Packages changed:
AppStream (0.9.1 -> 0.9.2)
aaa_base (13.2+git20151221.244f2a3 -> 13.2+git20160225.36aeb39)
bind
boost
btrfsprogs (4.3.1 -> 4.4.1)
cmake
doxygen
fcitx
imap
libreoffice
ncurses
nghttp2 (1.7.1 -> 1.8.0)
suse-module-tools
ufraw
vim (7.4.1194 -> 7.4.1421)
wpa_supplicant (2.4 -> 2.5)
xrandr (1.4.3 -> 1.5.0)
yast2-installation (3.1.169 -> 3.1.171)
=== Details ===
==== AppStream ====
Version update (0.9.1 -> 0.9.2)
Subpackages: libappstream3
- Update to version 0.9.2
Features:
* qt: Improve usage of Qt containers (Aleix Pol)
* qt: Implement Component::extends on the Qt front-end (Aleix Pol)
* qt: Also call reserve for bundles on the Qt frontend (Aleix Pol)
* validator: strstrip values when reading XML/YAML and validate
linebreaks in summaries (Matthias Klumpp)
* validator: Check if a description is present (Matthias Klumpp)
* Always build with YAML support (Matthias Klumpp)
* Move XML parser into its own class (Matthias Klumpp)
* Make data-pool use the new YAML-aware metadata parser (Matthias Klumpp)
* Simplify data-pool building routine (Matthias Klumpp)
* Preprocess extension information for frontends (Matthias Klumpp)
* qt: Use the new extensions property (Matthias Klumpp)
* Implement translations tag (Matthias Klumpp)
* cli: Document the "install" command (Matthias Klumpp)
* l10n: Update
Specification:
* spec: Document the translation tag (Matthias Klumpp)
* doc: Don't use tags in documentation (Matthias Klumpp)
* spec: Mention the essential tags for a type:desktop component (Matthias Klumpp)
Bugfixes:
* as-cache-builder: Cope with no YAML documents (Iain Lane)
* 50appstream: Don't run if we can't write to the system paths (Iain Lane)
* Check for writability instead of root permissions when updating the cache (Matthias Klumpp)
* qt: Don't compute screenshot images and then forget about them (Aleix Pol)
* Add the missing extends property to the Xapian cache (Matthias Klumpp)
* validator: Don't fail validation for description-less addons. (Matthias Klumpp)
* Make reading empty cache values more robust (Matthias Klumpp)
* Check if GIR scanner & compiler are really installed (Matthias Klumpp)
==== aaa_base ====
Version update (13.2+git20151221.244f2a3 -> 13.2+git20160225.36aeb39)
Subpackages: aaa_base-extras
- Let the ~/.i18n values parsed as well if GDM_LANG is set (boo#567324)
==== bind ====
Subpackages: bind-chrootenv bind-doc bind-utils idnkit libbind9-140 libdns162 libidnkit1 libirs141 libisc160 libisccc140 libisccfg140 liblwres141
- drop a changing timestamp making build reproducible
- Build with --with-randomdev=/dev/urandom otherwise
libisc will use /dev/random to gather entropy and that might
block, short read etc..
==== boost ====
Subpackages: boost-devel boost-license1_60_0 libboost_atomic1_60_0 libboost_chrono1_60_0 libboost_container1_60_0 libboost_context1_60_0 libboost_coroutine1_60_0 libboost_date_time1_60_0 libboost_filesystem1_60_0 libboost_graph1_60_0 libboost_graph_parallel1_60_0 libboost_iostreams1_60_0 libboost_locale1_60_0 libboost_log1_60_0 libboost_math1_60_0 libboost_mpi1_60_0 libboost_program_options1_60_0 libboost_python1_60_0 libboost_random1_60_0 libboost_regex1_60_0 libboost_serialization1_60_0 libboost_signals1_60_0 libboost_system1_60_0 libboost_test1_60_0 libboost_thread1_60_0 libboost_timer1_60_0 libboost_wave1_60_0
- Added libboost_python3 to the dependency macro.
* boost-devel will now correctly requires libboost_python3.
==== btrfsprogs ====
Version update (4.3.1 -> 4.4.1)
Subpackages: libbtrfs0
- update to 4.4.1
* find-root: don't skip the first chunk
* free-space-tree compat bits fix
* build: target symlinks
* documentation updates
* test updates
- update to 4.4
* mkfs.btrfs --data dup
* support balance filters added/enhanced in linux 4.4
* manual pages enhanced (btrfs, mkfs, mount, filesystem, balance)
* 'btrfs filesystem usage' works with mixed blockgroups
* build: installation to /usr/local
* build: the 'ar' tool is properly deteced during cross-compilation
* improved stability on fuzzed/crafted images when reading sys array in
superblock
* debug-tree: option -t understands ids for tree root and chnuk tree
* check: properly reset nlink of multi-linked file
* chunk recovery: fix floating point exception
* chunk recovery: endianity bugfix during rebuild
* mkfs with 64K pages and nodesize reported superblock checksum mismatch
- Removed patches:
* 0001-btrfs-progs-mkfs-use-correct-size-for-superblock-csu.patch
* fix-doc-build-on-SLE11SP3.diff
==== cmake ====
- Remove cmake version from generated files
cmake-version-in-generated-files.patch
==== doxygen ====
- Do not link with -pie if we are not compiling with -fPIE
==== fcitx ====
Subpackages: fcitx-branding-openSUSE fcitx-gtk2 fcitx-gtk3 fcitx-pinyin fcitx-qt4 fcitx-table libfcitx-4_2_9
- Add NoDisplay=true in autostart desktop file so that it won't be
shown (boo#968486):
fcitx-autostart-desktop-no-display.patch
==== imap ====
- imap-openssl.patch: Support TLS 1.2 and ECDH ciphersuites.
==== libreoffice ====
Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-calc-extensions libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-oxygen libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-ru libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreoffice-writer-extensions
- Try to enable libreofficekit integration by mimicking what RH does
bnc#965296
- Provide/obsolete the gtk3 subpackage in gnome to allow nice migration
- %dir the appdata folder to build on leap and older
==== ncurses ====
Subpackages: libncurses5 libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base
- Add ncurses patch 20160213
+ amend fix for _nc_ripoffline from 20091031 to make test/ditto.c work
in threaded configuration.
+ move _nc_tracebits, _tracedump and _tracemouse to curses.priv.h,
since they are not part of the suggested ABI6.
- Add ncurses patch 20160206
+ define WIN32_LEAN_AND_MEAN for MinGW port, making builds faster.
+ modify test/ditto.c to allow $XTERM_PROG environment variable to
override "xterm" as the name of the program to run in the threaded
configuration.
- Add ncurses patch 20160130
+ improve formatting of man/curs_refresh.3x and man/tset.1 manpages
+ regenerate HTML manpages using newer man2html to eliminate some
unwanted blank lines.
- Add ncurses patch 20160123
+ ifdef'd header-file definition of mouse_trafo() with NCURSES_NOMACROS
(report by Corey Minyard).
+ fix some strict compiler-warnings in traces.
- Add ncurses patch 20160116
+ tidy up comments about hardcoded 256color palette (report by
Leonardo Brondani Schenkel) -TD
+ add putty-noapp entry, and amend putty entry to use application mode
for better consistency with xterm (report by Leonardo Brondani
Schenkel) -TD
+ modify _nc_viscbuf2() and _tracecchar_t2() to trace wide-characters
as a whole rather than their multibyte equivalents.
+ minor fix in wadd_wchnstr() to ensure that each cell has nonzero
width.
+ move PUTC_INIT calls next to wcrtomb calls, to avoid carry-over of
error status when processing Unicode values which are not mapped.
==== nghttp2 ====
Version update (1.7.1 -> 1.8.0)
- Update to 1.8.0
* Add Architecture documents (work in progress)
* List all contributors in AUTHORS
* doc: fix out-of-tree doc builds (Patch from Peter Wu)
* Wrap AM_PATH_XML2 by m4_ifdef to handle the case when
_PATH_XML2 is not found
* Fix configure script for non-gcc, clang build
* Document compiling apps and include h2load in configure (Patch
from David Beitey)
* Don't check for dlopen/libdl on *BSD (Patch from Bernard Spil)
* Don't taint CXXFLAGS from AX_CXX_COMPILE_STDCXX_11
* Fixing Windows Makefile version detection (Patch from Reza
Tavakoli)
* lib: Tokenize extra HTTP header fields
* lib: Fix typo in HAVE_CONFIG_H name (Patch from Peter Wu)
* lib: Add HTTP/2 extension framework to send and receive
non-critical frames
* tests: remove unused macros (Patch from Peter Wu)
* src: Update default cipher list
* src: Fix compile error with gcc-6 which enables C++14 by default
* asio: client: Fix connect timeout does not work, return from cb
if session stopped, removing client::session::connect_timeout()
functon
* nghttpd: Start SETTINGS timer after it is written to output
buffer
* nghttpd: Add trailer header field to status responses
* nghttpd: Add -w and -W options to change window size
* nghttpx: Worker wide blocker which is used when socket(2) is
failed
* nghttpx: ConnectBlocker per backend address
* nghttpx: Interleave text/html pushed resources with associated
resource
* nghttpx: Add headers given in add-response-headers for mruby
response
* nghttpx: Deprecate --backend-ipv4 and --backend-ipv6 in favor
of --backend-address-family
* nghttpx: Add options to specify address family of memcached
connections
* nghttpx: Add encryption support for TLS ticket key retrieval
* nghttpx: Add TLS support for session cache memcached connection
* nghttpx: Refactor blacklisted cipher suite check (Patch from
Jay Satiro)
* nghttpx: Add TLS support for HTTP/1 backend
* nghttpx: Add request-header-field-buffer and
max-request-header-fields options, deprecating
header-field-buffer and max-header-fields options.
* nghttpx: Add --no-http2-cipher-black-list to allow black listed
cipher suite
* nghttpx: Limit header fields from backend
* nghttpx: Fix bug that IPv6 address in Forwarded "for" is not
quoted-string
* nghttpx: Support multiple frontend addresses
* integration-tests: support out-of-tree tests (Patch from Peter
Wu)
* examples: fix compile warnings (Patch from Peter Wu)
- Drop upstreamed nghttp2-c++14.patch
==== suse-module-tools ====
- add missing requirements on module-init-tools, findutils and gzip,
mkinitrd (bnc#965830)
==== ufraw ====
- Don't pass --enable-extras to configure, its for code testing
only and not for distribution (boo#968652)
- Remove conflicts with dcraw.
==== vim ====
Version update (7.4.1194 -> 7.4.1421)
Subpackages: gvim vim-data
- Updated to revision 1421, fixes the following problems
* When calling ch_close() the close callback is invoked,
even though the docs say it isn't.
* Using "u_char" intead of "char_u", which doesn't work everywhere.
* Tests slowed down because of the "not a terminal" warning.
* May free a channel when a callback may need to be invoked.
- Disable sniff support, its unmaintained.
- Updated to revision 1410, fixes the following problems
* The close-cb option is not implemented yet.
* Perl eval doesn't work properly on 64-bit big-endian machine.
* Having 'autochdir' set during startup and using diff mode doesn't work.
* GTK 3 is not supported.
* Completion menu flickers.
* Leaking memory in cs_print_tags_priv().
* json_encode() does not handle NaN and inf properly.
* Leaking memory in cscope interface.
- Updated to revision 1397, fixes the following problems
* When the Job exit callback is invoked, the job may be freed too
soon.
* Starting a job hangs in the GUI.
* Can't sort inside a sort function.
- Drop vim-7.1.314-CVE-2009-0316-debian.patch, Python 2.7 has
the appropriate fix.
- Updated to revision 1385, fixes the following problems
* Job and channel options parsing is scattered.
* Channel test ch_sendexpr() times out.
* Can't remove a callback with ch_setoptions().
* Channels don't have a queue for stderr.
* X11 GUI callbacks don't specify the part of the channel.
* Channel read implementation is incomplete.
* Calling a Vim function over a channel requires turning the
arguments into a string.
* ch_setoptions() cannot set all options.
* Can't change job settings after it started.
* The job exit callback is not implemented.
* Can't get the job of a channel.
* It is not easy to use a set of plugins and their dependencies.
- Updated to revision 1353, fixes the following problems
* Compiler warnings in build with -O2.
* When there is any error Vim will use a non-zero exit code.
* When the test server fails to start Vim hangs.
* When the port isn't opened yet when ch_open() is called it may
fail instead of waiting for the specified time.
* The test script lists all functions before executing them.
- Updated to revision 1345, fixes the following problems
* Crash when using channel that failed to open.
* Crash when closing the channel in a callback.
* Channel test fails on non-darwin builds.
* Channel NL mode is not supported yet.
* It's difficult to add more arguments to ch_sendraw() and ch_sendexpr().
* Can't compile with +job but without +channel.
- Updated to revision 1328, fixes the following problems
* Cursor changes column with up motion when the matchparen
plugin saves and restores the cursor position. (Martin Kunev)
* "\%1l^#.*" does not match on a line starting with "#".
* Channel with pipes doesn't work in GUI.
* Crash when unletting the variable that holds the channel
in a callback function.
* Can't compile with +job but without +channel.
- Updated to revision 1294, fixes the following problems
* copy() and deepcopy() fail with special variables.
* Encoding {'key':} to JSON doesn't give an error.
* assert_false(v:false) reports an error.
* When jsonencode() fails it still returns something.
* jsonencode() is not producing strict JSON.
* Crash when evaluating the pattern of ":catch" causes an error.
* The job feature isn't available on MS-Windows.
* ch_open() with a timeout doesn't work correctly.
* ch_sendexpr() does not use JS encoding.
- Remove vim-7.3-diff_check.patch
==== wpa_supplicant ====
Version update (2.4 -> 2.5)
Subpackages: wpa_supplicant-gui
- Revert CONFIG_ELOOP_EPOLL=y, it is broken in combination
with CONFIG_DBUS=yes.
- spec: Compile the GUI against QT5 in 13.2 and later.
- Previous update did not include version 2.5 tarball
or changed the version number in spec, only the changelog
and removed patches.
- config: set CONFIG_NO_RANDOM_POOL=y, we have a reliable·
random number generator by using /dev/urandom, no need to
keep an internal random number pool which draws entropy from
/dev/random.
- config: prefer using epoll(7) instead of select(2)
by setting CONFIG_ELOOP_EPOLL=y
- wpa_supplicant-getrandom.patch: Prefer to use the getrandom(2)
system call to collect entropy. if it is not present disable
buffering when reading /dev/urandom, otherwise each os_get_random()
call will request BUFSIZ of entropy instead of the few needed bytes.
- add aliases for both provided dbus names to avoid systemd stopping the
service when switching runlevels (boo#966535)
- removed obsolete security patches:
* 0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
* 0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
* 0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch
* 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
* wpa_s-D-Bus-Fix-operations-when-P2P-management-interface-is-used.patch
* 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
* 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
* 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
* 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
- Update to upstream release 2.5
* fixed P2P validation of SSID element length before copying it
[http://w1.fi/security/2015-1/] (CVE-2015-1863)
* fixed WPS UPnP vulnerability with HTTP chunked transfer encoding
[http://w1.fi/security/2015-2/] (CVE-2015-4141)
* fixed WMM Action frame parser (AP mode)
[http://w1.fi/security/2015-3/] (CVE-2015-4142)
* fixed EAP-pwd peer missing payload length validation
[http://w1.fi/security/2015-4/]
(CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146)
* fixed validation of WPS and P2P NFC NDEF record payload length
[http://w1.fi/security/2015-5/]
* nl80211:
- added VHT configuration for IBSS
- fixed vendor command handling to check OUI properly
- allow driver-based roaming to change ESS
* added AVG_BEACON_RSSI to SIGNAL_POLL output
* wpa_cli: added tab completion for number of commands
* removed unmaintained and not yet completed SChannel/CryptoAPI support
* modified Extended Capabilities element use in Probe Request frames to
include all cases if any of the values are non-zero
* added support for dynamically creating/removing a virtual interface
with interface_add/interface_remove
* added support for hashed password (NtHash) in EAP-pwd peer
* added support for memory-only PSK/passphrase (mem_only_psk=1 and
CTRL-REQ/RSP-PSK_PASSPHRASE)
* P2P
- optimize scan frequencies list when re-joining a persistent group
- fixed number of sequences with nl80211 P2P Device interface
- added operating class 125 for P2P use cases (this allows 5 GHz
channels 161 and 169 to be used if they are enabled in the current
regulatory domain)
- number of fixes to P2PS functionality
- do not allow 40 MHz co-ex PRI/SEC switch to force MCC
- extended support for preferred channel listing
* D-Bus:
- fixed WPS property of fi.w1.wpa_supplicant1.BSS interface
- fixed PresenceRequest to use group interface
- added new signals: FindStopped, WPS pbc-overlap,
GroupFormationFailure, WPS timeout, InvitationReceived
- added new methods: WPS Cancel, P2P Cancel, Reconnect, RemoveClient
- added manufacturer info
* added EAP-EKE peer support for deriving Session-Id
* added wps_priority configuration parameter to set the default priority
for all network profiles added by WPS
* added support to request a scan with specific SSIDs with the SCAN
command (optional "ssid " arguments)
* removed support for WEP40/WEP104 as a group cipher with WPA/WPA2
* fixed SAE group selection in an error case
* modified SAE routines to be more robust and PWE generation to be
stronger against timing attacks
* added support for Brainpool Elliptic Curves with SAE
* added support for CCMP-256 and GCMP-256 as group ciphers with FT
* fixed BSS selection based on estimated throughput
* added option to disable TLSv1.0 with OpenSSL
(phase1="tls_disable_tlsv1_0=1")
* added Fast Session Transfer (FST) module
* fixed OpenSSL PKCS#12 extra certificate handling
* fixed key derivation for Suite B 192-bit AKM (this breaks
compatibility with the earlier version)
* added RSN IE to Mesh Peering Open/Confirm frames
* number of small fixes
==== xrandr ====
Version update (1.4.3 -> 1.5.0)
- update to version 1.5.0
This release adds support for the new monitor objects added in RandR 1.5, and
fixes a few bugs.
==== yast2-installation ====
Version update (3.1.169 -> 3.1.171)
- bsc#956473
- network interfaces listing shows all IPv4 / IPv6 addresses per
device
- 3.1.171
- Ensure plymouth does not interfere with X11 when executing
yast2-firstboot (bsc#966874)
- 3.1.170