Mailinglist Archive: opensuse-factory (269 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20190918 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Thu, 19 Sep 2019 15:02:05 +0000
  • Message-id: <156890532579.16522.5350460509754987162@go-agent-stagingbot-3>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20190918

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
MozillaThunderbird (60.8.0 -> 68.1.0)
boost-defaults (1.69.0 -> 1.71.0)
catfish (1.4.9 -> 1.4.10)
fcitx-libpinyin
fftw3
libdvbpsi (1.3.2 -> 1.3.3)
libkolabxml
libmbim (1.18.2 -> 1.20.0)
libmypaint (1.3.0 -> 1.4.0)
mercurial (5.1 -> 5.1.1)
neon
open-iscsi
python-setproctitle
qpdf

=== Details ===

==== MozillaThunderbird ====
Version update (60.8.0 -> 68.1.0)
Subpackages: MozillaThunderbird-translations-common

- Mozilla Thunderbird 68.1.0
* Offer to configure Exchange accounts for Office365. A third-party
add-on is required for this account type. IMAP still exists as
alternative.
* several bugfixes
MFSA 2019-30
* CVE-2019-11739 (bmo#1571481)
Covert Content Attack on S/MIME encryption using a crafted
multipart/alternative message
* CVE-2019-11746 (bmo#1564449)
Use-after-free while manipulating video
* CVE-2019-11744 (bmo#1562033)
XSS by breaking out of title and textarea elements using innerHTML
* CVE-2019-11742 (bmo#1559715)
Same-origin policy violation with SVG filters and canvas to steal
cross-origin images
* CVE-2019-11752 (bmo#1501152)
Use-after-free while extracting a key value in IndexedDB
* CVE-2019-11743 (bmo#1560495)
Cross-origin access to unload event attributes
* CVE-2019-11740 (bmo#1563133,bmo#1573160)
Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox
ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
- removed upstreamed fix-build-after-y2038-changes-in-glibc.patch
- added thunderbird-locale-build.patch to fix locale build
- Add -L flag to the stat call for checking file size of %{SOURCE4}.
- Add fix-missing-return-warning.patch to silence a compiler warning.
- Mozilla Thunderbird 68.0
* based on Firefox ESR 68
* File link attachments can now be linked to again instead of
uploading them again
* Mark all folders of an account as read
* Run filters periodically. Improved filter logging
* OAuth2 authentication for Yandex
* Language packs can now be selected in the Advanced Options.
Preference intl.multilingual.enabled needs to be set (and possily
also extensions.langpacks.signatures.required needs to be set to false)
* Added a policy engine that allows customized Thunderbird deployments
in enterprise environments, using Windows Group Policy or a
cross-platform JSON file
* TCP keepalive for IMAP protocol
* Full Unicode support for MAPI interfaces: New support for MAPISendMailW
* Calendar: Time zone data can now include past and future changes.
All known time zone changes from 2018 to 2022 are included.
* Chat: In each conversation an individual spellcheck language can
be selected now
- removed obsolete patches
* mozilla-bmo1463035.patch
* mozilla-i586-domPrefs.patch
* mozilla-bmo1464766.patch
* mozilla-bmo1519629.patch
* mozilla-i586-DecoderDoctorLogger.patch
* mozilla-bmo1375074.patch
- added fix-build-after-y2038-changes-in-glibc.patch to fix build
in Tumbleweed (patch already upstream for next release)

==== boost-defaults ====
Version update (1.69.0 -> 1.71.0)
Subpackages: boost-devel boost-jam

- Update for Boost 1.71.0
- Update for Boost 1.70.0

==== catfish ====
Version update (1.4.9 -> 1.4.10)
Subpackages: catfish-lang

- Update to version 1.4.10
* New Features:
- Preferences Dialog:
* Window layout (titlebar vs. headerbar)
* Display options (hidden files and sidebar)
* Custom exclude directories
- Option to close Catfish after opening a file (bxo#14888)
* fix path exclusions (deb#926850)
* Improved Application Menu:
- Better use of space, padding, and margins
- Clearer purpose labels
- Keyboard accelerator for the sidebar (F9) is now displayed
* General:
- Better use of alt-accelerators
- Improved installation instructions (bxo#15105)
- Reduced warnings displayed in the terminal
- Simplified Python 2/3 compatibility code
- Standardized icon sizes, no more wrongly-sized icons in the results
- Various code quality fixes (pylint, flake)
* Search (Walk Method):
- Enable traversing symbolic links, processing real paths only once
- Add search priority, with each level processed alphabetically:
1. XDG paths (Desktop, Documents, etc)
2. Visible paths
3. Hidden paths
* Translation Updates

==== fcitx-libpinyin ====

- Add a missing build requirement.

==== fftw3 ====
Subpackages: libfftw3-3 libfftw3_threads3

- Add -ffat-lto-objects to avoid build failure

==== libdvbpsi ====
Version update (1.3.2 -> 1.3.3)

- Update to version 1.3.3:
+ Fix regression in dvbpsi_decoder_psi_section_add()
set i_last_section_number

==== libkolabxml ====

- add 0001-Make-sure-boost-is-found-when-using-libkolabxml.patch.
boost is a public dependency and must be searched before using libkolabxml.

==== libmbim ====
Version update (1.18.2 -> 1.20.0)
Subpackages: libmbim-glib4 mbimcli-bash-completion

- Update to version 1.20.0:
+ Build updated with several fixes:
- Explicitly define max allowed GLib version.
- Fix issues with -Werror=type-limits.
- Made compiler warning options compatible with clang.
+ mbim-proxy:
- Fixed client subscription to service indications using
wildcard.
- Fixed client subscription update logic when services/cids are
being removed.
- New '--empty-timeout=[SECS}' option to specify the empty
lifetime duration.
- New '--no-exit' option to avoid the proxy from exiting.
+ Several other minor improvements and fixes.
- Drop libmbim-fix-build-commits.patch: Fixed upstream. Follwing
this, drop libtool BuildRequires and autoreconf call.

==== libmypaint ====
Version update (1.3.0 -> 1.4.0)

- Update to version 1.4.0:
* Back-port a few new features and bug fixes from the 2.0
alpha branch.
- Add libmypaint-gegl-shlib-version.patch: Fixes building with
GEGL Support by removing versioning from the gegl lib
(gh#mypaint/libmypaint#144).
- Minor refresh of patches to apply cleanly.
- Version Obsoletes for mypaint-devel appropirately to avoid
self-obsoleting.
- Fix spurious exec perm for README.md file.

==== mercurial ====
Version update (5.1 -> 5.1.1)
Subpackages: mercurial-lang

- Mercurial 5.1.1
Regularly scheduled bug fix release.
* commands
+ bookmarks: actual fix for race condition deleting bookmark
* core
+ exchange: abort on pushing bookmarks pointing to secret changesets
(issue6159)
+ python-zstandard: apply big-endian fix (issue6188)
+ fncache: make debugrebuildfncache not fail on broken fncache
* tests
+ various test runner fixes
+ fixed use of `tr --delete` for tr(1) portability

==== neon ====

- Drop unnecessary requirement for OpenSSL 1.1.1
- Apply neon-0.30.2_ssl-fix_timeout_retvals.patch only when building
with OpenSSL 1.1.1 (bsc#1149792)

==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0

- Upgraded to upstream version 2.0.878, which becomes 2.0.878-suse
with our (few) SUSE-specific changes needed for our build system.
Changes include:
* general bug fixes in iscsid, iscsiadm, and libopeniscsiusr,
including better lock handling for multiple instances of iscsiadm
* iscsiuio/qedi updates
* systemd service-file updates/cleanups
This replaces open-iscsi-2.0.877-suse.tar.bz2 with
open-iscsi-2.0.878-suse.tar.bz2, and it resets
open-iscsi-SUSE-latest.diff.bz2 with fixes after 2.0.878.

==== python-setproctitle ====

- Replace PyPI URL with GitHub URL
- Drop errant skip-failing-tests.patch caused by missing
test dependency procps
- Add use-pkg-config.patch to build using pkg-config instead of
python-config, as the latter is not shipped in python3-devel
- Add LANG in %check to fix openSUSE/SLE 15
- Use %license

==== qpdf ====

- Add -fsigned-char to CXXFLAGS. Otherwise, tests fail on ppc64le,
s390x, and aarch64 (bsc#1150151).


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >