Changed packages: ==== apache2 ==== Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - add httpd-2.4.12-CVE-2015-0253.patch to fix SECURITY: CVE-2015-0253 (cve.mitre.org) core: Fix a crash introduced in with ErrorDocument 400 pointing to a local URL-path with the INCLUDES filter active, introduced in 2.4.11. PR 57531. [Yann Ylavic] ==== appstream-glib ==== Version update (0.3.6+git.20150414 -> 0.3.6+git.20150506) Subpackages: libappstream-builder7 libappstream-glib7 - Update to version 0.3.6+git.20150506: + trivial: Set the catalog basename as additional metadata. + Remove overzealous blacklisting entry. + Detect recolorable symbolic icons. + Fix exo-web-browser blacklist entry. + Add text icons and sample text for some languages. + Have another go at fixing font previews. ==== atk-devel ==== Subpackages: libatk-1_0-0 libatk-1_0-0-32bit typelib-1_0-Atk-1_0 - Fix baselibs.conf: the package keyword is redundant. ==== libcairomm-1_0-1 ==== - Add baselibs.conf to source list. ==== cmake ==== - CPack/RPM architecture test fixup (SLE11/11.4) (cmake bug#15442) cmake.git-4552bc8.patch ==== coreutils ==== - Download keyring file from Savannah; prefer HTTPS over FTP for remote sources. - Fix memory handling error with case insensitive sort using UTF-8 (boo#928749): coreutils-i18n.patch src/sort.c (keycompare_mb): Ensure the buffer is big enough to handle anything output from wctomb(). Theoretically any input char could be converted to multiple output chars, and so we need to multiply the storage by MB_CUR_MAX. ==== getdata ==== Version update (0.8.6 -> 0.8.8) Subpackages: getdata-devel getdata-doc libgetdata++3 libgetdata5 - update to 0.8.8 * Fixes build on 32bit - update to 0.8.7 * BUG FIX: Opening a Dirfile read-write (GD_RDWR) no longer fails if /INCLUDEd fragments are read-only. Reported by Alexandra Rahlin. * BUG FIX: Several fixes have been made to the sample index encoding (SIE) engine, which should now produce properly encoded data when performing random writes. * F95 BUG FIX: Passing the empty string to fgd_reference() now returns the current reference field without modifying it, instead of crashing. * PYTHON BUG FIX: Querying dirfile.reference no longer causes a crash on an empty dirfile. Reported by Alexandra Rahlin. * PYTHON BUG FIX: Memory leaks have been fixed in functions returning lists of field names or other metadata lists. Reported by Alexandra Rahlin. * PYTHON BUG FIX: On error, dirfile.get_string() no longer segfaults or leaks memory. ==== libgtkmm-2_4-1 ==== - Add baselibs.conf to source list. ==== kernel-default ==== Version update (4.0.1 -> 4.0.3) Subpackages: kernel-default-devel - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-desktop ==== Version update (4.0.1 -> 4.0.3) Subpackages: kernel-desktop-devel - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-docs ==== Version update (4.0.1 -> 4.0.3) - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-pv-devel ==== Version update (4.0.1 -> 4.0.3) - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-devel ==== Version update (4.0.1 -> 4.0.3) Subpackages: kernel-macros kernel-source - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-syms ==== Version update (4.0.1 -> 4.0.3) - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== kernel-xen ==== Version update (4.0.1 -> 4.0.3) Subpackages: kernel-xen-devel - Linux 4.0.3. - commit 3ee3773 - Linux 4.0.2 (boo#905088). - Refresh patches.xen/xen-x86_64-vread-pvclock. - Refresh patches.xen/xen3-patch-3.11. - Delete patches.fixes/btrfs-fix-inode-eviction-infinite-loop-after-cloning.patch. - Update config files. CONFIG_ARM64_ERRATUM_845719=y, the same as master. - commit a425d38 ==== libblas3 ==== Subpackages: liblapack3 - Fix static libraries list ==== libgit2-glib-1_0-0 ==== Version update (0.22.6 -> 0.22.8) - Update to version 0.22.8: + Include passed in cflags for ssh check. ==== libglademm ==== Subpackages: libglademm-2_4-1 - Add baselibs.conf to source list. ==== gstreamer-0_10-libnice ==== Version update (0.1.12 -> 0.1.13) Subpackages: gstreamer-libnice libnice10 - Update to version 0.1.13: + Fix build on non-Windows platforms that don't have getifaddrs(). + Fix build regression on Windows. ==== gdk-pixbuf-loader-rsvg ==== Subpackages: librsvg-2-2 librsvg-devel typelib-1_0-Rsvg-2_0 - Remove reference to gtk2-engine-svg from baselibs.conf: this subpackage hasn't been built since Oct 22 2013. ==== mysql-connector-java ==== Version update (5.1.25 -> 5.1.35) - Update to 5.1.35 (see CHANGES for full list of issues) bnc#927981 CVE-2015-2575: * http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html - Remove not applicable patch: * mysql-connector-java-7-jdbc-4.1.patch - Do not explicitely check for jdk6 but be happy with 7 and 8: * jdk6-check-use-jdk7.patch - Do not require hibernate4 to actually build: * extra-libs-build.patch - Do not build jdk5 depending jdbc3: * no-jdk5-requirement.patch - Add and rebase jdbc4.1 patch: * mysql-connector-java-jdbc-4.1.patch - Add new patch to build tests: * use-classpath-in-tests.patch ==== gnome-shell-search-provider-nautilus ==== Version update (3.16.1 -> 3.16.2) Subpackages: libnautilus-extension1 nautilus - Update to version 3.16.2: + Allow opening multiple files with a different app than default. + Fix sidebar always visible on starting nautilus even with setting disabled. + Allow folders to be opened with a different app than default. + Allow F5 and ctrl+r as shortcuts for reload the view. ==== obs-service-source_validator ==== Version update (0.5+git20150420.23830c1 -> 0.5+git20150513.7c2f7ae) - Update to version 0.5+git20150513.7c2f7ae: + fix checking _service file + baselibs verification: targettype is a nown keyword - treat it as a 'built package' + baselibs validation: pass if we have trouble parsing the .spec file (missing devel packages on the host) ==== openmpi-libs ==== - Use the distro supplied libldl, not the internal copy. - Add openmpi-external_libltdl.patch to make dlopen_test also compile with external libltdl. - Run autogen.sh again, needed by the new patch as it modifies Makefile.am. - Just include README as a dummy. As openmpi-testsuite is only meant to run the testsuite, the built package doesn't contain anything usefull and in case of test failures the package would not be created. - Make clear that disabling Fortran 2008 support is only needed until gcc5 becomes the default. ==== os-prober ==== - os-prober-btrfsfix-trim-leading-subvol.patch * fix os-prober fails to detect other SLES12 installation (bsc#892364) ==== osc ==== - Fix rpm URL. gitorious is shut down end of May 2015. ==== perl-B-Hooks-EndOfScope ==== Version update (0.14 -> 0.15) - updated to 0.15 see /usr/share/doc/packages/perl-B-Hooks-EndOfScope/Changes 0.15 2015-05-14 21:46:06Z - updated the tooling for generating Makefile.PL - removed Tie::StdHash from prereqs, which is not require()able as a module on its own (despite being indexed) (miyagawa, GH #3) - fixed the addition in release 0.14 of Hash::Util::FieldHash as a prerequisite (which is not available prior to perl 5.010) for pure-perl installations (RT#104435) ==== perl-IO-Socket-SSL ==== Version update (2.013 -> 2.015) - updated to 2.015 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.014 2015/05/13 - work around problem with IO::Socket::INET6 on windows, by explicitly using Domain AF_INET in the tests. Fixes RT#104226 reported by CHORNY - updated to 2.014 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.014 2015/05/05 - Utils::CERT_create - work around problems with authorityInfoAccess, where OpenSSL i2v does not create the same string as v2i expects - Intercept - don't clone some specific extensions which make only sense with the original certificate ==== perl-Test-Pod ==== Version update (1.48 -> 1.49) - updated to 1.49 see /usr/share/doc/packages/perl-Test-Pod/Changes 1.49 2015-05-12T17:30:58Z * Changed license in the README to "Same as Perl" to match the license listed in `META.yml`, and in the POD as of v1.42. * Tightened up the heuristic for matching Perl batch files to require that the file end in `.bat`, as described in the documentation. Patch from Luca Ferrari. * Simplified some of the matching code. Patch from Luca Ferrari. * Transferred ownership of the repository to the perl-pod organization on GitHub. * Removed the Pod testing test from the distribution. Seems silly for a module designed for testing Pod, right? But it's considered best practice to do Pod testing in development only, not in a release. ==== polari ==== Subpackages: typelib-1_0-Polari-1_0 - Add polari-chatView-switch-away-from-deprecated-API.patch: No longer use deprecated API, patch from upstream git, stable branch (bgo#747942). ==== python3 ==== Version update (3.4.1 -> 3.4.3) Subpackages: python3-curses python3-dbm python3-tk - Update to version 3.4.3 - Drop upstreamed CVE-2014-4650-CGIHTTPServer-traversal.patch (bpo#21766) ==== libpython3_4m1_0 ==== Version update (3.4.1 -> 3.4.3) Subpackages: python3-base - python-3.4.3-test-conditional-ssl.patch - restore tests failing because test_urllib was unconditionally importing ssl (without really needing it) - restore functionality of multilib patch - drop libffi-ppc64le.diff because upstream completely changed everything yet again (sorry ppc64 folks :| ) - Update to version 3.4.3 - Drop upstreamed CVE-2014-4650-CGIHTTPServer-traversal.patch (bpo#21766) ==== python3-doc ==== Version update (3.4.1 -> 3.4.3) - drop the PDF subpackage (removes the massive texlive dependency, and most likely nobody is using the PDFs anyway) - Update to version 3.4.3 ==== radvd ==== Version update (2.10 -> 2.11) - As radvd does not build on older releases removing conditions and radvd.init - Use /var/run instead of /run - Depend on shadow for useradd - Update to 2.11 * added --without-check option to configure - Cleanup spec-file with spec-cleaner - Add keyring for gpg signature ==== libdcerpc-binding0 ==== Subpackages: libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libgensec0 libgensec0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libregistry0 libsamba-credentials0 libsamba-credentials0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient-raw0 libsmbclient-raw0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0 libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba samba-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind samba-winbind-32bit - Remove the independently built libraries ldb, talloc, tdn, and tevent and the post-10.3 renamed libsmbclient from baselibs.conf. - Drop redundant doc attribute from man pages. ==== sudo ==== Version update (1.8.12 -> 1.8.13) - update to 1.8.13 * The examples directory is now a subdirectory of the doc dir to conform to Debian guidelines. Bug #682. * Fixed a compilation error for siglist.c and signame.c on some systems. Bug #686 * Weak symbols are now used for sudo_warn_gettext() and sudo_warn_strerror() in libsudo_util to avoid link errors when - Wl,--no-undefined is used in LDFLAGS. The --disable-weak-symbols configure option can be used to disable the user of weak symbols. * Fixed a bug in sudo's mkstemps() replacement function that prevented the file extension from being preserved in sudoedit. * A new mail_all_cmnds sudoers flag will send mail when a user runs a command (or tries to). The behavior of the mail_always flag has been restored to always send mail when sudo is run. * New "MAIL" and "NOMAIL" command tags have been added to toggle mail sending behavior on a per-command (or Cmnd_Alias) basis. * Fixed matching of empty passwords when sudo is configured to use passwd (or shadow) file authentication on systems where the crypt() function returns NULL for invalid salts. * The "all" setting for listpw and verifypw now works correctly with LDAP and sssd sudoers. * The sudo timestamp directory is now created at boot time on platforms that use systemd. * Sudo will now restore the value of the SIGPIPE handler before executing the command. * Sudo now uses "struct timespec" instead of "struct timeval" for time keeping when possible. If supported, sudoedit and visudo now use nanosecond granularity time stamps. * Fixed a symbol name collision with systems that have their own SHA2 implementation. This fixes a problem where PAM could use the wrong SHA2 implementation on Solaris 10 systems configured to use SHA512 for passwords. * The editor invoked by sudoedit once again uses an unmodified copy of the user's environment as per the documentation. This was inadvertantly changed in sudo 1.8.0. Bug #688. ==== python-cupshelpers ==== Version update (1.5.6 -> 1.5.7) Subpackages: system-config-printer system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer - Update to version 1.5.7: + Test device ordering: hp beats dnssd and usb. + Fixes for appdata file. + Fixed traceback (lp#1213136). + Set use_underline=True for previously-stock buttons (lp#1210859). + Increase bus settle time for usb_modeswitch devices (lp#1206808). ==== libtelepathy-logger3 ==== Version update (0.8.1 -> 0.8.2) Subpackages: telepathy-logger typelib-1_0-TelepathyLogger-0_2 - Update to version 0.8.2: + Ask libxml2 to recover from errors, if possible (fdo#40675). + Fix crash when logs are corrupted or invalid XML (fdo#89595). ==== virtualbox ==== Version update (4.3.26 -> 4.3.28) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-kmp-desktop virtualbox-guest-tools virtualbox-guest-x11 virtualbox-host-kmp-default virtualbox-host-kmp-desktop virtualbox-qt - Version bump to 4.3.28: * VMM: fixed a Guru Meditation when rebooting certain guests (for example Solaris doing fast reboot) by fixing the implementation for INIT IPI * VMM: added some information for diagnosing rare VERR_VMX_INVALID_VMXON_PTR Guru Meditations (VT-x only) * GUI: HID LEDs sync: prevent synchronization if VM window has no focus (Windows and Mac OS X hosts only) * GUI: fixed drag and drop moving the cursor between guest screens on certain hosts * 3D: fixed a crash on restoring the VM state on X11 hosts (bug #12737) * 3D: fixed a crash on Linux guest shutdown (bug #12772) * VRDP: fixed incompatibility with rdesktop 1.8.3 * VRDP: fixed listening for IPv6 on some systems (bug #14038) * Storage: don't crash if creating an asynchronous I/O context fails (e.g. when starting many VMs) and show a proper error message * Floppy: several fixes * Audio: improved the behavior of the volume control for the HD audio device emulation * USB: increase the number of supported drivers from 3 to 5 (Windows hosts only) * PS/2 keyboard: synchronize the LED state on VM restore (Windows and Mac OS X hosts only) * NAT Network: when running multiple NAT networks with multiple VMs, only stop the respective services when stopping VMs (bug #14090) * NAT: don't kill UDP bindings on ICMP errors (bug #13475) * NAT: bandwidth limit now works properly with NAT (bug #11485) * BIOS: fixed the returned size value of the VBE 2.0 PMI function 0Ah (4.2.0 regression; bug #14096) * Guest Control: fixed parameter quoting in Windows guests (bug #13157) * Webcam passthrough improvements for Linux (V4L2) hosts to support more webcam models * API: don't fail starting a VM with VBOX_E_INVALID_OBJECT_STATE under certain conditions (bug #13617) * API: be more verbose on VBOX_E_INVALID_OBJECT_STATE if a medium is attached to a running VM (bug #13560) * API: fixed a bug which could result in losing certain screen resize events with multi-monitor guests * rdesktop-vrdp: fixed path to the keymaps (bug #12066) * rdesktop-vrdp: switch to version 1.8.3 * Windows hosts: more hardening fixes (e.g. bugs #14051, #14052) * Linux hosts: another fix for activated SMAP on Linux 3.19 and newer (Broadwell and later; bug #13961) * Linux hosts: Linux 4.1 compile fix (bug #14081) * Solaris hosts: fixed using of VNIC templates with Crossbow based bridged networking to be compatible with vanity interface names * Mac OS X hosts: fixed crash during VM termination under rare circumstances * Windows Additions/WDDM: improved video memory utilization and allow more/bigger guest screens with large resolutions (including HiDPI) * X11 Additions: prevent flickering when updating mouse cursor * Solaris Additions: fixed incorrect usage of 'prtconf' while installing Guest Additions (Solaris 10 only) - Refresh patch: * vbox-vboxadd-init-script.diff ==== wine ==== Version update (1.7.42 -> 1.7.43) Subpackages: wine-32bit - Updated to 1.7.43 development snapshot - Improved support for Shell Browser windows. - Some more API Sets libraries. - Read/write operations support with built-in devices. - Major Catalan translation update. - Support for WoW64 mode on ARM64. - Various bug fixes. - updated winetricks ==== xen ==== Version update (4.5.0_03 -> 4.5.0_04) Subpackages: xen-doc-html xen-kmp-default xen-kmp-desktop xen-libs xen-tools xen-tools-domU - bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through XEN_DOMCTL_gettscinfo (XSA-132) 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch - bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu floppy driver host code execution CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch ==== yast2 ==== Version update (3.1.121 -> 3.1.122) Subpackages: yast2-devel-doc - Propose SuSEfirewal2 to fully initialize (e.g. open ports) already in the init phase to allow using iSCSI (bsc#916376) - 3.1.122 ==== yast2-core ==== Subpackages: yast2-core-devel - Fixed compilation warnings. Removed packages: Added packages: