Changed packages: ==== libdirectfb-1_7-7 ==== - Do not BuildRequire udev: there is no need to do so. ==== ModemManager ==== Subpackages: ModemManager-devel libmm-glib0 typelib-1_0-ModemManager-1_0 - Add explicit pkgconfig(udev) BuildRequires: we need it to define %{_udevdir}. ==== MozillaThunderbird ==== Version update (38.1.0 -> 38.2.0) Subpackages: MozillaThunderbird-translations-common - update to Thunderbird 38.2.0 (bnc#940806) * MFSA 2015-79/CVE-2015-4473 Miscellaneous memory safety hazards * MFSA 2015-80/CVE-2015-4475 (bmo#1175396) Out-of-bounds read with malformed MP3 file * MFSA 2015-82/CVE-2015-4478 (bmo#1105914) Redefinition of non-configurable JavaScript object properties * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493 Overflow issues in libstagefright * MFSA 2015-84/CVE-2015-4481 (bmo1171518) Arbitrary file overwriting through Mozilla Maintenance Service with hard links (only affected Windows) * MFSA 2015-85/CVE-2015-4482 (bmo#1184500) Out-of-bounds write with Updater and malicious MAR file (does not affect openSUSE RPM packages which do not ship the updater) * MFSA 2015-87/CVE-2015-4484 (bmo#1171540) Crash when using shared memory in JavaScript * MFSA 2015-88/CVE-2015-4491 (bmo#1184009) Heap overflow in gdk-pixbuf when scaling bitmap images * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148) Buffer overflows on Libvpx when decoding WebM video * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489 Vulnerabilities found through code inspection * MFSA 2015-92/CVE-2015-4492 (bmo#1185820) Use-after-free in XMLHttpRequest with shared workers ==== NetworkManager ==== Version update (1.0.2 -> 1.0.4) Subpackages: NetworkManager-devel libnm-glib-vpn1 libnm-glib4 libnm-util2 libnm0 typelib-1_0-NM-1_0 typelib-1_0-NMClient-1_0 typelib-1_0-NetworkManager-1_0 - Toggle with_cacert_patch to 1: the patch has been rebased. - Change nfs dispatcher-script to be more reliable in mixed ip v4 v6 environments. - Rebase nm-probe-radius-server-cert.patch for 1.0.4 (bsc#938198). - Add explicit pkgconfig(udev) BuildRequires: we need it to define %{_udevdir}. - Update to version 1.0.4: + The MTU setting from an IPv6 neighbor discovery Router Advertisements is now ignored if applying it would result in invalid configuration. + Some configuration options can now be changed without restarting the daemon. Notably, this applies to 'dns', 'connectivity' and 'ignore-carrier' settings. + The connection activation was made more robust. If an active connection is reactivated, the device it's active on takes precedence. If an attempt is made to activate a connection on a different device than it is active on, the activation proceeds removing the connection from the active device. + The device specifiers in configuration files now support negation via 'except:' match. + Devices that only have IPv6 link-local address are no longer assumed to be connected. + nmcli now provides hints and tab-completion for enumeration properties. + If the IPv6 interface tokens are set they are honored when creating an interface identifier for IPv6 addressing. + NetworkManager now maintains correct routing configuration when multiple interfaces are connected to the same network. + The management of devices can now be controlled with udev rules. The veth devices as well as the virtual Ethernet devices of various virtualization tools (VMWare, VirtualBox, Parallels Workstation) are now ignored by default. + The IPv6 privacy extensions are now enabled by default and handling of the ip6-privacy sysctl has been improved. + Activating a Bond, Bridge or Team device can now optionally activate the slave connections as well. The behavior is controlled with 'connection.autoconnect-slaves' property. + The platform support code has been refactored, resulting in better scalability in large configurations. + Changes to network interfaces configuration done outside NetworkManager are now picked up and exposed to the user via NetworkManager API and tools. + A connection can now optionally leave externally configured default route in place instead of overriding it. The behavior is controlled with 'ipv4.never-default' and 'ipv6.never-default' properties. + Multiple crasher and memory leak bugs in the daemon were fixed. + Multiple bugs that could cause the client tools to hang or crash were fixed. + nmcli allows multiple devices for 'nmcli device disconnect/delete'. + Firewall zone is added to firewalld for device-based VPN connections too. - Toggle with_cacert_patch to 0: the Radius CA patch neeeds to be reworked. Wrap applying the patch into a with_cacert_patch condition, to make enabling/disabling a one-stop change. ==== NetworkManager-gnome ==== Version update (1.0.2 -> 1.0.4) Subpackages: libnm-gtk0 typelib-1_0-NMGtk-1_0 - Toggle with_cacert_patch to 1: the patch has been rebased. - Update to version 1.0.4: + Setting MTU for a bond device is now supported. + Connecting to a wireless network from the NetworkManager applet no longer results in an attempt to create system-wide connections. This fixes the ability to connect to a wireless network for non-privileged user. + The master interface name is used instead of master connection UUID for slave connections created with nm-connection-editor. This fixes compatibility of the ifcfg configuration files with the legacy network service. + It is now possible to specify an interface name instead of a MAC address when editing a connection using nm-connection-editor. + The WWAN connections now have IPv6 enabled by default. + libnm-gtk includes functions for password storage selection, which eases implementation of password GUI for VPN plugins and other users. - Rebase nm-applet-probe-radius-server-cert.patch and nm-applet-probe-radius-server-cert.patch. - Toggle with_cacert_patch to 0: the cacert patch is currently disabled in NetworkManager (boo#938198). ==== alsa ==== Subpackages: alsa-devel libasound2 libasound2-32bit - Backport upstream fixes: surround41/50 chmap fix, UCM documents, config string fix, PCM timestamp query API, replacement of list.h with LGPL: 0023-surround41-50.conf-Use-chmap-syntax-for-better-flexi.patch 0024-ucm-docs-fix-doxygen-exclude-patch-for-UCM-local-hea.patch 0025-ucm-docs-Fix-doxygen-formatting-for-UCM-main-page.patch 0026-docs-Add-UCM-link-to-main-doxygen-page.patch 0027-Replace-unsafe-characters-with-_-in-card-name.patch 0028-pcm-add-helper-functions-to-query-timestamping-capab.patch 0029-pcm-add-support-for-get-set_audio_htstamp_config.patch 0030-pcm-add-support-for-new-STATUS_EXT-ioctl.patch 0031-test-fix-audio_time-with-new-get-set-audio_tstamp_co.patch 0032-test-audio_time-show-report-validity-and-accuracy.patch 0033-pcm-restore-hw-params-on-set-latency-failed.patch 0034-Replace-list.h-with-its-own-version.patch - Backport topology API addition patches: 0035-topology-uapi-Add-UAPI-headers-for-topology-ABI.patch 0036-topology-Add-topology-core-parser.patch 0037-topology-Add-text-section-parser.patch 0038-topology-Add-PCM-parser.patch 0039-topology-Add-operations-parser.patch 0040-topology-Add-private-data-parser.patch 0041-topology-Add-DAPM-object-parser.patch 0042-topology-Add-CTL-parser.patch 0043-topology-Add-Channel-map-parser.patch 0044-topology-Add-binary-file-builder.patch 0045-topology-autotools-Add-build-support-for-topology-co.patch 0046-topology-doxygen-Add-doxygen-support-for-topology-co.patch 0047-conf-topology-Add-topology-file-for-broadwell-audio-.patch 0048-topology-Fix-missing-inclusion-of-ctype.h.patch 0049-topology-Fix-typos.patch - Enable autoreconf call to regenerate after patching - Change libudev-devel BuildRequires to pkgconfig(udev): makes us less prone to packaging changes, and in the end udev.pc is exactly what we need to define _udevdir. ==== alsa-utils ==== - Suppress alsactl invocation on systems without sound cards (bsc#940950): 0009-alsactl-Add-path-condition-to-alsa-store-and-alsa-re.patch - Upstream patch to add -S option to speaker-test 0007-speaker-test-Add-option-to-specify-signal-scale.patch - Upstream patch to add alsatplg parser program 0008-topology-Add-command-line-topology-tool-to-build-top.patch - Reenable autoreconf call to regenerate after patching - Change libudev-devel BuildRequires to pkgconfig(udev): makes us less prone to packaging changes, and in the end udev.pc is exactly what we need to define _udevdir. ==== autofs ==== Version update (5.1.0 -> 5.1.1) - autofs.service: Use KillMode=mixed so "KillSignal" (SIGTERM) is only sent to the main process and if still does not exit after "TimeoutStopSec" then "SendSIGKILL" is sent to all remaining processes of the unit's control group. This is the desired behaviour for almost all daemons that execute foreign programs. - update to version 5.1.1: * fix compile error in defaults.c * add serialization to sasl init * dont allocate dev_ctl_ops too early * fix incorrect round robin host detection * fix race accessing qdn in get_query_dn() * fix leak in cache_push_mapent() * fix config entry read buffer not checked * fix FILE pointer check in defaults_read_config() * fix memory leak in conf_amd_get_log_options() * fix signed comparison in inet_fill_net() * fix buffer size checks in get_network_proximity() * fix leak in get_network_proximity() * fix buffer size checks in merge_options() * check amd lex buffer len before copy * add return check in ldap check_map_indirect() * check host macro is set before use * check options length before use in parse_amd.c * fix some out of order evaluations in parse_amd.c * fix copy and paste error in dup_defaults_entry() * fix leak in parse_mount() * add mutex call return check in defaults.c * force disable browse mode for amd format maps * fix hosts map options check in lookup_amd_instance() * fix memory leak in create_client() * fix memory leak in get_exports() * fix memory leak in get_defaults_entry() * fix out of order clearing of options buffer * fix reset amd lexer scan buffer * ignore multiple commas in options strings * fix typo in flagdir configure option * clarify multiple mounts description * gaurd against incorrect umount return * update man page autofs(8) for systemd * dont pass sloppy option for other than nfs mounts * make service want network-online * fix fix master map type check * init qdn before use in get_query_dn() * fix typo in update_hosts_mounts() * fix hosts map update on reload * make negative cache update consistent for all lookup modules * ensure negative cache isn't updated on remount * dont add wildcard to negative cache * add a prefix to program map stdvars * add config option to force use of program map stdvars * fix incorrect check in parse_mount() * handle duplicates in multi mounts * revert special case cifs escapes * fix map option parsing for 'strictatime' * fix showmount search in auto.net * remove obsolete comment in auto.net * fix macro usage in lookup_program.c * fix gcc5 complaints * remove unused offset handling code * fix mount as you go offset selection * link daemon with pthread library (Debian patch) * manpage corrections (Debian patch) * fix manpages hyphenation (Debian patch). - ported patches: * autofs-5.1.0-dbus-udisks-monitor.patch -> autofs-5.1.1-dbus-udisks-monitor.patch * autofs-debuginfo-fix.patch -> autofs-5.1.1-debuginfo-fix.patch * autofs-5.0.9-suse-auto_master_default.patch -> autofs-5.1.1-suse-auto_master_default.patch * autofs-5.0.9-task-use-after-free.patch -> autofs-5.1.1-task-use-after-free.patch - remove patches that are now upstream: * autofs-5.1.0-dont-pass-sloppy-option-for-other-than-nfs-mounts.patch * autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch * autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch * autofs-5.1.0-gcc5-fixes.patch ==== binutils ==== Subpackages: binutils-devel - Disable use-hashtype-both-by-default.diff for the mips target, it's incompatible with it. [bnc #938658] - Add cross-rx-binutils package for Renesas RX - Work around qemu bug - Update to 2.25 branch at 2f5b97b4f (changes binutils-2.25-branch.diff.gz) fixes PR 18481, gas/18541. - Add patches for s390 z13 support (backports from to-be 2.26): 0001-S-390-Add-support-for-IBM-z13.patch 0002-S-390-Add-check-for-length-field-operand.patch 0003-S-390-Add-more-IBM-z13-instructions.patch 0004-S-390-Fixes-for-z13-instructions.patch 0005-S-390-z13-use-GNU-attribute-to-indicate-vector-ABI.patch . - Fix %TARGET vs. $TARGET_OS inconsistencies by turning $TARGET_OS into %TARGET_OS for reuse in install and file sections. This fixes the assumption that $TARGET_OS will match %{TARGET}*. - enable gold for aarch64 - Move sed call from %prep to %build to not disturb quilt. - Add binutils-2.25-branch.diff.gz: Update to 2.25 branch at 8fe8994c, fixing many bugs: PR ld/15228, binutils/17512, 17165, binutils/17531, ld/17615, 17666, ld/17709, gas/17753, 17755, 17817, ld/17827, 17842, binutils/17926, 17954, 18010, ld/18167, ld/18222, ld/18270. - Remove eh-frame-hdr-on-shared-lib-bfd.patch: Included already. - Remove gold-opd-visibility.patch: Included already. - move info deinstall to preun section - Added binutils-fix--dynamic-list.patch: Fixes https://sourceware.org/bugzilla/show_bug.cgi?id=13577 and https://sourceware.org/bugzilla/show_bug.cgi?id=16992 ==== biosdevname ==== - Add missed build require on pkgconfig udev ==== bluez ==== Version update (5.32 -> 5.33) Subpackages: bluez-cups bluez-devel libbluetooth3 - update to version 5.33: This release contains mostly bugfixes, particularly in areas such as the audio plugin, GATT and OBEX. The main feature additions are in the the emulator code which received improvelents to LE features. There?s also a new tool for testing the recently released Eddystone protocol from Google. ==== coreutils ==== Version update (8.23 -> 8.24) - Sync I18N patch from semi-official repository (shared among distributions, maintained by Padraig Brady): https://github.com/pixelb/coreutils/tree/i18n * coreutils-i18n.patch: Improve cut(1) performance in field-mode in UTF8 locales. Squash in sort-keycompare-mb.patch. * sort-keycompare-mb.patch: Remove. - coreutils-build-timeout-as-pie.patch: Refresh. - Update to 8.24: * * Bug fixes * dd supports more robust SIGINFO/SIGUSR1 handling for outputting statistics. Previously those signals may have inadvertently terminated the process. * df --local no longer hangs with inaccessible remote mounts. [bug introduced in coreutils-8.21] * du now silently ignores all directory cycles due to bind mounts. Previously it would issue a warning and exit with a failure status. [bug introduced in coreutils-8.1 and partially fixed in coreutils-8.23] * chroot again calls chroot(DIR) and chdir("/"), even if DIR is "/". This handles separate bind mounted "/" trees, and environments depending on the implicit chdir("/"). [bugs introduced in coreutils-8.23] * cp no longer issues an incorrect warning about directory hardlinks when a source directory is specified multiple times. Now, consistent with other file types, a warning is issued for source directories with duplicate names, or with -H the directory is copied again using the symlink name. * factor avoids writing partial lines, thus supporting parallel operation. [the bug dates back to the initial implementation] * head, od, split, tac, tail, and wc no longer mishandle input from files in /proc and /sys file systems that report somewhat-incorrect file sizes. * mkdir --parents -Z now correctly sets the context for the last component, even if the parent directory exists and has a different default context. [bug introduced with the -Z restorecon functionality in coreutils-8.22] * numfmt no longer outputs incorrect overflowed values seen with certain large numbers, or with numbers with increased precision. [bug introduced when numfmt was added in coreutils-8.21] * numfmt now handles leading zeros correctly, not counting them when settings processing limits, and making them optional with floating point. [bug introduced when numfmt was added in coreutils-8.21] * paste no longer truncates output for large input files. This would happen for example with files larger than 4GiB on 32 bit systems with a '\n' character at the 4GiB position. [the bug dates back to the initial implementation] * rm indicates the correct number of arguments in its confirmation prompt, on all platforms. [bug introduced in coreutils-8.22] * shuf -i with a single redundant operand, would crash instead of issuing a diagnostic. [bug introduced in coreutils-8.22] * tail releases inotify resources when unused. Previously it could exhaust resources with many files, or with -F if files were replaced many times. [bug introduced in coreutils-7.5] * tail -f again follows changes to a file after it's renamed. [bug introduced in coreutils-7.5] * tail --follow no longer misses changes to files if those files were replaced before inotify watches were created. [bug introduced in coreutils-7.5] * tail --follow consistently outputs all data for a truncated file. [bug introduced in the beginning] * tail --follow=name correctly outputs headers for multiple files when those files are being created or renamed. [bug introduced in coreutils-7.5] * * New features * chroot accepts the new --skip-chdir option to not change the working directory to "/" after changing into the chroot(2) jail, thus retaining the current wor- king directory. The new option is only permitted if the new root directory is the old "/", and therefore is useful with the --group and --userspec options. * dd accepts a new status=progress level to print data transfer statistics on stderr approximately every second. * numfmt can now process multiple fields with field range specifications similar to cut, and supports setting the output precision with the --format option. * split accepts a new --separator option to select a record separator character other than the default newline character. * stty allows setting the "extproc" option where supported, which is a useful setting with high latency links. * sync no longer ignores arguments, and syncs each specified file, or with the - -file-system option, the file systems associated with each specified file. * tee accepts a new --output-error option to control operation with pipes and output errors in general. * * Changes in behavior * df no longer suppresses separate exports of the same remote device, as these are generally explicitly mounted. The --total option does still suppress duplicate remote file systems. [suppression was introduced in coreutils-8.21] * mv no longer supports moving a file to a hardlink, instead issuing an error. The implementation was susceptible to races in the presence of multiple mv instances, which could result in both hardlinks being deleted. Also on case insensitive file systems like HFS, mv would just remove a hardlinked 'file' if called like `mv file File`. The feature was added in coreutils-5.0.1. * numfmt --from-unit and --to-unit options now interpret suffixes as SI units, and IEC (power of 2) units are now specified by appending 'i'. * tee will exit early if there are no more writable outputs. * tee does not treat the file operand '-' as meaning standard output any longer, for better conformance to POSIX. This feature was added in coreutils-5.3.0. * timeout --foreground no longer sends SIGCONT to the monitored process, which was seen to cause intermittent issues with GDB for example. * * Improvements * cp,install,mv will convert smaller runs of NULs in the input to holes, and cp --sparse=always avoids speculative preallocation on XFS for example. * cp will read sparse files more efficiently when the destination is a non regular file. For example when copying a disk image to a device node. * mv will try a reflink before falling back to a standard copy, which is more efficient when moving files across BTRFS subvolume boundaries. * stat and tail now know about IBRIX. stat -f --format=%T now reports the file system type, and tail -f uses polling for files on IBRIX file systems. * wc -l processes short lines much more efficiently. * References from --help and the man pages of utilities have been corrected in various cases, and more direct links to the corresponding online documentation are provided. - Patches adapted because of changed sources: coreutils-disable_tests.patch coreutils-i18n.patch coreutils-misc.patch coreutils-ocfs2_reflinks.patch coreutils-remove_hostname_documentation.patch coreutils-remove_kill_documentation.patch coreutils-skip-gnulib-test-tls.patch coreutils-tests-shorten-extreme-factor-tests.patch sort-keycompare-mb.patch - Patches removed because they're included in 8.24: coreutils-chroot-perform-chdir-unless-skip-chdir.patch coreutils-df-doc-df-a-includes-duplicate-file-systems.patch coreutils-df-improve-mount-point-selection.patch coreutils-df-show-all-remote-file-systems.patch coreutils-df-total-suppress-separate-remotes.patch coreutils-doc-adjust-reference-to-info-nodes-in-man-pages.patch coreutils-fix_false_du_failure_on_newer_xfs.patch coreutils-fix-man-deps.patch coreutils-tests-aarch64-env.patch coreutils-tests-make-inotify-rotate-more-robust-and-efficient.patch coreutils-tests-rm-ext3-perf-increase-timeout.patch ==== libcorosync4 ==== - remove git files from tarball - modify corosync.spec to delete logrotate.d ==== drbd ==== Subpackages: drbd-kmp-default drbd-kmp-desktop drbd-kmp-xen - Fate#317940, merge patch set into one patch. - Support zeroout/discard-devices instead of zap-devices - New feature flag FF_DISCARD - Add patch 0001-drbd-Support-zeroout-device-in-initial-sync.patch - Remove old patch set: Patch 0000-cover-letter-fate317940.patch Patch 0001-drbd-Fix-the-wrong-logic-of-moving-history.patch Patch 0002-drbd-Add-options-zap_devices-to-new-current-uuid.patch Patch 0003-drbd-A-function-to-zero-out-drbd-backing-device.patch Patch 0004-drbd-New-packet-P_ZERO_OUT.patch Patch 0005-drbd-Functions-to-notify-peer-node-to-start.patch Patch 0006-drbd-Wapper-for-zeroing-out-device-by-worker.patch Patch 0007-drbd-Flags-for-background-drbd-device-work.patch Patch 0008-drbd-Function-to-work-with-packet-P_ZERO_OUT.patch Patch 0009-drbd-Receive-zero-out-command-from-peer-node.patch Patch 0010-drbd-Handle-new-current-uuid-zap-devices.patch ==== drbd-utils ==== - Fate#317940. Support zeroout/discard instead of zap-devices - Add patch zeroout-discard-devices.patch - Remove zap-devices-xml.patch and zap-devices.patch ==== eog ==== Version update (3.16.2 -> 3.16.3) - Update to version 3.16.3: + Fix bgo#751007: Compilation error when EXIF support disabled. + Updated translations. ==== expect ==== - Don't ship the 'weather' example anymore (fate#318342). ==== filesystem ==== - Add /usr/lib/udev/rules.d: packages installing rules don't really have to build depend on udev, it only increases their build time. - Add some systemd directories so that uuidd does not have to own them and still succeeds building in a systemd-less root. ==== gdk-pixbuf-devel ==== Version update (2.31.4 -> 2.31.6) Subpackages: gdk-pixbuf-query-loaders gdk-pixbuf-query-loaders-32bit libgdk_pixbuf-2_0-0 libgdk_pixbuf-2_0-0-32bit typelib-1_0-GdkPixbuf-2_0 - Update to version 2.31.6: + Really fix bgo#752297. This is CVE-2015-4491. + Updated translations. - Update to version 2.31.5: + Add support for g_autoptr for all object types (bgo#750497). + Avoid a possible divide-by-zero in the pixbuf loader (bgo#750440). + Remove gettext .pot file hack (bgo#743574). + Be more careful about integer overflow (bgo#752297). + Updated translations. - Drop README from docs as it is now empty. - Add generic www.gnome.org URL to silence a few lint warnings. ==== gettext-runtime ==== Subpackages: gettext-tools - Add gettext-0.19.5.1-gettextize.diff * workaround gettextize in gettext 0.19.5.1, see http://lists.gnu.org/archive/html/bug-gettext/2015-07/msg00027.html ==== glibc-32bit ==== Version update (2.21 -> 2.22) Subpackages: glibc-locale-32bit - dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64 - Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch - pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457) - glibc-nodate.patch: fix verification of timestamp - also filter out -fstack-protector-strong ==== glibc ==== Version update (2.21 -> 2.22) Subpackages: glibc-devel glibc-extra glibc-info glibc-locale nscd - dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64 - Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch - pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457) - glibc-nodate.patch: fix verification of timestamp - also filter out -fstack-protector-strong ==== gnome-system-monitor ==== - Own %{_datadir}/polkit-1/actions instead of having to depend on a full polikit installation for building. ==== install-initrd-openSUSE ==== Version update (14.190 -> 14.193) - Drop rsh dependency - 14.193 - better gawk handling - 14.192 - BuildRequire libsystemd0: help the system in deciding between libsystemd0 (meant for end users) and libsystemd0-mini (meant for OBS build environments). -mini is favoured inside OBS, but does not install on end user systems. - don't strip anything (bsc#938738) - 14.191 ==== java-1_8_0-openjdk ==== Version update (1.8.0.51 -> 1.8.0.60) Subpackages: java-1_8_0-openjdk-devel java-1_8_0-openjdk-headless - Upgrade to upstream tag jdk8u60-b27 * Release of JDK 8u60 - Removed patches: * hotspot-support-kernel-4.patch * cplusplus-interpreter.patch * signed-overflow.patch - Integrated upstream * system-giflib5.patch - Fixed differently upstream * applet-hole.patch - Not needed any more with recent versions of icedtea-web Modified patches * aarch64-misc.patch - Rediff to correspond to the new context - Added bits from aarch64-port/jdk8/jdk - Add constraints file ==== kernel-default ==== Version update (4.1.5 -> 4.1.6) Subpackages: kernel-default-devel - Linux 4.1.6. - commit 9dbe563 ==== kernel-desktop ==== Version update (4.1.5 -> 4.1.6) Subpackages: kernel-desktop-devel - Linux 4.1.6. - commit 9dbe563 ==== kernel-docs ==== Version update (4.1.5 -> 4.1.6) - Linux 4.1.6. - commit 9dbe563 ==== kernel-pv-devel ==== Version update (4.1.5 -> 4.1.6) - Linux 4.1.6. - commit 9dbe563 ==== kernel-devel ==== Version update (4.1.5 -> 4.1.6) Subpackages: kernel-macros kernel-source - Linux 4.1.6. - commit 9dbe563 ==== kernel-syms ==== Version update (4.1.5 -> 4.1.6) - Linux 4.1.6. - commit 9dbe563 ==== kernel-xen ==== Version update (4.1.5 -> 4.1.6) Subpackages: kernel-xen-devel - Linux 4.1.6. - commit 9dbe563 ==== liblash1 ==== - Add baselibs.conf as source - Add lash-glibc-2.22.patch: Fix build with glibc 2.22. getattrinfo is now only declared in _POSIX_C_SOURCE >= 200112L. ==== libdrm-devel ==== Version update (2.4.63 -> 2.4.64) Subpackages: libdrm2 libdrm2-32bit libdrm_intel1 libdrm_intel1-32bit libdrm_nouveau2 libdrm_nouveau2-32bit libdrm_radeon1 libdrm_radeon1-32bit libkms1 - Add libdrm_amdgpu1 as a requirement for libdrm-devel - Update to version 2.4.64: + amdgpu: - Improve amdgpu_vamgr_init. - Add flag to support 32bit VA address v4. - Make vamgr per device v2. + tests/amdgpu: - Include config.h first. - Remove unused local variable 'i'. + freedreno/msm: - Reorg ringbuffer struct. - Fix issue where same bo is on multiple rings. - Dump out submit info on error. + freedreno: - Add fd_pipe_wait_timeout(). - Update freedreno-symbol-check. + tests: modetest: Accept connector names in addition to connector IDs. + libdrm: - Remove gratuitous blank lines. - Make indentation consistent. - Use url to tarball as source. ==== libgphoto2-6 ==== Subpackages: libgphoto2-devel - Change udev BuildRequires for pkgconfig(udev) - use pkg-config --modversion udev instead of querying the package database. udev is often installed as udev-mini in OBS' build env, which the rpm -q udev call could not find. ==== libreoffice ==== Version update (5.0.0.5 -> 5.0.1.1) Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-calc-extensions libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-oxygen libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-ru libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreoffice-writer-extensions - Version bump to 5.0.1 rc1: * Various small fixes * Has some commits around screen rendering -> could fix kde bugs ==== liblirc0 ==== Subpackages: liblirc_client0 liblirc_driver0 lirc-devel - Do not hard depend on systemd - all macro uses support soft - Ignore absence of systemd-tmpfiles, it won't be present in the build env. ==== kpartx ==== Subpackages: multipath-tools - Make it build ==== netcfg ==== - Do not ghost the empty /etc/hostname to not break installationimages pkg. - Keep /etc/hostname empty and %ghost it. bnc#934056 ==== libvmtools0 ==== Subpackages: open-vm-tools open-vm-tools-desktop - For SLE11, the KMP is still required; the .spec file logic is now only enabled in the linked package, the 2nd spec file must not be part of the main package open-vm-tools (as Factory would immediately create the linked package, which would fail building with Linux 4.x) (boo#941384). ==== pam ==== Subpackages: pam-32bit pam-devel - Add folder /etc/security/limits.d as mentioned in 'man pam_limits' ==== libpulse-devel ==== Subpackages: libpulse-mainloop-glib0 libpulse0 libpulse0-32bit pulseaudio pulseaudio-bash-completion pulseaudio-esound-compat pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils - Add pkgconfig(udev) BuildRequires: we explicitly expect udev.pc to be present to define _udevrulesdir. ==== python-packaging ==== Version update (15.2 -> 15.3) - update to 15.3: * Normalize post-release spellings for rev/r prefixes. :issue:`35` ==== rrdtool ==== - Do not hard-depend on systemd, the macros support soft fails. - Ignore errors from useradd/groupadd - Update RPM groups - Ignore absence of systemd-tmpfiles, it won't be present in the build env. ==== rsync ==== - reintroduce "use slp" directive (bsc#922710) * added rsync-add_back_use_slp_directive.patch ==== libsnappy1 ==== Version update (1.1.1 -> 1.1.3) - Version bump to 1.1.3: * See the NEWS file for full details - Switch to distribution from github - Remove upstreamed patch: * snappy-1.1.1-random-return.patch - Add baselibs.conf: build snappy1-32bit, as needed by libqt5-qtwebengine-32bit. - Update to version 1.1.2 - This is a maintenance release with no changes to the actual library source code. * Stop distributing benchmark data files that have unclear or unsuitable licensing. * Add support for padding chunks in the framing format. ==== subversion ==== Version update (1.8.14 -> 1.9.0) Subpackages: subversion-bash-completion subversion-devel subversion-perl subversion-python subversion-server subversion-tools - Apache Subversion 1.9.0: * new FSFS format 7 with major overhaul for I/O reduction * prospective blame * FSX experimental repository back-end * many enhangements and bug fixes - subversion-devel now ships pkgconfig files - dependency changes: * serf 1.3.4 * apr, apr-utl 1.3.x * httpd 2.2.x * java 1.6 * Python 2.7 - To continue to allow building against blacklisted httpd 2.4.6 which has the required patches in openSUSE:13.1:Update, update subversion-1.8.9-allow-httpd-2.4.6.patch to subversion-1.9.0-allow-httpd-2.4.6.patch - removed upstreamed patches: * subversion-1.8.10-fix-bashisms.patch * subversion-1.8.11-swig-py-comment.patch * subversion-1.8.11-swig-py-comment-2.patch - adjust subversion-no-build-date.patch - drop subversion-1.8.14-unused-var-authnrequired.patch ==== suse-xsl-stylesheets ==== Version update (2.0.2 -> 2.0.3) Stable release 2.0.3 (only for OBS): - Schema: . Fixed #41: Missing prompt element - Stylesheets: . Fixed #18: Variablelist (with ID and Title) Lacks Permalink . Fixed #31: not declared namespace prefix d . Fixed #36: Fix Hard-Coded Bugzilla Link ("Report Bug") - Infrastructure: . no changes ==== python-cupshelpers ==== Subpackages: system-config-printer system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer - Explicitly BuildRequire pkgconfig(udev): its existence is verified in configure. ==== libwrap0 ==== Subpackages: tcpd-devel - Fix breakage of IPv6 address handling [bsc#914527, bsc#899185] Added patches: tcp_wrappers_7.6-ipv6-sockaddr-storage.patch tcp_wrappers_7.6-ipv6-subnet.diff tcp_wrappers_7.6-ipv6-host-match.patch tcp_wrappers_7.6-ipv6-mapped-v4.patch - Re-added static library ==== info ==== Version update (5.2 -> 6.0) Subpackages: makeinfo - The package texinfo now requires makeinfo of the same version to make sure that the correct Texinfo.pm is installed - libzio is able to handle lz(ma) and xz files as well - Update to 6.0 * Language: + new commands @sub and @sup, for textual subscripts and superscripts. + new command @U to insert a Unicode character by code point. * texinfo.tex: + @url/@uref output in PDF now the same as in DVI, showing the url even if the second argument is given, not just as a link target. TeX option \urefurlonlylinktrue gives previous behavior, of invisible urls. + PDF-only \linkcolor and \urlcolor specify colors (default black). * texi2any: + customization variable TOP_NODE_UP_URL now replaces all (dir) references; recommended setting for GNU packages is /manual/. + new customization variable INDEX_SPECIAL_CHARS_WARNING to complain when index entries contain a colon. + Docbook output no longer uses for @r. + -D'var val' on the command line works as intended again. + --plaintext output can be split. + a bit faster. * info: + invoking as `info foo bar' looks for bar as an index entry in manual foo, if not found as a top-level menu item. + invoking info with an absolute or explicitly relative file name (./foo.info, /tmp/foo.info, etc.) just visits that file. + separate `infokey' program has been removed - the .infokey file is now read directly by Info. + new option --init-file allows overriding ~/.infokey. + new variable `highlight-searches' allows highlighting results from a search + support for mouse scrollwheel, controlled by `mouse' variable. + new variable `key_time' to control how long to wait for byte sequences sent by special keys. + new variable `hide-note-references' alters appearance of displayed nodes + new variable `infopath-no-defaults' allows omitting the compile-time Info directory from the Info search path. + support input of multibyte characters for searches in a UTF-8 locale. + if reading an Info file that is known to be in a different character encoding to that of the user's environment, convert its contents when displayed and substitute missing characters + new command M-x info-version. + the M-x kill-node command has been removed. + test suite at build time. * texindex: + completely new implementation as a literate program using Texinfo and (portable) awk (called TexiWeb Jr.). + the -o (--output) is not supported, unless we hear of someone using it. + duplicated sort keys with different display texts result in one merged index entry, using the first display text. + better sorting and parsing in unusual cases; most notably, { and } characters can appear as initials. * install-info: + handle compressed input file names containing spaces. + exit successfully if --remove is given and the dir file does not exist. + new option --defsection, to be used instead of "Miscellaneous" when a section is not present in the Info file. * texi2dvi: + look for the environment variable THUMBPDF_CMD instead of THUMBPDF, since thumbpdf itself has used THUMBPDF for options since 2000. + remove --recode and --recode-from options, since they haven't worked as intended for years, so evidently no one needs them. - refresh texinfo-zlib.patch ==== tigervnc ==== Subpackages: xorg-x11-Xvnc - Add /usr/sbin/groupadd and /usr/sbin/useradd Requires(post) to xorg-x11-Xvnc: the scripts are creating users/groups. ==== gimp-ufraw ==== Version update (0.21 -> 0.22) - Add conflicts with dcraw - Added configuration options * --enable-dst-correction * --enable-extras - Updated to version 0.22 - Added FITS support ==== valgrind ==== Subpackages: valgrind-devel - glibc-version.patch: Add support for glibc 2.22. ==== virt-install ==== Subpackages: virt-manager virt-manager-common - bsc#941464 - virt-convert attempts to create storage pool images even if it already exists virtinst-fix-storage-pool-lookup.patch - Drop the following patches for bsc#938942 as they are not needed. virtman-reset-image-filename-based-on-format.patch virtman-allow-other-disk-formats.patch - Upstream bug fixes a9b303fb-fix-copy-host-cpu-definition.patch f81358b0-dont-display-error-if-machine-is-missing-in-XML.patch aebebbf8-report-an-error-for-pxe-install-without-network.patch 4970615f-fix-qemu-vs-lxc-detection.patch - bsc#938942 - Can't create a vmguest with raw format image with virt-manager at first installation (option disable) virtman-reset-image-filename-based-on-format.patch virtman-allow-other-disk-formats.patch ==== virtualbox ==== Version update (5.0.0 -> 5.0.2) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-kmp-desktop virtualbox-guest-tools virtualbox-guest-x11 virtualbox-host-kmp-default virtualbox-host-kmp-desktop virtualbox-qt Version bump to 5.0.2 (released 2015-08-13 by Oracle) A number of problems were fixed and/or added. In particular, the artifically high load average problem reported as bsc#939299 has been fixed. The complete list follows: VMM: added support for guest crash report MSRs with Hyper-V paravirtualization VMM: fixed an issue causing artifically high load averages on Linux hosts VMM: fixed a kernel panic with thread-context hooks caused by incompatible changes made to Linux 4.2 kernels VMM: fixed a saved state issue with VT-x/AMD-V disabled (5.0 regression; bug #14304) VMM: fixed VERR_SUPDRV_TSC_DELTA_MEASUREMENT_FAILED Guru Meditations on certain AMD CPUs (5.0 regression; bug #14370) VMM: fixed a crash while creating a guest core dumps via the VM debug facility (5.0 regression) VMM: This release has AVX2 passthrough disabled on every host and AVX passthrough disabled for 64-bit VMs on 32-bit hosts. This will be properly fixed in a future 5.0.x maintenance release (see e.g. bug #14262). GUI: fixed rare hang and crash on VM shutdown/poweroff GUI: X11: fixed few crashes caused by the Qt alien widgets feature GUI: X11: fixed various mini-toolbar geometry quirks like positioning, z-order, transiency issues on certain window managers (bug #14257) GUI: X11: fixed mini-toolbar minimize button issue under certain window managers (bug #14284) GUI: VM menu actions availability should now be properly updated on full-screen/seamless/scaled mode switches GUI: disk encryption password validation should be performed when user confirmed the password, not after each entered symbol GUI: do not change the VM/group selection in the VM Manager to the newly created VM if it was created by another client (e.g. VBoxManage) GUI: improve the quality in scaled mode under some circumstances (5.0 regression; bug #14303) VBoxManage: do not deny changing the network adapter type at VM runtime (5.0 regression; bug #14308) VRDP: allow Windows 10 RDP clients (bug #14216) Audio: fix a possible crash on VM process termination (5.0 regression) Storage: improved raw disk access on OS X by unmounting any accessed volume before first use and prevent any mount attempt by the host (bug #14219) 3D: basic support for saving/restoring display lists Shared Folders: fixed a problem with accessing CIFS shares (bug #14252) Shared Folders: improved path conversion between hosts and guests with different path separators (bug #14153) API: skip resetting of immutable media when the VM in saved state is started (bug #13957) API: fixed method for setting medium IDs which used zero (invalid) UUIDs instead random (valid) UUIDs if no UUIDs were passed (bug #14350) API: for Windows host fix detection of API client crashes which have a session open OVF: properly export all VBox features including the setting for paravirtualization (bug #14390) Linux hosts: more fixes for activated SMAP on Linux 3.19 and newer (Broadwell and later; bug #13961) Linux hosts: check then name space before attaching to a host network interface (bug #13795) Linux Additions: Linux 4.2 fixes (bug #14227) Linux Additions: improved the performance of stat() to speed up certain file operations on shared folders X11 Additions: various seamless mode fixes, including invisible windows under LXDE. - ==== x11-tools ==== - Fix the breakage of default IM selection due to the eval code for ~/.i18n in xim script (bsc#934720, boo#941052) ==== xen ==== Subpackages: xen-doc-html xen-kmp-default xen-kmp-desktop xen-libs xen-tools xen-tools-domU - bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap memory in rtl8139 device model xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch - bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen block unplug protocol xsa139-qemuu.patch - bsc#937371 - xen vm's running after reboot xendomains-libvirtd-conflict.patch - bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code execution via IDE subsystem CD-ROM CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch - Remove xendomains.service from systemd preset file because it conflicts with libvirt-guests.service (bnc#937371) Its up to the admin to run systemctl enable xendomains.service ==== xf86-input-evdev ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-joystick ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-keyboard ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-mouse ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-synaptics ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-vmmouse ==== - BuildRequire pkgconfig(udev) instead of udev: be more robust to packaging changes. - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-void ==== - Ignore absence of udevadm, it won't be present in the build env. ==== xf86-input-wacom ==== Version update (0.28.0 -> 0.30.0) - Update to version 0.30.0: + Allow PAD only interfaces without EV_ABS and/or EV_X/Y to report events. + xsetwacom: Add ability to read args from stdin for fuzzing. + afl: xsetwacom: - Do not allow negative button numbers. - Check that argc is in range before dereferencing argv. + ubsan: - Fix alignment issues. - Prevent out-of-bounds array write. - Use 'unsigned int' for button mask in 'wcmSendButtons'. + asan: xsetwacom: Cleanup xsetwacom memory leaks. + xsetwacom: Fix 'get_mapped_area' ("maptooutput next") on 64-bit. + Coverity: - fix potential NULL-pointer dereferences. - fix coverity complaints about unchecked return values. - fix potential negative array subscript. - silence "ioctl return value not checked" warnings. - remove dead code. + tools: make baudrate unsigned int to shut up compiler. - BuildRequire pkgconfig(udev) instead of udev: be more robust to packaging changes. - Ignore absence of udevadm, it won't be present in the build env. - Rebase n_01-Add-option-to-enable-logging.patch. ==== xf86-video-intel ==== - Add u_uxa-fix-missing-includes-for-fstat.patch and u_sna-fix-missing-includes-for-fstat.patch: fix missing includes for fstat to be declared. ==== xtables-addons-kmp-default ==== Version update (2.7_k4.1.5_1 -> 2.8_k4.1.6_1) Subpackages: xtables-addons-kmp-desktop xtables-addons-kmp-xen - Update to new upstream release 2.8 * Support for Linux 4.2 * Enable xt_ECHO ==== yast2 ==== Version update (3.1.145 -> 3.1.147) Subpackages: yast2-devel-doc - "yast2" script - handle also the reboot flag the same way as the installation script (bsc#942461) - 3.1.147 - bnc#941881 - displays hostname / domain as set in /etc/hostnmae - 3.1.146 ==== yast2-bootloader ==== Version update (3.1.141 -> 3.1.142) - do not require parted on target system (bnc#937066) - 3.1.142 ==== yast2-country ==== Version update (3.1.22 -> 3.1.23) Subpackages: yast2-country-data - Use xkb converted console keymaps (better systemd support) where applicable (fate#318426) - 3.1.23 ==== yast2-network ==== Version update (3.1.125 -> 3.1.127) - bnc#940892 - fixed internal error when importing AY profile - 3.1.127 - bsc#941948 - lan_auto client returns value properly - 3.1.126 ==== yast2-ntp-client ==== Version update (3.1.18 -> 3.1.19) - Always use a server from pool.ntp.org as default (bnc#940881) - 3.1.19 ==== yast2-security ==== Version update (3.1.10 -> 3.1.11) - Added some entries to the list of optional services (bnc#942379) - 3.1.11 ==== yast2-x11 ==== Version update (3.1.3 -> 3.1.4) - xkbctrl uses systemd mapping information now (fate#318426) - 3.1.4 Removed packages: bundle-lang-common-sv rsh libsvn_auth_kwallet-1-0 ufraw > ufraw-lang Added packages: libdrm_amdgpu1 libserf-devel libsvn_auth_gnome_keyring-1-0