Mailinglist Archive: opensuse-factory (536 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20180525 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180525

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
Mesa (18.0.4 -> 18.1.0)
Mesa-drivers (18.0.4 -> 18.1.0)
babl (0.1.46 -> 0.1.50)
biosdevname
filesystem
gdbm (1.13 -> 1.14.1)
gegl (0.4.0 -> 0.4.2)
git
hyper-v
kernel-firmware (20180507 -> 20180518)
ldb (1.3.2 -> 1.3.3)
libaio
liborcus
libsmbios
libstorage-ng (3.3.292 -> 3.3.294)
libvirt
mozjs52
oath-toolkit
openldap2
openssh (7.6p1 -> 7.7p1)
parted
perl (5.26.1 -> 5.26.2)
perl-DateTime (1.48 -> 1.49)
perl-Error (0.17025 -> 0.17026)
postfix (3.3.0 -> 3.3.1)
python (2.7.14 -> 2.7.15)
python-base (2.7.14 -> 2.7.15)
python-typing
samba (4.8.1+git.28.de67ff4c74d -> 4.8.2+git.30.690aa93c189)
systemd-rpm-macros
timezone
timezone-java
tslib (1.15 -> 1.16)
util-linux
util-linux-systemd
vim (8.0.1568 -> 8.1.0020)
wireshark (2.6.0 -> 2.6.1)
xdg-utils (20170508 -> 20180510)
xen (4.10.0_20 -> 4.10.1_02)
xf86-video-fbdev
xf86-video-intel
xf86-video-sis
zstd

=== Details ===

==== Mesa ====
Version update (18.0.4 -> 18.1.0)
Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
libwayland-egl1

- Add patch U_dri3-Stricter-SBC-wraparound-handling.patch
This fixes an error with timestamps, avoiding near infinite client
hangs with the new X server 1.20 release and some clients, the most
prominent being plasmashell & steam
Bugentry: FDO#106351
- Fix python3-Mako dependency on <= Leap 42.3.
- Temporarily replace mesa-18.1.0.tar.xz.sig with
mesa-18.1.0.tar.xz.sha1sum. The sig file uses EDDSA which is not
supported by gpg in OBS at the moment.

==== Mesa-drivers ====
Version update (18.0.4 -> 18.1.0)
Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau
libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon
libxatracker2

- Add patch U_dri3-Stricter-SBC-wraparound-handling.patch
This fixes an error with timestamps, avoiding near infinite client
hangs with the new X server 1.20 release and some clients, the most
prominent being plasmashell & steam
Bugentry: FDO#106351
- Fix python3-Mako dependency on <= Leap 42.3.
- Temporarily replace mesa-18.1.0.tar.xz.sig with
mesa-18.1.0.tar.xz.sha1sum. The sig file uses EDDSA which is not
supported by gpg in OBS at the moment.

==== babl ====
Version update (0.1.46 -> 0.1.50)

- Improvements to speed and precision of indexed code,
improvements to mesonbuild.
- Update to version 0.1.48:
+ Fix u8 <-> double conversions for chroma, SSE2 version of RGBA
float to CIE L / Lab.
+ Build with -Ofast by default.

==== biosdevname ====

- Prevent infinite recursion in dmidecode.c::smbios_setslot by
checking that subordinate bus has a number greater than the
current bus.
[bsc#1093625, dmidecode-prevent-infinite-recursion.patch]

==== filesystem ====

- pretrans lua script: try to move away /var/run and /var/lock
unless they are already symlinks (bsc#1084119)

==== gdbm ====
Version update (1.13 -> 1.14.1)
Subpackages: gdbm-devel gdbm-lang libgdbm_compat4

- Version update to 1.14.1:
* Manpage formating issues
* Make gdbm_error thread-safe
* Improve database reproducibility
* Fix build with --enable-gdbm-export
- Rebase patch gdbm-no-build-date.patch

==== gegl ====
Version update (0.4.0 -> 0.4.2)
Subpackages: gegl-0_4 gegl-0_4-lang libgegl-0_4-0

- Update to version 0.4.2:
+ Build: Abort early if autoreconf fails, remove unused bits,
default to -Ofast as CFLAGS.
+ GeglBuffer:
- Improve concurrency for trimming and destruction of tile
caches. Improve cache invalidation during partial mipmap
regeneration.
- Do new cheap clones of buffers with new internal gegl-buffer
backed tile-backend.
- Do not keep cached sampler in buffer it makes cache
invalidation hard, and for performance/threading it is better
to create ones own samplers anyways. The old API still
exists, though parts of it is now deprecated. The single
special case where gegl_buffer_sample remains somewhat
performant is with the NEAREST sampler, for all other
samplers creating a caching sampler is better.
+ Operations:
- operation: add GeglOperationAreaFilter::get_abyss_policy()
vfunc Copyright notice improvements to spherize,
color-overlay. ff-save: implement defines handling
compilation with ffmpeg 2.3-2.7, 4.0 compat.
- Improved multi-threaded performance of panorama-projection
and other transformation operations through optimizations in
buffer and base-classes.
- Drop gegl-port-ffmpeg4.patch: Fixed upstream.

==== git ====
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk

- Fix docless build to not fail on find/chmod not having any files
- Require just python3-base not full python for build

==== hyper-v ====

- Update lsvmbus interpreter from env(1) to python3(1) (bsc#1093910)

==== kernel-firmware ====
Version update (20180507 -> 20180518)
Subpackages: ucode-amd

- Update to version 20180518:
* linux-firmware: Update firmware file for Intel Bluetooth,8265
* linux-firmware: Update firmware patch for Intel Bluetooth 7260 (B5/B6)
* linux-firmware: Update firmware patch for Intel Bluetooth 7260 (B3/B4)
* linux-firmware: Update firmware file for Intel Bluetooth,9260
* linux-firmware:Update firmware patch for Intel Bluetooth 7265 (D1)
* linux-firmware: Update firmware file for Intel Bluetooth,9560
* linux-firmware: Update AMD cpu microcode
* amdgpu: sync up polaris12 firmware with 18.10 release
* amdgpu: sync up polaris11 firmware with 18.10 release
* amdgpu: sync up polaris10 firmware with 18.10 release
* amdgpu: sync up vega10 firmware with 18.10 release
* amdgpu: sync up carrizo firmware with 18.10 release
* amdgpu: sync up topaz firmware with 18.10 release
* amdgpu: sync up stoney firmware with 18.10 release
* amdgpu: sync up tonga firmware with 18.10 release
* amdgpu: sync up fiji firmware with 18.10 release
* amdgpu: sync up raven firmware with 18.10 release
* nfp: Add symlink for Agilio CX 1x40GbE flower firmware
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.9.A.16
* linux-firmware: liquidio: update firmware to v1.7.2

==== ldb ====
Version update (1.3.2 -> 1.3.3)
Subpackages: libldb1 libldb1-32bit

- Update to 1.3.3
+ Fix failure to upgrade to the GUID index DB format; (bso#13306).

==== libaio ====
Subpackages: libaio-devel libaio1

- Use %license instead of %doc [bsc#1082318]

==== liborcus ====

- boost_1_67.patch: fix building with Boost 1.67 (bsc#1089811)

==== libsmbios ====

- Make the lang_package installable by providing the symbol
required on the libname subpackage
- Add obsoletes for libsmbios2 to ease upgrading
- Adhere to the packaging guidelines
* As we build only against tumbleweed do not fuzz around with
supporting Fedora and Centos
* Use explicit filelists as it is way more readable
* Do not play around with %release as it behaves differently
compared to RH
- Use package names as mandated by python packaging guidelines
- Use full url to fetch tarball from github...
- Do not mess with permission in %prep phase, the perms on
directories and files look correct both in tarball and github
- Make build run parallel make and just configure/make without any
hassle
- Do not mess with locale generating, it is properly created by make
already
- Do not install buildlog on user systems, we have OBS for that
- Install manpage with each binary, do not just put all mans in
python3 subpackage
- Actually run tests rather than playing around with valgrind
- Make sure to do -fPIE build

==== libstorage-ng ====
Version update (3.3.292 -> 3.3.294)
Subpackages: libstorage-ng-ruby libstorage-ng1

- Translated using Weblate (Russian)
- 3.3.294
- Translated using Weblate (Slovak)
- 3.3.293

==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network
libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface
libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc
libvirt-daemon-driver-network libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-uml
libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu
libvirt-daemon-xen libvirt-libs

- cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature bits
CVE-2018-3639
1dbca2ec-CVE-2018-3639.patch, 92673422-CVE-2018-3639.patch
bsc#1092885

==== mozjs52 ====

- Fix armv6 build by fixing armv6 detection:
* fix_armv6_build.patch

==== oath-toolkit ====

- Fix build for openSUSE Leap 42.2 and 42.3

==== openldap2 ====
Subpackages: libldap-2_4-2 libldap-2_4-2-32bit libldap-data openldap2-client
openldap2-devel

- Don't require systemd explicit, spec file can handle both cases
correct and in containers we don't have systemd.

==== openssh ====
Version update (7.6p1 -> 7.7p1)
Subpackages: openssh-helpers

- Upgrade to 7.7p1 (bsc#1094068)
Most important changes (more details below):
* Drop compatibility support for pre-2001 SSH implementations
* sshd(1) does not load DSA keys by default
Distilled upstream log:
- --- Potentially-incompatible changes
* ssh(1)/sshd(8): Drop compatibility support for some very old
SSH implementations, including ssh.com <=2.* and OpenSSH <=
3.*. These versions were all released in or before 2001 and
predate the final SSH RFCs. The support in question isn't
necessary for RFC-compliant SSH implementations.
- --- New Features
* experimental support for PQC XMSS keys (Extended Hash-Based
Signatures), not compiled in by default.
* sshd(8): Add a "rdomain" criteria for the sshd_config Match
keyword to allow conditional configuration that depends on
which routing domain a connection was received on (currently
supported on OpenBSD and Linux).
* sshd_config(5): Add an optional rdomain qualifier to the
ListenAddress directive to allow listening on different
routing domains. This is supported only on OpenBSD and Linux
at present.
* sshd_config(5): Add RDomain directive to allow the
authenticated session to be placed in an explicit routing
domain. This is only supported on OpenBSD at present.
* sshd(8): Add "expiry-time" option for authorized_keys files
to allow for expiring keys.
* ssh(1): Add a BindInterface option to allow binding the
outgoing connection to an interface's address (basically a
more usable BindAddress)
* ssh(1): Expose device allocated for tun/tap forwarding via a
new %T expansion for LocalCommand. This allows LocalCommand
to be %used to prepare the interface.
* sshd(8): Expose the device allocated for tun/tap forwarding
via a new SSH_TUNNEL environment variable. This allows
automatic setup of the interface and surrounding network
configuration automatically on the server.
* ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp,
e.g. ssh://user@host or sftp://user@host/path. Additional
connection parameters that use deporecated MD5 are not
implemented.
* ssh-keygen(1): Allow certificate validity intervals that
specify only a start or stop time (instead of both or
neither).
* sftp(1): Allow "cd" and "lcd" commands with no explicit path
argument. lcd will change to the local user's home directory
as usual. cd will change to the starting directory for
session (because the protocol offers no way to obtain the
remote user's home directory). bz#2760
* sshd(8): When doing a config test with sshd -T, only require
the attributes that are actually used in Match criteria
rather than (an incomplete list of) all criteria.
- --- Bugfixes
* ssh(1)/sshd(8): More strictly check signature types during
key exchange against what was negotiated. Prevents downgrade
of RSA signatures made with SHA-256/512 to SHA-1.
* sshd(8): Fix support for client that advertise a protocol
version of "1.99" (indicating that they are prepared to
accept both SSHv1 and SSHv2). This was broken in OpenSSH 7.6
during the removal of SSHv1 support. bz#2810
* ssh(1): Warn when the agent returns a ssh-rsa (SHA1)
signature when a rsa-sha2-256/512 signature was requested.
This condition is possible when an old or non-OpenSSH agent
is in use. bz#2799
* ssh-agent(1): Fix regression introduced in 7.6 that caused
ssh-agent to fatally exit if presented an invalid signature
request message.
* sshd_config(5): Accept yes/no flag options
case-insensitively, as has been the case in ssh_config(5) for
a long time. bz#2664
* ssh(1): Improve error reporting for failures during
connection. Under some circumstances misleading errors were
being shown. bz#2814
* ssh-keyscan(1): Add -D option to allow printing of results
directly in SSHFP format. bz#2821
* regress tests: fix PuTTY interop test broken in last
release's SSHv1 removal. bz#2823
* ssh(1): Compatibility fix for some servers that erroneously
drop the connection when the IUTF8 (RFC8160) option is sent.
* scp(1): Disable RemoteCommand and RequestTTY in the ssh
session started by scp (sftp was already doing this.)
* ssh-keygen(1): Refuse to create a certificate with an
unusable number of principals.
* ssh-keygen(1): Fatally exit if ssh-keygen is unable to write
all the public key during key generation. Previously it would
silently ignore errors writing the comment and terminating
newline.
* ssh(1): Do not modify hostname arguments that are addresses
by automatically forcing them to lower-case. Instead
canonicalise them to resolve ambiguities (e.g. ::0001 => ::1)
before they are matched against known_hosts. bz#2763
* ssh(1): Don't accept junk after "yes" or "no" responses to
hostkey prompts. bz#2803
* sftp(1): Have sftp print a warning about shell cleanliness
when decoding the first packet fails, which is usually caused
by shells polluting stdout of non-interactive startups.
bz#2800
* ssh(1)/sshd(8): Switch timers in packet code from using
wall-clock time to monotonic time, allowing the packet layer
to better function over a clock step and avoiding possible
integer overflows during steps.
* Numerous manual page fixes and improvements.

==== parted ====
Subpackages: libparted0 parted-lang

- Use %license instead of %doc [bsc#1082318]

==== perl ====
Version update (5.26.1 -> 5.26.2)
Subpackages: perl-base perl-doc

- make perl-5.26.2 compatible with perl-5.26.1
- Update versions based on provides in perl rpm
- Version update to perl-5.26.2:
* Tons of bugfixes
- Remove the as-needed disabling as no other distro is doing that
- Use macros where possible
- Remove if0 and commented out code to reduce the scope
- Run tests in threads

==== perl-DateTime ====
Version update (1.48 -> 1.49)

- updated to 1.49
see /usr/share/doc/packages/perl-DateTime/Changes
1.49 2018-05-20
- Updated the ppport.h with the latest version of Devel::PPPort. This fixes a
compilation warning when compiling with 5.27.11. Reported by Jim
Keenan. Fixed GH #81.

==== perl-Error ====
Version update (0.17025 -> 0.17026)

- updated to 0.17026
see /usr/share/doc/packages/perl-Error/Changes

==== postfix ====
Version update (3.3.0 -> 3.3.1)
Subpackages: postfix-doc

- bsc#1087471 Unreleased Postfix update breaks SUSE Manager
o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty
- Update to 3.3.1
* Postfix did not support running as a PID=1 process, which
complicated Postfix deployment in containers. The "postfix
start-fg" command will now run the Postfix master daemon as a
PID=1 process if possible. Thanks for inputs from Andreas
Schulze, Eray Aslan, and Viktor Dukhovni.
* Segfault in the postconf(1) command after it could not open a
Postfix database configuration file due to a file permission
error (dereferencing a null pointer). Reported by Andreas
Hasenack, fixed by Viktor Dukhovni.
* The luser_relay feature became a black hole, when the luser_relay
parameter was set to a non-existent local address (i.e. mail
disappeared silently). Reported by J?rgen Thomsen.
* Missing error propagation in the tlsproxy(8) daemon could result
in a segfault after TLS handshake error (dereferencing a
0xffff...ffff pointer). This daemon handles the TLS protocol
when a non-whitelisted client sends a STARTTLS command to
postscreen(8).

==== python ====
Version update (2.7.14 -> 2.7.15)
Subpackages: python-curses

- update to 2.7.15
* dozens of bugfixes, see NEWS for details
- removed obsolete patches:
* python-ncurses-6.0-accessors.patch
* python-fix-shebang.patch
* gcc8-miscompilation-fix.patch
- add patch from upstream:
* do-not-use-non-ascii-in-test_ssl.patch

==== python-base ====
Version update (2.7.14 -> 2.7.15)
Subpackages: libpython2_7-1_0 libpython2_7-1_0-32bit python-xml

- update to 2.7.15
* dozens of bugfixes, see NEWS for details
- removed obsolete patches:
* python-ncurses-6.0-accessors.patch
* python-fix-shebang.patch
* gcc8-miscompilation-fix.patch
- add patch from upstream:
* do-not-use-non-ascii-in-test_ssl.patch

==== python-typing ====

- Actually skip the py3 as it caused bit of fuzz but reduce the
code still
- Do not bother reducing the stuff to not build on 3.6, it is
just providing noop package which does not hurt anything and
saves 10 magic lines in spec

==== samba ====
Version update (4.8.1+git.28.de67ff4c74d -> 4.8.2+git.30.690aa93c189)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0
libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0
libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit
libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit
libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0
libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit
libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient0
libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0
libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client
samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind
samba-winbind-32bit

- Update to 4.8.2
+ After update to 4.8.0 DC failed with "Failed to find our own
NTDS Settings objectGUID" (bso#13335).
+ fix incorrect reporting of stream dos attributes on a
directory (bso#13380).
+ vfs_ceph: add asynchronous fsync; fake synchronous call (bso#13412).
+ vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425)
+ vfs_ceph: Fix memory leak; (bso#13424).
+ libsmbclient: Fix hard-coded connection error return of
ETIMEDOUT; (bso#13419).
+ s4-lsa: Fix use-after-free in LSA server; (bso#13420).
+ winbindd: Do re-connect if the RPC call fails in the passdb
case; (bso#13430).
+ cleanupd: Sends MSG_SMB_UNLOCK twice to interested peers; (bso#13416).
+ cleanupd: Use MSG_SMB_BRL_VALIDATE to signal cleanupd
unclean process shutdown; (bso#13414).
+ ctdb-client: Remove ununsed functions from old client code;
(bso#13411).
+ printing: Return the same error code as windows does on upload
failures; (bso#13395).
+ nsswitch: Fix memory leak in winbind_open_pipe_sock() when the
privileged pipe is not accessable; (bso#13400).
+ s4:lsa_lookup: remove TALLOC_FREE(state) after all
dcesrv_lsa_Lookup{Names,Sids}_base_map() calls; (bso#13420).
+ rpc_server: Fix NetSessEnum with stale sessions; (bso#13407).
+ s3:smbspool: Fix cmdline argument handling; (bso#13417).

==== systemd-rpm-macros ====

- remove confusing --user before --global
Backport from

https://github.com/systemd/systemd/commit/28d36da64a7a23a55e8d0a139f2620384fd058b3.
This was spotted in bsc#1090785.

==== timezone ====

- in SLE 15 / Leap 15.0 yast2-country stopped setting TIMEZONE in
/etc/sysconfig/clock and called systemd timedatectl instead.
No longer set /etc/localtime on timezone package updates to
avoid setting an incorrect timezone. bsc#1093392

==== timezone-java ====

- in SLE 15 / Leap 15.0 yast2-country stopped setting TIMEZONE in
/etc/sysconfig/clock and called systemd timedatectl instead.
No longer set /etc/localtime on timezone package updates to
avoid setting an incorrect timezone. bsc#1093392

==== tslib ====
Version update (1.15 -> 1.16)

- Update to version 1.16:
* This release includes libts version 0.9.1 and the following changes:
- module_raw tatung is now disabled in the default build config. Users must
./configure --enable-tatung if they rely on it.
- new module_raw one-wire-ts-input for FriedlyARM devices (disabled by
default)
- simple tslib_version() function to get the version string
* This release includes the following bugfixes:
- efcba6e ts_uinput: (fix for Android) write only one input_event at a time
- e63f33f invert: fix ts_read() iteration over multiple samples
- 932bb4f ts_uinput: fail for unsupported old kernel versions

==== util-linux ====
Subpackages: libblkid-devel libblkid1 libblkid1-32bit libfdisk1 libmount1
libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit
util-linux-lang

- Do not run rfkill-block@.service and rfkill-unblock@service as it
is just template without parameter bsc#1092820 bsc#1093176

==== util-linux-systemd ====

- Do not run rfkill-block@.service and rfkill-unblock@service as it
is just template without parameter bsc#1092820 bsc#1093176

==== vim ====
Version update (8.0.1568 -> 8.1.0020)
Subpackages: gvim vim-data vim-data-common

- update to 8.1 revision 0020
- refresh disable-unreliable-tests.patch vim-8.0-ttytype-test.patch
- refresh vim73-no-static-libpython.patch
- added:
* term command - built in terminal window
- fixes:
* Using "gn" may select wrong text when wrapping.
* Shell command completion has duplicates
* Possible crash in term_wait()
* qf_init_ext() is too long.
* Using freed memory when changing terminal cursor color
* maparg() and mapcheck() confuse empty and non-existing.
* syn_id2cterm_bg() may be undefined.
* :stopinsert changes the message position.
* The netrw plugin does not work.

==== wireshark ====
Version update (2.6.0 -> 2.6.1)
Subpackages: libwireshark11 libwiretap8 libwscodecs0 libwsutil9 wireshark-ui-qt

- Fix build with Qt 5.11 (boo#1093733)
add wireshark-2.6.1-fix-Qt-5.11.patch
- update to 2.6.1:
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes or cause dissectors to go into large
infinite loops by making Wireshark read specially crafted
packages from the network or capture files (bsc#1094301):
* CVE-2018-11354: IEEE 1905.1a dissector crash
* CVE-2018-11355: RTCP dissector crash
* CVE-2018-11356: DNS dissector crash
* CVE-2018-11357: Multiple dissectors could consume excessive memory
* CVE-2018-11358: Q.931 dissector crash
* CVE-2018-11359: The RRC dissector and other dissectors could crash
* CVE-2018-11360: GSM A DTAP dissector crash
* CVE-2018-11361: IEEE 802.11 dissector crash
* CVE-2018-11362: LDSS dissector crash
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html

==== xdg-utils ====
Version update (20170508 -> 20180510)

- Update to version 20180510 (1.1.3):
* bump version, prep for 1.1.3 release
* xdg-open: use pcmanfm only if it is available (BR106161)
* Add Deepin Desktop Environment support.
* Avoid argument injection vulnerability in open_envvar() (CVE-2017-18266,
boo#1093086)
* xdg-settings: check_browser is broken under kde when just the binary
is specified (BR106343)
* xdg-open: Fixes LXQt behavior
* xdg-mime awk script syntax error (BR104298)
* Spelling fixes (BR103255)
* xdg-mime.1: Add missing period
* Fix tests for 1f8e58d51e6fb3f50f59ed2d8265f2f346ac68e6
- Drop fix-kde-browser-check.patch which is already included upstream

==== xen ====
Version update (4.10.0_20 -> 4.10.1_02)
Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU

- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 ? Speculative Store
Bypass aka "Memory Disambiguation"
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
Spectre-v4-1.patch
Spectre-v4-2.patch
Spectre-v4-3.patch
- always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen.bug1079730.patch
- Upstream patches from Jan (bsc#1027519)
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces
xsa260-1.patch)
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
(Replaces xsa260-2.patch)
5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces
xsa260-4.patch)
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces
xsa262.patch)
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
5af97999-viridian-cpuid-leaf-40000003.patch
- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a9985bd-x86-invpcid-support.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch

==== xf86-video-fbdev ====

- Fix build with Xorg server 1.20 by updating to current Git.

U_01-Default-to-32bpp-if-the-console-is-8bpp-and-we-weren-t-told-otherwise.patch
U_02-Use-own-thunk-functions-instead-of-fbdevHW-Weak.patch
U_03-Pass-the-pci-device-if-any-through-to-fbdevhw-in-probe-and-preinit.patch
U_04-Initialize-pci_dev.patch
U_05-Fix-shadow-fb-allocation-size-v2.patch
U_11-Remove-dead-pix24bpp-variable.patch
U_12-Use-shadowUpdate32to24-at-24bpp.patch
U_13-Use-ifdef-instead-of-if-to-avoid-build-error.patch

==== xf86-video-intel ====

- n_fix-build-on-i686.patch
* Fix build on i686 with GCC8. (bnc#1092541)

==== xf86-video-sis ====

- Fix build with Xorg server 1.20 by updating to current Git.
U_06-Remove-reference-to-virtualFrom.patch
U_07-xf86-video-sis-remove-the-GlxSetVisualConfigs-stub-and-friends.patch

==== zstd ====

- Use %license instead of %doc [bsc#1082318]


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups