Packages changed:
biosdevname
breeze5-icons (5.4.3 -> 5.16.0)
btrfsprogs
dmraid
dtc
evolution (3.18.2 -> 3.18.3)
evolution-data-server (3.18.2 -> 3.18.3)
evolution-ews (3.18.2 -> 3.18.3)
haveged
installation-images-openSUSE (14.210 -> 14.211)
kbd
kernel-firmware
kernel-source (4.3.0 -> 4.3.3)
kexec-tools
kmod (21 -> 22)
ldb (1.1.23 -> 1.1.24)
libcacard (2.3.0 -> 2.4.0)
libcroco (0.6.9 -> 0.6.10)
libgdata (0.17.3 -> 0.17.4)
libgpg-error (1.20 -> 1.21)
lvm2
mdadm
mobile-broadband-provider-info (20150323 -> 20151214)
net-snmp
p7zip
perl-Bootloader (0.900 -> 0.901)
pinentry (0.9.6 -> 0.9.7)
plymouth
qemu (2.3.0 -> 2.4.0)
qemu-linux-user (2.3.0 -> 2.4.0)
samba (4.3.2 -> 4.3.3)
sssd (1.13.1 -> 1.13.2)
xen (4.5.1_13 -> 4.6.0_04)
xf86-video-nouveau (1.0.11 -> 1.0.12)
=== Details ===
==== biosdevname ====
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== breeze5-icons ====
Version update (5.4.3 -> 5.16.0)
- Added applets.patch: install applet icons (kde#355676)- Mark license as LGPL-3.0
- Add oxygen.diff, certain applications still expect oxygen icons
to be present, e.g. kmail
==== btrfsprogs ====
Subpackages: libbtrfs0
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at post / postun (boo#958562)
==== dmraid ====
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== dtc ====
- Obsolete old devel package as well- Cleanup spec file with spec-cleaner
- Dont include soname version in devel package name
==== evolution ====
Version update (3.18.2 -> 3.18.3)
Subpackages: evolution-plugin-bogofilter evolution-plugin-spamassassin
- Update to version 3.18.3:
+ [EActivityBar] Do not remove timeout GSource twice in dispose.
+ [libgnomecanvas] Drag end not recognized with gtk+ 3.18.x.
+ [EMailBrowser] Free MessageList on close.
+ Do not leak a GalView in a GalViewInstance.
+ Read link/visited-link colors also from the style context
flags.
+ Disable animation of the GtkInfoBar's revealer.
+ Fix possible memory leak with attachments in message preview.
+ Ask for a forced quit when a user tries to re-close the window.
+ Attachment's List View passes mouse events to the parent
widget.
+ Add into appdata/metainfo files.
+ EAttachment/Store not freed in the message preview panel.
+ Composer:
- Last empty block in pasted content could be inaccessible.
- Set GObject's data on history event instead on its data and
rename them.
- Partially revert previous commit as EHTMLEditorHistoryEvent
is not GObject.
+ EHTMLEditorView:
- Add an extra debug message when inserting a new history
event.
- Fix a link detection when ending a link with the Return key.
- Don't leak the WebKitDOMRange object when undoing the Return
key press.
- New lines could be skipped when parsing the mail content into
the composer.
- Correctly remove the HISTORY_AND events from history.
- Post-process every HISTORY_DELETE event.
- After undoing the HISTORY_DELETE operation always re-wrap and
re-quote current block.
- Don't save history when undoing/redoing a paste of content.
- Check if the Backspace or Delete operation can remove
anything.
- Warning printed on console after pressing Enter and
Tabulator.
- Don't include non-breaking space while recognizing links.
- Links could not be recognized after deleting them and later
undoing it.
- Caret is put on wrong place when pasting into quoted content.
- Don't include non-breaking space while recognizing links.
- Don't check for links if we cannot obtain valid block.
- Undoing and redoing Return press in the beginning of citation
is wrong.
- 'Paste Quotation' action in HTML mode is not setting the
caret to the right position.
- Replace the preedit-* signals with compositionstart and
compositionend HTML events.
- Rename variables and functions to more reflect previous
change.
- Note a type of DOMRange comparison in comment.
+ EHTMLEditorSelection:
- Remove previously inserted BR if correcting wrapping around
selection markers.
- Editor is not marked as changed after doing paste action.
+ EMailPrinter: Clean the unused variables.
+ Bugs fixed: bgo#757658, bgo#598037, bgo#692713, bgo#744859,
bgo#241050, bgo#710761, bgo#758015, bgo#757887, bgo#758191,
bgo#758152, bgo#758650, bgo#758665, bgo#752543, bgo#758827,
bgo#758827, bgo#758851, bgo#758846, bgo#758849, bgo#758747,
bgo#757939, bgo#759046, bgo#759337, bgo#749712.
==== evolution-data-server ====
Version update (3.18.2 -> 3.18.3)
Subpackages: evolution-data-server-devel libcamel-1_2-54 libebackend-1_2-10 libebook-1_2-16 libebook-contacts-1_2-2 libecal-1_2-19 libedata-book-1_2-25 libedata-cal-1_2-28 libedataserver-1_2-21 libedataserverui-1_2-1 typelib-1_0-EBook-1_2 typelib-1_0-EBookContacts-1_2 typelib-1_0-EDataServer-1_2
- Update to version 3.18.3:
+ [Camel] Check for session existence in store/folder
maybe_connect.
+ [IMAPx] Doesn't ask for password when a wrong is entered.
+ [POP3] Avoid deadlock around pop3_folder_get_message_sync().
+ [ECacheReaper] Recover data for private folders.
+ Correct test-vcard-parsing, use unique test names.
+ Bugs fixed: bgo#757789, bgo#702127, bgo#746675.
==== evolution-ews ====
Version update (3.18.2 -> 3.18.3)
Subpackages: evolution-ews-lang libeews-1_2-0 libewsutils0
- Update to version 3.18.3:
+ [Camel] Fill message From header if missing in received MIME
content.
+ Add into a metainfo file.
+ Bugs fixed: bgo#758375.
==== haveged ====
Subpackages: libhavege1
- Fix missing dependency on coreutils for initrd macros (boo#958562)
==== installation-images-openSUSE ====
Version update (14.210 -> 14.211)
- adjust module config
- add xen kernel/initrd links for compat
- 14.211
==== kbd ====
Subpackages: kbd-legacy
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== kernel-firmware ====
Subpackages: ucode-amd
- Fix dependencies for initrd macros (boo#958562)
- Fix missing dependency for ucode-amd, too (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== kernel-source ====
Version update (4.3.0 -> 4.3.3)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms
- drm/i915: Do a better job at disabling primary plane in the
noatomic case (bnc#954137).
- commit db72752- ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).
- ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads
(bsc#958439).
- ALSA: hda - Apply click noise workaround for Thinkpads
generically (bsc#958439).
- commit 7b4772e- Linux 4.3.3.
- commit 0baa1c7- Linux 4.3.2 (bsc#954414).
- Delete
patches.fixes/0001-X.509-Fix-the-time-validation-ver-2.patch.
- commit 2aebb11- Linux 4.3.1.
- commit 0e3e409- ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).
- commit 6945bb0- Refresh patches.suse/stack-unwind.
Use the fix from master.
- commit d3f999c- Refresh patches.suse/stack-unwind.
Add missing put_cpu() in case dwarf unwinder succeeds (bnc#943107)
- commit 60ce178- thinkpad_acpi: Don't yell on unsupported brightness interfaces
(boo#957152).
- commit 0e6e680- drm/i915: Don't override output type for DDI HDMI (boo#955190).
- drm/i915: Don't compare has_drrs strictly in pipe config
(bsc#956397).
- commit bce32fe- Delete patches.fixes/bridge-module-get-put.patch.
As discussed in
http://lists.opensuse.org/opensuse-kernel/2015-11/msg00046.html
- commit 91e30a7- Enable pvops Xen for x86_64/vanilla as well
i386/vanilla is left as is for now, because it matches the non-pae
- default kernel which does not support Xen either.
- commit 6a48ac7- ethernet/atheros/alx: add Killer E2400 device ID (boo#955363).
- commit 66773be- XEN: Use the PVOPS kernel (fate#315712)
Merge the -pv configs into -default (-pae on i386) and -debug and drop
the -xen flavor and the associated patches.xen series. For a
transitional period, the -xen flavor will be maintained in a separate
branch as a reference.
- commit ff1dcd9- X.509: Fix the time validation [ver #2] (bsc#954414).
- commit 6b3b033- Update config files.
Enable CRASHER on s390x to be the same as in all other configs.
- commit 71162f2- Rename patches.suse/crasher-26.diff to patches.suse/crasher.patch
It is no longer anything for 2.6 :).
- commit d407cb2- Refresh patches.suse/crasher.patch
See the patch to see what the update consists of.
- commit 57989db
==== kexec-tools ====
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== kmod ====
Version update (21 -> 22)
Subpackages: kmod-compat libkmod2
- Update to new upstream release 22
* support `insmod -f`
* depmod: do not fall back to uname on bad version
==== ldb ====
Version update (1.1.23 -> 1.1.24)
Subpackages: libldb1 libldb1-32bit
- Update to 1.1.24.
+ fix LDAP \00 search expression attack DoS; CVE-2015-3223; (bso#11325)
+ fix remote read memory exploit in LDB; CVE-2015-5330; (bso#11599)
+ move ldb_(un)pack_data into ldb_module.h for testing
+ fix installation of _ldb_text.py
+ fix propagation of LDB errors through TDB
+ fix bug triggered by having an empty message in database during search
==== libcacard ====
Version update (2.3.0 -> 2.4.0)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches added:
0040-dictzip-Fix-on-big-endian-systems.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches added:
0039-tests-Unique-test-path-for-string-v.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches added:
0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch- Update to v2.4.0: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.4
* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches dropped:
0037-linux-user-Allocate-thunk-size-dyna.patch
0039-s390x-Fix-stoc-direction.patch
0040-s390x-Add-interlocked-access-facili.patch
0041-fdc-force-the-fifo-access-to-be-in-.patch
0042-rules.mak-Force-CFLAGS-for-all-obje.patch
0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch
0044-hw-arm-boot-Increase-fdt-alignment.patch
* Patches renamed:
0038-Revert-Revert-seccomp-tests-that-al.patch -> 0037-Revert-Revert-seccomp-tests-that-al.patch
==== libcroco ====
Version update (0.6.9 -> 0.6.10)
- Update to version 0.6.10:
+ Misc bug fixes.
==== libgdata ====
Version update (0.17.3 -> 0.17.4)
Subpackages: libgdata-devel libgdata22 typelib-1_0-GData-0_0
- Update to version 0.17.4:
+ Major changes:
- Download stream data corruption fixes and fixes to content
length calculation.
- Fix symbol exporting on OS X.
- Fix copying and deleting documents in Google Drive.
- Fix folder creation in Google Drive.
- Fix metadata-only uploads in Google Drive.
- Fix searching by title in Google Drive.
+ API changes: Remove a couple of incorrect GIR annotations.
+ Bugs fixed: bgo#755976, bgo#754821, bgo#758119, bgo#684920,
bgo#758524.
+ Updated translations.
==== libgpg-error ====
Version update (1.20 -> 1.21)
Subpackages: libgpg-error-devel libgpg-error0 libgpg-error0-32bit
- update to 1.21:
* New functions gpgrt_poll and gpgrt_set_nonblock. For now only
pipes and sockets on Unix are supported.
* Interface changes relative to the 1.20 release:
gpgrt_set_nonblock NEW.
gpgrt_get_nonblock NEW.
gpgrt_poll NEW.
gpgrt_poll_t NEW type.
es_poll_t NEW type.
es_set_nonblock NEW macro.
es_get_nonblock NEW macro.
es_poll NEW macro.
GPG_ERR_TRUE NEW.
GPG_ERR_FALSE NEW.
GPG_ERR_NO_NAME NEW.
GPG_ERR_NO_KEY NEW.
GPG_ERR_SERVER_FAILED NEW.
==== lvm2 ====
Subpackages: device-mapper device-mapper-32bit
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)- Re-add lvm2-do-not-strip-pdata_tools.patch: this is still needed.
==== mdadm ====
- Add missing pre-requres for initrd macros (boo#958562)
==== mobile-broadband-provider-info ====
Version update (20150323 -> 20151214)
- Update to version 20151214:
+ cl: add APNs for Virgin Mobile, VTR Movil and Nextel
(bgo#677596).
+ sv: fix wrong MNC for El Salvador Claro 706:01
+ no: new default APN for Telenor Norway
+ gb:
- move "Asda Mobile" after "Vodafone"
- move "giffgaff" after "O2"
+ ca: add Canadian provider SaskTel Mobility's GSM network
+ ad: add Andorra Telecom provider
+ mm: add Ooredoo and Telenor for Myanmar (bgo#694073).
+ at: add Austria "HoT" provider (MVNO on T-Mobile) (bgo#757626).
==== net-snmp ====
- Request pkgconfig(libssl) instead of openssl-devel to support
using LibreSSL as well.- update to upstream version 5.7.3
- remove patch that is now present in the upstream release:
* net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch
- rename patches to new version number 5.7.3:
delete:
* net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch
* net-snmp-5.7.2-net-snmp-config-headercheck.patch
* net-snmp-5.7.2-perl-tk-warning.patch
* net-snmp-5.7.2-pie.patch
* net-snmp-5.7.2-socket-path.patch
* net-snmp-5.7.2-testing-empty-arptable.patch
* net-snmp-5.7.2-velocity-mib.patch
add:
* net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch
* net-snmp-5.7.3-net-snmp-config-headercheck.patch
* net-snmp-5.7.3-perl-tk-warning.patch
* net-snmp-5.7.3-pie.patch
* net-snmp-5.7.3-socket-path.patch
* net-snmp-5.7.3-testing-empty-arptable.patch
* net-snmp-5.7.3-velocity-mib.patch
- add build requirement 'procps' to fix a net-snmp-config error
(bsc#935863)
- enable DTLS and TLS support (FATE#318789)
new binary 'snmptls' was added
- add support for hostname netgroups (FATE#316305)
'@hostgroup' can be specified for multiple hosts
* net-snmp-5.7.3-netgroups.patch
- suppress network statistics output in snmpstatus (FATE#316289)
'-Sn' don't print any info about the network
'-Si' don't print the operational status of network interfaces
* net-snmp-5.7.3-snmpstatus-suppress-output.patch- also stop snmptrapd on removal- update to upstream version 5.7.3.pre5
- remove patches that are now present in the upstream release:
* net-snmp-5.7.2-build-fix-for-strlcat.patch
* net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch
* net-snmp-5.7.2-fix-perl-trap-handler.patch
- net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch:
refresh and add patch header- added net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch:
fix remote denial of service problem inside snmptrapd when started
with the "-OQ" option (CVE-2014-3565)(bnc#894361)
- added net-snmp-5.7.2-fix-perl-trap-handler.patch: fix potential
remote denial of service problem inside the snmptrapd Perl trap
handler (CVE-2014-2285)(bnc#866942)- merge some old fixes from SLE 11:
* init script should provide snmpd. (bnc#466805)
* stop all snmp agents when stopping the daemon. (bnc#473328)- recompress .tar.gz - it has trailing garbage, hope we can readd
source url on next update- update to upstream version 5.7.2.1, fixing one security issue:
* A denial of service attack vector was discovered on the Linux
implementation of the ICMP-MIB. (CVE-2014-2284, bnc#866942)- net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch:
fix mib representation of timeout values (bnc#833153)- use _rundir macro- remove old workaround for ppc/ppc64 migrations which is no longer
needed (bnc#437293)- add support for python bindings- improve snmptrapd init script (avoid to overwrite the logfile
on restart)- Disable parallelism during build. The dependencies between the
Perl module and libnetsnmp are not defined correctly and might
result in broken linkage (bnc#819497, bnc#818907)- Add Source URL, see https://en.opensuse.org/SourceUrls- net-snmp-5.7.2-build-fix-for-strlcat.patch: fix exported strlcat()
prototype that could conflict with other packages (bnc#793548)- update to version 5.7.2: several bug fixes in the agent, client
utilities and libraries. The CHANGES file shipped with the
package contains a comprehensive list of fixes and improvements
- rebase patches to apply cleanly:
* net-snmp-5.7.2-perl-tk-warning.patch
* net-snmp-5.7.2-socket-path.patch
* net-snmp-5.7.2-testing-empty-arptable.patch
* net-snmp-5.7.2-pie.patch
* net-snmp-5.7.2-velocity-mib.patch
* net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch
- remove patches that are now present in the upstream release:
* net-snmp-5.7.0-recognize-reiserfs.patch
* net-snmp-5.7.1-snmplib-zero-timeout.patch
* net-snmp-5.7.1-old-api-double-free.patch
* net-snmp-5.7.1-use-pclose-to-close-pipes.patch
* net-snmp-5.7.1-fix-handling-of-large-filesystems.patch
* net-snmp-5.7.1-snmplib-default-retries.patch
* net-snmp-5.7.1-fsys-memory-leak.patch
* net-snmp-5.7.1-adjust-copyright-in-agent-txt-file.patch
* net-snmp-5.7.1-recognize-ocfs2.patch
* net-snmp-5.7.1-properly-clean-up-old-requests-in-subagents.patch
* net-snmp-5.7.1-reduce-code-duplication-in-agentx.patch
* net-snmp-5.7.1-log-agentx-disconnections.patch
* net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch
* net-snmp-5.7.1-report-problems-with-setundo-processing.patch
* net-snmp-5.7.1-fix-array-index-error.patch- Remove redundant sections from specfile
- Avoid shipping .la files- fix array index error that could lead to a crash (CVE-2012-2141)
(bnc#759352)- fix agent crash when reloading a subagent (AgentX) during a query
(bnc#670789)- add OCFS2 to the list of known file systems- update copyright notice of AGENT.txt allowing us to redistribute
the file in our package (from Dave Shield) (bnc#750704)- fix license to be in spdx.org format- logrotate: use "reload" instead of "try-restart" to avoid an
unnecessary stop/start cycle in the agent (bnc#707636)- net-snmp-5.7.1-fsys-memory-leak.patch: fix a memory leak in
agent/mibgroup/hardware/fsys (bnc#725766)
- net-snmp-5.7.1-snmplib-default-retries.patch: change default
number of retries back from 0 to 5 (bnc#725766)
- net-snmp-5.7.1-fix-handling-of-large-filesystems.patch: fix
bug in handling large (>8TB) filesystems (bnc#725766)
- net-snmp-5.7.1-use-pclose-to-close-pipes.patch: use pclose()
instead of fclose() to close a pipe (bnc#725766)
- net-snmp-5.7.1-old-api-double-free.patch: agent: avoid double
free when netsnmp_register_old_api() fails (bnc#725766)
- net-snmp-5.7.1-snmplib-zero-timeout.patch: snmplib: avoid
waiting indefinitely if a session has timeout zero (bnc#725766)- update to version 5.7.1: minor release including some bug fixes- enable net-snmp-devel on all baselib architectures- make sure all delegated requests are removed before closing an
AgentX session (bnc#670789)- update to version 5.7.1.rc1 but keep package version as 5.7.1
to avoid update problems when the final version is released- small fixes to snmpd and snmptrapd init scripts:
- if $SNMPD_LOGLEVEL is not defined, use LOG_NOTICE instead of
LOG_DEBUG
- improve messages printed and service description
- write snmptrapd logs to /var/log/net-snmpd.log- update README.SUSE to reflect some recent changes and drop a bit
of outdated information
- update baselibs to reflect new library version
- spec file cleanup: rename some source files for consistency- add ReiserFS to the list of known file systems (bnc#715199)- install snmptrapd init script by default (bnc#712175)- fix logging option in snmptrapd init script (bnc#712174)- update upstream patches from branch V5-7-patches to 20110714- update to version 5.7:
new features and lots of bug fixes
- remove patches that are no longer needed:
net-snmp-5.6.0-enable-hrh-filesys.patch
net-snmp-5.6.1-recognize-jfs-and-xfs.patch
net-snmp-5.6.1-rpm490.patch
- refresh and rename patches to apply cleanly after update:
net-snmp-5.7.0-pie.patch
net-snmp-5.7.0-velocity-mib.patch- switch from rpmdb to rpmts to support rpm-4.9.0- update upstream patches from branch V5-6-patches to 20110512- add JFS and XFS to the list of known file systems (bnc#687327)- update upstream patches from branch V5-6-patches to 20110328- fix libsnmp version in baselibs.conf- update to version 5.6.1:
new features and lots of bug fixes
- update upstream patches from branch V5-6-patches to 20110104
- remove patches that are no longer needed:
net-snmp-5.6.0-ethtool-speed.patch- remove /var/adm/perl-modules/net-snmp from the Perl module- update upstream patches from branch V5-6-patches to 20101129
- spec file cleanup: upstream uses -fno-strict-aliasing by default
now
- remove patches that are no longer needed:
net-snmp-5.5.0-rpmdb-h-detect.patch
net-snmp-5.6.0-vendorperl.patch- if-mib: add support for more speeds with ethtool (bnc#650558)- update upstream patches from branch V5-6-patches to 20101101,
fixing a segmentation fault on shutdown (bnc#650282)- enable new implementation of hrStorage and hrFilesys to fix
persistent indexes in FS and Storage tables (bnc#648364)- update upstream patches from branch V5-6-patches to 20101021- update to version 5.6:
new features and lots of bug fixes
- refresh and rename patches to apply cleanly after update:
net-snmp-5.6.0-pie.patch
net-snmp-5.6.0-vendorperl.patch
net-snmp-5.6.0-net-snmp-config-headercheck.patch- update upstream patches from branch V5-5-patches to 20100803- change default log level from DEBUG to NOTICE (bnc#623497)- spec file cleanup: remove old backward compatibility scripts- update upstream patches from branch V5-5-patches to 20100602:
fixed potential buffer overflow in parsing OIDs in config files- update upstream patches from branch V5-5-patches to 20100531
- add net-snmp-5.5.0-rpmdb-h-detect.patch:
workaround for autoconf failing to detect rpm/rpmdb.h
- remove patches that are no longer needed:
net-snmp-5.5.0-use-lmsensors-v3.patch- create /var/run/agentx during startup to support systems that
mount /var/run as tmpfs- update libsnmp package name to reflect the library version we
are currently shipping
- remove patches that are obsolete:
net-snmp-5.4.rc2-versinfo.diff
net-snmp-5.4.2_snmpconf-selinux.patch
- refresh all patches to apply as "-p1"
- spec file cleanup: remove conditionals to build on unsupported
versions of the distribution- update upstream patches from branch V5-5-patches to 20100428- add net-snmp-5.5.0_upstream-20100405.patch:
merge all patches committed to upstream branch V5-5-patches
- remove patches that are now upstream:
net-snmp-5.4.2_audit.patch
net-snmp-5.5.0_autoconf.patch
net-snmp-5.4.2_overflow.patch
net-snmp-5.4.2.1-rpm4.7.patch
net-snmp-5.5.0_gcc45.patch- Fix strncat properly (from Andreas Jaeger)- Fix code errors found by gcc 4.5- build for libsensors4 instead of libsensors3- remove sparcv9-specific baselib exceptions (not needed)- remove net-snmp-5.4.1.2-rmon-mib-revised_3.patch from sources
(upstream since 5.5)
- refresh net-snmp-5.5.0_autoconf.patch
- spec file cleanup: update package description- update to version 5.5:
new features and lots of bug fixes, including:
- fix hrSWRunPath for processes other than init (bnc#486270)
- remove patches that are now upstream:
Add-Default-Router-Table-support.patch
Add-ICMP-Statistics-Tables-support.patch
Add-IPv6-Scope-Zone-Index.patch
Add-IPv6-support-on-Internet-Address-Translation-Tab.patch
Fix-for-IPv6-Interface-Table.patch
Fix-for-Internet-Address-Prefix-Table.patch
Fix-for-Internet-Address-Table.patch
Fix-for-tcpConnnectionTable-tcpListenerTable-udpEn.patch
Improve-IP-Statistics-tables.patch
net-snmp-5.3.0.1_trap-agent-addr_v2.patch
net-snmp-5.4.1.2-etherlike-mib-revised_4.patch
net-snmp-5.4.x_embedded_perl_error_message.patch- add baselibs.conf as a source
- add baselib defs for SPARC- Fix build with rpm 4.7 (net-snmp-5.4.2.1-rpm4.7.patch)- make patch0 usage consistent
==== p7zip ====
- Enable PIE & LD_BIND_NOW security features
- Package all the text documentation
==== perl-Bootloader ====
Version update (0.900 -> 0.901)
Subpackages: perl-Bootloader-YAML
- Add initial implementation of uboot/config script
- 0.901
==== pinentry ====
Version update (0.9.6 -> 0.9.7)
Subpackages: pinentry-gtk2 pinentry-qt4
- pinentry 0.9.7:
* Fix regressions in the Qt pinentry.
(previsouly patched, removed
pinentry-qt4-fix-qstring-conversion.patch)
* Fix minor problems pinnetyr-tty.
* New option --invisible-char.
==== plymouth ====
Subpackages: libply-boot-client2 libply-splash-core2 libply-splash-graphics2 libply2 plymouth-dracut plymouth-plugin-label plymouth-plugin-script plymouth-scripts
- Fix missing dependency on coreutils for initrd macros (boo#958562)
- Call missing initrd macro at postun (boo#958562)
==== qemu ====
Version update (2.3.0 -> 2.4.0)
Subpackages: qemu-arm qemu-block-curl qemu-extra qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-vgabios qemu-x86
- Fix testsuite on 32bit systems (bsc#957379)- Fix SLE11 build by fixing systemd conditionalization (from olh)- Add systemd unit file and udev rules for qemu guest agent
- taken from the SLE12 / Leap package, see boo#955707- Add _constraints file (based on work by kenljohnson)- Enable SLOF build for ppc64le, too, now (bsc#949000, bsc#949016)- Allow building SLOF on ppc64le (bsc#949016)
SLOF_ppc64le.patch
- Add two checks for DictZip and tar qemu-img behavior (bsc#945778)
* Clean up qemu-testsuite build/installation- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Fix endianness issues in DictZip block driver (bsc#937572, bsc#945778)
0027-block-Add-support-for-DictZip-enabl.patch
0028-block-Add-tar-container-format.patch
0040-dictzip-Fix-on-big-endian-systems.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Fix qemu-testsuite for glib2-2.46.0 by assuring uniqueness of paths
0039-tests-Unique-test-path-for-string-v.patch- Build SLOF on ppc64 (bsc#949016, thanks to k0da)
* Simplify x86 fw logic while at it
- No need to enable KVM for armv6hl
- Add notice about pre_checkin.sh to update_git.sh- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Fix aarch64 TCG:
0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch- Update to v2.4.0: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.4
* Provide qemu-img symlink instead of passing QTEST_QEMU_IMG- Update to v2.4.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.4
* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches dropped:
0037-linux-user-Allocate-thunk-size-dyna.patch
0039-s390x-Fix-stoc-direction.patch
0040-s390x-Add-interlocked-access-facili.patch
0041-fdc-force-the-fifo-access-to-be-in-.patch
0042-rules.mak-Force-CFLAGS-for-all-obje.patch
0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch
0044-hw-arm-boot-Increase-fdt-alignment.patch
* Patches renamed:
0038-Revert-Revert-seccomp-tests-that-al.patch -> 0037-Revert-Revert-seccomp-tests-that-al.patch
* Package new vgabios-virtio.bin
* target-x86_64.conf was dropped
* Add qemu-block-dmg module sub-package
* Set QTEST_QEMU_IMG variable for ahci-test
* --enable-quorum and --enable-vnc-ws are no longer available
==== qemu-linux-user ====
Version update (2.3.0 -> 2.4.0)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches added:
0040-dictzip-Fix-on-big-endian-systems.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches added:
0039-tests-Unique-test-path-for-string-v.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Fix aarch64 TCG:
0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch- Update to v2.4.0: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.4
* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4
* Patches dropped:
0037-linux-user-Allocate-thunk-size-dyna.patch
0039-s390x-Fix-stoc-direction.patch
0040-s390x-Add-interlocked-access-facili.patch
0041-fdc-force-the-fifo-access-to-be-in-.patch
0042-rules.mak-Force-CFLAGS-for-all-obje.patch
0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch
0044-hw-arm-boot-Increase-fdt-alignment.patch
* Patches renamed:
0038-Revert-Revert-seccomp-tests-that-al.patch -> 0037-Revert-Revert-seccomp-tests-that-al.patch
==== samba ====
Version update (4.3.2 -> 4.3.3)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libgensec0 libgensec0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libregistry0 libsamba-credentials0 libsamba-credentials0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient-raw0 libsmbclient-raw0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0 libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind samba-winbind-32bit
- Update to 4.3.3.
+ Malicious request can cause Samba LDAP server to hang, spinning using CPU;
CVE-2015-3223; (bso#11325); (bnc#958581).
+ Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
(bnc#958586).
+ Insufficient symlink verification (file access outside the share);
CVE-2015-5252; (bso#11395); (bnc#958582).
+ No man in the middle protection when forcing smb encryption on the client
side; CVE-2015-5296; (bso#11536); (bnc#958584).
+ Currently the snapshot browsing is not secure thru windows previous version
(shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
+ Fix Microsoft MS15-096 to prevent machine accounts from being changed into
user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
==== sssd ====
Version update (1.13.1 -> 1.13.2)
Subpackages: libnfsidmap-sss libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap
- Update to new upstream release 1.13.2
* Initial support for Smart Card authentication was added.
* The PAM prompting was enhanced so that when Two-Factor
Authentication is used, both factors (password and token) can be
entered separately on separate prompts.
* This release supports authenticating againt a KDC proxy.
==== xen ====
Version update (4.5.1_13 -> 4.6.0_04)
Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU
- fate#315712: XEN: Use the PVOPS kernel
Turn off building the KMPs now that we are using the pvops kernel
xen.spec- Upstream patches from Jan
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch- Use upstream variants of block-iscsi and block-nbd- Remove xenalyze.hg, its part of xen-4.6- Update to Xen Version 4.6.0
xen-4.6.0-testing-src.tar.bz2
mini-os.tar.bz2
blktap2-no-uninit.patch
stubdom-have-iovec.patch
- Renamed
xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
xen-4.5.2-testing-src.tar.bz2
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
54f4985f-libxl-fix-libvirtd-double-free.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
551ac326-xentop-add-support-for-qdisk.patch
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
local_attach_support_for_phy.patch pci-attach-fix.patch
qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
xl-coredump-file-location.patch- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
CVE-2015-5307-xsa156.patch- Update to Xen 4.5.2
xen-4.5.2-testing-src.tar.bz2
- Drop the following
xen-4.5.1-testing-src.tar.bz2
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
xsa151.patch xsa152.patch xsa153-libxl.patch
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
==== xf86-video-nouveau ====
Version update (1.0.11 -> 1.0.12)
- Update to version 1.0.12
* New nouveau DDX release
Packages removed:
kernel-pv-devel
> kernel-xen-devel
xen-kmp-default
Packages added:
qemu-block-dmg