Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190907 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ImageMagick (7.0.8.61 -> 7.0.8.63) MozillaFirefox (68.0.2 -> 68.1.0) aaa_base (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1) apache2 awesfx bash bluedevil5 (5.16.4 -> 5.16.5) breeze (5.16.4 -> 5.16.5) breeze-gtk (5.16.4 -> 5.16.5) busybox cronie discover (5.16.4 -> 5.16.5) djvulibre dmidecode drkonqi5 (5.16.4 -> 5.16.5) filesystem flac (1.3.2 -> 1.3.3) fwupd gzip ibus (1.5.20 -> 1.5.21) kactivitymanagerd (5.16.4 -> 5.16.5) kcm_sddm (5.16.4 -> 5.16.5) kde-gtk-config5 (5.16.4 -> 5.16.5) kde-user-manager (5.16.4 -> 5.16.5) kgamma5 (5.16.4 -> 5.16.5) khotkeys5 (5.16.4 -> 5.16.5) kinfocenter5 (5.16.4 -> 5.16.5) kmenuedit5 (5.16.4 -> 5.16.5) kscreen5 (5.16.4 -> 5.16.5) kscreenlocker (5.16.4 -> 5.16.5) ksshaskpass5 (5.16.4 -> 5.16.5) ksysguard5 (5.16.4 -> 5.16.5) kwayland-integration (5.16.4 -> 5.16.5) kwin5 (5.16.4 -> 5.16.5) ldb (1.5.4 -> 1.5.5) libcue (2.2.0 -> 2.2.1) libdb-4_8 libgcrypt (1.8.4 -> 1.8.5) libkdecoration2 (5.16.4 -> 5.16.5) libkscreen2 (5.16.4 -> 5.16.5) libksysguard5 (5.16.4 -> 5.16.5) libmbim libogg (1.3.3 -> 1.3.4) libqt5-qtbase libqt5-qtimageformats libqt5-qttools libsodium libwebp (1.0.2 -> 1.0.3) libyui-qt (2.50.4 -> 2.50.5) milou5 (5.16.4 -> 5.16.5) nodejs12 (12.4.0 -> 12.10.0) os-prober ovmf (201905 -> 201908) oxygen5 (5.16.4 -> 5.16.5) perl-Date-Manip (6.77 -> 6.78) perl-HTTP-Daemon (6.05 -> 6.06) perl-Net-DNS (1.20 -> 1.21) phonon4qt5 (4.10.3 -> 4.11.0) phonon4qt5-backend-gstreamer (4.9.1 -> 4.10.0) php7 (7.3.8 -> 7.3.9) plasma5-addons (5.16.4 -> 5.16.5) plasma5-integration (5.16.4 -> 5.16.5) plasma5-pa (5.16.4 -> 5.16.5) polkit-kde-agent-5 (5.16.4 -> 5.16.5) python-jedi (0.14.1 -> 0.15.1) rubygem-libyui-rake (0.1.14 -> 0.1.19) shadow sharutils slang snapper speexdsp (1.2~rc3 -> 1.2.0) yast2-hardware-detection (4.1.0 -> 4.1.1) yast2-nfs-client (4.2.0 -> 4.2.2) yast2-ntp-client (4.2.2 -> 4.2.3) yast2-trans (84.87.20190825.25c7d8a3aa -> 84.87.20190901.3784ecca69) zstd (1.4.2 -> 1.4.3) === Details === ==== ImageMagick ==== Version update (7.0.8.61 -> 7.0.8.63) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI6 libMagickWand-7_Q16HDRI6 perl-PerlMagick - version update to 7.0.8.63 * Properly identify the DNG and AI image format (reference https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36581). * Added option to limit the maximum point size with -define caption:max-pointsize=pointsize. * Corrected JP2 numresolution calculation (reference: https://github.com/ImageMagick/ImageMagick/issues/1673) ==== MozillaFirefox ==== Version update (68.0.2 -> 68.1.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 68.1.0 MFSA 2019-26 * CVE-2019-11751 (bmo#1572838; Windows only) Malicious code execution through command line parameters * CVE-2019-11746 (bmo#1564449) Use-after-free while manipulating video * CVE-2019-11744 (bmo#1562033) XSS by breaking out of title and textarea elements using innerHTML * CVE-2019-11742 (bmo#1559715) Same-origin policy violation with SVG filters and canvas to steal cross-origin images * CVE-2019-11736 (bmo#1551913, bmo#1552206; Windows only)) File manipulation and privilege escalation in Mozilla Maintenance Service * CVE-2019-11753 (bmo#1574980; Windows only) Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location * CVE-2019-11752 (bmo#1501152) Use-after-free while extracting a key value in IndexedDB * CVE-2019-9812 (bmo#1538008, bmo#1538015) Sandbox escape through Firefox Sync * CVE-2019-11743 (bmo#1560495) Cross-origin access to unload event attributes * CVE-2019-11748 (bmo#1564588) Persistence of WebRTC permissions in a third party context * CVE-2019-11749 (bmo#1565374) Camera information available without prompting using getUserMedia * CVE-2019-11750 (bmo#1568397) Type confusion in Spidermonkey * CVE-2019-11738 (bmo#1452037) Content security policy bypass through hash-based sources in directives * CVE-2019-11747 (bmo#1564481) 'Forget about this site' removes sites from pre-loaded HSTS list * CVE-2019-11735i (bmo#1561404,bmo#1561484,bmo#1568047,bmo#1561912, bmo#1565744,bmo#1568858,bmo#1570358) Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 * CVE-2019-11740 (bmo#1563133,bmo#1573160) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 - switched package to ESR branch - added mozilla-bmo1568145.patch to make builds reproducible - removed upstreamed patch mozilla-gcc-internal-compiler-error.patch ==== aaa_base ==== Version update (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1) Subpackages: aaa_base-extras - Update to version 84.87+git20190822.82a17f1: * add sysctl.d/51-network.conf to tighten network security a bit see also (boo#1146866) (jira#SLE-9132) ==== apache2 ==== Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - Remove redundant metadata from summary. ==== awesfx ==== - Fix the build error and warning: Fix-the-bogus-return-in-seq_set_gus_bank.patch Fix-unused-variable-prev-in-strtoken.patch ==== bash ==== Subpackages: bash-doc bash-lang - Add official patch bash50-008 When HISTSIZE is set to 0, history expansion can leave the history length set to an incorrect value, leading to subsequent attempts to access invalid memory. - Add official patch bash50-009 The history file reading code doesn't close the file descriptor open to the history file when it encounters a zero-length file. ==== bluedevil5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: bluedevil5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== breeze ==== Version update (5.16.4 -> 5.16.5) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * [SplitterProxy] Don't manually mapToGlobal ==== breeze-gtk ==== Version update (5.16.4 -> 5.16.5) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== busybox ==== - Drop busybox-rpm-E.patch, not needed anymore - Create new "container" subpackage with special stripped down version for container images (8MB instead of 15MB). ==== cronie ==== Subpackages: cron - refresh cronie-pam_config.diff to integrate pam_keyinit pam module [bsc#1144044] ==== discover ==== Version update (5.16.4 -> 5.16.5) Subpackages: discover-backend-flatpak discover-backend-packagekit discover-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * odrs: fix fetching reviews (kde#411034) * odrs: don't leak qnam instances ==== djvulibre ==== Subpackages: libdjvulibre21 - Trim conjecture, bias, and metadata repetitions from description. - Trim descriptions in subpackages for length. (Main package keeps the bigger one.) - Use some more macros and limit fdupes to the /usr volume. - security update - added patches CVE-2019-15142 [bsc#1146702] + djvulibre-CVE-2019-15142.patch CVE-2019-15143 [bsc#1146569] + djvulibre-CVE-2019-15143.patch CVE-2019-15144 [bsc#1146571] + djvulibre-CVE-2019-15144.patch CVE-2019-15145 [bsc#1146572] + djvulibre-CVE-2019-15145.patch do not segfault when libtiff encounters corrupted TIFF (upstream issue #295) + djvulibre-invalid-tiff.patch ==== dmidecode ==== 2 recommended fixes from upstream: - dmidecode-only-scan-dev-mem-for-entry-point-on-x86.patch: Only scan /dev/mem for entry point on x86 (fixes reboot on ARM64). - dmidecode-fix-formatting-of-tpm-table-output.patch: Fix formatting of TPM table output (missing newlines). ==== drkonqi5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: drkonqi5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * make fixture file name windows-safe ==== filesystem ==== - Move /etc.cron.* directories to cron package - Add /usr/etc ==== flac ==== Version update (1.3.2 -> 1.3.3) Subpackages: libFLAC++6 libFLAC8 - Update to release 1.3.3 * Improve SIMD decoding of 24 bit files - Drop flac-CVE-2017-6888.patch (merged upstream) ==== fwupd ==== Subpackages: fwupd-lang libfwupd2 - Add fwupd-bsc1143905-hash-the-source-files.patch to hash the source files instead of libfwupdprivate.a to avoid the checksum change due to the random naming LTO profile sections (bsc#1143905) ==== gzip ==== - refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914] ==== ibus ==== Version update (1.5.20 -> 1.5.21) Subpackages: ibus-gtk ibus-gtk-32bit ibus-gtk3 ibus-lang libibus-1_0-5 libibus-1_0-5-32bit typelib-1_0-IBus-1_0 - Upstream update to 1.5.21 * Enable to run ibus-setup with a different python * Update ibusunicodegen.h for Unicode UCD 12.0 * Add ibus.its for IME's component files * Make ISO 639 language names with title * Keep preedit cursor_pos and visible in clearing preedit text * Support long sequences and multiple output characters for compose table - fix boo#1138123 * Exit ibus-daemon with parent's death * Update Wayland input-method protocol to unstable v1 * Indistinguishable address of ibus-daemon * Update LOCALES_STRING * Fix typos - Drop ibus-fix-check-abs-icon-path-support.patch * not necessary anymore since the current Qt is enough new - Stop exporting OOO_FORCE_DESKTOP (boo#1042136) * KDE4 LibreOffice VCL plugin was removed from upstream * New KDE5/Qt5 VCL plugin supporting Qt IM Module will be available ==== kactivitymanagerd ==== Version update (5.16.4 -> 5.16.5) Subpackages: kactivitymanagerd-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kcm_sddm ==== Version update (5.16.4 -> 5.16.5) Subpackages: kcm_sddm-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kde-gtk-config5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kde-gtk-config5-gtk2 kde-gtk-config5-gtk3 kde-gtk-config5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Fix build with pango 1.44 ==== kde-user-manager ==== Version update (5.16.4 -> 5.16.5) Subpackages: kde-user-manager-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kgamma5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kgamma5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== khotkeys5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: khotkeys5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kinfocenter5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kinfocenter5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kmenuedit5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kmenuedit5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kscreen5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Add missing includes ==== kscreenlocker ==== Version update (5.16.4 -> 5.16.5) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Port away from deprecated KWindowSystem API ==== ksshaskpass5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: ksshaskpass5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== ksysguard5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: ksysguard5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== kwayland-integration ==== Version update (5.16.4 -> 5.16.5) - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Remove slideWindow(QWidget*) overload with recent KWindowSystem * Fix build with recent frameworks and Qt 5.13 ==== kwin5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: kwin5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * [effects/desktopgrid] Don't change activities (kde#301447) * Remove slideWindow(QWidget*) overload with recent KWindowSystem ==== ldb ==== Version update (1.5.4 -> 1.5.5) Subpackages: libldb1 libldb1-32bit python3-ldb - Update to 1.5.5 + LDAP_REFERRAL_SCHEME_OPAQUE was added to ldb_module.h; (bso#12478); + Skip @ records early in a search full scan; (bso#13893); ==== libcue ==== Version update (2.2.0 -> 2.2.1) - Update to release 2.2.1 * Updates to the build procedure only ==== libdb-4_8 ==== Subpackages: db48-utils libdb-4_8-32bit libdb-4_8-devel - Add opd deadlock patch as found and documented by Red Hat. (bsc#1148244) * 0001-OPD-deadlock-RH-BZ-1349779.patch - Remove the getpatches as it does not work at all, oracle removed the pages - Use spec-cleaner - Fix stripped debuginfo to make sure we can debug with libdb ==== libgcrypt ==== Version update (1.8.4 -> 1.8.5) Subpackages: libgcrypt20 libgcrypt20-32bit libgcrypt20-hmac - libgcrypt 1.8.5: * CVE-2019-13627: mitigation against an ECDSA timing attack (boo#1148987) * Improve ECDSA unblinding * Provide a pkg-config file ==== libkdecoration2 ==== Version update (5.16.4 -> 5.16.5) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private6 - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== libkscreen2 ==== Version update (5.16.4 -> 5.16.5) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== libksysguard5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: libksysguard5-helper libksysguard5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== libmbim ==== Subpackages: libmbim-glib4 mbimcli-bash-completion - Add libmbim-fix-build-commits.patch: Fix build with new glib2. - Follwing the above patch, add libtool BuildRequires and pass autoreconf as the patch touches the buildsystem. - Use modern macros and url's. ==== libogg ==== Version update (1.3.3 -> 1.3.4) Subpackages: libogg0 libogg0-32bit - Update to release 1.3.4 * Faster slice-by-8 CRC32 implementation. See https://lwn.net/Articles/453931/ for motivation. ==== libqt5-qtbase ==== Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Add patch to fix crash during Drag-and-Drop: * 0001-Fix-crash-with-drag-cursor-handling.patch ==== libqt5-qtimageformats ==== - bsc#1144249 - Drop jasper dependency from libqt5-qtimageformats: Removes JPEG2000 support - Remove jas_version.patch ==== libqt5-qttools ==== Subpackages: libQt5Designer5 libQt5Help5 libqt5-qdbus libqt5-qtpaths - Split qcollectiongenerator and qhelpgenerator into a subpackage which is required by the Qt5Help cmake module - Remove the accidental dependency from the devel package on the Qt Designer example plugins, referenced in the cmake files. - Move the example plugins to a separate subpackage. - Require libqt5-qttools again. This is causing multiple build issues. - Clean the spec file. - Drop some not unnecessary library runtime Requires: libQt5Designer5, libQt5DesignerComponents5, libQt5Help5, pulled in automatically. - Change libqt5-qttools and libqt5-qttools-doc Requires in devel subpackage to Recommends, as the tools are not required for building. - Make some Summaries and Descriptions more useful. - Correct requires for matching Clang headers, the headers are part of the libclang package for current Clang versions ==== libsodium ==== - Revert previous change about cpuid as previous change rejected in https://build.opensuse.org/request/show/724809 - Disable LTO as bypass boo#1148184 - Add libsodium_configure_cpuid_chg.patch and call autoconf to regenerate configure script with proper CPUID checking. Required at least for PowerPC and ARM now that LTO enabled. ==== libwebp ==== Version update (1.0.2 -> 1.0.3) Subpackages: libwebp7 libwebpdemux2 libwebpmux3 - Update to new upstream release 1.0.3 * Resize fixes for Nx1 sizes and the addition of non-opaque alpha values for odd sizes. * Lossless encode/decode performance improvements. * Lossy compression performance improvement at low quality levels with flat content. * vwebp will now preserve the aspect ratio of images that exceed monitor resolution by scaling the image to fit. ==== libyui-qt ==== Version update (2.50.4 -> 2.50.5) - pollEventInternal/UI.PollInput would produce no events (bsc#1139967) - 2.50.5 ==== milou5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: milou5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== nodejs12 ==== Version update (12.4.0 -> 12.10.0) Subpackages: nodejs12-devel npm12 - Update to 12.10.0: * deps: + update npm to 6.10.3 * fs: + Add recursive option to rmdir() + Allow passing true to emitClose option + Add *timeNs properties to BigInt Stats objects * net: + Allow reading data into a static buffer - versioned.patch: refreshed - Update to 12.9.0: * crypto: Added an oaepHash option to asymmetric encryption which allows users to specify a hash function when using OAEP padding * deps: Updated V8 to 7.6.303.29 + Improves the performance of various APIs such as JSON.parse and methods called on frozen arrays. + Adds the Promise.allSettled method. + Improves support of BigInt in Intl methods. + For more information: https://v8.dev/blog/v8-release-76 * fs: Added fs.writev, fs.writevSync and filehandle.writev (promise version) methods. * http: Added three properties to OutgoingMessage.prototype: writableObjectMode, writableLength and writableHighWaterMark * stream: + Added an new property 'readableEnded' to readable streams. + Added an new property 'writableEnded' to writable streams. - fix_ci_tests.patch: refreshed - Update to 12.8.1: Security update regarding HTTP/2 Denial of Service vulnerabilities For details see, https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#1... https://github.com/Netflix/security-bulletins/blob/master/advisories/third-p... (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, bsc#1146091, bsc#1146099, bsc#1146094, bsc#1146095, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, bsc#1146100, bsc#1146090, bsc#1146097, bsc#1146093) - Minimum ICU version is 64. Use in-tree ICU copy for older distributions - dont_return_garbage.patch: dropped and turn off unnecessary errors about it during compilation - Update to 12.8.0: * crypto: + The outputLength option is added to crypto.createHash + The maxmem range is increased from 32 to 53 bits * n-api: Added APIs for per-instance state management * report: Network interfaces get included in the report * src: v8.getHeapCodeStatistics() is now exported - Update to 12.7.0: * deps: + Updated nghttp2 to 1.39.1 + Updated npm to 6.10.0 (bsc#1140290, CVE-2019-13173) * esm: Implemented experimental "pkg-exports" proposal. * http: + Added response.writableFinished + Exposed headers, rawHeaders and other fields on an http.ClientRequest "information" event * inspector: Added inspector.waitForDebugger() * policy: Added --policy-integrity=sri CLI option to mitigate policy tampering * readline,tty: Exposed stream API * src: Use cgroups to get memory limits. - Changes in version 12.6.0: * child_process: The promisified versions of child_process.exec and child_process.execFile now both return a Promise which has the child instance attached to their child property * deps: Updated libuv to 1.30.1 * process: A new method, process.resourceUsage() was added * stream: Added a writableFinished property to writable streams. * worker: Fixed an issue that prevented worker threads to listen for data on stdin - Changes in version 12.5.0: * build: Improve startup time by enabling V8 snapshots by default * deps: Updated V8 to 7.5.288.22 * inspector: The --inspect-publish-uid flag was added to specify ways of the inspector web socket url exposure * n-api: Accessors on napi_define_* are now ECMAScript-compliant * report: The cpu info got added to the report output * src: Restore the original state of the stdio file descriptors on exit to prevent leaving stdio in raw or non-blocking mode * worker: worker.terminate() now returns a promise - refreshed patches: dont_return_garbage.patch, fix_ci_tests.patch, nodejs-libpath.patch, versioned.patch ==== os-prober ==== - Fix duplicated distro detected on btrfs multiple device (bsc#1142858) * os-prober-btrfs-multiple-device.patch - Update URL for downloading source archive from Debain Salsa server * os-prober.spec - Added * os-prober-1.76.tar.bz2 - Removed * os-prober_1.76.tar.xz ==== ovmf ==== Version update (201905 -> 201908) Subpackages: qemu-ovmf-x86_64 - Update to edk2-stable201908 + OvmfPkg: Introduce platform OvmfXen + OvmfPkg/ResetSystemLib: Add missing dependency on PciLib + MdeModulePkg DxeCore: Fix for missing Memory Attributes Table (MAT) update + BaseTools: Fixed issue of incorrect Module Unique Name + CryptoPkg/OpensslLib: Add missing header files in INF file + SecurityPkg/SecurityPkg.uni: Add missing strings for new PCDs + MdeModulePkg/DxeIplPeim: Initialize pointer PageMapLevel5Entry + MdeModulePkg/MdeModulePkg.dec: Remove gEfiDpcProtocolGuid + Readme.md: add submodule policy and clone commands + MdeModulePkg/DxeIplPeim: Relocate operation of PageMapLevel5Entry++ + MdeModulePkg: Add missing header files in INF files + MdePkg: Add MmAccess and MmControl definition. + CryptoPkg/BaseCryptLib: Wrap OpenSSL HKDF algorithm + MdeModulePkg/DxeIpl: Create 5-level page table for long mode + MdeModulePkg/DxeIpl: Introduce PCD PcdUse5LevelPageTable + UefiCpuPkg/CpuDxe: Support parsing 5-level page table + UefiCpuPkg/MpInitLib: Enable 5-level paging for AP when BSP's enabled + OvmfPkg/PlatformPei: Change referenced MSR name. + UefiCpuPkg/PiSmmCpuDxeSmm: Add check for pointer Pml5Entry + SecurityPkg/SecurityPkg.dec: Remove trailing white space + MdeModulePkg/PiSmmCore: Use unique structure signatures + UefiCpuPkg/MpInitLib: don't shadow the microcode patch twice. + ShellPkg: improve acpiview + MdePkg: Add PI 1.5 SmramMemoryReserve HOB file + MdePkg/PciExpress21.h: Fix the PCI industry standard register defines + CryptoPkg/BaseCryptLib: Use cmp-operator for non-Boolean comparisons + ArmPkg: DebugPeCoffExtraActionLib: fix trivial comment typos + ArmPkg: DebugPeCoffExtraActionLib: debugger commands are not errors + UefiCpuPkg/RegisterCpuFeaturesLib: Start all processors simultaneously. + UefiCpuPkg: Add new EDKII_PEI_MP_SERVICES2_PPI + list module-internal header files in INF [Sources] + SecurityPkg: introduce the SM3 digest algorithm + BaseTools: Fix python3.8 SyntaxWarning + BaseTools: Add HOST_APPLICATION module type. + UefiCpuPkg/PiSmmCpu: Enable 5 level paging when CPU supports + MdePkg/BaseLib.h: Update IA32_CR4 structure for 5-level paging + UefiCpuPkg RegisterCpuFeaturesLib: Fix an ASSERTION issue + ArmPlatformPkg: Actually disable PL031 interrupts + UefiCpuPkg/PiSmmCpu: Change variable names and comments to follow SDM + OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE + ArmPlatformPkg: Fix various typos + ArmPkg: Fix various typos + Remove IntelFrameworkPkg + Remove IntelFrameworkModulePkg + MdeModulePkg/BdsDxe: Use a pcd to control PlatformRecovery + MdeModulePkg: Add a pcd to set the OS indications bit + SecurityPkg: Remove DxeDeferImageLoadLib in DSC + BaseTools:Linux changes the way the latest version is judged + Fix indentation in edksetup.sh SetupPython3 + MdeModulePkg/SdMmcHcDxe: Implement revision 3 of SdMmcOverrideProtocol + MdeModulePkg/SdMmcOverride: Add GetOperatingParam notify phase + MdeModulePkg/UfsPassThruDxe: Fix unaligned data transfer handling + ArmVirtPkg: handle NETWORK_TLS_ENABLE in ArmVirtQemu* + UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is valid + MdeModulePkg/UfsPassThruDxe: Refactor UFS device presence detection + PcAtChipsetPkg: Remove framework modules + SecurityPkg: add FvReportPei.inf in dsc for build validation + SecurityPkg/FvReportPei: implement a common FV verifier and reporter + SecurityPkg: add definitions for OBB verification + OvmfPkg: don't assign PCI BARs above 4GiB when CSM enabled + OvmfPkg: Don't build in QemuVideoDxe when we have CSM + OvmfPkg/LegacyBbs: Add boot entries for VirtIO and NVME devices + OvmfPkg/LegacyBios: set NumberBbsEntries to the size of BbsTable + SecurityPkg: Add missing instances for build only + BaseTools: Move Build Cache related function out of CreateAsBuiltInf + BaseTools: refine CreateAsBuiltInf function + BaseTools:Add DetectNotUsedItem.py to Edk2\BaseTools\Scripts + BaseTools:Add import in FvImageSection + MdeModulePkg/PeiMain: PeiAllocatePool: output NULL if HOB creation fails + MdePkg: Add Generic Initiator Affinity Structure definitions to SRAT + BaseTools:Introduce CopyFileOnChange() function to copy cache files + MdeModulePkg: Add missing instances for build only + SourceLevelDebugPkg: Add missing instances for build only + CryptoPkg: Add missing instance for build only + MdeModulePkg: Introduce EDKII_SERIAL_PORT_LIB_VENDOR_GUID + MdeModulePkg/GraphicsConsoleDxe: Initialize the output mode + MdeModulePkg/ConSplitterDxe: Optimize the ConSplitterTextOutSetMode + BaseTools: add script to configure local git options + BaseTools: add centralized location for git config files + OvmfPkg/QemuVideoDxe: Shouldn't assume system in VGA alias mode. - Refresh ovmf-gdb-symbols.patch - Enable NETWORK_TLS_ENABLE for AArch64 ==== oxygen5 ==== Version update (5.16.4 -> 5.16.5) - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * [SplitterProxy] Don't manually mapToGlobal ==== perl-Date-Manip ==== Version update (6.77 -> 6.78) - updated to 6.78 see /usr/share/doc/packages/perl-Date-Manip/Changes 6.78 2019-08-29 - Time zone fixes Newest zoneinfo data (tzdata 2019b). - Documentation fixes Fixed a broken link. Mohammad S Anwar (GitHub #29) ==== perl-HTTP-Daemon ==== Version update (6.05 -> 6.06) - updated to 6.06 see /usr/share/doc/packages/perl-HTTP-Daemon/Changes 6.06 2019-08-29 14:23:17Z - Delimit IPv6 numeric address with brackets and URI-quote an IPv6 zone separator in url() method output (GH#32) (Petr Pisar) - Handle undef and empty LocalAddr value in new() constructor as an unspecified address (GH#24, RT#123069) (Petr Pisar) - Use IO::Socket::IP for IPv6 support. (GH#31) (Chase Whitener) ==== perl-Net-DNS ==== Version update (1.20 -> 1.21) - updated to 1.21 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== phonon4qt5 ==== Version update (4.10.3 -> 4.11.0) Subpackages: libphonon4qt5 phonon4qt5-lang - Add designer plugin directory to directories owned by the devel package, as libqt5-qttools is no longer pulled in. - Update to 4.11.0: * Features + New phononsettings application for advanced users to control PulseAudio device preference by-category and Phonon backend selection. This application is an advanced utility and you shouldn't need to visit it if you aren't very certain that something needs changing. This replaces the previously available System Settings module for Phonon. * Changes + The backends Phonon VLC 0.11+ or Phonon GStreamer 4.10+ are required to build with this version of libphonon! Older versions will no longer build because of aggressive clean up of legacy compatibility code in the build system. + Qt4 support has been removed. Qt5 is now the default. If you still need the Qt4 version for whatever reason it's recommended that you port to Qt5 quickly seeing as Qt4 is getting really long in the tooth. Since the Qt4 and Qt5 version are fully co-installable you can continue to use 4.10 for Qt4 while using 4.11 for Qt5 should it be necessary. + CMake 3.5 is now required for building + Installation paths are now controlled by the KDEInstallDirs CMake include instead of the GNUInstallDirs one + CCFlag and CMake settings are now shared with other KDE software as per the extra-cmake-modules framework + PHONON_BUILD_DESCRIPTOR option no longer supported. + PHONON_BUILD_DECLARATIVE_PLUGIN option no longer supported. It made little to no sense on Qt5. + PHONON_INSTALL_QT_COMPAT_HEADERS option no longer supported. It made no sense on Qt5. + PHONON_NO_DBUS option no longer supported. The DBus interface was only used to communicate with the settings interface in Plasma, but hasn't been used in many years. This effectively removes QtDBus as dependency. + PHONON_ASSERT_STATES option no longer supported. The state machine is now always enabled unless Q_ASSERTs as a whole are disabled (i.e. the build is not a Debug-ish build). + PHONON_INSTALL_QT_EXTENSIONS_INTO_SYSTEM_QT option no longer supported. Replaced by ECM's KDE_USE_QT_SYS_PATHS. * Bug Fixes + The default preference of backends is now properly implemented. This was previously reversed. ==== phonon4qt5-backend-gstreamer ==== Version update (4.9.1 -> 4.10.0) Subpackages: phonon4qt5-backend-gstreamer-lang - Update to 4.10.0 * Changes + This version of Phonon GStreamer is compatible with Phonon 4.11+ and its revised build systems. Older versions of Phonon GStreamer no longer build against newer Phonon releases. Conversely this version no longer builds with older Phonon releases. + Qt4 support has been removed. Qt5 is now the default. * Bug Fixes + Subtitles no longer outlive the media they were associated with. ==== php7 ==== Version update (7.3.8 -> 7.3.9) Subpackages: apache2-mod_php7 php7-bcmath php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-devel php7-dom php7-exif php7-fastcgi php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-json php7-ldap php7-mbstring php7-mysql php7-odbc php7-openssl php7-pdo php7-pear php7-pgsql php7-shmop php7-snmp php7-sockets php7-sqlite php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-wddx php7-xmlreader php7-xmlwriter php7-xsl php7-zlib - updated to 7.3.9: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.9 ==== plasma5-addons ==== Version update (5.16.4 -> 5.16.5) Subpackages: plasma5-addons-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Fix build * Fix #410744: Duplicate results when a 2nd unit is partially written in krunner (kde#410744) * Remove colon (:) prefix when looking up dictionary word (kde#376905) ==== plasma5-integration ==== Version update (5.16.4 -> 5.16.5) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== plasma5-pa ==== Version update (5.16.4 -> 5.16.5) Subpackages: plasma5-pa-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - Changes since 5.16.4: * Fix speaker test not showing sinks/buttons * [Microphone Indicator] Don't show if there are no microphones ==== polkit-kde-agent-5 ==== Version update (5.16.4 -> 5.16.5) Subpackages: polkit-kde-agent-5-lang - Update to 5.16.5 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.16.5.php - No code changes since 5.16.4 ==== python-jedi ==== Version update (0.14.1 -> 0.15.1) - update to version 0.15.1: * Small bugfix and removal of a print statement - changes from version 0.15.0: * Added file path completions, there's a new "Completion.type" path, now. Example: '/ho -> '/home/ * *args/**kwargs resolving. If possible Jedi replaces the parameters with the actual alternatives. * Better support for enums/dataclasses * When using Interpreter, properties are now executed, since a lot of people have complained about this. Discussion in #1299, #1347. * New APIs: + Definition.get_signatures() -> List[Signature]. Signatures are similar to CallSignature. Definition.params is therefore deprecated. + Signature.to_string() to format call signatures. + Signature.params -> List[ParamDefinition], ParamDefinition has the following additional attributes infer_default(), infer_annotation(), to_string(), and kind. + Definition.execute() -> List[Definition], makes it possible to infer return values of functions. ==== rubygem-libyui-rake ==== Version update (0.1.14 -> 0.1.19) - Unified spec_version (bsc#1149618) - 0.1.19 - Fix libyui/tasks.rb permissions (bsc#1145602) - 0.1.18 - Added SLE-12-SP5 target (bsc#1145480) - 0.1.17 - :sle_latest is SLE15-SP2 now (bsc#1138835) - 0.1.16 - Added version:tag task (bsc#1133435) - 0.1.15 ==== shadow ==== - bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files to support kernel keyring feature - Update pamd.tar.bz2 with pam configuration files accordingly - encryption_method_nis.patch: drop, DES should really not be used anymore anywhere, even with NIS - shadow-login_defs-suse.patch: remove encryption NIS entry ==== sharutils ==== Subpackages: sharutils-lang - Drop mailx BuildRequires. The "sync directories over mail" feature has been removed in 4.11.1. ==== slang ==== Subpackages: libslang2 slang-slsh - Use FAT LTO objects in order to provide proper static library. ==== snapper ==== Subpackages: libsnapper4 snapper-zypp-plugin - reusing existing subvolumes on mksubvolume run (bsc#1138725, bsc#1126900, gh#openSUSE/snapper#236) ==== speexdsp ==== Version update (1.2~rc3 -> 1.2.0) - Update to release 1.2.0 * No changelog provided - Drop speexdsp-fixbuilds-774c87d.patch (merged) ==== yast2-hardware-detection ==== Version update (4.1.0 -> 4.1.1) - add bug number (bsc#1148310) - Handle arch_riscv - 4.1.1 ==== yast2-nfs-client ==== Version update (4.2.0 -> 4.2.2) - Set X-SuSE-YaST-AutoInstResource in desktop file (bsc#144894). - 4.2.2 - Using rb_default_ruby_abi tag in the spec file in order to handle several ruby versions (bsc#1146403). - 4.2.1 ==== yast2-ntp-client ==== Version update (4.2.2 -> 4.2.3) - Add cron BuildRequires: needed for /etc/cron.* ownership. As those directories have special permissions it is easier/cheaper to buildrequire cron (boo#1148950). - 4.2.3 ==== yast2-trans ==== Version update (84.87.20190825.25c7d8a3aa -> 84.87.20190901.3784ecca69) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en yast2-trans-en_GB yast2-trans-en_US yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20190901.3784ecca69: * Translated using Weblate (Danish) * Translated using Weblate (Danish) * Translated using Weblate (German) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * New POT for text domain 'storage'. * Translated using Weblate (Albanian) * Translated using Weblate (Albanian) * Translated using Weblate (German) * Translated using Weblate (Galician) ==== zstd ==== Version update (1.4.2 -> 1.4.3) Subpackages: libzstd-devel libzstd1 - Update to version 1.4.3 * bug: Fix Dictionary Compression Ratio Regression (#1709) * bug: Fix Buffer Overflow in v0.3 Decompression (#1722) * build: Add support for IAR C/C++ Compiler for Arm (#1705) * misc: Add NULL pointer check in util.c (#1706) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org