Packages changed: bison branding-openSUSE ed (1.13 -> 1.14) epiphany (3.22.4 -> 3.22.5) freetype2 (2.7 -> 2.7.1) ft2demos (2.7 -> 2.7.1) gmp (6.1.1 -> 6.1.2) gnome-settings-daemon grub2 irqbalance (1.1.0 -> 1.2.0) kde-branding-openSUSE libcap libgit2 (0.24.3 -> 0.24.6) libraw (0.17.2 -> 0.18.0) linux-glibc-devel (4.8 -> 4.9) m4 (1.4.17 -> 1.4.18) ncftp (3.2.5 -> 3.2.6) perl-Math-Base-Convert perl-Net-HTTP (6.09 -> 6.12) publicsuffix (20161211 -> 20170105) python-qt4 (4.11.4 -> 4.12) python-sip (4.18.1 -> 4.19) python3-qt4 (4.11.4 -> 4.12) python3-sip (4.18.1 -> 4.19) qalculate (0.9.7 -> 0.9.10) qemu (2.6.1 -> 2.7.0) qemu-linux-user (2.6.1 -> 2.7.0) qscintilla (2.9.3 -> 2.9.4) sudo (1.8.18p1 -> 1.8.19p2) systemd-rpm-macros xz (5.2.2 -> 5.2.3) === Details === ==== bison ==== Subpackages: bison-lang - gcc7-fix.patch: Add forward declaration to compile with GCC7. ==== branding-openSUSE ==== Subpackages: gfxboot-branding-openSUSE grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE xfce4-splash-branding-openSUSE - Also require grub2 when using the new update-bootloader-rpm-macros: Otherwise the installer might install the branding package before grub2, resulting in /etc/default/grub to not exist and the theme failing to activate. - Support %posttrans with macros provided by update-bootloader-rpm-macros package (bsc#997317) ==== ed ==== Version update (1.13 -> 1.14) - Update to version 1.14: * Print counts, messages, '?' and '!' to stdout instead of stderr. * buffer.c (append_lines): Fixed current address after empty 'i'. * regex.c (set_subst_regex): Treat missing delimiters consistently. * (extract_replacement): Don't replace 'a' with '%' in 's/a/%'. * Fixed infinite loop with EOF in the middle of a replacement. * Don't accept newlines in replacement in a global command. * Last delimiter can't be omitted if not last in command list. * (search_and_replace): Set current address to last line modified. * main_loop.c (extract_addresses): Fixed address offsets; * '3 ---- 2' was calculated as -2 instead of 1. * Accept ranges with the first address omitted. * (exec_command): Fixed current address after empty replacement text in 'c' command. * Don't clear the modified status after writing the buffer to a shell command. (Reported by Jérôme Frgacic). * (get_command_suffix): Don't allow repeated print suffixes. * (command_s): Accept suffixes in any order. * Don't allow multiple count suffixes. * 'sp' now toggles all print suffixes. * (main_loop): Make EOF on stdin behave as a 'q' command. * ed.texi: Fixed the description of commands 'acegijkmqrsuw'. * Documented that ed allows any combination of print suffixes. * testsuite: Improved most tests. Simplified bug reporting. * configure: Avoid warning on some shells when testing for gcc. * Makefile.in: Detect the existence of install-info. ==== epiphany ==== Version update (3.22.4 -> 3.22.5) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.22.5: + Do not offer to remember empty passwords (bgo#771073). + Fix tenth webpage missing in overview (regression from 3.22.4). + "Press key to exit fullscreen" message is now legible. + Fix memory leak when tab is closed before permission request info bar. + Store permissions for hosts displayed in info bar, not the current page. ==== freetype2 ==== Version update (2.7 -> 2.7.1) Subpackages: freetype2-devel libfreetype6 libfreetype6-32bit - Update to version 2.7.1: * IMPORTANT CHANGES + Support for the new CFF2 font format as introduced with OpenType 1.8 has been contributed by Dave Arnolds from Adobe. + Preliminary support for variation fonts as specified in OpenType 1.8 (in addition to the already existing support for Adobe's MM and Apple's GX formats). Dave Arnolds contributed handling of advance width change variation; more will come in the next version. * IMPORTANT BUG FIXES + Handling of raw CID fonts was partially broken (bug introduced in 2.6.4). * MISCELLANEOUS + Some limits for TrueType bytecode execution have been tightened to speed up FreeType's handling of malformed fonts, in particular to quickly abort endless loops. + The number of twilight points can no longer be set to an arbitrarily large value. + The total number of jump opcode instructions (like JMPR) with negative arguments is dynamically restricted; the same holds for the total number of iterations in LOOPCALL opcodes. + The dynamic limits are based on the number of points in a glyph and the number of CVT entries. Please report if you encounter a font where the selected values are not adequate. + PCF family names are made more `colourful'; they now include the foundry and information whether they contain wide characters. For example, you no longer get `Fixed' but rather `Sony Fixed' or `Misc Fixed Wide'. + A new function `FT_Get_Var_Blend_Coordinates' (with its alias name `FT_Get_MM_Blend_Coordinates') to retrieve the normalized blend coordinates of the currently selected variation instance has been added to the Multiple Masters interface. + A new function `FT_Get_Var_Design_Coordinates' to retrieve the design coordinates of the currently selected variation instance has been added to the Multiple Masters interface. + A new load flag `FT_LOAD_BITMAP_METRICS_ONLY' to retrieve bitmap information without loading the (embedded) bitmap itself. + Retrieving advance widths from bitmap strikes (using `FT_Get_Advance' and `FT_Get_Advances') have been sped up. + The usual round of fuzzer fixes to better reject malformed fonts. - Drop freetype2-bitmap-foundry.patch, merged upstream. ==== ft2demos ==== Version update (2.7 -> 2.7.1) - Update to version 2.7.1 + The `ftmulti' demo program can now switch engines with key `H'. + The `ftstring' demo program can now show some built-in, non-latin sample strings (to be selected with the TAB key). + The `ftview' demo program can now switch between a font's charmaps using the TAB key. - Remove ftinspect-library.patch, merged upstream. - Also build ftinspect ==== gmp ==== Version update (6.1.1 -> 6.1.2) Subpackages: gmp-devel libgmp10 libgmp10-32bit libgmpxx4 - Update to GMP 6.1.2 release. * Mini-GMP: Fixed a division bug, which on a machine with 64-bit unsigned long affects approximately 1 out of 2^32 divisors. * Mini-GMP: Fix mpz_set_str crash on inputs with a large number of leading zeros. Also stricter input validation, rejecting inputs with no digits. * Handle more systems which require PIC code in static libraries (e.g., "hardened" Gentoo and Debian 9). * Configuration for arm (-32 and -64) has been rewritten, fixing poor code selection for many CPUs. * Mini-GMP: Updated to the latest development version, including new functions mpn_com and mpn_neg. - Add gmp-6.1.2-conftest.patch to fix configure test. ==== gnome-settings-daemon ==== - Apply gnome-settings-daemon-initial-keyboard.patch also for openSUSE, this fix is also needed there (boo#1009515). - Also apply gnome-settings-daemon-more-power-button-actions.patch on openSUSE. - Fixup gnome-settings-daemon-bring-back-updates-plugin.patch: also backport pk-clear-offline-update from PackageKit into this patch. - Add gnome-settings-daemon-shutdown-dialog-delay.patch: Fix 'Shutdown dialog delay 1 to 2 seconds' (bsc#979257, bgo#774452). ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Add serial module to efi image. Serial terminal is still useful even with EFI Secure Boot - Support %posttrans with marcos provided by update-bootloader-rpm-macros package (bsc#997317) ==== irqbalance ==== Version update (1.1.0 -> 1.2.0) - update to 1.2.0: * sort_irq logic rework to fix unintended ordering * removal of the affinity_hint infrastructure as its not needed * fixes for invalid cpumask parsing * many other minior fixes (see git log) * Aarch64 support * live interactive monitoring of irqbalance and live adjustment with irqbalance-ui - remove fix-aarch64-support.patch: upstreamed - add install-man-pages.patch - add aarch64-compile-fixes.patch ==== kde-branding-openSUSE ==== Subpackages: kdelibs4-branding-openSUSE ksplash-qml-branding-openSUSE ksplashx-branding-openSUSE - Also require grub2 when using the new update-bootloader-rpm-macros: Otherwise the installer might install the branding package before grub2, resulting in /etc/default/grub to not exist and the theme failing to activate. - Support %posttrans with macros provided by update-bootloader-rpm-macros package (bsc#997317) - enable grub2-branding-openSUSE also for %%arm ==== libcap ==== Subpackages: libcap2 libcap2-32bit - RPM group association fix ==== libgit2 ==== Version update (0.24.3 -> 0.24.6) - libgit2 0.24.6, including the following security fixes: * bsc#1019036: edge cases in the Git Smart Protocol can lead to attempting to parse outside of the buffer CVE-2016-10128,CVE-2016-10129 * bsc#1019037: MITM possible due to lack of parameter for certificate parameter CVE-2016-10130,CVE-2017-5338,CVE-2017-5339 - includes changes from 0.24.5: * add support for OpenSSL 1.1.0 for BIO filter ==== libraw ==== Version update (0.17.2 -> 0.18.0) Subpackages: libraw-devel libraw15 - update to 0.18.0: * License changed to LGPL-2.1/CDDL-1.0 * Camera support (+87): + Apple: iPad Pro, iPhone SE, iPhone 6s, iPhone 6 plus, iPhone 7, iPhone 7 plus + BlackMagic Micro Cinema Camera, URSA, URSA Mini + Canon PowerShot G5 X, PowerShot G7 X Mark II, PowerShot G9 X, IXUS 160 (CHDK hack), EOS 5D Mark IV, EOS 80D, EOS 1300D, EOS M10, EOS M5, EOS-1D X Mark II + Casio EX-ZR4000/5000 + DXO One, + FujiFilm X-Pro2, X70, X-E2S, X-T2 + Gione E7 + GITUP GIT2 + Google Pixel,Pixel XL + Hasselblad X1D, True Zoom + HTC MyTouch 4G, One (A9), One (M9), 10 + Huawei P9 + Leica M (Typ 262), M-D (Typ 262), S (Typ 007), SL (Typ 601), X-U (Typ 113), TL + LG G3, G4 + Meizy MX4 + Nikon D5, D500, D3400 + Olympus E-PL8, E-M10 Mark II, Pen F, SH-3, E-M1-II + Panasonic DMC-G8/80/81/85, DMC-GX80/85, DMC-TZ80/81/85/ZS60, DMC-TZ100/101/ZS100,DMC-LX9/10/15, FZ2000/FZ2500 + Pentax K-1, K-3 II, K-70 + PhaseOne IQ3 100MP + RaspberryPi Camera, Camera V2 + Ricoh GR II + Samsung Galaxy S7, S7 Edge + Sigma sd Quattro + Sony A7S II, ILCA-68 (A68), ILCE-6300, DSC-RX1R II, DSC-RX10III, DSC-RX100V,ILCA-99M2 (A99-II), a6500, IMX214, IMX219, IMX230, IMX298-mipi 16mp, IMX219-mipi 8mp, Xperia L + PtGrey GRAS-50S5C + YUNEEC CGO4 + Xiaomi MI3, RedMi Note3 Pro * Floating point DNG support * More metadata parsed * Existing API changes: imgdata.params fields (all very specific purpose): sony_arw2_options, sraw_ycc, and params.x3f_flags replaced with single bit-field raw_processing_options See LIBRAW_PROCESSING_* bits in documentation. * Fixed bug in Sony SR2 files black level * DNG files with BlackLevel both in vendor makernotes and BlackLevel: BlackLevel tag always takes precedence * ChannelBlackLevel added to canon makernotes * unpack_thumb() data size/offset check against file size - removed libraw-0.17.1-gcc6-compatibility.patch (fixed upstream) ==== linux-glibc-devel ==== Version update (4.8 -> 4.9) - Update to kernel headers 4.9 - Remove empty /usr/include/uapi directory ==== m4 ==== Version update (1.4.17 -> 1.4.18) - Update to version 1.4.18: * Diagnose --word-regexp as unsupported if it was not configured. * Preliminary support for OS/2. * A number of portability improvements inherited from gnulib. - Some packaging changes: * Use https url's * Get keyring from savannah * Use xs compressed files * Make building more verbose ==== ncftp ==== Version update (3.2.5 -> 3.2.6) - update to 3.2.6: * If a recursive download operation is also requested with delete mode, attempt to remove empty directories after all files have completed successfully. * No longer trying to utime() after every single block on downloads, which could cause noticable performance degradation when the local filesystem was not local. * Changed behavior of resuming downloads where the timestamp wasn't preserved (because of the utime change, above). The new behavior is to resume the download when the local copy has a recent timestamp (less than a week). * You can now disable use of MFMT like you could similarly disable SITE UTIME (e.g., "-o noMFMT" and "-o noSITE_UTIME"). * Now able to use sendfile() for uploads, on Linux/FreeBSD/Mac. Progress reports work too, with a small performance penalty. Ncftpput has a "-s" option to toggle whether it is used (defaults to on in ncftpput and ncftpbatch, off in ncftp). * Ncftpbatch/spooler now use larger buffers for pathnames, allowing for deeper directory trees. * Ncftpbatch/spooler now interpret a received SIGUSR1 as a hint to exit when the current file has finished. * Ncftpbatch/spooler now interpret a received SIGUSR2 to request it to stop sleeping and recheck the queue immediately. * Ncftpbatch/spooler's spool files now allow for you to specify that the local and/or remote file be renamed after a successful transfer. * Ncftpbatch/spooler now a little less chatty by reducing the number of PWD/CWD operations. * Ncftpbatch/spooler now log some xfer stats in its general log file, and ncftpspooler has a new "-x" option to specify a separate xfer log file. * Ncftpbatch/spooler now use a larger default maximum for its log file (10 MiB rather than 200 kB), and ncftpspooler has an -O command line option that can set this limit. Use "-O 0" for no maximum. * Ncftpbatch/spooler now try to present time in local timezone rather than UTC where possible. * Ncftpbatch/spooler now support multiple items per transaction (spool) file. ==== perl-Math-Base-Convert ==== - Add reproducible.patch to allow for reproducible builds ==== perl-Net-HTTP ==== Version update (6.09 -> 6.12) - updated to 6.12 see /usr/share/doc/packages/perl-Net-HTTP/Changes 6.12 2017-01-04 23:32:54-05:00 America/Toronto - Fix prereqs ==== publicsuffix ==== Version update (20161211 -> 20170105) - Update to version 20170105: * Add Amune.org to Public Suffix List (#357) * Adding TwoDNS TLD's to public_suffix_list.dat (#328) * Remove ro.com from Public Suffix List (#346) * Add 1gb.ua domains (#353) * Add homeoffice.gov.uk (#342) * Update list of .RU reserved domains (#359) * Add remotewd.com for Western Digital - Enable syntax checks ==== python-qt4 ==== Version update (4.11.4 -> 4.12) - Update to 4.12 - SIP v4.19 is now required. - Bug fixes. ==== python-sip ==== Version update (4.18.1 -> 4.19) Subpackages: python-sip-devel - Update to 4.19 * added the assign() function to the sip module * added support for the final keyword * added the use_limited_api argument to the %Module directive * added the %HideNamespace directive. ==== python3-qt4 ==== Version update (4.11.4 -> 4.12) - Update to 4.12 - SIP v4.19 is now required. - Bug fixes. ==== python3-sip ==== Version update (4.18.1 -> 4.19) - Update to 4.19 * added the assign() function to the sip module * added support for the final keyword * added the use_limited_api argument to the %Module directive * added the %HideNamespace directive. ==== qalculate ==== Version update (0.9.7 -> 0.9.10) Subpackages: libqalculate-devel - Update to 0.9.10: * Unit conversion fixes (e.g. "1/s to ms" and "1/ns to GHz") * Fixed parsing of degrees sign (used in defult symbol for temperature units) - Update to 0.9.9: * libqalculate will no longer cause segmentation faults when using a locale unsupported by the users system * Parsing of "today" fixed and "tomorrow" and "yesterday" added * Qalculate! now compiles, without errors and warning, using clang * New commands/options in qalc which list available variables, functions and units * New command in qalcfor deletion of variables - Update to 0.9.8: * Lots of bug fixes and minor improvements * Three different parsing modes can be chosen from (providing mainly different handling of implicit multiplication). The default 'adaptive' mode has been enhanced. * By default prefixes will not be added to for example imperial units. * Changed handling of degrees Celsius and Fahrenheit. Conversion will take place already during parsing. * When converting to unit without prefix, no prefix will be added to the result unless the unit expression is prepended with '?' ('0' works in the opposite direction). * Option to ignore commas in numbers (for use as thousands separator). * Possibility to abort slow number printing without using crash prone thread cancellation (use Calculator::startPrintControl() and related functions). * New function: fibonacci (Qalculate! can now tell you that the millionth fibonacci number is approximately 1,953282129 * 10^208987, although for obvious reasons the exact number cannot be displayed). * New units: Hartree, Rydberg, Dalton (same as u) * Currencies have been updated to reflect the available data from ECB. * Physical constant have been updated with the CODATA values from 2014. * Use ~/.local and ~/.conf to store configuration and definitions * 'to' can now not only be used for conversion to unit expressions. "to bin", "to oct", "to hex" and "to bases" changes number base displayed, "to factors" factorizes, "to fraction" displays as fraction, and "to base" and "to optimal" auto-converts units. (CLI) - Now using https://github.com/Qalculate/libqalculate as source - Remove gcc-6-compile.patch, fixed upstream ==== qemu ==== Version update (2.6.1 -> 2.7.0) Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-ssh qemu-extra qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-vgabios qemu-x86 - Despite the previous entry about re-enabling ceph on Nov 19, 2016 the change wasn't actually done. Do it now. - sgabios-stable-buildid.patch: Use geeko@buildhost - slof_xhci.patch: XHCI fixes (boo#977027) - Recommend x86 ROMs for emulated PCI cards on ppc, arm, others (bsc#1005869, michals) - Tidy SLOF patch boilerplate (michals) - Build with spice on all archs. (boo#1009438, michals) - Refine the approach to producing stable builds in our ROM based packages. All built roms which have hostname or date calls now produce consistent results build to build via patch changes, so remove the hostname and date call workarounds. (bsc#1011213) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0069-roms-Makefile-pass-a-packaging-time.patch sgabios-stable-buildid.patch - Re-enable ceph (rbd) functionality in OBS builds as we've been told the issues which prompted us to disable it are resolved - Address various security/stability issues * Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516) 0041-vmsvga-correct-bitmap-and-pixmap-si.patch * Fix DOS in LSI SAS1068 emulation (CVE-2016-7157 bsc#997860) 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7156 bsc#997859) 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch * Fix DOS in USB xHCI emulation (CVE-2016-7466 bsc#1000345) 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch * Fix OOB access in LSI SAS1068 emulation (CVE-2016-7423 bsc#1000397) 0046-scsi-mptsas-use-g_new0-to-allocate-.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661) 0047-scsi-pvscsi-limit-process-IO-loop-t.patch * Fix NULL pointer dereference in virtio processing (CVE-2016-7422 bsc#1000346) 0048-virtio-add-check-for-descriptor-s-m.patch * Fix DOS in ColdFire Fast Ethernet Controller emulation (CVE-2016-7908 bsc#1002550) 0049-net-mcf-limit-buffer-descriptor-cou.patch * Fix DOS in USB EHCI emulation (CVE-2016-7995 bsc#1003612) 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch * Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878) 0051-xhci-limit-the-number-of-link-trbs-.patch * Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894) 0052-9pfs-allocate-space-for-guest-origi.patch * Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494) 0053-9pfs-fix-memory-leak-in-v9fs_link.patch * Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893) 0054-9pfs-fix-potential-host-memory-leak.patch * Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454) 0055-9pfs-fix-information-leak-in-xattr-.patch * Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450) 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch * Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495) 0057-9pfs-fix-memory-leak-in-v9fs_write.patch * Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707) 0058-char-serial-check-divider-value-aga.patch * Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557) 0059-net-pcnet-check-rx-tx-descriptor-ri.patch * Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391) 0060-net-eepro100-fix-memory-leak-in-dev.patch * Fix OOB access in Rocker switch emulation (CVE-2016-8668 bsc#1004706) 0061-net-rocker-set-limit-to-DMA-buffer-.patch * Plug data leak in vmxnet3 emulation (CVE-2016-6836 bsc#994760) 0062-net-vmxnet-initialise-local-tx-desc.patch * Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538) 0063-net-rtl8139-limit-processing-of-rin.patch * Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536) 0064-audio-intel-hda-check-stream-entry-.patch * Fix DOS in virtio-gpu (CVE-2016-7994 bsc#1003613) 0065-virtio-gpu-fix-memory-leak-in-virti.patch * Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493) 0066-9pfs-fix-integer-overflow-issue-in-.patch * Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702) 0067-dma-rc4030-limit-interval-timer-rel.patch * Fix DOS in i.MX NIC emulation (CVE-2016-7907 bsc#1002549) 0068-net-imx-limit-buffer-descriptor-cou.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 - Use fixed timestamps and stable build_id in ipxe and other ROMs * Patches added: ipxe-stable-buildid.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patch updated: 0040-linux-user-skip-0-flag-from-proc-se.patch -> 0040-linux-user-remove-all-traces-of-qem.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0040-linux-user-skip-0-flag-from-proc-se.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch - Document two new options, but leave jemalloc disabled for now - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0034-build-link-with-libatomic-on-powerp.patch * Patches renamed: 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0036-qemu-bridge-helper-reduce-security-.patch -> 0035-qemu-bridge-helper-reduce-security-.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0038-configure-Fix-detection-of-seccomp-.patch -> 0037-configure-Fix-detection-of-seccomp-.patch 0039-linux-user-properly-test-for-infini.patch -> 0038-linux-user-properly-test-for-infini.patch - Updated to v2.7.0: See http://wiki.qemu-project.org/ChangeLog/2.7 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-linux-user-properly-test-for-infini.patch - Use new kvm_stat package where available, else provide updated kvm_stat script. - Update to v2.7.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.7 - Updated to v2.7.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.7 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0002-qemu-0.9.0.cvs-binfmt.patch (script rewritten upstream) 0009-block-vmdk-Support-creation-of-SCSI.patch (deprecated) 0014-linux-user-Ignore-broken-loop-ioctl.patch (implemented upstream) 0024-linux-user-add-more-blk-ioctls.patch (more implemented upstream) 0034-qtest-Increase-socket-timeout.patch (increased further upstream) 0036-configure-Enable-libseccomp-for-ppc.patch (enabled upstream) 0038-block-split-large-discard-requests-.patch 0041-xen-introduce-dummy-system-device.patch 0042-xen-write-information-about-support.patch 0043-xen-add-pvUSB-backend.patch 0044-xen-move-xen_sysdev-to-xen_backend..patch 0045-vnc-add-configurable-keyboard-delay.patch 0046-configure-add-echo_version-helper.patch 0047-configure-support-vte-2.91.patch 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0050-scsi-esp-fix-migration.patch 0051-xen-when-removing-a-backend-don-t-r.patch 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0055-xen-use-a-common-function-for-pv-an.patch ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-legacy-Fix-building-with-GCC-6.patch ipxe-util-v5.24-perl-errors-on-redeclare.patch ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch * Patches renamed: 0010-linux-user-add-binfmt-wrapper-for-a.patch -> 0009-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch -> 0010-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch -> 0011-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch -> 0012-linux-user-binfmt-support-host-bina.patch 0015-linux-user-lock-tcg.patch -> 0013-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch -> 0014-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch -> 0015-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch -> 0016-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch -> 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch -> 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch -> 0019-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch -> 0020-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch -> 0021-vnc-password-file-and-incoming-conn.patch 0025-linux-user-use-target_ulong.patch -> 0022-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch -> 0023-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch -> 0024-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch -> 0026-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch -> 0027-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch -> 0028-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch -> 0029-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch -> 0030-configure-Enable-PIE-for-ppc-and-pp.patch 0035-AIO-Reduce-number-of-threads-for-32.patch -> 0031-AIO-Reduce-number-of-threads-for-32.patch 0037-dictzip-Fix-on-big-endian-systems.patch -> 0032-dictzip-Fix-on-big-endian-systems.patch 0039-xen_disk-Add-suse-specific-flush-di.patch -> 0033-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch -> 0034-build-link-with-libatomic-on-powerp.patch 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch 0054-qemu-bridge-helper-reduce-security-.patch -> 0036-qemu-bridge-helper-reduce-security-.patch * Patches added: 0002-qemu-binfmt-conf-Modify-default-pat.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch * Package renamed trace-events-all file and linuxboot_dma.bin * Handle building and packaging roms for e1000e and vmxnet3 (Bruce) * Remove ipxe patches which are now enabled upstream (Bruce) * Enable seccomp for s390x (Mark Post): 0038-configure-Fix-detection-of-seccomp-.patch ==== qemu-linux-user ==== Version update (2.6.1 -> 2.7.0) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0069-roms-Makefile-pass-a-packaging-time.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0041-vmsvga-correct-bitmap-and-pixmap-si.patch 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch 0046-scsi-mptsas-use-g_new0-to-allocate-.patch 0047-scsi-pvscsi-limit-process-IO-loop-t.patch 0048-virtio-add-check-for-descriptor-s-m.patch 0049-net-mcf-limit-buffer-descriptor-cou.patch 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch 0051-xhci-limit-the-number-of-link-trbs-.patch 0052-9pfs-allocate-space-for-guest-origi.patch 0053-9pfs-fix-memory-leak-in-v9fs_link.patch 0054-9pfs-fix-potential-host-memory-leak.patch 0055-9pfs-fix-information-leak-in-xattr-.patch 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch 0057-9pfs-fix-memory-leak-in-v9fs_write.patch 0058-char-serial-check-divider-value-aga.patch 0059-net-pcnet-check-rx-tx-descriptor-ri.patch 0060-net-eepro100-fix-memory-leak-in-dev.patch 0061-net-rocker-set-limit-to-DMA-buffer-.patch 0062-net-vmxnet-initialise-local-tx-desc.patch 0063-net-rtl8139-limit-processing-of-rin.patch 0064-audio-intel-hda-check-stream-entry-.patch 0065-virtio-gpu-fix-memory-leak-in-virti.patch 0066-9pfs-fix-integer-overflow-issue-in-.patch 0067-dma-rc4030-limit-interval-timer-rel.patch 0068-net-imx-limit-buffer-descriptor-cou.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patch updated: 0040-linux-user-skip-0-flag-from-proc-se.patch -> 0040-linux-user-remove-all-traces-of-qem.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Fix issue with diffutils under qemu-ARCH-binfmt (schwab) 0040-linux-user-skip-0-flag-from-proc-se.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Fix ppc test failure 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0034-build-link-with-libatomic-on-powerp.patch * Patches renamed: 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0036-qemu-bridge-helper-reduce-security-.patch -> 0035-qemu-bridge-helper-reduce-security-.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0038-configure-Fix-detection-of-seccomp-.patch -> 0037-configure-Fix-detection-of-seccomp-.patch 0039-linux-user-properly-test-for-infini.patch -> 0038-linux-user-properly-test-for-infini.patch - Updated to v2.7.0: See http://wiki.qemu-project.org/ChangeLog/2.7 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 - Properly test for infinite timeout in poll (schwab) 0039-linux-user-properly-test-for-infini.patch - Update to v2.7.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.7 - Updated to v2.7.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.7 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0002-qemu-0.9.0.cvs-binfmt.patch (script rewritten upstream) 0009-block-vmdk-Support-creation-of-SCSI.patch (deprecated) 0014-linux-user-Ignore-broken-loop-ioctl.patch (implemented upstream) 0024-linux-user-add-more-blk-ioctls.patch (more implemented upstream) 0034-qtest-Increase-socket-timeout.patch (increased further upstream) 0036-configure-Enable-libseccomp-for-ppc.patch (enabled upstream) 0038-block-split-large-discard-requests-.patch 0041-xen-introduce-dummy-system-device.patch 0042-xen-write-information-about-support.patch 0043-xen-add-pvUSB-backend.patch 0044-xen-move-xen_sysdev-to-xen_backend..patch 0045-vnc-add-configurable-keyboard-delay.patch 0046-configure-add-echo_version-helper.patch 0047-configure-support-vte-2.91.patch 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0050-scsi-esp-fix-migration.patch 0051-xen-when-removing-a-backend-don-t-r.patch 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0055-xen-use-a-common-function-for-pv-an.patch * Patches renamed: 0010-linux-user-add-binfmt-wrapper-for-a.patch -> 0009-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch -> 0010-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch -> 0011-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch -> 0012-linux-user-binfmt-support-host-bina.patch 0015-linux-user-lock-tcg.patch -> 0013-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch -> 0014-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch -> 0015-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch -> 0016-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch -> 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch -> 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch -> 0019-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch -> 0020-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch -> 0021-vnc-password-file-and-incoming-conn.patch 0025-linux-user-use-target_ulong.patch -> 0022-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch -> 0023-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch -> 0024-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch -> 0026-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch -> 0027-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch -> 0028-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch -> 0029-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch -> 0030-configure-Enable-PIE-for-ppc-and-pp.patch 0035-AIO-Reduce-number-of-threads-for-32.patch -> 0031-AIO-Reduce-number-of-threads-for-32.patch 0037-dictzip-Fix-on-big-endian-systems.patch -> 0032-dictzip-Fix-on-big-endian-systems.patch 0039-xen_disk-Add-suse-specific-flush-di.patch -> 0033-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch -> 0034-build-link-with-libatomic-on-powerp.patch 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch 0054-qemu-bridge-helper-reduce-security-.patch -> 0036-qemu-bridge-helper-reduce-security-.patch * Patches added: 0002-qemu-binfmt-conf-Modify-default-pat.patch * Drop renamed trace-events-all file * Use qemu-ARCH-binfmt again with the new qemu-binfmt-conf.sh (schwab) 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch * Patches added: 0038-configure-Fix-detection-of-seccomp-.patch ==== qscintilla ==== Version update (2.9.3 -> 2.9.4) - Update to 2.9.4 - Added the .api file for Python v3.6. - Bug fixes. ==== sudo ==== Version update (1.8.18p1 -> 1.8.19p2) - update to 1.8.19p2 Major changes between sudo 1.8.19p2 and 1.8.19p1: * Fixed a crash in visudo introduced in sudo 1.8.9 when an IP address or network is used in a host-based Defaults entry. Bug #766 * Added a missing check for the ignore_iolog_errors flag when the sudoers plugin generates the I/O log file path name. * Fixed a typo in sudo's vsyslog() replacement that resulted in garbage being logged to syslog. - add /usr/lib/tmpfiles.d directory to the %files section and fix build for SLE12SP2 - update to 1.8.19p1 Major changes between sudo 1.8.19p1 and 1.8.19: * Fixed a bug introduced in sudo 1.8.19 that resulted in the wrong syslog priority and facility being used. Major changes between sudo 1.8.19 and 1.8.18p1: * New "syslog_maxlen" Defaults option to control the maximum size of syslog messages generated by sudo. * Sudo has been run against PVS-Studio and any issues that were not false positives have been addressed. * I/O log files are now created same group ID as the parent directory and not the invoking user's group ID. * I/O log permissions and ownership are now configurable via the "iolog_mode", "iolog_user" and "iolog_group" sudoers Defaults variables. * Fixed configuration of the sudoers I/O log plugin debug subsystem. Previously, I/O log information was not being written to the sudoers debug log. * Fixed a bug in visudo that broke editing of files in an include dir that have a syntax error. Normally, visudo does not edit those files, but if a syntax error is detected in one, the user should get a chance to fix it. * Warnings about unknown or unparsable sudoers Defaults entries now include the file and line number of the problem. * Visudo will now use the file and line number information about an unknown or unparsable Defaults entry to go directly to the file with the problem. * Fixed a bug in the sudoers LDAP back-end where a negated sudoHost entry would prevent other sudoHost entries following it from matching. * Warnings from visudo about a cycle in an Alias entry now include the file and line number of the problem. * In strict mode, visudo will now use the file and line number information about a cycle in an Alias entry to go directly to the file with the problem. * The sudo_noexec.so file is now linked with -ldl on systems that require it for the wordexp() wrapper. * Fixed linking of sudo_noexec.so on macOS systems where it must be a dynamic library and not a module. * Sudo's "make check" now includes a test for sudo_noexec.so working. * The sudo front-end now passes the user's umask to the plugin. Previously the plugin had to determine this itself. * Sudoreplay can now display the stdin and ttyin streams when they are explicitly added to the filter list. * Fixed a bug introduced in sudo 1.8.17 where the "all" setting for verifypw and listpw was not being honored. Bug #762. * The syslog priority (syslog_goodpri and syslog_badpri) can now be negated or set to "none" to disable logging of successful or unsuccessful sudo attempts via syslog. ==== systemd-rpm-macros ==== - RPM group fix ==== xz ==== Version update (5.2.2 -> 5.2.3) Subpackages: liblzma5 liblzma5-32bit xz-devel - xz 5.2.3: * xz: always close a file before trying to delete it to avoid problems on some operating system and file system combinations. * C99/C11 conformance fixes to liblzma. The issues affected at least some builds using link-time optimizations. * Fixed bugs in the rarely-used function lzma_index_dup(). * Use of external SHA-256 code is now disabled by default. It can still be enabled by passing --enable-external-sha256 * Changed CPU core count detection to use sched_getaffinity() on GNU/Linux and GNU/kFreeBSD. * Fixes to the build-system