Mailinglist Archive: opensuse-factory (381 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20181012 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20181012

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
MozillaThunderbird (60.0 -> 60.2.1)
attr
audacity (2.2.2 -> 2.3.0)
bison (3.0.5 -> 3.1)
claws-mail
cracklib-dict-full
discover
dolphin
fipscheck (1.4.1 -> 1.5.0)
git (2.19.0 -> 2.19.1)
gnome-characters (3.29.91 -> 3.30.0)
gpg2
gpgme (1.11.1 -> 1.12.0)
gstreamer (1.14.3 -> 1.14.4)
gstreamer-editing-services (1.14.2 -> 1.14.4)
gstreamer-plugins-bad (1.14.3 -> 1.14.4)
gstreamer-plugins-base (1.14.3 -> 1.14.4)
gstreamer-plugins-good (1.14.3 -> 1.14.4)
gstreamer-plugins-libav (1.14.2 -> 1.14.4)
gstreamer-plugins-ugly (1.14.3 -> 1.14.4)
gstreamer-rtsp-server (1.14.2 -> 1.14.4)
gstreamer-validate (1.14.2 -> 1.14.4)
gthumb (3.6.1 -> 3.6.2)
hyper-v
irqbalance (1.2.0 -> 1.4.0)
java-11-openjdk
kernel-firmware (20180913 -> 20181001)
lcms2
libgit2 (0.27.4 -> 0.27.5)
libkgapi
libpinyin (2.2.0 -> 2.2.1)
libvirt (4.7.0 -> 4.8.0)
libzypp (17.7.0 -> 17.7.2)
lmdb
lynx (2.8.9~dev.16 -> 2.8.9rel.1)
neon
net-snmp
nghttp2 (1.33.0 -> 1.34.0)
obs-service-tar_scm (0.9.1.1534504824.0732756 -> 0.9.4.1537959361.56833cb)
paprefs (0.9.10+20180501.534d20a -> 1.0)
perl-Glib (1.327 -> 1.328)
postfix
ppp
protobuf-c (1.3.0 -> 1.3.1)
python-Pillow (5.2.0 -> 5.3.0)
python-dbus-python
python-gst (1.14.2 -> 1.14.4)
python-libvirt-python (4.7.0 -> 4.8.0)
readline
rpm
rsibreak (0.12.8 -> 0.12.9)
rubygem-mocha (1.5.0 -> 1.7.0)
smartmontools
snapper (0.5.6 -> 0.6.1)
sqlite3 (3.25.0 -> 3.25.2)
tomcat (9.0.5 -> 9.0.10)
unbound (1.8.0 -> 1.8.1)
vim (8.1.0436 -> 8.1.0451)
wicked (0.6.49 -> 0.6.50)
xterm (335 -> 337)
yast2-instserver (4.1.0 -> 4.1.1)
zypper (1.14.11 -> 1.14.12)

=== Details ===

==== MozillaThunderbird ====
Version update (60.0 -> 60.2.1)
Subpackages: MozillaThunderbird-translations-common

- update to Thunderbird 60.2.1:
* Calendar: Default values for the first day of the week and
working days are now derived from the selected datetime
formatting locale
* Calendar: Switch to a Photon-style icon set for all platforms
* Fix multiple requests for master password when Google Mail or
Calendar OAuth2 is enabled
* Fix scrollbar of the address entry auto-complete popup
* Fix security info dialog in compose window not showing
certificate status
* Fix links in the Add-on Manager's search results and theme
browsing tabs that opened in external browser
* Fix localization not showing the localized name for the
"Drafts" and "Sent" folders for certain IMAP providers
* Fix replying to a message with an empty subject which
inserted Re: twice
* Fix spellcheck marks disappeaing erroneously for words with
an apostrophe
* Calendar: First day of the week can now be set
* Calendar: Several fixes related to cutting/deleting of events
and email schedulin
* Fix date display issues (bsc#1109379)
* Fix start-up crash due to folder name with special characters
(bsc#1107772)
- Security fixes for the Mozilla platform picked up from 60.1 and
60.2 (Firefox ESR releases). In general, these flaws
cannot be exploited through email in Thunderbird because
scripting is disabled when reading mail, but are potentially
risks in browser or browser-like contexts (MFSA 2018-25):
* CVE-2018-12377 (bsc#1107343, bmo#1470260)
Use-after-free in refresh driver timers
* CVE-2018-12378 (bsc#1107343, bmo#1459383)
Use-after-free in IndexedDB
* CVE-2017-16541 (bsc#1066489, bmo#1412081)
Proxy bypass using automount and autofs
* CVE-2018-12376 (bmo#69309,bmo#69914,bmo#50989,bmo#80092,
bmo#80517,bmo#81093,bmo#78575,bmo#71953,bmo#73161,bmo#66991,
bmo#68738,bmo#83120,bmo#67363,bmo#72925,bmo#66577,bmo#67889,
bmo#80521,bsc#1107343)
Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
* CVE-2018-12385 (bsc#1109363, bmo#1490585)
Crash in TransportSecurityInfo due to cached data
* CVE-2018-12383 (bsc#1107343, bmo#1475775)
Setting a master password did not delete unencrypted
previously stored passwords

==== attr ====
Subpackages: libattr1 libattr1-32bit

- update description for libattr-devel-static to make it less
boilerplate
- Add libattr-devel-static subpackage

==== audacity ====
Version update (2.2.2 -> 2.3.0)
Subpackages: audacity-lang

- Add 0001-Fix-bug-1992.patch from git to fix issue 1992
- Update to release 2.3.0
- Rebased audacity-misc-errors.patch and
audacity-no_return_in_nonvoid.patch
- Added --disable-dynamic-loading build flag for ffmpeg-4 use.
- Upstream changes:
* New feature ? ?Punch and Roll Recording?
* Pinned-play-head can now be repositioned by dragging
* Play-at-speed now can be adjusted whilst playing.
* Toolbars controlling volume and speed can now be resized for
greater precision
* New commands: New ?Tools? menu & New ?Scriptables? commands
* Nyquist gains AUD-DO command
* Nyquist effects are now translatable and translated
* More dialogs have help buttons now
* Increased legibility of trackname display
* Half-wave option for collapsed tracks
* Sliding Stretch
* Dialog (option) for entering labels
* Inconsistent behavior when recording with a selection?bug #1839
* Ctrl + M does not open label for editing ? bug #1852
* Vertical Zoom in by clicking in the vertical Scale, or context
menu, in waveform views is inconsistent ? bug #1810
* Deletion of all tracks cannot be undone ? bug #1845
* Timer Record with a selection present can get a truncated
recording with data loss ? bug #1851
* Duplicate shortcuts can be created ? bug #1786
* Labels longer than 260 characters are now supported ? bug #1905
* Using Spectrogram Settings in TCP or using Preferences causes
Audacity to reset Project Rate to default rate in Quality
Preferences ? bug #1977
* Cut Preview should play all selected/sync-locked tracks,
respecting Mute/Solo during preview ? bug #231
- Ensure that Leap:42.3 gcc conditional doesn't interfere with
Tumbleweed gcc used for build.

==== bison ====
Version update (3.0.5 -> 3.1)
Subpackages: bison-lang

- Use profile guided optimization (PGO) when building
- bison 3.1:
* Compiling Bison now requires a C99 compiler
* Typed midrule actions
* Reports include the type of symbols
* Diagnostics about useless rules now implemented
* C++: Generated parsers can be compiled with -fno-exceptions (lairi.cc)
* GLR: Predicates support broken by #line directives
* Printer and destructor with broken #line directives
* Portability on ICC

==== claws-mail ====
Subpackages: claws-mail-lang

- Update bug3889-fix_rev0.patch to new upstream fix (claws#3889).
Fix-bug-3889-Address-and-quoted-message-inconsistent.patch

==== cracklib-dict-full ====

- Added additional dictionary libraries
* http://downloads.skullsecurity.org/passwords/john.txt.bz2
* http://downloads.skullsecurity.org/passwords/cain.txt.bz2
* http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt.bz2
* http://downloads.skullsecurity.org/passwords/twitter-banned.txt.bz2

==== discover ====
Subpackages: discover-lang

- Split available backends into subpackages
- Improve description by using the one from Debian and rewording it
slightly.

==== dolphin ====
Subpackages: dolphin-part dolphin-part-lang libdolphinvcs5

- Add Fix-that-dragging-a-file-can-trigger-inline-rename.patch to
prevent accidentally triggering inline rename by just dragging a
file (boo#1108797, kde#398375)

==== fipscheck ====
Version update (1.4.1 -> 1.5.0)
Subpackages: libfipscheck1

- Changed source back to http now that current release folder
has current tarball.
- Updated fipscheck to 1.5.0
* Changed source to local file since latest official release
is not in the official releases directory.
* Downgraded libopenssl-devel to libopenssl-1_0_0-devel because
1.0.2 supports FIPS.

==== git ====
Version update (2.19.0 -> 2.19.1)
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk

- git 2.19.1:
* CVE-2018-17456: Specially crafted .gitmodules files may have
allowed arbitrary code execution when the repository is cloned
with --recurse-submodules (bsc#1110949)

==== gnome-characters ====
Version update (3.29.91 -> 3.30.0)
Subpackages: gnome-characters-lang gnome-shell-search-provider-gnome-characters

- Update to version 3.30.0:
+ Re-enable GNOME Shell search provider by default.

==== gpg2 ====
Subpackages: gpg2-lang

- Make package build reproducible (boo#1047218)

==== gpgme ====
Version update (1.11.1 -> 1.12.0)
Subpackages: libgpgme11 libgpgmepp6 libqgpgme7

- Fix the build on ix86 as we disable one test there that should
not work, sadly just sed is employed as the infrastructure for
testing is not smart enough for comfy test filtering
- Update to 1.12.0:
* Enhanced the JSON based interface tool gpgme-json to support Native
Messaging as well as new Javascript code to support the browser
site. See lang/js/README for details.
* Major overhaul of the Python language bindings documentation
* Even for old versions of gpg a missing MDC will now lead to a
decryption failure
* Added context flag "auto-key-locate" to control the
behavior of GPGME_KEYLIST_MODE_LOCATE
* New data function to create a data object from an estream
* Add more interfaces to the C++ binding
* Improved error codes on decryption failure
* Lots of minor fixes
* Interface changes

==== gstreamer ====
Version update (1.14.3 -> 1.14.4)
Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0
typelib-1_0-Gst-1_0

- Update to version 1.14.4:
+ glviewconvert: wait and set the gl sync meta on buffers.
+ glviewconvert: copy composition meta from the primary buffer to
both outputs.
+ glcolorconvert: don't copy overlay composition meta over to
NULL outbufs.
+ matroskademux: add functionality needed for MSE use case fixing
youtube playback in epiphany/webkit-gtk.
+ tagdemux: Use upstream GST_EVENT_STREAM_START (and stream-id)
if present.
+ vorbisdec: fix header handling regression: init decoder
immediately once we have headers.
+ wasapisink: recover from low buffer levels in shared mode.
+ fix GstSegment unit test which would fail on some 32-bit x86
CPUs.

==== gstreamer-editing-services ====
Version update (1.14.2 -> 1.14.4)
Subpackages: libges-1_0-0 typelib-1_0-GES-1_0

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update to version 1.14.3:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-plugins-bad ====
Version update (1.14.3 -> 1.14.4)
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0
libgstbadaudio-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0
libgstcodecparsers-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0
libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0
libgstwebrtc-1_0-0

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-plugins-base ====
Version update (1.14.3 -> 1.14.4)
Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0
libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0
libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0
libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0
typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-plugins-good ====
Version update (1.14.3 -> 1.14.4)
Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk
gstreamer-plugins-good-jack gstreamer-plugins-good-lang
gstreamer-plugins-good-qtqml

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update Source url to new home.

==== gstreamer-plugins-libav ====
Version update (1.14.2 -> 1.14.4)

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update to version 1.14.3:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-plugins-ugly ====
Version update (1.14.3 -> 1.14.4)
Subpackages: gstreamer-plugins-ugly-lang

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-rtsp-server ====
Version update (1.14.2 -> 1.14.4)

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update to version 1.14.3:
+ Bugfix release, please see .changes in gstreamer main package.

==== gstreamer-validate ====
Version update (1.14.2 -> 1.14.4)
Subpackages: libgstvalidate-1_0-0 typelib-1_0-GstValidate-1_0

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update to version 1.14.3:
+ Bugfix release, please see .changes in gstreamer main package.

==== gthumb ====
Version update (3.6.1 -> 3.6.2)
Subpackages: gthumb-lang

- Update to version 3.6.2:
+ Updated links to wiki page.
+ Desktop background: fixed the way to obtain the monitor
geometry.
+ Recognize the asf mime type as a video format.
+ Image loader: fixed memory leak when the operation was
cancelled.
+ Avoid flickering when scaling the image takes some time.
+ Image navigator: fixed popup positioning.
+ Do not crash when loading broken jpeg images.
+ Preferences: fixed crash when setting the current location as
default.
+ Updated translations.

==== hyper-v ====

- fcopy: set 'error' in case an unknown operation was requested (c2d68afb)
- Update lsvmbus interpreter from python3(1) to python(1)
because SLE12 lacks python3 support (bsc#1093910)
- vss: fix loop device detection (07136793)
- Fix IP reporting by KVP daemon with SRIOV (4ba63412)
- Fix a bug in the key delete code (86503bd3)
- fix compiler warnings about major/target_fname (1330fc35)
- PRIVATE hyper-v.compare-with-upstream.sh

==== irqbalance ====
Version update (1.2.0 -> 1.4.0)

- Allow compilation with SLE-12 and before by:
* removing -std=C99 Latest compiler version does not complain
anymore, SLE12 SPx and before did.
* Fix a possible buffer overflow compiler warning
A fix_buffer_overflow_compiler.patch
- Removed aarch64-compile-fixes.patch because it is mainline now.
- Update to version 1.4.0:
* Fixed an erroneous calculation of min_load that restricted candidates to a
subset of objects
* Fixed powerpc hotplug detection
* Cleaned up syslog target dependency
* Added some self test infrastructure (via make check)
- Update to version 1.3.0
* New features in this release:
optimization of platform device irq detection
Added sample udev rules to trigger irq rescans on device add/remove
Made irqbalance ui an optional compile component
Added support for Intel CoD
Add -v | --version option to command line
* Bug fixes in this release:
Misc compiler warning fixes and spelling errors
Compilation error fix on aarch64
Compilation error fix when using clang in c99 mode
Unused variable cleanup
Lots of memory leak cleanup in irqbalance-ui
Prevent irqbalance from running in a container
Fix irq affinity assignment in some cases to wrong numa node
Fix oneshot mode
exclude legacy irq 255
* Deprecations:
without-glib2 is removed, we just need it enough that we can't dummy it up
anymore

==== java-11-openjdk ====
Subpackages: java-11-openjdk-headless

- Add patches to workaround aarch64 critical bugs:
* RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch
* RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch

==== kernel-firmware ====
Version update (20180913 -> 20181001)
Subpackages: ucode-amd

- Update to version 20181001:
* ti-connectivity: add firmware for CC2560(A) Bluetooth
* linux-firmware: mediatek: add firmware for mt7668u Bluetooth
* nvidia: add GV100 signed firmware
* firmware/icl/dmc: Add v1.07 of DMC for Icelake
* linux-firmware: add Marvell SD8997 firmware image
* qca: update BT firmware files for QCA ROME chip.

==== lcms2 ====
Subpackages: liblcms2-2 liblcms2-2-32bit

- Add check on CGATS memory allocation (bsc1108813, CVE-2018-16435,
lcms2-cgats-memory-allocation.patch).
- Update to 2.9
- Drop 0001-Added-an-extra-check-to-MLU-bounds.patch, it is now
in the upstream code
* Bugfix release
+ Several fixes related with security, and therefore not detailed here.
+ C++ compiles now without warnings
+ Added OSX and clang in travis
+ Added a travis-ci test matrix for many compilers and OS.
Thanks to Thomas Weber (debian) for this great improvement.
+ testbed can now work with dynamic versions of library
+ Fixed wrong planar formatters regarding linestride interpretation
- Added 0001-Added-an-extra-check-to-MLU-bounds.patch
* fixes https://bugzilla.suse.com/show_bug.cgi?id=1021364
- Update to 2.8
* Fixed many typos in comments, thanks to Stefan Weil for doing that.
* Fixed localization bug, added a new test case crayons.icc thnaks to Richard
Hughes for providing the profile.
* Fixed a bug in optimizer that made some formats (i.e, bits planar)
unavailable
* Fixed misalignment problems on Alpha. The compiler does not align strings,
and accessing begin of string as a uint16 makes code to fail.
* Added some extra checks to the tools and examples.
* Fix a bug that prevented to read luminance tag
* BIG amount of functionality contributed/Sponsored by Alien Skin Software:
TransformStride, copyAlpha, performance plug-ins. Fixes some warnings as well.
* added an extra _ to _stdcall to make it more portable
* Fixed a bug in transicc for named color profiles
* Fixed several compiler warnings
* Added support for Visual Studio 2015
* Fixed for XCODE project
- Update to GNOME 3.20 Fate#318572
- Update to version 2.7
* improved multi-threading
* added contexts and a new locking plug-in type
* bugfixes and other minor features
- Dropped lcms-endian.patch that was fixed upstream.
- Fixed missing dependency pthread
- update to version 2.6
* Fixed a double free in recovering from a previous error in default intent
handler.
* Fixed some indexing out of bounds in floating point interpolation
* Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks
* Added a way to retrieve matrix shaper always, no matter LUT is present
* Changed endianess detection for PowerPC
* Fixed memory leaks on error handling
* Big revamp on Contexts, from Artifex
* New locking plug-in, from Artifex
* Added directories for tiff, jpeg in configure script
* Fix for delete tag memory corruption
* Added pthread dependency. From now lcms supports multithreading
- Correct lcms-endian.patch to rely on autoconf only, no
extra arch specific preprocessor hackery.
- Update to version 2.5
* Maintenance update
+ Focused on incorrect path and error handling.
It also updates the black point compensation algorithm
to match the ICC including the new black point compensation algorithm
actually being standarized by TC130, ICC and ISO.
- Update to version 2.4
* Featured release
+ Performance and stability fixes
+ Black point detection from the algorithm disclosed by Adobe
+ Added support for transforms on planar data with different
stride
+ Added a new plug-in type for optimizing full transforms
+ Linear (gamma 1.0) profiles can now operate in unbounded mode
+ Added "half" float support
+ Please see the ChangeLog file for more details.
- update to version 2.3
* Full support for ICC 4.3
- Open all fds with O_CLOEXEC
- Use gcc visibility, symbol table shrinks around 50% ...
-update to 2.2
* maintenance update
+Version 2.2 adds stability.
- fixes all known bugs
- adds support for dictionary metatag. Pascal unit now compiles
under FPK Pascal as well as Delphi.
- fix devel package name in baselibs.conf
- update to version 2.1
* maintenance release (no further details in changelog)
- remove obsolete patches
- build documentation noarch and recompress tar
-more spec file cleanups and prepare for factory submit
-test building against it in my home repo
- initial lcms2 package, based on package from version 1
- use OBS source services to download tar ball

==== libgit2 ====
Version update (0.27.4 -> 0.27.5)

- libgit2 0.27.5:
* CVE-2018-17456: Submodule URLs and paths with a leading "-"
are now ignored to avoid injecting options into library
consumers that perform recursive clones (bsc#1110949)
* Avoid a buffer overflow when running repack
* Avoid stack overflow from unbounded recursion in configuration
file parser
* Avoid heap-buffer overflow when parsing "ok" packets
* Fix heap-buffer overflows in smart protocol parsing code
* Fix potential integer overflows on platforms with 16 bit ints
* Fix potential NULL pointer dereference when parsing
configuration files

==== libkgapi ====
Subpackages: libKPimGAPICalendar5 libKPimGAPIContacts5 libKPimGAPICore5
libKPimGAPITasks5 libkgapi-lang sasl2-kdexoauth2

- We actually need <= as the version did not get bumped

==== libpinyin ====
Version update (2.2.0 -> 2.2.1)
Subpackages: libpinyin-data libpinyin13 libzhuyin13

- Update version to 2.2.1
* Fix predicted candidates

==== libvirt ====
Version update (4.7.0 -> 4.8.0)
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface
libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc
libvirt-daemon-driver-network libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-storage-iscsi-direct
libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi
libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs

- Update to libvirt 4.8.0
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Dropped patches:
60b4fd90-libxl-rm-vm-finish-phase.patch,
e39c66d3-libxl-fix-p2p-migration.patch,
47da84e0-libxl-fix-job-handling-migsrc.patch,
0149464a-libxl-fix-job-handling-migdst.patch,
5ea2abb3-libxl-join-mig-rcv-thread.patch

==== libzypp ====
Version update (17.7.0 -> 17.7.2)

- Fix blocking wait for finished child process (bsc#1109877)
- version 17.7.2 (2)
- Fix conversion of string and glob to regex when compiling queries
(bsc#1099982, bsc#939392, bsc#556664)
- version 17.7.1 (2)

==== lmdb ====

- Fix occasional crash when freed pages landed on the dirty list twice
* Add 0001-ITS-8756-remove-loose-pg-from-dirty-list-in-freelist.patch

==== lynx ====
Version update (2.8.9~dev.16 -> 2.8.9rel.1)

- update to 2.8.9rel1.1:
* documentation/metrics updates
* fix an inconsistency in message for -listonly option
* update test-packages to use current ncurses test-packages
* improve portability for sockaddr structures used in HTTP and FTP, for IPv6
and SOCKS configurations
* fix several minor warnings reported by Coverity
* build-fix overlooked in 2.8.9dev.3 when INACTIVE_INPUT_STYLE_VH is defined,
for problem introduced by 2.8.8dev.17 code-cleanup
* trim unnecessary intllib symbols from src/chrtrans/makefile.in
* when cross-compiling, trim LDFLAGS from makefile rule linking makeuctb
- dropped patches:
lynx-helpfile.patch: latest documentation available online

==== neon ====

- replaced libopenssl-devel with libopenssl-1_1-devel

==== net-snmp ====
Subpackages: libsnmp30 perl-SNMP snmp-mibs

- Fix remote DoS in agent/helpers/table.c (bsc#1111122, CVE-2018-18065)
Add net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch

==== nghttp2 ====
Version update (1.33.0 -> 1.34.0)

- Update to version 1.34.0:
* lib: Implement RFC 8441 :protocol support
* nghttpx: Add read/write-timeout parameters to backend option
* nghttpx: Fix mruby parameter validation in backend option
* nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2
* nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues
* nghttpx: Update mruby 1.4.1
* nghttpx: Add mruby env.tls_handshake_finished
* nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
* nghttpx: Add RFC 8470 Early-Data header field support
* nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support

==== obs-service-tar_scm ====
Version update (0.9.1.1534504824.0732756 -> 0.9.4.1537959361.56833cb)
Subpackages: obs-service-obs_scm obs-service-obs_scm-common

- Update to version 0.9.4.1537959361.56833cb:
* enable flake8 in hound
* cleanup for pylint and flake8
* split pylint2 in GNUmakefile
* fix check for "--reproducible"
* create reproducible obscpio archives
* fix flake warning
- Update to version 0.9.3.1537869751.51a17c5:
* fix regression from 44b3bee
* Support also SSH urls for Git
- Update to version 0.9.2.1537788075.fefaa74:
* fix CVE-2018-12474
* check name/version option in obsinfo for slashes
* check url for remote url
* check symlinks in subdir parameter
* check filename for slashes
* disable follow_symlinks in extract feature
- switch to obs_scm for this package
- Update to version 0.9.1.1537341862.5348694:
* run download_files in appimage and snapcraft case
* check --extract file path for parent dir
* Fix parameter descriptions

==== paprefs ====
Version update (0.9.10+20180501.534d20a -> 1.0)
Subpackages: paprefs-lang

- Update to version 1.0:
+ Port to meson.
- Stop using source service, new stable release out.
- Add meson BuildRequires and corresponding macros following
upstreams port to meson.
- Drop intltool, libtool and lynx BuildRequires, no longer needed.
- Rebase paprefs-module-combine-sink.patch to upstream committed.

==== perl-Glib ====
Version update (1.327 -> 1.328)

- Fix autogenerated changes
- updated to 1.328
see /usr/share/doc/packages/perl-Glib/ChangeLog.pre-git

==== postfix ====
Subpackages: postfix-doc

- bsc#1092939 - Postfixes postconf gives a lot of LDAP related warnings
o add m4 as buildrequires, as proposed.

==== ppp ====

- ppp-2.4.7-DES-openssl.patch: Use openssl instead of libcrypt for DES

==== protobuf-c ====
Version update (1.3.0 -> 1.3.1)

- Update to new upstream release 1.3.1
* Restore protobuf-2.x compatibility
* Convert uses of protobuf's scoped_ptr.h to C++11 std::unique_ptr,
needed to compile against protobuf 3.6.1.
- Rename %soname to %sover to better reflect its use.

==== python-Pillow ====
Version update (5.2.0 -> 5.3.0)

- update to version 5.3.0:
* Changed Image size property to be read-only by default #3203
[radarhere]
* Add warnings if image file identification fails due to lack of
WebP support #3169 [radarhere, hugovk]
* Hide the Ghostscript progress dialog popup on Windows #3378
[hugovk]
* Adding support to reading tiled and YcbCr jpeg tiffs through
libtiff #3227 [kkopachev]
* Fixed None as TIFF compression argument #3310 [radarhere]
* Changed GIF seek to remove previous info items #3324 [radarhere]
* Improved PDF document info #3274 [radarhere]
* Add line width parameter to rectangle and ellipse-based shapes
[#3094] [hugovk, radarhere]
* Fixed decompression bomb check in _crop #3313 [dinkolubina,
hugovk]
* Added support to ImageDraw.floodfill for non-RGB colors #3377
[radarhere]
* Tests: Avoid catching unexpected exceptions in tests #2203
[jdufresne]
* Use TextIOWrapper.detach() instead of NoCloseStream #2214
[jdufresne]
* Added transparency to matrix conversion #3205 [radarhere]
* Added ImageOps pad method #3364 [radarhere]
* Give correct extrema for I;16 format images #3359 [bz2]
* Added PySide2 #3279 [radarhere]
* Corrected TIFF tags #3369 [radarhere]
* CI: Install CFFI and pycparser without any PYTHONOPTIMIZE #3374
[hugovk]
* Read/Save RGB webp as RGB (instead of RGBX) #3298 [kkopachev]
* ImageDraw: Add line joints #3250 [radarhere]
* Improved performance of ImageDraw floodfill method #3294 [yo1995]
* Fix builds with --parallel #3272 [hsoft]
* Add more raw Tiff modes (RGBaX, RGBaXX, RGBAX, RGBAXX) #3335
[homm]
* Close existing WebP fp before setting new fp #3341 [radarhere]
* Add orientation, compression and id_section as TGA save keyword
arguments #3327 [radarhere]
* Convert int values of RATIONAL TIFF tags to floats #3338
[radarhere, wiredfool]
* Fix code for PYTHONOPTIMIZE #3233 [hugovk]
* Changed ImageFilter.Kernel to subclass ImageFilter.BuiltinFilter,
instead of the other way around #3273 [radarhere]
* Remove unused draw.draw_line, draw.draw_point and font.getabc
methods #3232 [hugovk]
* Tests: Added ImageFilter tests #3295 [radarhere]
* Tests: Added ImageChops tests #3230 [hugovk, radarhere]
* AppVeyor: Download lib if not present in pillow-depends #3316
[radarhere]
* Travis CI: Add Python 3.7 and Xenial #3234 [hugovk]
* Docs: Added documentation for NumPy conversion #3301 [radarhere]
* Depends: Update libimagequant to 2.12.1 #3281 [radarhere]
* Add three-color support to ImageOps.colorize #3242 [tsennott]
* Tests: Add LA to TGA test modes #3222 [danpla]
* Skip outline if the draw operation fills with the same colour
[#2922] [radarhere]
* Flake8 fixes #3173, #3380 [radarhere]
* Avoid deprecated 'U' mode when opening files #2187 [jdufresne]

==== python-dbus-python ====
Subpackages: python2-dbus-python python3-dbus-python

- Add missing dependency for pkg-config files

==== python-gst ====
Version update (1.14.2 -> 1.14.4)

- Update to version 1.14.4:
+ Bugfix release, please see .changes in gstreamer main package.
- Update to version 1.14.3:
+ Bugfix release, please see .changes in gstreamer main package.

==== python-libvirt-python ====
Version update (4.7.0 -> 4.8.0)

- Update to 4.8.0
- Add all new APIs and constants in libvirt 4.8.0

==== readline ====
Subpackages: libreadline7 readline-devel readline-doc

- Rework patch readline-7.0-screen.patch

==== rpm ====
Subpackages: rpm-build rpm-devel

- Update dwz-compression.patch to latest git trunk
(62d901a22b7eb6c86c15290032a41e11427ddf87).

==== rsibreak ====
Version update (0.12.8 -> 0.12.9)
Subpackages: rsibreak-lang

- Update to 0.12.9:
* Fixed some notifications not triggering (kde#396270)
* Translation improvements
* Minor internal refactoring
- Mark license files with %license instead of %doc
- Run spec-cleaner

==== rubygem-mocha ====
Version update (1.5.0 -> 1.7.0)

- updated to version 1.7.0
no changelog found

==== smartmontools ====

- Fix smartd.service EnvironmentFile (boo#1095662).

==== snapper ====
Version update (0.5.6 -> 0.6.1)
Subpackages: libsnapper4 snapper-zypp-plugin

- right align used space in table output
- version 0.6.1
- show used space (exclusive space of btrfs qgroup) for each
snapshot (fate#323843)
- version 0.6.0

==== sqlite3 ====
Version update (3.25.0 -> 3.25.2)
Subpackages: libsqlite3-0 libsqlite3-0-32bit

- SQLite 3.25.2:
* Add the PRAGMA legacy_alter_table=ON command that causes the
"ALTER TABLE RENAME" command to behave as in 3.24.0 and earlier
* Fix issue with some expressions with windows functions in views
- includes changes from SQLite 3.25.1:
* Avoid false-positive error checks on ALTER TABLE
* Further ORDER BY LIMIT optimization fixes for window functions

==== tomcat ====
Version update (9.0.5 -> 9.0.10)
Subpackages: tomcat-admin-webapps tomcat-el-3_0-api tomcat-jsp-2_3-api
tomcat-lib tomcat-servlet-4_0-api tomcat-webapps

- Declare following files to config(noreplace) to prevent override
access rights:
- host-manager/META-INF/context.xml
- manager/META-INF/context.xml
- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's
configuration during update (bsc#1067720)
- Update to Tomcat 9.0.10. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt)
- Fixed CVEs:
- CVE-2018-1336 (bsc#1102400)
- CVE-2018-8014 (bsc#1093697)
- CVE-2018-8034 (bsc#1102379)
- CVE-2018-8037 (bsc#1102410)
- Rebased patch tomcat-9.0-JDTCompiler-java.patch
- Added patch tomcat-9.0-disable-osgi-build.patch to disable adding
OSGi metadata to JAR files

==== unbound ====
Version update (1.8.0 -> 1.8.1)
Subpackages: libunbound2 unbound-anchor

- update to 1.8.1:
Number of bug fixes, a list of features added and some defaults changed.
Features:
- Perform TLS SNI indication of the host that is being contacted
for DNS over TLS service. It sets the configured tls auth name.
This is useful for hosts that apart from the DNS over TLS services
also provide other (web) services.
Bug Fixes:
- More explicitly mention the type of ratelimit when applying
ip-ratelimit.
- Fix spelling error in header, from getdns commit by Andreas Gelmini.
- iana port update.
- Fixed unused return value warnings in contrib/fastrpz.patch for
asprintf.
- Fix to squelch respip warning in unit test, it is printed at
higher verbosity settings.
- Fix spelling errors.
- Fix initialisation in remote.c
- Fix seed for random backup code to use explicit zero when wiped.
- exit log routine is annotated as noreturn function.
- free memory leaks in config strlist and str2list insert functions.
- do not move unused argv variable after getopt.
- Remove unused if clause in testcode.
- in testcode, free async ids, initialise array, and check for null
pointer during test of the test. And use exit for return to note
irregular program stop.
- Free memory leak in config strlist append.
- make sure nsec3 comparison salt is initialized.
- unit test has clang analysis.
- remove unused variable assignment from iterator scrub routine.
- check for null in delegation point during iterator refetch
in forward zone.
- neater pointer cast in libunbound context quit routine.
- initialize statistics totals for printout.
- in authzone check that node exists before adding rrset.
- in unbound-anchor, use readwrite memory BIO.
- assertion in autotrust that packed rrset is formed correctly.
- Fix memory leak when message parse fails partway through copy.
- remove unused udpsize assignment in message encode.
- nicer bio free code in unbound-anchor.
- annotate exit functions with noreturn in unbound-control.
- Fix compile on Mac for unbound, provide explicit_bzero when libc
does not have it.
- Fix unbound for openssl in FIPS mode, it uses the digests with
the EVP call contexts.
- Fix that with harden-below-nxdomain and qname minisation enabled
some iterator states for nonresponsive domains can get into a
state where they waited for an empty list.
- Stop UDP to TCP failover after timeouts that causes the ping count
to be reset by the TCP time measurement (that exists for TLS),
because that causes the UDP part to not be measured as timeout.
- Fix #4156: Fix systemd service manager state change notification.
- Fix #4149: Add SSL cleanup for tcp timeout.
- Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes
qname minimisation with a forwarder when connectivity has issues
from rejecting responses.
- fastrpz.patch fixed.

==== vim ====
Version update (8.1.0436 -> 8.1.0451)
Subpackages: gvim vim-data vim-data-common

- Updated to revision 451, fixes the following problems
* Can get the text of inputsecret() with getcmdline().
* May access freed memory when syntax HL times out.
* The ex_make() function is too long.
* Recursive use of getcmdline() still not protected.
* remove() with a range not sufficiently tested.
* Build failure without command line history.
* GUI: Cursor not drawn after ":redraw | sleep".
* Unnecessary static function prototypes.
* Unnecessary check for NULL pointer.
* Setting 'term' does not store location for termcap options.
* Options test fails in the GUI.
* GUI scrollbar test fails with Athena and Motif.
* Cursorline not removed when using 'cursorbind'.
* When 'rnu' is set folded lines are not displayed correctly.
* Build failure without the +fold feature.

==== wicked ====
Version update (0.6.49 -> 0.6.50)
Subpackages: libwicked-0-6 wicked-service

- version 0.6.50
- firewall: do not assign default zone, but pass as is (bsc#1109147)
- nanny: fix memory leaks on fast create-delete calls (bsc#1095818)
+ fsm: cleanup worker reset (reinit) vs. free
+ fsm: do not process or pass pending workers to nanny
+ nanny: catch init failures in device registration
+ netdev: allow NULL in get and put functions
+ model: fix to call (netif) dbus object destructors
+ model: removed server specific call in netif destroy
+ fsm: handle NULL in worker get and release calls
+ fsm: process device delete event separately
+ calls: split get netif service and netif list utils
+ xml-schema: fix range constraint values parsing
+ xml-schema: remove underscores from ni_xs_type_new
+ xml-schema: fix type leak around ni_xs_build_one_type
+ fsm: free worker control mode on worker free
+ xpath: trace and free complete xpath expression tree
+ nanny: fix config leak in ni_nanny_recheck_policy
+ dbus: free pending call in ni_dbus_connection_call
+ dbus: free dbus_message_iter_get_signature result

==== xterm ====
Version update (335 -> 337)

- Patch #337
* regenerated configure script
* revise/improve fix for scrolling in margins
* amend change to default-translations "select" to ensure that specific
key-press actions are listed first

==== yast2-instserver ====
Version update (4.1.0 -> 4.1.1)

- Create the mount point directory if it does not exist yet
(bsc#1110037)
- 4.1.1

==== zypper ====
Version update (1.14.11 -> 1.14.12)
Subpackages: zypper-aptitude zypper-log

- Always warn if no repos are defined, but don't return
ZYPPER_EXIT_NO_REPOS(6) in install commands (bsc#1109893)
- Switch global help format and fix bash-completion
- version 1.14.12


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages