Mailinglist Archive: opensuse-factory (266 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20200508 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Sun, 10 May 2020 10:01:29 +0000
  • Message-id: <158910488953.12041.1610971009597762724@go-agent-stagingbot-2>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20200508

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
alsa-plugins
autoyast2 (4.2.34 -> 4.3.0)
curl (7.69.1 -> 7.70.0)
gdm (3.34.1 -> 3.36.2)
ghostscript (9.27 -> 9.52)
graphene
grub2
hwdata (0.334 -> 0.335)
libreoffice
mailutils
openconnect (8.05 -> 8.09)
python-gobject (3.36.0 -> 3.36.1)
python-hpack
python-tornado6
samba (4.12.2+git.149.16ff41ef1f4 -> 4.12.2+git.152.c5bf9f6da52)
schily
shared-mime-info (1.15 -> 2.0)
simple-scan (3.36.2 -> 3.36.2.1)
vim (8.2.0530 -> 8.2.0701)
wireless-regdb (20191029 -> 20200429)
xorg-x11-driver-video
xorg-x11-server
zsh

=== Details ===

==== alsa-plugins ====
Subpackages: alsa-plugins-pulse alsa-plugins-pulse-32bit

- Split plugins in alsa-plugin package to each subpackage
(boo#1171276):
now alsa-plugins is a meta package that requires only the
fundamental speexrate and upmix plugins
- Add documentation for aaf plugin
- Minor spec cleanups

==== autoyast2 ====
Version update (4.2.34 -> 4.3.0)
Subpackages: autoyast2-installation

- Do not export storage settings in the general section
unless it is needed (related to bsc#1171356).
- Improve AutoInstClone module test coverage and clean-up unused
code.
- AutoYaST schema improvements (bsc#1170886)
-- Allow optional types for string and map objects
-- Allow type specification without namespace
-- Add type specification with 't' shortcut
- 4.3.0
- ayast_setup: Do not add a 'networking' section to the profile
when it is not defined explicitly as it is not needed anymore
since keeping the configured network is the default option during
autoconfiguration (bsc#1170821)
- 4.2.35

==== curl ====
Version update (7.69.1 -> 7.70.0)
Subpackages: libcurl4

- Update to 7.70.0
* Changes:
- curl: add --ssl-revoke-best-effort to allow a "best effort" revocation check
- mqtt: add new experimental protocol
- schannel: add "best effort" revocation check option:
CURLSSLOPT_REVOKE_BEST_EFFORT
- writeout: support to generate JSON output with '%{json}'
* Bugfixes:
- gnutls: Don't skip really long certificate fields
- gnutls: ensure TLS 1.3 when SRP isn't requested
- lib: never define CURL_CA_BUNDLE with a getenv
- libcurl-multi.3: added missing full stop
- libssh: avoid options override by configuration files
- libssh: Use new ECDSA key types to check known hosts
- tons of other fixes

==== gdm ====
Version update (3.34.1 -> 3.36.2)
Subpackages: gdm-lang gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0

- Update to version 3.36.2:
+ Fixes for when GDM isn't started on its configured initial VT.
+ Don't hardcode path to plymouth.
+ keyutils has a .pc file so use it.
+ Chrome remote desktop fix.
+ Always use separate session bus for greeter sessions.
+ This runs dbus-run-session, so the binary needs to be
available.
+ Updated translations.
- Drop patches fixed upstream:
+ gdm-look-for-session-based-on-pid-first.patch
+ gdm-Use-pkg-config-for-keyutils.patch
- Rebase patches with quilt.
- Add %{_bindir}/dbus-run-session Requires: New runtime dependency.
Needed to ensure the dbus-run-session binary is present.

==== ghostscript ====
Version update (9.27 -> 9.52)
Subpackages: ghostscript-x11

- The version upgrade to 9.52 fixes in particular
CVE-2020-12268: jbic2dec: heap-based buffer overflow
in jbig2_image_compose (bsc#1170603)
- Version upgrade to 9.52
Highlights in this release include:
* The 9.52 release replaces the 9.51 release after a problem
was reported with 9.51 which warranted the quick turnaround.
Thus, like 9.51, 9.52 is primarily a maintenance release,
consolidating the changes we introduced in 9.50.
* IMPORTANT: We have forked LittleCMS2 into LittleCMS2mt
(the "mt" indicating "multi-thread").
LCMS2 is not thread-safe, and cannot be made thread-safe
without breaking the ABI. Our fork will be thread-safe and
include performance enhancements (these changes have all
been offered and rejected upstream). We will maintain
compatibility between Ghostscript and LCMS2 for a time,
but not in perpetuity. If there is sufficient interest,
our fork will be available as its own package separately
from Ghostscript (and MuPDF).
* The usual round of bug fixes, compatibility changes,
and incremental improvements.
Incompatible changes:
* New option -dALLOWPSTRANSPARENCY: The transparency compositor
(and related features), whilst we are improving it, remains
sensitive to being driven correctly, and incorrect use
can have unexpected/undefined results. Hence, as part of
improving security, we limited access to these operators,
originally using the -dSAFER feature. As we made "SAFER"
the default mode, that became unacceptable, hence the
new option -dALLOWPSTRANSPARENCY which enables access
to the operators, cf.
https://www.ghostscript.com/doc/9.52/Use.htm#ALLOWPSTRANSPARENCY
For a release summary see:
https://www.ghostscript.com/doc/9.52/News.htm
For details see the News.htm and History9.htm files.
- Version upgrade to 9.51
Highlights in this release include:
* 9.51 is primarily a maintainance release, consolidating
the changes we introduced in 9.50.
* We have continued our work on code hygiene for this release,
with a focus on the static analysis tool Coverity
(from Synopsys, Inc) and we are now maintaining a policy of
zero Coverity issues in the Ghostscript/GhostPDL source base.
* IMPORTANT: In consultation with a representative of
OpenPrinting (http://www.openprinting.org/) it is our
intention to deprecate and, in the not distant future,
remove the OpenPrinting Vector/Raster Printer Drivers
(that is, the opvp and oprp devices).
If you rely on either of these devices, please get in touch
with us (i.e. Ghostscript upstream), so we can discuss your
use case, and revise our plans accordingly.
* We (i.e. Ghostscript upstream) are in the process of forking
LittleCMS, cf. the other release notes entries below.
* The usual round of bug fixes, compatibility changes,
and incremental improvements.
For a release summary see:
https://www.ghostscript.com/doc/9.51/News.htm
For details see the News.htm and History9.htm files.
- Version upgrade to 9.50
Highlights in this release include:
* The change to version 9.50 follows recognition
of the extent and importance of the file access control
redesign/reimplementation outlined below.
* The file access control capability (enable with -dSAFER)
has been completely rewritten, with a ground-up rethink
of the design. For more details, see: "SAFER" at
https://www.ghostscript.com/doc/9.50/Use.htm#Safer
* It is important to note that -dSAFER now only enables the
file access controls, and no longer applies restrictions
to standard Postscript functionality (specifically,
restrictions on setpagedevice). If your application relies
on these Postscript restrictions, see "OLDSAFER" at
https://www.ghostscript.com/doc/9.50/Use.htm#OldSafer
and please get in touch, as we do plan to remove those
Postscript restrictions unless we have reason not to.
IMPORTANT: File access controls are now enabled by default.
In order to run Ghostscript without these controls,
see "NOSAFER" at
https://www.ghostscript.com/doc/9.50/Use.htm#NoSafer
* We (i.e. Ghostscript upstream) are in the process of forking
LittleCMS, cf. the other release notes entries below.
* The usual round of bug fixes, compatibility changes,
and incremental improvements.
Incompatible changes:
* There are a couple of subtle incompatibilities between the old
and new SAFER implementations. Firstly, as mentioned above,
SAFER now leaves standard Postcript functionality unchanged
(except for the file access limitations). Secondly, the
interaction with save/restore operations, see "SAFER" at
https://www.ghostscript.com/doc/9.50/Use.htm#Safer
* The following is not strictly speaking new to 9.50,
as not much has changed since 9.27 in this area,
but for those who don't upgrade with every release:
The process of "tidying" the Postscript name space should have
removed only non-standard and undocumented operators.
Nevertheless, it is possible that any integrations or utilities
that rely on those non-standard and undocumented operators
may stop working, or may change behaviour.
If you encounter such a case, please contact us
(i.e. Ghostscript upstream, either the #ghostscript IRC channel
or the gs-devel mailing list would be best), and we'll work
with you to either find an alternative solution or return the
previous functionality, if there is genuinely no other option.
One case we know this has occurred is GSView 5 (and earlier).
GSView 5 support for PDF files relied upon internal use only
features which are no longer available. GSView 5 will still
work as previously for Postscript files. For PDF files,
users are encouraged to look at MuPDF https://www.mupdf.com/
For a release summary see:
https://www.ghostscript.com/doc/9.50/News.htm
For details see the News.htm and History9.htm files.
- CVE-2019-10216.patch
gs-CVE-2019-14811-885444fc.patch
gs-CVE-2019-14817-cd1b1cac.patch
openjpeg4gs-CVE-2018-6616-8ee33522.patch
are fixed in the version 9.52 upstream sources.

==== graphene ====
Subpackages: libgraphene-1_0-0 typelib-1_0-Graphene-1_0

- Use %{_libexecdir} instead of %{_prefix}/lib: follow the package
installer definition.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin
grub2-x86_64-efi grub2-x86_64-xen

- Fix boot failure as journaled data not get drained due to abrupt power
off after grub-install (bsc#1167756)
* grub-install-force-journal-draining-to-ensure-data-i.patch

==== hwdata ====
Version update (0.334 -> 0.335)

- Update to version 0.335:
* Updated pci, usb and vendor ids.

==== libreoffice ====
Subpackages: libreoffice-base libreoffice-base-drivers-firebird
libreoffice-calc libreoffice-draw libreoffice-filters-optional
libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress
libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el
libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es
libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja
libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru
libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge
libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer
libreofficekit

- Fix Bug 1165870 - LO-L3: Image shadow that should be invisible shown as
extraneous line below
* bsc1165870.diff

==== mailutils ====
Subpackages: libmailutils5

- Fix python packaging: python/sitepackages is definitively not
below libexecdir.

==== openconnect ====
Version update (8.05 -> 8.09)
Subpackages: libopenconnect5 openconnect-lang

- Fix CVE-2020-12105 (boo#1170452)
- Introduce subpackage for bash-completion
- Update to 8.0.9:
* Add bash completion support.
* Give more helpful error in case of Pulse servers asking for
TNCC.
* Sanitize non-canonical Legacy IP network addresses.
* Fix OpenSSL validation for trusted but invalid certificates
(CVE-2020-12105).
* Convert tncc-wrapper.py to Python 3, and include modernized
tncc-emulate.py as well. (!91)
* Disable Nagle's algorithm for TLS sockets, to improve
interactivity when tunnel runs over TCP rather than UDP.
* GlobalProtect: more resilient handling of periodic HIP check
and login arguments, and predictable naming of challenge forms.
* Work around PKCS#11 tokens which forget to set
CKF_LOGIN_REQUIRED.
- Update to 8.0.8:
* Fix check of pin-sha256: public key hashes to be case sensitive
* Don't give non-functioning stderr to CSD trojan scripts.
* Fix crash with uninitialised OIDC token.
- Update to 8.0.7:
* Don't abort Pulse connection when server-provided certificate
MD5 doesn't match.
* Fix off-by-one in check for bad GnuTLS versions, and add build
and run time checks.
* Don't abort connection if CSD wrapper script returns non-zero
(for now).
* Make --passtos work for protocols that use ESP, in addition
to DTLS.
* Convert tncc-wrapper.py to Python 3, and include modernized
tncc-emulate.py as well.

==== python-gobject ====
Version update (3.36.0 -> 3.36.1)
Subpackages: python3-gobject python3-gobject-Gdk python3-gobject-cairo

- Update to version 3.36.1:
+ tests: Fix failing tests with pytest 5.4.0+.
+ Gtk: Add override to make sure both
TreeModelSort.new_with_model and TreeModel.sort_new_with_model
exist independend of the gtk version.
+ Gtk.Template: Fix initialisation order errors with Widgets
getting created from C (potentially through other templates).
+ Gtk.Template: Fix errors when calling init_template() multiple
times.

==== python-hpack ====

- Add patch to work with pytest5:
* pytest5.patch

==== python-tornado6 ====

- Fix build with curl 7.70.0:
* Revert commit c443fb7bf8a87ba8ab02b9a6af9e140cabc0ab0d which
introduces test_method_after_redirect() test.
- Add python-tornado6-httpclient-test.patch

==== samba ====
Version update (4.12.2+git.149.16ff41ef1f4 -> 4.12.2+git.152.c5bf9f6da52)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0
libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0
libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr1 libndr1-32bit
libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit
libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0
libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit
libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0
libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2
libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0
libwbclient0-32bit samba-client samba-client-32bit samba-libs samba-libs-32bit
samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit

- libsmb: Don't try to find posix stat info in SMBC_getatr();
(bso#14101); (bsc#1169242);

==== schily ====
Subpackages: cdda2wav cdrecord libcdrdeflt1_0 libdeflt1_0 libedc_ecc1_0
libedc_ecc_dec1_0 libfile1_0 libfind4_0 libparanoia1_0 librmt1_0 librscg1_0
libscg1_0 libscgcmd1_0 libschily2_0 mkisofs readcd spax star

- Update to release 2020.04.18
* smake: A new option -a has been added. This option allows to
tell smake not to set up the automake specific make macros
MAKE_ARCH, MAKE_OS and similar.

==== shared-mime-info ====
Version update (1.15 -> 2.0)
Subpackages: shared-mime-info-lang

- Update to version 2.0
+ Port build system to meson, and ship test suite with tarball.
+ Install ITS file to allow gettext to translate mime-type
descriptions.
+ Add BPS and IPS patch formats.
+ Lower weight for "use strict" and similar in the perl mimetype.
+ Add new magic for Sega Mega Drive ROMs.
+ Add Common Lisp mime-type.
+ Rename text/x-tcl to text/tcl.
+ Add text/vbscript.
+ Add PySpread spreadsheet mime-types.
+ Add Kotlin source mime-type.
+ Add AVIF image mime-type.
+ Split versions of the Audible audio mime types.
+ Add *.spx glob for audio/x-speex+ogg.
+ Add Apple System Profiler XML mime-type.
- Adjust build dependencies: Add meson and xmlto, drop intltool.

==== simple-scan ====
Version update (3.36.2 -> 3.36.2.1)
Subpackages: simple-scan-lang

- Update to version 3.36.2.1:
+ Revert the higher bit depth text scans changes - they aren't
working with PDF saving.

==== vim ====
Version update (8.2.0530 -> 8.2.0701)
Subpackages: gvim vim-data vim-data-common

- Update to version 8.2.0701 (no changelog)
- Rebase no-common.patch
- Rebase disable-unreliable-tests.patch

==== wireless-regdb ====
Version update (20191029 -> 20200429)

- Update to version 20200429:
* wireless-regdb: update regulatory database based on preceding changes
* wireless-regdb: update rules for US on 2.4/5G
* GB: Extend to cover DMG channels 5 & 6
* wireless-regdb: Update regulatory rules for Singapore (SG)
* wireless-regdb: Update regulatory rules for Indonesia (ID)

==== xorg-x11-driver-video ====

- no longer require vesa X driver on openSUSE either (jsc#SLE-11798)

==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk
xorg-x11-server-wayland

- provide/obsoletes cirrus and ast usermode driver also on openSUSE
(jsc#SLE-12127)

==== zsh ====

- Add $HOME aliases to fix regression after dropping /etc/bash.bashrc
- Add back LS_COLORS, LS_OPTIONS and GPG_TTY


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages