Changed packages: ==== a2ps ==== Version update (4.13 -> 4.14) - Removed pkgconfig entries from Requires: section, per OBS request 243897 - Do not buildrequire xorg-x11-devel, never used. - Fixed license in .spec file to reflect upstream changing to GPLv3 (sr#248177) - Updated to 4.14 * No UTF-8 Support yet, Basically a maintenance release. * GNU a2ps is now licensed under GPLv3 or later * Can now be built with Modern GNU Autotools, and gcc>=3.4 * Numerous minor bugfixes, including: * input buffer overflow * IA64, PPC, and AMD64 fixes * Several security issues (CVE-2004-1377) * Addition of a number of new stylesheets * Translations for Japanese, Dutch, and French added/updated - Patches rebased for 4.14 sources * Added: a2ps-4.14-acroread.patch a2ps-4.14-linker.patch a2ps-4.14-ogonkify.patch a2ps-4.14-tempfile.patch a2ps-4.14.diff * Deleted: a2ps-4.13-acroread.patch a2ps-4.13-linker.patch a2ps-4.13-ogonkify.patch a2ps-4.13-tempfile.patch a2ps-4.13.dif a2ps-4.13-gv-arguments.patch a2ps-4.13-nb.patch a2ps-4.13-space.patch * Modified: CVE-2014-0466.diff - Deleted a2ps-4.13.tar.gz, replaced with a2ps-4.14.tar.gz - a2ps.spec cleanup, and updating to work with new sources. ==== alsa ==== Subpackages: alsa-devel libasound2 libasound2-32bit - Backport upstream fixes: A couple of USB-audio config addition/fix, dmix PCM stop fix, a memory leak fix, DSD format endianess fix, PCM timestamp fixes, etc. 0050-USB-Audio-Add-Scarlett-2i4-USB-to-S-PDIF-blacklist.patch 0051-snd_user_file-fix-memory-leak.patch 0052-pcm-dmix-Don-t-ignore-SND_TIMER_EVENT_MSTOP.patch 0053-snd_dlsym-only-do-versioning-checks-if-built-with-ve.patch 0054-dlmisc-Remove-unused-label.patch 0055-USB-audio-Add-five-more-cards-to-IEC958-blacklist.patch 0056-pcm-Fix-DSD-sample-format-endianess-and-add-big-endi.patch 0057-mixer-Fix-inclusion-of-config.h.patch 0058-mixer-Fix-unused-parameter-warnings.patch 0059-ucm-Fix-uninitialized-err-in-snd_use_case_set.patch 0060-pcm-Fix-assorted-tstamp_type-bugs-omissions.patch ==== alsa-utils ==== - Backport upstream fixes: rubustify dB value handling in amixer 0014-amixer-Make-dB-case-insensitive-in-set-commands.patch 0015-amixer-Parse-the-value-more-strictly.patch ==== apache-commons-codec ==== Version update (1.8 -> 1.10) - Update to version 1.10 New features: + Add Daitch-Mokotoff Soundex Issue: CODEC-192. + QuotedPrintableCodec does not support soft line break per the 'quoted-printable' example on Wikipedia Issue: CODEC-121. + Make possible to provide padding byte to BaseNCodec in constructor Issue: CODEC-181. Fixed Bugs: + Added clarification to Javadoc of Base64 concerning the use of the urlSafe parameter Issue: CODEC-185. + Added clarification to the Javadoc of Base[32|64]OutputStream that it is mandatory to call close() Issue: CODEC-191. + Add support for HMAC Message Authentication Code (MAC) digests Issue: CODEC-188. + Beider Morse Phonetic Matching producing incorrect tokens Issue: CODEC-187. + NullPointerException in DoubleMetaPhone.isDoubleMetaphoneEqual when using empty strings Issue: CODEC-184. + Fix Javadoc 1.8.0 errors Issue: CODEC-180. + Fix Java 8 build Javadoc errors Issue: CODEC-189. Changes: + Deprecate Charsets Charset constants in favor of Java 7's java.nio.charset.StandardCharsets Issue: CODEC-178. + Update from commons-parent 34 to 35 Issue: CODEC-190. - Use javapackages-tools instead of java-devel - Remove gpg_verify usage; let obs handle it ==== apache2 ==== Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - fixed start at boot for ssl and encrypted key [bnc#792309] ==== arpwatch ==== - Removed executable permission bits from arpwatch@.service file. ==== b43-fwcutter ==== - fix bashism in install_bcm43xx_firmware script ==== binutils ==== Version update (2.24 -> 2.24.90) Subpackages: binutils-devel - Update to current 2.25 pre-release branch, at 127a4644. - binutils-fix-gold-aarch64.diff: fixing build temporarily broken on brach. - Remove obsolete patches: binutils-2.24-branch.diff.gz, pie-m68k.patch, binutils-2.24-auto-plugin.diff, ld-testsuite.patch, binutils-2.24-bso16746.diff . - Enable Adapteva Epiphany target ==== brltty ==== Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-espeak brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_6 python3-brlapi xbrlapi - fix bashisms in brltty-install script - add patches: * brltty-5.1-fix-bashisms.patch ==== bundle-lang-common-cs ==== Subpackages: bundle-lang-common-da bundle-lang-common-de bundle-lang-common-el bundle-lang-common-en bundle-lang-common-es bundle-lang-common-fr bundle-lang-common-hu bundle-lang-common-it bundle-lang-common-ja bundle-lang-common-pl bundle-lang-common-pt bundle-lang-common-ru bundle-lang-common-zh - Update package list. ==== bundle-lang-gnome-cs ==== Subpackages: bundle-lang-gnome-da bundle-lang-gnome-de bundle-lang-gnome-el bundle-lang-gnome-en bundle-lang-gnome-es bundle-lang-gnome-fr bundle-lang-gnome-hu bundle-lang-gnome-it bundle-lang-gnome-ja bundle-lang-gnome-pl bundle-lang-gnome-pt bundle-lang-gnome-ru bundle-lang-gnome-zh - Update package list. - update package list ==== bundle-lang-kde-cs ==== Subpackages: bundle-lang-kde-da bundle-lang-kde-de bundle-lang-kde-el bundle-lang-kde-en bundle-lang-kde-es bundle-lang-kde-fr bundle-lang-kde-hu bundle-lang-kde-it bundle-lang-kde-ja bundle-lang-kde-pl bundle-lang-kde-pt bundle-lang-kde-ru bundle-lang-kde-zh - Update package list. - update package list ==== bzr ==== Subpackages: bzr-lang - Remove timestamp from docs to reduce buildcompare noise: bzr-doc-timestamp.patch ==== capi4hylafax ==== - Use source URL, use rpm macros. - Add capi4hylafax-01.03.00-fix-bashisms.patch to fix bashisms in setupconffile (faxaddmodem.capi_dia) script ==== choqok ==== - Correct usage of fdupes macro ==== libcloog-isl4 ==== - Add cloog-isl-0.18.1-isl14-1.patch, cloog-isl-0.18.1-isl14-2.patch, cloog-isl-0.18.1-isl14-3.patch and cloog-isl-0.18.1-isl14-4.patch to make cloog-isl compile with ISL 0.14. ==== cpio ==== - fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112) * added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch ==== cyradm ==== Subpackages: cyrus-imapd perl-Cyrus-IMAP perl-Cyrus-SIEVE-managesieve - Changed cyrus-imapd-rc-2.tar.gz/cron.daily.cyrus to use 'su -s /bin/bash - cyrus', as the default shell is now /sbin/nologin [boo#908014] - Changed cyrus-imapd-rc-2.tar.gz/rc.cyrus to set /var/run/cyrus-master.pid as the PID file (was: /var/run/cyrus.pid) [boo#908006] ==== cyrus-sasl ==== Subpackages: cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-plain libsasl2-3 libsasl2-3-32bit - Make sure /usr/sbin/rcsaslauthd exists ==== ding ==== Version update (1.7 -> 1.8) - Update to new upstream release 1.8 * New version of German-English translation file, now over 326,000 entries (up from 270,000). * Minor bug fixes. - Split the dictionary file so as to not mandate installation of the Tk frontend. - Downgrade ispell dictionary requirements into recommendations; ding works without them, too. - Add missing ispell Recommends (just having the dictionaries does not help, the program is needed). - Also recommend agrep, which the Tk frontend prefers for full functionality (approximate matching). - Suggest fortune, because ding even supports searching that. - Minor cleanups: use rpm macros in place of rpm shell vars. ==== enblend-enfuse ==== - no more upstream tarball signatures, no need for gpg offline ==== fdupes ==== - sort the output of fdupes by filename to make it deterministic for parallel builds * 0011-add-an-option-to-sort-duplicate-files-by-name.patch ==== fetchmail ==== - Removed executable permission bits from fetchmail.service file. - Update the project url in the spec file after Berlios shutdown. - Remove dependency on gpg-offline as signature checking is implemented in the source validator. ==== fonts-config ==== Version update (20140604 -> 20141207) - updated to 20141207 added --info option (will be required by yast fonts) ==== freetype2-devel ==== Version update (2.5.3 -> 2.5.4) Subpackages: libfreetype6 libfreetype6-32bit - Update to version 2.5.4 * IMPORTANT BUG FIXES - A variant of vulnerability CVE-2014-2240 was identified (cf. http://savannah.nongnu.org/bugs/?43661) and fixed in the new CFF driver. All users should upgrade. - The new auto-hinter code using HarfBuzz crashed for some invalid fonts. - Many fixes to better protect against malformed input. * IMPORTANT CHANGES - Full auto-hinter support of the Devanagari script. - Experimental auto-hinter support of the Telugu script. - CFF stem darkening behaviour can now be controlled at build time using the eight macros CFF_CONFIG_OPTION_DARKENING_PARAMETER_{X,Y}{1,2,3,4} . - Some fields in the `FT_Bitmap' structure have been changed from signed to unsigned type, which better reflects the actual usage. It is also an additional means to protect against malformed input. This change doesn't break the ABI; however, it might cause compiler warnings. * MISCELLANEOUS - Improvements to the auto-hinter's algorithm to recognize stems and local extrema. - Function `FT_Get_SubGlyph_Info' always returned an error even in case of success. - Version 2.5.1 introduced major bugs in the cjk part of the auto-hinter, which are now fixed. - The `FT_Sfnt_Tag' enumeration values have been changed to uppercase, e.g. `FT_SFNT_HEAD'. The lowercase variants are deprecated. This is for orthogonality with all other enumeration (and enumeration-like) values in FreeType. - `cmake' now supports builds of FreeType as an OS X framework and for iOS. - Improved project files for vc2010, introducing a property file - The documentation generator for the API reference has been updated to produce better HTML code (with proper CSS). At the same time, the documentation got a better structure. - The FT_LOAD_BITMAP_CROP flag is obsolete; it is not used by any driver. - The TrueType DELTAP[123] bytecode instructions now work in subpixel hinting mode as described in the ClearType whitepaper (i.e., for touched points in the non-subpixel direction). - Many small improvements to the internal arithmetic routines. - Rebase don-t-mark-libpng-as-required-library.patch, bugzilla-308961-cmex-workaround.patch, freetype2-subpixel.patch, freetype2-bitmap-foundry.patch and overflow.patch - Add freetype2-2.5.3-fix-pcf.patch from upstream to resolve http://savannah.nongnu.org/bugs/?43774, "Freetype 2.5.4 does not load ungzipped PCF fonts" ==== ft2demos ==== Version update (2.5.3 -> 2.5.4) - Update to version 2.5.4 * IMPORTANT BUG FIXES - A variant of vulnerability CVE-2014-2240 was identified (cf. http://savannah.nongnu.org/bugs/?43661) and fixed in the new CFF driver. All users should upgrade. - The new auto-hinter code using HarfBuzz crashed for some invalid fonts. - Many fixes to better protect against malformed input. * IMPORTANT CHANGES - Full auto-hinter support of the Devanagari script. - Experimental auto-hinter support of the Telugu script. - CFF stem darkening behaviour can now be controlled at build time using the eight macros CFF_CONFIG_OPTION_DARKENING_PARAMETER_{X,Y}{1,2,3,4} . - Some fields in the `FT_Bitmap' structure have been changed from signed to unsigned type, which better reflects the actual usage. It is also an additional means to protect against malformed input. This change doesn't break the ABI; however, it might cause compiler warnings. * MISCELLANEOUS - Improvements to the auto-hinter's algorithm to recognize stems and local extrema. - Function `FT_Get_SubGlyph_Info' always returned an error even in case of success. - Version 2.5.1 introduced major bugs in the cjk part of the auto-hinter, which are now fixed. - The `FT_Sfnt_Tag' enumeration values have been changed to uppercase, e.g. `FT_SFNT_HEAD'. The lowercase variants are deprecated. This is for orthogonality with all other enumeration (and enumeration-like) values in FreeType. - `cmake' now supports builds of FreeType as an OS X framework and for iOS. - Improved project files for vc2010, introducing a property file - The documentation generator for the API reference has been updated to produce better HTML code (with proper CSS). At the same time, the documentation got a better structure. - The FT_LOAD_BITMAP_CROP flag is obsolete; it is not used by any driver. - The TrueType DELTAP[123] bytecode instructions now work in subpixel hinting mode as described in the ClearType whitepaper (i.e., for touched points in the non-subpixel direction). - Many small improvements to the internal arithmetic routines. - Rebase don-t-mark-libpng-as-required-library.patch, bugzilla-308961-cmex-workaround.patch, freetype2-subpixel.patch, freetype2-bitmap-foundry.patch and overflow.patch - Add freetype2-2.5.3-fix-pcf.patch from upstream to resolve http://savannah.nongnu.org/bugs/?43774, "Freetype 2.5.4 does not load ungzipped PCF fonts" ==== fuse ==== Subpackages: libfuse2 - include commented default fuse.conf (bnc#908292) ==== cpp48 ==== Version update (4.8.3+r212056 -> 4.8.3+r218481) Subpackages: gcc48 gcc48-c++ gcc48-fortran gcc48-info gcc48-locale gcc48-objc libasan0 libatomic1 libgcc_s1 libgcc_s1-32bit libgfortran3 libgomp1 libitm1 libobjc4 libquadmath0 libstdc++48-devel libstdc++6 libstdc++6-32bit libstdc++6-locale libtsan0 - Update to gcc-4_8-branch head (r218481). * Includes patches to allow building against ISL 0.14. * Includes patches gcc48-bnc887141.patch, gcc48-ppc64le-abi-warnings.diff, gcc48-ppc64le-abi-warnings-fix.diff and gcc48-libgfortran-CVE-2014-5044.diff. ==== geany-plugins ==== Subpackages: geany-plugins-lang - Debugger + Add geany-plugins-GCond-usage.patch: Fixed bug SF#116 that made the whole application crash because of GLib (bnc#906659). + Add geany-plugins-gdb-7_7.patch: Fixed bug SF#112 that made the whole application crash because of GDB (bnc#906659). ==== gedit ==== Version update (3.14.1 -> 3.14.2) Subpackages: python3-gedit - Update to version 3.14.2: + External tools plugin: fix document saving. + Various other bug fixes. + Updated translations. ==== getdata ==== Version update (0.8.5 -> 0.8.6) Subpackages: getdata-devel getdata-doc libgetdata++3 libgetdata5 - update to 0.8.6 * BUG FIX: Computation of LINCOMs with complex valued input fields now correctly happens in the complex plane. As a side effect, gd_native_type() now also correctly reports such LINCOM fields to be complex valued. * BUG FIX: The gd_[m]add() functions now ignore zero-length scalar strings. Previously they would store these invalid field codes, causing problems later. * BUG FIX: Returning complex-valued CARRAYs as purely real now works. Previously only the first element requested would be returned, the remaining output buffer containing uninitialised data. * BUG FIX: Entry members spf, bitnum, numbits, and period are now completely ignored by gd_[m]add() when corresponding named scalars are specified. Previously, an invalid value in these members would result in the entry being rejected, even though the rest of GetData ignored the invalid, unsued value. * BUG FIX: The parsing of the \x and \u escape sequences is now correct. * BUG FIX: A scalar field code specified for the last factor in a POLYNOM entry is no longer ignored by gd_[m]add(). * BUG FIX: gd_[m]add() no longer rejects MPLEX fields with negative count_val. * BUG FIX: DIVIDE fields with complex-valued divisors are now properly computed. * BUG FIX: Complex-valued POLYNOM and RECIP fields are now computed properly when the library is built in ANSI C mode. * BUG FIX: gd_alter_entry() no longer corrupts the DIRFILE when modifying named scalars of MPLEX fields. * BUG FIX: Writing complex-valued MPLEX fields no longer corrupts the stored data. * BUG FIX: gd_bof() now returns the correct number (i.e.: zero) when reporting the beginning of field of derived fields shifted to before the start of the dirfile. Previously, this function incorrectly returned values ranging from zero to one less than the samples-per-frame of the requested field. * BUG FIX: gd_flush(), gd_sync(), gd_raw_close() no longer segfault when operating on a LINCOM with only one input field. * BUG FIX: gd_seek() now works correctly on PHASE fields; previously, the sign of the PHASE shift was flipped. * BUG FIX: gd_seek() now correctly positions the virtual I/O pointer of the INDEX field. * BUG FIX: gd_framenum_subset() now returns the correct value when passed a field_end which is beyond the end of field, and then is required to extrapolate outside of the specified frame range. * BUG FIX: gd_error_string() now produces the correct string when reporting an out-of-range poly_ord encountered by gd_add_polynom() and similar. * BUG FIX: gd_[m]alter_spec() no longer ignore co-efficients specified for POLYNOM entries. * BUG FIX: gd_alter_encoding() now deletes the internal cache of RAW filenames of the affected fragment; previously, these old, cached filenames could lead to I/O errors when reading and writing the re-encoded RAW data files. * BUG FIX: Calling the Legacy API function GetFormat() on a Dirfile with MPLEX or WINDOW fields no longer results in a segmentation fault. * BUG FIX: Attempts to read past the EOF of a gzipped field no longer results in an I/O error, but successfully returns no data. * BUG FIX: The internal recursion counter wasn't being properly reset on certain error conditions, leading to spurious GD_E_RECURSE_LEVEL errors being returned from valid calls. ==== gitg ==== Version update (3.14.0 -> 3.14.1) Subpackages: gitg-lang libgitg-1_0-0 libgitg-ext-1_0-0 - Update to version 3.14.1: + Fix building with vala 0.27. + Fix warning when unbinding property. + Change emblem-system-symbolic to open-menu-symbolic. + Add gdesktop-enums-3.0.vapi to EXTRA_DIST. + Updated translations. ==== gperf ==== - Remove ancient specfile tags, and provide homepage URL. ==== gpg2 ==== Version update (2.0.26 -> 2.1.0) - update build requirement versions that changed with 2.1.0 - fix buffer overflow in OID to string conversion function [boo#907198], adding gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch - obsolete dirmngr (shipped with gpg since 2.1.0) - spec cleanup after previous update - get rid of "THIS IS A DEVELOPMENT VERSION" warning http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html * added gnupg-remove_development_version_warning.patch - upgrade to 2.1.0 (modern) - The file "secring.gpg" is not anymore used to store the secret keys. Merging of secret keys is now supported. - All support for PGP-2 keys has been removed for security reasons. - The standard key generation interface is now much leaner. This will help a new user to quickly generate a suitable key. - Support for Elliptic Curve Cryptography (ECC) is now available. - Commands to create and sign keys from the command line without any extra prompts are now available. - The Pinentry may now show the new passphrase entry and the passphrase confirmation entry in one dialog. - There is no more need to manually start the gpg-agent. It is now started by any part of GnuPG as needed. - Problems with importing keys with the same long key id have been addressed. - The Dirmngr is now part of GnuPG proper and also takes care of accessing keyserver. - Keyserver pools are now handled in a smarter way. - A new format for locally storing the public keys is now used. This considerable speeds up operations on large keyrings. - Revocation certificates are now created by default. - Card support has been updated, new readers and token types are supported. - The format of the key listing has been changed to better identify the properties of a key. - The gpg-agent may now be used on Windows as a Pageant replacement for Putty in the same way it is used for years on Unix as ssh-agent replacement. - Creation of X.509 certificates has been improved. It is now also possible to export them directly in PKCS#8 and PEM format for use on TLS servers. - dropped patches: * gnupg-2.0.20-automake113.diff * gnupg-2.0.18-tmpdir.diff (socket is created in homedir now) - refresh most of the remaining patches - added new BuildRequires: gnutls-devel, pkg-config, npth-devel ==== hdparm ==== - Use preferred download URL; replace only rpm shell vars with macros to go in line with the rest. ==== java-1_8_0-openjdk ==== Subpackages: java-1_8_0-openjdk-headless - Require version of tzdata-java compatible with this version of Java. ==== javapackages-tools ==== - Added patch: * javapackages-2.0.1-java9.patch: create directories for java, so that ant build works - Add virtual provide jpackage-utils-java9 to be able to distinguish the presence of java9 compatibility ==== konsole ==== - Split out the konsole binary and related files for coinstallability with the Frameworks based version ==== libestr0 ==== Version update (0.1.9 -> 0.1.10) - libestr 0.1.10: + changed some functions that don't modify their arg to take const arg + bugfix: str2num did not convert hex values correctly + bugfix: problems with trailing incomplete hex sequence + bugfixes to StrFromNumber + some checks for potential overflows with giantic strings (>2GB) ==== libffi4 ==== Version update (4.8.3+r212056 -> 4.8.3+r218481) Subpackages: libffi4-32bit libffi48-devel - Update to gcc-4_8-branch head (r218481). * Includes patches to allow building against ISL 0.14. * Includes patches gcc48-bnc887141.patch, gcc48-ppc64le-abi-warnings.diff, gcc48-ppc64le-abi-warnings-fix.diff and gcc48-libgfortran-CVE-2014-5044.diff. ==== gcc48-gij ==== Version update (4.8.3+r212056 -> 4.8.3+r218481) Subpackages: gcc48-java libgcj48 libgcj48-devel libgcj48-jar libgcj_bc1 - Update to gcc-4_8-branch head (r218481). * Includes patches to allow building against ISL 0.14. * Includes patches gcc48-bnc887141.patch, gcc48-ppc64le-abi-warnings.diff, gcc48-ppc64le-abi-warnings-fix.diff and gcc48-libgfortran-CVE-2014-5044.diff. ==== libkolab0 ==== - Reenable building for non-Factory openSUSE ==== libkolabxml1 ==== Version update (1.0.2 -> 1.0.3) - Reenable building for non-Factory openSUSE - Revert the added Requires in devel subpackage from previous change: if someone needs bindings explicitly, they can buildrequire them explicitly - Version bump to 1.0.3 - Cleanup with spec-cleaner - no-undefined disabled as php-bindings cant cope with it ==== liblogging0 ==== Version update (1.0.4 -> 1.0.5) - liblogging 1.0.5: + cleanup for systemd-journal >= 209 + bugfix: date stamp was incorrectly formatted ==== libnetfilter_conntrack3 ==== - Drop %version from subincludedir, it tends to break recompiles of already-built trees on library updates. ==== libnfnetlink0 ==== - Drop %version from subincludedir, it tends to break recompiles of already-built trees on library updates. ==== gdk-pixbuf-loader-rsvg ==== Version update (2.40.5 -> 2.40.6) Subpackages: librsvg-2-2 librsvg-devel typelib-1_0-Rsvg-2_0 - Update to version 2.40.6: + MinGW build fixes. + Fix path data number parsing. + Fix build with newer libtool. ==== libvirt ==== Version update (1.2.10 -> 1.2.11) Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen - Update to libvirt 1.2.11 - Implement public API for virDomainGetFSInfo - qemu: Add define for the new throttle options - CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() - CVE-2014-7823: dumpxml: security hole with migratable flag - Drop upstream patches: 2222123-virt-aa-helper-crash.patch, 433b427-iplink-name.patch, 52691f99-qemu-mig-crash.patch, 72fecf1-lxc-resolve-symlinks.patch, b1674ad5-CVE-2014-7823.patch, ba9b7252-sys-net-rw.patch, c264eea-virt-aa-helper-sandbox.patch, e50457d-lxc-unmount-check.patch, cgroup-all-devices.patch, libvirt-ppc64le-support.patch - Get /proc/sys/net/ipv[46] read-write for wicked to work in containers. bsc#904432. ba9b7252-sys-net-rw.patch - Fixed allowing devices for containers. cgroup-all-devices.patch ==== libzypp ==== Version update (14.30.2 -> 14.32.0) - suppress informal license (no need to accept) upon update (bnc#908976) - version 14.32.0 (30) - Adapt to gpg-2.1 (bnc#908135) - rpm: do not obsolete yast2-packagemanager-devel by libzypp-devel-doc - replaceAll: fix endless loop on empty search string - version 14.31.0 (30) ==== liblirc_client0 ==== Subpackages: lirc lirc-devel lirc-remotes - fix bashism in lirc-codecs-regression-test.sh script - add patches: * lirc-0.9.1a-fix-bashisms.patch ==== device-mapper ==== Subpackages: device-mapper-32bit lvm2 - spec: replace some shell variables and paths by rpm macros - shorten filelists by using wildcards ==== lxpanel ==== Version update (0.7.2 -> 0.8.0) Subpackages: lxpanel-lang - New upstream version 0.8.0 * complete multi-monitor support * improve and further simplify plugins API * full changelog at http://blog.lxde.org/?p=1323 ==== mercurial ==== Version update (3.1.2 -> 3.2.2) Subpackages: mercurial-lang - update to v3.2.2 * see changelog at http://mercurial.selenic.com/wiki/WhatsNew#Mercurial_3.2.2_.282014-12-01.29 - update to 3.2.1 * see changelog for v3.2.1 at http://mercurial.selenic.com/wiki/WhatsNew#Mercurial_3.2.1_.282014-11-11.29 - refreshed mercurial-locale-path-fix.patch - dropped obsolete mercurial-2.8-ssl.diff - dropped outdated contrib stuff from spec ==== g3utils ==== Subpackages: mgetty sendfax - fix bashisms in faxback.sh script - add patches: * mgetty-1.1.36-fix-bashisms.patch ==== mutt ==== - Add patch bsc907453-CVE-2014-9116-jessie.patch to fix bsc#907453 CVE-2014-9116: heap-based buffer overflow in mutt_substrdup() ==== gnome-shell-search-provider-nautilus ==== Version update (3.14.1 -> 3.14.2) Subpackages: libnautilus-extension1 nautilus - Update to version 3.14.2: + Fix new window activation with desktop icons enabled. + Updated translations. - Drop nautilus-as-desktop-launch.patch: Fixed upstream, workaround in our patch no longer needed. ==== openconnect ==== Version update (7.00 -> 7.01) Subpackages: openconnect-devel - Update to Version 7.01 * Try harder to find a PKCS#11 key to match a given certificate. * Handle 'Connection: close' from proxies correctly. * Warn when MTU is set too low (<1280) to permit IPv6 connectivity. * Add support for X-CSTP-DynDNS, to trigger DNS lookup on each reconnec ==== orca ==== Version update (3.14.2 -> 3.14.3) - Update to version 3.14.3: + Gecko: - Fix several issues related to focus mode toggling on pages which set focus upon page load. - Exclude layout-only/presentational tables in structural navigation. + LibreOffice: Handle a false positive in isSameObject() which prevented paragraph presentation. + Updated translations. ==== osc ==== - fix bash completion (complete is not propagated into subshells, but PROFILEREAD is, so the setup script is never executed) ==== libparted0 ==== Subpackages: parted - No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify. ==== perl-Net-DNS ==== Version update (0.74 -> 0.81) - update to 0.81 * new features: Feature rt.cpan.org #98149 Add support for Android platform. Feature rt.cpan.org #79568 Implement prefer_v6 resolver configuration attribute. Feature Implement TSIG verified zone transfer. * and numerous bugfixes ==== permissions ==== Version update (2014.11.05.1706 -> 2014.12.03.1512) - Added iouyap capabilities (bnc#904060) ==== polari ==== Subpackages: typelib-1_0-Polari-1_0 - Add gjs Requires: polari requires gjs-console binary at runtime. ==== postfix ==== Version update (2.11.0 -> 2.11.3) Subpackages: postfix-doc - Remove keyring and things as it is md5 based one no longer accepted by gpg 2.1 - No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify. - restore previously lost fix: Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de - Ignore errors in %pre/%post. - postfix 2.11.3: * Fix for configurations that prepend message headers with Postfix access maps, policy servers or Milter applications. Postfix now hides its own Received: header from Milters and exposes prepended headers to Milters, regardless of the mechanism used to prepend a header. This fix reverts a partial solution that was released on October 13, 2014, and replaces it with a complete solution. * Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure. - postfix 2.11.2: * Fix for DMARC implementations based on SPF policy plus DKIM Milter. The PREPEND access/policy action added headers ABOVE Postfix's own Received: header, exposing Postfix's own Received: header to Milters (protocol violation) and hiding the PREPENDed header from Milters. PREPENDed headers are now added BELOW Postfix's own Received: header and remain visible to Milters. * The Postfix SMTP server logged an incorrect client name in reject messages for check_reverse_client_hostname_access and check_reverse_client_hostname_{mx,ns}_access. They replied with the verified client name, instead of the name that was rejected. * The qmqpd daemon crashed with null pointer bug when logging a lost connection while not in a mail transaction. - switch from md5 based signature to one using the SHA-512 digest algorithm supplied by maintainer on ML to pass source_validator - postfix 2.11.1: * With connection caching enabled (the default), recipients could be given to the wrong mail server. * Enforce TLS when TLSA records exist, but all are unusable. * Don't leak memory when TLSA records exist, but all are unusable. * Prepend "-I. -I../../include" to the compiler command-line options, to avoid name clashes with non-Postfix header files. * documentation fixes * logging fixes ==== psgml ==== Version update (1.3.2 -> 1.4.1) - Update from https://marmalade-repo.org/packages/psgml-1.4.1.tar; bnc#909627. - Cleanup spec file. ==== pwgen ==== Version update (2.06 -> 2.07) - updated to version 2.07 (bsc#908992): * New upstream version * Remove backwards compatibility for no-tty mode. Addresses CVE-2013-4440 (Closes: #725507) (bsc#846397) * Fail hard if /dev/urandom and /dev/random are not available. Addresses CVE-2013-4442 and Launchpad #1183213 (Closes: #767008) (bsc#846397) * Fix pwgen -B so that it doesn't accidentally generate passwords with ambiguous characters after changing the case of some letters. Addresses Launchpad Bugs #638418 and #1349863 * Fix potential portability bug on architectures where unsgined ints are not 4 bytes long ==== re2c ==== Version update (0.13.6 -> 0.13.7.5) - make test currently does nothing, make check however executes the test suite. - version 0.13.7.5 * Added UTF-8 and UTF-16 support. * fixed PHP HEREDOC problems. ==== rpcbind ==== Version update (0.2.1_rc4 -> 0.2.2) - 0002-rpcinfo_warmstart-no_warning_about_missing_file.patch: fix merge issue causing segfaults on missing file (bnc#909619). - Split off 0003-systemd-no-dualmode.patch from 0001-systemd-enhancements.patch for easier upstream submission. - Split off 0004-systemd-sd_notify.patch from 0001-systemd-enhancements.patch for easier upstream submission. - Rename 0001-systemd-enhancements.patch to 0001-systemd-unit-files.patch - Update to latest rpcbind 0.2.2 upstream release. - Following patches are upstream: - 0001-Fix-building-one-systems-w-out-nss.h.patch - 0002-Rename-configure.in-to-configure.ac.patch - 0003-rpcbind-rpcuser-not-being-set-in-Makefile.am.patch - 0004-Silence-a-warning-about-setgroups-being-implicitly-d.patch - Adjust following patches: - 0005-Remove-obsolete-function-in6_fillscopeid.patch - 0006-In-init_transport-move-creation-of-COTS-sockets-clos.patch - 0018-configure-check-for-nss.h.patch - Obsolete patches: - 0015-When-using-systemd-activation-make-rpcbind-notify-sy.patch - 0016-Notify-systemd-unconditionally.patch - 0012-Support-systemd-activation.patch - 0013-socket-activation-Fix-rpcbind.service-to-use-separat.patch - 0017-Pull-the-sysconfig-file-into-rpcbind.service-and-use.patch - 0025-rpcinfo-warmstat_no-warning-about-missing-file.patch - 0026-systemd-no-default-dep - 0027-socket-before-service.patch - 0028-rpcbind-after-var-run.patch - 0029-rpcbind-sd-notify-stupid-errmsg.patch - New patches: - 0001-systemd-enhancements.patch - 0002-rpcinfo_warmstart-no_warning_about_missing_file.patch - Disabled patches: - 0008-First-part-of-init_transport-refactoring.patch - 0009-init_transport-move-the-registration-code-into-a-sep.patch - 0010-Fix-the-behavior-when-specifying-the-h-option.patch - 0011-Clean-up-the-way-we-handle-the-h-option-in-init_tran.patch - 0014-When-using-systemd-redirect-syslog-calls-to-the-syst.patch - 0024-rpcinfo-remove-obsolete-function-get_inet_address.patch ==== s2tc ==== - Fix baselibs and try to recommend our own 32b version as you usually play 32bit games where you want texture compression anyway ==== libdcerpc-binding0 ==== Subpackages: libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libgensec0 libgensec0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libpdb0 libpdb0-32bit libregistry0 libsamba-credentials0 libsamba-credentials0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient-raw0 libsmbclient-raw0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0 libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba samba-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind samba-winbind-32bit - Lookup FSRVP share snums at runtime rather than storing them persistently; (bnc#908627). ==== sblim-sfcb ==== Version update (1.4.8 -> 1.4.9) - Update to 1.4.9 New features: - [sfcb-tix:#97] Add a select timeout for req handlers see httpReqHandlerTimeout in sfcb.cfg Bugs fixed: - [sfcb-tix:#106] CMPIRole not passed to provider context - [sfcb-tix:#107] Quietly unpack schema at make postinstall - [sfcb-tix:#108] Some associatorname CIM operations hang - new patches * 0002-providerMgr-add-prototypes.patch * 0004-Check-for-existance-of-autoconfiscate.sh-before-call.patch * 0009-Improvide-error-message-if-ClassProvider-for-root-in.patch * 0010-Enable-authentication-by-default.patch - obsolete/rebased patches * 0002-Enable-broker.LogMessage-and-broker.trace.patch renamed to 0003-Enable-broker.LogMessage-and-broker.trace.patch * 0002-Enable-broker.LogMessage-and-broker.trace.patch renamed to 0003-Enable-broker.LogMessage-and-broker.trace.patch * 0006-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch renamed to 0005-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch * 0007-Don-t-crash-if-class-repo-is-not-initialized.patch renamed to 0006-Don-t-crash-if-class-repo-is-not-initialized.patch * 0008-Increase-max-trace-msg-len-to-4096.patch renamed to 0007-Increase-max-trace-msg-len-to-4096.patch * 0010-Properly-shut-down-if-provider-crashed.patch renamed to 0008-Properly-shut-down-if-provider-crashed.patch ==== smartmontools ==== - No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify. ==== libsnapper2 ==== Subpackages: snapper snapper-zypp-plugin - improved error messages (bsc#889928 and bsc#903834) - support weekly snapshots in cleanup algorithm (see gh#openSUSE/snapper#135) - use boost unit test framework and automake check feature - improved fadvise usage ==== libgudev-1_0-0 ==== Subpackages: libgudev-1_0-devel libudev-devel libudev1 libudev1-32bit systemd systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit typelib-1_0-GUdev-1_0 udev - fix systemd-nspawn network-veth support (bnc#906709) add 513-nspawn-veth.patch - Add upstream patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch which may solve bsc#907318 - Add upstream patches 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch 1097-udev-link_setup-respect-kernel-name-assign-policy.patch ==== whois ==== - whois-nobsdsource.patch: get rid of warnings about BSD_SOURCE deprecatation , just define GNU_SOURCE globally instead of any other C library feature macro. ==== libwicked-0-6 ==== Version update (0.6.12 -> 0.6.13) Subpackages: wicked wicked-service - version 0.6.13 - sysctl: do not fail on read-only proc e.g. in LXC (bsc#904432) - netlink: recover from netlink event socket errors and allow to configure the event socket buffer sizes (bsc#905421) - fixed some memory and a file descriptor leak - bonding: add encap2+3 and 3+4 xmit-hash-policies (bsc#905750) - client: apply suse ifcfg alias label (bsc#907683) - netlink: retry on DUMP_INTR and AGAIN (bsc#904776) - gcrypt: do not fail when wicked has been build using a newer but compatible library than the currently used (bsc#906217) - compat: use info level on unspecified ip (bsc#904903) - compat: fix tap group node generation (bsc#904380) - sit,ipip,gre: generate tunnel config on change (bsc#901402) - fsm: always refresh worker on device-ready event and match only ready devices against config workers (bsc#904061) - fsm: perform tentative check on all started interfaces with nanny (bsc#900951) ==== wine ==== Version update (1.7.32 -> 1.7.33) Subpackages: wine-32bit - Updated to 1.7.33 development snapshot - Support for copy/paste commands in MSHTML. - Some more font support in DirectWrite. - Better handling for loss of focus in Direct3D windows. - Several more API Sets DLLs. - Various bug fixes. ==== wireshark ==== Subpackages: wireshark-ui-gtk - Allow build with functions deprecated in gdk-pixbuf 2.31.2, fixing build for openSUSE Factory, add wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch ==== words ==== - fix bashism in SuSEconfig.words (update) script ==== wsdl4j ==== - Replace java2-devel-packages with javapackages-tools ==== xfsprogs ==== Version update (3.2.1 -> 3.2.2) - Updated to 3.2.2 - xfs_repair, mkfs.xfs stripe geometry fixes - libxcmd path handling fixes - xfs_crash crash fix - xfs_logprint AGI/AGF handling improvements - libhandle support for symlinked /usr - fix multiple Coverity and sparse reported issues - new mremap, sync, syncfs commands for xfs_io - man page updates - xfs_repair sets ftype in lost+found dirents - xfs_repair handles bad inodes better - xfs_repair freelist rebuild improvements - xfs_repair finobt crash fixes - xfs_copy handles 4k sector devices better logprint-Fix-printing-of-AGF-and-AGI-buffers.patch: Removed (merged upstream) ==== xmlbeans ==== - Try to fix the cycle, put back gcj compat dep - Remove java-1_5_0-gcj-compat-devel/java-devel dependency; not needed anymore ==== xmlgraphics-batik ==== - spec-cleanify - Use javapackages-tools instead of java-devel ==== xmlgraphics-fop ==== - Spec-cleanify - Do not ever run tests, we lack quite packages to do so anyway - Drop fop-1.1-src.tar.gz.asc xmlgraphics-fop.keyring as upstream does not provide those anymore - Apply patch to build with new xmlgraphics-commons: * fop-commons-2.0.patch ==== yast2-dns-server ==== Version update (3.1.8 -> 3.1.10) - Fixed handling of zones (bnc#898659) - Checking for system zones was moved to separate function - Extended list of zones marked as system (internal) ones with (0\.)+ip6.arpa - Not allowing to edit system zones (belong to bind package) - Added check for 'bind' package to be installed before writing the configuration - Marking all imported zones as 'modified' to be written later - Marking all imported non-system zones as 'is_new' to create a zone file for them - Flushing /etc/named.conf cache 'after' writing zones (instead of 'before') - Using "" as the default NETCONFIG_DNS_POLICY (instead of 0) - Do not write system zones to LDAP (bnc#746401) - If systems zones are marked as modified, they are written to named configuration (if LDAP is not in use) - 3.1.10 - Fixed Import() and Write() in AutoYast (bnc#898659) - Imported zones were not written to the system as they were not marked as 'modified' - Directory /etc/named.d/ was used even if it didn't exist - The whole named.conf was rewritten from scratch as Yast thought that something has changed that file while Yast was running - 3.1.9 - remove X-KDE-Library from desktop file (bnc#899104) - 3.1.8 - Use a more flexible rubygem requirement syntax (bnc#895069) - 3.1.7 - Fix failing testsuite - 3.1.6 - Fixed splitting/joining longer TXT and SPF records (bnc#867596) - 3.1.5 - Use new yast2-ldap instead of yast2-ldap-client - 3.1.4 - Added possibility to set local DNS forwarder (FATE#309036) - 3.1.3 - Switched to using Service library instead of calling init script directly - 3.1.2 - Add explicit COPYING file - 3.1.1 - do not use *.spec.in template, use *.spec file with RPM macros instead - 3.1.0 - Added missing SPF record handling - 3.0.1 - converted from YCP to Ruby by YCP Killer (https://github.com/yast/ycp-killer) - version 3.0.0 - Enhanced checking for errors while writing to LDAP (bnc#768708) - 2.23.4 - Checking for return values while writing into LDAP and reporting errors (bnc#768708). - Additional fix for (bnc#765445). No error reported to stdout even while writing /etc/named.conf without having bind package installed. - Handling missing /etc/named.conf (BNC #765445) - 2.23.3 - Fixed setting up the LDAP (BNC #690237) - Fixed redrawing records settings UI entries when deleting records (BNC#758745). - 2.23.2 - Fixed removing RRs from LDAP when they share the same LDAP object with another non-deleted RRs (BNC#755592). - Triggering the global "modified" flag while adding/modifying a zone to be correctly stored later (BNC#753038). - Fixed zone-file agent to handle semicolons in TXT records correctly instead of considering them to represent comments (bnc#755766). - 2.23.1 - Checking for and adding required LDAP schemas (yast, dnszone) while writing the configuration. Fixed handling if configuration cannot be written to LDAP (bnc#690237). - 2.22.1 - Fixed transforming records from absolute to relative format while they are listed in UI (bnc#746363). - Fixed saving the current status of all zones to LDAP/files while switching from using files to LDAP and vice versa (bnc#746401). - Fixed transforming records from relative to absolute format. The final dot is added only to records including a zone name (bnc#745560). - merged texts from proofreading - 2.22.0 - updated testsuite (systemd support) - 2.21.3 - fixed .desktop file (bnc #681249) - Fixed a typo (BNC #703099) - Texts changed to be easily translatable - not to confuse translators with constant strings - Fixed RPM requirements - Added testsuites - 2.21.2 - Automatically changing entered forwarder to a localhost IP if the server would forward to itself (non-local IP) (BNC #676676). - Handling unknown error in LDAP initialization (BNC #679960). - 2.21.1 - Fixed help text (BNC #620101) - Allowing wildcard '*' for some resource records (BNC #646895). - 2.20.2 - Implemented less strict TXT record check (BNC #620480). - 2.20.1 - Adjusted .desktop file(s) to wrap /sbin/yast2/ calls in xdg-su where root privileges are needed, removed X-KDE-SubstituteUID key (bnc#540627) - Fixed LDAP initialization (bnc #557090). - Correcting the last change: forwarders.conf is always included. Netconfig is called before starting named (bnc #484736). - Adjusted testsuites. - 2.18.3 - Fixed handling forwarders in netconfig, forwarders.conf have to be included if some forwarders are defined (bnc #484736). - Adjusted testsuites. - 2.18.2 ==== yast2-schema ==== Version update (3.1.0 -> 3.1.1) - Ignoring more packages that do not contain any AutoYaST support during build to shorten the build cycle and to remove unneeded dependencies - 3.1.1 ==== yast2-snapper ==== Version update (3.1.4 -> 3.1.5) - handle invalid UTF-8 in file diff (bsc#907679) - 3.1.5 ==== libyaz-devel ==== Version update (5.1.2 -> 5.7.1) Subpackages: libyaz4 yaz - Update to 5.7.1: + Various enhancements and bug fixes; for more info, see http://www.indexdata.com/yaz/doc/NEWS. ==== libnis1 ==== Subpackages: yp-tools - Corrections to the description ==== ypbind ==== - fix bashism in ypbind-systemd-post script - fix using 'echo' command in ypbind-systemd-pre script ==== ypserv ==== - Run build in parallel. Specfile cleanups: reduce filelists by using wildcards, remove %doc (it is implicit for documentation paths), use rpm macros in place of expansions. ==== zypper ==== Version update (1.11.16 -> 1.11.17) Subpackages: zypper-aptitude zypper-log - Add --[no-]color global option - Fix additional spaces in zypper output and new colorization code (bnc#908345) - properly reset auto-retry counter (bnc#906549) - man: improve patch description (bnc#904737) - version 1.11.17 Removed packages: FastCGI libadns1 dirmngr exim libfox1_6 libisl10 Added packages: libfcgi++-0 NetworkManager-openconnect > NetworkManager-openconnect-gnome > NetworkManager-openconnect-lang bundle-lang-common-sv ding-dict-de_en libFOX-1_6-0 libisl13 konsole-part liblxpanel0 libnpth0 s2tc-32bit agrep > libtre5 > tre > tre-lang