Packages changed: baloo5-widgets (20.12.0 -> 20.12.1) dolphin (20.12.0 -> 20.12.1) haveged (1.9.13 -> 1.9.14) ilmbase (2.5.3 -> 2.5.4) kaccounts-integration (20.12.0 -> 20.12.1) kate (20.12.0 -> 20.12.1) kde-print-manager (20.12.0 -> 20.12.1) kdeconnect-kde (20.12.0 -> 20.12.1) kdialog (20.12.0 -> 20.12.1) keyutils (1.6 -> 1.6.3) kio-extras5 (20.12.0 -> 20.12.1) konsole (20.12.0 -> 20.12.1) kwalletmanager5 (20.12.0 -> 20.12.1) libdrm (2.4.102 -> 2.4.103) libepoxy (1.5.4 -> 1.5.5) libusb-1_0 (1.0.23 -> 1.0.24) lilv (0.24.6 -> 0.24.10) llvm11 nghttp2 (1.41.0 -> 1.42.0) openexr (2.5.3 -> 2.5.4) perl-libwww-perl (6.50 -> 6.51) podman (2.2.0 -> 2.2.1) polkit sord (0.16.4 -> 0.16.6) wget (1.20.3 -> 1.21) xdm zchunk zstd (1.4.5 -> 1.4.8) === Details === ==== baloo5-widgets ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== dolphin ==== Version update (20.12.0 -> 20.12.1) Subpackages: dolphin-part libdolphinvcs5 - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - Changes since 20.12.0: * Fix vertical scroll with horizontal component not being recognized properly (kde#430532) * DolphinContextMenu: drop wrong assert * Fix crash when device with capacitybar is dragged (kde#430441) * Use setShowOpenOrExecuteDialog(true) with OpenUrlJob * Fix access url navigator while creating new tab in filename search view (kde#429628, kde#430434) * Fix KIO warning when URL is empty * servicemenuinstaller: Remove file if it already exists * Fix PlacesItemModelTest, 2nd try - Dropped patches, now upstream: * 0001-Fix-access-url-navigator-while-creating-new-tab-in-f.patch ==== haveged ==== Version update (1.9.13 -> 1.9.14) Subpackages: libhavege2 - Update to 1.9.14: * made enttest configurable * havegecmd.c - new command added to close the communication socket - Drop haveged-conditional-enttest.patch ==== ilmbase ==== Version update (2.5.3 -> 2.5.4) Subpackages: libHalf-2_5-25 libIex-2_5-25 libIlmThread-2_5-25 - merge also baselibs.conf - modified sources % baselibs.conf - merge ilmbase and openexr source packages into one _multibuild - added sources + _multibuild - version update to 2.5.4 * Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files. - version update to 2.5.3 * Various sanitizer/fuzz-identified issues related to handling of invalid input * Fixes to misc compiler warnings * Cmake fix for building on arm64 macOS (#772) * Read performance optimization (#782) * Fix for building on non-glibc (#798) * Fixes to tests - Disable testsuite also on s390/s390x, probably will not pass on any bigendian platform in current state - Disable testsuite also on ppc - Fix 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch so pkgconfig file has no duplicate prefix. - Run test suite also on all other archs but i586 and ppc64(be) - version update to 2.5.2 2.5.2 * Invalid input could cause a heap-use-after-free error in DeepScanLineInputFile::DeepScanLineInputFile() * Invalid chunkCount attributes could cause heap buffer overflow in getChunkOffsetTableSize() * Invalid tiled input file could cause invalid memory access TiledInputFile::TiledInputFile() * OpenEXRConfig.h now correctly sets OPENEXR_PACKAGE_STRING to "OpenEXR" (rather than "IlmBase") 2.5.1 * A patch release that corrects the SO version for the v2.5 release, which missed getting bumped in v2.5.0. * This release also fixes an improper failure in IlmImfTest when running on ARMv7 and AAarch64. 2.5.0 * No more build-time header generation: toFloat.h, eLut.h, b44ExpLogTable.h, and dwaLookups.h are now ordinary header files, no longer generated on the fly. * New StdISSTream class, an "input" stringstream version of StdOSStream * New Matrix22 class in Imath * Chromaticity comparison operator now includes white (formerly ignored) * Various cmake fixes * Bug fixes for various memory leaks * Bug fixes for various invalid memory accesses * New checks to detect damaged input files * OpenEXR_Viewers has been deprecated, removed from the top-level cmake build and documentation. - modified patches % 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch (refreshed) - modified sources % baselibs.conf - version update to 2.4.1 * Various fixes for memory leaks and invalid memory accesses * Various fixes for integer overflow with large images. * Various cmake fixes for build/install of python modules. * ImfMisc.h is no longer installed, since it's a private header. - deleted patches - Fix-the-symlinks-creation.patch (upstreamed) - Fix relative paths in generated pkgconfig files: 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch - Fix build with older cmake package (Leap 15.0 up to 15.2), the included ctest macro does not accept extra parameters. - Add Fix-the-symlinks-creation.patch to fix the symlinks creation. - fix OpenEXR.pc - increase timeout for IlmImf test - version update to 2.4.0 * Completely re-written CMake configuration files * Improved support for building on Windows, via CMake * Improved support for building on macOS, via CMake * All code compiles without warnings on gcc, clang, msvc * Cleanup of license and copyright notices * floating-point exception handling is disabled by default * New Slice::Make method to reliably compute base pointer for a slice. * Miscellaneous bug fixes * CVE-2018-18444 Issue #351 Out of Memory * CVE-2018-18443 Issue #350 heap-buffer-overflow - upstream does not provide gpg signature anymore https://github.com/openexr/openexr/issues/565 - modified sources % baselibs.conf - deleted patches - openexr-CVE-2017-14988.patch (upstreamed) - openexr-CVE-2017-9111,9113,9115.patch (upstreamed) - openexr-CVE-2018-18444.patch (upstreamed) - deleted sources - openexr-2.3.0.tar.gz.sig (not needed) - openexr.keyring (not needed) - testsuite only for x86_64 [bsc#1146648] - Enable tests on architectures with enough memory - boo#1146648 * disable imffuzztest as it takes to much resources - security update - added patches CVE-2017-14988 [bsc#1061305] + openexr-CVE-2017-14988.patch - security update - added patches CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115 [bsc#1040115] + openexr-CVE-2017-9111,9113,9115.patch - Codify new ilmbase requirements. - security update * CVE-2018-18444 [bsc#1113455] + openexr-CVE-2018-18444.patch - asan_build: build ASAN included - debug_build: build more suitable for debugging - Remove useless --with-pic. - Adjust RPM groups and repair sentence structure. - updated to 2.3.0 * ThreadPool overhead improvements, enable custom thread pool to be registered via ThreadPoolProvider class * Fixes to enable custom namespaces for Iex, Imf * Improve read performance for deep/zipped data, and SIMD-accelerated uncompress support * Added rawPixelDataToBuffer() function for access to compressed scanlines * Iex::BaseExc no longer derived from std::string. * Imath throw() specifiers removed * Initial Support for Python 3 * removed patch - Update to 2.2.1 * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116 - pgajdos@suse.com: but really seem to fix only: CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for the rest of issues see [bsc#1040109], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305] - Cleanup a bit with spec-cleaner - Update to 2.2.0 * DreamWorks Lossy Compression A new high quality, high performance lossy compression codec contributed by DreamWorks Animation. This codec allows control over variable lossiness to balance visual quality and file size. This contribution also includes performance improvements that speed up the PIZ codec. * IlmImfUtil A new library intended to aid in development of image file manipulation utilities that support the many types of OpenEXR images. * This release also includes improvements to cross-platform build support using CMake. - Bumped the soname, and now we have libIlmImf and libIlmImfUtil - Removed openexr-2.1.0-headers.patch - Updated openexr.keyring from the savannah project page. - Add obsoletes to baselibs.conf. - remove dependency on gpg-offline (blocks rebuilds and tarball integrity is checked by source-validator anyway) - add openexr-2.1.0-headers.patch to install ImfDeepImageStateAttribute.h header too - update to 2.1.0 This release includes a refactoring of the optimised read paths for RGBA data, optimisations for some of the python bindings to Imath, improvements to the cmake build environment as well as additional documentation describing deep data in more detail. - make tests conditional, enable fuzz test and huge test - update to 2.0.1 This is a maintenance push that predominantly addresses edge case failures in the optimisation code paths by temporarily disabling the feature. For more details, please refer to the /usr/share/doc/packages/openexr/ChangeLog - add gpg-offline based verification - fix library deps - update to 2.0.0 * Deep Data support - Pixels can now store a variable-length list of samples. The main rationale behind deep images is to enable the storage of multiple values at different depths for each pixel. OpenEXR 2.0 supports both hard-surface and volumetric representations for Deep Compositing workflows. * Multi-part Image Files - With OpenEXR 2.0, files can now contain a number of separate, but related, data parts in one file. Access to any part is independent of the others, pixels from parts that are not required in the current operation don't need to be accessed, resulting in quicker read times when accessing only a subset of channels. The multipart interface also incorporates support for Stereo images where views are stored in separate parts. This makes stereo OpenEXR 2.0 files significantly faster to work with than the previous multiview support in OpenEXR. * Optimized pixel reading - decoding RGB(A) scanline images has been accelerated on SSE processors providing a significant speedup when reading both old and new format images, including multipart and multiview files. * Namespacing - The library introduces versioned namespaces to avoid conflicts between packages compiled with different versions of the library. - obsoleted openexr-suse-docdir.patch (moved in install phase) openexr-disable-tests.patch - license update: BSD-3-Clause No GPL licensed files found in the package - Update baselibs.conf - Update to 1.7.1 * Updated the .so verison to 7. * obsoletes openexr-includes.patch - require new ilmbase-devel for build - rename libopenexr-devel to openexr devel to be compatible with renamed ilmbase package - disable the test at all, as running them in OBS seems not to be reliable - Remove redundant tags/sections per specfile guideline suggestions - openexr-disable-tests.patch - disable broken tests prevents a build in Factory - remove explicit libdrm buildrequires - Use %_smp_mflags for parallel build - Update to 1.7.0 - bugfix release, multiviewer support * obsoletes CVE-2009-1720 support * built with --enable-larget-stack and test - Renammed to be more comfortable with Shared Library policy * openexr - main (source package) contains tools in bindir, it provides and obsoletes the old OpenEXR symbol * libIlmImf6 - contains the openexr library * libopenexr-devel - contains the headers, Provides and Obsoletes the OpenEXR-devel symbol * openexr-doc - documentation - add baselibs.conf as a source - fixed bnc#527539: VUL-0: OpenEXR: [ MDVSA-2009:190 ] OpenEXR used patches from Mandriva * CVE-2009-1720 * CVE-2009-1721 - save 6.7MB by removing static libraries and "la" files - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) - obsolete old -XXbit packages (bnc#437293) - added baselibs.conf file to build xxbit packages for multilib support - update to 1.6.1 - fix buid, add docu subpackage with documentation and examples - fix linking of new IlmThread lib versus libpthread - update to 1.4.6 - fix build, fix packaging examples and doc - added missing Requires - fixed RPM_OPT_FLAGS - fix shared lib dependencies - fix installed headers - converted neededforbuild to BuildRequires - make use of mesa-devel-packages macro in neededforbuild - don't build as root - update to version 1.2.2 - Fix missing declaration. - try to fix docu installation - initial package of version 1.2.1 ==== kaccounts-integration ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - Changes since 20.12.0: * Load translations ==== kate ==== Version update (20.12.0 -> 20.12.1) Subpackages: kate-plugins - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== kde-print-manager ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== kdeconnect-kde ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - Changes since 20.12.0: * plugins/battery: add battery charge info to the update signal ==== kdialog ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== keyutils ==== Version update (1.6 -> 1.6.3) Subpackages: libkeyutils1 - the license of the library and -devel package is LGPL only, the tools are GPL. - update to 1.6.3: * Revert the change notifications that were using /dev/watch_queue. * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE). * Allow "keyctl supports" to retrieve raw capability data. * Allow "keyctl id" to turn a symbolic key ID into a numeric ID. * Allow "keyctl new_session" to name the keyring. * Allow "keyctl add/padd/etc." to take hex-encoded data. * Add "keyctl watch*" to expose kernel change notifications on keys. * Add caps for namespacing and notifications. * Set a default TTL on keys that upcall for name resolution. * Explicitly clear memory after it's held sensitive information. * Various manual page fixes. * Fix C++-related errors. * Add support for keyctl_move(). * Add support for keyctl_capabilities(). * Make key=val list optional for various public-key ops. * Fix system call signature for KEYCTL_PKEY_QUERY. * Fix 'keyctl pkey_query' argument passing. * Use keyctl_read_alloc() in dump_key_tree_aux(). * Various manual page fixes. - spec-cleaner run (fixup failing homepage url) ==== kio-extras5 ==== Version update (20.12.0 -> 20.12.1) Subpackages: libkioarchive5 - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== konsole ==== Version update (20.12.0 -> 20.12.1) Subpackages: konsole-part - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - Changes since 20.12.0: * Correct columns size with highlightScrolledLines (kde#429600) * Only link konsoleprofile to konsoleprivate (kde#430492) * Revert 'Fix bold character color paint' - Dropped patches, now upstream: * Only-link-konsoleprofile-to-konsoleprivate.patch ==== kwalletmanager5 ==== Version update (20.12.0 -> 20.12.1) - Update to 20.12.1 * New bugfix release * For more details please see: * https://kde.org/announcements/releases/2021-01-apps-update - No code change since 20.12.0 ==== libdrm ==== Version update (2.4.102 -> 2.4.103) Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 - update to 2.4.103: * xf86drm.c: Use integer logarithm. * amdgpu: only enable security tests on raven family * amdgpu: sync up amdgpu_drm.h with latest from kernel * amdgpu: add marketing names from 20.40 * intel: add INTEL_DG1_IDS to the pciids list * amdgpu: add device IDs for Raven, Picasso and Renoir * intel: sync i915_pciids.h with kernel * amdgpu: Add Device IDs for Embedded Raven2 platforms * intel: sync i915_pciids.h with kernel * xf86drm.c: fix build failure * core: use `O_RDONLY` instead of ambiguous `0` flag * lots of tests/amdgpu updates ==== libepoxy ==== Version update (1.5.4 -> 1.5.5) - Update to version 1.5.5: + Remove Python 2 support. + Remove Autotools support. + Use EGL_NO_X11 to disable X11 headers. + Use call convention for mock function. + Return correct version of GLSL on GLES2. + Rely on Meson's darwin_versions option. - Drop Lower-the-minimum-required-version-of-Meson.patch: New minimum meson is 0.48. ==== libusb-1_0 ==== Version update (1.0.23 -> 1.0.24) - Update to version 1.0.24 * Add new platform abstraction (#252). * Add Null POSIX backend. * Add support for eventfd. * New API libusb_hotplug_get_user_data(). * Linux: Drop support for kernel older than 2.6.32. * Linux: Provide an event thread name. (#689). * Linux: Wait until all USBs have been reaped before freeing them. (#607) * Documentation fixes and improvements. * Various other bug fixes and improvements. ==== lilv ==== Version update (0.24.6 -> 0.24.10) - update to 0.24.10: * Fix memory leaks in lv2bench * Fix various minor warnings and other code quality issues * Make lilv_world_get() use translations * Split and clean up test suite * Allow passing strings for URIs in Python API when unambiguous * Fix cases where incorrect translation is used * Fix deleting state bundles loaded from the model * Fix memory leak when dyn-manifest has no plugins (thanks Michael Fisher) * Implement state:freePath feature ==== llvm11 ==== - Increase required RAM for aarch64 ==== nghttp2 ==== Version update (1.41.0 -> 1.42.0) - update to 1.42.0: * lib: fix ubsan errors (Patch from Asra Ali) (GH-1468) * lib: Don't send RST_STREAM to idle stream (GH-1477) * lib: nghttp2_map backed by nghttp2_ksl * doc: Update sphinx_rtd_theme * doc: nghttp2_session_send is also affected by max concurrent streams (Patch from Tomas Krizek) (GH-1489) * doc: clarify flow control behaviour for nghttp2_session_send() (Patch from Tomas Krizek) (GH-1488) * build: Add missing cmake/FindSystemd.cmake to dist (GH-1526) * third-party: Bump llhttp to 2.2.0 * third-party: Bump mruby to 2.1.2 * nghttpx: Deal with the case when h2 backend is retired before it is initialized * nghttpx: Add accesslog variables to record request path without query (GH-1511) * nghttpx: Fix stall when TLS follows after proxy protocol * nghttpx: Fix logging integer ==== openexr ==== Version update (2.5.3 -> 2.5.4) - merge also baselibs.conf - modified sources % baselibs.conf - merge ilmbase and openexr source packages into one _multibuild - added sources + _multibuild - version update to 2.5.4 * Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files. ==== perl-libwww-perl ==== Version update (6.50 -> 6.51) - updated to 6.51 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.51 2020-12-29 22:09:04Z - Fix proxy test on Windows (GH#358) (Olaf Alders) - Sort keys in Pod example of constructor defaults (GH#356) (Olaf Alders) ==== podman ==== Version update (2.2.0 -> 2.2.1) Subpackages: podman-cni-config - Update to v2.2.1 * Changes - Due to a conflict with a previously-removed field, we were forced to modify the way image volumes (mounting images into containers using - -mount type=image) were handled in the database. As a result, containers created in Podman 2.2.0 with image volume will not have them in v2.2.1, and these containers will need to be re-created. * Bugfixes - Fixed a bug where rootless Podman would, on systems without the XDG_RUNTIME_DIR environment variable defined, use an incorrect path for the PID file of the Podman pause process, causing Podman to fail to start (#8539). - Fixed a bug where containers created using Podman v1.7 and earlier were unusable in Podman due to JSON decode errors (#8613). - Fixed a bug where Podman could retrieve invalid cgroup paths, instead of erroring, for containers that were not running. - Fixed a bug where the podman system reset command would print a warning about a duplicate shutdown handler being registered. - Fixed a bug where rootless Podman would attempt to mount sysfs in circumstances where it was not allowed; some OCI runtimes (notably crun) would fall back to alternatives and not fail, but others (notably runc) would fail to run containers. - Fixed a bug where the podman run and podman create commands would fail to create containers from untagged images (#8558). - Fixed a bug where remote Podman would prompt for a password even when the server did not support password authentication (#8498). - Fixed a bug where the podman exec command did not move the Conmon process for the exec session into the correct cgroup. - Fixed a bug where shell completion for the ancestor option to podman ps --filter did not work correctly. - Fixed a bug where detached containers would not properly clean themselves up (or remove themselves if --rm was set) if the Podman command that created them was invoked with --log-level=debug. * API - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the Binds and Mounts parameters in HostConfig. - Fixed a bug where the Compat Create endpoint for Containers ignored the Name query parameter. - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the "default" value for NetworkMode (this value is used extensively by docker-compose) (#8544). - Fixed a bug where the Compat Build endpoint for Images would sometimes incorrectly use the target query parameter as the image's tag. * Misc - Podman v2.2.0 vendored a non-released, custom version of the github.com/spf13/cobra package; this has been reverted to the latest upstream release to aid in packaging. - Updated the containers/image library to v5.9.0 ==== polkit ==== Subpackages: libpolkit0 typelib-1_0-Polkit-1_0 move to libexec dir is still not complete: - add polkit-adjust-libexec-path.patch: There is another hard coded reference of lib/ in the code that this patch addresses. - also adjust invocation of %set_permissions and %verify_permissions to new libexec dir location. - also set libprivdir during build, otherwhise systemd and D-Bus service files contain the wrong path and we'll get runtime errors. - Install private binaries into libexec instead of into lib. For this an override of the custom libprivdir variable is necessary, because upstream explicitly moved away from libexecdir via upstram commit 6fbcc6cd839680fcefd81c4a43676e7c031c9859. ==== sord ==== Version update (0.16.4 -> 0.16.6) - update to 0.16.6: * Fix potential crash or incorrectness issues with GCC 10 * Fix various minor warnings and other code quality issues ==== wget ==== Version update (1.20.3 -> 1.21) - GNU wget 1.21: * Improve the number of translated strings * Remove all uses of alloca * Fix buffer overflows in progress bar code in some locales * Fix two null pointer accesses * Amend cookie file header to be recognized by the 'file' command * Post Handshake Authentication for OpenSSL - drop obsolete texinfo packaging macros ==== xdm ==== - fixed path of pidof tool for older openSUSE Leap releases (boo#1179607) ==== zchunk ==== - Add d2eae512bee09a4047cfe586de12f644d73b0736.patch: Fix build with zstd 1.4.7+. ==== zstd ==== Version update (1.4.5 -> 1.4.8) - Update to version 1.4.8 to fix i586+s390x - Update to version 1.4.7 * Improved --long mode * --long now automatically enabled for any window size >= 128MB * Faster decompression of small blocks * CLI improvements + accept parameter through environment variable ZSTD_NBTHREADS + new command --output-dir-mirror + more accurate warning and error messages * New experimental features + Shared Thread Pool + Faster Dictionary Compression + New Sequence Ingestion API * Drop upstream fix-lib-build.patch