Mailinglist Archive: opensuse-factory (443 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20190718 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Sat, 20 Jul 2019 01:03:02 +0000
  • Message-id: <156358458254.31408.15408726231787858539@go-agent-stagingbot-7>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190718

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
harfbuzz (2.3.1 -> 2.5.3)
kdevelop5
libpng12 (1.2.57 -> 1.2.59)
spec-cleaner (1.1.3 -> 1.1.4)
squid (4.7 -> 4.8)
tracker
udisks2
virt-manager (2.1.0 -> 2.2.1)
xclock (1.0.8 -> 1.0.9)

=== Details ===

==== harfbuzz ====
Version update (2.3.1 -> 2.5.3)
Subpackages: libharfbuzz-icu0 libharfbuzz0 libharfbuzz0-32bit

- Update to version 2.5.3:
+ Fix UCD script data for Unicode 10+ scripts. This was broken
since 2.5.0.
+ More optimizations for HB_TINY.
- Changes from version 2.5.2:
+ More hb-config.hh facilities to shrink library size, namely
when built as HB_TINY.
+ New documentation of custom configurations in CONFIG.md.
+ Fix build on gcc 4.8. That's supported again.
+ Universal Shaping Engine improvements.
+ API Changes: Undeprecate some horizontal-kerning API and
re-enable in hb-ft, such that Type1 fonts will continue
kerning.
- Changes from version 2.5.1:
+ Fix build with various versions of Visual Studio.
+ Improved documentation.
+ Bugfix in subsetting glyf table.
+ Improved scripts for cross-compiling for Windows using mingw.
+ Rename HB_MATH_GLYPH_PART_FLAG_EXTENDER to
HB_OT_MATH_GLYPH_PART_FLAG_EXTENDER. A deprecated macro is
added for backwards-compatibility.
- Changes from version 2.5.0:
+ This release does not include much functional changes, but
includes major internal code-base changes. We now require
C++11. Support for gcc 4.8 and earlier has been dropped.
+ New hb-config.hh facility for compiling smaller library for
embedded and web usecases.
+ New Unicode Character Databse implementation that is half the
size of previously-used UCDN.
+ Subsetter improvements.
+ Improved documentation.
+ isc shaping fixes.
- Changes from version 2.4.0:
+ Unicode 12.
+ Misc fixes.
+ Subsetter improvements.
+ New API: HB_BUFFER_FLAG_DO_NOT_INSERT_DOTTED_CIRCLE and
hb_directwrite_face_create().

==== kdevelop5 ====
Subpackages: kdevelop5-lang kdevplatform kdevplatform-lang libkdevplatform53

- Add fix-crash-on-undocking-toolviews.patch to fix crash when
undocking toolviews with Qt 5.13 (kde#409790)

==== libpng12 ====
Version update (1.2.57 -> 1.2.59)

- version update to 1.2.59
Added png_check_chunk_length() function, and check all chunks except
IDAT against the default 8MB limit; check IDAT against the maximum
size computed from IHDR parameters (Fixes CVE-2017-12652).
Initialize memory allocated by png_inflate to zero, using memset, to
stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2()
due to truncated iTXt or zTXt chunk.

==== spec-cleaner ====
Version update (1.1.3 -> 1.1.4)

- Update to 1.1.4 bsc#1099674:
* Exclude stuff from openstack macros
* Replace 'http' with 'https' in URL
* Replace legacy packageand() with 'and' expression
* Replace pwdutils with shadow in Requires
* Add openstack_cleanup_prep to bracketing excludes
* Do not curlify yast_metainfo and yast_check
* Fixup the eating of Source lines with whitespace
* Document '#nospeccleaner' tag
* Add docstrings to the functions and classes.
* Use type hints for the most important functions
* Update README and licences
* Various small fixes
- add a temporary patch spec-cleaner-1.1.4_test_https.patch
that fixes a test that fails if there is no internet connection

==== squid ====
Version update (4.7 -> 4.8)

- Update to squid 4.8:
+ Ignore ECONNABORTED in accept(2)
+ RFC 7230 forbids generation of userinfo subcomponent of https URL
+ cachemgr.cgi: unallocated memory access resulting in a potential
denial of service. (bsc#1141442, CVE-2019-12854)
+ terminating c-strings beyond BASE64_DECODE_LENGTH
+ Replace uudecode with libnettle base64 decoder fixing a denial
of service vulnerability (bsc#1141329, CVE-2019-12529)
+ fix to_localhost does not include ::
+ Fix GCC-9 build issues
+ Fix Digest auth parameter parsing preventing a potential
denial of service (bsc#1141332, CVE-2019-12525)
+ Update HttpHeader::getAuth to SBuf which prevents a potential
heap overflowing allowing a possible remote code execution
attack when processing HTTP Authentication credentials
(bsc#1141330, CVE-2019-12527)
+ Add the NO_TLSv1_3 option to available tls-options values
+ Fix handling of tiny invalid responses
+ Fix Memory leak when http_reply_access uses external_acl
+ Fix Multiple XSS issues in cachemgr.cgi
(bsc#1140738, CVE-2019-13345)
- use unbundled version of libnettle
- disable LTO as a workaround to tests failing

==== tracker ====
Subpackages: libtracker-common-2_0 libtracker-control-2_0-0
libtracker-miner-2_0-0 libtracker-sparql-2_0-0 tracker-lang
typelib-1_0-Tracker-2_0 typelib-1_0-TrackerControl-2_0

- Add fix-tracker-miner-fs-lto-crash.patch and enable
again LTO (boo#1141201).

==== udisks2 ====
Subpackages: libudisks2-0 libudisks2-0_btrfs udisks2-lang

- don't call systemd uninstall macro for clean-mount-point@.service
template (boo#1139996)

==== virt-manager ====
Version update (2.1.0 -> 2.2.1)
Subpackages: virt-install virt-manager-common

- Upstream bug fix (bsc#1027942)

3c6e8537-guest-fix-warning-message-when-machine-type-is-changed-for-secure-boot.patch
- Update to virt-manager 2.2.1 (fate#326786)
virt-manager-2.2.1.tar.bz2
* CVE-2019-10183: Replace ?unattended user-password and admin-password with
user-password-file and admin-password-file (Fabiano FidĂȘncio)
* Consistent ?memballoon default across non-x86 (Andrea Bolognani)
* virt-install: add ?numatune memnode.* (Athina Plaskasoviti)
* Drop hard dep on gtksourceview4, gtksourceview3 is fine as well
- Drop patches no longer needed
033e9702-xmleditor-Handle-gtksourceview3-as-well-as-gtksourceview4.patch
51d28f04-unattended-Dont-log-user-admin-passwords.patch
5312a961-virt-install-Revive-wait-0-as-alias-for-noautoconsole.patch
58c68764-unattended-Read-the-passwords-from-a-file.patch
- bsc#1140211 - VUL-1: CVE-2019-10183: virt-manager: unattended
option leaks password via command line argument
58c68764-unattended-Read-the-passwords-from-a-file.patch
51d28f04-unattended-Dont-log-user-admin-passwords.patch
- Upstream bug fix (bsc#1027942)
5312a961-virt-install-Revive-wait-0-as-alias-for-noautoconsole.patch
- Update to virt-manager 2.2.0 (fate#326786)
virt-manager-2.2.0.tar.bz2
* libvirt XML viewing and editing UI for new and existing domain, pools,
volumes, networks
* virt-install: libosinfo ?unattended support (Fabiano FidĂȘncio, Cole
Robinson)
* Improve CPU model security defaults (Pavel Hrdina)
* virt-install: new ?install option. Ex: virt-install ?install fedora29
* virt-install: new ?install kernel=,initrd=
* virt-install: ?disk, ?memory, ?name defaults from libosinfo (Fabiano
FidĂȘncio, Cole Robinson)
* virt-install: add device suboption aliases which consistently match libvirt
XML naming
* virt-xml: new ?start, ?no-define options (Marc Hartmayer)
* virt-install: Add driver_queues argument to ?controller (Vasudeva Kamath)
* RISC-V support (Andrea Bolognani)
* Device default improvements for non-x86 KVM (Andrea Bolognani)
* Redesigned ?New Network? wizard
* libguestfs inspection improvements (Pino Toscano)
* virt-install: Add support for xenbus controller (Jim Fehlig)
* cli: Add ?disk wwn=,rawio= (Athina Plaskasoviti)
* cli: Add ?memballoon autodeflate=,stats.period= (Athina Plaskasoviti)
* cli: Add ?iothreads (Athina Plaskasoviti)
* cli: Add ?numatune memory.placement (Athina Plaskasoviti)
* cli: Add ?launchSecurity option (Erik Skultety)
* cli: Fill in ?memorybacking options
* cli: ?smartcard: support database= and certificate[0-9]*=
* cli: ?sysinfo: Add chasis suboptions
* cli: ?metadata: add genid= and genid_enable=
* cli: ?vcpus: add vcpus.vcpu[0-9]* config
* cli: fill in all common char source options for ?serial, ?parellel,
?console, ?channel, ?smartcard, ?rng, ?redirdev
033e9702-xmleditor-Handle-gtksourceview3-as-well-as-gtksourceview4.patch
virtman-dont-specify-gtksource-version.patch
- Drop patches no longer needed
f7508d02-addhardware-Fix-setting-optimal-default-net-model.patch
1018ab44-inspection-handle-failures-in-application-listing.patch
ae8a4f3d-engine-Fix-first-run-startup-error.patch
57db4185-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch

26a433fc-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch
4f66c423-cloner-Handle-nonsparse-for-qcow2-images.patch
a02fc0d0-virtManager-clone-build-default-clone-path-if-we-know-how.patch
1856c1fa-support-Fix-minimum-version-check.patch
001-adf30349-cli-refactor-get_prop.patch
002-60c7e778-xmlapi-add-set_prop.patch
003-5bad22e8-tests-Use-get-set_prop.patch
004-ee5f3eab-support-Add-SUPPORT_CONN_DEVICE_BOOT_ORDER.patch
005-7768eb17-cli-Add-check-if-device-boot-order-is-supported.patch
006-ecc0861c-tests-xmlparse-refactor-method-for-generating-out-file-path.patch
007-c9d070da-guest-Add-reorder_boot_order-method.patch
008-1b535940-tests-Add-test-case-for-reorder_boot_order-method.patch
009-b83a0a61-cli-Use-reorder_boot_order-for-setting-the-boot-order.patch
010-c896d19d-tests-cli-Add-boot.order-tests.patch
011-29f9f2ac-virt-xml-Add-no-define-argument.patch
012-c2bff509-tests-cli-Add-test-case-for-no-define-argument.patch
013-90b1a3ab-virt-xml-Add-support-for-starting-the-domain.patch
014-908b8e8d-tests-virt-xml-Add-test-cases-for-start-option.patch
5bc847eb-virt-install-Do-not-warn-about-consoles-on-s390x.patch
74bbc3db-urldetect-Check-also-for-treeinfo.patch
708af01c-osdict-Add-supports_virtioinput.patch
f23b01be-guest-Add-VirtIO-input-devices-to-s390x-guests-with-graphics.patch
7afbb90b-virt-xml-Handle-VM-names-that-look-like-id-uuid.patch
8d9743d6-virt-install-Add-support-for-xenbus-controller.patch
a0ca387a-cli-Fix-pool-default-when-path-belongs-to-another-pool.patch
578451fe-urldetect-Dont-run-regex-against-None-SUSE-product-name.patch
virtman-default-guest-from-host-os.patch
virtman-prevent-double-click-starting-vm-twice.patch

==== xclock ====
Version update (1.0.8 -> 1.0.9)

- Update to version 1.0.9
* Use _CONST_X_STRING to make libXt declare String as const char *
* Clear -Wsign-compare warning from gcc 7.3
* Consistently use X_GETTIMEOFDAY
* Fix logic sourrouning && and ||
* Use fabsf when dealing with floating point numbers


< Previous Next >
This Thread
  • No further messages