrate pam_keyinit pam module (boo#1081947, su-l.pamd,
runuser-l.pamd, runuser.pamd).
- su.default: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7);
add one-time wrapper forcing ALWAYS_SET_PATH on upgrade.

==== util-linux-systemd ====

- Integrate pam_keyinit pam module (boo#1081947, su-l.pamd,
runuser-l.pamd, runuser.pamd).
- su.default: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7);
add one-time wrapper forcing ALWAYS_SET_PATH on upgrade.

==== wxWidgets-3_0 ====
Version update (3.0.3 -> 3.0.4)

- Bump soversion.diff for 3.0.4
- update to 3.0.4
* Don't crash on trailing '%' in wxDateTime::Format().
* Fix various problems when parsing invalid ZIP files.
* Fix generic wxTimePickerCtrl to accept max values from
keyboard.
* Multiple surrogate-related fixes in UTF-16 support.
* Fix reading wide character data in wxFile::ReadAll().
* Make parsing WAV data more robust.
* Fix copy ctor in numeric validators classes.
* Fix memory leak when wxDataViewCtrl is deleted.
* Avoid some GTK+ run-time errors when using
wx{File,Dir}PickerCtrl.
- rebase patch soversion.diff

==== xlockmore ====

- remove dependency on gpg-offline, part of source services now

==== xorg-x11-server ====
Subpackages: xorg-x11-server-sdk xorg-x11-server-wayland

- U_glx-Do-not-call-into-Composite-if-it-is-disabled.patch
* Fixes crash when GLX is enabled and Composite disabled.
(bnc#1079607)
- n_add-dummy-xf86DisableRandR.patch
* Add dummy xf86DisableRandR to fix linking with drivers that
still call it. See explanation inside the patch. (bnc#1089601)
- U_xfree86-Remove-broken-RANDR-disabling-logic-v4.patch
* Fix crash on initialization when fbdev and modesetting are used
together. (bnc#1068961)
- u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
* Fix crash when using randr when fbdev and modesetting are used
together. (bnc#1068961)

==== yast2-ftp-server ====
Version update (4.0.4 -> 4.0.5)

- bsc#1090387
- Do not cache widgets description until the ftp dialog is really
run to avoid showing an out of date firewall description (the
vsftpd package provides the firewalld service definition)
- 4.0.5


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >