Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190524 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: NetworkManager akregator btrfsprogs (4.20.1 -> 5.1) cronie engrampa (1.22.0 -> 1.22.1) evince gedit (3.32.0 -> 3.32.2) gedit-plugins (3.32.0 -> 3.32.2) gnome-control-center grub2 gvfs kernel-source (5.1.3 -> 5.1.4) libcacard (2.6.0 -> 2.6.1) libsoup (2.66.1 -> 2.66.2) libstorage-ng (4.1.120 -> 4.1.121) libvirt mariadb (10.2.23 -> 10.2.24) mate-calc (1.22.0 -> 1.22.1) obs-service-set_version openconnect (8.02 -> 8.03) osc par (0.8.0 -> 1.1) perl-Net-HTTP (6.18 -> 6.19) podofo polkit-default-privs (13.2+20190507.75c6d67 -> 13.2+20190520.a67a2af) python-numpy (1.16.2 -> 1.16.3) python-reportlab (3.5.12 -> 3.5.21) qqc2-desktop-style (5.57.0 -> 5.58.0) salt seahorse (3.32.1 -> 3.32.2) spice (0.14.1 -> 0.14.2) spice-gtk (0.36 -> 0.37) system-user-root (20170617 -> 20190513) thunar (1.8.4 -> 1.8.6) tlp (1.2.1 -> 1.2.2) transmission tumbler (0.2.3 -> 0.2.4) utf8proc (2.2.0 -> 2.4.0) yast2-packager (4.2.6 -> 4.2.7) yast2-python-bindings (4.1.0 -> 4.1.1) yast2-schema (4.1.7 -> 4.2.0) yast2-storage-ng (4.2.15 -> 4.2.16) === Details === ==== NetworkManager ==== Subpackages: NetworkManager-lang libnm0 typelib-1_0-NM-1_0 - Avoid using "systemctl enable" in spec file (bsc#1038403). - Remove legacy checks which fixes bnc#803058 during distribution upgrade from 12.2 to 12.3 in .spec file. ==== akregator ==== Subpackages: akregator-lang - Add Fix-crashes-with-Qt-5.12.patch to fix possible crashes when opening/closing tabs (kde#371511) ==== btrfsprogs ==== Version update (4.20.1 -> 5.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - update to version 5.1 * repair: flush/FUA support to avoid breaking metadata COW * file extents repair no longer relies on data in extent tree * lowmem: fix false error reports about gaps between extents * add inode mode check and repair for various objects * add check for invalid combination of nocow/compressed extents * device scan option to forget scanned devices [new] * mkfs: use same chunk size as kernel for initial creation * dev-repace: better report when other exclusive operation runs * help for sntax errors on command lines, print relevant msgs * defrag: able to open files in RO mode * dump-tree: --block can be specified multiple times - update to version 4.20.2 * dump-super: minor output fixup * revert fix for prefix detection of receive path, this is temporary and unbreaks existing user setups ==== cronie ==== Subpackages: cron - add cronie-1.5.4-always_create_pid_file.patch to always create a pid file even when the cron daemon does not fork. The PID file is useful to avoid running multiple "cron -n" instances at once [bsc#1133100] ==== engrampa ==== Version update (1.22.0 -> 1.22.1) Subpackages: engrampa-lang - Update to version 1.22.1: * Help: Replace link linkend with xref linkend. * file-utils: Avoid out of bound memory access. * actions: Avoid use of memory after it is freed. * fr-process: Fix memory leak: "g_shell_quote" needs to be freed. * fr-process: Fix memory leak: "g_strconcat" needs to be freed. * [Security] fr-process: Avoid "strcpy" and "strcat". * fr-process: Fix memory leak. * Help: Fix version to 1.22. * Help: Update copyright. * Upgrade the manual to docbook 5. * Update translations. ==== evince ==== Subpackages: evince-lang evince-plugin-comicsdocument evince-plugin-djvudocument evince-plugin-dvidocument evince-plugin-pdfdocument evince-plugin-tiffdocument evince-plugin-xpsdocument libevdocument3-4 libevview3-3 nautilus-evince typelib-1_0-EvinceDocument-3_0 typelib-1_0-EvinceView-3_0 - Remove Supplements from psdocument package, so that it isn't pulled in by default (boo#1122794). ==== gedit ==== Version update (3.32.0 -> 3.32.2) Subpackages: gedit-lang python3-gedit - Update to version 3.32.2: + Reintroduce enable-gvfs-metadata build option. + Fix several crash bugs. + Updated translations. ==== gedit-plugins ==== Version update (3.32.0 -> 3.32.2) Subpackages: gedit-plugin-zeitgeist gedit-plugins-data gedit-plugins-lang - Update to version 3.32.2: + Fix ColorSchemer plugin for GTKSourceView 4. + Cache language names per session to prevent unnecessary web requests by Translate plugin. + Fix enabling and disabling the Translate plugin. - Refresh bracketcompletion-use-key-release-event-to-work-wi.patch with quilt. ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Add control-center-fix-mtu-label.patch: network: Fix mtu label not requesting enough space (glgo#GNOME/gnome-control-center!475, bsc#1040055). ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh - Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch ==== gvfs ==== Subpackages: gvfs-backend-afc gvfs-backend-samba gvfs-backends gvfs-fuse gvfs-lang - Drop polkit rules files, only relevant for wheel group (boo#1125433). ==== kernel-source ==== Version update (5.1.3 -> 5.1.4) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms kernel-vanilla - Update config files. - commit 0739fa4 - dm: make sure to obey max_io_len_target_boundary (bnc#1135868). - commit 4be0add - Linux 5.1.4 (bnc#1012628). - s390/mm: convert to the generic get_user_pages_fast code (bnc#1012628). - s390/mm: make the pxd_offset functions more robust (bnc#1012628). - libnvdimm/namespace: Fix label tracking error (bnc#1012628). - powerpc/32s: fix flush_hash_pages() on SMP (bnc#1012628). - xen/pvh: correctly setup the PV EFI interface for dom0 (bnc#1012628). - xen/pvh: set xen_domain_type to HVM in xen_pvh_init (bnc#1012628). - kbuild: turn auto.conf.cmd into a mandatory include file (bnc#1012628). - smb3: display session id in debug data (bnc#1012628). - KVM: lapic: Busy wait for timer to expire when using hv_timer (bnc#1012628). - KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes (bnc#1012628). - KVM: Fix the bitmap range to copy during clear dirty (bnc#1012628). - Revert "KVM: nVMX: Expose RDPMC-exiting only when guest supports PMU" (bnc#1012628). - jbd2: fix potential double free (bnc#1012628). - ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bnc#1012628). - ALSA: hda/realtek - Fixup headphone noise via runtime suspend (bnc#1012628). - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bnc#1012628). - ext4: avoid panic during forced reboot due to aborted journal (bnc#1012628). - ext4: fix use-after-free in dx_release() (bnc#1012628). - ext4: fix data corruption caused by overlapping unaligned and aligned IO (bnc#1012628). - ext4: zero out the unused memory region in the extent tree block (bnc#1012628). - tty: Don't force RISCV SBI console as preferred console (bnc#1012628). - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bnc#1012628). - mm/compaction.c: correct zone boundary handling when isolating pages from a pageblock (bnc#1012628). - ARM: dts: imx: Fix the AR803X phy-mode (bnc#1012628). - ipmi:ssif: compare block number correctly for multi-part return messages (bnc#1012628). - ipmi: Add the i2c-addr property for SSIF interfaces (bnc#1012628). - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() (bnc#1012628). - bcache: fix a race between cache register and cacheset unregister (bnc#1012628). - Btrfs: fix race between send and deduplication that lead to failures and crashes (bnc#1012628). - Btrfs: do not start a transaction at iterate_extent_inodes() (bnc#1012628). - Btrfs: do not start a transaction during fiemap (bnc#1012628). - Btrfs: send, flush dellaloc in order to avoid data loss (bnc#1012628). - btrfs: Honour FITRIM range constraints during free space trim (bnc#1012628). - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails (bnc#1012628). - btrfs: Check the first key and level for cached extent buffer (bnc#1012628). - ext4: fix ext4_show_options for file systems w/o journal (bnc#1012628). - ext4: actually request zeroing of inode table after grow (bnc#1012628). - ext4: fix use-after-free race with debug_want_extra_isize (bnc#1012628). - ext4: avoid drop reference to iloc.bh twice (bnc#1012628). - ext4: ignore e_value_offs for xattrs with value-in-ea-inode (bnc#1012628). - ext4: make sanity check in mballoc more strict (bnc#1012628). - jbd2: check superblock mapped prior to committing (bnc#1012628). - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bnc#1012628). - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bnc#1012628). - mtd: maps: Allow MTD_PHYSMAP with MTD_RAM (bnc#1012628). - mtd: maps: physmap: Store gpio_values correctly (bnc#1012628). - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bnc#1012628). - mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bnc#1012628). - mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bnc#1012628). - ACPICA: Linux: move ACPI_DEBUG_DEFAULT flag out of ifndef (bnc#1012628). - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bnc#1012628). - userfaultfd: use RCU to free the task struct when fork fails (bnc#1012628). - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bnc#1012628). - hugetlb: use same fault hash key for shared and private mappings (bnc#1012628). - mm/hugetlb.c: don't put_page in lock of hugetlb_lock (bnc#1012628). - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bnc#1012628). - mm/mincore.c: make mincore() more conservative (bnc#1012628). - crypto: ccree - handle tee fips error during power management resume (bnc#1012628). - crypto: ccree - add function to handle cryptocell tee fips error (bnc#1012628). - crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend (bnc#1012628). - crypto: ccree - pm resume first enable the source clk (bnc#1012628). - crypto: ccree - don't map AEAD key and IV on stack (bnc#1012628). - crypto: ccree - use correct internal state sizes for export (bnc#1012628). - crypto: ccree - don't map MAC key on stack (bnc#1012628). - crypto: ccree - fix mem leak on error path (bnc#1012628). - crypto: ccree - remove special handling of chained sg (bnc#1012628). - bpf: fix out of bounds backwards jmps due to dead code removal (bnc#1012628). - bpf, arm64: remove prefetch insn in xadd mapping (bnc#1012628). - ASoC: codec: hdac_hdmi add device_link to card device (bnc#1012628). - ASoC: fsl_esai: Fix missing break in switch statement (bnc#1012628). - ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bnc#1012628). - ASoC: max98090: Fix restore of DAPM Muxes (bnc#1012628). - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bnc#1012628). - ALSA: hda/realtek - EAPD turn on later (bnc#1012628). - ALSA: hda/hdmi - Consider eld_valid when reporting jack event (bnc#1012628). - ALSA: hda/hdmi - Read the pin sense from register when repolling (bnc#1012628). - ALSA: usb-audio: Fix a memory leak bug (bnc#1012628). - ALSA: line6: toneport: Fix broken usage of timer for delayed execution (bnc#1012628). - mmc: sdhci-pci: Fix BYT OCP setting (bnc#1012628). - mmc: core: Fix tag set memory leak (bnc#1012628). - mmc: tegra: fix ddr signaling for non-ddr modes (bnc#1012628). - dt-bindings: mmc: Add disable-cqe-dcmd property (bnc#1012628). - drivers/dax: Allow to include DEV_DAX_PMEM as builtin (bnc#1012628). - crypto: arm64/aes-neonbs - don't access already-freed walk.iv (bnc#1012628). - crypto: arm/aes-neonbs - don't access already-freed walk.iv (bnc#1012628). - crypto: caam/qi2 - generate hash keys in-place (bnc#1012628). - crypto: caam/qi2 - fix DMA mapping of stack memory (bnc#1012628). - crypto: caam/qi2 - fix zero-length buffer DMA mapping (bnc#1012628). - crypto: rockchip - update IV buffer to contain the next IV (bnc#1012628). - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bnc#1012628). - crypto: arm64/gcm-aes-ce - fix no-NEON fallback code (bnc#1012628). - crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bnc#1012628). - crypto: crct10dif-generic - fix use via crypto_shash_digest() (bnc#1012628). - crypto: skcipher - don't WARN on unprocessed data after slow walk step (bnc#1012628). - crypto: vmx - fix copy-paste error in CTR mode (bnc#1012628). - crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bnc#1012628). - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bnc#1012628). - crypto: chacha20poly1305 - set cra_name correctly (bnc#1012628). - crypto: chacha-generic - fix use as arm64 no-NEON fallback (bnc#1012628). - crypto: lrw - don't access already-freed walk.iv (bnc#1012628). - crypto: salsa20 - don't access already-freed walk.iv (bnc#1012628). - crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues (bnc#1012628). - crypto: crypto4xx - fix ctr-aes missing output IV (bnc#1012628). - x86/MCE/AMD: Don't report L1 BTB MCA errors on some family 17h models (bnc#1012628). - x86/MCE: Add an MCE-record filtering function (bnc#1012628). - sched/x86: Save [ER]FLAGS on context switch (bnc#1012628). - arm64: Save and restore OSDLR_EL1 across suspend/resume (bnc#1012628). - arm64: Clear OSDLR_EL1 on CPU boot (bnc#1012628). - arm64: compat: Reduce address limit (bnc#1012628). - arm64: arch_timer: Ensure counter register reads occur with seqlock held (bnc#1012628). - arm64: mmap: Ensure file offset is treated as unsigned (bnc#1012628). - power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist (bnc#1012628). - power: supply: axp288_charger: Fix unchecked return value (bnc#1012628). - ARM: exynos: Fix a leaked reference by adding missing of_node_put (bnc#1012628). - mmc: sdhci-of-arasan: Add DTS property to disable DCMDs (bnc#1012628). - ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3 (bnc#1012628). - ARM: dts: exynos: Fix audio routing on Odroid XU3 (bnc#1012628). - ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260 (bnc#1012628). - ARM: dts: qcom: ipq4019: enlarge PCIe BAR range (bnc#1012628). - arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller (bnc#1012628). - arm64: dts: rockchip: fix IO domain voltage setting of APIO5 on rockpro64 (bnc#1012628). - objtool: Fix function fallthrough detection (bnc#1012628). - x86/speculation/mds: Improve CPU buffer clear documentation (bnc#1012628). - x86/speculation/mds: Revert CPU buffer clear on double fault exit (bnc#1012628). - locking/rwsem: Prevent decrement of reader count before increment (bnc#1012628). - commit 047096a - TTY: serial_core, add ->install (bnc#1129693). - commit da4e6dd ==== libcacard ==== Version update (2.6.0 -> 2.6.1) - Update to v2.6.1 * various bug fixes (memory corruption issues which would cause crashes in spice-gtk) ==== libsoup ==== Version update (2.66.1 -> 2.66.2) Subpackages: libsoup-2_4-1 libsoup-lang typelib-1_0-Soup-2_4 - Update to version 2.66.2: + Make gettext optional (might not be available in Windows). + MSVC: set encoding to UTF-8 to avoid errors. + MinGW tests build fix. + Check for TLS support only when external glib dependency is available. ==== libstorage-ng ==== Version update (4.1.120 -> 4.1.121) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#646 - Initial changes - Rename auxiliary struct - Block shrink multi-device Btrfs - Adapt action text when growing multi-device Btrfs - Add integration test - Bump lib version - Resize multi-device Btrfs - 4.1.121 ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - admin: reject clients unless their UID matches the server UID CVE-2019-10132 96f41cd7-admin-reject-clients.patch, f111e094-locking-restrict-sockets-to-mode-0600.patch, e37bd65f-logging-restrict-sockets-to-mode-0600.patch bsc#1134348 ==== mariadb ==== Version update (10.2.23 -> 10.2.24) Subpackages: libmysqld19 mariadb-client mariadb-errormessages - update to 10.2.24 GA [bsc#1122198] * notable changes: * MDEV-18968 - Both (WHERE 0.1) and (WHERE NOT 0.1) return empty set * MDEV-18466 - Unsafe to log updates on tables referenced by foreign keys with triggers in statement format * MDEV-18899 - Server crashes in Field::set_warning_truncated_wrong_value * MDEV-18298 - Crashes server with segfault during role grants * MDEV-17610 - Unexpected connection abort after certain operations from within stored procedure * MDEV-19112 - WITH clause does not work with information_schema as default database * MDEV-17830 - Server crashes in Item_null_result::field_type upon SELECT with CHARSET(date) and ROLLUP * MDEV-14041 - Server crashes in String::length on queries with functions and ROLLUP * MDEV-18920 - Prepared statements with st_convexhull hang and eat 100% cpu. * MDEV-15837 - Assertion item1->type() == Item::FIELD_ITEM && item2->type() == Item::FIELD_ITEM * MDEV-9531 - GROUP_CONCAT with ORDER BY inside takes a lot of memory while it's executed * MDEV-17036 - BULK with replace doesn't take the first parameter in account * Bug#28986737 - RENAMING AND REPLACING MYSQL.USER TABLE CAN LEAD TO A SERVER CRASH * MDEV-19350 - Server crashes in delete_tree_element / ... / Item_func_group_concat::repack_tree * MDEV-19188 - Server Crash When Using a Trigger With A Number of Virtual Columns on INSERT/UPDATE * MDEV-19352 - Server crash in alloc_histograms_for_table_share upon query from information schema InnoDB * InnoDB persistent corruption fixes: MDEV-19426, MDEV-19022, MDEV-19241, MDEV-13942 * InnoDB recovery fixes and speedup: MDEV-18733, MDEV-12699, MDEV-19356, MDEV-19426 * MDEV-14398 - innodb_encrypt_tables will work even with innodb_encryption_rotate_key_age=0 * MDEV-17036 - BULK with replace doesn't take the first parameter in account * MDEV-14784 - Slave crashes in show_status_array upon running a trigger with select from I_S * MDEV-19060 - mariabackup continues, despite failing to open a tablespace * MDEV-18686 - Add option to PAM authentication plugin to allow case insensitive username matching * bugfix - multi-update checked privileges on views incorrectly * MDEV-19276 - during connect, write error log warning for ER_DBACCESS_DENIED_ERROR, if log_warnings > 1 * MDEV-17456 - Malicious SUPER user can possibly change audit log configuration without leaving traces. * fixes for the following security vulnerabilities: [CVE-2019-2614], [CVE-2019-2627], [CVE-2019-2628] * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10224-release-notes https://mariadb.com/kb/en/library/mariadb-10224-changelog - refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch - remove %{extra_provides} definition and Provides/Obsoletes where it was used. It's just a remnant and it's no longer needed. ==== mate-calc ==== Version update (1.22.0 -> 1.22.1) Subpackages: mate-calc-lang - Update to version 1.22.1: * currency-manager: Update name_map in load_imf_rates. * Display small numbers in scientific notation. * mp: Fix calculate result ln(e^(i*?)). * mate-calc: Fix memory leak. * Update translations. ==== obs-service-set_version ==== - Modified .spec file to better suit Fedora OS (let's just assume all Fedora versions has python 3) - Update to version 0.5.11: * try to fix set_version:157:13: E117 over-indented (comment) - enable test suite by default * if it does not build, it can also not be executed on the distro - fix requires for SLE 12 distro ==== openconnect ==== Version update (8.02 -> 8.03) Subpackages: libopenconnect5 openconnect-lang - Update to 8.0.3: * Fix Cisco DTLSv1.2 support for AES256-GCM-SHA384. * Fix recognition of OTP password fields. - Verify source signature ==== osc ==== - Spec: * add Provides: %{use_python}-osc so that other packages can require the correct version (either python2-osc or python3-osc) ==== par ==== Version update (0.8.0 -> 1.1) - Corect download url - Clarify changelog - Update previou changelog entry - Fix download url - Revert pacakge to build 'par' using the parchive sources. On 2016-11-23 this package was updated to be built from the 'par2cmdline' sources instead of the 'parchive' sources. These are different projects (although worked on by some of the same people, which probably led to some confusion). This change converts this project from building par2cmdline v0.8.0 to building the correct project of parchive v1.2. In conjunction with this package fix, a new package called 'par2cmdline' will be made available to return par2cmdline v0.8.0 to the repos. - Re-add par.diff ==== perl-Net-HTTP ==== Version update (6.18 -> 6.19) - updated to 6.19 see /usr/share/doc/packages/perl-Net-HTTP/Changes 6.19 2019-05-16 19:16:59Z - partially skip live-https.t if there's no keep-alive connection (GH#58) (Slaven Rezi?) - set "x_static_install" : 1 in META files ==== podofo ==== - Add r1969-Fix-CVE-2019-9687-heap-based-buffer-overflow.patch (boo#1129290, CVE-2019-9687). ==== polkit-default-privs ==== Version update (13.2+20190507.75c6d67 -> 13.2+20190520.a67a2af) - Update to version 13.2+20190520.a67a2af: * polkit rules: whitelist libvirt (bsc#1125314) * rules for systemd org.freedesktop.login1.set-reboot* (bsc#1133843) ==== python-numpy ==== Version update (1.16.2 -> 1.16.3) Subpackages: python2-numpy python3-numpy - update to version 1.16.3 NumPy 1.16.3 Release Notes: The NumPy 1.16.3 release fixes bugs reported against the 1.16.2 release, and also backports several enhancements from master that seem appropriate for a release series that is the last to support Python 2.7. The wheels on PyPI are linked with OpenBLAS v0.3.4+, which should fix the known threading issues found in previous OpenBLAS versions. Downstream developers building this release should use Cython >= 0.29.2 and, if using OpenBLAS, OpenBLAS > v0.3.4. The most noticeable change in this release is that unpickling object arrays when loading *.npy or *.npz files now requires an explicit opt-in. This backwards incompatible change was made in response to CVE-2019-6446 <https://nvd.nist.gov/vuln/detail/CVE-2019-6446>_. Compatibility notes Unpickling while loading requires explicit opt-in The functions np.load, and np.lib.format.read_array take an allow_pickle keyword which now defaults to False in response to CVE-2019-6446 <https://nvd.nist.gov/vuln/detail/CVE-2019-6446>_. Improvements Covariance in random.mvnormal cast to double This should make the tolerance used when checking the singular values of the covariance matrix more meaningful. Changes __array_interface__ offset now works as documented The interface may use an offset value that was previously mistakenly ignored. ==== python-reportlab ==== Version update (3.5.12 -> 3.5.21) - version update to 3.5.21 * fix bug in legends * add extra table info in spanning error case * Preliminary MultiCol implementation * fix missing xrange import * allow rgb to have fractions of 1 in css colors * fix bug with a tag href not having a scheme * all0w LineChart/LinePlot area fills to differe from the stroke colour * add canvas setProducer method * more FrameBG changes vs BalancedColumns * fix bb issues #176/#177 reported by graingert & droidzone * more FrameBG fixes; added canvas cross method, frame static drawBoundary * fix stroking for frame background in container * add stroking for frame background * added axes tickStrokeWidth etc etc * added rl_setting.reserveTTFNotdef inspired by e3office at bitbucket (pr #50) ==== qqc2-desktop-style ==== Version update (5.57.0 -> 5.58.0) - Update to 5.58.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.58.0.php - Changes since 5.57.0: * Avoid nesting Controls in TextField (kde#406851) * make the mobile text toolbar appear only on press * [TabBar] Update height when TabButtons are added dynamically * refer to the proper id * use the new Kirigami.WheelHandler * Support custom icon size for ToolButton * It compile fine without foreach Refreshed patches: * 0001-Fix-MobileTextActionsToolBar.qml-with-Qt-5.9.patch ==== salt ==== Subpackages: python3-salt salt-master salt-minion - Switch firewalld state to use change_interface (bsc#1132076) - Added: * switch-firewalld-state-to-use-change_interface.patch ==== seahorse ==== Version update (3.32.1 -> 3.32.2) Subpackages: gnome-shell-search-provider-seahorse seahorse-lang - Update to version 3.32.2: + appdata: Update the contact details and add OARS metadata. + gkr: Fix a crash for some Epiphany passwords. ==== spice ==== Version update (0.14.1 -> 0.14.2) - Update to v0.14.2 stable release The main changes are support for Meson build and graphic device info messages allowing to better support multi-monitor configurations. * support H265 in stream-channel * add support for building with meson/ninja * minor tests fixes improving CI * set char device state for smartcard, allowing Qemu optimization * improve red-parse-qxl.c interface making it more consistent * add some instrumentation for streaming device * QXL interface: add a function to identify monitors in the guest (spice_qxl_set_device_info) * add support for GraphicsDeviceInfo messages * video-stream: prevent crash on stream reattach * make channel client callbacks virtual functions * bumped minimum required glib version to 2.38 * attempt to have a reliable led state for keyboard modifiers - Removed patches: (The first two are altered versions of what is carried upstream. I think we're fine with what upstream does here) 0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch 0002-lz-More-checks-on-image-sizes.patch 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch ==== spice-gtk ==== Version update (0.36 -> 0.37) Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper libspice-client-gtk-3_0-5 - Update to version 0.37: + Deprecate SpiceMainChannel:color-depth and SpiceSession::color-depth + Fix race condition on keyboard modifiers + Fix cursor on Wayland: Fixes hidden cursor #83 + Fix clipboard on X11: avoid request client clipboard data when is known that there is no data. + Improve usb redirection + Fix on usb redirection: Don't add same device twice + Fix on smartcard: Warn if multiple readers are detected + Add instrumentation for frame and queue statistics of SpiceDisplay using [Recorder] library + Fix Warnings with GStreamer >= 1.14 on video decoding due to setting buffer's PTS + Fix some Critical warnings when build without GNOME desktop integration + Fix Criticals when no primary monitor is set + Documentation fixes - Add keyring and tarball signature files ==== system-user-root ==== Version update (20170617 -> 20190513) - Bump to version 20190513: * Invalidate root password by default (bsc#1134524) ==== thunar ==== Version update (1.8.4 -> 1.8.6) Subpackages: libthunarx-3-0 thunar-lang - Fixed Xfce bug trackers in previous changelog entry - Update to version 1.8.6 * Job is now optional for thunar_io_scan_directory * Expand scroll window of file operation progress dialog (bxo#14946) * Fix compiler error -Wcast-function-type (GCC 8) * Bump glib minimal required version * Fix g_type_class_add_private is deprecated * Small code cleanup * Fix pathbar to on middle click open folders in new tabs (bxo#15302) * Translation updates: Danish - Dropped thunar-job-optional.patch since it was fixed upstream - Added patch from upstream: thunar-job-optional.patch prevent Thunar segfault at startup: make Job optional for thunar_io_scan_directory - Update to version 1.8.5 - Do not exit when dbus name registration fails (bxo#15149) - tree view jumps (scrolls) when clicking on a directory (bxo#15174) - Correctly check if destination is writable (bxo#14718) - Make tree-view 'Move to Trash' icon the same as in main pane - Make toggle for the delete entry affect tree-view side pane too - Pathbar buttons are now resized on folder rename (bxo#15024) - Load templates synchronously (bxo#15200) - delete key in tree-view can delete the user home folder (bxo#15095) - Hide unneeded context menu entries for folder "Trash" in tree view - crash after clicking when XDG_SESSION_TYPE isn't set (bxo#15366) - man page incorrectly suggests '-v' instead of '-V' - Fix how wallpaper is set on Gnome - SEGV (11) on USB-flash connection (bxo#13813) - Fix session startup priority - Fix queued context menu popup - Restore right-click drag and drop functionality (bxo#14583) - Translation updates - Dropped obsolete patch thunar-1.8.4-fix-context-menu.patch - Added conditional %bcond_with git for building with git master branch - Updated URL - Use /metainfo instead of /appdata and drop obsolete file edits - Other spec file cleanups - Added thunar-1.8.4-fix-context-menu.patch fixing "create document" sub-menu not showing any content (boo#1134899) ==== tlp ==== Version update (1.2.1 -> 1.2.2) Subpackages: tlp-rdw - Update to version 1.2.2: * Battery Features, tlp-stat -b: - Show data for batteries named other than BAT0/BAT1 (non-ThinkPads). - ThinkPad X1C6 discharge malfunction (gh#linrunner/TLP#395). - Separate checks for charge thresholds and recalibration. - Intelligible recommendation for tp-smapi on ThinkPad X220/T420 et al. - Explain "Battery Features: Charge Thresholds and Recalibrate". * Discs: - Fix type determination. * Operation Mode AC/BAT: - MacBookPro 5.3: Workaround for false AC offline status. * Processor, tlp-stat -p: - Fix read of /sys/devices/system/cpu/cpufreq/boost. - x86_energy_perf_policy: Detect unsupported CPUs in newer versions. * Radio Devices: - Make RESTORE_DEVICE_STATE_ON_STARTUP=1 persistent again (gh#linrunner/TLP#404). ==== transmission ==== Subpackages: transmission-common transmission-gtk transmission-gtk-lang - Added %global WITH_APPINDICATOR 1 to enable missing appindicator support ==== tumbler ==== Version update (0.2.3 -> 0.2.4) Subpackages: libtumbler-1-0 tumbler-lang - Update to version 0.2.4 - Check for sparse video files only on plugin side - Set Max file sizes - Add Fujifilm RAF support (bxo#14522) - Add more media types for audio cover thumbnails (bxo#12041) - Fix a typo in desktop-thumbnailer-provider.c (bxo#14925) - Update URLs in README and configure.ac - Fix g_type_class_add_private is deprecated - Bump glib version - Translation Updates - Added bcond to build with sources from git master branch - Switched to %autosetup for simpler maintenance - Switch urls to https:// - Cleaned up spec file ==== utf8proc ==== Version update (2.2.0 -> 2.4.0) - utf8proc 2.4.0: * Unicode 12.1 support * Fixed incorrect UTF8PROC_VERSION_MINOR version number in header and bumped shared-library version - includes changes from 2.3.0: * Unicode 12 support * New function utf8proc_unicode_version to return the supported Unicode version * Simpler character-width computation that no longer uses GNU Unifont metrics: East-Asian wide characters have width 2, and all other printable characters have width 1 * Fix CHARBOUND option for utf8proc_map to preserve U+FFFE and U+FFFF non-characters ==== yast2-packager ==== Version update (4.2.6 -> 4.2.7) - List of Online Repositories: Overwrite already existing repos in "new installation" mode (bsc#1132622). - 4.2.7 ==== yast2-python-bindings ==== Version update (4.1.0 -> 4.1.1) Subpackages: yast2-python3-bindings - yast2-python-bindings compilation errors when compiling with - Werror=format-security; (bsc#1133596); - 4.1.1 ==== yast2-schema ==== Version update (4.1.7 -> 4.2.0) - Updated build requ. due tag cpu_mitigations in bootloader. (bsc#1128707) (wrong version number) - 4.2.0 ==== yast2-storage-ng ==== Version update (4.2.15 -> 4.2.16) - Partitioner: allow to resize devices used by a multi-device Btrfs filesystem (part of jsc#SLE-3877). - 4.2.16 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org