Packages changed: MozillaFirefox (61.0.2 -> 62.0.2) acpid (2.0.29 -> 2.0.30) bind cpio eiciel gimp grub2 gstreamer (1.14.2 -> 1.14.3) gstreamer-plugins-bad (1.14.2 -> 1.14.3) gstreamer-plugins-base (1.14.2 -> 1.14.3) gstreamer-plugins-good (1.14.2 -> 1.14.3) gstreamer-plugins-ugly (1.14.2 -> 1.14.3) hwinfo (21.57 -> 21.58) java-11-openjdk (11.0.0.0~28 -> 11.0.0.0) kded (5.49.0 -> 5.50.0) kdelibs4support (5.49.0 -> 5.50.0) libarchive libopenmpt (0.3.11 -> 0.3.12) libotr libpcap (1.8.1 -> 1.9.0) libqt5-qttranslations (5.11.1 -> 5.11.2) libqt5-qtvirtualkeyboard (5.11.1 -> 5.11.2) llvm6 malaga-suomi mariadb (10.2.17 -> 10.2.18) net-tools (2.0+git20170221.479bb4a -> 2.0+git20180626.aebd88e) netpbm (10.82.2 -> 10.83.2) nghttp2 (1.32.0 -> 1.33.0) open-iscsi (0.7.8.2 -> 0.7.8.4) openafs patterns-base perl-Bootloader (0.922 -> 0.923) python python-base python-kiwi (9.16.12 -> 9.16.18) python-libvirt-python (4.6.0 -> 4.7.0) python-numpy (1.14.5 -> 1.15.2) python-pycparser (2.18 -> 2.19) qemu qemu-linux-user (2.12.1 -> 3.0.0) qqc2-desktop-style (5.49.0 -> 5.50.0) rpm-config-SUSE (0 -> 0.g5) shotwell (0.30.0 -> 0.30.1) systemd texlive vim (8.1.0401 -> 8.1.0436) xorg-x11-fonts xorg-x11-libX11-ccache === Details === ==== MozillaFirefox ==== Version update (61.0.2 -> 62.0.2) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 62.0.2: MFSA 2018-22 * CVE-2018-12385 (boo#1109363, bmo#1490585) Crash in TransportSecurityInfo due to cached data * Unvisited bookmarks can once again be autofilled in the address bar * Fix WebGL rendering issues * Fix fallback on startup when a language pack is missing * Avoid crash when sharing a profile with newer (as yet unreleased) versions of Firefox * Do not undo removal of search engines when using a language pack * Fixed rendering of some web sites * Restored compatibility with some sites using deprecated TLS settings - disable rust debug symbols to fix build on %ix86 - update to Firefox 62.0 * Firefox Home (the default New Tab) now allows users to display up to 4 rows of top sites, Pocket stories, and highlights * "Reopen in Container" tab menu option appears for users with Containers that lets them choose to reopen a tab in a different container * In advance of removing all trust for Symantec-issued certificates in Firefox 63, a preference was added that allows users to distrust certificates issued by Symantec. To use this preference, go to about:config in the address bar and set the preference "security.pki.distrust_ca_policy" to 2. * Support for CSS Shapes, allowing for richer web page layouts. This goes hand in hand with a brand new Shape Path Editor in the CSS inspector. * CSS Variable Fonts (OpenType Font Variations) support, which makes it possible to create beautiful typography with a single font file * Added Canadian English (en-CA) locale MFSA 2018-20 (bsc#1107343) * CVE-2018-12377 (bmo#1470260) Use-after-free in refresh driver timers * CVE-2018-12378 (bmo#1459383) Use-after-free in IndexedDB * CVE-2018-12379 (bmo#1473113) (updater is disabled for us) Out-of-bounds write with malicious MAR file * CVE-2017-16541 (bmo#1412081) Proxy bypass using automount and autofs * CVE-2018-12381 (bmo#1435319) Dragging and dropping Outlook email message results in page navigation * CVE-2018-12382 (bmo#1479311) (Android only) Addressbar spoofing with javascript URI on Firefox for Android * CVE-2018-12383 (bmo#1475775) Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords * CVE-2018-12375 Memory safety bugs fixed in Firefox 62 * CVE-2018-12376 Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 - requires NSS >= 3.38 - removed obsolete patch mozilla-bmo1464766.patch ==== acpid ==== Version update (2.0.29 -> 2.0.30) - Update to version 2.0.30 * configure: Don't use AC_FUNC_MALLOC, AC_FUNC_REALLOC. * samples: powerbtn: extend the list of known PMS * samples: powerbtn: fix kde4 power management detection ==== bind ==== Subpackages: bind-chrootenv bind-doc bind-utils libbind9-160 libdns169 libirs160 libisc166 libisccc160 libisccfg160 liblwres160 python3-bind - Update named.root. One of the root servers IP has changed. - Install the LICENSE file. ==== cpio ==== Subpackages: cpio-lang cpio-mt - Use gettextize --no-changelog to drop build date to make package build reproducible (boo#1047218) ==== eiciel ==== Subpackages: eiciel-lang nautilus-eiciel - Add eiciel-sys-xattr.patch -- is deprecated, use instead. Also use sed to replace the relevant parts of configure. - Run spec-cleaner, modernize specfile. - Apply translation-update also for openSUSE, drop conditionals. ==== gimp ==== Subpackages: gimp-lang gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - pkgconfig(glib-2.0) >= 2.56.0 is needed. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - ieee1275: implement FCP methods for WWPN and LUNs (bsc#1093145) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch ==== gstreamer ==== Version update (1.14.2 -> 1.14.3) Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.14.3: + opusenc: fix crash on 32-bit platforms. + compositor: fix major buffer leak when doing crossfading on some but not all pads. + wasapi: various fixes for wasapisrc and wasapisink regressions. + x264enc: Set bit depth to fix "This build of x264 requires 8-bit depth. Rebuild to..." runtime errors with x264 version ? 153. + audioaggregator, audiomixer: caps negotiation fixes. + input-selector: latency handling fixes. + playbin, playsink: audio visualization support fixes. + dashdemux: fix possible crash if stream is neither isobmff nor isoff_ondemand profile. + opencv: Fix build for opencv >= 3.4.2. + h265parse: miscellaneous fixes backported from h264parse. + pads: fix changing of pad offsets from inside pad probes. + pads: ensure that pads are blocked for IDLE probes if they are called from the streaming thread too. ==== gstreamer-plugins-bad ==== Version update (1.14.2 -> 1.14.3) Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - Update to version 1.14.3: + Bugfix release, please see .changes in gstreamer main package. ==== gstreamer-plugins-base ==== Version update (1.14.2 -> 1.14.3) Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.14.3: + Bugfix release, please see .changes in gstreamer main package. ==== gstreamer-plugins-good ==== Version update (1.14.2 -> 1.14.3) Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-lang gstreamer-plugins-good-qtqml - Update to version 1.14.3: + Bugfix release, please see .changes in gstreamer main package. ==== gstreamer-plugins-ugly ==== Version update (1.14.2 -> 1.14.3) Subpackages: gstreamer-plugins-ugly-lang - Update to version 1.14.3: + Bugfix release, please see .changes in gstreamer main package. ==== hwinfo ==== Version update (21.57 -> 21.58) - merge gh#openSUSE/hwinfo#59 - ensure udev device links are unique (bsc#1084700) - 21.58 ==== java-11-openjdk ==== Version update (11.0.0.0~28 -> 11.0.0.0) Subpackages: java-11-openjdk-headless - Official OpenJDK 11 release * Pull the sources from the jdk-updates/jdk11u repository from now on. * Remove the buildver from the rpm version string ==== kded ==== Version update (5.49.0 -> 5.50.0) Subpackages: kded-lang - Update to 5.50.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.50.0.php - Changes since 5.49.0: * None ==== kdelibs4support ==== Version update (5.49.0 -> 5.50.0) Subpackages: kdelibs4support-lang libKF5KDELibs4Support5 - Update to 5.50.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.50.0.php - Changes since 5.49.0: * Fix compilation without openssl headers ==== libarchive ==== Subpackages: bsdtar libarchive13 - Fix RPM groups. Remove idempotent %if..%endif guards. Diversify summaries. Set CFLAGS instead of re-defining optflags with itself. ==== libopenmpt ==== Version update (0.3.11 -> 0.3.12) Subpackages: libmodplug1 libopenmpt0 - Update to version 0.3.12: * [Bug] libmodplug: Setting SNDMIX_NORESAMPLING in the C++ API always resulted in linear interpolation instead of nearest neighbour. * libopenmpt now compiles without warnings with GCC 8. * Jump commands on the same row as the end of a pattern loop covering the restart position of the module could cause the module to loop even when looping was disabled. * MO3: Reject overly long MP3 and Vorbis samples. * play_note from the libopenmpt_ext interface sometimes silenced the start of a triggered sample. ==== libotr ==== - libotr-test-uninitialized.patch: Fix use of uninitialized memory in testsuite - Don't disable testsuite on ppc ==== libpcap ==== Version update (1.8.1 -> 1.9.0) - update to 1.9.0 * add testing system to libpcap, independent of tcpdump * changes to how pcap_t is activated * update included copies of BSD 4-clause license to 3-clause * additions to TCP header parsing, per RFC3168 * support setting non-blocking mode before activating * fixes so that non-AF_INET addresses, are not ==AF_INET6 addresses * pcap_compile() in 1.8.0 and later is newly thread-safe * bound snaplen for linux tpacket_v2 to ~64k * make VLAN filter handle both metadata and inline tags (bsc#874131 bsc#993691 fate#321405) * D-Bus captures can now be up to 128MB in size * add DLT_LORATAP and DLT_VSOCK * allow specifying a specific capture protocol * RDMA sniffing support for pcap * increase minimum autoconf version requirement to 2.64 * rpcapd: support for xinetd.conf and systemd units * provide pkgconfig file - add BuildRequires for autoconf >= 2.64 - package (newly added) pkgconfig file - Check-only-VID-in-VLAN-test-issue-461.patch: fix "vlan " test to check only VID, not complete TCI - drop disable-remote.diff (superseded by upstream changes) ==== libqt5-qttranslations ==== Version update (5.11.1 -> 5.11.2) - Update to 5.11.2 * New bugfix release * For more details please see: * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.11.2/?h=v5.11.2 ==== libqt5-qtvirtualkeyboard ==== Version update (5.11.1 -> 5.11.2) - Update to 5.11.2 * New bugfix release * For more details please see: * http://code.qt.io/cgit/qt/qtvirtualkeyboard.git/plain/dist/changes-5.11.2/?h=v5.11.2 ==== llvm6 ==== Subpackages: libLLVM6 libclang6 - Add direct conflict between llvm6-polly-devel and future llvm7-polly-devel to prevent OBS from falsely reporting file conflicts. ==== malaga-suomi ==== - Use %license to install the license ==== mariadb ==== Version update (10.2.17 -> 10.2.18) Subpackages: libmysqld19 mariadb-client mariadb-errormessages - update to 10.2.18 GA * notable changes: * MDEV-15511 - if available, stunnel can be used during Galera rsync SST * MDEV-16791 - mariabackup: Support DDL commands during backup * MDEV-13564 - Refuse MLOG_TRUNCATE in mariabackup * MDEV-16934 - add new system variable eq_range_index_dive_limit to speed up queries that new long nested IN lists. The default value, for backward compatibility, is 0 meaning "unlimited". * MDEV-13333 - errors on InnoDB lock conflict * Report all InnoDB redo log corruption * MDEV-17043 - Purge of indexed virtual columns may cause hang on table-rebuilding DDL * MDEV-16868 - corruption of InnoDB temporary tables * MDEV-16465 - Invalid (old?) table or database name or hang in ha_innobase::delete_table and log semaphore wait upon concurrent DDL with foreign keys * fixes for the following security vulnerabilities: none * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10218-release-notes https://mariadb.com/kb/en/library/mariadb-10218-changelog - refresh mariadb-10.2.4-fortify-and-O.patch ==== net-tools ==== Version update (2.0+git20170221.479bb4a -> 2.0+git20180626.aebd88e) Subpackages: net-tools-lang - Update to version 2.0+git20180626.aebd88e: * standardize --help/usage handling * always write --version output to stdout - Rebase patch: * 0005-Add-support-for-interface-rename-in-nameif.patch ==== netpbm ==== Version update (10.82.2 -> 10.83.2) Subpackages: libnetpbm11 - updated to 10.83.00 * Add pamlevels. Thanks Anton Shepelev . * Add pamgetcolor. Thanks Anton Shepelev . * Add rgb-:r/g/b color specification format. * pngtopam: Fix bogus warning of non-square pixels when image does not contain pixel resolution information. Introduced in Netpbm 10.48 (September 2009). * pstopnm: Fix divide-by-zero crash when Postscript input says the image has zero size. * pstopnm: Fix divide-by-zero crash when computed resolution rounds down to zero dots per inch. * pbmmask: Fix invalid memory reference with zero-dimension input image. Broken in primordial Netpbm, ca 1989. [CVE-2018-8975, bsc#1086777] https://sourceforge.net/p/netpbm/code/3279/ * libnetpbm: Add pnm_colorspec_rgb_integer, pnm_colorspec_rgb_norm, pnm_colorspec_rgb_x11, pnm_colorspec_dict, pnm_colorspec_dict_close. * libnetpbm: Add pnm_parsecolor2. * libnetpbm: Add pnm_allocpamtuplen, pnm_freepamtuplen. * libnetpbm: Make the normalized tuple functions respect the allocation depth specified in struct pam (member 'allocation_depth') instead of using the actual tuple depth (member 'depth'). * ilbmtoppm: Fix bug: may fail with bogus error message about an invalid CLUT chunk if image has a CLUT chunk. Introduced after Netpbm 10.26 (January 2005) and at or before Netpbm 10.35 (August 2006). - Refreshed patch netpbm-security-code.patch - Dropped patch fixed upstream netpbm-CVE-2018-8975.patch - Renamed script prepare-src-tarball to prepare-src-tarball.sh ==== nghttp2 ==== Version update (1.32.0 -> 1.33.0) - Update to version 1.33.0: * lib: Tweak nghttp2_session_set_stream_user_data * lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS. * lib: Implement ORIGIN frame * asio: support definition of local endpoint for cleartext client session * integration: Remove remaining SPDY code from the integration tests * nghttpx: Fix worker process crash with neverbleed write error * nghttpx: Support per-backend mruby script * nghttpx: Fix stream reset if data from client is arrived before dconn is attached ==== open-iscsi ==== Version update (0.7.8.2 -> 0.7.8.4) Subpackages: iscsiuio - Merge the latest upstream code, updating the libopeniscsiusr version from 0_1_0 to 0_2_0, which updates the SPEC file. Also updated with new code: * open-iscsi-SUSE-latest.diff.bz2 ==== openafs ==== Subpackages: openafs-client openafs-kmp-default - Fix build for aarch64 ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-apparmor_opt patterns-base-base patterns-base-basesystem patterns-base-console patterns-base-enhanced_base patterns-base-enhanced_base_opt patterns-base-minimal_base patterns-base-minimal_base_conflicts patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_opt patterns-base-x86 - No longer recommend missing packages (boo#1104264): * genisoimage * ksymoops * system-group-trusted - Remove libnss_usrfiles from transactional_base, not needed anymore. ==== perl-Bootloader ==== Version update (0.922 -> 0.923) - merge gh#openSUSE/perl-bootloader#120 - create temporary files in /tmp (bsc#1108777) - 0.923 ==== python ==== Subpackages: python-curses - Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802] ==== python-base ==== Subpackages: libpython2_7-1_0 libpython2_7-1_0-32bit python-xml - Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802] ==== python-kiwi ==== Version update (9.16.12 -> 9.16.18) - Bump version: 9.16.17 ? 9.16.18 - Create parent qgroup when snapper is present This commit creates a new parent quota group (1/0) of level 1 when btrfs_quota_groups is enabled and snapper present into the image root tree. Related to bsc#1093518 and #812 - Bump version: 9.16.16 ? 9.16.17 - Fixup make build target Don't include auto generated schema docs into the source tarball. Also cleanup MANIFEST.in from files no longer present in the repository - Bump version: 9.16.15 ? 9.16.16 - Disable warnings report from pytest By default pytest now generates warnings for all modules used in the tox environment. This information is nice but taints the test output of the code of this project and is therefore unwanted. - Bump version: 9.16.14 ? 9.16.15 - Customize latex output for look and feel - Update development doc chapter per review by Tom - Make volume id customizable for installation ISOs This commit makes volid attribute also available for OEM images. The installation media makes use of the volid value. Only posix safe names are allowed, up to 32 characters. Fixes #811 - Include PDF build of documentation to the package Bundle a PDF version of the online documentation with the rpm package build. Due to the complexity of getting a latex build environment into the travis CI which does not take forever to install, the bundling of a built PDF into the pypi archive has been skipped. Users installing from pypi would need to install a latex env on their machine and run make latexpdf from the installed bundle. This Fixes #819 - Update docs for setting up development environment Reference py3.6 when showing example tox call. Also delete a py version reference where it was not needed - Update kiwi tools README Delete obsolete entries for tools no longer present - Adding bugfix trace for bsc#1108508 bsc#1108508 ticket was fixed with bf556a96 and 77517cff commits. Just adding the ticket reference here. - Fixed disk detection for live iso in loopback grub If the live iso is used as a disk on e.g USB sticks and is configured to setup a persistent write space via the initrd option rd.live.overlay.persistent, it's required to find the disk device to create a write partition on it. This detection worked if the live iso is binary dumped on the disk and bootet due to the hybrid support each iso built by kiwi provides. However if the live ISO deployment should not destroy existing data on the disk there is an alternative setup which uses grub's loopback support and puts the iso as a file on some partition of the disk. In this mode the kiwi-live dracut module failed to find the disk device and could not setup a persistent write partition. - Bump version: 9.16.13 ? 9.16.14 - Fixed spec template Directory delimiter missing in call for install_dracut target - Bump version: 9.16.12 ? 9.16.13 - Make use of kiwi/utils/sysconfig This commit makes use the sysconfig kiwi utility in order to read and eventually update the /etc/sysconfig/snapper file. - Snapper configuration for btrfs quota support refactored This commit refactors the snapper configuration for btrfs quota support when btrfs_root_is_snapshot is enabled. The sysconfig file /etc/sysconfig/snapper is now taken into consideration. Fixes bsc#1093518 - Fixed overlay of intermediate config files Some config files e.g etc/hosts needs to be temporary copied from the buildsystem host to the image root system. This is done by a custom copy with the .kiwi extension and a symlink to that file. During the installation process the package manager either overwrites the file or creates a .rpmnew variant. In case a .rpmnew variant exists there is code in kiwi which restores that .rpmnew variant to become the real file. However that _restore_intermediate_config_rpmnew_variants() method runs after overlay files has been applied to the system because it's part of the final cleanup step. In order to preserve an eventual overlay version of the file the .rpmnew variant gets only restored if the real file does not exist. This Fixes #807 - Fixed dice documentation The chapter: Building in a Self-Contained Environment holds a fixed ruby version in the package install which was outdated. It also still referenced the container as tar.xz but we have changed to uncompressed containers by default a while back - Fixed filesystem builder use of exclude list kiwi defines a global Defaults.get_exclude_list_for_root_data_sync method but it was not used in the scope of the filesystem builder. Thus this builder was missing the exclusion of the .buildenv file. This references Issue #422 and Fixes #814 - Enhance /etc/snapper/configs/root file parser - Fix quota groups management when snapper is present * Fixes the config file path if root is snapshot * Uses the correct QGROUP="" syntax * Do not overwrite the config file if already present Fixes bsc#1093518 - Separate dracut module install by Makefile target The dracut modules like kiwi provides it should not be part of the default install target. If kiwi gets installed from source or via pip all dracut code gets installed on that system which is unwanted and in the worst case leads to boot trouble next time this system rebuilds its initrd via dracut. Therefore an extra Makefile target which is used in the spec of an rpm but not in the install target of setup.py is provided in this commit. As a consequence the installation from pip will not install any dracut modules on that system which is intentional. Installing from source requires to run make install_dracut which if called assumes the caller knows what he/she does :) ==== python-libvirt-python ==== Version update (4.6.0 -> 4.7.0) - Update to 4.7.0 - Add all new APIs and constants in libvirt 4.7.0 ==== python-numpy ==== Version update (1.14.5 -> 1.15.2) Subpackages: python2-numpy python3-numpy - Update to version 1.15.2 Changes documented in release notes: https://github.com/numpy/numpy/blob/master/doc/release/1.15.2-notes.rst - Update to version 1.15.1 Changes documented in release notes: https://github.com/numpy/numpy/blob/master/doc/release/1.15.1-notes.rst - Update to version 1.15.0 Changes documented in release notes: https://github.com/numpy/numpy/blob/master/doc/release/1.15.0-notes.rst - Update to version 1.14.6 Changes documented in release notes: https://github.com/numpy/numpy/blob/master/doc/release/1.14.6-notes.rst - Rebase numpy-1.9.0-remove-__declspec.patch - Rebase riscv.patch ==== python-pycparser ==== Version update (2.18 -> 2.19) Subpackages: python2-pycparser python3-pycparser - Update to 2.19 - PR #277: Fix parsing of floating point literals - PR #254: Add support for parsing empty structs - PR #240: Fix enum formatting in generated C code (also #216) - PR #222: Add support for #pragma in struct declarations - Rebase fix-lexer-build.patch ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-vgabios qemu-x86 - Do more misc spec file fixes: * Be explicit in spec file about Version used for all subpackages (again, to avoid subpackage ordering issues). Default Release tag is also brought in by obs format_spec_file service * Delete binary blob s390-netboot.img, which we rebuild * Don't provide separate Url for qemu-kvm package - the main qemu website provides easily findable link for kvm specifics * Associate petalogix-ml605.dtb with qemu-extra instead of qemu-ppc * More entry sorting - Correct some versioning as follows: * Accurately reflect the qemu-ipxe package version value by adding "+" at the end * Don't overwrite seabios .version file, since now (for quite some time actually) upstream tarball creation creates this file and the value we are writing to it is actually wrong - Make spec file improvements, including the following: * Add qemu.keyring to enable package source verification * Create srcname macro to identify source file name separately from package name * Create alternate to %version to avoid subpackage ordering causing inadvertantly wrong %version value at point of use * Sort some entries * Be more consistent with macro syntax usage * Minor file tweaks as done by osc format_spec_file service - Re-sync openSUSE and SUSE SLE qemu packages. This changes file is the openSUSE one with this entry providing the intervening SLE CVE, FATE, and bugzilla references, which are still addressed in this package, and not yet called out in this changes file. * CVE-2018-11806 CVE-2018-12617 CVE-2018-7550 CVE-2018-15746 * fate#325467 * bsc#1091695 bsc#1094725 bsc#1094913 bsc#1096223 bsc#1098735 bsc#1103628 bsc#1105279 bsc#1106222 bsc#1106222 bsc#1107489 * Patches added: * only enable glusterfs for openSUSE 0040-linux-headers-update.patch 0041-s390x-kvm-add-etoken-facility.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.0 ==== qemu-linux-user ==== Version update (2.12.1 -> 3.0.0) - Make spec file improvements, including the following: * Add qemu.keyring to enable package source verification * Create srcname macro to identify source file name separately from package name * Sort some entries * Minor file tweaks as done by osc format_spec_file service - Remove BuildRequires for libattr-devel-static since it's not needed. - Re-sync openSUSE and SUSE SLE qemu-linux-user package. This changes file is the openSUSE one with this entry providing the intervening SLE CVE, FATE, and bugzilla references, which are still addressed in this package, and not yet called out in this changes file. * * Patches added: 0040-linux-headers-update.patch 0041-s390x-kvm-add-etoken-facility.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.0 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.0 * Patches added: 0039-tests-boot-serial-test-Bump-timeout.patch - Update to v3.0.0: See http://wiki.qemu.org/ChangeLog/3.0 Don't read anything into the major version number update. It's been decided to increase the major version number each year. Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package. Some noteworthy changes: * PPC64 host fixes (page size, mmap alignment, interrupted syscall, F_*LK64) * Fixes for several syscalls: mmap with 0 length, setsockopt, netlink * new syscalls: swapcontext (ppc), get_tls (ARM) * Most errors are now affected by -d rather than just dumped to stderr * qemu-binfmt-conf.sh: new options to use persistent (F) flag, ignore the OS/ABI field * add support of FDPIC for ARM * Support for ARM's Scalable Vector Extensions * Patches dropped (upstream unless otherwise noted): 0008-linux-user-fix-segfault-deadlock.patch (no longer needed) 0039-blockjob-Fix-assertion-in-block_job.patch 0041-seccomp-allow-sched_setscheduler-wi.patch * Patches renamed: 0009-linux-user-binfmt-support-host-bina.patch - > 0008-linux-user-binfmt-support-host-bina.patch 0010-linux-user-Fake-proc-cpuinfo.patch - > 0009-linux-user-Fake-proc-cpuinfo.patch 0011-Remove-problematic-evdev-86-key-fro.patch - > 0010-Remove-problematic-evdev-86-key-fro.patch 0012-linux-user-use-target_ulong.patch - > 0011-linux-user-use-target_ulong.patch 0013-Make-char-muxer-more-robust-wrt-sma.patch - > 0012-Make-char-muxer-more-robust-wrt-sma.patch 0014-linux-user-lseek-explicitly-cast-no.patch - > 0013-linux-user-lseek-explicitly-cast-no.patch 0015-AIO-Reduce-number-of-threads-for-32.patch - > 0014-AIO-Reduce-number-of-threads-for-32.patch 0016-xen_disk-Add-suse-specific-flush-di.patch - > 0015-xen_disk-Add-suse-specific-flush-di.patch 0017-qemu-bridge-helper-reduce-security-.patch - > 0016-qemu-bridge-helper-reduce-security-.patch 0018-qemu-binfmt-conf-use-qemu-ARCH-binf.patch - > 0017-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0019-linux-user-properly-test-for-infini.patch - > 0018-linux-user-properly-test-for-infini.patch 0020-roms-Makefile-pass-a-packaging-time.patch - > 0019-roms-Makefile-pass-a-packaging-time.patch 0021-Raise-soft-address-space-limit-to-h.patch - > 0020-Raise-soft-address-space-limit-to-h.patch 0022-increase-x86_64-physical-bits-to-42.patch - > 0021-increase-x86_64-physical-bits-to-42.patch 0023-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch - > 0022-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0024-i8254-Fix-migration-from-SLE11-SP2.patch - > 0023-i8254-Fix-migration-from-SLE11-SP2.patch 0025-acpi_piix4-Fix-migration-from-SLE11.patch - > 0024-acpi_piix4-Fix-migration-from-SLE11.patch 0026-Fix-tigervnc-long-press-issue.patch - > 0025-Fix-tigervnc-long-press-issue.patch 0027-string-input-visitor-Fix-uint64-par.patch - > 0026-string-input-visitor-Fix-uint64-par.patch 0028-test-string-input-visitor-Add-int-t.patch - > 0027-test-string-input-visitor-Add-int-t.patch 0029-test-string-input-visitor-Add-uint6.patch - > 0028-test-string-input-visitor-Add-uint6.patch 0030-tests-Add-QOM-property-unit-tests.patch - > 0029-tests-Add-QOM-property-unit-tests.patch 0031-tests-Add-scsi-disk-test.patch - > 0030-tests-Add-scsi-disk-test.patch 0032-Switch-order-of-libraries-for-mpath.patch - > 0031-Switch-order-of-libraries-for-mpath.patch 0033-Make-installed-scripts-explicitly-p.patch - > 0032-Make-installed-scripts-explicitly-p.patch (python2->python3) 0034-migration-warn-about-inconsistent-s.patch - > 0033-migration-warn-about-inconsistent-s.patch 0035-smbios-Add-1-terminator-if-any-stri.patch - > 0034-smbios-Add-1-terminator-if-any-stri.patch 0036-configure-Modify-python-used-for-io.patch - > 0035-configure-Modify-python-used-for-io.patch 0037-qemu-io-tests-comment-out-problemat.patch - > 0036-qemu-io-tests-comment-out-problemat.patch 0038-tests-test-thread-pool-is-racy-add-.patch - > 0037-tests-test-thread-pool-is-racy-add-.patch 0040-xen-add-block-resize-support-for-xe.patch - > 0038-xen-add-block-resize-support-for-xe.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.0 ==== qqc2-desktop-style ==== Version update (5.49.0 -> 5.50.0) - Update to 5.50.0 * New feature release * For more details please see: * https://www.kde.org/announcements/kde-frameworks-5.50.0.php - Changes since 5.49.0: * None ==== rpm-config-SUSE ==== Version update (0 -> 0.g5) - Update to new snapshot 0.g5 * Modified %lang_package to not inject -n when -r is given. ==== shotwell ==== Version update (0.30.0 -> 0.30.1) Subpackages: shotwell-lang - Update to version 0.30.1: + Fix appdata URLs. + Fix "Show in file manager" issues with single quotes. + Fix cancelling in sharing dialog. + Fix progress bar in sharing dialog. + Piwigo: Fix issue with empty dialog after cancelling upload. + Fix setting the slideshow delay with the spinner. + Fix icon fall-back for extensions. + Fix a critical when an image does not have any meta-data. + Fix GPS coordinate link in extended information for western longitudes. ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-coredump systemd-logger systemd-sysvinit udev - Import commit a67b516d49115a5be0f2ac27a2874cee6c59a7ae f8457adf9d emergency: make sure console password agents don't interfere with the emergency shell b8bbb50634 man: document that 'nofail' also has an effect on ordering a5410b2229 journald: take leading spaces into account in syslog_parse_identifier b793c312c7 journal: do not remove multiple spaces after identifier in syslog message f9595f0481 syslog: fix segfault in syslog_parse_priority() d464f06934 journal: fix syslog_parse_identifier() e70422883a socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails (bsc#991901) ==== texlive ==== - Add patch source-bsc1109673.dif to fix bsc#1109673 for CVE-2018-17407 which is about buffer overflow in the handling of Type 1 fonts allowing arbitrary code execution ==== vim ==== Version update (8.1.0401 -> 8.1.0436) Subpackages: gvim vim-data vim-data-common - Updated to revision 436, fixes the following problems * Can't get swap name of another buffer. * The DiffUpdate event isn't triggered for :diffput. * Header file missing from distribution. * Accessing invalid memory with long argument name. * Too many #ifdefs for GTK. * Several command line arguments are not tested. * Quickfix code mixes using the stack and a list pointer. * Startup test fails on MS-Windows. * The ex_copen() function is too long. * Renamed file missing from distribution. * Cannot build with GTK 2.4. * Test output is duplicated or missing. * v:option_old and v:option_new are cleared when using :set in OptionSet autocmd. * Not actually using 16 colors with vtp. * Sort doesn't report deleted lines. * Several command line arguments are not tested. * ml_get error and crash with appendbufline(). * Accessing invalid memory in SmcOpenConnection(). * The qf_jump() function is too long. * Compiler warning for signed/unsigned. * Mapping can obtain text from inputsecret * copy_loclist() is too long. * Cursorline highlight not removed in some situation. * Can get the text of inputsecret() with getcmdline() ==== xorg-x11-fonts ==== Subpackages: xorg-x11-fonts-core - make font Provides noarch; it was wrong from the beginning (boo#1110020 ==== xorg-x11-libX11-ccache ==== - make package arch again (boo#1110020)