Mailinglist Archive: opensuse-factory (602 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20190225 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190225

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
MozillaFirefox (65.0 -> 65.0.1)
crash
gcal
gsl
hugin
i4l-base
joe
ksshaskpass5 (5.15.0 -> 5.15.1)
libblockdev
libhangul (0.1.0+git20150224.78e9d89 -> 0.1.1~git20180606.42f7640)
libyui-qt-pkg (2.45.25 -> 2.45.26)
metis
openssh
openssh-askpass-gnome
podofo
python-argcomplete (1.9.2 -> 1.9.4)
python-decorator (4.3.0 -> 4.3.2)
qemu
qemu-linux-user
qqc2-desktop-style
squid (4.5 -> 4.6)
sysconfig (0.85.1 -> 0.85.2)

=== Details ===

==== MozillaFirefox ====
Version update (65.0 -> 65.0.1)
Subpackages: MozillaFirefox-translations-common

- Update _constraints to avoid 'no space left' error seen on aarch64
- Mozilla Firefox 65.0.1
* Fixed accidental requests to addons.mozilla.org when an addon
recommendation doorhanger is shown (bmo#1526387)
* Improved playback of interactive Netflix videos (bmo#1524500)
* Fixed incorrect sizing of the "Clear Recent History" window in
some situations (bmo#1523696)
* Fixed audio & video delays while making WebRTC calls
(bmo#1521577, bmo#1523817)
* Fixed video sizing problems during some WebRTC calls (bmo#1520200)
* Fixed looping CONNECT requests when using WebSockets over HTTP/2
from behind a proxy server (bmo#1523427)
* Fixed the "Enter" key not working on password entry fields for
certain Linux distributions (bmo#1523635)
MFSA 2019-04 (bsc#1125330)
* CVE-2018-18356 bmo#1525817
Use-after-free in Skia
* CVE-2019-5785 bmo#1525433
Integer overflow in Skia
* CVE-2018-18511 bmo#1526218
Cross-origin theft of images with ImageBitmapRenderingContext
- Enable LTO only for latest new toolchain (boo#1125038) for x86_64
(with increased memory constraints)

==== crash ====

- With a xen 4.11 dump crash will fail to start reporting "cannot
fill pcpu struct" and "cannot read cpu_info" due to xen changes
not tracked by crash updates. Fixed by including:
crash-xen-invalid-pcpu-vaddr-use-hardware-domain-symbol.patch
(bsc#1122594)

==== gcal ====
Subpackages: gcal-lang

- add patches (parts of git commits from gnulib):
- gnulib-4af4a4a71827c0bc5e0ec67af23edef4f15cee8e-excerpt.patch
- gnulib-74d9d6a293d7462dea8f83e7fc5ac792e956a0ad-excerpt.patch
to fix compilation on current glibc
(fflush: adjust to glibc 2.28 libio.h removal)
(fflush: be more paranoid about libio.h change)

==== gsl ====
Subpackages: libgsl23 libgslcblas0

- mark examples as a noarch package
- install license for examples and remove unnecessary dependencies
- add an examples sub package to test in production env
- Simplify package naming for HPC.
- Fix dependencies for HPC.
- Library directory is always available when module file is
installed, do not hide it.
- Properly create and tear down default version links when the
HPC master packages are installed/uninstalled.
- Create pkgconfig file for gslcblas as well.
- Add missing env variables to modules file: MANPATH, INFOPATH,
PKG_CONFIG_PATH.

==== hugin ====

- Don't skip rpath (bsc#1125178).

==== i4l-base ====
Subpackages: i4l-isdnlog libcapi20-3

- add divactrl_2.1-sysmacros.diff to fix build
- buildrequires groff to fix documentation build

==== joe ====

- Dropped .desktop files to follow openSUSE guidelines regarding console
applications:
https://lists.opensuse.org/opensuse-factory/2019-02/msg00377.html
- Dropped obsolete patch joe-4.6-desktop_files.patch

==== ksshaskpass5 ====
Version update (5.15.0 -> 5.15.1)
Subpackages: ksshaskpass5-lang

- Update to 5.15.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.15.1.php
- No code changes since 5.15.0
- Do not require openssh-askpass simply provide another password
asking interface for openssh

==== libblockdev ====
Subpackages: libbd_btrfs2 libbd_crypto2 libbd_fs2 libbd_loop2 libbd_mdraid2
libbd_part2 libbd_swap2 libbd_utils2 libblockdev2

- Explain VDO. Fix grammar mishaps.

==== libhangul ====
Version update (0.1.0+git20150224.78e9d89 -> 0.1.1~git20180606.42f7640)

- Update to version 0.1.1~git20180606.42f7640:
* no english changelog

==== libyui-qt-pkg ====
Version update (2.45.25 -> 2.45.26)

- Fix icon display to new libyui-qt function (boo#1125424)
- 2.45.26

==== metis ====

- add a examples subpackage which include graphs* file to test Metis
- Set default module version correctly when installing
master package, unset when deinstalling the default library
package.
- Fix %%post and %%postun scripts for HPC.
- Fix dependencies for HPC.
- Fix HPC modulefile:
* Aibraries are always there when module file is installed.
* Set PKG_CONFIG_PATH.
- Fix package group names.

==== openssh ====
Subpackages: openssh-helpers

- Handle brace expansion in scp when checking that filenames sent
by the server side match what the client requested [bsc#1125687]
* openssh-7.9p1-brace-expansion.patch
- Updated security fixes:
* [bsc#1121816, CVE-2019-6109] Sanitize scp filenames via snmprintf
and have progressmeter force an update at the beginning and end
of each transfer. Added patches:
- openssh-CVE-2019-6109-sanitize-scp-filenames.patch
- openssh-CVE-2019-6109-force-progressmeter-update.patch
* [bsc#1121821, CVE-2019-6111] Check in scp client that filenames
sent during remote->local directory copies satisfy the wildcard
specified by the user. Added patch:
- openssh-CVE-2019-6111-scp-client-wildcard.patch
* Removed openssh-7.9p1-scp-name-validator.patch
- Change the askpass wrapper to not use x11 interface:
* by default we use the -gnome UI (which is gtk3 only, no gnome dep)
* if desktop is KDE/LxQt we use ksshaskpass

==== openssh-askpass-gnome ====

- Supplement the openssh and libx11 together to ensure this package
is installed on machines where there is X stack

==== podofo ====

- Add patches from upstream to fix several CVEs:
* r1933-Really-fix-CVE-2017-7381.patch
to fix a null pointer dereference (bsc#1032020, CVE-2017-7381)
* r1936-Really-fix-CVE-2017-7382.patch
to fix a null pointer dereference (bsc#1032021, CVE-2017-7382)
* r1937-Really-fix-CVE-2017-7383.patch
to fix a null pointer dereference (bsc#1032022, CVE-2017-7383)
* r1938-Fix-CVE-2018-11256-PdfError-info-gives-not-found-page-0-based.patch
to fix a null pointer dereference Denial of Service
(bsc#1096889, CVE-2018-11256)
* r1941-Fix-CVE-2017-8054-and-other-issues-keeping-binary-compat.patch
This patch was rebased from the one upstream so that it applies correctly
and modified so it doesn't break binary compatibility.
(CVE-2017-8054, boo#1035596)
* r1945-Fix-possible-incompatibility-of-PdfAESStream-with-OpenSSL-1.1.0g.patch
* r1948-Fix-CVE-2018-12982-implementing-inline-PdfDictionary-MustGetKey.patch
This patch was rebased from the one upstream so that it applies correctly.
(CVE-2018-12982, boo#1099720)
*
r1949-Fix-CVE-2018-5783-by-introducing-singleton-limit-for-indirect-objects-keeping-binary-compat.patch
This patch was rebased from the one upstream so that it applies correctly
and modified so it doesn't break binary compatibility.
(CVE-2018-5783, boo#1076962)
* r1950-Fix-null-pointer-dereference-in-PdfTranslator-setTarget.patch
*
r1952-Fix-CVE-2018-11255-Null-pointer-dereference-in-PdfPage-GetPageNumber.patch
(CVE-2018-11255, boo#1096890)
*
r1953-Fix-CVE-2018-14320-Possible-undefined-behaviour-in-PdfEncoding-ParseToUnicode.patch
(CVE-2018-14320, boo#1108764)
*
r1954-Fix-CVE-2018-20751-null-pointer-dereference-in-crop_page-of-tools-podofocrop.patch
(CVE-2018-20751, boo#1124357)
*
r1961-EncryptTest-Fix-buffer-overflow-in-decrypted-out-buffer-in-TestEncrypt.patch
This patch was rebased from the one upstream so that it applies correctly.
*
r1963-Fix-heap-based-buffer-overflow-vulnerability-in-PoDoFo-PdfVariant-DelayedLoad.patch
- Renamed fix-build.patch to r1942-Fix-build-with-cmake-ge-3.12.patch to
keep its name consistent with the other upstream patches.

==== python-argcomplete ====
Version update (1.9.2 -> 1.9.4)

- Trim unnecessary build dependencies using trim-test-deps.patch
- Simplify skip_tcsh_tests.patch so it is easier to read and update
- Update to v1.9.4
* Use the correct interpreter when checking wrappers
* Provide shellcode as a module function (#237)
- from v1.9.3
* Fix handling of COMP\_POINT
* Fix crash when writing unicode to debug\_stream in Python 2

==== python-decorator ====
Version update (4.3.0 -> 4.3.2)

- update to version 4.3.2
* now the decorator module can decorate generator functions by
preserving their being generator functions
* Set `python_requires='>=2.6, !=3.0.*, !=3.1.*'` in setup.py
- update to version 4.3.1
* Added a section "For the impatient" to the README, addressing
an issue raised by Amir Malekpour.
* Added support for Python 3.7.
* Now the path to the decorator module appears in the
tracebacks, as suggested by a user at EuroPython 2018.

==== qemu ====
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster
qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra
qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390
qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl
qemu-vgabios qemu-x86

- Package and cross-build rom files for aarch64 from
SLE15/Leap15.0 to fix boo#1125964
- Add patch to fix seabios cross-compilation:
* seabios-fix_cross_compilation.patch
- Add patch to fix sgabios cross-compilation:
* sgabios-fix-cross-build.patch
- Fix _constraints to include all architectures for disk size
(fix aarch64)
- Revert upstream patch which declares x86 vmx feature a migration
blocker. Given the proliferation of using vm's with host features
passed through and the general knowledge that nested
virtualization has many usage caveats, but still gets put in use
in restricted scenarios, this patch did more harm than good, I
feel. So despite this relaxation, please consider yourself warned
that nested virtualization is not yet a supportable feature.
(bsc#1121604)
0058-Revert-target-i386-kvm-add-VMX-migr.patch
- Fix SEV VM device assignment (bsc#1123205)
0059-memory-Fix-the-memory-region-type-a.patch
0060-target-i386-sev-Do-not-pin-the-ram-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
- Remove 71-sev.rules, which modifies the default permissions of
/dev/sev by adding the kvm group as reader/writer. Upstream
decided to take a different approach for libvirt to manage SEV
due to security concerns which I agree overrides the convenience
of providing /dev/sev access to all the kvm group (bsc#1124842
bsc#1102604)

==== qemu-linux-user ====

- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
* Patches added:
0058-Revert-target-i386-kvm-add-VMX-migr.patch
0059-memory-Fix-the-memory-region-type-a.patch
0060-target-i386-sev-Do-not-pin-the-ram-.patch

==== qqc2-desktop-style ====

- Add 0001-Fix-MobileTextActionsToolBar.qml-with-Qt-5.9.patch (by Fabian Vogt)
to fix an issue with Qt 5.9
- Downgrade the Qt version requirement to build with 5.9

==== squid ====
Version update (4.5 -> 4.6)

- Update to squid 4.6:
+ master commit b599471 leaks memory (#4919)
+ SourceFormat Enforcement (#367)
+ Detect IPv6 loopack binding errors (#355)
+ Do not call setsid() in --foreground mode (#354)
+ Fail Rock swapout if the disk dropped write reqs (#352)
+ Initialize StoreMapSlice when reserving a new cache slot (#350)
+ Fixed disker-to-worker queue overflows (#353)
+ Fix OpenSSL builds that define OPENSSL_NO_ENGINE (#349)
+ Fix BodyPipe/Sink memory leaks associated with auto-consumption
+ Exit when GoIntoBackground() fork() call fails (#344)
+ GCC-8 compile errors with -O3 optimization (#4875)
+ Initial translations to ka/georgian language (#345)
+ basic_ldap_auth: Return BH on internal errors (#347)

==== sysconfig ====
Version update (0.85.1 -> 0.85.2)
Subpackages: sysconfig-netconfig

- version 0.85.2
- Fixed changes file to mention relevant github pull requests.
- Removed remaining preun rpm hook from EOL openSUSE versions
- Merged /var/adm/netconfig move revert from openSUSE:Factory
causing to not find md5 sums from previous netconfig version
due to incorrectly merged hook in spec file and trouble on
transactional systems without writeable /var/lib/netconfig.
Removed obsoletes revert-var-adm-lib-netconfig-move.patch.
(bsc#1124152,bsc#1124340).
- Merged rpm spec bash section marks (gh#openSUSE/sysconfig#23)


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups