Mailinglist Archive: opensuse-factory (300 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20200101 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Fri, 03 Jan 2020 00:00:44 +0000
  • Message-id: <157800964412.10531.7557885710220563454@go-agent-stagingbot-5>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

Please do not reply to this email to report issues, rather file a bug
on For more information on filing bugs please

Packages changed:
aspell-en (2018.04.16 -> 2019.10.06)
diffstat (1.62 -> 1.63)
file (5.37 -> 5.38)
fltk (1.3.4 -> 1.3.5)
libarchive (3.4.0 -> 3.4.1)
libbsd (0.9.1 -> 0.10.0)
libseccomp (2.4.1 -> 2.4.2)
mariadb-connector-c (3.1.5 -> 3.1.6)
myspell-dictionaries (20191016 -> 20191219)
netpbm (10.86.3 -> 10.88.1)
protobuf (3.9.1 -> 3.9.2)
python-SQLAlchemy (1.3.11 -> 1.3.12)
python-snowballstemmer (1.9.1 -> 2.0.0)

=== Details ===

==== aspell-en ====
Version update (2018.04.16 -> 2019.10.06)

- version update to 2019.10.06
Various new words.
Remove compare's and fail's.

==== diffstat ====
Version update (1.62 -> 1.63)

- version update to 1.63
+ eliminate fixed buffer when decoding range.
+ use locale in computing filename column-width.
+ improve parsing for git diffs.
+ use terminal-width as default for -w to tty.
+ minor fix in do_merging (Miloslaw Smyk).
+ improve relative-pathname matching in count_lines()
+ add a parsing-case for svn diff.
+ quote filenames in -t/-T output.
+ fix cppcheck warnings about sscanf.
+ update configure macros
+ update config.guess, config.sub

==== dtc ====

- Use %make_build and recpect %optflags.

==== file ====
Version update (5.37 -> 5.38)
Subpackages: file-magic libmagic1

- Require pkgconfig(libseccomp) to enable the sandboxing feature
- Update to file version 5.38
* Always accept -S (no sandbox) even if we don't support sandboxing
* More syscalls elided for sandboxiing
* For ELF dynamic means having an interpreter not just PT_DYNAMIC
* Check for large ELF session header offset
* When saving and restoring a locale, keep the locale name in our
own storage.
* Add a flag to disable CSV file detection.
* Don't pass NULL/0 to memset to appease sanitizers.
* Avoid spurious prints when looks for extensions or apple strings
in fsmagic.
* Add builtin decompressors for xz and and bzip.
* Add a limit for the number of CDF elements.
* More checks for overflow in CDF.
- Removed patches fixed upstream
* CVE-2019-18218-46a8443f.patch
* file-5.15-clear-invalid.patch
* file-upstream.patch
- Modify patches
* file-5.12-zip.dif
* file-5.16-ocloexec.patch
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-printf.dif
* file-5.19-zip2.0.dif
* file-5.23-endian.patch
* file-5.24-nitpick.dif
* file-5.28-btrfs-image.dif
* file-secure_getenv.patch
- Modify and rename patch file-5.37.dif which becomes now file-5.38.dif

==== fltk ====
Version update (1.3.4 -> 1.3.5)

- version update to 1.3.5
* see CHANGES or

==== libarchive ====
Version update (3.4.0 -> 3.4.1)
Subpackages: bsdtar libarchive13

- Revert back to autoconf, cmake introduces a cycle. Leave cmake
patches in since they are basically correct and might be useful
in the future.
- Update to version 3.4.1
New features:
* Unicode filename support for reading lha/lzh archives
* New pax write option "xattrhdr"
Important bugfixes:
* security fixes in wide string processing (#1276 #1298)
* security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221
* security fixes and optimizations to write filter logic (#351)
* security fix related to use of readlink(2) (1dae5a5)
* sparse file handling fixes (#1218 #1260)
- Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream
- fix bsc#1157569
CVE-2019-19221.patch out-of-bounds read in libarchive
- Switch to cmake build
- Add lib-suffix.patch to honor LIB_SUFFIX
- Add fix-zstd-test.patch to fix zstd test
- Add fix-soversion.patch to fix the soversion to 13 as autotools
- Add lz4 and zstd support
- Add BuildRequires on liblz4-devel and libzstd-devel

==== libbsd ====
Version update (0.9.1 -> 0.10.0)

- Update to version 0.10.0:
* Several security related fixes for nlist() reported by Daniel
Hodson and one by Coverity Scan.
* Preliminary and partial Windows porting, thanks to Aaron
* Fix for a leak in the vis family of functions.
* Fix for a configure check to not unnecessarily link against
* General portability fixes for musl, uClibc, macOS and
* New architectures support for nlist().
* Switch the <err.h> *c() functions to be standalone and add
err(), warn(), errx() and warnx() familiy of functions in case
the system lacks them.
* Several man page fixes.

==== libseccomp ====
Version update (2.4.1 -> 2.4.2)

- Update to release 2.4.2
* Add support for io-uring related system calls

==== libvirt ====
Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon
libvirt-daemon-driver-interface libvirt-daemon-driver-libxl
libvirt-daemon-driver-lxc libvirt-daemon-driver-network
libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-qemu libvirt-daemon-driver-secret
libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct
libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi
libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs

- CVE-2019-11135: Add TSX_CTRL and TAA_NO bits for
07aaced4-Add-TAA-No.patch, f411b7ef6-Add-TSX-CTRL.patch

==== mariadb-connector-c ====
Version update (3.1.5 -> 3.1.6)

- Update to release 3.1.6
* Fixed: ERROR 2026 (HY000): SSL connection error: Certificate
signature check failed
* Fixed: Provide error code and message for Schannel errors
* Fixed SEC_E_INVALID_TOKEN when server sends large message
during SSL handshake

==== myspell-dictionaries ====
Version update (20191016 -> 20191219)
Subpackages: myspell-cs_CZ myspell-da_DK myspell-de myspell-de_DE myspell-el_GR
myspell-en myspell-en_GB myspell-en_US myspell-es myspell-es_ES myspell-fr_FR
myspell-hu_HU myspell-it_IT myspell-lightproof-en myspell-lightproof-hu_HU
myspell-lightproof-pt_BR myspell-lightproof-ru_RU myspell-pl_PL myspell-pt_BR

- version update to 20191219
* Updated the English dictionaries: GB+US+CA+AU
* tdf#128341 use python3
* Bring shipped Spanish dictionary up to version 2.5
- modified sources
. gd_GB does not have dictionaries in gd_GB/dictionaries
anymore, thus removing exception
. check for /usr/bin/ existence sooner
. no Group: tag

==== netpbm ====
Version update (10.86.3 -> 10.88.1)
Subpackages: libnetpbm11

- version update to 10.88.1
* anytopnm: Fix unpredictable behavior when file name contains
pnmquant: Fail if user specifies more than one of -meanpixel,
- meancolor, and -center, rather than just pick one.
* pnmremap: Don't output any part of the image if program fails
because the maxval of input and map file do not match, in a
case where matching maxval is required, i.e. the user specified
- firstisdefault or -missingcolor.
* ppmhist: sort secondarily by RGB with -sort=frequency, so
output is repeatable.
* pnmcolormap: Add -splitpix, -splitcol, -splitdim.
Thanks Vladislav Zavjalov.
* pbmtext: fix erroneous failure message with long input text.
* jpeg2ktopam, pamtojpeg2k: fix negative array index. Always
broken (pamtojpeg2k was new in Netpbm 10.12 (November 2002)).
* jpeg2ktopam, pamtojpeg2k: fix assertion failure. Always
broken (pamtojpeg2k was new in Netpbm 10.12 (November 2002)).
* jpeg2ktopam: Fix memory leak after decoder failure. Always
broken (pamtojpeg2k was new in Netpbm 10.12 (November 2002)).
* jpeg2ktopam: fix null pointer dereference. Always broken
(pamtojpeg2k was new in Netpbm 10.12 (November 2002)).
* pnmtorle, rletopnm: fix wild pointer dereference when memory
allocation fails. Always broken (programs were added to
Netpbm in Release 9.0 (April 2000).
* pamsumm: Fix bug: with -mean and a conflicting option such as
- sum, the program ignores one of the options. It should fail.
Always broken (pamsumm was new in Netpbm 10.21 (March 2004).
pamfind: Add -machine .
* Multiple: fix bug: when you specify the same option twice, you
can get a syntax error, with the message telling you you
specified some other option that conflicts with it. Should just
take the last setting.
- modified patches
% big-endian.patch (refreshed)
% netpbm-security-code.patch (refreshed)

==== ovmf ====
Subpackages: qemu-ovmf-x86_64

- only build -aarch32 Cortex-A15 EFI on armv7hl

==== posix_cc ====

- Modernize spec file
- Build in build phase

==== protobuf ====
Version update (3.9.1 -> 3.9.2)
Subpackages: libprotobuf-lite20 libprotobuf20 python3-protobuf

- Use tarball provided by upstream
- Small package cleanup
- Updated to version 3.9.2
* Remove OSReadLittle* due to alignment requirements. (#6678)
* Don't use unions and instead use memcpy for the type swaps. (#6672)

==== python-SQLAlchemy ====
Version update (1.3.11 -> 1.3.12)

- update to version 1.3.12:
* [orm] [bug] Fixed issue involving lazy="raise" strategy where an ORM delete
of an object would raise for a simple ?use-get? style many-to-one relationship
that had lazy=?raise? configured. This is inconsistent vs. the change
introduced in 1.3 as part of #4353, where it was established that a history
operation that does not expect emit SQL should bypass the lazy="raise" check,
and instead effectively treat it as lazy="raise_on_sql" for this case. The fix
adjusts the lazy loader strategy to not raise for the case where the lazy load
was instructed that it should not emit SQL if the object were not present.
* [orm] [bug] Fixed regression introduced in 1.3.0 related to the association
proxy refactor in #4351 that prevented composite() attributes from working in
terms of an association proxy that references them.
* [orm] [bug] Setting persistence-related flags on relationship() while also
setting viewonly=True will now emit a regular warning, as these flags do not
make sense for a viewonly=True relationship. In particular, the ?cascade?
settings have their own warning that is generated based on the individual
values, such as ?delete, delete-orphan?, that should not apply to a viewonly
relationship. Note however that in the case of ?cascade?, these settings are
still erroneously taking effect even though the relationship is set up as
?viewonly?. In 1.4, all persistence-related cascade settings will be
on a viewonly=True relationship in order to resolve this issue.
* [orm] [bug] [py3k] Fixed issue where when assigning a collection to itself
as a slice, the mutation operation would fail as it would first erase the
assigned collection inadvertently. As an assignment that does not change the
contents should not generate events, the operation is now a no-op. Note that
the fix only applies to Python 3; in Python 2, the __setitem__ hook isn?t
called in this case; __setslice__ is used instead which recreates the list
item-by-item in all cases.
* [orm] [bug] Fixed issue where by if the ?begin? of a transaction failed at
the Core engine/connection level, such as due to network error or database is
locked for some transactional recipes, within the context of the Session
procuring that connection from the conneciton pool and then immediately
returning it, the ORM Session would not close the connection despite this
connection not being stored within the state of that Session. This would lead
to the connection being cleaned out by the connection pool weakref handler
within garbage collection which is an unpreferred codepath that in some
configurations can emit errors in standard error.
* sql [sql] [bug] Fixed bug where ?distinct? keyword passed to select() would
not treat a string value as a ?label reference? in the same way that the
select.distinct() does; it would instead raise unconditionally. This keyword
argument and the others passed to select() will ultimately be deprecated for
SQLAlchemy 2.0.
* [sql] [bug] Changed the text of the exception for ?Can?t resolve label
reference? to include other kinds of label coercions, namely that ?DISTINCT?
also in this category under the PostgreSQL dialect.

==== python-snowballstemmer ====
Version update (1.9.1 -> 2.0.0)

- update to 2.0.0:
* Simplified generated code for ``repeat`` and ``atleast`` commands.
* Implemented ?go grouping? optimisation.
* Removed caching layer (#114).
* Enabled building wheels (#115).
* Updated package README.

==== strace ====

- Use -ffat-lto-objects to work around failure

To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages