Mailinglist Archive: opensuse-factory (266 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20200528 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Fri, 29 May 2020 20:01:12 +0000
  • Message-id: <159078247209.9251.7817531623152477227@go-agent-stagingbot-7>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20200528

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
MozillaThunderbird (68.8.0 -> 68.8.1)
fribidi
kernel-firmware (20200517 -> 20200519)
libgphoto2 (2.5.24 -> 2.5.25)
perl-Mojolicious (8.42 -> 8.50)
pragha
python-SQLAlchemy (1.3.16 -> 1.3.17)
python-Twisted
python-attrs
python-bcrypt
python-cryptography (2.8 -> 2.9.2)
python-dkimpy
python-jedi
python-lxml
python-netaddr
python-pywbem (0.17.1 -> 0.17.2)
rubygem-actioncable-6.0 (6.0.3 -> 6.0.3.1)
rubygem-actionmailbox-6.0 (6.0.3 -> 6.0.3.1)
rubygem-actionmailer-6.0 (6.0.3 -> 6.0.3.1)
rubygem-actionpack-6.0 (6.0.3 -> 6.0.3.1)
rubygem-actiontext-6.0 (6.0.3 -> 6.0.3.1)
rubygem-actionview-6.0 (6.0.3 -> 6.0.3.1)
rubygem-activejob-6.0 (6.0.3 -> 6.0.3.1)
rubygem-activemodel-6.0 (6.0.3 -> 6.0.3.1)
rubygem-activerecord-6.0 (6.0.3 -> 6.0.3.1)
rubygem-activestorage-6.0 (6.0.3 -> 6.0.3.1)
rubygem-activesupport-6.0 (6.0.3 -> 6.0.3.1)
rubygem-puma (4.3.3 -> 4.3.5)
rubygem-rails-6.0 (6.0.3 -> 6.0.3.1)
rubygem-railties-6.0 (6.0.3 -> 6.0.3.1)
rubygem-rspec-rails (4.0.0 -> 4.0.1)
rubygem-websocket-driver (0.7.1 -> 0.7.2)
xfce4-power-manager (1.6.5 -> 1.6.6)

=== Details ===

==== MozillaThunderbird ====
Version update (68.8.0 -> 68.8.1)
Subpackages: MozillaThunderbird-translations-common

- Mozilla Thunderbird 68.8.1
* fixed: IMAP stability improvements (bmo#1586494)
* fixed: HTML tags in IRC topic changes were rendered
incorrectly (bmo#1607097)
* fixed: MailExtensions: Websockets could not be used
(bmo#1627649)

==== fribidi ====
Subpackages: libfribidi0 libfribidi0-32bit

- Add no-config-h.diff - copied from Debian
Remove HAVE_CONFIG_H from public API
- Add Truncate-isolate_level-to-FRIBIDI_BIDI_MAX_EXPLICIT_.diff -
copied from Debian, CVE-2019-18397
Truncate isolate_level to FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL
- Run spec-cleaner

==== kernel-firmware ====
Version update (20200517 -> 20200519)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k
kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2
kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2
kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi
kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media
kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex
kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia
kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon
kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound
kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd

- Update to version 20200519 (git commit 8ba6fa665c52):
* iwlwifi: update and add new FWs from core50-70 and core52-81 releases
* rtw88: RTL8821C: add firmware file v24.5
* iwlwifi: update FWs to core47-142 release
* iwlwifi: update 8265 FW
- Update modaliases for Intel SST

==== libgphoto2 ====
Version update (2.5.24 -> 2.5.25)
Subpackages: libgphoto2-6 libgphoto2-6-lang

- updated to 2.5.25 release
- ptp2:
* Liveview support for Leica SL
* PTP 1.1 Streaming parameters added.
* Olympus OMD capture fixes
* Nikon DSLR/Z:
* various improvements to liveview error reporting.
* much more properties added, some values added
* allow downloading of "large thumbnails" instead of "regular thumbnails",
can be selected by "thumbsize" gphoto2 local setting.
* fixes for D3000, D3100 methods
* maximum capture wait extended to 1000 seconds (as the D870 has 900 seconds
max now)
* Canon EOS
* initialization fixes (if it breaks your EOS M or PowerShot, please report)
* liveview enablement fixed
* maximum capture wait extended to 90seconds
* EOS R shutterspeed , aperture reporting fixed
* various bugfixes
* Cameras added to id list:
* Sony NEX 5
* Canon EOS 90D
* Fuji XT-4
* Sanyo VPC-FH1
* Leica SL Typ 601
- lumix:
* fixed initialisation, might help capture
- all:
* ongoing stability fixes from AFL fuzzing
- translation updates:
* sv

==== perl-Mojolicious ====
Version update (8.42 -> 8.50)

updated to 8.50
see /usr/share/doc/packages/perl-Mojolicious/Changes
8.50 2020-05-23
- Increased Perl version requirement to 5.16.0. This is just a first step
however, at some point in the not so distant future we will increase the
Perl version requirement to 5.20.0 for full subroutine signatures support.
- Improved Mojo::Base to enable the Perl 5.16 feature bundle with
"unicode_strings", "unicode_eval", "evalbytes", "current_sub" and "fc".
8.43 2020-05-20
- Removed deprecated argument handling from Mojo::Promise::new.
- Removed experimental status from all_settled method in Mojo::Promise.
- Removed experimental status from content_type and file_type methods in
Mojolicious::Types.
- Removed experimental status from cleanup event in Mojo::IOLoop::Subprocess.
- Switched from Storable to JSON serialization for Mojo::IOLoop::Subprocess
IPC to increase efficiency.
- Added exit_code method to Mojo::IOLoop::Subprocess.
- Improved Mojo::Promise to warn when an unhandled rejected promise is
destroyed.
- Fixed a bug where the resolve class method in Mojo::Promise would
unnecessarily create new promises.
- Fixed a promise chaining bug in Mojo::Promise. (karjala)

==== pragha ====
Subpackages: pragha-lang pragha-plugins

- Fix build for Leap 15.2

==== python-SQLAlchemy ====
Version update (1.3.16 -> 1.3.17)

- update to version 1.3.17:
* orm
+ Added an accessor Comparator.expressions which provides access
to the group of columns mapped under a multi-column
ColumnProperty attribute. References: #5262
+ Introduce relationship.sync_backref flag in a relationship to
control if the synchronization events that mutate the in-Python
attributes are added. This supersedes the previous change #5149,
which warned that viewonly=True relationship target of a
back_populates or backref configuration would be disallowed.
References: #5237
+ Fixed bug where using with_polymorphic() as the target of a join
via RelationshipComparator.of_type() on a mapper that already
has a subquery-based with_polymorphic setting that?s equivalent
to the one requested would not correctly alias the ON clause in
the join. References: #5288
+ Fixed issue in the area of where loader options such as
selectinload() interact with the baked query system, such that
the caching of a query is not supposed to occur if the loader
options themselves have elements such as with_polymorphic()
objects in them that currently are not cache-compatible. The
baked loader could sometimes not fully invalidate itself in
these some of these scenarios leading to missed eager loads.
References: #5303
+ Modified the internal ?identity set? implementation, which is a
set that hashes objects on their id() rather than their hash
values, to not actually call the __hash__() method of the
objects, which are typically user-mapped objects. Some methods
were calling this method as a side effect of the implementation.
References: #5304
+ An informative error message is raised when an ORM many-to-one
comparison is attempted against an object that is not an actual
mapped instance. Comparisons such as those to scalar subqueries
aren?t supported; generalized comparison with subqueries is
better achieved using Comparator.has(). References: #5269
* engine
+ Fixed fairly critical issue where the DBAPI connection could be
returned to the connection pool while still in an un-rolled-back
state. The reset agent responsible for rolling back the
connection could be corrupted in the case that the transaction
was ?closed? without being rolled back or committed, which can
occur in some scenarios when using ORM sessions and emitting
.close() in a certain pattern involving savepoints. The fix
ensures that the reset agent is always active. References:
[#5326]
* schema
+ Fixed issue where an Index that is deferred in being associated
with a table, such as as when it contains a Column that is not
associated with any Table yet, would fail to attach correctly if
it also contained a non table-oriented expession. References:
[#5298]
+ A warning is emitted when making use of the
MetaData.sorted_tables attribute as well as the sort_tables()
function, and the given tables cannot be correctly sorted due to
a cyclic dependency between foreign key constraints. In this
case, the functions will no longer sort the involved tables by
foreign key, and a warning will be emitted. Other tables that
are not part of the cycle will still be returned in dependency
order. Previously, the sorted_table routines would return a
collection that would unconditionally omit all foreign keys when
a cycle was detected, and no warning was emitted. References:
[#5316]
+ Add comment attribute to Column __repr__ method. References:
[#4138]
* postgresql
+ Added support for columns or type ARRAY of Enum, JSON or JSONB
in PostgreSQL. Previously a workaround was required in these use
cases. References: #5265
+ Raise an explicit CompileError when adding a table with a column
of type ARRAY of Enum configured with Enum.native_enum set to
False when Enum.create_constraint is not set to False
References: #5266
* mssql
+ Fix a regression introduced by the reflection of computed column
in MSSQL when using the legacy TDS version 4.2. The dialect will
try to detect the protocol version of first connect and run in
compatibility mode if it cannot detect it. References: #5255
+ Fix a regression introduced by the reflection of computed column
in MSSQL when using SQL server versions before 2012, which does
not support the concat function. References: #5271
* oracle
+ Some modifications to how the cx_oracle dialect sets up
per-column outputtype handlers for LOB and numeric datatypes to
adjust for potential changes coming in cx_Oracle 8. References:
[#5246]
+ Changed the implementation of fetching CLOB and BLOB objects to
use cx_Oracle?s native implementation which fetches CLOB/BLOB
objects inline with other result columns, rather than performing
a separate fetch. As always, this can be disabled by setting
auto_convert_lobs to False.
+ As part of this change, the behavior of a CLOB that was given a
blank string on INSERT now returns None on SELECT, which is now
consistent with that of VARCHAR on Oracle. References: #5314
* firebird
+ Adjusted dialect loading for firebird:// URIs so the external
sqlalchemy-firebird dialect will be used if it has been
installed, otherwise fall back to the (now deprecated) internal
Firebird dialect. References: #5278

==== python-Twisted ====

- %python3_only -> %python_alternative

==== python-attrs ====

- Do not restrict us to new setuptools, we generate stuff
even with the older variants

==== python-bcrypt ====

- Relax the setuptools dependency on 40.8.0 to 40.5.0 since that
version is only required by upstream because of a pip issue
(see
https://github.com/pyca/bcrypt/commit/bc8a55e70e179a59fa89fb109353182f8f438e00).
This way we can build in SLE 15 SP2 / Leap 15.2 .

==== python-cryptography ====
Version update (2.8 -> 2.9.2)

- update to 2.9.2
* 2.9.2 - 2020-04-22
- Updated the macOS wheel to fix an issue where it would not run on macOS
versions older than 10.15.
* 2.9.1 - 2020-04-21
- Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL
1.1.1g.
* 2.9 - 2020-04-02
- BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to
low usage and maintenance burden.
- BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
Users on older version of OpenSSL will need to upgrade.
- BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
- Removed support for calling public_bytes() with no arguments, as per
our deprecation policy. You must now pass encoding and format.
- BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
returns the RDNs as required by RFC 4514.
- Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL
1.1.1f.
- Added support for parsing single_extensions in an OCSP response.
- NameAttribute values can now be empty strings.

==== python-dkimpy ====

- %python3_only -> %python_alternative

==== python-jedi ====

- Skip two tests on leap not just sp1+

==== python-lxml ====

- Remove explicit Provides of python-doc, which is just wrong.

==== python-netaddr ====

- %python3_only -> %python_alternative

==== python-pywbem ====
Version update (0.17.1 -> 0.17.2)

- Update to 0.17.2:
- Fixed raise error for invalid reference_direction in
WBEMServer.get_central_instances(). (See issue #2187)
- Fixed raise error for missing ports in WBEMListener.__init__().
(See issue #2188)

==== rubygem-actioncable-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-actionmailbox-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-actionmailer-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-actionpack-6.0 ====
Version update (6.0.3 -> 6.0.3.1)
Subpackages: ruby2.6-rubygem-actionpack-6.0 ruby2.7-rubygem-actionpack-6.0

- updated to version 6.0.3.1
* CVE-2020-8166: HMAC raw CSRF token before masking it, so it
cannot be used to reconstruct a per-form token
* CVE-2020-8164: Return self when calling #each, #each_pair, and
[#]each_value instead of the raw @parameters hash

==== rubygem-actiontext-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-actionview-6.0 ====
Version update (6.0.3 -> 6.0.3.1)
Subpackages: ruby2.6-rubygem-actionview-6.0 ruby2.7-rubygem-actionview-6.0

- updated to version 6.0.3.1
* CVE-2020-8167: Check that request is same-origin prior to including CSRF
token in XHRs

==== rubygem-activejob-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-activemodel-6.0 ====
Version update (6.0.3 -> 6.0.3.1)
Subpackages: ruby2.6-rubygem-activemodel-6.0 ruby2.7-rubygem-activemodel-6.0

- updated to version 6.0.3.1
* no changes

==== rubygem-activerecord-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* no changes

==== rubygem-activestorage-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
* CVE-2020-8162: Include Content-Length in signature for ActiveStorage direct
upload (bsc#1172163)

==== rubygem-activesupport-6.0 ====
Version update (6.0.3 -> 6.0.3.1)
Subpackages: ruby2.6-rubygem-activesupport-6.0 ruby2.7-rubygem-activesupport-6.0

- updated to version 6.0.3.1
* CVE-2020-8165: Deprecate Marshal.load on raw cache read in RedisCacheStore
* CVE-2020-8165: Avoid Marshal.load on raw cache value in MemCacheStore

==== rubygem-puma ====
Version update (4.3.3 -> 4.3.5)
Subpackages: ruby2.6-rubygem-puma ruby2.7-rubygem-puma

- updated to version 4.3.5
* CVE-2020-11076, CVE-2020-11077: Fixed two separate HTTP smuggling
vulnerabilities that used the Transfer-Encoding header

==== rubygem-rails-6.0 ====
Version update (6.0.3 -> 6.0.3.1)

- updated to version 6.0.3.1
Changes are in Rails's modules.
Release Blog entry:

https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/

==== rubygem-railties-6.0 ====
Version update (6.0.3 -> 6.0.3.1)
Subpackages: ruby2.6-rubygem-railties-6.0 ruby2.7-rubygem-railties-6.0

- updated to version 6.0.3.1
* no changes

==== rubygem-rspec-rails ====
Version update (4.0.0 -> 4.0.1)

- updated to version 4.0.1
Bug Fixes:
* Remove warning when calling `driven_by` in system specs. (Aubin Lorieux,
#2302)
* Fix comparison of times for `#at` in job matchers. (Jon Rowe, Markus Doits,
#2304)
* Allow `have_enqueued_mail` to match when a sub class of
`ActionMailer::DeliveryJob`
is set using `<Class>.delivery_job=`. (Atsushi Yoshida #2305)
* Restore Ruby 2.2.x compatibility. (Jon Rowe, #2332)
* Add `required_ruby_version` to gem spec. (Marc-André Lafortune, #2319,
#2338)

==== rubygem-websocket-driver ====
Version update (0.7.1 -> 0.7.2)

- updated to version 0.7.2
* Emit `ping` and `pong` events from the `Server` driver
* Handle draft-76 handshakes correctly if the request's body is a frozen
string

==== xfce4-power-manager ====
Version update (1.6.5 -> 1.6.6)
Subpackages: xfce4-power-manager-lang xfce4-power-manager-plugin

- Update to version 1.6.6
* Dismiss critical notification when connecting to AC
* Fix inhibiting xfce4-screensaver (bxo#16364)
* settings: Move % sign out of spinbutton (bxo#15994)
* panel-plugin: Toggle presentation mode on middle click
* panel-plugin: Properly show 'About' menu item
* panel-plugin: Add missing about callback
* panel-plugin: Properly hook up about signal
* panel-plugin: Replace deprecated call
* Switch to symbolic window-close icons


< Previous Next >
This Thread
  • No further messages