Changed packages: ==== aaa_base ==== Version update (13.2+git20140723.944f74b -> 13.2+git20140812.2531ded) Subpackages: aaa_base-extras - Muffle libGL error message when run under ssh (bnc#890189) ==== autoyast2 ==== Version update (3.1.53 -> 3.1.54) Subpackages: autoyast2-installation - Warning that an already existing autoyast configuration file will be overwritten. (bnc#888546) - 3.1.54 ==== biosdevname ==== - Add mainline commit: 51b8cdb0b60df3baa With this patch, the info can be showed correctly if there are two or more PCI root ports in the same Bus ID/Device ID (bnc#890562) Add: fix_several_PCI_root_ports_in_one_bus.patch ==== clutter-devel ==== Version update (1.18.2 -> 1.18.4) Subpackages: libclutter-1_0-0 typelib-1_0-Clutter-1_0 - Update to version 1.18.4: + Improve touch events handling on X11 + Fix opacity issues with canvas contents + Documentation updates. + Bugs fixed: bgo#728521, bgo#729144, bgo#730577, bgo#731268, bgo#732143, bgo#732235, bgo#732234, bgo#733385, bgo#733560, bgo#733300, bgo#733062, bgo#732907. + Updated translations. ==== cryptsetup ==== Version update (1.6.4 -> 1.6.5) Subpackages: libcryptsetup4 libcryptsetup4-32bit - version 1.6.5 * Allow LUKS header operation handling without requiring root privilege. It means that you can manipulate with keyslots as a regular user, only write access to device (or image) is required. * Fix internal PBKDF2 key derivation function implementation for alternative crypto backends (kernel, NSS) which do not support PBKDF2 directly and have issues with longer HMAC keys. * Support for Python3 for simple Python binding. Python >= 2.6 is now required. You can set Python compiled version by setting - -with-python_version configure option (together with --enable-python). * Use internal PBKDF2 in Nettle library for Nettle crypto backend. Cryptsetup compilation requires Nettle >= 2.6 (if using Nettle crypto backend). * Allow simple status of crypt device without providing metadata header. The command "cryptsetup status" will print basic info, even if you do not provide detached header argument. * Allow to specify ECB mode in cryptsetup benchmark. * Add some LUKS images for regression testing. Note that if image with Whirlpool fails, the most probable cause is that you have old gcrypt library with flawed whirlpool hash. Read FAQ section 8.3 for more info. - Removed e2fsprogs-devel and libtool build requirements (not needed). - Added libpwquality-devel and libuuid-devel build requirements. - libcryptsetup4-hmac split off contain the hmac for FIPS certification ==== emacs ==== Subpackages: emacs-info emacs-nox emacs-x11 etags - Add Utility category to .desktop file. ==== evolution ==== Version update (3.12.4 -> 3.12.5) - Update to version 3.12.5: + Images in contact preview are not shown with webkitgtk3 2.4.x. + Add missing chain-up-s to parent's constructed() method. + Always use selected color for selected region in EDayView. + e_day_view_show_popup_menu: Avoid runtime warning from tooltip_get_view_event. + Calendar View: Use smaller icons in the Search bar. + e_mail_folder_uri_build: Encode special characters in folder names. + e_client_cache_get_client: Fix a memory leak. + Bugs fixed: bgo#732892, bgo#733295, bgo#733917. + Updated translations. - Drop evolution-nomore-gnome-icon.patch: Fixed upstream. - Set define need_autogen to 0, as we are not applying any patches at the moment. - Update evolution-nomore-gnome-icon.patch to match what upstream does in git. - Add pkgconfig(adwaita-icon-theme) BuildRequires: upstream wants to check for the presence of the theme. ==== evolution-data-server ==== Version update (3.12.4 -> 3.12.5) Subpackages: evolution-data-server-devel libcamel-1_2-49 libebackend-1_2-7 libebook-1_2-14 libebook-contacts-1_2-0 libecal-1_2-16 libedata-book-1_2-20 libedata-cal-1_2-23 libedataserver-1_2-18 typelib-1_0-EBook-1_2 typelib-1_0-EBookContacts-1_2 typelib-1_0-EDataServer-1_2 - Update to version 3.12.5: + Correct the test for g_subprocess_launcher_set_child_setup() availability. + Add missing chain-up-s to parent's constructed() method. + Strip remote GDBus errors after talking to GOA. + [IMAPx] Add actual error message into 'Select failed' debug log. + Bugs fixed: bgo#733183, bgo#732983, bgo#733081, bgo#732627. + Updated translations. ==== evolution-ews ==== Version update (3.12.4 -> 3.12.5) Subpackages: evolution-ews-lang libeews-1_2-0 libewsutils0 - Update to version 3.12.5: + Add missing chain-up to parent's constructed() method. + Handle cookies (non-persistently). + SOUP_STATUS_IS_SUCCESSFUL(soup_session_send_message()) sends message twice. + Clean up enabling/disabling NTLM and Basic auth types. + Clean up logging slightly and make it more consistent. + Add camel_ews_settings_get_auth_mechanism() helper function. + Clean up Negotiate auth implementation to be a SoupAuth subclass. + Bugs fixed: bgo#733274, bgo#703181, bgo#732850, bgo#703181, bgo#733663, bgo#732850, bgo#732850. ==== gpg2 ==== Version update (2.0.25 -> 2.0.26) - update to 2.0.26: * gpg: Fix a regression in 2.0.24 if a subkey id is given to --recv-keys et al. * gpg: Cap attribute packets at 16MB. * gpgsm: Auto-create the ".gnupg" home directory in the same way gpg does. * scdaemon: Allow for certificates > 1024 when using PC/SC. - remove URL from package keyring, upstream file metadata changes ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-xen - grub2-btrfs-fix-incorrect-address-reference.patch * Fix incorrect address reference in GRUB_BTRFS_EXTENT_REGULAR range check (bnc#869748) - grub2-vbe-blacklist-preferred-1440x900x32.patch * Blacklist preferred resolution 1440x900x32 which is broken on many Thinkpads (bnc#888727) ==== libgtkhtml-4_0-0 ==== Version update (4.8.3 -> 4.8.4) Subpackages: libgtkhtml-editor-4_0-0 - Update to version 4.8.4: + Miscellaneous: Add forgotten chain-up-s to parent's constructed() method. ==== icedtea-web-javadoc ==== - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for itweb-settings.desktop ==== install-initrd-openSUSE ==== Version update (14.125 -> 14.129) - xorg-x11-server: libglx.so link changed - 14.129 - xorg-x11-server uses update-alternatives - 14.128 - remove libgcrypt20-hmac and libcryptsetup4-hmac dependency for now - openssh-fips will be renamed to openssh-hmac probably - add libgcrypt20-hmac and libcryptsetup4-hmac - 14.127 - fix BuildRequires - Added SuSEfirewall2 sysconfig configuration (bnc #887406) - 14.126 ==== java-1_7_0-openjdk-plugin ==== - Update alternatives code to match docu. - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for itweb-settings.desktop ==== java-1_8_0-openjdk ==== Subpackages: java-1_8_0-openjdk-headless - Use icedtea-sound-1.0.1 release tarball ==== java-1_8_0-openjdk-plugin ==== - Update alternatives code to match docu. - Modified patch: * icedtea-web-suse-desktop-files.patch - Change categories for itweb-settings.desktop ==== libkactivities6 ==== - Use kde4-macros for filelists: kactivities4 use kdelibs4 buildsystem ==== kiwi ==== Version update (5.06.149 -> 5.06.153) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools - v5.06.153 released - Add RHEL7 JeOS template to kiwi-templates in spec file - RHEL7 parted cannot set swap flag, skip this flag setup - Added oemboot description for RHEL7 - Added vmxboot description for RHEL7 - Use lookup function to check for initrd tools pidof/killall5 - Use menu.c32 for live ISO boot menu if not gfxboot theme exists - fix ovf file generation + missing name space qualifiers for - Description, Info, Network, OperatingSystem, Name + tag mismatch on line 38 of .ovf file + missing entry in schemaLocation - v5.06.152 released - Use group_command=compat in yum.conf if this is not used I get errors saying: There is no installed groups file. - Fixed file logging log messages were still written to stdout/stderr channels even if a logfile was set - Added RHEL7 JeOS template - Added isoboot description for RHEL7 - v5.06.151 released ==== libModemManagerQt0 ==== - Build with %optflags - Move away from kde4-macros in filelist: libModemManager doesn't use kdelibs4 buildsystem ==== libNetworkManagerQt1 ==== - Move away from kde4-macros in filelist: libNetworkManagerQt doesn't use kdelibs4 buildsystem ==== libgcrypt-devel ==== Subpackages: libgcrypt20 libgcrypt20-32bit - split off the -hmac package that contains the checksums ==== libkfbapi1 ==== - Use kde4-macros for filelists, libkfbapi uses kdelibs4 buildsystem ==== libpwquality1 ==== - Avoid conflict in installation-images-openSUSE with cryptsetup: + Only recommend, insted of Require cracklib-dict-full. + Require cracklib-dict. ==== libstorage-ruby ==== Subpackages: libstorage5 - also remove crypt devices during deactivation (bnc#888128) ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen - bnc#820399 - virsh blockcopy should refuse identical device blockcopy-check-dst-identical-device.patch ==== linux-glibc-devel ==== Version update (3.15.1 -> 3.16) - Update to kernel headers from 3.16 ==== libfreebl3 ==== Version update (3.16.3 -> 3.16.4) Subpackages: libfreebl3-32bit libsoftokn3 libsoftokn3-32bit mozilla-nss mozilla-nss-32bit mozilla-nss-certs mozilla-nss-certs-32bit mozilla-nss-devel mozilla-nss-tools - update to 3.16.4 * now required for Firefox 32 Notable Changes: * The following 1024-bit root CA certificate was restored to allow more time to develop a better transition strategy for affected sites. It was removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy forum led to the decision to keep this root included longer in order to give website administrators more time to update their web servers. - CN = GTE CyberTrust Global Root * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit intermediate CA certificate has been included, without explicit trust. The intention is to mitigate the effects of the previous removal of the 1024-bit Entrust.net root certificate, because many public Internet sites still use the "USERTrust Legacy Secure Server CA" intermediate certificate that is signed by the 1024-bit Entrust.net root certificate. The inclusion of the intermediate certificate is a temporary measure to allow those sites to function, by allowing them to find a trust path to another 2048-bit root CA certificate. The temporarily included intermediate certificate expires November 1, 2015. ==== obs-service-format_spec_file ==== - do not enter empty license line if not found (eg in include file) - update prepare_spec from git to fix (bnc#891152) ==== obs-service-source_validator ==== - update from git: - more work on dealing with util-linux - update from git: - hack for util-linux specfiles (bnc#891829) ==== libopagent1 ==== Subpackages: oprofile - Add support for Intel Silvermont processor (bnc#891892) New patch: oprofile-add-support-for-intel-silvermont-processor.patch ==== pesign-obs-integration ==== - switch gen-hmac to use fipscheck instead of sha256hmac ==== libphonon4 ==== Version update (4.7.2 -> 4.7.80) Subpackages: phonon-devel - Update to 4.7.80 * 4.8 beta: PA interaction improvements, documentation fixes and standard bugfixes - Move away from kde4-filesystem macros: phonon doesn't use kdelibs4 buildsystem ==== phonon-backend-gstreamer ==== Version update (4.7.2~git20140418 -> 4.7.80) - Update to 4.7.80 * 4.8 beta: PA interaction improvements, documentation fixes and standard bugfixes - Bump phonon (Build)Requires to 4.7.80 ==== libpulse-devel ==== Subpackages: libpulse-mainloop-glib0 libpulse0 libpulse0-32bit pulseaudio pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils - Add pulseaudio-bnc881524-rtp.patch. CVE-2014-3970 Denial of service in module-rtp-recv ==== python-Babel ==== - Removed un-needed BuildRequire for timezone - Added 0001-disable_timezone_tests.patch + Disabling tests so package will build. Tests can be re-enabled when upstream bug is resolved (gh#mitsuhiko/babel#106) ==== sbl ==== - Get rid of files using the old SUSE spelling (bnc#889007). ==== libsss_idmap0 ==== Version update (1.11.5.1 -> 1.12.0) Subpackages: sssd sssd-32bit sssd-krb5-common sssd-ldap - Update to new upstream release 1.12.0 * A new responder, called InfoPipe was added. This responder provides a public D-Bus interface accessible over the system bus. In this release, methods for retrieving user attributes and list of groups were added as well as objects representing SSSD domains and processes. (The next 1.12.x releases will publish objects representing users and groups, too.) * SSSD provides an ID-mapping plugin for cifs-utils so that Windows SIDs can be mapped onto POSIX IDs and/or names without requiring Winbind and using the same code as the SSSD uses for identity information. * First phase of Group Policy-based access control for the AD provider was added. At the moment, the gpo-ldap component that downloads the list of GPOs that apply for the specific client has been implemented as well as the gpo-smb component that retrieves the group policy files and determines the access control check results based on those files. Future improvements will focus on storing the GPO policies as local files and mapping the Windows logon rights onto Linux PAM services. * Added a new library called sss_sifp that provides a simple synchronous API for communication with our new InfoPipe responder over the system bus. - Remove 0001-BUILD-Link-libsss_ldap_common.so-to-libsss_idmap.so.patch (merged upstream) - Provide "rcsssd" in systemd environments - Ensure sssd is always startable by removing /var/lib/sss/db/*.ldb on package installation so as to avoid potentially cache format incompatibility which would cause sssd to exit ==== libstreamanalyzer0 ==== - Move away from kde4-filesystem macros: strigi doesn't use kdelibs4 buildsystem - Add libstreamanalyzer0 to baselibs.conf to make libkde4-32bit installable, it requires libstreamanalyzer0.so.0()(32bit) which is not provided by libstrigi0-32bit any more ==== libtelepathy-farstream3 ==== - Add tp-fs-add-mising-break-in-switch-block.patch, call-stream: add mising 'break' in switch block (fdo#79006). Patch from upstream git. ==== xorg-x11-server ==== Subpackages: xorg-x11-server-extra xorg-x11-server-sdk - only add /etc/alternatives/libglx.so as ghost on suse >= 1315 - added /etc/alternatives/libglx.so as ghost - moved libglx-xorg.so to xorg/xorg-libglx.so to avoid messup in case anybody runs ldconfig in modules/extensions - make use of update-alternatives for libglx.so (FATE#317822) ==== yast2-bootloader ==== Version update (3.1.85 -> 3.1.87) - AutoYaST clone_system: Not using "next" in a ruby "reduce" call. (bnc#891079) - 3.1.87 - Fixed adding a crashkernel parameter to xen_append if the latter is missing. kdump.service would fail then (bnc#886843) - 3.1.86 Removed packages: bundle-lang-common-ca cracklib-dict-small pulseaudio-esound-compat Added packages: esound-daemon libsss_nss_idmap0