Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20181203 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: binutils checkmedia (4.0 -> 4.1) cifs-utils (6.5 -> 6.8) digikam elfutils (0.174 -> 0.175) gnutls grilo (0.3.6 -> 0.3.7) ibus-pinyin icecream (1.1 -> 1.2) kvm_stat (4.19.1 -> 4.19.5) ldb (1.4.2 -> 1.4.3) libgcrypt libzypp (17.9.0 -> 17.10.1) man (2.7.6 -> 2.8.4) nautilus (3.30.3 -> 3.30.4) ncurses pam pixman (0.34.0 -> 0.36.0) polkit-default-privs ruby2.5 skopeo syslinux translation-update (15.0 -> 15.1) virt-manager virtualbox (5.2.20_k4.19.5_1 -> 5.2.22_k4.19.5_1) webkit2gtk3 (2.22.3 -> 2.22.4) xen zypper (1.14.16 -> 1.14.17) === Details === ==== binutils ==== Subpackages: binutils-devel - Add handle-ELF-compressed-header-alignment-correctly-by-.patch: PR23919. - Update to binutils-2_31-branch @e51abf7e3, minor bugfixes in the support for the X86_ISA_1_* notes. Adds patch binutils-2.31-branch.diff.gz . - Add binutils-revert-plt32-in-branches.diff on anything older than Tumbleweed to not break old tools not expecting PLT32 instead of PC32 relocs on x86_64. - Includes fixes for these CVEs: * from 2.30: bnc#1065643 aka CVE-2017-15996 aka PR22361 bnc#1065689 aka CVE-2017-15939 aka PR22205 bnc#1065693 aka CVE-2017-15938 aka PR22209 bnc#1068640 aka CVE-2017-16826 aka PR22376 bnc#1068643 aka CVE-2017-16832 aka PR22373 bnc#1068887 aka CVE-2017-16831 aka PR22385 bnc#1068888 aka CVE-2017-16830 aka PR22384 bnc#1068950 aka CVE-2017-16829 aka PR22307 bnc#1069176 aka CVE-2017-16828 aka PR22386 bnc#1069202 aka CVE-2017-16827 aka PR22306 * from 2.31: bnc#1077745 aka CVE-2018-6323 aka PR22746 bnc#1079103 aka CVE-2018-6543 aka PR22769 bnc#1079741 aka CVE-2018-6759 aka PR22794 bnc#1080556 aka CVE-2018-6872 aka PR22788 bnc#1081527 aka CVE-2018-7208 aka PR22741 bnc#1083528 aka CVE-2018-7570 aka PR22881 bnc#1083532 aka CVE-2018-7569 aka PR22895 bnc#1086608 aka CVE-2018-8945 aka PR22809 bnc#1086784 aka CVE-2018-7643 aka PR22905 bnc#1086786 aka CVE-2018-7642 aka PR22887 bnc#1086788 aka CVE-2018-7568 aka PR22894 bnc#1090997 aka CVE-2018-10373 aka PR23065 bnc#1091015 aka CVE-2018-10372 aka PR23064 bnc#1091365 aka CVE-2018-10535 aka PR23113 bnc#1091368 aka CVE-2018-10534 aka PR23110 - Removes binutils-fix-pr21964.diff as it's included in 2.31. Rebase testsuite.diff and aarch64-common-pagesize.patch . - Disable -z separate-code everywhere but in Tumbleweed. ==== checkmedia ==== Version update (4.0 -> 4.1) Subpackages: libmediacheck4 - merge gh#openSUSE/checkmedia#8 - fix digest calculation in tagmedia (bsc#1117499) - added testcases - adjust function descriptions - 4.1 ==== cifs-utils ==== Version update (6.5 -> 6.8) - Update to cifs-utils 6.8. + document more mount options + man pages now generated from RST files + add python-docutils build dependency + update keyring to check tarball signature + remove 0001-manpage-correct-typos-and-spelling-mistakes.patch + remove 0002-mount.cifs-document-SMBv3.1.1-and-new-seal-option.patch - Add typo corrections, better doc and configure fixes from upstream + add 0001-docs-cleanup-rst-formating.patch + add 0002-mount.cifs.rst-document-new-no-handlecache-mount-opt.patch + add 0003-manpage-update-mount.cifs-manpage-with-info-about-rd.patch + add 0004-checkopts-add-python-script-to-cross-check-mount-opt.patch + add 0005-mount.cifs.rst-document-missing-options-correct-wron.patch + add 0006-cifs-utils-support-rst2man-3.patch + add 0007-checkopts-report-duplicated-options-in-man-page.patch + add 0008-mount.cifs.rst-more-cleanups.patch + add 0009-mount.cifs.rst-document-vers-3-mount-option.patch + add 0010-mount.cifs.rst-document-vers-3.02-mount-option.patch - Cleanup spec file * assume SUSE vendor and SLE >= 11 ==== digikam ==== Subpackages: kipi-plugins kipi-plugins-lang - Add fix-black-Welcome-page-by-clicking-on-a-link.patch to fix the Welcome page getting black when clicking on a link that opens a new browser window (with QtWebEngine) ==== elfutils ==== Version update (0.174 -> 0.175) Subpackages: elfutils-lang libasm1 libdw1 libebl-plugins libelf-devel libelf1 - Update to version 0.175 readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. libdwelf: New function dwelf_elf_begin. libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. Fixes CVE-2018-18310, CVE-2018-18520 and CVE-2018-18521. - remove disable-backtrace-dwarf-test.patch patch - the test works now ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - search for guile-2.2 during configure, part of boo#1117121 add patches: * gnutls-enbale-guile-2.2.patch: search for guile-2.2 refresh patches: * disable-psk-file-test.patch: disable psk-file in Makefile.am ==== grilo ==== Version update (0.3.6 -> 0.3.7) Subpackages: grilo-lang libgrilo-0_3-0 libgrlnet-0_3-0 libgrlpls-0_3-0 typelib-1_0-Grl-0_3 - Update to version 0.3.7: + Fix crash in totem after emitting source-{add remove}. + Add grl_related_keys_{get,set}_int64 functions. + Support transform GValue on grl_data_*_for_id(). + Add per Source configs on keyfile. + Pattern matching for GRL_PLUGIN_RANKS. + Documentation improvements. + Removed Autotools supported. + Updated translations. - Add meson BuildRequires and macros, switch to meson buildsystem following upstreams changes. ==== ibus-pinyin ==== - Update ibus-pinyin.spec: To adapt to tumbleweed's update to python3. ==== icecream ==== Version update (1.1 -> 1.2) - update to 1.2 - Add more compiler flags to the list that mean build locally * -pedantic (preprocessing only) * -pedantic-errors (preprocessing only) * -fsyntax-only - don't force local compile on -include-pch - Make load calculation better - Limit amount of data sent at one time for slow networks/remotes - Many updates to the tests - Better logs of some error conditions - Build locally if it is likely that there will not be more compiles - Support adding gcc and clang to the same environment - Better handling of icerun - Cygwin now works as a client - Don't expose Host endianness to network - General code cleanup ==== kvm_stat ==== Version update (4.19.1 -> 4.19.5) * Changed the spec file to build SLE15-SP1 with the s390x patches, and added logic to the spec file to uniquely build Factory and SLE-15 as they do not require the first 44 patches, and the code base is not the same - Making kvm_stat use python3 for openSUSE (bsc#1116822) - 0047-tools-kvm_stat-switch-python-reference-to-be-explici.patch + 0047-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat2.patch + 0048-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat3.patch + 0049-tools-kvm_stat-switch-python-reference-to-be-explici.patch - Make kvm_stat use python3 (bsc#1116822) + 0044-tools-kvm_stat-Don-t-use-deprecated-file.patch + 0045-tools-kvm_stat-fix-python3-issues.patch + 0046-tools-kvm_stat-apply-python-2to3-fixes-to-kvm_stat.patch + 0047-tools-kvm_stat-switch-python-reference-to-be-explici.patch * Incorporating patches and comments produced by Fei Li for SLE15-SP1 - Backport 43 kvm_stat patches between kernel v4.16-* and current v4.12.14 for the kvm_stat package. Actually some of the patches are s390x specific, and some are noarch. (FATE#325017) + 0001-tools-kvm_stat-fix-event-counts-display-for-interrup.patch + 0002-tools-kvm_stat-fix-undue-use-of-initial-sleeptime.patch + 0003-tools-kvm_stat-remove-unnecessary-header-redraws.patch + 0004-tools-kvm_stat-simplify-line-print-logic.patch + 0005-tools-kvm_stat-remove-extra-statement.patch + 0006-tools-kvm_stat-simplify-initializers.patch + 0007-tools-kvm_stat-move-functions-to-corresponding-class.patch + 0008-tools-kvm_stat-show-cursor-in-selection-screens.patch + 0009-tools-kvm_stat-display-message-indicating-lack-of-ev.patch + 0010-tools-kvm_stat-make-heading-look-a-bit-more-like-top.patch + 0011-tools-kvm_stat-rename-Current-column-to-CurAvg-s.patch + 0012-tools-kvm_stat-add-new-interactive-command-h.patch + 0013-tools-kvm_stat-add-new-interactive-command-s.patch + 0014-tools-kvm_stat-add-new-interactive-command-o.patch + 0015-tools-kvm_stat-display-guest-list-in-pid-guest-selec.patch + 0016-tools-kvm_stat-fix-error-on-interactive-command-g.patch + 0017-tools-kvm_stat-add-new-command-line-switch-i.patch + 0018-tools-kvm_stat-add-new-interactive-command-b.patch + 0019-tools-kvm_stat-add-f-help-to-get-the-available-event.patch + 0020-tools-kvm_stat-Add-Python-3-support-to-kvm_stat.patch + 0021-tools-kvm_stat-fix-command-line-option-g.patch + 0022-tools-kvm_stat-fix-drilldown-in-events-by-guests-mod.patch + 0023-tools-kvm_stat-fix-missing-field-update-after-filter.patch + 0024-tools-kvm_stat-fix-extra-handling-of-help-with-field.patch + 0025-tools-kvm_stat-add-hint-on-f-help-to-man-page.patch + 0026-tools-kvm_stat-fix-child-trace-events-accounting.patch + 0027-tools-kvm_stat-handle-invalid-regular-expressions.patch + 0028-tools-kvm_stat-suppress-usage-information-on-command.patch + 0029-tools-kvm_stat-stop-ignoring-unhandled-arguments.patch + 0030-tools-kvm_stat-add-line-for-totals.patch + 0031-tools-kvm_stat-sort-f-help-output.patch + 0032-tools-kvm_stat-simplify-the-sortkey-function.patch + 0033-tools-kvm_stat-use-a-namedtuple-for-storing-the-valu.patch + 0034-tools-kvm_stat-use-a-more-pythonic-way-to-iterate-ov.patch + 0035-tools-kvm_stat-avoid-is-for-equality-checks.patch + 0036-tools-kvm_stat-fix-crash-when-filtering-out-all-non-.patch + 0037-tools-kvm_stat-print-error-on-invalid-regex.patch + 0038-tools-kvm_stat-fix-debugfs-handling.patch + 0039-tools-kvm_stat-mark-private-methods-as-such.patch + 0040-tools-kvm_stat-eliminate-extra-guest-pid-selection-d.patch + 0041-tools-kvm_stat-separate-drilldown-and-fields-filteri.patch + 0042-tools-kvm_stat-group-child-events-indented-after-par.patch + 0043-tools-kvm_stat-print-Total-line-for-multiple-events-.patch ==== ldb ==== Version update (1.4.2 -> 1.4.3) Subpackages: libldb1 libldb1-32bit - Update to 1.4.3 + Python: Ensure ldb.Dn can accept utf8 encoded unicode (bug 13616) ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-32bit libgcrypt20-hmac - Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355) * add libgcrypt-binary_integrity_in_non-FIPS.patch ==== libzypp ==== Version update (17.9.0 -> 17.10.1) - Adapt to changes in upcoming Boost 1.69.0 - Do not fail service-refresh on a empty repoindex.xml (bnc#1116840) - version 17.10.1 (9) - str: recognize 'always' and 'never' as valid boolean strings - Fix needreboot code to use SolvableSpec parser (fate#326451) - SolvableSpec: Define a set of Solvables by ident and provides - version 17.10.0 (9) ==== man ==== Version update (2.7.6 -> 2.8.4) - Update to man-db 2.8.4 * Major changes since man-db 2.8.3: + Rely on decompressors reading from their standard input rather than redundantly passing them the input file on their command line. This works better with downstream AppArmor confinement of decompressors. + Fix invalid syntax in tmpfiles.d/man-db.conf when configured with - -disable-cache-owner. + Make seccomp sandbox allow sched_getaffinity, sometimes used by xz. + Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy as documented, not in the current directory. This was broken by the working-directory-handling changes in 2.8.3. Note that this change means that "man -l" will never use an external formatter (which was never documented behaviour and was surely a bad idea). + Make seccomp sandbox allow some shared memory operations across the board rather than just when ESET File Security is in use; the Astrill VPN seems to require something similar, and there are doubtless other such preload hacks. + Some versions of ESET File Security call msgget and msgsnd; if this program is in use, then allow those. * Major changes since man-db 2.8.2: + Make seccomp sandbox allow madvise, since that's used by lbzip2. + Make seccomp sandbox allow kill and tgkill outright, since groff uses kill to pass on signals to its child processes. + Make seccomp sandbox allow sibling architectures on x86/x86_64/x32, since people sometimes mix and match architectures there for performance reasons. + Fix version check in locale macro loading to tolerate groff release candidates. + man now only changes working directory in child processes, so never fails due to being unable to change back to its original working directory. + accessdb, apropos, and lexgrog no longer emit spurious gettext headers in their --help output when localised. * Major changes since man-db 2.8.1: + Make seccomp sandbox allow kill and tgkill when the signal is directed at the current process or one of its threads; this is needed by xz. + Make seccomp sandbox allow ioctl(fd, TIOCGWINSZ), since that's used by musl. + Work around the proprietary "ESET File Security" antivirus program in seccomp sandbox: if this is in use then we need to allow some socket-related system calls. + Work around the "snoopy" execve() wrapper and logger in seccomp sandbox: if this is in use then we need to allow some socket-related system calls. + Interpret EFAULT from seccomp_load as meaning that seccomp is unavailable, since this can be returned by some versions of qemu-user. * Major changes since man-db 2.8.0: + Fix seccomp sandbox build on Linux/POWER. + Fix manconv execution under seccomp when man is installed setuid. + Make seccomp sandbox allow mremap (used by iconv, for example). + configure now has a --without-libseccomp option to disable the use of seccomp even if the library is available. * Major changes since man-db 2.7.6.1: + Fix locale macro loading for Chinese to load the macro file corresponding to just the language part of the user's locale. + Honour --enable-cache-owner in generated systemd tmpfiles snippet rather than hardcoding "man". + If man adds prefixes to a page to handle such things as disabling hyphenation, then take account of those when looking for a preprocessor line at the start of the page. + Fix a segfault in 'man -D --help'. + Treat "\(en" as another synonym for "\-" in NAME sections. + Confine most subprocesses that handle untrusted data using seccomp. This mainly deals with subprocesses that perform encoding conversions, (de)compressors, groff programs, and a few other odds and ends. groff programs use a slightly more permissive filter since they need to create temporary files, so additional path-based confinement (e.g. using AppArmor) is still useful. If this goes wrong, then MAN_DISABLE_SECCOMP=1 can be set in the environment to disable it, but please report any such problem as a bug. + man now falls back to cat if the compile-time default pager is not executable. * Major changes since man-db 2.7.6: + Don't chmod CACHEDIR.TAG if it doesn't exist. + Correct installation of Swedish manual pages. - Modify the patches * man-db-2.6.3-listall.dif * man-db-2.6.3-man0.dif * man-db-2.6.3-section.dif * man-db-2.7.1-firefox.dif * man-db-2.7.1-security4.dif * man-db-2.7.1-zio.dif - Rename patch man-db-2.7.6.dif which is now man-db-2.8.4.dif - Add systemd timer service and its timer unit to refresh man data base daily without using cron (bsc#1115406) ==== nautilus ==== Version update (3.30.3 -> 3.30.4) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 nautilus-lang - Update to version 3.30.4: + Fix crash when opening windows quickly. + Show trash action bar when trash status changes. + Implement rename file support in dbus for integration with desktop icons extension. ==== ncurses ==== Subpackages: libncurses6 ncurses-devel ncurses-utils tack terminfo terminfo-base terminfo-screen - Remove screen.xterm from terminfo data base (boo#1103320) as with this screen uses fallback TERM=screen - Add ncurses patch 20181117 + ignore the hex/b64 $TERMINFO in toe's listing. + correct a status-check in _nc_read_tic_entry() so that if reading a hex/b64 $TERMINFO, and the $TERM does not match, fall-through to the compiled-in search list. - For screen.xterm remove also `rep' feature (repeat char) this might help on boo#1103320 - Add ncurses patch 20181110 + several workarounds to ensure proper C compiler used in parts of Ada95 tree. + update config.guess, config.sub from http://git.savannah.gnu.org/cgit/config.git ==== pam ==== Subpackages: pam-32bit pam-devel - When comparing an incoming IP address with an entry in access.conf that only specified a single host (ie no netmask), the incoming IP address was used rather than the IP address from access.conf, effectively comparing the incoming address with itself. (Also fixed a small typo while I was at it) {bsc#1115640, use-correct-IP-address.patch, CVE-2018-17953] ==== pixman ==== Version update (0.34.0 -> 0.36.0) Subpackages: libpixman-1-0 libpixman-1-0-32bit libpixman-1-0-devel - Update to version 0.36.0: + Add tests for (a)rgb floating point formats + Add support for argb/xrgb float formats, v5 + Fix stride calculation in stress-test + Adjust for clang's removal of __builtin_shuffle + Fix vector loads on ppc64le + Promote unsigned short to unsigned int explicitly + pixman-filter: Made Gaussian a bit wider + pixman-filter: Nested polynomial for cubic + pixman-filter: Fix several issues related to normalization + pixman-filter: Speed up BOX/BOX filter + pixman-filter: integral splitting is only needed for triangle filterdd + pixman-filter: Correct Simpsons integration + pixman-filter: reduce amount of malloc/free/memcpy to generate filter + pixman-image: Added enable-gnuplot config to view filters in gnuplot + pixman-fast-path.c: Pick NEAREST affine fast paths before BILINEAR ones + pixman-private: include <float.h> only in C code - Remove pixman-private-correct-include.patch: upstreamed ==== polkit-default-privs ==== - chkstat: adjust DO NOT EDIT banner in generated rules file (bsc#1099754) ==== ruby2.5 ==== Subpackages: libruby2_5-2_5 ruby2.5-devel ruby2.5-stdlib - Use parallel make. - Disable compressed sections as they are not supported by rpm (https://bugs.ruby-lang.org/issues/12934). ==== skopeo ==== - Disable ostree repository types for SLE, as this feature requires libostree that is not yet available in the Server Application module where skopeo is located. ==== syslinux ==== - Add remove-note-gnu-section.patch: strip a newly added section in order to fulfil ELF size limits expected. ==== translation-update ==== Version update (15.0 -> 15.1) Subpackages: translation-update-cs translation-update-da translation-update-de translation-update-el translation-update-en_GB translation-update-es translation-update-fr translation-update-hu translation-update-it translation-update-ja translation-update-pl translation-update-pt translation-update-pt_BR translation-update-ru translation-update-zh_CN translation-update-zh_TW - Update to Factory specific version 20181128 that contains only abandoned packages in static.tlst (bsc#1100398). - Obsolete all language packages that are no longer distributed (boo#952855#c41) and add support for it in supplementary scripts - translation-update-spec-generate-lang-list.sh: Fix Obsoletes generator. - Drop many unneeded subpackages. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1117846 - virt-manager: Checking for virtualization packages error virtman-load-stored-uris.patch ==== virtualbox ==== Version update (5.2.20_k4.19.5_1 -> 5.2.22_k4.19.5_1) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-tools virtualbox-guest-x11 - Fix the changes for kernel 4.20 API differences. The previous version compiled but had an error in logic. - Version bump to 5.2.22 (released November 09 2018 by Oracle) This is a maintenance release. The following items were fixed and/or added: Audio: fixed a regression in the Core Audio backend causing a hang when returning from host sleep when processing input buffers Audio: fixed a potential crash in the HDA emulation if a stream has no valid mixer sink attached -- thanks to Rink Springer (rink@?) Linux Additions: disable 3D for recent guests using Wayland (bug #18116) Linux Additions: fix for rebuilding kernel modules for new kernels on RPM guests Linux Additions: further fixes for Linux 4.19 Linux Additions: fixed errors rebuilding initrd files with dracut on EL 6 (bug 18055#) Linux Additions: fixed 5.2.20 regression: guests not remembering the screen size after shutdown and restart (bug #18078) Patch file "gcc8-configure.patch" removed. The issue is fixed upstream. Patch file "fixes_for_4.19.patch" removed. The issue is fixed upstream. Add file "change_default_net_adapter.patch" to set PCnet-FAST III as the default adapter. This helps with the vulnerability listed in bsc#1115041. - Update "fixes_for_4.20.patch" for one additional API change so that Kernel_HEAD_standard will build. The description of VB was modified as suggested by Jan Engelhardt. ==== webkit2gtk3 ==== Version update (2.22.3 -> 2.22.4) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Reduce memory constraints for riscv64 - Update to version 2.22.4: + Expose ENABLE_MEDIA_SOURCE as a public build option. + Fix a crash when using Cairo versions between 1.15 and 1.16.0 + Fix the build with -DLOG_DISABLED=0. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. + Fix debug builds of JavaScriptCore. + Fix several crashes and rendering issues. ==== xen ==== Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: Missing /bin/domu-xenstore. This was broken because "make package build reproducible" change. (boo#1047218, boo#1062303) This fix reverses the change to this patch. tmp_build.patch - bsc#1115040 - VUL-0: xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275) xsa275-1.patch xsa275-2.patch - bsc#1115043 - VUL-0: xen: resource accounting issues in x86 IOREQ server handling (XSA-276) xsa276-1.patch xsa276-2.patch - bsc#1115044 - VUL-0: xen: x86: incorrect error handling for guest p2m page removals (XSA-277) xsa277.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch - bsc#1115045 - VUL-0: xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses (XSA-279) xsa279.patch - bsc#1115047 - VUL-0: xen: Fix for XSA-240 conflicts with shadow paging (XSA-280) xsa280-1.patch xsa280-2.patch - bsc#1114988 - VUL-0: xen: guest use of HLE constructs may lock up host (XSA-282) 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV 5bdc31d5-VMX-fix-vmx_handle_eoi.patch - Upstream bug fixes (bsc#1027519) 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch ==== zypper ==== Version update (1.14.16 -> 1.14.17) Subpackages: zypper-aptitude zypper-log - Optionally run "zypper search-packages" after "search" (FATE#325599) - zypper.conf: Add [search]runSearchPackages config variable. - BuildRequires: libzypp-devel >= 17.10.0 - version 1.14.17 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org