Packages changed: SDL2 accountsservice enchant gdm gnome-session gnome-shell ilmbase (2.4.0 -> 2.4.1) iso-codes (4.1 -> 4.4) kdiagram (2.6.2 -> 2.6.3) libsecret (0.20.1 -> 0.20.3) libssh (0.9.3 -> 0.9.4) libtirpc (1.2.5 -> 1.2.6) noto-coloremoji-fonts (20191119 -> 20200408) open-iscsi openbabel openexr (2.4.0 -> 2.4.1) perl-libwww-perl (6.43 -> 6.44) php7 (7.4.4 -> 7.4.5) poppler (0.86.1 -> 0.87.0) poppler-qt5 (0.86.1 -> 0.87.0) python-jedi (0.16.0+git55.17b3611c -> 0.17.0) remmina (1.4.2 -> 1.4.3) skopeo (0.1.41 -> 0.2.0) systemd (244 -> 245) virtualbox (6.1.4 -> 6.1.6) vlc (3.0.8 -> 3.0.9.2) webkit2gtk3 (2.28.0 -> 2.28.1) xen (4.13.0_11 -> 4.13.0_12) xfsprogs (5.5.0 -> 5.6.0) === Details === ==== SDL2 ==== - Restore libSDL2main.a, patching it out was not easily possible. ==== accountsservice ==== Subpackages: accountsservice-lang libaccountsservice0 typelib-1_0-AccountsService-1_0 - Apply as-fate318433-prevent-same-account-multi-logins.patch to Leap. ==== enchant ==== Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2 - Enable aspell support on SLE to synchronize with Leap. ==== gdm ==== Subpackages: gdm-lang gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Add gdm-look-for-session-based-on-pid-first.patch: Look for session based on pid first, then fall back to the uid based approach (bsc#1159950, glgo#GNOME/gdm#526). ==== gnome-session ==== Subpackages: gnome-session-core gnome-session-default-session gnome-session-lang gnome-session-wayland - Add gnome-session-error-numbers-wrong.patch: Remove erron in log 'gnome-session-c[4905]: Error creating FIFO: File exists' (bsc#1169165 glgo!GNOME/gnome-session#42). ==== gnome-shell ==== Subpackages: gnome-shell-calendar gnome-shell-lang - Update gnome-shell-disable-ibus-when-not-installed.patch: Remove error in journal log(bsc#1169029). ==== ilmbase ==== Version update (2.4.0 -> 2.4.1) Subpackages: libHalf-2_4-24 libIex-2_4-24 libIlmThread-2_4-24 - version update to 2.4.1 * Various fixes for memory leaks and invalid memory accesses * Various fixes for integer overflow with large images. * Various cmake fixes for build/install of python modules. * ImfMisc.h is no longer installed, since it's a private header. - deleted patches - Fix-the-symlinks-creation.patch (upstreamed) ==== iso-codes ==== Version update (4.1 -> 4.4) Subpackages: iso-codes-lang - Update to version 4.4: * Plenty of changes - see provided ChangeLog.md for details - Update source url ==== kdiagram ==== Version update (2.6.2 -> 2.6.3) Subpackages: libKChart2 libKGantt2 libkchart-lang libkgantt-lang - Update to 2.6.3 * KChart: Mark layout as dirty when painting a rect != geometry() ==== libsecret ==== Version update (0.20.1 -> 0.20.3) Subpackages: libsecret-1-0 libsecret-lang typelib-1_0-Secret-1 - Update to version 0.20.3: + secret-file-backend: Fix use-after-free in flatpak. + docs: Add man subdir only if manpage is enabled. - Update to version 0.20.2: + secret-file-collection: force little-endian in GVariant. + Prefer g_info() over g_message(). + meson: Don't specify shared_library(). + docs: Make sure to set install: true. - Rename sub-package libsecret-tools to secret-tool: Align with the actual binary provided and remove a rpmlint warning. Add Provides and Obsoletes to ease upgrades for our end-users. - Drop Group tag from spec. ==== libssh ==== Version update (0.9.3 -> 0.9.4) Subpackages: libssh-config libssh4 - Update to version 0.9.4 * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ ==== libtirpc ==== Version update (1.2.5 -> 1.2.6) Subpackages: libtirpc-netconfig libtirpc3 libtirpc3-32bit - Update to libtirpc 1.2.6 - Drop patches all patches backported from this release (0001-Add-authdes_seccreate-stub.patch, 0001-Avoid-multiple-definiton-with-gcc-fno-common.patch) ==== noto-coloremoji-fonts ==== Version update (20191119 -> 20200408) - Update to v2020-04-08-unicode12_1 * Emoji 12.1 svg & png files ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Updated service_del_preun and service_del_postun for iscsi and iscsiuio packges in SPEC file, so that services get started/ stopped in the correct order, and changed systemd macros so that iscsi login service iscsi.service is not restarted during package upgrade (bsc#1166650) ==== openbabel ==== - Modernise spec file - Drop old conditionals - Use ninja as builder - Build only python3 bindings ==== openexr ==== Version update (2.4.0 -> 2.4.1) - version update to 2.4.1 * Various fixes for memory leaks and invalid memory accesses * Various fixes for integer overflow with large images. * Various cmake fixes for build/install of python modules. * ImfMisc.h is no longer installed, since it's a private header. - deleted patches - Fix-the-symlinks-creation.patch (upstreamed) ==== perl-libwww-perl ==== Version update (6.43 -> 6.44) - updated to 6.44 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.44 2020-04-14 19:37:45Z - Support basic authentication charset per RFC 7617 (GH#339) (Ville Skytt) - Fixed POD mistake. (GH PR#338. Sebastian Paaske Tørholm) ==== php7 ==== Version update (7.4.4 -> 7.4.5) Subpackages: apache2-mod_php7 php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - updated to 7.4.5: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.5 ==== poppler ==== Version update (0.86.1 -> 0.87.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - Update to version 0.87.0: + core: - Fix crashes due to inconsistent vtables for Clang builds - Fix leak in broken files - Internal code improvements + qt5: - Add option to get form choice for export value - ArthurOutputDev: Avoid division by zero in updateLineDash + glib: Internal code improvements + utils: pdftohtml: Fix memory leak in HtmlOutputDev::getLinkDest - Bump poppler_sover following upstream changes. ==== poppler-qt5 ==== Version update (0.86.1 -> 0.87.0) - Update to version 0.87.0: + core: - Fix crashes due to inconsistent vtables for Clang builds - Fix leak in broken files - Internal code improvements + qt5: - Add option to get form choice for export value - ArthurOutputDev: Avoid division by zero in updateLineDash + glib: Internal code improvements + utils: pdftohtml: Fix memory leak in HtmlOutputDev::getLinkDest - Bump poppler_sover following upstream changes. ==== python-jedi ==== Version update (0.16.0+git55.17b3611c -> 0.17.0) - Update to v0.17.0 * Added ``Project`` support. This allows a user to specify which folders Jedi should work with. * Added support for Refactoring. The following refactorings have been implemented: ``Script.rename``, ``Script.inline``, ``Script.extract_variable`` and ``Script.extract_function``. * Added ``Script.get_syntax_errors`` to display syntax errors in the current script. * Added code search capabilities both for individual files and projects. The new functions are ``Project.search``, ``Project.complete_search``, ``Script.search`` and ``Script.complete_search``. * Added ``Script.help`` to make it easier to display a help window to people. Now returns pydoc information as well for Python keywords/operators. This means that on the class keyword it will now return the docstring of Python's builtin function ``help('class')``. * The API documentation is now way more readable and complete. Check it out under https://jedi.readthedocs.io. A lot of it has been rewritten. * Removed Python 3.4 support * Many bugfixes - back to regular releases, no git service needed anymore - jedi-pr1543-sorttest.patch gh#davidhalter/jedi#1543 ==== remmina ==== Version update (1.4.2 -> 1.4.3) Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp - Update to release 1.4.3 * KB grabbing fixes (mostly for Wayland) * Adding Freerdp 3 compile option and using FreeRDP tag 2.0.0 as default * Adding remmina terminal dependencies * Updated translations ==== skopeo ==== Version update (0.1.41 -> 0.2.0) - Update to skopeo v0.2.0: - Update on #834: force runc only when cgroupsv1 - Update docs/skopeo.1.md - Add example with repository - Skopeo should support for BigFilesTemporaryDir (SystemContext) - Use fully-qualified image names - Add support for REGISTRY_AUTH_FILE - Partial image encryption support - Remove the list_tags integration test since it does not cover much not already tested by the upstream container/images repo or local unit tests - Updates based on code review to simplify logic and tests - Fix inconsistency in manpage example for list-tags - Adds "list-tags" command to list tags with no known tag required ==== systemd ==== Version update (244 -> 245) Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-container systemd-doc systemd-lang systemd-logger systemd-sysvinit udev - Switch back to the hybrid hierarchy Unfortunately Kubernetes and runc are not yet ready for cgroupsv2. Let's reconsider the unified hierarchy in a couple of months. - Import commit c5aa158173ced05201182d1cc18632a25cf43b94 (merge v245.4) - Add 0001-meson-fix-build-of-udev-path_id_compat-builtin-with-.patch - Import commit 31f82b39c811b4f731c80c2c2e7c56a0ca924a5b (merge v245.2) d1d3f2aa15 docs: Add syntax for templated units to systemd.preset man page 3c69813c69 man: add a tiny bit of markup bf595e788c home: fix segfault when parsing arguments in PAM module e110f4dacb test: wait a bit after starting the test service e8df08cfdb fix journalctl regression (#15099) eb3a38cc23 NEWS: add late note about job trimming issue 405f0fcfdd systemctl: hide the 'glyph' column when --no-legend is requested 1c7de81f89 format-table: allow hiding a specific column b7f2308bda core: transition to FINAL_SIGTERM state after ExecStopPost= 2867dfbf70 journalctl: show duplicate entries if they are from the same file (#14898) [...] - Upgrade to v245 (commit 74e2e834b4282c9bbdc12014f6ccf8d86e542b8d) See https://github.com/openSUSE/systemd/blob/SUSE/v245/NEWS for details. The new tools provided by systemd repart, userdb, homed, fdisk, pwquality, p11kit feature have been disabled for now as they require reviews first. Default to the "unified" cgroup hierarchy. Indeed most prominent users of cgroup (such as libvirt, kubic) should be ready for such change. It's still possible to switch back to the old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0" option to the kernel command line though. Added 0001-Revert-job-Don-t-mark-as-redundant-if-deps-are-relev.patch: upstream commit 097537f07a2fab3cb73aef7bc59f2a66aa93f533 has been reverted for now on as it introduced a behavior change which has impacted plymouth at least. - add systemd-network-generator.service file together with systemd-network-generator binary ==== virtualbox ==== Version update (6.1.4 -> 6.1.6) Subpackages: virtualbox-guest-tools virtualbox-guest-x11 virtualbox-kmp-default - Version bump to 6.1.6 (released April 14 2020 by Oracle) This version fixes bsc#1169249, bsc#1169202, and bsc#1166782. This is a maintenance release. The following items were fixed and/or added: GUI: Multiple enhancements including visual elements updates Graphics: Fixed monitor resizing and multi-monitor handling bugs on X11 guests with VMSVGA graphics adapter Graphics: Enhancements in 2D and 3D acceleration and rendering USB: Multiple enhancements improving prformance and stability Serial port: Improve error handling and fix hang when host port disappears VBoxManage: Multiple fixes for guestcontrol operations API: Fix for exception handling bug in Python bindings Shared clipboard: Multiple fixes including possible crash and HTML data support Linux host and guest: Support Linux kernel 5.6 (bug #19312) File "VirtualBox-6.1.4-VBoxClient-vmsvga-x11-crash.patch" removed - fixed upstream. File "fixes_for_5.6.patch" removed - fixed upstream. File "change_default_display.patch" removed - fixed upstream. - Fix bug that deletes everything in ~/.vbox/ - Fix builds for kernel 5.7. File "fixes_for_5.7.patch" is added. ==== vlc ==== Version update (3.0.8 -> 3.0.9.2) Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau - Update to version 3.0.9.2: + Misc: Properly bump the version in configure.ac. - Changes from version 3.0.9.1: + Misc: Fix VLSub returning 401 for earch request. - Changes from version 3.0.9: + Core: Work around busy looping when playing an invalid item through VLM. + Access: * Multiple dvdread and dvdnav crashs fixes * Fixed DVD glitches on clip change * Fixed dvdread commands/data sequence inversion in some cases causing unwanted glitches * Better handling of authored as corrupted DVD * Added libsmb2 support for SMB2/3 shares + Demux: * Fix TTML entities not passed to decoder * Fixed some WebVTT styling tags being not applied * Misc raw H264/HEVC frame rate fixes * Fix adaptive regression on TS format change (mostly HLS) * Fixed MP4 regression with twos/sowt PCM audio * Fixed some MP4 raw quicktime and ms-PCM audio * Fixed MP4 interlacing handling * Multiple adaptive stack (DASH/HLS/Smooth) fixes * Enabled Live seeking for HLS * Fixed seeking in some cases for HLS * Improved Live playback for Smooth and DASH * Fixed adaptive unwanted end of stream in some cases * Faster adaptive start and new buffering control options + Packetizers: * Fixes H264/HEVC incomplete draining in some cases * packetizer_helper: Fix potential trailing junk on last packet * Added missing drain in packetizers that was causing missing last frame or audio * Improved check to prevent fLAC synchronization drops + Decoder: * avcodec: revector video decoder to fix incomplete drain * spudec: implemented palette updates, fixing missing subtitles on some DVD * Fixed WebVTT CSS styling not being applied on Windows/macOS * Fixed Hebrew teletext pages support in zvbi * Fixed Dav1d aborting decoding on corrupted picture * Extract and display of all CEA708 subtitles * Update libfaad to 2.9.1 * Add DXVA support for VP9 Profile 2 (10 bits) * Mediacodec aspect ratio with Amazon devices + Audio output: * Added support for iOS audiounit audio above 48KHz * Added support for amem audio up to 384KHz + Video output: * Fix for opengl glitches in some drivers * Fix GMA950 opengl support on macOS * YUV to RGB StretchRect fixes with NVIDIA drivers * Use libpacebo new tone mapping desaturation algorithm + Text renderer: * Fix crashes on macOS with SSA/ASS subtitles containing emoji * Fixed unwanted growing background in Freetype rendering and Y padding + Mux: Fixed some YUV mappings + Service Discovery: Update libmicrodns to 0.1.2. + Misc: * Update YouTube, SoundCloud and Vocaroo scripts: this restores playback of YouTube URLs. * Add missing .wpl & .zpl file associations on Windows * Improved chromecast audio quality + Updated translations. - Drop patches that have been merged upstream: D 0001-Fix-leaking-AvahiServiceResolver-in-the-error-paths.patch D 0002-Add-Avahi-implementation-for-chromecast-renderer-dis.patch D reproducible.patch ==== webkit2gtk3 ==== Version update (2.28.0 -> 2.28.1) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.28.1 (boo#1169658): + Fix position of default option element popup windows under Wayland. + Fix rendering after a cross site navigation with PSON enabled and hardware acceleration forced. + Fix a crash in nested wayland compositor when closing a tab with PSON enabled. + Update Chrome and Firefox versions in user agent quirks. + Fix a crash with bubblewrap sandbox enabled. + Fix a crash in JavaScriptCore in ppc64el. + Fix the build with GStreamer 1.12. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-11793. - Drop webkit2gtk3-gstreamer-build-fix.patch: Fixed upstream. - Add webkit2gtk3-gstreamer-build-fix.patch: fix build with gstreamer 1.12 (webkit#209296). - Rebase webkit-process.patch. - Use WebKit defaults for ENABLE_JIT and USE_SYSTEM_MALLOC, except for aarch64. WebKit now sets reasonable defaults based on architecture. Disable on aarch64 in case a user is still using the kernel-64kb package. - Use bubblewrap, xdg-dbus-proxy, wpe, and wpebackend-fdo on 15.2; they had been unintentionally excluded. - Increase mem_per_process; otherwise fails on SLE/Leap. ==== xen ==== Version update (4.13.0_11 -> 4.13.0_12) Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation handling in GNTTABOP_copy (XSA-318) 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch - bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch - bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing memory barriers in read-write unlock paths 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch - bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error path in GNTTABOP_map_grant 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch - bsc#1167152 - L3: Xenstored Crashed during VM install Need Core analyzed 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch - Drop for upstream solution (bsc#1165206) 01-xen-credit2-avoid-vcpus-to.patch default-to-credit1-scheduler.patch - Upstream bug fixes (bsc#1027519) 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch ==== xfsprogs ==== Version update (5.5.0 -> 5.6.0) Subpackages: libhandle1 xfsprogs-scrub - update to v5.6.0: * xfs_scrub: don't set WorkingDirectory in systemd job * xfsprogs: fix silently broken option parsing * xfsprogs: various minor Coverity fixes * xfs_repair: fix dir_read_buf use of libxfs_da_read_buf * libxfs: check retval of device flush when closing * xfs_io: set exitcode on failure appropriately * libxfs changes merged from kernel 5.6