Packages changed: ImageMagick (7.0.8.21 -> 7.0.8.25) Mesa (18.3.1 -> 18.3.2) Mesa-drivers (18.3.1 -> 18.3.2) apache2 (2.4.37 -> 2.4.38) apparmor apr (1.6.3 -> 1.6.5) autofs (5.1.3 -> 5.1.5) autoyast2 (4.0.70 -> 4.1.0) bluez ceph (14.0.1.1555+g42662f72f4 -> 14.0.1.3346+g0364ec8d2f) djvulibre dpdk (18.02.2_k4.20.6_1 -> 18.11_k4.20.6_1) exo (0.12.3 -> 0.12.4) ffmpeg-4 fontconfig (2.12.6 -> 2.13.1) fonts-config (20181211 -> 20190119) glusterfs (4.0.2 -> 5.3) gnutls (3.6.4 -> 3.6.6) groff (1.22.3 -> 1.22.4) groff-full (1.22.3 -> 1.22.4) guile hugin installation-images-Kubic (14.404 -> 14.408) kernel-firmware (20181218 -> 20190118) kimageformats kmail-account-wizard konsole libappindicator libblockdev (2.18 -> 2.20) libcaca libcdio-paranoia (10.2+0.93+1 -> 10.2+2.0.0) libcontainers-common libesmtp libgxps (0.3.0 -> 0.3.1) libinput (1.12.5 -> 1.12.6) libjansson (2.11 -> 2.12) libpng16 libseccomp libstorage-ng (4.1.78 -> 4.1.84) libvirt (4.10.0 -> 5.0.0) libxml2 (2.9.8 -> 2.9.9) llvm (7.0.0 -> 7.0.1) llvm7 (7.0.0 -> 7.0.1) man-pages-posix mercurial (4.8.2 -> 4.9) metis mozilla-nss (3.40.1 -> 3.41.1) nbd (3.17 -> 3.18) nftables open-iscsi openconnect (7.08 -> 8.02) openssh perl-Inline (0.80 -> 0.81) perl-JSON (4.00 -> 4.01) pfstools postfix protobuf python-libvirt-python (4.10.0 -> 5.0.0) python-libxml2-python (2.9.8 -> 2.9.9) python-setuptools (40.6.3 -> 40.7.2) qemu qemu-linux-user rebootmgr (0.17 -> 0.18) rubygem-rails-5.2 sysconfig (0.85.0 -> 0.84.3) tigervnc traceroute (2.0.21 -> 2.1.0) udisks2 (2.7.8 -> 2.8.1) valgrind wget xorg-x11-server xrx xterm (342 -> 343) xtermset yast2-apparmor (4.1.5 -> 4.1.7) yast2-bootloader (4.1.13 -> 4.1.14) yast2-control-center (4.1.4 -> 4.1.5) yast2-firstboot (4.1.3 -> 4.1.4) yast2-installation (4.1.34 -> 4.1.35) yast2-network (4.1.34 -> 4.1.36) yast2-packager (4.1.24 -> 4.1.25) yast2-schema (4.1.1 -> 4.1.3) yast2-services-manager (4.1.11 -> 4.1.12) yast2-storage-ng (4.1.48 -> 4.1.50) yast2-tftp-server (4.1.6 -> 4.1.7) yast2-theme (4.1.8 -> 4.1.9) yast2-trans (84.87.20190119.79f0258829 -> 84.87.20190201.2c07938cca) zsh (5.6.2 -> 5.7.1) === Details === ==== ImageMagick ==== Version update (7.0.8.21 -> 7.0.8.25) Subpackages: ImageMagick-extra libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI6 libMagickWand-7_Q16HDRI6 perl-PerlMagick - update to 7.0.8-25: * Eliminate spurious font warning (#1458) * Support HEIC EXIF & XMP profiles. - changelog for 7.0.8-24: * Support -clahe option real clip limit * ShadeImage() kernels can return negative pixels, clamp to range (#1319) * Annotate with negative offsets no longer renders slanted text - clamp after edge [bsc#1106415] + ImageMagick-clamp-after-edge.patch - update to 7.0.8-23: * CacheInfo destructor must be aligned in DestroyPixelStream(). * Support negative rotations in a geometry (e.g. -10x-10+10+10). * Return expected canvas offset after a crop with gravity. ==== Mesa ==== Version update (18.3.1 -> 18.3.2) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to 18.3.2 * In this release candidate we have added more PCI IDs for AMD Vega devices and a number of fixes for the RADV Vulkan drivers. * On the Intel side we have a selection ranging from quad swizzles support for ICL to compiler fixes. * The nine state tracker has also seen some love as do the Broadcom drivers. * To top it all up, we have a healthy mount of build system fixes. ==== Mesa-drivers ==== Version update (18.3.1 -> 18.3.2) Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - Update to 18.3.2 * In this release candidate we have added more PCI IDs for AMD Vega devices and a number of fixes for the RADV Vulkan drivers. * On the Intel side we have a selection ranging from quad swizzles support for ICL to compiler fixes. * The nine state tracker has also seen some love as do the Broadcom drivers. * To top it all up, we have a healthy mount of build system fixes. ==== apache2 ==== Version update (2.4.37 -> 2.4.38) Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - updated to 2.4.38 * mod_ssl: Clear retry flag before aborting client-initiated renegotiation. PR 63052 [Joe Orton] * mod_negotiation: Treat LanguagePriority as case-insensitive to match AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet] * mod_md: incorrect behaviour when synchronizing ongoing ACME challenges have been fixed. [Michael Kaufmann, Stefan Eissing] * mod_setenvif: We can have expressions that become true if a regex pattern in the expression does NOT match. In this case val is NULL and we should just set the value for the environment variable like in the pattern case. [Ruediger Pluem] * mod_session: Always decode session attributes early. [Hank Ibell] * core: Incorrect values for environment variables are substituted when multiple environment variables are specified in a directive. [Hank Ibell] * mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when this type of map is present in the configuration. PR62311. [Hank Ibell ] * mod_dav: Fix invalid Location header when a resource is created by passing an absolute URI on the request line [Jim Jagielski] * mod_session_cookie: avoid duplicate Set-Cookie header in the response. [Emmanuel Dreyfus , Luca Toscano] * mod_ssl: clear *SSL errors before loading certificates and checking afterwards. Otherwise errors are reported when other SSL using modules are in play. Fixes PR 62880. [Michael Kaufmann] * mod_ssl: Fix the error code returned in an error path of 'ssl_io_filter_handshake()'. This messes-up error handling performed in 'ssl_io_filter_error()' [Yann Ylavic] * mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix authz provider so "Require ssl" works correctly in HTTP/2. PR 61519, 62654. [Joe Orton, Stefan Eissing] * mod_proxy: If ProxyPassReverse is used for reverse mapping of relative redirects, subsequent ProxyPassReverse statements, whether they are relative or absolute, may fail. PR 60408. [Peter Haworth ] * mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1] - SSLProtocol use TLSv1.2 or higher ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit perl-apparmor python3-apparmor - add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3) - Use %license instead of %doc [bsc#1082318] ==== apr ==== Version update (1.6.3 -> 1.6.5) Subpackages: apr-devel libapr1 - Update keyring to match current release maintainer - Version 1.6.5 * Fix Win32 build breakage in apr_os_exp_time_put() in 1.6.4. [Rainer Jung] - Version 1.6.4 * configure: Fix detection of on OpenBSD. PR 61976. [David Carlier , Yann Ylavic] * Fix apr_parse_addr_port() regression in scope_id parsing introduced in 1.6.3. [Rainer Jung] * Fix Win32 file buffer locking behavior for single threaded file streams. [Evgeny Kotkov, Mladen Turk, Jean-Frederic Clere] * Numerous corrections to APR poll behavior. [Yann Ylavic] - Drop patch gcc8-integer-overflow.patch merged upstream ==== autofs ==== Version update (5.1.3 -> 5.1.5) - Upgrade to 5.1.5 - fix flag file permission. - fix directory create permission. - fix use after free in do_master_list_reset(). - fix deadlock in dumpmaps. - dont use array for path when not necessary. - fix prefix option handling in expand_entry(). - fix sublink option not set from defaults. - fix error return in do_nfs_mount(). - add error handling for ext_mount_add(). - account for recent libnsl changes. - use_hostname_for_mounts shouldn't prevent selection among replicas. - fix monotonic_elapsed. - Makefiles.rules: remove 'samples' from SUBDIRS. - dont allow trailing slash in master map mount points. - fix libresolv configure check. - add fedfs-getsrvinfo.c. - add mount.fedfs.c. - add fedfs-map-nfs4.c. - add conditional inclusion of fedfs binaries. - add an example fedfs master map entry to the installed master map. - improve hostname lookup error logging. - fix rpm spec install premissions on auto.net and auto.smb. - tiny patch for autofs typo and possible bug. - add units After line to include statd service. - use systemd sd_notify() at startup. - fix NFS version mask usage. - fix fd leak in rpc_do_create_client(). - add-man page note about extra slashes in paths. - change expire type naming to better reflect usage. - use defines for expire type. - enable SIGUSR2 handling in rpm spec file. - fix age setting at startup. - fix update_negative_cache() map source usage. - fix program usage message. - mark removed cache entry negative. - set bind mount as propagation slave. - add master map pseudo options for mount propagation. - fix use after free in parse_ldap_config(). - fix incorrect locking in sss lookup. - fix amd parser opts option handling. - fix possible NULL pointer dereference in get_defaults_entry(). - better handle hesiod support not built in. - fix indent in automount(8) man page. - remove autofs4 module load code. - add NULL check in prepare_attempt_prefix(). - update build info with systemd. - use flags for startup boolean options. - move close stdio descriptors to become_daemon(). - add systemd service command line option. - refactor negative map entry check. - remove unused function dump_master(). - remove unused function dump_state_queue(). - remove couple of undeeded requires. - Removed patches: * autofs-5-1-3-fix-ordering-of-seteuid-setegid-in-do_spawn.patch * autofs-5-1-3-fix-possible-map-instance-memory-leak.patch * autofs-5-1-3-check-map-instances-for-staleness-on-map-update.patch * 0001-use_hostname_for_mounts-shouldn-t-prevent-selection-.patch * 0002-Fix-monotonic_elapsed.patch * 0003-autofs-5.1.4-fix-fd-leak-in-rpc_do_create_client.patch - Updated spec file to use native autofs service files ==== autoyast2 ==== Version update (4.0.70 -> 4.1.0) Subpackages: autoyast2-installation - Fixed conflicting items in rule dialogs (bsc#1123091). - 4.1.0 ==== bluez ==== Subpackages: libbluetooth3 - add btgatt-client to bluez-test ==== ceph ==== Version update (14.0.1.1555+g42662f72f4 -> 14.0.1.3346+g0364ec8d2f) Subpackages: librados3 libradospp1 librbd1 - Update to 14.0.1-3346-g0364ec8d2f: + rgw: Fix for SignatureMismatchError in s3 commands - Update to 14.0.1-3344-g0834db3c15: + spec: drop arch-specific conditional around RGW crypto plugin libraries + make-dist: prefer Python 3 - Update to 14.0.1-3341-gb471954ff4: + rebase on top of upstream master branch, SHA1 602c875bd68a091be485bfba7e2d62b3f08ba7b3 * msgr V2 - Update to 14.0.1-3176-ge8d910619e: + rebase on top of upstream master branch, SHA1 cc26a67890b58c678d4bb26f6a408cf1742317b5 * spec: fix xmlsec1 build dependency for dashboard make check - Update to 14.0.1-2789-g6c941e4d76: + rebase on top of upstream master branch, SHA1 c70a3d8e30be84ea8db41e7329ed1577aeee9ab9 * MON now supports Kerberos authentication * MGR now works with Cython >= 0.29 * spec: add xmlsec1 dependency for dashboard make check * spec: change rbd-mirror and ceph-radosgw runtime dependency from ceph-common to ceph-base to address http://tracker.ceph.com/issues/37620 ==== djvulibre ==== Subpackages: libdjvulibre21 - Remove rsvg-convert BuildRequires, just use the prebuilt pngs from the source package. ==== dpdk ==== Version update (18.02.2_k4.20.6_1 -> 18.11_k4.20.6_1) - Update to 18.11; some of the changes are(fate#325916, fate#325951 fate#326025, fate#326992): * Added support for using externally allocated memory in DPDK. * Added check for ensuring allocated memory is addressable by devices. * Updated the C11 memory model version of the ring library. * Added NXP CAAM JR PMD. * Added support for GEN3 devices to Intel QAT driver. * Added Distributed Software Eventdev PMD. * Updated KNI kernel module, rte_kni library, and KNI sample application. * Add a new sample application for vDPA. * Updated mlx5 driver. * * Improved security of PMD to prevent the NIC from getting stuck when the application misbehaves. * * Reworked flow engine to supported e-switch flow rules (transfer attribute). * * Added support for header re-write(L2-L4), VXLAN encap/decap, count, match on TCP flags and multiple flow groups with e-switch flow rules. * * Added support for match on metadata, VXLAN and MPLS encap/decap with flow rules. * * Added support for RTE_ETH_DEV_CLOSE_REMOVE flag to provide better support for representors. * * Added support for meson build. * * Fixed build issue with PPC. * * Added support for BlueField VF. * * Added support for externally allocated static memory for DMA. all the changes can be viwed in http://doc.dpdk.org/guides/rel_notes/release_18_11.html [- 0001-enic-fix-Type-punning-and-strict-aliasing-warning.patch] ==== exo ==== Version update (0.12.3 -> 0.12.4) Subpackages: exo-data exo-helpers exo-lang exo-tools libexo-1-0 libexo-2-0 - update to 0.12.4 * Use the standard shared thumbnails directory (bxo#14799) * ExoCellRendererIcon: Fix highlight rendering with GTK 3 (bxo#14971) * ExoIconView: Fix search popup placement (bxo#14994) * Translation Updates - fix up macros only necessary for Leap 42.3 and below ==== ffmpeg-4 ==== Subpackages: libavcodec58 libavdevice58 libavfilter7 libavformat58 libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5 - Add conditional pkgconfig(vo-amrwbenc) BuildRequires and conditionally pass --enable-libvo-amrwbenc --enable-version3 to configure: build amrwb encoder if dependency is present. ==== fontconfig ==== Version update (2.12.6 -> 2.13.1) Subpackages: fontconfig-devel - Implement shared library packaging guideline - Split documentation to soothe rpmlint's "W: package-with-huge-docs 86%" - Fix self obsoletion ipa-fonts-config and IPA-fonts-config. - Fix build error in Leap 42.3. - Fix location of fontconfig-devel.* doc-files. - Package AUTHORS, ChangeLog and README via standard doc macro. - Update to 2.13.1: * conf.d: Drop aliases for (URW)++ fonts * variable fonts support * Use uuid-based cache filename if uuid is assigned to dirs * Add new API to find out a font from current search path * Add FONTCONFIG_SYSROOT environment variable * [varfonts] Add FC_FONT_VARIATIONS * [varfonts] Add FC_VARIABLE * Add Simplified Chinese translations * Fix memory leaks, double frees etc. * See README for details - Drop fontconfig-remove-debug-output.patch ==== fonts-config ==== Version update (20181211 -> 20190119) - Update to 20190119 * Allow non-ASCII letters in font names (boo#1049056) ==== glusterfs ==== Version update (4.0.2 -> 5.3) Subpackages: libgfapi0 libgfrpc0 libgfxdr0 libglusterfs0 - Update to new upstream version 5.3 (4.0 is EOL) * 5.3 brings hundreds of improvements, see complete relnote at https://docs.gluster.org/en/latest/release-notes/5.0/ - Remove patches no longer needed in 5.x: * 0001-build-restore-ability-to-control-verbosity-settings.patch * glusterfs-tirpc.diff ==== gnutls ==== Version update (3.6.4 -> 3.6.6) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - Update to 3.6.6 * * libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits on the public key (#640). * * libgnutls: Added support for raw public-key authentication as defined in RFC7250. Raw public-keys can be negotiated by enabling the corresponding certificate types via the priority strings. The raw public-key mechanism must be explicitly enabled via the GNUTLS_ENABLE_RAWPK init flag (#26, #280). * * libgnutls: When on server or client side we are sending no extensions we do not set an empty extensions field but we rather remove that field competely. This solves a regression since 3.5.x and improves compatibility of the server side with certain clients. * * libgnutls: We no longer mark RSA keys in PKCS#11 tokens as RSA-PSS capable if the CKA_SIGN is not set (#667). * * libgnutls: The priority string option %NO_EXTENSIONS was improved to completely disable extensions at all cases, while providing a functional session. This also implies that when specified, TLS1.3 is disabled. * * libgnutls: GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated. The previous definition was non-functional (#609). - drop no longer needed gnutls-enbale-guile-2.2.patch - refresh disable-psk-file-test.patch - Update to 3.6.5 * * libgnutls: Provide the option of transparent re-handshake/reauthentication when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571). * * libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127) * * libgnutls: The priority functions will ignore and not enable TLS1.3 if requested with legacy TLS versions enabled but not TLS1.2. That is because if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled) servers which do not support TLS1.3 will negotiate TLS1.2 which will be rejected by the client as disabled (#621). * * libgnutls: Change RSA decryption to use a new side-channel silent function. This addresses a security issue where memory access patterns as well as timing on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher attacks. Side-channel resistant code is slower due to the need to mask access and timings. When used in TLS the new functions cause RSA based handshakes to be between 13% and 28% slower on average (Numbers are indicative, the tests where performed on a relatively modern Intel CPU, results vary depending on the CPU and architecture used). This change makes nettle 3.4.1 the minimum requirement of gnutls (#630). [CVSS: medium] * * libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword in the priority string. It is only accepted as legacy option and is ignored. * * libgnutls: Added support for EdDSA under PKCS#11 (#417) * * libgnutls: Added support for AES-CFB8 cipher (#357) * * libgnutls: Added support for AES-CMAC MAC (#351) * * libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D S-BOXes). They are fixed now. * * libgnutls: Added support for GOST key unmasking and unwrapped GOST private keys parsing, as specified in R 50.1.112-2016. * * gnutls-serv: It applies the default settings when no --priority option is given, using gnutls_set_default_priority(). * * p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin option (#561) * * certtool: Add parameter --no-text that prevents certtool from outputting text before PEM-encoded private key, public key, certificate, CRL or CSR. - minimum required libnettle is now 3.4.1 - refresh * disable-psk-file-test.patch * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch ==== groff ==== Version update (1.22.3 -> 1.22.4) - Trim tm signs - Version update to 1.22.4: * Many fixes for hyphenation helping * Various build tweaks * See the NEWS file for details - New signature -> update keyring file - Remove upstream merged patches: * groff-multi-thread.patch * groff-reproducible-mdate.patch * groff-use-SDE.patch - Remove groff-1.21-groffer-libexecdir.patch as upstream redid the autotools rules and uses configure option now - Rebase patch groff-1.20.1-deunicode.patch - Rebase patch groff-1.21-CVE-2009-5081.patch - Drop patch groff-1.21-CVE-2009-5080.patch as it seems the shell script now properly safeguards against this - Rebase patch 0002-documentation-for-the-locale-keyword.patch - Recreate groff-force-locale-usage.patch for autotools buildsystem - Add patch 0004-don-t-use-usr-bin-env-in-shebang.patch - Remove groff_1.22.3-1.debian.diff and replace it with split debian patches: * bash-scripts.patch * sort-perl-hash-keys.patch - Switch to multibuild in order to avoid having to manage 2 differentiating spec files ==== groff-full ==== Version update (1.22.3 -> 1.22.4) Subpackages: gxditview - Trim tm signs - Version update to 1.22.4: * Many fixes for hyphenation helping * Various build tweaks * See the NEWS file for details - New signature -> update keyring file - Remove upstream merged patches: * groff-multi-thread.patch * groff-reproducible-mdate.patch * groff-use-SDE.patch - Remove groff-1.21-groffer-libexecdir.patch as upstream redid the autotools rules and uses configure option now - Rebase patch groff-1.20.1-deunicode.patch - Rebase patch groff-1.21-CVE-2009-5081.patch - Drop patch groff-1.21-CVE-2009-5080.patch as it seems the shell script now properly safeguards against this - Rebase patch 0002-documentation-for-the-locale-keyword.patch - Recreate groff-force-locale-usage.patch for autotools buildsystem - Add patch 0004-don-t-use-usr-bin-env-in-shebang.patch - Remove groff_1.22.3-1.debian.diff and replace it with split debian patches: * bash-scripts.patch * sort-perl-hash-keys.patch - Switch to multibuild in order to avoid having to manage 2 differentiating spec files ==== guile ==== Subpackages: guile-modules-2_2 libguile-2_2-1 - remove broken prebuilt 32-bit big-endian objects ==== hugin ==== - spec file cleanup (%license, %defattr) - add HSI (Hugin Scripting Interface) bcond, correct -DBUILD_HSI option syntax for cmake ==== installation-images-Kubic ==== Version update (14.404 -> 14.408) - merge gh#openSUSE/installation-images#293 - Revert "Add bcache-tools package (fate#325346)" - Remove optional for initrd - Add bcache-tools to rescue system (fate#325346) - Add bcache-tools package to rescue system - 14.408 - merge gh#openSUSE/installation-images#292 - Add bcache-tools package (fate#325346) - 14.407 - updated skelcd-fallbackrepo package list - fix spec to require correct skelcd-fallbackrepo packages - merge gh#openSUSE/installation-images#290 - adjust to grub2 package changes (fate#326960, bsc#1122992) - adjust to nfs-utils package changes (bsc#1122994) - avoid perl warnings using BigInt module - correct efi and shim dir - 14.406 - merge gh#openSUSE/installation-images#289 - Added new linuxrc option: specialproduct (fate#327099) - 14.405 ==== kernel-firmware ==== Version update (20181218 -> 20190118) Subpackages: ucode-amd - Remove brcm RPi f/w that are already included in the upstream tree - Update to version 20190118: * brcm: Add BCM43455 NVRAM for Raspberry Pi 3 B+ * brcm: Fix filename for BCM43430 NVRAM for the Raspberry Pi 3 Model B * amdgpu: add raven2 fw for 18.50 release * amdgpu: add picasso fw for 18.50 release * Revert "brcm: Add BCM43455 NVRAM for Raspberry Pi 3 B+" * linux-firmware: Update firmware file for Intel Bluetooth,8265 * linux-firmware: Update firmware patch for Intel Bluetooth 8260 * linux-firmware: Update firmware file for Intel Bluetooth,9260 * linux-firmware: Update firmware file for Intel Bluetooth,9560 * brcm: Add BCM43430 NVRAM for the Raspberry Pi 3 Model B * brcm: Add BCM43455 NVRAM for Raspberry Pi 3 B+ * linux-firmware: update Marvell USB8801 B0 firmware image * iwlwifi: update firmwares for 9000 series * cxgb4: update firmware to revision 1.22.9.0 ==== kimageformats ==== - Add ghostscript requirement to the -eps subpackage - Add patch to fix buffer overflows (boo#1123281): * 0001-Fix-various-OOB-reads-and-writes-in-kimg_tga-and-kim.patch - Split out the eps plugin into an independant subpackage (bsc#1117336) - Remove unnecessary ldconfig calls ==== kmail-account-wizard ==== Subpackages: kmail-account-wizard-lang - Remove unneeded Qt5WebKit BuildReq ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Disable antialiasing to fix appearance of bold lines (kde#401463): * 0001-Revert-fix-drawing-box-chars-avoid-storing-and-savin.patch * 0002-Revert-Antialias-line-drawing-characters.patch ==== libappindicator ==== - Changed the activate-support patch to signal an "activate-event" so users can create callbacks themselves. Original patch from Yichao Yu . ==== libblockdev ==== Version update (2.18 -> 2.20) Subpackages: libbd_btrfs2 libbd_crypto2 libbd_fs2 libbd_loop2 libbd_mdraid2 libbd_part2 libbd_swap2 libbd_utils2 libblockdev2 - Add pkgconfig(yaml-0.1) BuildRequires and pass with-vdo instead of without-vdo to configure, build vdo support. - Following the above, add new sub-packages libbd_vdo2 and libbd_vdo-devel, aswell as handle the new library in post(un). - Add pkgconfig(dbus-1) BuildRequires: Add missing BuildRequires, libblockdev needs dbus headerfiles during build, but configure does not check for it. - Update to version 2.20: + Fixes: - Fix parsing extra arguments for LVM methods calls in the LVM DBus plugin; - Multiple fixes for running tests on Debian testing. + Development: Vagrantfile template was added for easy development machine setup. - Changes from version 2.19: + Features: - vdo: new functions to get statistical data for existing VDO volumes (bd_vdo_get_stats); - crypto: support for passing extra arguments for key derivation function when creating LUKS2 format. ==== libcaca ==== - Cast intermediate results to 64 bits to prevent overflow of calculations with 32-bit quentities. [CVE-2018-20544, bsc#1120502, Bug1120502-add_cast_to_prevent_overflow.patch] - Fix the size of width and height to be of size_t rather than int in struct caca_dither. Re-using existing patch. [CVE-2018-20546, bsc#1120503, CVE-2018-20547, bsc#1120504, libcaca-variable-type.patch] - Fix the size of width and height to be of size_t rather than unsigned int which may be too small on 64 bit architectures. This fixes three CVS and associated bugs. [CVE-2018-20545, bsc#1120584, CVE-2018-20548, bsc#1120589, CVE-2018-20549, bsc#1120470, libcaca-variable-type.patch] ==== libcdio-paranoia ==== Version update (10.2+0.93+1 -> 10.2+2.0.0) Subpackages: libcdio_cdda2 libcdio_paranoia2 - version 10.2+2.0.0 (2019-01-26) * Now works with audio CD's that start on a track greater than 1. * typos in manual page and README * Do not attempt to call a NULL callback from mskamp - version 10.2+0.94+2 (2017-08-22) * Add --force-overread Force overreading into the lead-out portion of the disc. This option is only applicable when using the "-O" option with a positive sample offset value. Many drives are not capable of reading into this portion of the disc and attempting to do so on those drives will produce read errors and possibly hard lockups - version 10.2+0.94+1 (2017-03-25) * Fix problem where end of span seems to default to last track. * Fix NULL pointer dereference that occurs when byte swapping is needed. * Re-silence recently added gcc -Wunused-result warnings * Use @LIBS@ figured out by autoconf when linking (for -lrt on Linux). * Incorrect track was getting used in matching. - Added sig file along with keyring for source verification - Make use of %license macro - Adopted for change of README to README.md ==== libcontainers-common ==== - Restore non-upstream storage.conf, needed by CRI-O ==== libesmtp ==== - Use %license instead of %doc [bsc#1082318] ==== libgxps ==== Version update (0.3.0 -> 0.3.1) - Update to version 0.3.1: + Fix font scaling when converting xps to pdf. + Handle errors returned by archive_read_data in GXPSArchive. + Ensure gxps_archive_read_entry() fills the GError in case of failure. + Make the pdf generated by xpstopdf to be 96 dpi. + Fix OUTPUT FILE description in man pages. + Clear the GError before trying to load an image again in gxps_images_get_image(). + Fix integer overflow in png decoder. ==== libinput ==== Version update (1.12.5 -> 1.12.6) Subpackages: libinput-udev libinput10 - Update to new upstream release 1.12.6 * Two quirks for specific devices (Contour Roller Mouse and the Acer Spin 5), two little cleanups. ==== libjansson ==== Version update (2.11 -> 2.12) Subpackages: libjansson4 libjansson4-32bit - update to new upstream release 2.12 * Bug fixes: - Fix error message in `json_pack()` for NULL object (#409). - Avoid invalid memory read in `json_pack()` (#421). - Call va_end after va_copy in `json_vsprintf()` (#427). - Improve handling of formats with '?' and '*' in `json_pack()` (#438). - Remove inappropriate `jsonp_free()` which caused segmentation fault in error handling (#444). ==== libpng16 ==== Subpackages: libpng16-16 libpng16-16-32bit - fix arm build [bsc#1121829] + libpng-arm-free.patch - asan_build: build ASAN included - debug_build: build more suitable for debugging, install pngcp ==== libseccomp ==== - Use %license instead of %doc [bsc#1082318] ==== libstorage-ng ==== Version update (4.1.78 -> 4.1.84) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Swedish) - Translated using Weblate (Chinese (Taiwan)) - Translated using Weblate (Arabic) - Translated using Weblate (Dutch) - Translated using Weblate (French) - Translated using Weblate (German) - Translated using Weblate (Hungarian) - Translated using Weblate (Korean) - Translated using Weblate (Polish) - Translated using Weblate (Russian) - 4.1.84 - merge gh#openSUSE/libstorage-ng#610 - check for some storage signatures next to partition tables (bsc#1115807) - added unit test - increase patchlevel - updated pot and po files - 4.1.83 - merge gh#openSUSE/libstorage-ng#609 - added roles to class MdadmDetail - probe devices order for MD RAIDs (bsc#1083542) - extended documentation - check for duplicate entries in mockup files - updated pot and po files - added callback recorder for probe callbacks - probe sort-key for device of MD RAIDs - 4.1.82 - merge gh#openSUSE/libstorage-ng#608 - Throw better exceptions - 4.1.81 - merge gh#openSUSE/libstorage-ng#607 - Add support for probing Flash-only bcache - Adapt testsuite - Add test for Flash-only bcache probing - CompoundAction: add helper method - Adapt bcache formatter - Add tests - Add bcache doc - Update lib version - Add support for flash-only bcache (with ABI compatibility) - 4.1.80 - Translated using Weblate (Spanish) - 4.1.79 ==== libvirt ==== Version update (4.10.0 -> 5.0.0) Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - apparmor: add support for named profiles and convert libvirtd profile to a named profile 70c2933d-apparmor-named-profiles.patch, a3ab6d42-apparmor-conv-libvirtd-named-profile.patch boo#1118952 - libxl: save current memory value after successful balloon 11c8aca9-libxl-set-mem-after-balloon.patch bsc#1120813 - Noun phrase for %description doc. - Remove idempotent %if..%endif pair around %package bash-completion. - Reduce hard requirements on bash-c and documentation. - Enable bash completion in Leap15/SLE15 and newer - Update to libvirt 5.0.0 - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Remove UML hypervisor driver - Dropped patches: de09ae2f-libxl-support-openvswitch.patch, 0a1b5653-xenconfig-support-openvswitch.patch - FATE#320928, FATE#325817, FATE#326380, FATE#326698 ==== libxml2 ==== Version update (2.9.8 -> 2.9.9) Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools - Version update to 2.9.9: * Security: + CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA decompression (boo#1088279 boo#1105166). + CVE-2018-14404 Fix nullptr deref with XPath logic ops (boo#1102046). * Bug fixes: + Fix building relative URIs + Problem with data in interleave in RelaxNG validation + Fix memory leak in xmlSwitchInputEncodingInt error path + Set doc on element obtained from freeElems + Fix HTML serialization with UTF-8 encoding + Use actual doc in xmlTextReaderRead*Xml + Unlink node before freeing it in xmlSAX2StartElement + Check return value of nodePush in xmlSAX2StartElement + Free input buffer in xmlHaltParser + Reset HTML parser input pointers on encoding failure + Fix xmlSchemaValidCtxtPtr reuse memory leak + Fix xmlTextReaderNext with preparsed document + HTML noscript should not close p + Don't change context node in xmlXPathRoot * Improvements: + Remove redefined starts and defines inside include elements + Allow choice within choice in nameClass in RELAX NG + Look inside divs for starts and defines inside include + Add newlines to 'xmllint --xpath' output + Don't include SAX.h from globals.h + Support xmlTextReaderNextSibling w/o preparsed doc + Improve restoring of context size and position + Simplify and harden nodeset filtering + Avoid unnecessary backups of the context node + Fix inconsistency in xmlXPathIsInf ==== llvm ==== Version update (7.0.0 -> 7.0.1) - Update to llvm 7.0.1 * This release contains bug-fixes for the LLVM 7.0.0 release. This release is API and ABI compatible with 7.0.0. ==== llvm7 ==== Version update (7.0.0 -> 7.0.1) Subpackages: clang7 libLLVM7 libLTO7 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang7 libomp7-devel - Update to llvm 7.0.1 * This release contains bug-fixes for the LLVM 7.0.0 release. This release is API and ABI compatible with 7.0.0. ==== man-pages-posix ==== - Supplement man-pages, not man. - supplements man [bsc#1116987] ==== mercurial ==== Version update (4.8.2 -> 4.9) Subpackages: mercurial-lang - Mercurial 4.9 This is a regularly-scheduled quarterly feature release. See complete changelog at https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29 * Security Fixes It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository. This has been fixed. Users on older versions can either disable subrepositories with ``` [subrepos] allowed = false ``` in their configuration or by ensuring any cloned repositories don't contain malicious symlinks. * New Features + 'hg histedit' will now present a curses UI if curses is available and 'ui.interface' or 'ui.interface.histedit' is set to 'curses'. + The 'sparse-revlog' delta strategy is enabled by default for new repositories. See `hg help config.format.sparse-revlog` for details. * Other Notable Features + New `rewrite.update-timestamp=True` option to update the commit timestamp on history editing (e.g. amend.) + New `ui.message-output=stderr` option for scripting, which prevents status messages from interleaved. + New `rootglob:` filename pattern for a glob that is rooted at the root of the repository. See `hg help patterns` and `hg help hgignore` for details. + Some more reimplementation of ancestry algorithms in Rust for better performance. * Backwards Compatibility Changes + Boolean options passed to the logtoprocess extension are now formatted as "0" or "1" instead of "None", "False", or "True". + The logtoprocess extension no longer supports invalid "ui.log()" arguments. A log message is always formatted and passed in to the "$MSG1" environment variable. * Internal API Changes + Status messages may be sent to a dedicated stream depending on configuration. Don't use "ui.status()", etc. as a shorthand for conditional writes. Use "ui.write()" for data output. + Add 'exthelper' class to simplify extension writing by allowing functions, commands, and configitems to be registered via annotations. The previous APIs are still available for use. + The extension hook "extsetup" without a 'ui' argument has been deprecated, and will be removed in the next version. Add a 'ui' argument to avoid the deprecation warning. ==== metis ==== - Remove dependency to a non-existing module package for HPC. ==== mozilla-nss ==== Version update (3.40.1 -> 3.41.1) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - update to NSS 3.41.1 * (3.41) required by Firefox 65.0 New functionality * Implemented EKU handling for IPsec IKE. (bmo#1252891) * Enable half-closed states for TLS. (bmo#1423043) * Enabled the following ciphersuites by default: (bmo#1493215) TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_GCM_SHA384 Notable changes * The following CA certificates were added: CN = Certigna Root CA CN = GTS Root R1 CN = GTS Root R2 CN = GTS Root R3 CN = GTS Root R4 CN = UCA Global G2 Root CN = UCA Extended Validation Root * The following CA certificates were removed: CN = AC Raíz Certicámara S.A. CN = Certplus Root CA G1 CN = Certplus Root CA G2 CN = OpenTrust Root CA G1 CN = OpenTrust Root CA G2 CN = OpenTrust Root CA G3 Bugs fixed * Reject empty supported_signature_algorithms in Certificate Request in TLS 1.2 (bmo#1412829) * Cache side-channel variant of the Bleichenbacher attack (bmo#1485864) (CVE-2018-12404) * Resend the same ticket in ClientHello after HelloRetryRequest (bmo#1481271) * Set session_id for external resumption tokens (bmo#1493769) * Reject CCS after handshake is complete in TLS 1.3 (bmo#1507179) * Add additional null checks to several CMS functions to fix a rare CMS crash. (bmo#1507135, bmo#1507174) (3.41.1) - removed obsolete patches nss-disable-ocsp-test.patch ==== nbd ==== Version update (3.17 -> 3.18) - Update to version 1.18.0: * Client: Add the "-g" option to avoid even trying the NBD_OPT_GO message * Server: fixes to inetd mode * Don't make gnutls and libnl automagic. * Server: bugfixes in handling of some export names during verification. * Server: clean supplementary groups when changing user. * Client: when using the netlink protocol, only set a timeout when there actually is a timeout, rather than defaulting to 0 seconds * Improve documentation on the nbdtab file * Minor improvements to some error messages * Improvements to test suite so it works better on non-GNU userland environments - Refresh 0001_fix_setgroup.patch ==== nftables ==== Subpackages: libnftables0 - Remove unused dblatex BuildRequires, only needed for the optional and disabled PDF generation (same contents as shipped manpage). ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Merged latest upstream commits to get needed fix: * Fix output for iscsiadm node/iface print level P1 (needed for bsc#1122938) * Updated iscsiadm man page: add "onboot" handling. Updating: * open-iscsi-SUSE-latest.diff.bz2 - Update SPEC file to allow %_libdir macro to override LIB_DIR when building or installing - Update SPEC file to use %license macro for COPYING file so that it gets delivered when when other docs are excluded (bsc#1121877) ==== openconnect ==== Version update (7.08 -> 8.02) Subpackages: openconnect-lang - Update to 8.02: * Fix GNU/Hurd build. * Discover vpnc-script in default packaged location on FreeBSD/OpenBSD. * Support split-exclude routes for GlobalProtect. * Fix GnuTLS builds without libtasn1. * Fix DTLS support with OpenSSL 1.1.1+. * Add Cisco-compatible DTLSv1.2 support. * Invoke script with reason=attempt-reconnect before doing so. - Update to 8.01: * Clear form submissions (which may include passwords) before freeing (CVE-2018-20319). * Allow form responses to be provided on command line. * Add support for SSL keys stored in TPM2. * Fix ESP rekey when replay protection is disabled. * Drop support for GnuTLS older than 3.2.10. * Fix --passwd-on-stdin for Windows to not forcibly open console. * Fix portability of shell scripts in test suite. * Add Google Authenticator TOTP support for Juniper. * Add RFC7469 key PIN support for cert hashes. * Add protocol method to securely log out the Juniper session. * Relax requirements for Juniper hostname packet response to support old gateways. * Add API functions to query the supported protocols. * Verify ESP sequence numbers and warn even if replay protection is disabled. * Add support for PAN GlobalProtect VPN protocol (--protocol=gp). * Reorganize listing of command-line options, and include information on supported protocols. * SIGTERM cleans up the session similarly to SIGINT. * Fix memset_s() arguments. * Fix OpenBSD build. - Explicitely enable all the features as needed to stop build if something is missing - Run tests - Folow the library packaging guidelines ==== openssh ==== Subpackages: openssh-helpers - Remove old conditionals - Move ssh-ldap* man pages into openssh-helpers [bsc#1051531] - Allow root login by default [bsc#1118114, bsc#1121196] * Added/updated previous patch openssh-7.7p1-allow_root_password_login.patch * Mention the change in README.SUSE - Added SLE conditionals in the spec files: * Keep gtk2-devel in openssh-askpass-gnome in SLE * Keep krb5-mini-devel in SLE - Removed obsolete configure options: * SSH protocol 1 --with-ssh1 * Smart card --with-opensc - Cleaned spec file with spec-cleaner ==== perl-Inline ==== Version update (0.80 -> 0.81) - updated to 0.81 see /usr/share/doc/packages/perl-Inline/Changes ==== perl-JSON ==== Version update (4.00 -> 4.01) - updated to 4.01 see /usr/share/doc/packages/perl-JSON/Changes 4.01 2019-01-21 - added boolean function/method that takes a scalar value and returns a boolean value (David Cantrell) ==== pfstools ==== Subpackages: libpfs2 pfscalibration pfstmo - Correct pfstools-fix-libpfs-linkage.patch * Fix broken octave binary modules - mkoctfile does not specify - Wl,--no-undefined, and modules fail at runtime: ".../pfsget.oct: undefined symbol: _ZN3pfs5DOMIOD1Ev" * Fix random parallel build failures due to missing make dependency ==== postfix ==== Subpackages: postfix-doc - rework postfix-main.cf.patch * disable virtual_alias_domains cause (default: $virtual_alias_maps) - rework config.postfix * disable PCONF of virtual_alias_domains virtual_alias_maps will be set anyway to the correct value * extend virtual_alias_maps with - mysql_virtual_alias_domain_maps.cf - mysql_virtual_alias_domain_catchall_maps.cf - rework postfix-mysql, added * mysql_virtual_alias_domain_maps.cf * mysql_virtual_alias_domain_catchall_maps.cf needed for reject_unverified_recipient ==== protobuf ==== Subpackages: libprotobuf-lite17 libprotobuf17 - Add protobuf-source package - some programs using gRPC and protobuf need protobuf definitions which are included inside the source code, but are not included in the devel package. ==== python-libvirt-python ==== Version update (4.10.0 -> 5.0.0) - Update to 5.0.0 - Add all new APIs and constants in libvirt 5.0.0 - FATE#320928, FATE#325817, FATE#326380, FATE#326698 ==== python-libxml2-python ==== Version update (2.9.8 -> 2.9.9) - Version update to 2.9.9: * Security: + CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA decompression. + CVE-2018-14404 Fix nullptr deref with XPath logic ops. * Bug fixes: + Fix building relative URIs + Problem with data in interleave in RelaxNG validation + Fix memory leak in xmlSwitchInputEncodingInt error path + Set doc on element obtained from freeElems + Fix HTML serialization with UTF-8 encoding + Use actual doc in xmlTextReaderRead*Xml + Unlink node before freeing it in xmlSAX2StartElement + Check return value of nodePush in xmlSAX2StartElement + Free input buffer in xmlHaltParser + Reset HTML parser input pointers on encoding failure + Fix xmlSchemaValidCtxtPtr reuse memory leak + Fix xmlTextReaderNext with preparsed document + HTML noscript should not close p + Don't change context node in xmlXPathRoot * Improvements: + Remove redefined starts and defines inside include elements + Allow choice within choice in nameClass in RELAX NG + Look inside divs for starts and defines inside include + Add newlines to 'xmllint --xpath' output + Don't include SAX.h from globals.h + Support xmlTextReaderNextSibling w/o preparsed doc + Improve restoring of context size and position + Simplify and harden nodeset filtering + Avoid unnecessary backups of the context node + Fix inconsistency in xmlXPathIsInf - Add libxml2-python3-string-null-check.patch: fix NULL pointer dereference when parsing invalid data (bsc#1065270 glgo#libxml2!15).). ==== python-setuptools ==== Version update (40.6.3 -> 40.7.2) Subpackages: python2-setuptools python3-setuptools - update to version 40.7.2: * #1666: Restore port in URL handling in package_index. - changes from version 40.7.1: * #1660: On Python 2, when reading config files, downcast options from text to bytes to satisfy distutils expectations. - changes from version 40.7.0: * #1551: File inputs for the license field in setup.cfg files now explicitly raise an error. * #1180: Add support for non-ASCII in setup.cfg (#1062). Add support for native strings on some parameters (#1136). * #1499: setuptools.package_index no longer relies on the deprecated urllib.parse.splituser per Python #27485. * #1544: Added tests for PackageIndex.download (for git URLs). * #1625: In PEP 517 build_meta builder, ensure that sdists are built as gztar per the spec. ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-vgabios qemu-x86 - Increase memory needed to build qemu-testsuite for ppc* arch's in _constraints file - Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0057-s390x-Return-specification-exceptio.patch - Fix OOB issue in slirp (CVE-2019-6778 bsc#1123156) 0056-slirp-check-data-length-while-emula.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 - Fix ipxe GCC 9 incompatibilities (bsc#1121464) ipxe-efi-Simplify-diagnostic-for-NULL-handle.patch ipxe-build-Disable-gcc-address-of-packed-member-warning.patch - Tweak Xen interface to be compatible with upcoming v4.12 Xen 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0054-linux-user-make-pwrite64-pread64-fd.patch (bsc#1121600) - Clarify that move to include v3.1.0 in qemu package corresponds with fate#327089, which of course builds on v3.0.0 mentioned previously, and that among other patches which this change obsoletes (because functionality is included in base version) I will mention one pointed out by reviewers: 0094-s390x-cpumodels-add-z14-Model-ZR1.patch ==== qemu-linux-user ==== - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0057-s390x-Return-specification-exceptio.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0056-slirp-check-data-length-while-emula.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch - Fix pwrite64/pread64 to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600) 0054-linux-user-make-pwrite64-pread64-fd.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 ==== rebootmgr ==== Version update (0.17 -> 0.18) - Update to version 0.18 - allow to compile without etcd support ==== rubygem-rails-5.2 ==== - Fix bsc#1102075 by readding recommends ==== sysconfig ==== Version update (0.85.0 -> 0.84.3) Subpackages: sysconfig-netconfig - version 0.84.3 - netconfig: change policy to permit non-NM settings (bsc#1079793) As requested and approved by NetworkManager maintainer, the 'auto' policy permits now also per interface settings provided by other services when NetworkManager is enabled. That is, the auto policy resolving has been changed from "STATIC_FALLBACK NetworkManager" to "STATIC_FALLBACK * NetworkManager". - Use %license instead of %doc [bsc#1082318] - version 0.84.2 - spec: revert change to use _fillupdir in update hook from < 0.80 - merged fixes of the the fillup templates logic and macro in configure.ac by Marcus Meissner - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Make /etc/ppp owned by root:root. The group dialout usage is no longer used. - version 0.84.1 - netconfig: cleanup tmp files (boo#1010760) When /var/run/ntp/servers-netconfig has been modified externaly, don't try to backup or keep tmp files to show what we would do. - netconfig: improve input check for duplicate keys (bsc#1009801) - Remove requires for not needed insserv (bsc#999850) - version 0.84.0 - netconfig: intoduced a batch mode (bsc#989741) It permits to preform multiple modify/remove operations and call the effective update at the end of the batch. - netconfig: use ntpq, as ntpdc is deprecated (bsc#894889), lower sleep lock wait granularity and fix NTP_KEYS parsing - Drop the omc svcinfo data as they are not used anymore - Run spec-cleaner to remove few obsolete things - Drop cvs helper files as we are in git - Rename configure.in to configure.ac - Add a blacklist entry for the ACPI power meter driver (bnc#974373) - version 0.83.9 - ppp: install refactored ip-up and related scripts (bsc#865573) - removed patches shipped inside of the source archive [- 0001-dhcp-network-variables-for-dhcp4-user-class.909307.patch] [- 0002-netconfig-use-ntpd.service-on-13.2-boo-930309.patch] - netconfig: use ntpd.service on >13.1 (boo#930309) [+ 0002-netconfig-use-ntpd.service-on-13.2-boo-930309.patch] - sysconfig-netconfig requires /bin/logger, otherwise the following happens: linux.site wickedd[31]: /etc/sysconfig/network/scripts/functions.netconfig: line 44: logger: command not found - dhcp: add variables for handling of DHCPv4 user-class (bsc#909307) [+ 0001-dhcp-network-variables-for-dhcp4-user-class.909307.patch] - version 0.83.8 - netconfig: use domain name from hostname (bnc#912891) When there is no dns domain or search list provided (by dhcp), but a hostname as FQDN, use it's domain for /etc/resolv.conf search list. - netconfig: merge NetworkManager settings on -m (bnc#900982) - rpm: kill all NetworkManager child processes on migration Before we stop (the always running) NetworkManager.service, ensure to kill all (child) processes when migrating from the NETWORKMANAGER=no variable (bnc#895447). ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Switch websocket dependency to python3. (bsc#1119737) - Do not build xorg-x11-Xvnc-module on s390. It fails to build because macros.xorg-server is incomplete on s390 and the module would be useless without real X server anyway. ==== traceroute ==== Version update (2.0.21 -> 2.1.0) - Trim time-sensitive wording from description. - fix undefined reference to "ceil", some compiler versions do not optimize-out or inline ceil, but anyways libm is required. - Update to version 2.1.0 * Implement -w MAX_SECS,HERE,NEAR option * Provide tcptraceroute * Improve the main loop for better interactivity. ==== udisks2 ==== Version update (2.7.8 -> 2.8.1) Subpackages: libudisks2-0 libudisks2-0_btrfs udisks2-lang - Update to version 2.8.1: + Mostly bugfixes. - Changes from version 2.8.0: + Introduce a new VDO module that is built on top of libblockdev-vdo. + General bugfixes. + Support creating LUKS 2 encrypted devices and other LUKS-related enhancements. - Add explicit libblockdev-lvm-dbus-devel BuildRequires: Previously pulled in implicitly. ==== valgrind ==== - Fix POWER9 addex instruction emulation (bsc#1121025). 0001-Bug-402519-POWER-3.0-addex-instruction-incorrectly-i.patch ==== wget ==== - Use pcre2 - Make building more verbose ==== xorg-x11-server ==== Subpackages: xorg-x11-server-extra xorg-x11-server-sdk xorg-x11-server-wayland - get rid of meta packages still requiring/recommending obsolete drivers packages (boo#1121525) - provide/obsolete no longer existing xf86-video-ast, xf86-video-cirrus on sle15 (bsc#1120282) ==== xrx ==== - Drop conditional pkgconfig(npapi-sdk) BuildRequires: npapi-sdk is dead upstream and not comming back. ==== xterm ==== Version update (342 -> 343) Subpackages: xterm-bin - Patch #343 * modify run-tic.sh to prefer ncurses6 over ncurses5 * add COPYING file and dummy "check" makefile * update tables of combining and ambiguous-width chars in wcwidth.c * modify xtemr-new sample terminfo entry to correspond to ncurses 6.1 * improve documentation for deleteIsDEL resource * modify logic for TrueType fallback fonts to match the sort-order used by fc-match ==== xtermset ==== - Modernise spec file ==== yast2-apparmor ==== Version update (4.1.5 -> 4.1.7) - Implemented "changes" dialog for "scan audit logs" (bsc#1120043) - Properly line up radio buttons - Allow to translate "OK" button - 4.1.7 - Permit new aa-status parser also for one earlier aa-status version (bsc#1123258) - 4.1.6 ==== yast2-bootloader ==== Version update (4.1.13 -> 4.1.14) - Fit the "Boot Code Options" tab to full width even when there only is the BootLoader selector (bsc#1120793) - 4.1.14 ==== yast2-control-center ==== Version update (4.1.4 -> 4.1.5) Subpackages: yast2-control-center-qt - Enable HiDPI pixmaps (bsc#1109602) - 4.1.5 ==== yast2-firstboot ==== Version update (4.1.3 -> 4.1.4) - Add integration with the yast2-configuration-management module (fate#322722). - 4.1.4 ==== yast2-installation ==== Version update (4.1.34 -> 4.1.35) - Copying SSH keys from a privious installation into the new one: Set the right file permissions for the SSH deamon (bnc#1122303). - 4.1.35 - remove no longer used SCR agents without replacement: sysconfig.boot, sysconfig.fam, etc.passwd and install_inf workarounds for aliases and options - remove no longer used clients: - inst_ask_online_update replaced by registration for SLE and online_repos for openSUSE. - inst_check_autoinst_mode dropped without replacement. Floppy support was dropped. - inst_scenarios replaced by system roles. - update_wizard_steps replaced by direct call of code without client ==== yast2-network ==== Version update (4.1.34 -> 4.1.36) - bnc#1123102 - do not crash with internal error when no hostname is set when submitting device with static configuration - 4.1.36 - bsc#112952 - Try to install the wireless-tools package when the package is not installed and the wifi networks are scanned. - 4.1.35 ==== yast2-packager ==== Version update (4.1.24 -> 4.1.25) - Change wording of the popup that asks to enable online repos (related to bsc#1112937). - 4.1.25 ==== yast2-schema ==== Version update (4.1.1 -> 4.1.3) - Added yast2-tftp-server for autobuild (bsc#1123830). - 4.1.3 - Add dependency on yast2-configuration-management (fate#322722). - 4.1.2 ==== yast2-services-manager ==== Version update (4.1.11 -> 4.1.12) - Includes the associated socket status, if applicable, as part of the service details (bsc#119276) - 4.1.12 ==== yast2-storage-ng ==== Version update (4.1.48 -> 4.1.50) - Partitioner: properly show Flash-only Bcache devices. - Part of fate#325346. - 4.1.50 - do not show hint for details button if button does not exist (bsc#1115807) - 4.1.49 ==== yast2-tftp-server ==== Version update (4.1.6 -> 4.1.7) - Added X-SuSE-YaST-AutoInstSchema to desktop file (bsc#1123830). - 4.1.7 ==== yast2-theme ==== Version update (4.1.8 -> 4.1.9) Subpackages: yast2-theme-oxygen - Add Breeze pattern icons (boo#971671) ==== yast2-trans ==== Version update (84.87.20190119.79f0258829 -> 84.87.20190201.2c07938cca) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en yast2-trans-en_GB yast2-trans-en_US yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20190201.2c07938cca: * New POT for text domain 'storage'. * New POT for text domain 'network'. * New POT for text domain 'control'. * New POT for text domain 'packager'. * New POT for text domain 'configuration_management'. * New POT for text domain 'autoinst'. * New POT for text domain 'apparmor'. * New POT for text domain 'services-manager'. * New POT for text domain 'network'. * New POT for text domain 'control'. * New POT for text domain 'configuration_management'. * New POT for text domain 'bootloader'. * Translated using Weblate (Korean) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) - Update to version 84.87.20190128.73cbc87032: * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (French) * Translated using Weblate (Albanian) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Polish) * Translated using Weblate (Japanese) * Translated using Weblate (Italian) * Translated using Weblate (Hungarian) * Translated using Weblate (French) * Translated using Weblate (Dutch) * Translated using Weblate (Danish) * Translated using Weblate (Czech) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Catalan) * Translated using Weblate (Arabic) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (French) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Arabic) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (German) * Translated using Weblate (Dutch) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Arabic) * Translated using Weblate (Hungarian) * Translated using Weblate (French) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (French) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (French) * Translated using Weblate (Spanish) * Translated using Weblate (Slovak) * Translated using Weblate (Polish) * Translated using Weblate (French) * Translated using Weblate (Arabic) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (Albanian) * Translated using Weblate (Polish) * Translated using Weblate (Albanian) * Translated using Weblate (Spanish) * Translated using Weblate (Slovak) * Translated using Weblate (French) * Translated using Weblate (Albanian) * Translated using Weblate (Spanish) * Translated using Weblate (Polish) * Translated using Weblate (Hungarian) * Translated using Weblate (Arabic) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (French) * Translated using Weblate (French) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * New POT for text domain 'registration'. * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (Taiwan)) * Translated using Weblate (Chinese (Taiwan)) * New POT for text domain 'apparmor'. * Consistently use LF line ending * Translated using Weblate (Hungarian) * Translated using Weblate (Italian) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (German) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Polish) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (Hungarian) * Translated using Weblate (German) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Hungarian) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Spanish) * Translated using Weblate (Korean) * Translated using Weblate (Italian) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Spanish) * Translated using Weblate (Hungarian) * Translated using Weblate (Arabic) * Translated using Weblate (Russian) * New POT for text domain 'network'. * New POT for text domain 'firewall'. * Translated using Weblate (German) * New POT for text domain 'network'. * Translated using Weblate (Italian) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Kabyle) * Translated using Weblate (Danish) * Translated using Weblate (Spanish) * Translated using Weblate (Japanese) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Danish) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Spanish) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (German) * Translated using Weblate (Danish) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Spanish) * Translated using Weblate (German) * Translated using Weblate (Danish) * Translated using Weblate (Slovak) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Japanese) * Translated using Weblate (German) * Translated using Weblate (Dutch) * Translated using Weblate (Danish) * Translated using Weblate (Czech) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Catalan) * Translated using Weblate (Slovak) * Translated using Weblate (German) * Translated using Weblate (German) ==== zsh ==== Version update (5.6.2 -> 5.7.1) - Update to version 5.7.1 * This release contains fixes for the two regressions reported with VCS_Info and prompt colour sequences. - Update to version 5.7 * Support for 24-bit true color terminals has been added. Hex triplets can be used when specifying colours for prompts and line editor highlighting. On 88 and 256 colour terminals, a new zsh/nearcolor module allows colours specified with hex triplets to be matched against the nearest available colour. * The zsh/datetime module's strftime builtin now accepts an argument specifying the nanoseconds time component; both arguments can be omitted to use the current time.