Packages changed:
ImageMagick (7.0.10.31 -> 7.0.10.33)
MozillaFirefox (80.0 -> 81.0.1)
MozillaThunderbird (78.3.1 -> 78.3.2)
alsa
alsa-plugins
alsa-ucm-conf
alsa-utils
aspell
at (3.1.23 -> 3.2.1)
babl (0.1.80 -> 0.1.82)
bash
bash-completion
bison (3.6.4 -> 3.7.2)
busybox
ca-certificates (2+git20200129.d1a437d -> 2+git20201002.34daf7f)
checkpolicy (3.0 -> 3.1)
chrony (3.5 -> 3.5.1)
dconf-editor (3.36.4 -> 3.36.7)
expat (2.2.9 -> 2.2.10)
fuse3 (3.9.3 -> 3.10.0)
gettext-runtime (0.20.2 -> 0.21)
gimp (2.10.20 -> 2.10.22)
glib2 (2.64.5 -> 2.64.6)
glibc (2.31 -> 2.32)
gnome-bluetooth (3.34.2 -> 3.34.3)
gnome-desktop (3.36.6 -> 3.36.7)
gnome-maps (3.36.4 -> 3.36.4.1)
gnome-shell (3.36.6 -> 3.36.7)
gnome-shell-extensions (3.36.3 -> 3.36.7)
hwdata (0.339 -> 0.340)
iagno (3.36.4 -> 3.36.7)
ibus (1.5.22 -> 1.5.23)
inkscape
inn (2.6.2 -> 2.6.3)
iproute2
iputils
issue-generator
kdeconnect-kde
kernel-64kb (5.8.12 -> 5.8.14)
kernel-firmware (20200916 -> 20201005)
kernel-source (5.8.12 -> 5.8.14)
kismet (2020_09_R3 -> 2020_09_R4)
krename (5.0.0 -> 5.0.1)
libinput (1.16.1 -> 1.16.2)
libmbim (1.24.2 -> 1.24.4)
libproxy
libproxy-plugins
libqt5-qtwebkit
libreoffice (7.0.1.2 -> 7.0.2.2)
libselinux (3.0 -> 3.1)
libselinux-bindings (3.0 -> 3.1)
libsemanage (3.0 -> 3.1)
libsepol (3.0 -> 3.1)
libsolv
libva (2.8.0 -> 2.9.0)
libva-gl (2.8.0 -> 2.9.0)
libvirt (6.7.0 -> 6.8.0)
libwacom (1.3 -> 1.5)
libzypp (17.25.1 -> 17.25.2)
lightdm
linux-glibc-devel (5.7 -> 5.8)
live555 (2020.05.15 -> 2020.08.19)
luit (20150706 -> 20201003)
mariadb
memcached (1.6.6 -> 1.6.7)
mozilla-nspr (4.28 -> 4.29)
mozilla-nss (3.55 -> 3.57)
mutter (3.36.6+2 -> 3.36.7)
myspell-dictionaries (20191219 -> 20201005)
nano (5.2 -> 5.3)
ncurses (6.2.20200711 -> 6.2.20200912)
nodejs14 (14.12.0 -> 14.13.1)
numactl (2.0.13 -> 2.0.14)
openblas_openmp
p11-kit
patterns-base
perl-CGI (4.50 -> 4.51)
perl-Cpanel-JSON-XS (4.23 -> 4.24)
perl-File-Listing (6.04 -> 6.11)
perl-XML-Writer (0.625 -> 0.900)
php7 (7.4.10 -> 7.4.11)
policycoreutils (3.0 -> 3.1)
popt
procps
python-alembic
python-libvirt-python (6.7.0 -> 6.8.0)
python-mailman
python-semanage (3.0 -> 3.1)
python3-qt5 (5.15.0 -> 5.15.1)
qemu
rdma-core (27.1 -> 31.0)
rubygem-gem2rpm
rubygem-vagrant_cloud (3.0.0 -> 2.0.3)
sddm
sendmail
spice
spice-gtk
squid
strace (5.8 -> 5.9)
subversion
swell-foop
sysuser-tools
sysvinit (2.96 -> 2.97)
tcpd
tracker (3.0.0 -> 3.0.1)
tracker-miners (2.99.5 -> 3.0.1)
unbound (1.11.0 -> 1.12.0)
vala (0.48.10 -> 0.48.11)
vim
vulkan-loader (1.2.153 -> 1.2.154)
webkit2gtk3 (2.28.4 -> 2.30.1)
wpa_supplicant
x11-tools
xdm
xinit
xkeyboard-config (2.30 -> 2.31)
xmodmap
xorg-x11-server
yelp (3.36.0 -> 3.36.1)
zsh
=== Details ===
==== ImageMagick ====
Version update (7.0.10.31 -> 7.0.10.33)
Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI4 libMagickCore-7_Q16HDRI7 libMagickWand-7_Q16HDRI7
- version update to 7.0.10.33
* miscellaneous clean-up.
* enable WMF for module build.
* writing PDF requires a seekable stream.
==== MozillaFirefox ====
Version update (80.0 -> 81.0.1)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 81.0.1
* https://www.mozilla.org/en-US/firefox/81.0.1/releasenotes/
- remove obsolete python2 build requires
- Increase disk requirements in _constraints to match current needs
- Mozilla Firefox 81.0
* https://www.mozilla.org/en-US/firefox/81.0/releasenotes
MFSA 2020-42 (bsc#1176756)
* CVE-2020-15675 (bmo#1654211)
Use-After-Free in WebGL
* CVE-2020-15677 (bmo#1641487)
Download origin spoofing via redirect
* CVE-2020-15676 (bmo#1646140)
XSS when pasting attacker-controlled data into a
contenteditable element
* CVE-2020-15678 (bmo#1660211)
When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-
free scenario
* CVE-2020-15673 (bmo#1648493, bmo#1660800)
Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
* CVE-2020-15674 (bmo#1656063, bmo#1656064, bmo#1656067, bmo#1660293)
Memory safety bugs fixed in Firefox 81
- requires
NSPR 4.28
NSS 3.56
- removed obsolete patches
* mozilla-system-nspr.patch
* mozilla-bmo1661715.patch
* mozilla-silence-no-return-type.patch
- skip post-build-checks for 15.0 and 15.1
- add revert-795c8762b16b.patch to fix LTO builds with gcc
(related to bmo#1644409)
- require python3-curses as workaround to fix i586 build
- Use %limit_build macro again for aarch64 and armv7, instead of
the new memoryperjob _constraints to use more workers
- add mozilla-bmo1661715.patch to fix Flash plugin
- Mozilla Firefox 80.0.1: Bug fixes:
* Fixed a performance regression when encountering new intermediate
CA certificates (bmo#1661543)
* Fixed crashes possibly related to GPU resets (bmo#1627616)
* Fixed rendering on some sites using WebGL (bmo#1659225)
* Fixed the zoom-in keyboard shortcut on Japanese language builds
(bmo#1661895)
* Fixed download issues related to extensions and cookies
(bmo#1655190)
- added mozilla-silence-no-return-type.patch
- more whitelisting (/dev/random) for sandbox in relation to FIPS
(bsc#1174284)
- improve langpack builds to use dedicated objdirs and make it
parallel again
==== MozillaThunderbird ====
Version update (78.3.1 -> 78.3.2)
- Mozilla Thunderbird 78.3.2
* OpenPGP: Improved support for encrypting with subkeys
* OpenPGP: Encrypted messages with international characters were
sometimes displayed incorrectly
* Single-click deletion of recipient pills with middle mouse
button restored
* Searching an address book list did not display results
* Dark mode, high contrast, and Windows theming fixes
==== alsa ====
Subpackages: libasound2 libatopology2
- Placeholder for SLE15-SP3 sync (bsc#1171246):
the actual fix is found in alsa-ucm-conf updates
- Enable topology support for riscv64
==== alsa-plugins ====
Subpackages: alsa-plugins-pulse alsa-plugins-speexrate alsa-plugins-upmix
- Placeholder for SLE15-SP3 sync: jsc#SLE-11987
no functional changes at all
==== alsa-ucm-conf ====
- Disable HDA-Intel UCM conf due to a regression on openQA (the
muted state as default)
- Update from alsa-ucm-conf git (commit 3048ff7b15a9):
mainly for adding the support for sof-soundwire (bsc#1176200):
0001-bytcr-rt5640-Fix-DMIC1-not-working-when-connected-ov.patch
0002-bytcr-rt5651-Fix-high-noise-level-soft-input-on-DMIC.patch
0003-chtrt5645-Add-ASUSTeKCOMPUTERINC.-T101HA-1.0.conf-sy.patch
0004-sof-hda-dsp-don-t-fail-if-Auto-Mute-control-is-not-p.patch
0005-ucm2-use-Include-Syntax-3.patch
0006-chtrt5645-merge-all-possible-configurations-to-HiFi..patch
0007-cht-bsw-rt5672-merge-all-possible-configurations-to-.patch
0008-chtnau8824-merge-all-possible-configurations-to-HiFi.patch
0009-ucm.conf-add-support-for-the-kernel-module-name-tree.patch
0010-sof-hda-dsp-make-Headphone-Playback-Switch-condition.patch
0011-sof-hda-dsp-add-initial-kcontrol-values.patch
0012-sof-hda-dsp-make-the-boot-init-optional-for-all-cont.patch
0013-bdw-rt5677-add-support-for-legacy-and-SOF-drivers.patch
0014-broadwell-rt286-add-SOF-support.patch
0015-sof-soundwire-initial-UCM2-version.patch
0016-sof-soundwire-cleanups-recommended-by-the-ucm-valida.patch
0017-sof-soundwire-rewrite-for-syntax-3.patch
0018-sof-hda-dsp-fix-the-device-order-Hdmi-devices.patch
0019-HDA-Intel-add-support-for-AMD-acp-microphone-devices.patch
0020-DAISY-I2S-move-to-Samsung-snow-snow.conf.patch
0021-DB410c-move-to-Qualcomm-apq8016-sbc.patch
0022-DB820c-DB845c-move-to-Qualcomm-tree.patch
0023-PAZ00-tegraalc5632-move-to-Tegra-alc5632-tree.patch
0024-VEYRON-I2C-move-to-Rockchip-max98090-tree.patch
0025-Pandaboard-ES-move-to-OMAP-abe-twl6040-tree.patch
0026-GoogleNyan-move-to-Tegra-max98090.patch
0027-SDP4430-Move-to-OMAP-abe-twl6040-SDP4430-tree.patch
0028-Fix-invalid-Regex-Type-in-various-Condition-blocks.patch
0029-cht-bsw-rt5672-Add-Lenovo-Miix-2-10-specific-configu.patch
0030-cht-bsw-rt5672-Add-Lenovo-ThinkPad-10-specific-confi.patch
0031-cht-bsw-rt5672-Boost-ADC-volume-a-bit.patch
0032-chtrt5645-Restore-stereo-sound-output-when-switching.patch
0033-DB820c-Correctly-move-DB820c-to-Qualcomm-apq8096.patch
0034-sof-hda-dsp-fixup-typo-in-Hdmi.conf.patch
0035-sof-hda-dsp-use-sof-hda-dsp-Hdmi.conf.patch
0036-hda-hdmi-add-HDMI4-HDMI5-HDMI6-devices.patch
0037-update-ucm2-README.md-more-kernel-module-lookup-clar.patch
0038-ucm2-Add-config-for-Rockchip-rk3399-gru-sound.patch
0039-amd-renoir-acp-use-the-machine-driver-s-name-for-top.patch
0040-amd-renoir-acp-Add-Syntax-3-in-the-module-lib-Linked.patch
0041-Correct-conflicting-mic-in-max98090.patch
0042-HDA-Intel-HiFi-dual-Fix-the-Rear-Mic-s-Jack-name.patch
0043-USB-Audio-Dell-WD15-Dock-make-input-and-output-volum.patch
0044-Rockchip-rk3399-gru-sound-remove-zero-PCM-subdevice.patch
0045-ucm2-ucm.conf-fix-the-fix-the-sysfs-kernel-module-pa.patch
0046-Revert-amd-renoir-acp-use-the-machine-driver-s-name-.patch
0047-ucm2-module-rename-rk3399-gru-sound.conf-snd_soc_rk3.patch
0048-ucm2-HDA-acp-add-Capture-simple-mixer-element-to-the.patch
0049-HDA-Intel-only-add-the-acp-dmic-to-the-sound-card-wi.patch
0050-Add-support-for-Lenovo-ThinkStation-P620-Main-Audio.patch
0051-ucm2-Qualcomm-sdm845-fixes-HDMI-select-card-and-HiFi.patch
==== alsa-utils ====
- Conditionally add buildreq alsa-topology-devel to fix build
errors
==== aspell ====
Subpackages: aspell-spell libaspell15
- Remove/replace old specfile constructs.
==== at ====
Version update (3.1.23 -> 3.2.1)
- Update to release 3.2.1
* Print time of new job before the input of the commands.
* Do not drop seconds on -t option.
* Start using nice levels from 0 instead of 2.
* Correctly handle DST when specifying a UTC time.
- Modernize specfile constructs / drop old ones.
- Do not silence errors from useradd/groupadd.
- Refreshed at-3.1.13-documentation-dir.patch,
at-3.1.13-leak-fix.patch, at-3.1.13-massive_batch.patch,
at-3.1.13-tomorrow.patch, at-3.1.14-joblist.patch,
at-3.1.14-makefile-deps.patch,
at-3.1.14-parse-suse-sysconfig.patch, at-3.1.14.patch,
at-3.1.8-denylist.patch, at-3.1.8-jobdir-mtime.patch,
at-atq-timeformat.patch, at-backport-old-privs.patch,
at-piddir.patch, at-secure_getenv.patch for %autosetup.
==== babl ====
Version update (0.1.80 -> 0.1.82)
- Update to version 0.1.82:
+ Handle the parametric ICCv4 types that are not strictly the
same type as core sRGB curve.
+ Meson build cleanups, depend on meson 0.54.
==== bash ====
Subpackages: bash-doc
- dot.profile: moved example for user specific LANG setting
from .profile to .i18n (x11-tools package) skeleton file (boo#1158724)
==== bash-completion ====
- Convert to _multibuild. The pre_checkin.sh script was quite
broken anyway and it was less effort to convert than to try to
fix that one.
- Do not BuildRequire util-linux: there is no need to have this in
the build root.
- Drop cmake BuildRequires: this is only here for the
/usr/share/cmake directory ownership, which in turn even causes
problems of left-over directories (e.g. install bash-completion,
on a system without cmake, uninstall bash-completion,
/usr/share/cmake remains left on the disk).
==== bison ====
Version update (3.6.4 -> 3.7.2)
Subpackages: bison-lang
- GNU bison 3.7.2:
* fix all known Bison CVEs relating to the bison-the-program
itself, not the generated code.
* concurrent build issues
* Push parsers always use YYMALLOC/YYFREE
* Fix unlikely crashes found by fuzzing
- GNU bison 3.7.1:
* YYPRINT macro is deprecated
* --graph will generate a *.gv file by default
* Add Counterexample Generation feature
* Add File prefix mapping feature
* Various bug fixes and behavior changes
==== busybox ====
Subpackages: busybox-static
- Disable RPM builtin, did become pretty useless
- Disable popmaildir and mime utilities
==== ca-certificates ====
Version update (2+git20200129.d1a437d -> 2+git20201002.34daf7f)
- Update to version 2+git20201002.34daf7f:
* Use relative symlink for /etc/ssl/certs (boo#1175340)
==== checkpolicy ====
Version update (3.0 -> 3.1)
- Update to version 3.1
* checkpolicy treats invalid characters as an error - might break rare use
cases (intentionally)
* Drop extern_te_assert_t.patch, is upstream
==== chrony ====
Version update (3.5 -> 3.5.1)
Subpackages: chrony-pool-openSUSE
- Adjust and rename the sysconfig file, so that it matches the
expectations of chronyd.service (bsc#1173277).
- Update to 3.5.1:
* Create new file when writing pidfile (CVE-2020-14367, bsc#1174911)
==== dconf-editor ====
Version update (3.36.4 -> 3.36.7)
- Update to version 3.36.7:
+ Updated translations.
==== expat ====
Version update (2.2.9 -> 2.2.10)
Subpackages: libexpat-devel libexpat1
- Update to 2.2.10:
* Bug fixes:
- Fix undefined behavior during parsing caused by pointer
arithmetic with NULL pointers
- Fix reading uninitialized variable during parsing
- xmlwf: Add missing check for malloc NULL return
* Other changes:
- xmlwf: Document exit codes in xmlwf manpage and exit with code 3
(rather than code 1) for output errors when used with "-d DIRECTORY"
- Autotools: Use -Werror while configure tests the compiler for
supported compile flags to avoid false positives
- Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, e.g.
ensure that they have the last word over flags added while
running ./configure
- CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis
on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
- CMake: Detect and deny unsupported build combinations
involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
- CMake: Install pre-compiled shipped xmlwf.1 manpage in case
of -DEXPAT_BUILD_DOCS=OFF
- CMake: Fix use of Expat by means of add_subdirectory
- CMake: Keep expat target name constant at "expat" (i.e. refrain
from using the target name to control build artifact filenames)
- CMake: Expose man page compilation as target "xmlwf-manpage"
- CMake: Introduce option EXPAT_BUILD_PKGCONFIG to control
generation of pkg-config file "expat.pc"
- CMake: Add minimalistic support for building binary packages
with CMake target "package"; based on CPack
- CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with default
OFF to build fuzzer code against OSS-Fuzz and related
environment variable LIB_FUZZING_ENGINE
- Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF
- Address compiler warnings
- Address pngcheck warnings with doc/*.png images: Version info
bumped from 7:11:6 to 7:12:6
==== fuse3 ====
Version update (3.9.3 -> 3.10.0)
Subpackages: libfuse3-3
- Update to release 3.10.0
* Add FUSE_CAP_CACHE_SYMLINKS: allow caching symlinks in kernel
page cache.
==== gettext-runtime ====
Version update (0.20.2 -> 0.21)
Subpackages: gettext-tools libtextstyle0
- Add multiple new features (bsc#1165138)
- Add patches:
* 0001-msgcat-Add-feature-to-use-the-newest-po-file.patch
* 0002-msgcat-Merge-headers-when-use-first.patch
- Reintroduce utoreconf call
- Update to 0.21:
* Programming languages support:
- Shell:
o xgettext now recognizes and ignores 'env' invocations and environment
variable assignments in front of commands.
- Java:
o xgettext now recognizes format strings in the Formatter syntax. They
are marked as 'java-printf-format' in POT and PO files.
o xgettext now recognizes text blocks as string literals.
- JavaScript:
xgettext parses JSX expressions more reliably.
- Ruby:
o xgettext now supports Ruby.
o 'msgfmt -c' now verifies the syntax of translations of Ruby format
strings.
* Improvements for translators:
- When msgfmt writes a MO file, it now does so in such a way that processes
that are currently using an older copy of the MO file will not crash.
* Libtextstyle:
- Added support for emitting hyperlinks.
- New API for doing formatted output.
- The example programs support the NO_COLOR environment variable.
==== gimp ====
Version update (2.10.20 -> 2.10.22)
Subpackages: gimp-lang gimp-plugin-aa libgimp-2_0-0 libgimpui-2_0-0
- Update to version 2.10.22:
- Core:
- Verbose version information (`gimp-2.10 -v` on command line,
or debug output) now displays Flatpak related information
when available. This is especially useful for debugging (such
as the exact Flatpak build hash, the runtime version, the
installed Flatpak extensions, permissions, etc.).
- OpenCL settings has now been moved to the Playground tab in
Preferences.
- On stable builds, "Playground" tab is now visible in
Preferences if any of the experimental features has been
enabled, even without the CLI option `--show-playground`.
- Tools:
- "gegl:matting-levin" now the default engine of Foreground
Select tool (when present, as it is an optional feature) as
it performs a lot better.
- GEGL operations now display a "Sample merged" checkbox in
Tool Options. This will be used when the operation allows to
pick a color (hence one can pick from the edited layer or
from visible data).
- "Sample merged" now defaults to being activated in Color
Picker and GEGL tools as it seems the less confusing for
beginners who don't know of the option yet (according to a
small poll we ran).
- User interface:
- In GimpSpinButton, don't propagate Enter key-press events if
updating the spin-button's value in response changes the
entered text. This prevents confirming dialogs when hitting
Enter after entering a math expression in size entries,
updating their value instead. Likewise, don't propagate
Escape key-press events if a new value was entered, and
restore the original value instead.
- GimpMemSizeEntry improved to show appropriate binary prefixes
(kibibyte, mebibyte and gibibyte) instead of decimal ones, to
round properly when using higher units, and to not lose
accuracy when possible when displaying in higher units.
- Several of the biggest pages of the Preferences dialog are
now scrollable, allowing the dialog to fit on smaller
displays.
- Plug-ins:
- Add a new GIMP_EXPORT_NEEDS_CROP export capability, which
causes gimp_export_image() to crop the exported image content
to the image bounds; this is useful for formats that support
layers, but have no concept of global image bounds, hence
cropping is the only way to enforce the image bounds. When
showing the export dialog, give an option to either crop the
layers to the image bounds, or to resize the image to fit the
layers.
- Content type `image/webp` is now recognized (and not only
`image/x-webp` as both seem to be in used and this format is
unfortunately not yet listed in IANA media types (so various
content types are in use, no clear standard apparently).
- DDS import is now a bit more permissive, allowing to load
some files with invalid header flags regarding compression,
while we are able to know the right compression from other
flags. This allows to recover invalid DDS files exported by
other software.
- JPEG detection improved to be more generic and reliable.
- HEIF support improvements:
- AVIF importing and exporting added (requires libheif
1.8.0+)
- 10/12-bit importing and exporting now available for
HEIC/AVIF
- NCLX color profile import (link with LittleCMS)
- Metadata support when importing
- "Lossless" option is now called "Nearly lossless (YUV420
format)" because this is actually what it is, hence
previous naming was misleading.
- TIFF support improvements:
- Add an option to crop the layers to the image bounds when
exporting individual layers (using GIMP_EXPORT_NEEDS_CROP),
since TIFF has no concept of global image bounds otherwise.
Cropping is enabled by default.
- TIFF export will not override "DocumentName" metadata tag
anymore.
- Stop writing file paths into TIFF DocumentNames as file
paths can contain confidential information such as
usernames and directory structures, making the previous
behaviour a potential privacy and security risk.
- Fix a file descriptor leak case which may have prevented a
file from being opened on Windows.
- Multiple improvements in the PSP import plug-in:
- support reading raster layers of PSP version > 6,
- support reading 16-bit integer PSP files,
- support reading grayscale and indexed PSP files,
- support PSP images with zero-length layer names,
- fix wrong layer offset of layers,
- fix reading layer names with high bit ASCII characters,
- fix incorrect loading of PSP images with uncompressed
channel data,
- fix reading of creator block data of PSP images,
- better error messages describing yet unsupported features,
- improve reader stability by always using the block/chunk
length.
- Spyrogimp now works on Grayscale images and clutters less the
undo history.
- "Orientation" metadata is now reset whether you accepted to
rotate the image or not when importing an image.
- XPM does not export a "None" (transparent) color when unused.
- BMP always include color masks when exporting BMP with color
space info, as mandated by BITMAPV5HEADER specification.
- Debugging:
- Add progressive performance logs: progressive logs contain
complete information after each recorded sample, by writing
partial address maps at each sample, containing all new
addresses introduced by the sample. This allows recording
complete logs even in cases where they can't be properly
terminated, such as when GIMP crashes or freezes in the
middle of the log. Progressive logs are disabled by default,
since they potentially increase the sampling cost. They can
be enabled through a toggle in the log file-dialog, or
through GIMP_PERFORMANCE_LOG_PROGRESSIVE environment
variable. Performance log viewer can now process progressive
performance logs too.
- Allow controlling performance-log parameters through the UI.
- Bug fixes: #2275, #2668, #2874, #3481, #3868, #4061, #4155,
[#4328], #4505, #4536, #4560, #4816, #5043, #5069, #5208, #5219,
[#5226], #5232, #5274, #5275, #5357, #5358, #5472, #5530, #5584,
[#5592], #5623, #5630, #5651
==== glib2 ====
Version update (2.64.5 -> 2.64.6)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Update to version 2.64.6:
+ Bugs fixed: glgo#GNOME/GLib#2194, glgo#GNOME/GLib#2209,
glgo#GNOME/GLib!1633, glgo#GNOME/GLib!1634,
glgo#GNOME/GLib!1656, glgo#GNOME/GLib!1659,
glgo#GNOME/GLib!1666, glgo#GNOME/GLib!1672.
+ Updated translations.
==== glibc ====
Version update (2.31 -> 2.32)
Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd
- Keep nsswitch.conf in /etc for SLES15
- syslog-locking.patch: Correct locking and cancellation cleanup in syslog
functions (bsc#1172085, BZ #26100)
- ifunc-fma4.patch: x86-64: Fix FMA4 detection in ifunc (BZ #26534)
- Update to glibc 2.32
* Unicode 13.0.0 Support
* New locale added: ckb_IQ
* The GNU C Library now loads audit modules listed in the DT_AUDIT and
DT_DEPAUDIT dynamic section entries of the main executable
* powerpc64le supports IEEE128 long double libm/libc redirects when
using the -mabi=ieeelongdouble to compile C code on supported GCC
toolchains
* To help detect buffer overflows and other out-of-bounds accesses
several APIs have been annotated with GCC 'access' attribute
* On Linux, functions the pthread_attr_setsigmask_np and
pthread_attr_getsigmask_np have been added
* The GNU C Library now provides the header file <sys/single_threaded.h>
which declares the variable __libc_single_threaded
* The functions sigabbrev_np and sigdescr_np have been added
* The functions strerrorname_np and strerrordesc_np have been added
* AArch64 now supports standard branch protection security hardening
in glibc when it is built with a GCC that is configured with
- -enable-standard-branch-protection (or if -mbranch-protection=standard
flag is passed when building both GCC target libraries and glibc,
in either case a custom GCC is needed)
* The deprecated <sys/sysctl.h> header and the sysctl function have been
removed
* The sstk function is no longer available to newly linked binaries
* The legacy signal handling functions siginterrupt, sigpause, sighold,
sigrelse, sigignore and sigset, and the sigmask macro have been
deprecated
* ldconfig now defaults to the new format for ld.so.cache
* The deprecated arrays sys_siglist, _sys_siglist, and sys_sigabbrev
are no longer available to newly linked binaries, and their declarations
have been removed from <string.h>
* The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr
are no longer available to newly linked binaries, and their declarations
have been removed from from <stdio.h>
* Both strerror and strerror_l now share the same internal buffer in the
calling thread, meaning that the returned string pointer may be invalided
or contents might be overwritten on subsequent calls in the same thread or
if the thread is terminated
* Using weak references to libpthread functions such as pthread_create
or pthread_key_create to detect the singled-threaded nature of a
program is an obsolescent feature
* The "files" NSS module no longer supports the "key" database (used for
secure RPC)
* The __morecore and __after_morecore_hook malloc hooks and the default
implementation __default_morecore have been deprecated
* The hesiod NSS module has been deprecated and will be removed in a
future version of glibc
* CVE-2016-10228: An infinite loop has been fixed in the iconv program when
invoked with the -c option and when processing invalid multi-byte input
sequences
* CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument
* CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
* CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
memmove functions has been fixed
- riscv-syscall-clobber.patch, ldbl-96-rem-pio2l.patch,
long-double-alias.patch: Removed
==== gnome-bluetooth ====
Version update (3.34.2 -> 3.34.3)
Subpackages: libgnome-bluetooth13 typelib-1_0-GnomeBluetooth-1_0
- Update to version 3.34.3:
+ Fix problem with intermittent connection work-around when using
the switch in the device properties.
+ Updated translations.
==== gnome-desktop ====
Version update (3.36.6 -> 3.36.7)
Subpackages: gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Update to version 3.36.7:
+ No changes, version bump only.
==== gnome-maps ====
Version update (3.36.4 -> 3.36.4.1)
- Update to version 3.36.4.1:
+ Fix a race-condition bug in search-as-you-type resulting in
out-of-sync search results in some circumstances.
==== gnome-shell ====
Version update (3.36.6 -> 3.36.7)
Subpackages: gnome-shell-calendar
- Update to version 3.36.7:
+ Fix potential stack overflow in libcroco (CVE-2020-12825).
+ Fix system action search regressions.
+ Fix week number alignment when using font-scaling.
+ Misc. bug fixes and cleanups.
+ Updated translations.
==== gnome-shell-extensions ====
Version update (3.36.3 -> 3.36.7)
Subpackages: gnome-shell-classic gnome-shell-classic-session
- Update to version 3.36.7:
+ Update sass submodule.
==== hwdata ====
Version update (0.339 -> 0.340)
- Update to version 0.340:
+ Updated pci, usb and vendor ids.
==== iagno ====
Version update (3.36.4 -> 3.36.7)
- Update to version 3.36.7:
+ Add missing posix,
+ Updated translations.
- Drop iagno-add-missing-posix.patch: Fixed upstream.
==== ibus ====
Version update (1.5.22 -> 1.5.23)
Subpackages: ibus-dict-emoji libibus-1_0-5 typelib-1_0-IBus-1_0
- Update version to 1.5.23
* Generate simple.xml with denylist 6042974 508527d 37db75b 6879879 59b902a
568d58d 6ed34f3 5959d6f 5d67a28 394d9a8 ed7bc8d e938846 3aa670e 0d90da4
e4dd6d1
* Accept xdigits only for Unicode typing a440942
* Update emoji-parser with CLDR emoji annotation release-31-0-1 9a9f828
* Update ibusunicodegen.h with unicode-ucd 13.0.0 e10fc89
* Delete deprecated ENABLE_APPINDICATOR_ENGINE_ICON check aa3a9f0
* Fix SEGV 02105c4 f591381
* Fix some errors in ibus-desktop-testing-runner 7b0d091 8da0167
* Refactor source files 0b9d936 0ad5e9a
* Fix string formats in translatable strings 7caead1 f8c468a ce865f6
* Use WAYLAND_DISPLAY on Wayland sessions to make up IBus socket name (Carlos
Garnacho) 8ce2520
* Skip parsing of compose sequence with invalid keysyms (Neil Shepperd)
0da3cec
* Tell Pango about the engine language in the candidate panel (Aaron Muir
Hamilton) 3f098dc 79a09f1
* Fix for several error spotted by static analyzer (ntfs.hard) 00adea6
* Remove glib_check_version() in gtk immodule (Changwoo Ryu) 5765bfd
* Build the Emoji dictionaries in parallel (Changwoo Ryu) 59d0de4
* Update translation
- Drop 0001-Replace-the-Qt-check-for-appindicator-engine-icon-wi.patch,
ibus-use-wayland-display-for-socket-name.patch,
ibus-socket-name-compatibility.patch. Merged by upstream
- Update ibus.spec: Drop the is_opensuse macro to eliminate the
difference between SLE-15 and openSUSE-Leap (jsc#SLE-11653).
- Move xim.d files to /usr/etc when available, which is
currently Tumbleweed only (boo#1176431)
==== inkscape ====
Subpackages: inkscape-extensions-extra inkscape-extensions-gimp
- Clean up constraints:
* Remove ppc64le specific memory bound, use global 4GB limit.
* Add memoryperjob constraint, some ppc64{,le} workers have
a high core-to-memory ratio.
==== inn ====
Version update (2.6.2 -> 2.6.3)
- update to inn-2.6.3
+ Fixed the selection of the elliptic curve to use with OpenSSL 1.1.0 or
later; NIST P-256 was enforced instead of using the most secure curve.
+ A new inn.conf parameter has been added to fine-tune the cipher suites
to use with TLS 1.3: the *tlsciphers13* now permits configuring them.
A separate cipher suite configuration parameter is needed for TLS 1.3
because TLS 1.3 cipher suites are not compatible with TLS 1.2, and
vice-versa. In order to avoid issues where legacy TLS 1.2 cipher
suite configuration configured in the *tlsciphers* parameter would
inadvertently disable all TLS 1.3 cipher suites, the inn.conf
configuration has been separated out.
+ Fixed a regression since INN 2.6.1 that prevented articles with
internationalized header fields (that is to say encoded in UTF-8) from
being posted.
+ Support for Python 3 has been added to INN. Embedded Python filtering
and authentication hooks for innd and nnrpd can now use version 3.3.0
or later of the Python interpreter. In the 2.x series, version 2.3.0
or later is still supported.
+ When configuring INN with the --with-python flag, the "PYTHON"
environment variable, when set, is used to select the interpreter to
embed. Otherwise, it is searched in standard paths.
+ In case you change the Python interpreter to embed, make sure that the
Python scripts you use are written in the expected syntax for that
version of the Python interpreter. Notably, buffer objects have been
replaced with memoryview objects in Python 3, and UTF-8 encoding now
really matters for string literals (Python 3 uses bytes and Unicode
objects).
+ INN documentation and samples of Python hooks have been updated to
provide more examples.
+ When a Python or Perl filter hook rejects an article, innd now
mentions the reason in response to CHECK and TAKETHIS commands.
Previously, the reason was given only for the IHAVE command.
+ nnrpd now properly logs the hostname of clients whose connection
failed owing to an issue during the negotiation of a TLS session or
high load average.
- renamed and refreshed inn-2.6.2.diff to inn-2.6.3.diff
- fix upstream URL
- (build)require openssl-devel and python-devel and build with
- -with-python and --with-openssl support
- remove outdated/unknown configure options:
- -enable-dual-socket, --enable-ipv6 and --with-etc-dir
- use 'Development/Languages/C and C++' as RPM group for the -devel
package
- require appropriate -devel packages for -devel package installs
==== iproute2 ====
- Add 0001-ip-add-error-reporting-when-RTM_GETNSID-failed.patch
==== iputils ====
Subpackages: rarpd
- No longer invoke permissions macros for ping. It now uses ICMP_PROTO sockets
(bsc#1174504).
==== issue-generator ====
- Handle the .path unit in scriptlets as well
==== kdeconnect-kde ====
Subpackages: kdeconnect-kde-lang kdeconnect-kde-zsh-completion
- Add upstream patches to fix security issues in kdeconnect
(CVE-2020-26164, boo#1176268):
* 0001-Do-not-leak-the-local-user-in-the-device-name.patch
* 0002-Fix-use-after-free-in-LanLinkProvider-connectError.patch
* 0003-Limit-identity-packets-to-8KiB.patch
* 0004-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch
* 0005-Don-t-brute-force-reading-the-socket.patch
* 0006-Limit-number-of-connected-sockets-from-unpaired-devi.patch
* 0007-Do-not-remember-more-than-a-few-identity-packets-at-.patch
* 0008-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch
* 0009-Do-not-replace-connections-for-a-given-deviceId-if-t.patch
==== kernel-64kb ====
Version update (5.8.12 -> 5.8.14)
- Update config files.
Only run_oldconfig.sh to sync up.
- commit cea47bb
- Linux 5.8.14 (bsc#1012628).
- io_uring: always delete double poll wait entry on match
(bsc#1012628).
- btrfs: fix filesystem corruption after a device replace
(bsc#1012628).
- mmc: sdhci: Workaround broken command queuing on Intel GLK
based IRBIS models (bsc#1012628).
- USB: gadget: f_ncm: Fix NDP16 datagram validation (bsc#1012628).
- Revert "usbip: Implement a match function to fix usbip"
(bsc#1012628).
- usbcore/driver: Fix specific driver selection (bsc#1012628).
- usbcore/driver: Fix incorrect downcast (bsc#1012628).
- usbcore/driver: Accommodate usbip (bsc#1012628).
- gpio: siox: explicitly support only threaded irqs (bsc#1012628).
- gpio: mockup: fix resource leak in error path (bsc#1012628).
- gpio: tc35894: fix up tc35894 interrupt configuration
(bsc#1012628).
- gpio: amd-fch: correct logic of GPIO_LINE_DIRECTION
(bsc#1012628).
- clk: samsung: Keep top BPLL mux on Exynos542x enabled
(bsc#1012628).
- clk: socfpga: stratix10: fix the divider for the
emac_ptp_free_clk (bsc#1012628).
- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling
getpeername() (bsc#1012628).
- i2c: i801: Exclude device from suspend direct complete
optimization (bsc#1012628).
- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
(bsc#1012628).
- iio: adc: qcom-spmi-adc5: fix driver name (bsc#1012628).
- ftrace: Move RCU is watching check after recursion check
(bsc#1012628).
- tracing: Fix trace_find_next_entry() accounting of temp buffer
size (bsc#1012628).
- memstick: Skip allocating card when removing host (bsc#1012628).
- xen/events: don't use chip_data for legacy IRQs (bsc#1012628).
- clocksource/drivers/timer-gx6605s: Fixup counter reload
(bsc#1012628).
- vboxsf: Fix the check for the old binary mount-arguments struct
(bsc#1012628).
- mt76: mt7915: use ieee80211_free_txskb to free tx skbs
(bsc#1012628).
- libbpf: Remove arch-specific include path in Makefile
(bsc#1012628).
- drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices
(bsc#1012628).
- Revert "wlcore: Adding suppoprt for IGTK key in wlcore driver"
(bsc#1012628).
- drm/sun4i: mixer: Extend regmap max_register (bsc#1012628).
- hv_netvsc: Cache the current data path to avoid duplicate call
and message (bsc#1012628).
- net: dec: de2104x: Increase receive ring size for Tulip
(bsc#1012628).
- rndis_host: increase sleep time in the query-response loop
(bsc#1012628).
- nvme-pci: disable the write zeros command for Intel 600P/P3100
(bsc#1012628).
- nvme-core: get/put ctrl and transport module in
nvme_dev_open/release() (bsc#1012628).
- fuse: fix the ->direct_IO() treatment of iov_iter (bsc#1012628).
- drivers/net/wan/lapbether: Make skb->protocol consistent with
the header (bsc#1012628).
- drivers/net/wan/hdlc: Set skb->protocol before transmitting
(bsc#1012628).
- mac80211: Fix radiotap header channel flag for 6GHz band
(bsc#1012628).
- mac80211: do not allow bigger VHT MPDUs than the hardware
supports (bsc#1012628).
- tracing: Make the space reserved for the pid wider
(bsc#1012628).
- tools/io_uring: fix compile breakage (bsc#1012628).
- io_uring: mark statx/files_update/epoll_ctl as non-SQPOLL
(bsc#1012628).
- cpuidle: psci: Fix suspicious RCU usage (bsc#1012628).
- spi: fsl-espi: Only process interrupts for expected events
(bsc#1012628).
- net: dsa: felix: fix some key offsets for IP4_TCP_UDP VCAP
IS2 entries (bsc#1012628).
- nvme-pci: fix NULL req in completion handler (bsc#1012628).
- nvme-fc: fail new connections to a deleted host or remote port
(bsc#1012628).
- scripts/kallsyms: skip ppc compiler stub *.long_branch.* /
* .plt_branch.* (bsc#1012628).
- gpio: sprd: Clear interrupt when setting the type as edge
(bsc#1012628).
- phy: ti: am654: Fix a leak in serdes_am654_probe()
(bsc#1012628).
- pinctrl: mvebu: Fix i2c sda definition for 98DX3236
(bsc#1012628).
- nfs: Fix security label length not being reset (bsc#1012628).
- NFSv4.2: fix client's attribute cache management for
copy_file_range (bsc#1012628).
- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly
on read (bsc#1012628).
- clk: tegra: Always program PLL_E when enabled (bsc#1012628).
- clk: tegra: Fix missing prototype for
tegra210_clk_register_emc() (bsc#1012628).
- dmaengine: dmatest: Prevent to run on misconfigured channel
(bsc#1012628).
- clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
(bsc#1012628).
- scsi: target: Fix lun lookup for TARGET_SCF_LOOKUP_LUN_FROM_TAG
case (bsc#1012628).
- iommu/exynos: add missing put_device() call in
exynos_iommu_of_xlate() (bsc#1012628).
- gpio: pca953x: Fix uninitialized pending variable (bsc#1012628).
- gpio/aspeed-sgpio: enable access to all 80 input & output sgpios
(bsc#1012628).
- gpio/aspeed-sgpio: don't enable all interrupts by default
(bsc#1012628).
- gpio: aspeed: fix ast2600 bank properties (bsc#1012628).
- i2c: cpm: Fix i2c_ram structure (bsc#1012628).
- i2c: npcm7xx: Clear LAST bit after a failed transaction
(bsc#1012628).
- Input: trackpoint - enable Synaptics trackpoints (bsc#1012628).
- blk-mq: call commit_rqs while list empty but error happen
(bsc#1012628).
- scripts/dtc: only append to HOST_EXTRACFLAGS instead of
overwriting (bsc#1012628).
- autofs: use __kernel_write() for the autofs pipe writing
(bsc#1012628).
- pinctrl: qcom: sm8250: correct sdc2_clk (bsc#1012628).
- pinctrl: mediatek: check mtk_is_virt_gpio input parameter
(bsc#1012628).
- gpio: pca953x: Correctly initialize registers 6 and 7 for
PCA957x (bsc#1012628).
- iommu/amd: Fix the overwritten field in IVMD header
(bsc#1012628).
- pipe: remove pipe_wait() and fix wakeup race with splice
(bsc#1012628).
- random32: Restore __latent_entropy attribute on net_rand_state
(bsc#1012628).
- gpiolib: Fix line event handling in syscall compatible mode
(bsc#1012628).
- drm/i915/gvt: Fix port number for BDW on EDID region setup
(bsc#1012628).
- scsi: sd: sd_zbc: Fix handling of host-aware ZBC disks
(bsc#1012628).
- scsi: sd: sd_zbc: Fix ZBC disk initialization (bsc#1012628).
- epoll: do not insert into poll queues until all sanity checks
are done (bsc#1012628).
- epoll: replace ->visited/visited_list with generation count
(bsc#1012628).
- epoll: EPOLL_CTL_ADD: close the race in decision to take fast
path (bsc#1012628).
- ep_create_wakeup_source(): dentry name can change under
you.. (bsc#1012628).
- commit e882d6e
- platform/x86: intel-vbtn: Switch to an allow-list for
SW_TABLET_MODE reporting (bsc#1175599).
- commit 5672f81
- drm/amdgpu: restore proper ref count in
amdgpu_display_crtc_set_config (git-fixes).
- commit 08db7a3
- Linux 5.8.13 (bsc#1012628).
- device_cgroup: Fix RCU list debugging warning (bsc#1012628).
- ASoC: pcm3168a: ignore 0 Hz settings (bsc#1012628).
- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for
WM1811 (bsc#1012628).
- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect
functions (bsc#1012628).
- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1
(bsc#1012628).
- clk: versatile: Add of_node_put() before return statement
(bsc#1012628).
- RISC-V: Take text_mutex in ftrace_init_nop() (bsc#1012628).
- i2c: aspeed: Mask IRQ status to relevant bits (bsc#1012628).
- s390/init: add missing __init annotations (bsc#1012628).
- lockdep: fix order in trace_hardirqs_off_caller() (bsc#1012628).
- EDAC/ghes: Check whether the driver is on the safe list
correctly (bsc#1012628).
- drm/amdkfd: fix a memory leak issue (bsc#1012628).
- drm/amd/display: Don't use DRM_ERROR() for DTM add topology
(bsc#1012628).
- drm/amd/display: update nv1x stutter latencies (bsc#1012628).
- drm/amdgpu/dc: Require primary plane to be enabled whenever
the CRTC is (bsc#1012628).
- drm/amd/display: Don't log hdcp module warnings in dmesg
(bsc#1012628).
- objtool: Fix noreturn detection for ignored functions
(bsc#1012628).
- i2c: mediatek: Send i2c master code at more than 1MHz
(bsc#1012628).
- riscv: Fix Kendryte K210 device tree (bsc#1012628).
- ieee802154: fix one possible memleak in ca8210_dev_com_init
(bsc#1012628).
- ieee802154/adf7242: check status of adf7242_read_reg
(bsc#1012628).
- clocksource/drivers/h8300_timer8: Fix wrong return value in
h8300_8timer_init() (bsc#1012628).
- mwifiex: Increase AES key storage size to 256 bits
(bsc#1012628).
- batman-adv: bla: fix type misuse for backbone_gw hash indexing
(bsc#1012628).
- libbpf: Fix build failure from uninitialized variable warning
(bsc#1012628).
- atm: eni: fix the missed pci_disable_device() for eni_init_one()
(bsc#1012628).
- batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
(bsc#1012628).
- netfilter: ctnetlink: add a range check for l3/l4 protonum
(bsc#1012628).
- netfilter: ctnetlink: fix mark based dump filtering regression
(bsc#1012628).
- netfilter: conntrack: nf_conncount_init is failing with IPv6
disabled (bsc#1012628).
- netfilter: nft_meta: use socket user_ns to retrieve skuid and
skgid (bsc#1012628).
- mac802154: tx: fix use-after-free (bsc#1012628).
- bpf: Fix clobbering of r2 in bpf_gen_ld_abs (bsc#1012628).
- tools/libbpf: Avoid counting local symbols in ABI check
(bsc#1012628).
- drm/vc4/vc4_hdmi: fill ASoC card owner (bsc#1012628).
- net: qed: Disable aRFS for NPAR and 100G (bsc#1012628).
- net: qede: Disable aRFS for NPAR and 100G (bsc#1012628).
- net: qed: RDMA personality shouldn't fail VF load (bsc#1012628).
- igc: Fix wrong timestamp latency numbers (bsc#1012628).
- igc: Fix not considering the TX delay for timestamps
(bsc#1012628).
- drm/sun4i: sun8i-csc: Secondary CSC register correction
(bsc#1012628).
- spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
(bsc#1012628).
- RDMA/core: Fix ordering of CQ pool destruction (bsc#1012628).
- batman-adv: Add missing include for in_interrupt()
(bsc#1012628).
- xsk: Fix number of pinned pages/umem size discrepancy
(bsc#1012628).
- nvme-tcp: fix kconfig dependency warning when !CRYPTO
(bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone
from LAN (bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone
from mesh (bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets from BLA backbone
to mesh (bsc#1012628).
- bpf: Fix a rcu warning for bpffs map pretty-print (bsc#1012628).
- lib80211: fix unmet direct dependendices config warning when
!CRYPTO (bsc#1012628).
- mac80211: do not disable HE if HT is missing on 2.4 GHz
(bsc#1012628).
- cfg80211: fix 6 GHz channel conversion (bsc#1012628).
- mac80211: fix 80 MHz association to 160/80+80 AP on 6 GHz
(bsc#1012628).
- ALSA: asihpi: fix iounmap in error handler (bsc#1012628).
- io_uring: fix openat/openat2 unified prep handling
(bsc#1012628).
- SUNRPC: Fix svc_flush_dcache() (bsc#1012628).
- regmap: fix page selection for noinc reads (bsc#1012628).
- regmap: fix page selection for noinc writes (bsc#1012628).
- net/mlx5e: mlx5e_fec_in_caps() returns a boolean (bsc#1012628).
- MIPS: Loongson-3: Fix fp register access if MSA enabled
(bsc#1012628).
- PM / devfreq: tegra30: Disable clock on error in probe
(bsc#1012628).
- MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
(bsc#1012628).
- regulator: axp20x: fix LDO2/4 description (bsc#1012628).
- spi: bcm-qspi: Fix probe regression on iProc platforms
(bsc#1012628).
- KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
(bsc#1012628).
- KVM: SVM: Add a dedicated INVD intercept routine (bsc#1012628).
- mm: validate pmd after splitting (bsc#1012628).
- arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache()
cache writeback (bsc#1012628).
- x86/irq: Make run_on_irqstack_cond() typesafe (bsc#1012628).
- x86/ioapic: Unbreak check_timer() (bsc#1012628).
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
(bsc#1012628).
- ALSA: usb-audio: Add delay quirk for H570e USB headsets
(bsc#1012628).
- ALSA: hda/realtek - Couldn't detect Mic if booting with headset
plugged (bsc#1012628).
- ALSA: hda/realtek: Enable front panel headset LED on Lenovo
ThinkStation P520 (bsc#1012628).
- lib/string.c: implement stpcpy (bsc#1012628).
- tracing: fix double free (bsc#1012628).
- s390/dasd: Fix zero write for FBA devices (bsc#1012628).
- mt76: mt7615: use v1 MCU API on MT7615 to fix issues with
adding/removing stations (bsc#1012628).
- lib/bootconfig: Fix a bug of breaking existing tree nodes
(bsc#1012628).
- lib/bootconfig: Fix to remove tailing spaces after value
(bsc#1012628).
- kprobes: Fix to check probe enabled before
disarm_kprobe_ftrace() (bsc#1012628).
- kprobes: tracing/kprobes: Fix to kill kprobes on initmem after
boot (bsc#1012628).
- btrfs: fix put of uninitialized kobject after seed device delete
(bsc#1012628).
- btrfs: fix overflow when copying corrupt csums for a message
(bsc#1012628).
- media: cec-adap.c: don't use flush_scheduled_work()
(bsc#1012628).
- MIPS: Loongson2ef: Disable Loongson MMI instructions
(bsc#1012628).
- dmabuf: fix NULL pointer dereference in dma_buf_release()
(bsc#1012628).
- mm, THP, swap: fix allocating cluster for swapfile by mistake
(bsc#1012628).
- mm/gup: fix gup_fast with dynamic page table folding
(bsc#1012628).
- mm: replace memmap_context by meminit_context (bsc#1012628).
- mm: don't rely on system state to detect hot-plug operations
(bsc#1012628).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1012628).
- io_uring: ensure open/openat2 name is cleaned on cancelation
(bsc#1012628).
- KVM: arm64: Assume write fault on S1PTW permission fault on
instruction fetch (bsc#1012628).
- dm: fix bio splitting and its bio completion order for regular
IO (bsc#1012628).
- clocksource/drivers/timer-ti-dm: Do reset before enable
(bsc#1012628).
- commit ea492d4
==== kernel-firmware ====
Version update (20200916 -> 20201005)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Placeholder for SLE15-SP3 package sync:
bsc#1143331, bsc#1160204, bsc#1154395 bsc#1155307, jsc#SLE-8379
- Update to version 20201005 (git commit 58d41d0facca):
* ice: Add comms package file for Intel E800 series driver
* copy-firmware: Always write Link: entries
* amdgpu: update vega20 firmware for 20.40
* amdgpu: update vega12 firmware for 20.40
* amdgpu: update vega10 firmware for 20.40
* amdgpu: update renoir firmware for 20.40
* amdgpu: update raven2 firmware for 20.40
* amdgpu: update raven firmware for 20.40
* amdgpu: update picasso firmware for 20.40
* amdgpu: update navi14 firmware for 20.40
* amdgpu: update navi12 firmware for 20.40
* amdgpu: update navi10 firmware for 20.40
* linux-firmware: Add new VPDMA firmware 1b8.bin
* QCA : Updated firmware files for WCN3991
- Drop the AMDGPU Picasso workaround (bsc#1174278)
- Update to version 20200928 (git commit b78a66c909c7):
* linux-firmware: Update firmware for Cadence MHDP8546 DP bridge
* linux-firmware: Update firmware patch for Intel Bluetooth 7265 (D1)
* Mellanox: Add new mlxsw_spectrum firmware xx.2008.1312
* linux-firmware: nvidia: move firmware symlinks to WHENCE
* linux-firmware: move i915 firmware symlinks to WHENCE
* linux-firmware: move iwlwifi-7265D-10.ucode symlink to WHENCE
* linux-firmware: Update Marvell Switchdev firmware with ABI changes
- Force bzip2 compression for compatibility (boo#1176981):
for keeping the compatibility with older distros (like Leap 15.1)
that can't deal with lzma-compressed rpm files
==== kernel-source ====
Version update (5.8.12 -> 5.8.14)
Subpackages: kernel-default kernel-docs
- Update config files.
Only run_oldconfig.sh to sync up.
- commit cea47bb
- Linux 5.8.14 (bsc#1012628).
- io_uring: always delete double poll wait entry on match
(bsc#1012628).
- btrfs: fix filesystem corruption after a device replace
(bsc#1012628).
- mmc: sdhci: Workaround broken command queuing on Intel GLK
based IRBIS models (bsc#1012628).
- USB: gadget: f_ncm: Fix NDP16 datagram validation (bsc#1012628).
- Revert "usbip: Implement a match function to fix usbip"
(bsc#1012628).
- usbcore/driver: Fix specific driver selection (bsc#1012628).
- usbcore/driver: Fix incorrect downcast (bsc#1012628).
- usbcore/driver: Accommodate usbip (bsc#1012628).
- gpio: siox: explicitly support only threaded irqs (bsc#1012628).
- gpio: mockup: fix resource leak in error path (bsc#1012628).
- gpio: tc35894: fix up tc35894 interrupt configuration
(bsc#1012628).
- gpio: amd-fch: correct logic of GPIO_LINE_DIRECTION
(bsc#1012628).
- clk: samsung: Keep top BPLL mux on Exynos542x enabled
(bsc#1012628).
- clk: socfpga: stratix10: fix the divider for the
emac_ptp_free_clk (bsc#1012628).
- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling
getpeername() (bsc#1012628).
- i2c: i801: Exclude device from suspend direct complete
optimization (bsc#1012628).
- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
(bsc#1012628).
- iio: adc: qcom-spmi-adc5: fix driver name (bsc#1012628).
- ftrace: Move RCU is watching check after recursion check
(bsc#1012628).
- tracing: Fix trace_find_next_entry() accounting of temp buffer
size (bsc#1012628).
- memstick: Skip allocating card when removing host (bsc#1012628).
- xen/events: don't use chip_data for legacy IRQs (bsc#1012628).
- clocksource/drivers/timer-gx6605s: Fixup counter reload
(bsc#1012628).
- vboxsf: Fix the check for the old binary mount-arguments struct
(bsc#1012628).
- mt76: mt7915: use ieee80211_free_txskb to free tx skbs
(bsc#1012628).
- libbpf: Remove arch-specific include path in Makefile
(bsc#1012628).
- drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices
(bsc#1012628).
- Revert "wlcore: Adding suppoprt for IGTK key in wlcore driver"
(bsc#1012628).
- drm/sun4i: mixer: Extend regmap max_register (bsc#1012628).
- hv_netvsc: Cache the current data path to avoid duplicate call
and message (bsc#1012628).
- net: dec: de2104x: Increase receive ring size for Tulip
(bsc#1012628).
- rndis_host: increase sleep time in the query-response loop
(bsc#1012628).
- nvme-pci: disable the write zeros command for Intel 600P/P3100
(bsc#1012628).
- nvme-core: get/put ctrl and transport module in
nvme_dev_open/release() (bsc#1012628).
- fuse: fix the ->direct_IO() treatment of iov_iter (bsc#1012628).
- drivers/net/wan/lapbether: Make skb->protocol consistent with
the header (bsc#1012628).
- drivers/net/wan/hdlc: Set skb->protocol before transmitting
(bsc#1012628).
- mac80211: Fix radiotap header channel flag for 6GHz band
(bsc#1012628).
- mac80211: do not allow bigger VHT MPDUs than the hardware
supports (bsc#1012628).
- tracing: Make the space reserved for the pid wider
(bsc#1012628).
- tools/io_uring: fix compile breakage (bsc#1012628).
- io_uring: mark statx/files_update/epoll_ctl as non-SQPOLL
(bsc#1012628).
- cpuidle: psci: Fix suspicious RCU usage (bsc#1012628).
- spi: fsl-espi: Only process interrupts for expected events
(bsc#1012628).
- net: dsa: felix: fix some key offsets for IP4_TCP_UDP VCAP
IS2 entries (bsc#1012628).
- nvme-pci: fix NULL req in completion handler (bsc#1012628).
- nvme-fc: fail new connections to a deleted host or remote port
(bsc#1012628).
- scripts/kallsyms: skip ppc compiler stub *.long_branch.* /
* .plt_branch.* (bsc#1012628).
- gpio: sprd: Clear interrupt when setting the type as edge
(bsc#1012628).
- phy: ti: am654: Fix a leak in serdes_am654_probe()
(bsc#1012628).
- pinctrl: mvebu: Fix i2c sda definition for 98DX3236
(bsc#1012628).
- nfs: Fix security label length not being reset (bsc#1012628).
- NFSv4.2: fix client's attribute cache management for
copy_file_range (bsc#1012628).
- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly
on read (bsc#1012628).
- clk: tegra: Always program PLL_E when enabled (bsc#1012628).
- clk: tegra: Fix missing prototype for
tegra210_clk_register_emc() (bsc#1012628).
- dmaengine: dmatest: Prevent to run on misconfigured channel
(bsc#1012628).
- clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
(bsc#1012628).
- scsi: target: Fix lun lookup for TARGET_SCF_LOOKUP_LUN_FROM_TAG
case (bsc#1012628).
- iommu/exynos: add missing put_device() call in
exynos_iommu_of_xlate() (bsc#1012628).
- gpio: pca953x: Fix uninitialized pending variable (bsc#1012628).
- gpio/aspeed-sgpio: enable access to all 80 input & output sgpios
(bsc#1012628).
- gpio/aspeed-sgpio: don't enable all interrupts by default
(bsc#1012628).
- gpio: aspeed: fix ast2600 bank properties (bsc#1012628).
- i2c: cpm: Fix i2c_ram structure (bsc#1012628).
- i2c: npcm7xx: Clear LAST bit after a failed transaction
(bsc#1012628).
- Input: trackpoint - enable Synaptics trackpoints (bsc#1012628).
- blk-mq: call commit_rqs while list empty but error happen
(bsc#1012628).
- scripts/dtc: only append to HOST_EXTRACFLAGS instead of
overwriting (bsc#1012628).
- autofs: use __kernel_write() for the autofs pipe writing
(bsc#1012628).
- pinctrl: qcom: sm8250: correct sdc2_clk (bsc#1012628).
- pinctrl: mediatek: check mtk_is_virt_gpio input parameter
(bsc#1012628).
- gpio: pca953x: Correctly initialize registers 6 and 7 for
PCA957x (bsc#1012628).
- iommu/amd: Fix the overwritten field in IVMD header
(bsc#1012628).
- pipe: remove pipe_wait() and fix wakeup race with splice
(bsc#1012628).
- random32: Restore __latent_entropy attribute on net_rand_state
(bsc#1012628).
- gpiolib: Fix line event handling in syscall compatible mode
(bsc#1012628).
- drm/i915/gvt: Fix port number for BDW on EDID region setup
(bsc#1012628).
- scsi: sd: sd_zbc: Fix handling of host-aware ZBC disks
(bsc#1012628).
- scsi: sd: sd_zbc: Fix ZBC disk initialization (bsc#1012628).
- epoll: do not insert into poll queues until all sanity checks
are done (bsc#1012628).
- epoll: replace ->visited/visited_list with generation count
(bsc#1012628).
- epoll: EPOLL_CTL_ADD: close the race in decision to take fast
path (bsc#1012628).
- ep_create_wakeup_source(): dentry name can change under
you.. (bsc#1012628).
- commit e882d6e
- platform/x86: intel-vbtn: Switch to an allow-list for
SW_TABLET_MODE reporting (bsc#1175599).
- commit 5672f81
- drm/amdgpu: restore proper ref count in
amdgpu_display_crtc_set_config (git-fixes).
- commit 08db7a3
- Linux 5.8.13 (bsc#1012628).
- device_cgroup: Fix RCU list debugging warning (bsc#1012628).
- ASoC: pcm3168a: ignore 0 Hz settings (bsc#1012628).
- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for
WM1811 (bsc#1012628).
- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect
functions (bsc#1012628).
- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1
(bsc#1012628).
- clk: versatile: Add of_node_put() before return statement
(bsc#1012628).
- RISC-V: Take text_mutex in ftrace_init_nop() (bsc#1012628).
- i2c: aspeed: Mask IRQ status to relevant bits (bsc#1012628).
- s390/init: add missing __init annotations (bsc#1012628).
- lockdep: fix order in trace_hardirqs_off_caller() (bsc#1012628).
- EDAC/ghes: Check whether the driver is on the safe list
correctly (bsc#1012628).
- drm/amdkfd: fix a memory leak issue (bsc#1012628).
- drm/amd/display: Don't use DRM_ERROR() for DTM add topology
(bsc#1012628).
- drm/amd/display: update nv1x stutter latencies (bsc#1012628).
- drm/amdgpu/dc: Require primary plane to be enabled whenever
the CRTC is (bsc#1012628).
- drm/amd/display: Don't log hdcp module warnings in dmesg
(bsc#1012628).
- objtool: Fix noreturn detection for ignored functions
(bsc#1012628).
- i2c: mediatek: Send i2c master code at more than 1MHz
(bsc#1012628).
- riscv: Fix Kendryte K210 device tree (bsc#1012628).
- ieee802154: fix one possible memleak in ca8210_dev_com_init
(bsc#1012628).
- ieee802154/adf7242: check status of adf7242_read_reg
(bsc#1012628).
- clocksource/drivers/h8300_timer8: Fix wrong return value in
h8300_8timer_init() (bsc#1012628).
- mwifiex: Increase AES key storage size to 256 bits
(bsc#1012628).
- batman-adv: bla: fix type misuse for backbone_gw hash indexing
(bsc#1012628).
- libbpf: Fix build failure from uninitialized variable warning
(bsc#1012628).
- atm: eni: fix the missed pci_disable_device() for eni_init_one()
(bsc#1012628).
- batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
(bsc#1012628).
- netfilter: ctnetlink: add a range check for l3/l4 protonum
(bsc#1012628).
- netfilter: ctnetlink: fix mark based dump filtering regression
(bsc#1012628).
- netfilter: conntrack: nf_conncount_init is failing with IPv6
disabled (bsc#1012628).
- netfilter: nft_meta: use socket user_ns to retrieve skuid and
skgid (bsc#1012628).
- mac802154: tx: fix use-after-free (bsc#1012628).
- bpf: Fix clobbering of r2 in bpf_gen_ld_abs (bsc#1012628).
- tools/libbpf: Avoid counting local symbols in ABI check
(bsc#1012628).
- drm/vc4/vc4_hdmi: fill ASoC card owner (bsc#1012628).
- net: qed: Disable aRFS for NPAR and 100G (bsc#1012628).
- net: qede: Disable aRFS for NPAR and 100G (bsc#1012628).
- net: qed: RDMA personality shouldn't fail VF load (bsc#1012628).
- igc: Fix wrong timestamp latency numbers (bsc#1012628).
- igc: Fix not considering the TX delay for timestamps
(bsc#1012628).
- drm/sun4i: sun8i-csc: Secondary CSC register correction
(bsc#1012628).
- spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
(bsc#1012628).
- RDMA/core: Fix ordering of CQ pool destruction (bsc#1012628).
- batman-adv: Add missing include for in_interrupt()
(bsc#1012628).
- xsk: Fix number of pinned pages/umem size discrepancy
(bsc#1012628).
- nvme-tcp: fix kconfig dependency warning when !CRYPTO
(bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone
from LAN (bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone
from mesh (bsc#1012628).
- batman-adv: mcast: fix duplicate mcast packets from BLA backbone
to mesh (bsc#1012628).
- bpf: Fix a rcu warning for bpffs map pretty-print (bsc#1012628).
- lib80211: fix unmet direct dependendices config warning when
!CRYPTO (bsc#1012628).
- mac80211: do not disable HE if HT is missing on 2.4 GHz
(bsc#1012628).
- cfg80211: fix 6 GHz channel conversion (bsc#1012628).
- mac80211: fix 80 MHz association to 160/80+80 AP on 6 GHz
(bsc#1012628).
- ALSA: asihpi: fix iounmap in error handler (bsc#1012628).
- io_uring: fix openat/openat2 unified prep handling
(bsc#1012628).
- SUNRPC: Fix svc_flush_dcache() (bsc#1012628).
- regmap: fix page selection for noinc reads (bsc#1012628).
- regmap: fix page selection for noinc writes (bsc#1012628).
- net/mlx5e: mlx5e_fec_in_caps() returns a boolean (bsc#1012628).
- MIPS: Loongson-3: Fix fp register access if MSA enabled
(bsc#1012628).
- PM / devfreq: tegra30: Disable clock on error in probe
(bsc#1012628).
- MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
(bsc#1012628).
- regulator: axp20x: fix LDO2/4 description (bsc#1012628).
- spi: bcm-qspi: Fix probe regression on iProc platforms
(bsc#1012628).
- KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
(bsc#1012628).
- KVM: SVM: Add a dedicated INVD intercept routine (bsc#1012628).
- mm: validate pmd after splitting (bsc#1012628).
- arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache()
cache writeback (bsc#1012628).
- x86/irq: Make run_on_irqstack_cond() typesafe (bsc#1012628).
- x86/ioapic: Unbreak check_timer() (bsc#1012628).
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
(bsc#1012628).
- ALSA: usb-audio: Add delay quirk for H570e USB headsets
(bsc#1012628).
- ALSA: hda/realtek - Couldn't detect Mic if booting with headset
plugged (bsc#1012628).
- ALSA: hda/realtek: Enable front panel headset LED on Lenovo
ThinkStation P520 (bsc#1012628).
- lib/string.c: implement stpcpy (bsc#1012628).
- tracing: fix double free (bsc#1012628).
- s390/dasd: Fix zero write for FBA devices (bsc#1012628).
- mt76: mt7615: use v1 MCU API on MT7615 to fix issues with
adding/removing stations (bsc#1012628).
- lib/bootconfig: Fix a bug of breaking existing tree nodes
(bsc#1012628).
- lib/bootconfig: Fix to remove tailing spaces after value
(bsc#1012628).
- kprobes: Fix to check probe enabled before
disarm_kprobe_ftrace() (bsc#1012628).
- kprobes: tracing/kprobes: Fix to kill kprobes on initmem after
boot (bsc#1012628).
- btrfs: fix put of uninitialized kobject after seed device delete
(bsc#1012628).
- btrfs: fix overflow when copying corrupt csums for a message
(bsc#1012628).
- media: cec-adap.c: don't use flush_scheduled_work()
(bsc#1012628).
- MIPS: Loongson2ef: Disable Loongson MMI instructions
(bsc#1012628).
- dmabuf: fix NULL pointer dereference in dma_buf_release()
(bsc#1012628).
- mm, THP, swap: fix allocating cluster for swapfile by mistake
(bsc#1012628).
- mm/gup: fix gup_fast with dynamic page table folding
(bsc#1012628).
- mm: replace memmap_context by meminit_context (bsc#1012628).
- mm: don't rely on system state to detect hot-plug operations
(bsc#1012628).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1012628).
- io_uring: ensure open/openat2 name is cleaned on cancelation
(bsc#1012628).
- KVM: arm64: Assume write fault on S1PTW permission fault on
instruction fetch (bsc#1012628).
- dm: fix bio splitting and its bio completion order for regular
IO (bsc#1012628).
- clocksource/drivers/timer-ti-dm: Do reset before enable
(bsc#1012628).
- commit ea492d4
==== kismet ====
Version update (2020_09_R3 -> 2020_09_R4)
Subpackages: kismet-capture-freaklabs-zigbee kismet-capture-linux-bluetooth kismet-capture-linux-wifi kismet-capture-nrf-51822 kismet-capture-nrf-mousejack kismet-capture-sdr-rtl433 kismet-capture-sdr-rtladsb kismet-capture-sdr-rtlamr kismet-capture-ti-cc2540 kismet-logtools
- Update to version 2020-09-R4
* Fix a false ?login required? error on the datasources panel.
==== krename ====
Version update (5.0.0 -> 5.0.1)
- Update to 5.0.1:
* Escape/unescape filenames with special characters (kde#391291)
* Close the app if the progress dialog is closed (kde#395084)
* Fix building against exiv2-0.27
* Fix build with taglib and ECM >= 5.72.0
* Make icons look sharp with HiDPI (kde#418112)
- Drop patches merged upstream:
* 0001-Use-cmakedefine01-instead-of-macro_bool_to_01.patch
* 0002-Fix-building-against-exiv2-0.27.patch
* 0003-Fix-the-previous-commits-and-the-build-with-exiv2-0..patch
* use-local-cmake-modules-first.patch
* Close-the-app-if-the-progress-dialog-is-closed.patch
- Drop lower-minimum-cmake-version.patch, Leap 42.3 is no longer
supported
- Refresh servicemenus-files.patch
==== libinput ====
Version update (1.16.1 -> 1.16.2)
Subpackages: libinput-udev libinput10
- Update to release 1.16.2
* A few device-specific fixes for the Google Pixelbook, Apple
Magic Trackpad 2, some ALPS i2c touchpads and a jumping
cursor fix for ALPS DoalPoint touchpads.
==== libmbim ====
Version update (1.24.2 -> 1.24.4)
Subpackages: libmbim-glib4 mbimcli-bash-completion
- Update to version 1.24.4:
* libmbim-glib,device:
+ Added new mbim_device_get_transaction_id() to retrieve the
transaction id currently being used.
* libmbim-glib,proxy:
+ Fixed the transaction id used in fragments of the same
request.
+ Avoid creating device context when it's already being
untracked.
+ Fixed double GError free.
* mbimcli:
+ Fixed missing EOL in error string when closing device.
==== libproxy ====
- Add libproxy-CVE-2020-25219.patch: Rewrite url::recvline to be
nonrecursive (boo#1176410 CVE-2020-25219).
- Add libproxy-fix-pac-buffer-overflow.patch: fix buffer overflow
when PAC is enabled (boo#1177143 CVE-2020-26154).
==== libproxy-plugins ====
Subpackages: libproxy1-config-gnome3 libproxy1-config-kde libproxy1-networkmanager libproxy1-pacrunner-webkit
- Add libproxy-CVE-2020-25219.patch: Rewrite url::recvline to be
nonrecursive (boo#1176410 CVE-2020-25219).
- Add libproxy-fix-pac-buffer-overflow.patch: fix buffer overflow
when PAC is enabled (boo#1177143 CVE-2020-26154).
==== libqt5-qtwebkit ====
Subpackages: libQt5WebKit5 libQt5WebKit5-imports libQt5WebKitWidgets5
- Add upstream patch qtwebkit-5.212.0_pre20200309-bison-3.7.patch
in order to fix build with a recent bison.
==== libreoffice ====
Version update (7.0.1.2 -> 7.0.2.2)
Subpackages: libreoffice-base libreoffice-base-drivers-firebird libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Update to 7.0.2.2:
* RC2 of 7.0.2
==== libselinux ====
Version update (3.0 -> 3.1)
Subpackages: libselinux1 selinux-tools
- Update to version 3.1:
* selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
removed. All userspace object managers should have been updated to use the
dynamic class/perm mapping support.
Use string_to_security_class(3) and string_to_av_perm(3) to map the class
and permission names to their policy values, or selinux_set_mapping(3) to
create a mapping from class and permission index values used by the
application to the policy values.
* Removed restrictions in libsepol and checkpolicy that required all declared
initial SIDs to be assigned a context.
* Support for new policy capability genfs_seclabel_symlinks
* selinuxfs is mounted with noexec and nosuid
* `security_compute_user()` was deprecated
==== libselinux-bindings ====
Version update (3.0 -> 3.1)
- Update to version 3.1:
* selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
removed. All userspace object managers should have been updated to use the
dynamic class/perm mapping support.
Use string_to_security_class(3) and string_to_av_perm(3) to map the class
and permission names to their policy values, or selinux_set_mapping(3) to
create a mapping from class and permission index values used by the
application to the policy values.
* Removed restrictions in libsepol and checkpolicy that required all declared
initial SIDs to be assigned a context.
* Support for new policy capability genfs_seclabel_symlinks
* selinuxfs is mounted with noexec and nosuid
* `security_compute_user()` was deprecated
* Refreshed python3.8-compat.patch
==== libsemanage ====
Version update (3.0 -> 3.1)
Subpackages: libsemanage-migrate-store libsemanage1
- Add /var/lib/selinux
- Remove libsemanage-update-map-file.patch to prevent checkers from declining
the submission. Keeping the snippet in the spec file in case we try to
enable LTO again
- Update to version 3.1
* Improved manpage
* fsync final files before rename
- Disabled LTO again. This breaks e.g. shadow and also other packages
in security:SELinux
- Fix build with LTO: [bsc#1133102]
* Enable LTO (Link Time Optimization) and build with -ffat-lto-objects
* Update map file to include new symbols and remove wildcards
- Add libsemanage-update-map-file.patch
==== libsepol ====
Version update (3.0 -> 3.1)
- Update to version 3.1
* Add support for new polcap genfs_seclabel_symlinks
* Initialize the multiple_decls field of the cil db
* Return error when identifier declared as both type and attribute
* Write CIL default MLS rules on separate lines
* Sort portcon rules consistently
* Remove leftovers of cil_mem_error_handler
* Drop remove_cil_mem_error_handler.patch, is included
==== libsolv ====
Subpackages: libsolv-tools python3-solv ruby-solv
- make testcase_mangle_repo_names deal correctly with freed repos
[bnc#1177238]
==== libva ====
Version update (2.8.0 -> 2.9.0)
Subpackages: libva-drm2 libva-x11-2 libva2
- update to 2.9.0:
* trace: Refine the va_TraceVAPictureParameterBufferAV1.
* doc: Add comments for backward/forward reference to avoid confusion
* doc: Modify comments in av1 decoder interfaces
* doc: Update mailing list
* Add SCC fields trace for HEVC SCC encoding.
* Add FOURCC code for Y212 and Y412 format.
* Add interpolation method for scaling.
* add attributes for context priority setting
* Add vaSyncBuffer for output buffers synchronization
* Add vaSyncSurface2 with timeout
==== libva-gl ====
Version update (2.8.0 -> 2.9.0)
Subpackages: libva-glx2 libva-wayland2
- update to 2.9.0:
* trace: Refine the va_TraceVAPictureParameterBufferAV1.
* doc: Add comments for backward/forward reference to avoid confusion
* doc: Modify comments in av1 decoder interfaces
* doc: Update mailing list
* Add SCC fields trace for HEVC SCC encoding.
* Add FOURCC code for Y212 and Y412 format.
* Add interpolation method for scaling.
* add attributes for context priority setting
* Add vaSyncBuffer for output buffers synchronization
* Add vaSyncSurface2 with timeout
==== libvirt ====
Version update (6.7.0 -> 6.8.0)
Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-libs
- Update to libvirt 6.8.0
- jsc#SLE-12684, jsc#SLE-15861
- bsc#1174955 (CVE-2020-15708)
- bsc#1177155 (CVE-2020-25637)
- Many incremental improvements and bug fixes, see
https://libvirt.org/news.html
- Dropped patches:
2ad009ea-qemu-check-modules-dir.patch,
8abd1ffe-qemu-tolerate-non-existent-files.patch,
4a72b76b-qemu-namespace-memleak-fix.patch
==== libwacom ====
Version update (1.3 -> 1.5)
Subpackages: libwacom-data libwacom2
- Use official %%meson_test macro for the %check section.
- Do not crrate empty %check section when not using meson.
- Fix Leap build.
- update to 1.5:
- New devices:
- Acer Spin 5 / Acer Spin SP513-54N
- Dell Latitude 7410,
- GAOMON S620
- HP Pavilion x360 Convertible 14-dh0xxx
- Huawei MateBook HZ-W19
- Lenovo ThinkPad X1 Yoga 3rd
- Wacom Cintiq 16, DTK-1660E
- update to 1.4.1:
- New devices:
- HP ZBook Studio x360 G5
- Dell Latitude 7285
- Dell Latitude 7200 2-in-1, Dell Latitude 7400 2-in-1
- Elan 2415
- HP ENVY x360 Convertible 13,
- Huion 420, 1060 Plus,
- GAOMON S56K
- Wacom FT-0405
- Many AES stylus definitions added
- New API: libwacom_stylus_get_eraser_type()
- udev rules are now using hwdb entries
==== libzypp ====
Version update (17.25.1 -> 17.25.2)
- Bump version to force rebuild against a fixed libsolv.
(bsc#1177238, bsc#1177275)
- version 17.25.2 (22)
==== lightdm ====
Subpackages: liblightdm-gobject-1-0 lightdm-lang
- Change paths from /etc to /usr/etc for UsrEtc Move (boo#1177197)
- Fixup pam stack a bit more (boo#1176338):
+ Do not create hardlinks between lightdm pam files and xdm's pam
files, but install explicit lightdm pam stack that @includes
xdm. This has the advantage that, if an admin creates
/etc/pam.d/xdm, we will follow this right away. With the
hardlinks, the /usr/etc/pam.d/xdm would still be used, which
might not be the expected outcome.
- Follow XDM's change of moving the default pam config file to
/usr/etc (boo#1176338).
- Add pre/posttrans scripts to ensure user modified
/etc/pam.d/lightdm* survives our move to /usr/etc (and user
modification in /etc/pam.d wins over /usr/etc/pam.d).
==== linux-glibc-devel ====
Version update (5.7 -> 5.8)
- Update to kernel headers 5.8
==== live555 ====
Version update (2020.05.15 -> 2020.08.19)
Subpackages: libBasicUsageEnvironment1 libUsageEnvironment3 libgroupsock8
- update to 2020.08.19:
- Fixed a bug in "QuickTimeFileSink" that could cause malformed "esds" atoms to be
generated. (Thanks to Chris Paucar for reporting this issue.)
- In "MPEG2TransportStreamFromESSource.cpp", changed the name of the constant LOW_WATER_MARK
to TS_FROM_ES_LOW_WATER_MARK, and "#ifndef"d it, so that, if you wish, you can redefine it
at compile time.
- Fixed a bug in the handling of pausing, when streaming from (multi-track) Matroska files.
- Fixed another bug in the handling of seeking within Matroska files.
- Fixed a bug in the handling of seeking within Matroska files.
(Thanks to Jim Ham for reporting this problem.)
- Changed the parameter signature of the "RawVideoRTPSink" constructor and "createNew()"
functions so that the "width" parameter comes before the "height" parameter. This order
- "width", "height" - is more common, and is the order used when these parameters are
defined in RFC 4175.
IMPORTANT NOTE: Because the types of these two parameters are the same, existing application
code that uses "RawVideoRTPSink" will compile without error; however, it will not work
properly unless the order of the parameters in the call to "RawVideoRTPSink::createNew()"
is changed.
- More cleanup of the implementation of "RawVideoRTPSink".
- Cleaned up the implementation of "RawVideoRTPSink".
- Updated the "RawVideoRTPSource" implementation to not set "fCurrentPacketCompletesFrame"
until we are processing the last line in the packet.
(Thanks to Andrey Lisovoy for reporting this issue.)
- Fixed a potential buffer overflow bug in the server handling of a RTSP "PLAY" command,
when the command specifies seeking by absolute time.
(Thank to Xiaobo Xiang for reporting this.)
- Fixed a memory leak in the "sha1()" function (a "EVP_MD_CTX" object was not being deleted).
(Thanks to Amir Perlman for reporting this.)
- Moved all definitions of PREFIX from "Makefile.tail" files to "Makefile.head" (so that
it can be redefined by a "config.*" file, if desired.
Also changed the definition of EXE in "config.mingw" to be ".exe".
(Thanks to Eric Beuque for this suggestion.)
- Fixed a typo in the previous release that could cause a compilation problem for some
developers. (Thanks to Eric Beuque for reporting this.)
==== luit ====
Version update (20150706 -> 20201003)
- Update to version 20201003
* updated configure macros:
+ compiler-warning fixes
+ build-fixes for OpenBSD and macOS
* update config.guess, config.sub
==== mariadb ====
Subpackages: libmariadbd19 mariadb-client mariadb-errormessages
- Using basic.target dependencies is not needed with any systemd
release unless DefaultDependencies is disabled, remove from
unit files
- Mariadb uses hrtimers with absolute CLOCK_REALTIME values, this
won't work correctly if the clock isn't set and will do funny things
if it goes backward after starting the server as POSIX says that the new
clock value shall influence them, start the service after time-sync.target
to workaround the problem.
==== memcached ====
Version update (1.6.6 -> 1.6.7)
- update to 1.6.7:
* Dockerfile - allow override of config opts
* Improve page balancing when writes are bursty
* main: split binary protocol into proto_bin.c
* main: split text protocol into proto_text.c
* add openssl errors to SSL certificate loading error messages
* skip setting the resource limits in debug builds
* Use signal function instead of sigignore
* fixing the basic tls test so it exits correctly when fails
* net: remove most response obj cache related code
* net: carve response buffers from read buffers
* Do not join lru and slab maintainer threads if they do not exist
* Restore SAN entries in testing TLS certificates
* Changed code using strtol to use safe_strtol wrapper
* Fix TCP failure under OS X.
- drop use-signal-function-instead-of-sigignore.patch (upstream)
==== mozilla-nspr ====
Version update (4.28 -> 4.29)
- update to version 4.29
* Remove macOS Code Fragment Manager support code
* Remove XP_MACOSX and OS_TARGET=MacOSX
* Refresh config.guess and config.sub
* Remove NSPR's patch to config.sub
* Add support for e2k target (64-bit Elbrus 2000)
==== mozilla-nss ====
Version update (3.55 -> 3.57)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.57
* The following CA certificates were Added:
bmo#1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
bmo#1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
bmo#1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
- requires NSPR 4.29
- removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256)
- introduced _constraints due to high memory requirements especially
for LTO on Tumbleweed
- Add patch to fix build on aarch64 - boo#1176934:
* nss-freebl-fix-aarch64.patch
- Update nss-fips-approved-crypto-non-ec.patch to match RC2 code
being moved to deprecated/.
- Remove nss-fix-dh-pkcs-derive-inverted-logic.patch. This was made
obsolete by upstream changes.
- update to NSS 3.56
Notable changes
* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting "all" as the default
makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28
- do not hard require mozilla-nss-certs-32bit via baselibs
(boo#1176206)
==== mutter ====
Version update (3.36.6+2 -> 3.36.7)
Subpackages: libmutter-6-0 mutter-data
- Update to version 3.36.7:
+ Fix Night Light updates after DPMS
+ Fix IM handling on X11
+ Fix resizing of attached modal dialogs on wayland
+ Fix jumps when resizing windows using discrete steps.
+ Fixed crashes.
+ Plugged Memory leaks.
+ Misc. bug fixes and cleanups.
+ Updated translations.
==== myspell-dictionaries ====
Version update (20191219 -> 20201005)
Subpackages: myspell-en myspell-en_US myspell-lightproof-en
- version update to 20201005
* many updated dictionaries, see
https://cgit.freedesktop.org/libreoffice/dictionaries/log/
==== nano ====
Version update (5.2 -> 5.3)
- GNU nano 5.3:
* Option 'set stateflags' makes nano show the state of auto-indenting,
the mark, hard-wrapping, macro recording, and soft-wrapping in the
title bar. The flags take the place of "Modified", and a modified
buffer is instead indicated by an asterisk (*) after its name.
* Nano no longer by default tries using libmagic to determine the type
of a file (when neither filename nor first line gave a clue), because
in most cases it is a waste of time. It requires using the option
- -magic or -! or 'set magic' to make nano try libmagic.
* The color of the indicator can be changed with 'set scrollercolor'.
==== ncurses ====
Version update (6.2.20200711 -> 6.2.20200912)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20200912
+ add configure-check for systre/tre with mingw configuration, to get
the library-dependencies as seen in msys2 configuration for mingw64.
+ build-fixes for the win32-driver configuration.
+ use more defensive binary mode setting for Win32 (Juergen Pfeifer).
- Add ncurses patch 20200907
+ fix regression in setupterm validating non-empty $TERM (report by
Soren Tempel).
- Add ncurses patch 20200906
+ merge/adapt in-progress work by Juergen Pfeifer for new version of
win32-driver.
+ correct description of vt330/vt340 (Ross Combs).
- Add ncurses patch 20200831
+ build-fix for awk-scripts modified for win32-driver (report by Werner
Fink).
- Drop workaround patch awk-scripts.patch as now upstream fixed
- Add patch awk-scripts.patch as workaround for patch 20200829
- Add ncurses patch 20200829
+ remove a redundant NCURSES_EXPORT as a build-fix for "Maarten
Anonymous".
+ merge/adapt in-progress work by Juergen Pfeifer for new version of
win32-driver.
+ modify configure script, moving gcc -Werror options to EXTRA_CFLAGS
to avoid breaking configure-checks (adapted from ongoing work on
mawk and lynx).
> errate for terminfo.src (report by Florian Weimer):
+ correct icl6404 csr
+ correct ti916 cup
+ improve ndr9500
- Refresh patch ncurses-6.2.dif
- Add ncurses patch 20200822
+ improve version-number extraction in MKlib_gen.sh
+ make the test-package for manpages installable by adjusting the
man_db.renames file.
+ correct an off-by-one loop-limit in convert_strings function
(report by Yue Tai).
+ add CF_SHARED_OPTS cases for HPE NonStop systems (Randall S Becker).
+ modify CF_SHARED_OPTS case for NetBSD to use the same "-shared"
option for the non-rpath case as for the rpath case, to allow gcc to
provide suitable runtime initialization (report by Rajeev V Pillai).
- Disable wgetch-events as it is deprecated and breaks build of
other packages
- Add ncurses patch 20200817
+ reduce build-warnings by excluding ncurses-internals from deprecation
warnings.
+ mark wgetch-events feature as deprecated.
+ add definition for $(LIBS) to ncurses/Makefile.in, to simplify builds
using the string-hacks option.
+ prevent KEY_EVENT from appearing in curses.h unless the configure
option --enable-wgetch-events is used (report by Werner Fink).
- Add ncurses patch 20200816
+ amend tic/infocmp check to allow for the respective tool's absence
(report by Steve Wills, cf: 20200808).
+ improved some of the build-scripts with shellcheck
+ filter out -MT/-MD/-MTd/-MDd options in script for Visual Studio C++
(discussion with "Maarten Anonymous").
- Add ncurses patch 20200808
+ improve discussion of the system's tic utility when used as part
of cross-compiling (discussion with Keith Marshall).
+ modify configuration checks for build-time tic/infocmp to use
AC_CHECK_TOOL. That can still be overridden by --with-tic-path and
- -with-infocmp-path when fallbacks are used, but even if not using
fallbacks, the improved check may help with cross-compiling
(discussion with Keith Marshall).
+ other build-fixes for Ada95 with MinGW.
+ modify Ada95 source-generation utility to write to a file given as
parameter rather than to the standard output, allowing builds with
MinGW.
- Add ncurses patch 20200801
+ remove remaining parts of checks for ISC Unix (cf: 20121006).
+ add user32.lib to LDFLAGS for Visual Studio C++ configuration
(discussion with "Maarten Anonymous").
+ modify MKkey_defs.sh to hide ncurses' definition of KEY_EVENTS to
reduce Visual Studio C++ redefinition warnings.
+ improve/update checks for external functions in test/configure
- Add ncurses patch 20200725
+ set LINK_TESTS in CF_SHARED_OPTS for msvc (patch by
"Maarten Anonymous")
+ improved workaround for redefinition-warnings for KEY_EVENT.
+ improve man/term.5 section on legacy storage format (report by
Florian Weimer).
- Add ncurses patch 20200718
+ reduce redefinition-warnings for KEY_EVENT when building with Visual
Studio C++.
+ define NCURSES_STATIC when compiling programs to link with static
libraries, to work with MinGW vs Visual Studio C++.
> additional changes for building with Visual Studio C++ and msys2
(reports/patches by "Maarten Anonymous")
+ modify c++/Makefile.in to set the current directory while compiling
the main program, so the linker can find related objects.
+ several changes to allow the c++/demo program to compile/link.
+ change an ifdef in test-directory, to use VC++ wide-character funcs.
==== nodejs14 ====
Version update (14.12.0 -> 14.13.1)
Subpackages: npm14
- Update to version 14.13.1:
* fs: rmdir recursive is no longer considered experimental
- fix_ci_tests.patch: add support to SUSE's ECDH backport errors
in SLE's openssl
- Update to version 14.13.0:
* deps: upgrade to libuv 1.40.0 #35333
* module: named exports for CJS via static analysis #35249
* module: exports pattern support #34718
* src: allow N-API addon in AddLinkedBinding()
==== numactl ====
Version update (2.0.13 -> 2.0.14)
Subpackages: libnuma1
- update to 2.0.14:
* manpage update
* numademo: fix issue on 32 bit systems
* drop custom cflags for libnuma
* use symvers attribute for symbol versioning
==== openblas_openmp ====
- Set DYNAMIC_ARCH everywhere, use a base CPU model for non-dynamic
bits to have a reproducible base line:
x86_64: CORE2
aarch64: ARMV8
ppc: POWER8
s390: ZARCH_GENERIC
- Remove workaround for build failure on aarch64 (boo#1128794).
==== p11-kit ====
Subpackages: libp11-kit0 p11-kit-tools
- avoid bareword to fix build failure
==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced
- Handle the yast pattern split into basis, desktop and server (boo#1159875)
==== perl-CGI ====
Version update (4.50 -> 4.51)
- updated to 4.51
see /usr/share/doc/packages/perl-CGI/Changes
==== perl-Cpanel-JSON-XS ====
Version update (4.23 -> 4.24)
- updated to 4.24
see /usr/share/doc/packages/perl-Cpanel-JSON-XS/Changes
4.24 2020-10-02 (rurban)
- Fix decode_json(scalar, 0) (GH #171 plicease), check 2nd arg for true-ness
==== perl-File-Listing ====
Version update (6.04 -> 6.11)
- updated to 6.11
see /usr/share/doc/packages/perl-File-Listing/Changes
6.11 2020-10-06 03:00:45 -0600
- Remove accidental recursive req on LWP::Simple
- updated to 6.10
see /usr/share/doc/packages/perl-File-Listing/Changes
6.10 2020-10-05 15:18:30 -0600
- Production version identical to 6.09_01
6.09_01 2020-10-05 08:17:32 -0600
- Remove TABs from source files and tests (gh#17)
- Restores (theoretical, untested) support for 5.6, which was removed when
the tests added modern file tests (gh#17)
- Fixes or silences several minor nits reported by PerlCritic (gh#17)
6.08_01 2020-10-01 17:28:35 -0600
- We now only call Time::Local::timelocal with four digit years (gh#5, gh#14)
- updated to 6.07
see /usr/share/doc/packages/perl-File-Listing/Changes
==== perl-XML-Writer ====
Version update (0.625 -> 0.900)
- updated to 0.900
see /usr/share/doc/packages/perl-XML-Writer/Changes
==== php7 ====
Version update (7.4.10 -> 7.4.11)
Subpackages: apache2-mod_php7 php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter
- updated to 7.4.11: This is a security release which also contains
several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.11
==== policycoreutils ====
Version update (3.0 -> 3.1)
Subpackages: python3-policycoreutils
- Add get_os_version.patch
get_os_version is implemented in a very RH/Fedora specific way.
Ensure that it returns a valid string for SUSE by changing the
default. Also remove the RH specific logic when generating HTML
versions of the SELinux documentation
- Align more with Fedora spec file to get rid of python dependencies
in the core system
- create new python-utils sub-package
- move some tools to devel sub-package
- Cleanup dependencies
- Proper default permissions for newrole (4755)
- Update to version 3.1
* New `setfiles -E` option - treat conflicting specifications as errors, such
as where two hardlinks for the same inode have different contexts.
* `setsebool -V` reports errors from commit phase
* matchpathcon related interfaces are deprecated
* New `restorecon -x` option which prevents it from crossing file system
* boundaries.
* `sepolgen-ifgen` parses a gen_tunable statement as bool
* Removed Requires for python3-ipy as the ipaddress module is used. No
requires for python-ipaddress as it's assumed this is used only on recent
systems
* Drop chcat_join.patch, is upstream
==== popt ====
- Update homepage URL.
- Drop old rpm constructs.
==== procps ====
Subpackages: libprocps8
- Add upstream procps-check-sanity-of-SC_ARG_MAX.patch in order to fix
pgrep: cannot allocate 4611686018427387903 bytes when ulimit -s is unlimited.
==== python-alembic ====
- Add pytest_depr_from_parent.patch to fix FTBGS with pytest 6.*
(gh#sqlalchemy/sqlalchemy#5635).
==== python-libvirt-python ====
Version update (6.7.0 -> 6.8.0)
- Update to 6.8.0
- Add all new APIs and constants in libvirt 6.8.0
- jsc#SLE-12684, jsc#SLE-15861
==== python-mailman ====
- Remove suid bit from /var/lib/mailman/data
- remove systemd (build)requires
- Create mailman user and group
- Create directories for mailman and use FHS directory layout
- Create initial /etc/mailman.cfg
- Create /etc/mailman.d/ directory for extensions
- Add systemd files
==== python-semanage ====
Version update (3.0 -> 3.1)
- Update to version 3.1
* Improved manpage
* fsync final files before rename
- Disabled LTO again. This breaks e.g. shadow and also other packages
in security:SELinux
- Fix build with LTO: [bsc#1133102]
* Enable LTO (Link Time Optimization)
* Update map file to include new symbols and remove wildcards
- Add libsemanage-update-map-file.patch
==== python3-qt5 ====
Version update (5.15.0 -> 5.15.1)
- disable _quick3d flavors in staging through ringdisabled
- enable python2 Quick3D package for Leaps in new multibuild flavor
- Build Quick3D extension in separate package
* This keeps the dependency tree in staging smaller. (Requested
by Factory maintainers.)
* Is simply unresolvable for repositores which don't have
Quick3d but can still build the other extensions.
- Clean alternatives setup: Make use of %python_clone macro.
- Build Quick3D support in every repository that has it: presumably
all Qt 5.15 repositories
- Qt5Quick3D is not available on Leaps
- Add missing Quick3D and TextToSpeech build requirements
- New upstream patch pyqt5-customaudio-qt511.patch
* versionize QCustomAudioRoleControl for older Leaps
* https://www.riverbankcomputing.com/pipermail/pyqt/2020-September/043241.html
- Updated patch pyqt5-signals-hashable.patch
* Fix typedef for old python versions
* Patch is submitted to the PyQt5 mailing list
- Fix qtbot failures pyqt5-signals-hashable.patch, see
* https://www.riverbankcomputing.com/pipermail/pyqt/2020-September/043160.html
* gh#pytest-dev/pytest-qt#316
- Update to Version 5.15.1
* Added the QtTextToSpeech module.
* None is now interpreted as a null QJsonValue.
* Bound signals can now be compared for equality.
* Q_CLASSINFO, Q_ENUM, Q_ENUMS, Q_FLAG and Q_FLAGS are not
implemented when using PyPy.
- Drop update-timeline.patch once more. Nobody is using
nonexistent tags.
- 0001-Use-a-noarch-wrapper-for-dbus-mainloop-integration.patch
* another fix for the project.py for sip5 builds
- Fix 0001-Use-a-noarch-wrapper-for-dbus-mainloop-integration.patch
* Variable project is undefined. root_dir is attribute of self.
* This is a preparation for sip5 usage
==== qemu ====
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-guest-agent qemu-hw-display-qxl qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86
- Create qemu-skiboot sub-package. Use update-alternatives mechanism
to coordinate with opal-firmware (provided with skiboot package set)
on the provider of the /usr/share/qemu/skiboot.lid firmware file.
qemu-skiboot uses a priority of 15, while opal-firmware uses a
priority of 10 (jsc#SLE-13240)
==== rdma-core ====
Version update (27.1 -> 31.0)
Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1
- Update to v31.0 (jsc#SLE-15657, jsc#SLE-15731, jsc#SLE-15743, jsc#SLE-15810)
- No release notes available
- Update to v30.0
- No release notes available
- Add cxgb3-nes-fix-declaration-of-free_context.patch to fix support
of older providers with newer rdma-core internal ABI
==== rubygem-gem2rpm ====
- added support for 3.0.0
==== rubygem-vagrant_cloud ====
Version update (3.0.0 -> 2.0.3)
- Revert sr#837782
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Change paths from /etc to /usr/etc for UsrEtc Move (boo#1177195)
==== sendmail ====
Subpackages: libmilter1_0
- adjust permissions.d entries to new %libexedir location (bsc#1171164).
==== spice ====
- Fix buffer overflow vunerabilities in QUIC image decoding
(CVE-2020-14355 bsc#1177158)
0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch
0002-quic-Check-image-size-in-quic_decode_begin.patch
0003-quic-Check-RLE-lengths.patch
0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch
==== spice-gtk ====
Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper libspice-client-gtk-3_0-5
- Fix buffer overflow vunerabilities in QUIC image decoding
(CVE-2020-14355 bsc#1177158)
0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch
0002-quic-Check-image-size-in-quic_decode_begin.patch
0003-quic-Check-RLE-lengths.patch
0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch
==== squid ====
- Reinstate permissions macros for pinger binary, because the permissions
package is also responsible for setting up the cap_net_raw capability,
currently a fresh squid install doesn't get a capability bit at all
(bsc#1171569).
==== strace ====
Version update (5.8 -> 5.9)
- Update to strace 5.9
* Improvements
* Added -n/--syscall-number option for printing syscall numbers.
* Added --pidns-translation option for PID namespace translation (addresses
Fedora bug #1035433).
* Implemented decoding of close_range syscall.
* Implemented decoding of TEE_* ioctl commands.
* Implemented decoding of struct msginfo argument of IPC_INFO
and MSG_INFO msgctl syscall commands.
* Implemented decoding of struct msqid_ds argument of MSG_STAT
and MSG_STAT_ANY msgctl syscall commands.
* Implemented decoding of struct seminfo argument of IPC_INFO
and SEM_INFO semctl syscall commands.
* Implemented decoding of struct semid_ds argument of IPC_SET,
IPC_STAT, SEM_STAT, and SEM_STAT_ANY semctl syscall commands.
* Implemented decoding of struct shminfo argument of IPC_INFO
shmctl syscall command.
* Implemented decoding of struct shm_info argument of SHM_INFO
shmctl syscall command.
* Implemented decoding of struct shmid_ds argument of SHM_STAT
and SHM_STAT_ANY shmctl syscall commands.
* Updated lists of BPF_*, CAP_*, FAN_*, IFLA_*, INET_DIAG_REQ_*,
IORING_FEAT_*, IP_*, IPV6_*, KVM_*, NDA_*, PTP_PEROUT_*, RTPROT_*,
and V4L2_FMT_FLAG_* constants.
* Updated lists of ioctl commands from Linux 5.9.
==== subversion ====
Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl subversion-server subversion-tools
- update the path of the PIDFile in the svnserve.service file:
change /var/run/svnserve/svnserve.pid to /run/svnserve/svnserve.pid
- update the tmpfiles.d/ drop-in file as requested by the
rpm output
/usr/lib/tmpfiles.d/svnserve.conf:1: Line references path below
legacy directory /var/run/, updating /var/run/svnserve ? /run/svnserve;
==== swell-foop ====
- Add swell-foop-vala-syntax.patch: Don't use unsupported vala
syntax, (glgo#GNOME/swell-foop!20).
==== sysuser-tools ====
- Avoid useless use of cat
- Simplify %sysusers_requires
- Drop shebang, rpm passes it to /bin/sh itself
==== sysvinit ====
Version update (2.96 -> 2.97)
- Drop /bin/pidof and /sbin/pidof, including corresponding man
page: let's switch to pidof as provided by procps-ng.
- Update to sysvinit 2.97:
* Check $(ROOT) filesystem for libcrypt instead of a hardcoded
path to /usr.
* Code clean-up and making sure we avoid freeing unused memory.
* Added shell script which converts systemd unit files into
init.d style scripts.
* Allow init to load configuration data from files stored in
/etc/inittab.d/
* Allow shutdown time to be specified in the format +hh:mm. This
is in addition to the existing formats such as hh:mm, +m, and
"now".
* Fixed typos in manual pages.
- Update startpar to 0.65:
+ Make sure startpar testsuite can find insserv executable in
/usr/sbin or /sbin.
+ Added PREFIX variable to Makefile and testsuite to make
location of startpar and insserv more flexible.
- Rebase sysvinit-2.90.dif.
- Drop SCVER defines: not used in any place.
- Drop startpar-sysmacros.patch: fixed upstream.
==== tcpd ====
- tcp_wrappers_7.6-shared-lib.diff: Linux has STRERROR not SYS_ERRLIST
[bsc#1175272]
==== tracker ====
Version update (3.0.0 -> 3.0.1)
Subpackages: libtracker-sparql-3_0-0 typelib-1_0-Tracker-3_0
- Update to version 3.0.1:
+ Reference Discourse instead of the mailing list.
+ Use specific Meson options to enable debug flags.
+ Reduce in use by TrackerSparqlStatement.
+ Fix tracker:title-sort.
+ Fix stale graphs with WITH clauses.
+ Cleanup libtracker-common.
+ Several fixes for Coverity warnings.
+ More tests.
+ Build fixes.
+ Updated translations.
==== tracker-miners ====
Version update (2.99.5 -> 3.0.1)
Subpackages: tracker-miner-files
- Update to version 3.0.1:
+ Fix moving files and directories leaving stale data.
+ Better handling of faulty SPARQL from tracker-extract.
+ Fix chromaprint tag extraction in gstreamer extractor causing
bad SPARQL.
+ Reference Discourse instead of the mailing list.
+ Forward tracker-extract state.
+ Use specific Meson options to enable debug flags.
+ Fix stop words location when building with system Tracker.
+ Small libtracker-miners-common clean ups.
+ Check for malloc_trim function being available.
+ Fixes for Coverity warnings.
+ Compiler warning fixes.
+ Updated translations.
- Update to version 3.0.0:
+ Updated translations.
==== unbound ====
Version update (1.11.0 -> 1.12.0)
Subpackages: libunbound8 unbound-anchor
- update to 1.12.0
Features
- DNS Flag Day 2020: change edns-buffer-size default to 1232.
- Merge PR #255: DNS-over-HTTPS support.
- Use inclusive language in configuration
- Merge PR #284 and Fix #246: Remove DLV entirely from Unbound.
The DLV has been decommisioned and in unbound 1.5.4, in 2015, there
was advise to stop using it. The current code base does not contain
DLV code any more. The use of dlv options displays a warning.
- Similar to NSD PR#113, implement that interface names can be used,
eg. something like interface: eth0 is resolved at server start and
uses the IP addresses for that named interface.
- Merge PR #272: Add EDNS client tag functionality.
- Add edns-client-tag-opcode option
Bug Fixes
- Merge PR #270 from cgzones: munin plugin: always exit 0 in autoconf
- Merge PR #269, Fix python module len() implementations, by Torbj�rn
L�nnemark
- Merge PR #268, draft-ietf-dnsop-serve-stale-10 has become RFC 8767 on
March 2020, by and0x000.
- Fix doxygen comment for no ssl for tls session ticket key callback
routine.
- Fix mini_event.h on OpenBSD cannot find fd_set.
- Improve error log message when inserting rpz RR.
- Merge PR #280, Make tvOS & watchOS checks verify truthiness as well as
definedness, by Felipe Gasper.
- contrib/aaaa-filter-iterator.patch file renewed diff content to
apply cleanly to the current coderepo for the current code version.
- Fix #287: doc typo: "Additionaly".
- Merge (modified) PR #277, use EVP_MAC_CTX_set_params if available,
by V�t?zslav ?�?ek.
- Create and init edns tags data for libunbound.
- Fix stats double count issue (#289).
- Fix that dnstap reconnects do not spam the log with the repeated
attempts. Attempts on the timer are only logged on high verbosity,
if they produce a connection failure error.
- Fix to apply chroot to dnstap-socket-path, if chroot is enabled.
- Change configure to use EVP_sha256 instead of HMAC_Update for
openssl-3.0.0.
- Update documentation in python example code.
- Review fix interface, doxygen and assign null in case of error free.
- Merge PR #293: Add missing prototype. Also refactor to use the new
shorthand function to clean up the code.
- Refactor to use sock_strerr shorthand function.
- Fix #296: systemd nss-lookup.target is reached before unbound can
successfully answer queries. Changed contrib/unbound.service.in.
- Fix num.expired statistics output.
- Remove x file mode on ipset/ipset.c and h files.
- Spelling fix.
- Introduce test for statistics.
- Fix that prefer-ip4 and prefer-ip6 can be get and set with
unbound-control, with libunbound and the unbound-checkconf option
output function.
- Merge PR #311 by luismerino: Dynlibmod leak.
- Error message is logged for dynlibmod malloc failures.
- iana portlist updated.
- Fix #304: dnstap logging not recovering after dnstap process restarts
- Fix edns-client-tags get_option typo
- Fix #305: dnstap logging significantly affects unbound performance
(regression in 1.11).
- Fix #305: only wake up thread when threshold reached.
- Fix to ifdef fptr wlist item for dnstap.
- Fix memory leak of edns tags at libunbound context delete.
- Fix double loopexit for unbound-dnstap-socket after sigterm.
==== vala ====
Version update (0.48.10 -> 0.48.11)
Subpackages: libvala-0_48-0
- Update to version 0.48.11:
+ Various improvements and bug fixes:
- codegen:
. The actual struct size is required for calloc (POSIX)
. Don't pass CCodeFunctionCall to NULL-aware free macro
- g-i: Fix a couple of C compiler warnings
- libvaladoc: Fix a couple of C compiler warnings
- testrunner: Pass --enable-checking to increase coverage,
Filter external -0X flags to preserve current default -O0
+ Bindings:
- gstreamer: Update from 1.18.0+ git master
- gtk4: Don't skip LayoutManager.create_layout_child()
- gtk4: Update to 3.99.1+15b635d7
- poppler-glib: Update to 20.09.0
- vapi: Update GIR-based bindings
- webkit2gtk-4.0: Update to 2.30.1
==== vim ====
Subpackages: gvim vim-data vim-data-common
- apparmor.vim: update from latest AppArmor 2.13 branch:
- add capabilities bpf and perfmon
==== vulkan-loader ====
Version update (1.2.153 -> 1.2.154)
- Update to release 1.2.154
* Revert loader error characteristics to 1.2.152
- Drop 0001-Revert-loader-Return-error-if-layer-loading-failed.patch
(merged)
==== webkit2gtk3 ====
Version update (2.28.4 -> 2.30.1)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles
- Enable c_loop on aarch64: currently needed for compilation to
succeed with JIT disabled. Also disable sampling profiler, since
it conflicts with c_loop (boo#1177087).
- Update to version 2.30.1:
+ Bring back the environment variable to force single process
mode when PSON is disabled.
+ Fix downloads started by an ephemeral web context.
+ Updated translations.
- Update to version 2.30.0:
+ Fix NTLM authentication.
+ Don't try to use SHM on wayland with older wpebackend-fdo.
+ Fix the build due to seccomp.h header not found.
- Drop seccomp-build-fix.patch and wpe-shm-check.patch: fixed
upstream.
- Add wpe-shm-check.patch: make SHM initialization fail for
wpebackend-fdo < 1.7.0.
- Add seccomp-build-fix.patch: pass seccomp include directory to
g++.
- Re-enable bubblewrap sandbox for SLE-15-SP2 and Tumbleweed.
- Update to version 2.29.92:
+ Fix user agent header after a redirect when a new quirk is
required.
+ Stop using firefox user agent quirk for google docs.
+ Fix rendering frames timeline panel in web inspector.
+ Fix per-thread cpu usage in web inspector.
+ Fix several crashes and rendering issues.
- Changes from version 2.29.91:
+ Fix a web process crash introduced in 2.29.90.
- Changes from version 2.29.90:
+ Fix font variation settings when font smoothing setting is also
present.
+ Fix HTML drag and drop operations.
+ Fix argument order for clone syscall seccomp filter on s390x.
+ Fix a crash when selecting text.
+ Fix several crashes and rendering issues.
- Changes from version 2.29.4:
+ Add support for backdrop filters.
+ Add support for text-underline-offset and
text-decoration-thickness.
+ Add OpenCDM and AV1 support to media backend.
+ Add new API to get ITP data summary.
+ Use mobile user-agent on tablets.
+ Fix several crashes and rendering issues.
- Changes from version 2.29.3:
+ Add webkit_authentication_request_get_security_origin.
+ Change the cookies accept policy to always when no-third-party
is set and ITP is enabled.
+ Fix web process hangs on large GitHub pages.
+ Bubblewrap sandbox should not attempt to bind empty paths.
+ Add support for sndio to bubblewrap sandbox.
+ Also handle dark themes when the name ends with -Dark.
+ Fix a race condition causing a crash in media player.
+ Fix several crashes and rendering issues.
- Changes from version 2.29.2:
+ Add Intelligent Tracking Prevention (ITP) support.
+ Add support for video formats in img elements.
+ Add API to handle video autoplay policy that now defaults to
disallow autoplay videos with audio.
+ Add API to mute a web view.
+ Add API to allow applications to handle the HTTP authentication
credential storage.
+ Add a WebKitSetting to set the media content types requiring
hardware support.
+ Fix a crash during drag an drop due to a bug introduced in
2.29.1.
+ Do not start page load during animation in back/forward
gesture.
+ Fix several crashes and rendering issues.
- Changes from version 2.29.1:
+ Stop using GTK theming to render form controls.
+ Add API to disable GTK theming for scrollbars too.
+ Fix several race conditions and threading issues in the media
player.
+ Add USER_AGENT_BRANDING build option.
+ Add paste as plain text option to the context menu for rich
editable content.
+ Fix several crashes and rendering issues.
+ Updated translations.
- Rebase webkit2gtk3-fdo-soname.patch.
- Add pkgconfig(libsystemd) BuildRequires: new dependency.
==== wpa_supplicant ====
Subpackages: wpa_supplicant-gui
- Add wpa_supplicant-p2p_iname_size.diff -- Limit P2P_DEVICE name to appropriate ifname size
(https://patchwork.ozlabs.org/project/hostap/patch/20200825062902.124600-1-benjamin@sipsolutions.net/)
==== x11-tools ====
- xim script: also consider files below /usr/etc/X11/xim.d (boo#1176431)
- Upgrade old RPM constructs.
- i18n.template: moved example for user specific LANG setting
from .profile (bash package) to .i18n skeleton file (boo#1158724)
- moved xim files to /usr/etc; xinit is already prepared for this
(boo#1176431)
==== xdm ====
Subpackages: xdm-xsession
- removed /etc/X11/xdm/Keyboard.map since it meanwhile has been
replaced by /usr/share/systemd/kbd-model-map (used by YaST)
- Don't create the compat symlinks in /etc on the fly, track them
properly as %config
- /etc/X11/xdm/scripts/11-ssh-agent
* ssh-askpass now moved to /usr/libexec/ssh (boo#1175991)
- moved xdm/xdm-np PAM files to /usr/etc/pam.d, since lightdm has
been adjusted meanwhile
- Switch to /usr/bin/pidof dependency, provided by procps-ng.
- fixes in xdm-tarball.patch
* /usr/lib/X11/display-manager: fixes sddm, which didn't use
xdm_reload_files in xdm_start_proc() of
/usr/lib/X11/displaymanagers/sddm (boo#1173049)
- fixes in xdm-tarball.patch
* symlink also $XDMDIR/xinitrc.common in /etc/X11/xinit; it
is still often sourced in old ~/.xinitrc user files ...
- fixes in xdm-tarball.patch
* fixed include path for generic Xresources in xdm's Xresources file
* fixed $XDMDIR in Xsession, so sys.xsession can be found
* sys.xsession: fixed syntax error in code, which reads
additional xdm scripts
* display-manager: also symlink Xstartup and Xreset in
/etc/X11/xdm (needed by lighdm)
- specfile:
* for now use again /etc/pam.d for xdm/xdm-np PAM files instead
of /usr/etc/pam.d (using the latter resulted in
"authentificataion failure" with lightdm)
- reenabled move to /usr/etc/X11/xdm; updated xdm-tarball.patch
(includes changes from xinit-UsrEtcMove.patch) [boo#1176212]
- xinit-UsrEtcMove.patch
* changes needed with xinitrc moving to %{_libexecdir}/xinit and
xinitrc.common moving to /usr/etc/X11/xinit/
- reverted move to /usr/etc/X11/xdm for now due to boo#1176212
- updated xdm-tarball.patch
* adjusted for changes in xmodmap and xinit (boo#1173049)
- xdm-tarball.patch
* /usr/etc changes still needed for xdm.tar.bz2; will need
more changes once xmodmap and xinit files are also moved to
/usr/etc (boo#1173049)
- move /etc/X11/xdm --> /usr/etc/X11/xdm and
/etc/pam.d -> /usr/etc/pam.d; still TODO: adjust scripts in
xdm.tar.bz2 (boo#1173049)
- more cleanup
* no longer support sle12; adjusted xdm.tar.bz2 and
applied xdm-with-update-alternative.patch to this tarball
- cleanup
* get rid of xdm-fallbacks.tar.bz2, which wasn't used any longer
since SUSE 12.1
* no longer support systmed based OSes like SUSE < 12.1 and sle11;
removed therefore also xdm-consolekit.diff
* no longer support sle11
==== xinit ====
- Properly track the compatibility symlink
- simplified UsrEtcMove enable/disable logic in specfile
- xinit-tarball.patch/xinit.spec
* reenabled move to /usr/etc/X11/xinit
* fixed remaining issues mentioned in boo#1173052, comment#6
and boo#1176212, comment#7
- reverted move to /usr/etc/X11/xinit for now (boo#1173052, comment#6)
- moved xinit files to /usr/etc/X11/xinit and removed xinitrc
skeleton (boo#1173052)
- xinit-tarball.patch
* adjust tarball contenct to /usr/etc move (boo#1173052)
==== xkeyboard-config ====
Version update (2.30 -> 2.31)
- Update to version 2.31
* latest bugfix release
- supersedes U_Fix-symbols-in-syntax-error-spurious-git-conflict-ma.patch
- adjusted n_suse-ctrl-alt-bksp-terminate.patch
==== xmodmap ====
- reenabled move to /usr/etc/X11 for Tumbleweed (boo#1173053)
- reverted move to /usr/etc/X11 for now (boo#1173053, comment#3)
- moved Xmodmap files to /usr/etc/X11 (boo#1173053)
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk xorg-x11-server-wayland
- n_xorg-wrapper-anybody.patch
* replace default config /etc/X11/Xwrapper, which allows
anybody to use the wrapper, by a patch for the code, i.e.
[#] rootonly, console, anybody
allowed_users=anybody
[#] yes, no, auto
needs_root_rights=auto
is now the default without any Xwrapper config
(needs_root_rights=auto was already the default before)
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* replaced by improved version written by Matthias Gerstner of
our security team
+ simplified the option parsing code a bit
+ changed the "ignore forbidden argument" logic into an "abort
on forbidden argument" logic. This is safer and avoids
surprises on the user's end that could occur if the desired
command line arguments aren't effective but the Xorg server is
still started.
+ tried to adjust to the coding style present in the file
(mostly the function name)
+ added some logic to apply the option filtering only to
non-root users when Xorg is actually started as root. This
should allow for full flexibility if root calls the wrapper or
if the Xorg server only runs with user privileges.
- U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch,
U_Revert-linux-Fix-platform-device-PCI-detection-for-c.patch,
U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch,
U_Revert-linux-Make-platform-device-probe-less-fragile.patch
* fix Xserver startup on Raspberry Pi 3 (boo#1176203)
- n_xorg-wrapper-rename-Xorg.patch
* moved Xorg to Xorg.bin and Xorg.sh to Xorg (boo#1175867)
- change default for needs_root_rights to auto in Xwrapper.config
(boo#1175867)
- reenabled SUID wrapper for TW (boo#1175867)
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* Xserver option whitelist filter (boo#1175867)
==== yelp ====
Version update (3.36.0 -> 3.36.1)
Subpackages: libyelp0
- Update to version 3.36.1:
+ Fix issue when opening local HTML files.
+ Updated translations.
==== zsh ====
- Add ncurses-fix.patch in order to fix ncurses failure.