Packages changed: NetworkManager-applet (1.16.0 -> 1.18.0) NetworkManager-branding-openSUSE audacity (2.4.1 -> 2.4.2) baobab (3.34.0 -> 3.34.1) clazy (1.6 -> 1.7) desktop-translations (84.87.20200514.83985bf7 -> 84.87.20200630.124e7a8c) dhcp flatpak (1.6.3 -> 1.6.4) gnome-builder (3.36.0 -> 3.36.1) graphene (1.10.0 -> 1.10.2) gssdp (1.2.2 -> 1.2.3) gtk3 (3.24.20 -> 3.24.21) gtksourceview4 (4.6.0 -> 4.6.1) guile (3.0.2 -> 3.0.4) gupnp (1.2.2 -> 1.2.3) lame libnma (1.8.28 -> 1.8.30) libreoffice mozilla-nss (3.52.1 -> 3.53.1) perl-Mojolicious (8.55 -> 8.56) pipewire (0.3.5 -> 0.3.6) plasma5-workspace postfix (3.5.3 -> 3.5.4) python-SQLAlchemy (1.3.17 -> 1.3.18) python-networkx python-py (1.8.1 -> 1.9.0) python-rpm-macros (20200529.b301e36 -> 20200625.e862151) rpm rubygem-diff-lcs (1.3 -> 1.4.2) speech-dispatcher sysfsutils vulkan-loader (1.2.141 -> 1.2.145) === Details === ==== NetworkManager-applet ==== Version update (1.16.0 -> 1.18.0) Subpackages: NetworkManager-applet-lang NetworkManager-connection-editor - Update to version 1.18.0: + Enable build with appindicator by default. + Add WireGuard support to the editor. + Support OWE (Opportunistic Wireless Encryption) in the editor. + Fix crash when disposing VPN secret dialog. - Switch to using tarball release, drop usage of source service. ==== NetworkManager-branding-openSUSE ==== - Also fix variable expansion in %description (boo#1172773). ==== audacity ==== Version update (2.4.1 -> 2.4.2) Subpackages: audacity-lang audacity-plugins - Update to 2.4.2, now uses cmake to build. - Create lame.pc in spec file. - Remove audacity-implicit-fortify-decl.patch and audacity-flacversion.patch, fixed upstream - Add two more false positives to audacity-no_return_in_nonvoid.patch - Upstream changes: * Over 30 bugs fixed since 2.4.1 * A new command has been added to the Tools menu: Tools > Reset Configuration. * Audacity now supports LAME's gapless playback info, allowing MP3s to be exported and imported without additional padding. ==== baobab ==== Version update (3.34.0 -> 3.34.1) Subpackages: baobab-lang - Update to version 3.34.1: + Backported bugfixes (network locations blocking the UI). + Updated translations. ==== clazy ==== Version update (1.6 -> 1.7) - Update to 1.7: * New Checks: - overloaded signal - invalid JNI signatures - qstring-comparison-to-implicit-char - qt6-qlatin1string-to-u * connect-non-signal: Fix case where it didn't find the pmf * qstring-arg warns when using QLatin1String::arg(int), as it casts to QChar * Building clazy itself is 30% faster * heap-allocated-small-trivial-type: less false-positives - Drop patches merged upstream: * cmake-clang-cpp.patch * 0001-Fix-build-issues-using-llvm-10.0.0.patch * 0001-qstring-allocations-Fix-unit-tests-with-llvm-10.patch ==== desktop-translations ==== Version update (84.87.20200514.83985bf7 -> 84.87.20200630.124e7a8c) - Update to version 84.87.20200630.124e7a8c: * Drop obsolete mimelnk files (boo#1062631). * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Spanish) * Translated using Weblate (Russian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Catalan) * Translated using Weblate (Swedish) * Translated using Weblate (Spanish) ==== dhcp ==== Subpackages: dhcp-client dhcp-relay dhcp-server - The server package still requires insserv-compat: the .service files only call out to legacy sysv init scripts that are still sourcing /etc/rc.status (boo#1173440). ==== flatpak ==== Version update (1.6.3 -> 1.6.4) Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0 - Update to version 1.6.4: + This release backports some of the OCI authenticator fixes from the 1.7 series, and should now be able to host flatpak images on e.g. docker hub. + Other changes: - Fix a use-after free in libflatpak. - Don't list p2p downgrades in list of available updates. ==== gnome-builder ==== Version update (3.36.0 -> 3.36.1) Subpackages: gnome-builder-doc gnome-builder-lang gnome-builder-plugin-jedi gnome-builder-plugin-jhbuild - Update to version 3.36.1: + Numerous bug fixes + Updated templates including Rust + Improved C++ detection and usage in clang support + LSP improvements + Snippets improvemnts + Improve fusermount support + Improve bubble drawing in editor + Fix buffer management when renaming files + Use :: as a trigger for completion in C++ + Scroll to insert location after reloading a file + Improve support for project directories outside of $HOME + Updated translations. ==== graphene ==== Version update (1.10.0 -> 1.10.2) Subpackages: libgraphene-1_0-0 typelib-1_0-Graphene-1_0 - Update to version 1.10.2: + Disable SSE on 32bit builds on Windows with MSVC + Add more documentation on the conventions used by matrix operations + Fix Euler angles/matrix conversion + Various bugs fixed. ==== gssdp ==== Version update (1.2.2 -> 1.2.3) - Update to version 1.2.3: + Prevent crash if client is not initialized + Fix critical if network device does not exists + Fix ::1 multicast + client. Add getter for network mask ==== gtk3 ==== Version update (3.24.20 -> 3.24.21) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Update to version 3.24.21: + Wayland: - Prevent crashes with offscreen windows. - Handle disorderly tablet/pad disconnects. + GtkFileChooser: - Translate the type column. - Add a tracker3 search engine. - Rate-limit trash monitoring. - Make get_filter work for native chooser. + GtkGLArea: Fix a redraw problem. + GtkScrolledWindow: Fix kinetic scrolling. + Add a gtk-cursor-aspect-ratio setting. + GDK: - Improve frame clock smoothness. - Fix frame clock monotonicity. + Adwaita: Improve notebook tab legibility. + Updated translations. ==== gtksourceview4 ==== Version update (4.6.0 -> 4.6.1) Subpackages: gtksourceview4-lang libgtksourceview-4-0 typelib-1_0-GtkSource-4 - Update to version 4.6.1: + Fix various G-I annotations + Improve draw-spaces coloring in solarized-light + javascript.lang: Performance improvements + c.lang: Fixes for #include preprocessor + sql.lang: Language completeness improvements + latex.lang: additional keywords + sh.lang: improved parameter expansion + yara.lang: initial support for YARA + Updated translations. ==== guile ==== Version update (3.0.2 -> 3.0.4) Subpackages: guile-modules-3_0 libguile-3_0-1 - guile 3.0.4: * SONAME fix (relative to 3.0.3) - includes changes from 3.0.3: * New baseline compiler * New VM intrinsics to support baseline compiler * Compiler support for warning and lowering passes * Compiler support for choosing different compilation orders * Better support for specifying optimization and warning levels * Faster Guile build from source * New 'pipeline' procedure in (ice-9 popen) * Refreshed bitvector facility * New bitvector-count, bitvector-count-bits, bitvector-position procedures * New bitvector-bit-set?, bitvector-bit-clear? procedures * New bitvector-set-bit!, bitvector-clear-bit! procedures * New bitvector-set-all-bits!, bitvector-clear-all-bits! procedures * New bitvector-flip-all-bits! procedure * New bitvector-set-bits!, bitvector-clear-bits! procedures * various bug fixes * deprecations: Old bitvector interfaces, accessing generic arrays using the bitvector procedures, scm_istr2bve ==== gupnp ==== Version update (1.2.2 -> 1.2.3) - Update to version 1.2.3: + Requires GSSDP 1.2.3 + Always build the gupnp-binding-tool manpage + Fix static linking issue caused by libguul subproject + Add mitigations for CVE-2020-12695 + Implement UDA 2.0 April 17 2020 Addendum ==== lame ==== Subpackages: libmp3lame0 - Create pkgconfig file. ==== libnma ==== Version update (1.8.28 -> 1.8.30) Subpackages: libnma-lang libnma0 typelib-1_0-NMA-1_0 - Update to version 1.8.30: + Properly dispose wireless security objects. + Don't clear the key when users set a non-pkcs12 certificate in the certificate chooser UI. + Added missing VAPI macro file. - Drop libnma-fix-segment-fault.patch: Fixed upstream. ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-base-drivers-firebird libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update SUSE.soc bsc#1173471 to match up current SUSE branding colors ==== mozilla-nss ==== Version update (3.52.1 -> 3.53.1) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - add FIPS mode patches from SLE stream nss-fips-aes-keywrap-post.patch nss-fips-approved-crypto-non-ec.patch nss-fips-cavs-dsa-fixes.patch nss-fips-cavs-general.patch nss-fips-cavs-kas-ecc.patch nss-fips-cavs-kas-ffc.patch nss-fips-cavs-keywrap.patch nss-fips-cavs-rsa-fixes.patch nss-fips-combined-hash-sign-dsa-ecdsa.patch nss-fips-constructor-self-tests.patch nss-fips-detect-fips-mode-fixes.patch nss-fips-dsa-kat.patch nss-fips-gcm-ctr.patch nss-fips-pairwise-consistency-check.patch nss-fips-rsa-keygen-strictness.patch nss-fips-tls-allow-md5-prf.patch nss-fips-use-getrandom.patch nss-fips-use-strong-random-pool.patch nss-fips-zeroization.patch nss-fix-dh-pkcs-derive-inverted-logic.patch - update to NSS 3.53.1 * required for Firefox 78 * CVE-2020-12402 - Use constant-time GCD and modular inversion in MPI. (bmo#1631597, bsc#1173032) - Add ppc-old-abi-v3.patch as per upstream bug https://bugzilla.mozilla.org/show_bug.cgi?id=1642174 - update to NSS 3.53 Notable changes * SEED is now moved into a new freebl directory freebl/deprecated bmo#1636389 * SEED will be disabled by default in a future release of NSS. At that time, users will need to set the compile-time flag (bmo#1622033) to disable that deprecation in order to use the algorithm. * Algorithms marked as deprecated will ultimately be removed * Several root certificates in the Mozilla program now set the CKA_NSS_SERVER_DISTRUST_AFTER attribute, which NSS consumers can query to further refine trust decisions. (bmo#1618404, bmo#1621159). If a builtin certificate has a CKA_NSS_SERVER_DISTRUST_AFTER timestamp before the SCT or NotBefore date of a certificate that builtin issued, then clients can elect not to trust it. ==== perl-Mojolicious ==== Version update (8.55 -> 8.56) - updated to 8.56 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.56 2020-06-19 - Fixed a bug that prevented "% end, begin" to work in Mojo::Template. (jberger) ==== pipewire ==== Version update (0.3.5 -> 0.3.6) Subpackages: libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.6: * Extensive memory leak fixing and stress testing was done. A big leak in screen sharing with DMA-BUF was fixed. * Compile fixes * Stability improvements in jack and pulseaudio layers. * Added the old portal module to make the Camera portal work again. This will be moved to the session manager in future versions. * Improvements to the GStreamer source and sink shutdown. * Fix compatibility with v2 clients again when negotiating buffers. - Disable vulkan if the vulkan package is too old (as in SLE 15 SP0 and SP1) - Add patch to build with meson >= 0.46.0 since 0.50.0 is not really needed: * fix-meson-required-version.patch ==== plasma5-workspace ==== Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Add patch to speed up artwork shader compilation in VMs (boo#1172763): * 0001-mediacontroller-Use-half-the-samples-for-better-perf.patch ==== postfix ==== Version update (3.5.3 -> 3.5.4) - Update to 3.5.4: * The connection_reuse attribute in smtp_tls_policy_maps always resulted in an "invalid attribute name" error. * SMTP over TLS connection reuse always failed for Postfix SMTP client configurations that specify explicit trust anchors (remote SMTP server certificates or public keys). * The Postfix SMTP client's DANE implementation would always send an SNI option with the name in a destination's MX record, even if the MX record pointed to a CNAME record. MX records that point to CNAME records are not conformant with RFC5321, and so are rare. Based on the DANE survey of ~2 million hosts it was found that with the corrected SMTP client behavior, sending SNI with the CNAME-expanded name, the SMTP server would not send a different certificate. This fix should therefore be safe. ==== python-SQLAlchemy ==== Version update (1.3.17 -> 1.3.18) - update to version 1.3.18: * orm + Improve error message when using Query.filter_by() in a query where the first entity is not a mapped class. References: #5326 + Added a new parameter query_expression.default_expr to the query_expression() construct, which will be appled to queries automatically if the with_expression() option is not used. Pull request courtesy Haoyu Sun. References: #5198 * engine + Further refinements to the fixes to the ?reset? agent fixed in [#5326], which now emits a warning when it is not being correctly invoked and corrects for the behavior. Additional scenarios have been identified and fixed where this warning was being emitted. References: #5326 + Fixed issue in URL object where stringifying the object would not URL encode special characters, preventing the URL from being re-consumable as a real URL. Pull request courtesy Miguel Grinberg. References: #5341 * sql + Added a ?.schema? parameter to the table() construct, allowing ad-hoc table expressions to also include a schema name. Pull request courtesy Dylan Modesitt. References: #5309 + Correctly apply self_group in type_coerce element. The type coerce element did not correctly apply grouping rules when using in an expression References: #5344 + Added Select.with_hint() output to the generic SQL string that is produced when calling str() on a statement. Previously, this clause would be omitted under the assumption that it was dialect specific. The hint text is presented within brackets to indicate the rendering of such hints varies among backends. References: [#5353] + Introduce IdentityOptions to store common parameters for sequences and identity columns. References: #5324 + Added .offset support to sybase dialect. Pull request courtesy Alan D. Snow. References: #5294 * schema + Fixed issue where dialect_options were omitted when a database object (e.g., Table) was copied using tometadata(). References: [#5276] * mysql + Implemented row-level locking support for mysql. Pull request courtesy Quentin Somerville. References: #4860 * sqlite + SQLite 3.31 added support for computed column. This change enables their support in SQLAlchemy when targeting SQLite. References: #5297 + Added ?exists? to the list of reserved words for SQLite so that this word will be quoted when used as a label or column name. Pull request courtesy Thodoris Sotiropoulos. References: [#5395] * mssql + Refined the logic used by the SQL Server dialect to interpret multi-part schema names that contain many dots, to not actually lose any dots if the name does not have bracking or quoting used, and additionally to support a ?dbname? token that has many parts including that it may have multiple, independently-bracketed sections. References: #5364, #5366 + Fixed an issue in the pyodbc connector such that a warning about pyodbc ?drivername? would be emitted when using a totally empty URL. Empty URLs are normal when producing a non-connected dialect object or when using the ?creator? argument to create_engine(). The warning now only emits if the driver name is missing but other parameters are still present. References: [#5346] + Fixed issue with assembling the ODBC connection string for the pyodbc DBAPI. Tokens containing semicolons and/or braces ?{}? were not being correctly escaped, causing the ODBC driver to misinterpret the connection string attributes. References: [#5373] + Fixed issue where datetime.time parameters were being converted to datetime.datetime, making them incompatible with comparisons like >= against an actual TIME column. References: #5339 + Fixed an issue where the is_disconnect function in the SQL Server pyodbc dialect was incorrectly reporting the disconnect state when the exception messsage had a substring that matched a SQL Server ODBC error code. References: #5359 + Moved the supports_sane_rowcount_returning = False requirement from the PyODBCConnector level to the MSDialect_pyodbc since pyodbc does work properly in some circumstances. References: [#5321] * oracle + Fixed bug in Oracle dialect where indexes that contain the full set of primary key columns would be mistaken as the primary key index itself, which is omitted, even if there were multiples. The check has been refined to compare the name of the primary key constraint against the index name itself, rather than trying to guess based on the columns present in the index. References: #5421 * misc + Added new option --raw to the examples.performance suite which will dump the raw profile test for consumption by any number of profiling visualizer tools. Removed the ?runsnake? option as runsnake is very hard to build at this point; ==== python-networkx ==== - Skipping over test_subgraph_centrality_big_graph is not necessary anymore (gh#networkx/networkx#3304) ==== python-py ==== Version update (1.8.1 -> 1.9.0) - Update to 1.9.0 * Add type annotation stubs ==== python-rpm-macros ==== Version update (20200529.b301e36 -> 20200625.e862151) Subpackages: python-rpm-generators - Update to version 20200625.e862151: * fix pytest_arch PYTHONPATH * expand calls pyproject* macros (revert #45) * let the shell expand PYTHONPATH - Update to version 20200623.3ea9b62: * fix PYTHONPATH on pytest_arch macro - Update to version 20200622.1919233: * Expand %buildroot first (avoid endless cycle; bsc#1162743) - Update to version 20200622.1f4c5d2: * Add missing semicolon - For Factory change %system_python to python3. - Update to version 20200603.503823c: * Don't add empty path to PYTHONPATH setting. * Do not expand macros, just print them unexpanded (for %pytest* and %pyproject* macros) * Replace py.test -> pytest ==== rpm ==== Subpackages: librpmbuild9 rpm-build rpm-build-perl rpm-build-python rpm-devel - temporarily back out change of %_libexecdir to /usr/libexec - Update rpmconfigcheck: Remove bashism and use /bin/sh instead of /bin/bash. - update auto-config-update-aarch64-ppc64le.diff (bsc#1170849): * only update if hostarch isn't there ==== rubygem-diff-lcs ==== Version update (1.3 -> 1.4.2) - updated to version 1.4.2 [#]# 1.4.2 / 2020-06-23 - Camille Drapier fixed a small issue with RuboCop configuration. [#59][] - Applied another fix (and unit test) to fix an issue for the Chef team. [#60][], [#61][] [#]# 1.4.1 / 2020-06-23 - Fix an issue where diff sizes could be negative, and they should be. [#57][], [#58][] [#]# 1.4 / 2020-06-23 - Ruby versions lower than 2.4 are soft-deprecated and will not be run as part of the CI process any longer. - Akinora MUSHA (knu) added the ability for Diff::LCS::Change objects to be implicitly treated arrays. Originally provided as pull request [#47][], but it introduced a number of test failures as documented in [#48][], and remediation of Diff::LCS itself was introduced in [#49][]. - Resolved [#5][] with some tests comparing output from `system` calls to `bin/ldiff` with some pre-generated output. Resolved [#6][] with these tests. - Resolved a previously undetected `bin/ldiff` issue with `--context` output not matching `diff --context` output. - Resolved an issue with later versions of Ruby not working with an `OptParse` specification of `Numeric`; this has been changed to `Integer`. - Brandon Fish added truffleruby in [#52][]. - Fixed two missing classes as reported in [#53][]. - Updated fix-interpreter.patch to apply again ==== speech-dispatcher ==== Subpackages: libspeechd2 python3-speechd speech-dispatcher-configure speech-dispatcher-module-espeak - Changed /etc/logrotate.d/speech-dispatcher from init.d to systemd fix boo#1173374. ==== sysfsutils ==== - Added a _service file, as per new OBS requirement - Added a patch to bring sysfsutils up to latest upstream, which now is in place: * sysfsutils-latest-changes.diff.gz - Added patches which have been submitted upstream but not yet merged: * 0001-Fix-compiler-complain-about-multiple-defs-of-my_stdo.patch * 0002-Fix-compiler-complaint-about-string-truncation.patch * 0003-Fix-more-string-issues-for-gcc-10.patch And removing a patch that's subsumed by the above patches: * sysfsutils-fix-compiler-issues.patch Lastly, replaced the hand-rolled sysfsutils-2.1.0.tar.gz with upstream archive file sysfsutils-sysfsutils-2_1_0.tar.gz (retreived with OBS download service), though the contents of the two are the same. ==== vulkan-loader ==== Version update (1.2.141 -> 1.2.145) - Update to release 1.2.145 * scripts: Use named params for generator options * loader: Fix crash in vkGetDeviceQueue2 * loader: Use MoltenVK in app bundle if found * build: include system headers last