Mailinglist Archive: opensuse-factory (439 mails)

< Previous Next >
[opensuse-factory] Leap 15.1 Build 444.1 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

When you reply to discuss some issues, make sure to change the subject.
Please use the test plan at
to record your testing efforts and use bugzilla to report bugs.

Packages changed:
MozillaThunderbird (60.5.1 -> 60.6.1)
createrepo_c (0.10.0.git20170131.04828e6 -> 0.12.1)
ldb (1.4.3 -> 1.4.6)
libgnomesu (2.0.2 -> 2.0.3)
plymouth (0.9.4+git20181111.118c5ca -> 0.9.4+git20190304.ed9f201)
re2 (20180901 -> 20190301)
snapper (0.8.2 -> 0.8.3)
suse-module-tools (15.1.11 -> 15.1.13)
xen (4.12.0_04 -> 4.12.0_08)
yast2-theme (4.1.8 -> 4.1.11)
yast2-trans (84.87.20190322.b16b39e213 -> 84.87.20190330.92a2062d5c)

=== Details ===

==== MozillaThunderbird ====
Version update (60.5.1 -> 60.6.1)
Subpackages: MozillaThunderbird-translations-common

- Mozilla Thunderbird 60.6.1
MFSA 2019-12 (bsc#1130262)
* CVE-2019-9810 (bmo#1537924)
IonMonkey MArraySlice has incorrect alias information
* CVE-2019-9813 (bmo#1538006)
Ionmonkey type confusion with __proto__ mutations
- Mozilla Thunderbird 60.6.0
* Calendar: Can't create repeating event with end date when using
certain time zones, for example Europe/Minsk
* some minor bugfixes
* using 60.6.0esr Mozilla platform (bsc#1129821)
- Mozilla Thunderbird 60.5.3
* fixed a regression on the Windows platform:
Problem when using "Send to > Mail recipient" on Windows
- Mozilla Thunderbird 60.5.2
* UTF-8 support for MAPISendMail
* Problem with S/MIME certificate verification when receiving email
from Outlook (issue introduced in version 60.5.1)

==== akonadi-server ====
Subpackages: akonadi-server-lang akonadi-server-sqlite libKF5AkonadiAgentBase5
libKF5AkonadiCore5 libKF5AkonadiPrivate5 libKF5AkonadiWidgets5 libKF5AkonadiXml5

- Add upstream patches to fix regressions when checking mail:
* fix-regression-when-updating-attributes.patch
* fix-collection-detaching.patch

==== bluez ====
Subpackages: libbluetooth3

- Add:btmon: multiple memory management vulnerabilities fixed
Multiple different memory management vulnerabilities were discovered
in btmon while fuzzing it with American Fuzzy Lop. Purpose of this
fuzzing effort was to find some bugs in btmon, analyse and fix them
but also try to exploit them. Also goal was to prove that fuzzing is
low effort way to find bugs that could end up being severe ones.
Most common weakness appeared to be buffer over-read which was
usually caused by missing boundary checks before accessing array.
Integer underflows were also quite common. Most interesting bug was
simple buffer overflow that was actually discovered already couple
years ago by op7ic:
but it was still not fixed. This particular vulnerability ended up
being quite easily exploitable if certain mitigation technics were

==== btrfsprogs ====
Subpackages: btrfsprogs-udev-rules libbtrfs0

- Use correct path for dracut-fsck-help.txt in (bsc#1122539)
* Remove
* Add

==== cifs-utils ====

- Fix dependency failure on SLE15 regarding python2/python3.

==== createrepo_c ====
Version update (0.10.0.git20170131.04828e6 -> 0.12.1)
Subpackages: libcreaterepo_c0 python3-createrepo_c

- Added upstream patches
* 0001-Find-correct-nosetests-version-even-when-which-comma.patch
* 0002-fix-linking-when-Wl-no-undefined-is-set.patch
- Disable drpm support
- Update to version 0.12.1:
* Release 0.12.1
* For make test, xz and zchunk (not just *-devel) are required.
* Make cmake variable PYTHON_EXECUTABLE global
* Add zchunk support already to Fedora 29
* [spec] Fix spec to work for epel 7
* Add CMake support for python interpreter path
* Add space after if statement
* Fix misc test
* Add missing sentinal
* Add zchunk support to mergerepo_c for extra files
- Backport fixes from upstream
* 0001-zck_end_chunk-returns-number-of-bytes-written-or-1-f.patch
* 0002-Add-missing-sentinal.patch
* 0003-Fix-misc-test.patch
- Update to 0.12.0
+ Add basic support for zchunk metadata
+ Add support for building wheels to upload to PyPI
- Drop Python 2 subpackage
- Enable drpm support
- Enable zchunk for openSUSE Leap 15.1+ and Tumbleweed
- Adjust changes entries to use full author identities
- Update to 0.11.1
+ Add support for RPMs with large files
+ Identify Requires(missingok) as Recommends correctly
+ Enable legacy tags by default
+ Fix missing packages in mergerepo_c with multiple VR of same name
+ Add mergerepo_c --repo-prefix-search and --repo-prefix-replace
+ Build against Python 3 by default for bindings
- Drop snapshot source service and snapshot tarball
- Use license macro for license file
- Drop trailing whitespace
- Fix comment about drpm support
- [boo#1125044] fix for huge rpm packages

==== flatpak ====
Subpackages: libflatpak0 typelib-1_0-Flatpak-1_0

- Add upstream patch to fix a sandbox bypass using the TIOCSTI ioctl
(boo#1130637, CVE-2019-10063, gh#flatpak/flatpak#2782)
* 0001-Only-compare-the-lowest-32-ioctl-arg-bits-for-TIOCSTI.patch

==== glibc ====

- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use
the correct order of instructions while maintaining the robust mutex
list due to missing compiler barriers (bsc#1130045, BZ #24180)
- getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4
address strings (CVE-2016-10739, bsc#1129783, BZ #20018)

==== glibc ====
Subpackages: glibc-extra glibc-locale glibc-locale-base nscd

- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use
the correct order of instructions while maintaining the robust mutex
list due to missing compiler barriers (bsc#1130045, BZ #24180)
- getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4
address strings (CVE-2016-10739, bsc#1129783, BZ #20018)

==== gnuhealth-client ====

- link to python2-GooCalendar (remains python2) boo#1131096

==== ldb ====
Version update (1.4.3 -> 1.4.6)
Subpackages: libldb1 libldb1-32bit python3-ldb

- Update to 1.4.6
+ CVE-2019-3824 out of bounds read in wildcard compare; (bso#13773);

==== libarchive ====
Subpackages: bsdtar libarchive13

- Added patches:
* CVE-2019-1000019.patch Fixes 7zip crash (boo#1124341)
* CVE-2019-1000020.patch ISO9660 infinite loop fixed (boo#1124342)
- Added patches:
* CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR
decoder (CVE-2018-1000877 bsc#1120653)
* CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR
decoder (CVE-2018-1000878 bsc#1120654)
* CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference
vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656)
* CVE-2018-1000880.patch, which fixes an improper input validation
vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659)

==== libgnomesu ====
Version update (2.0.2 -> 2.0.3)
Subpackages: libgnomesu-lang libgnomesu0

- Update to version 2.0.3:
* Make gnomesu honor /etc/default/su settings for PATH
* Updated translations.
- Sync PAM configuration with su.
- Modernize spec-file by calling spec-cleaner

==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5
libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql
libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5

- Add qt.qpa.xcb and logging categories so xcb warnings
can be disabled (boo#1115541, QTBUG-55167)
* add-logging-category-for-xcb-warnings.patch
- Use %license

==== libtirpc ====
Subpackages: libtirpc-netconfig libtirpc3 libtirpc3-32bit

- Fix SLES 15 - yp_bind_client_create_v3: RPC: Unknown host (bsc#1126096).
- Add upstream patch
- update patch 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
to avoid a file descriptor leak
- add option to enforce connection via protocol version 2 first
- add 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch

==== mdadm ====

- imsm: finish recovery when drive with rebuild fails (bsc#1126975)
- mdmon: don't attempt to manage new arrays when terminating

==== netpbm ====
Subpackages: libnetpbm11

- security update
* CVE-2018-8975 [bsc#1086777]
+ netpbm-CVE-2018-8975.patch

==== openssh ====
Subpackages: openssh-helpers

- Fix a double free() in the KDF CAVS testing tool (bsc#1065237)
* modify openssh-7.7p1-cavstest-kdf.patch
- Minor clean-up of the fips patches, modified

==== ovmf ====
Subpackages: qemu-ovmf-x86_64

- Add ovmf-bsc1130267-overflow-in-partition-and-udf.patch to fix
buffer overflows in PartitionDxe and UdfDxe (bsc#1130267,
- Add ovmf-bsc1128503-fix-stack-overflow-in-HiiImage-and-HiiDatabase.patch
to fix stack overflow in HiiImange and HiiDatabase (bsc#1128503,

==== patterns-base ====
Subpackages: patterns-base-32bit patterns-base-apparmor
patterns-base-apparmor-32bit patterns-base-apparmor_opt patterns-base-base
patterns-base-base-32bit patterns-base-basesystem patterns-base-console
patterns-base-enhanced_base patterns-base-enhanced_base-32bit
patterns-base-enhanced_base_opt patterns-base-minimal_base
patterns-base-minimal_base-32bit patterns-base-sw_management
patterns-base-sw_management-32bit patterns-base-transactional_base
patterns-base-update_test patterns-base-x11 patterns-base-x11-32bit
patterns-base-x11_enhanced patterns-base-x11_enhanced-32bit

- Remove btrfsmaintenance from patterns-base (boo#1063638)
- Fix x11_raspberrypi (jsc#SLE-4142):
* Use only Requires, on JeOS recommmends and suggests are no-ops
* Remove xf86-input-void, obsolete (and not in SLE)
* Require base and x11 patterns
* Add some YaST modules, otherwise the control center is empty

==== perl-IO-Socket-SSL ====

- Update expired certificates in the build tests [bsc#1131103, bsc#1131103]
* Added perl-IO-Socket-SSL-update-certificates.patch

==== plymouth ====
Version update (0.9.4+git20181111.118c5ca -> 0.9.4+git20190304.ed9f201)
Subpackages: libply-boot-client4 libply-splash-core4 libply-splash-graphics4
libply4 plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft
plymouth-plugin-script plymouth-plugin-two-step plymouth-scripts

- Fix theme-bgrt dependencies
(based on plugin-two-step with images from theme-spinner)
- Update to version 0.9.4+git20181219.c8f1256:
* ply-pixel-buffer: Fix right and bottom edge rendering of
scaled buffers.
* Add support for translating the user visible strings in some
* Prefix Title and Subtitle theme config keywords with an
* Add new reboot and system-upgrade modes
* main: Remove private ply_mode_t
* two-step: Make ProgressBarShowPercentComplete a per mode
* plymouthd.defaults: Change default ShowDelay to 0
* ply-boot-splash: Do not add ply_boot_splash_update_progress
timeout multiple times
* logging: Minor log-message fixes.
Improve logging format.
* themes: Update spinner and bgrt theme offline updates mode
* two-step: Add a per mode setting to suppress messages.
Add progress-bar support.
Add MessageBelowAnimation option.
Add per mode settings.
Drop background_is_bgrt view_t member
* ply-progress-bar: Allow caller to specify the widgets width and
Allow choosing fore- and back-ground color.
Redraw on percentage update.
* boot-server: fix type confusion when allocating connection object
* ply-device-manager: Handle change events for monitor hotplugging.
Consume all events in one go.
* drm: Stop limiting preferred-mode picking to UEFI systems.
Reset mode on display-port connected outputs with a bad
Implement handle_change_event.
Ensure heads are mapped before flushing them.
Allow calling create_heads_for_active_connectors multiple
Allow calling ply_renderer_head_add_connector with existing
Limit backend->resources lifetime to within query_device.
Store and keep all the outputs in the backend.
Add get_output_info helper function
Stop storing a pointer to drmModeConnector in ply_output_t
Stop keeing a drmModeConnector instance around.
Refactor ply_renderer_head_add_connector and
- Rebase 0002-Install-label-ft-plugin-into-initrd-if-available.patch
- Update to version 0.9.4+git20181219.c8f1256:
* two-step: Use plymouth_strtod
Use the locale agnostic plymouth_strtod helper which always
uses a "." as decimal seperator. This fixes the various
Alignment options not working with some locales.
- Update to version 0.9.4+git20181209.f7d5bb1:
* ply-keyboard: Fix compiler warning
* When a renderer goes away on a udev remove event, free
keyboards associated with the renderer, before freeing the
* device-manager: free keyboards when deactivating a renderer
* keyboard: add helper to get the keyboard's renderer, if
- Update to version 0.9.4+git20181204.0cd0613:
* drm: Pick a controller for unconfigured connectors
* drm: Drop crtcs for clones for which we've picked different
* drm: More connector enumeration refactoring
* drm: Store tiled and rotation in ply_output_t
* drm: Refactor create_heads_for_active_connectors
* drm: Directly store the mode instead of the mode_index
* drm: Drop unused encoder_id
- Update to version 0.9.4+git20181129.a7ec3e6:
* Add new BGRT theme, using the firmware boot splash as background
* two-step: bgrt: Deal with quirky firmwares, Add ACPI BGRT
extension support, Speed up background-tile drawing on HiDPI
screens, Use a pixel-buffer instead of an image for the view's
* ply-pixel-buffer: Add ply_pixel_buffer_rotate_upright helper,
Add ply_pixel_buffer_get/set_device_rotation helpers, Fix marking
buffers as opaque when doing a solid fill, Fix fill_with_buffer
fastpath when device_scale != 1.
- Update to version 0.9.4+git20181122.aaa140b:
Add a separator between different boot logs
Fix race causing undesired creation of non-gfx devs
Fix animation not starting on later added heads

==== python2-GooCalendar ====

- create package python2-GooCanvas (see boo #1131096)

==== qemu ====
Subpackages: qemu-block-curl qemu-block-rbd qemu-block-ssh qemu-guest-agent
qemu-ipxe qemu-ksm qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses
qemu-ui-gtk qemu-ui-sdl qemu-vgabios qemu-x86

- Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest
upstream adjustments for the same. Basically now the security fix
is to provide a dummy host-model and host-serial value, which
overrides getting that value from the host
- Patch queue updated from git:// opensuse-3.1
- Tweak last spec file change to guard new Requires with conditional
- Fix DOS possibility in device tree processing (CVE-2018-20815
- Patch queue updated from git:// opensuse-3.1
- Remove an unneeded BuildRequires which impacts bsc#1119414 fix
Also add a corresponding Recommends for qemu-tools as part of
this packaging adjustment (bsc#1130484)
- Fix information leak in slirp (CVE-2019-9824 bsc#1129622)
- Add method to specify whether or not to expose certain ppc64 host
information, which can be considered a security issue
(CVE-2019-8934 bsc#1126455)
- Fix OOB memory access and information leak in virtual monitor
interface (CVE-2019-03812 bsc#1125721)
- Patch queue updated from git:// opensuse-3.1
- Again address ipxe GCC 9 incompatibilities. Previously included
patch to disable unneeded warning got muffed somehow (bsc#1121464)

==== re2 ====
Version update (20180901 -> 20190301)

- Update to 2019-03-01:
* developer visible changes only
- update to 2019-01-01:
* developer visible changes, performance tweaks and bug fixes
- update to 2018-10-01:
* developer visible changes only

==== snapper ====
Version update (0.8.2 -> 0.8.3)
Subpackages: libsnapper4 snapper-zypp-plugin

- fixed seg.fault during rollback if the previous default subvolume
is missing in the snapshot list (bsc#1130273)
- version 0.8.3

==== suse-module-tools ====
Version update (15.1.11 -> 15.1.13)

- Update to version 15.1.13:
* spec file: add conflicts for dracut < 44.2 (bsc#1127891)
- Update to version 15.1.12 (git 1ab0b84):
* modprobe.conf.common: add csiostor->cxgb4 dependency
* Load fbcon together with virtio_gpu on s390 (bsc#1121996,

==== virt-manager ====
Subpackages: virt-install virt-manager-common

- Upstream bug fixes (bsc#1027942)

- bsc#1126325 - L3: No way to set max_grant_frames for domUs via
- bsc#1129176 - SLES 12 SP4 - kvm virt-install using ttyS0 leads to
user process fault and interrupts installation (virt-manager)
- bsc#1129309 - Missing .treeinfo file on the media for CaaSP
- Add detection for Caasp 4.0

==== xen ====
Version update (4.12.0_04 -> 4.12.0_08)

- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
* HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
the HVM/PVH and PV code paths in Xen and provides KCONFIG
options to build a PV only or HVM/PVH only hypervisor.
* QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
been vastly improved.
* Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
domain communication mechanism.
* Improvements to Virtual Machine Introspection: The VMI subsystem
which allows detection of 0-day vulnerabilities has seen many
functional and performance improvements.
* Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
default scheduler.
* PVH Support: Grub2 boot support has been added to Xen and Grub2.
* PVH Dom0: PVH Dom0 support has now been upgraded from experimental
to tech preview.
* The Xen 4.12 upgrade also includes improved IOMMU mapping code,
which is designed to significantly improve the startup times of
AMD EPYC based systems.
* The upgrade also features Automatic Dom0 Sizing which allows the
setting of Dom0 memory size as a percentage of host memory (e.g.
10%) or with an offset (e.g. 1G+10%).
- bsc#1130485 - Please drop Requires on multipath-tools in
xen-tools. Now using Recommends multipath-tools.
- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
avoid TSC emulation for HVM domUs if their expected frequency
does not match exactly the frequency of the receiving host
- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
- jsc#SLE-3059 - Disable Xen auto-ballooning
- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
- Disable autoballooning in xl.con
- Update gcc9-ignore-warnings.patch to fix build in SLE12
- bsc#1126325 - fix crash in libxl in error path
Setup of grant_tables and other variables may fail

==== yast2-theme ====
Version update (4.1.8 -> 4.1.11)
Subpackages: yast2-theme-oxygen

- Require yast2-qt-branding-openSUSE for openSUSE distros
so YaST firstboot has some branding (bsc#1105792)
- 4.1.11
- Update oxygen icon theme (boo#1125450)
- 4.1.10
- Add Breeze pattern icons (boo#971671)

==== yast2-trans ====
Version update (84.87.20190322.b16b39e213 -> 84.87.20190330.92a2062d5c)
Subpackages: yast2-trans-ar yast2-trans-bg yast2-trans-bs yast2-trans-ca
yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en
yast2-trans-en_GB yast2-trans-en_US yast2-trans-eo yast2-trans-es
yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-hu
yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-ko yast2-trans-lt
yast2-trans-nb yast2-trans-nl yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR
yast2-trans-ru yast2-trans-sk yast2-trans-sl yast2-trans-sv yast2-trans-uk
yast2-trans-zh_CN yast2-trans-zh_TW

- Update to version 84.87.20190330.92a2062d5c:
* New POT for text domain 'firewall'.
* New POT for text domain 'country'.
* New POT for text domain 'iscsi-client'.
* New POT for text domain 'installation'.
* New POT for text domain 'update'.
* New POT for text domain 'storage'.
* New POT for text domain 'rmt'.
* New POT for text domain 'packager'.
* Translated using Weblate (Slovak)
* Translated using Weblate (Danish)
* Translated using Weblate (German)
* Translated using Weblate (Chinese (Taiwan))
* Translated using Weblate (Danish)
* Translated using Weblate (Slovak)
* New POT for text domain 'printer'.
* Translated using Weblate (Slovak)

To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages