Packages changed: Mesa babl (0.1.14 -> 0.1.16) bind (9.10.3P3 -> 9.10.3P4) bundle-lang-common bundle-lang-gnome bundle-lang-kde emacs kiwi (7.03.59 -> 7.03.64) libqt5-qtbase libreoffice (5.1.0.3 -> 5.1.1.3) llvm mercurial (3.7.1 -> 3.7.2) nano (2.5.2 -> 2.5.3) ntp (4.2.8p4 -> 4.2.8p6) p7zip (15.09 -> 15.14) pcsc-cyberjack (3.99.5final.SP08 -> 3.99.5final.SP09) perl-IO-Socket-SSL (2.016 -> 2.024) perl-XML-XPath (1.33 -> 1.34) python-Pillow python-cryptography simple-scan (3.18.2 -> 3.19.91) tango-icon-theme udisks2 (2.1.6 -> 2.1.7) videoproto (2.3.1 -> 2.3.3) vim (7.4.1525 -> 7.4.1558) yast2 (3.1.177 -> 3.1.179) yast2-bootloader (3.1.163 -> 3.1.164) yast2-installation (3.1.172 -> 3.1.175) yast2-mail (3.1.6 -> 3.1.7) yast2-security (3.2.1 -> 3.2.2) yast2-update (3.1.36 -> 3.1.37) === Details === ==== Mesa ==== Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2 - n_Define-GLAPIVAR-separate-from-GLAPI.patch: Add separate definition GLAPIVAR as GLAPI doesn't have the an 'extern' for some compiler versions. This is needed for GLw (bsc#970725). - U_llvmpipe-Do-not-use-barriers-if-not-using-threads.patch * llvmpipe: Do not use barriers if not using threads; triggers on single cpu machines (like KVM in openQA) with gcc6 and latest glibc(bnc#971350) - enable llvmpipe for aarch64 (fate#320649) ==== babl ==== Version update (0.1.14 -> 0.1.16) - Update to version 0.1.16: + Improvements to half float reference, SIMD, and fast-paths, and CIE float fast paths; cleanups of fast path extensions. ==== bind ==== Version update (9.10.3P3 -> 9.10.3P4) Subpackages: bind-chrootenv bind-doc bind-utils idnkit libbind9-140 libdns162 libidnkit1 libirs141 libisc160 libisccc140 libisccfg140 liblwres141 - Security update 9.10.3-P3: * CVE-2016-1285, bsc#970072: assert failure on input parsing can cause premature exit. * CVE-2016-1286, bsc#970073: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet containing multiple cookie options to cause named to terminate with an assertion failure. ==== bundle-lang-common ==== Subpackages: bundle-lang-common-cs bundle-lang-common-da bundle-lang-common-de bundle-lang-common-el bundle-lang-common-en bundle-lang-common-es bundle-lang-common-fr bundle-lang-common-hu bundle-lang-common-it bundle-lang-common-ja bundle-lang-common-pl bundle-lang-common-pt bundle-lang-common-ru bundle-lang-common-zh - Update package list. ==== bundle-lang-gnome ==== Subpackages: bundle-lang-gnome-cs bundle-lang-gnome-da bundle-lang-gnome-de bundle-lang-gnome-el bundle-lang-gnome-en bundle-lang-gnome-es bundle-lang-gnome-fr bundle-lang-gnome-hu bundle-lang-gnome-it bundle-lang-gnome-ja bundle-lang-gnome-pl bundle-lang-gnome-pt bundle-lang-gnome-ru bundle-lang-gnome-zh - Update package list. ==== bundle-lang-kde ==== Subpackages: bundle-lang-kde-cs bundle-lang-kde-da bundle-lang-kde-de bundle-lang-kde-el bundle-lang-kde-en bundle-lang-kde-es bundle-lang-kde-fr bundle-lang-kde-hu bundle-lang-kde-it bundle-lang-kde-ja bundle-lang-kde-pl bundle-lang-kde-pt bundle-lang-kde-ru bundle-lang-kde-zh - Update package list. ==== emacs ==== Subpackages: emacs-info emacs-nox emacs-x11 etags - Add patch debbugs16737.patch due user request from Arun Persaud to avoid hangs for several seconds or 10s of seconds in case of pasting large amount of text http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16737#185 ==== kiwi ==== Version update (7.03.59 -> 7.03.64) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools - v7.03.64 released - Revert "Added pv kernel profile" There is no kernel-pv This reverts commit 8ca75eeee4bd7999a20ed050d9ebe4ba75607c5d. - v7.03.63 released - Use shim-install to setup EFI secure boot This fixes (bnc#968475) - Added pv kernel profile - rpm: require tar>=1.2.7 for --xattrs support tar 1.2.6 and earlier doesn't have support for the --xattrs options (which is necessary in order to build valid Docker image root filesystems). Signed-off-by: Aleksa Sarai - travis: install newest version of GNU tar from trusty source --xattrs support was added quite some time ago, but Travis doesn't seem to have a recent enough version of GNU tar. Realistically, most up-to-date systems do, so we can just install the latest version here. In order to install the latest version, we have to build it from the Ubuntu 14.04 source repo. Signed-off-by: Aleksa Sarai - modules: KIWIContainerBuilder: preserve xattrs tar doesn't preserve extended attributes by default, causing Docker images to not have any correct set-capabilities bits set on binaries such as ping. Fix this by adding the --xattrs flag to the tar command run to generate the root filesystem image. Signed-off-by: Aleksa Sarai - v7.03.62 released - v7.03.61 released - Fixed gce disk format The order of the files in the tarball is important. The first entry must be the manifest.json followed by disk.raw. In addition the style of the manifest.json has been adapted too. A space after colon seems to be required for gce to accept the data ==== libqt5-qtbase ==== Subpackages: libQt5Concurrent-devel libQt5Concurrent5 libQt5Core-devel libQt5Core-private-headers-devel libQt5Core5 libQt5DBus-devel libQt5DBus5 libQt5Gui-devel libQt5Gui-private-headers-devel libQt5Gui5 libQt5Network-devel libQt5Network5 libQt5OpenGL-devel libQt5OpenGL5 libQt5PlatformHeaders-devel libQt5PrintSupport-devel libQt5PrintSupport5 libQt5Sql-devel libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-postgresql libQt5Sql5-sqlite libQt5Sql5-unixODBC libQt5Test-devel libQt5Test5 libQt5Widgets-devel libQt5Widgets5 libQt5Xml-devel libQt5Xml5 libqt5-qtbase-common-devel libqt5-qtbase-devel libqt5-qtbase-doc - Merge libqt5-qtbase-platformtheme-gtk2 back into libQt5Gui5 (bsc#969935) * align with old libQt5Gui5 where libqgtk2.so has provided ==== libreoffice ==== Version update (5.1.0.3 -> 5.1.1.3) Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-calc-extensions libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-oxygen libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-ru libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreoffice-writer-extensions - Add patch to detect boost_filesystem headers: * 0002-boost-filesystem1.patch * 0003-boost-filesystem2.patch - Add patch to fix rounding bug in test on i586: * libreoffice-hotfix-disablebrokenshapetest.patch - Version update to 5.1.1.3: * Various bugfixes for the first bugfix release of 5.1 - Update patch to build on sle11 * 0001-liborcus-0.11.patch ==== llvm ==== Subpackages: libLLVM libLLVM-32bit - Use gcc for stage1 bootstrap - Add back libstdc++-devel dependency for clang since libc++ is only available for x86-64 atm. ==== mercurial ==== Version update (3.7.1 -> 3.7.2) Subpackages: mercurial-lang - update to v3.7.2 This is a regularly-scheduled bugfix release. + bundlerepo: properly handle hidden linkrev in filelog (issue4945) + bundlerepo: properly handle hidden linkrev in manifestlog (issue4945) + demandimport: add _imp to ignore list + doc: correct example concerning "hg purge" alias in man page "hgrc.5" + doc: remove deprecated option from synopsis of command help + fileset: fix copy/paste in eol() error message + help: fix typo in backgroundclose documentation + help: hg.intevation.de is new primary name of hg.intevation.de (and new cert) + help: update template examples to use reST literal syntax + hg: obtain lock when creating share from pooled repo (issue5104) + log: fix order of revisions filtered by multiple OR options (issue5100) + rebase: update working directory when aborting (issue5084) + revert: properly revert to ancestor of p2 during merge (issue5052) + revset: flatten chained 'list' operations (aka function args) (issue5072) + setup: avoid procedure related to hg.exe at setup.py --pure + ui: fix crash by non-interactive prompt echo for user name + unionrepo: properly handle hidden linkrev in revlog (issue5070) + zeroconf: forward all arguments passed to ui.configitems() wrapper ==== nano ==== Version update (2.5.2 -> 2.5.3) Subpackages: nano-lang - Update to 2.5.3 * several bugfixes fostray cursor positioning errors, many many memory leaks including file reading, using the file browser, searching for multi-byte characters, history completion, and many other places. * New features include the ability to trim whitespace from the ends of lines when justifying text, see nanorc(5) option justifytrim for deets. ==== ntp ==== Version update (4.2.8p4 -> 4.2.8p6) Subpackages: ntp-doc - CVE-2015-8158, bsc#962966: potential infinite loop in ntpq - CVE-2015-8138, bsc#963002: Zero Origin Timestamp Bypass - CVE-2015-7978, bsc#963000: Stack exhaustion in recursive traversal of restriction list. - CVE-2015-7979, bsc#962784: off-path denial of service on authenticated broadcast mode - CVE-2015-7977, bsc#962970: restriction list NULL pointer dereference - CVE-2015-7976, bsc#962802: 'ntpq saveconfig' command allows dangerous characters in filenames - CVE-2015-7975, bsc#962988: nextvar() missing length check in ntpq - CVE-2015-7974, bsc#962960: Missing key check allows impersonation between authenticated peers - CVE-2015-7973, bsc#962995: replay attack on authenticated broadcast mode - CVE-2015-5300, bsc#951629: MITM attacker can force ntpd to make a step larger than the panic threshold - update to 4.2.8p6 * fixes low- and medium-severity vulnerabilities 4.2.8p6: CVE-2015-8158 CVE-2015-8138 CVE-2015-7978 CVE-2015-7979 CVE-2015-7977 CVE-2015-7976 CVE-2015-7975 CVE-2015-7974 CVE-2015-7973 4.2.8p5: CVE-2015-5300 * bug fixes ==== p7zip ==== Version update (15.09 -> 15.14) - Update to version 15.14 * Based on 7-zip 15.14 release * Build fixes * All the fixes from 7-zip 15.14, see the included ChangeLog - Drop p7zip-CVE-2015-1038.patch, upstream. ==== pcsc-cyberjack ==== Version update (3.99.5final.SP08 -> 3.99.5final.SP09) - update to 3.99.5 Service Pack 09 * Fix USB unplug problems * removed cyberjack diag tool ==== perl-IO-Socket-SSL ==== Version update (2.016 -> 2.024) - updated to 2.024 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.024 2016/02/06 - Work around issue where the connect fails on systems having only a loopback interface and where IO::Socket::IP is used as super class (default when available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to localhost would fail on this systems. This happened at least for the tests, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796 Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not be useful anyway but would cause at most harm. 2.023 2016/01/30 - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) which caused an endless loop. It will now ignore this result in case the TLS connection was not yet established and consider the TLS connection closed instead. 2.022 2015/12/10 - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash. Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253 2.021 2015/12/02 - Fixes for documentation and typos thanks to DavsX and jwilk. - Update PublicSuffx with latest version from publicsuffix.org 2.020 2015/09/20 - support multiple directories in SSL_ca_path as proposed in RT#106711 by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string with a path separator, see documentation. - typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34 2.019 2015/09/01 - work around different behavior of getnameinfo from Socket and Socket6 by using a different wrapper depending on which module I use for IPv6. Thanks to bluhm for reporting. 2.018 2015/08/27 - RT#106687 - startssl.t failed on darwin with old openssl since server requested client certificate but offered also anon ciphers 2.017 2015/08/24 - checks for readability of files/dirs for certificates and CA no longer use - r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295 - new method sock_certificate similar to peer_certificate based on idea of Paul Evans, RT#105733 - get_fingerprint can now take optional certificate as argument and compute the fingerprint of it. Useful in connection with sock_certificate. - check for both EWOULDBLOCK and EAGAIN since these codes are different on some platforms. Thanks to Andy Grundman, RT#106573 - enforce default verification scheme if none was specified, i.e. no longer just warn but accept. If really no verification is wanted a scheme of 'none' must be explicitly specified. - support different cipher suites per SNI hosts - remove perl-IO-Socket-SSL_fix_offline.patch ==== perl-XML-XPath ==== Version update (1.33 -> 1.34) - updated to 1.34 see /usr/share/doc/packages/perl-XML-XPath/Changes 1.34 2016-03-08 MANWAR - Applied the patch to script examples/xpath (kindly provided by GREGOA). ==== python-Pillow ==== Subpackages: python-Pillow-tk - add LICENSE ==== python-cryptography ==== - fix license ==== simple-scan ==== Version update (3.18.2 -> 3.19.91) - Update to version 3.19.91: + Updated translations. - Update to version 3.19.90: + Updated translations. - Update to version 3.19.4: + Updated translations. - Update to version 3.19.3:a + Fix typo in Epson website. + Updated translations. - Update to version 3.19.2: + Make colord/packagekit support able to be explicitly disabled. - Update to version 3.19.1: + Add help about quality, brightness, contrast settings. + Fix help references to Wikipedia (currently just say Wiki). + Fix SANE capability logging commas. ==== tango-icon-theme ==== - Add tango-icon-theme-reproducible.patch to fix build-compare (fdo#94510). ==== udisks2 ==== Version update (2.1.6 -> 2.1.7) Subpackages: libudisks2-0 - Update to 2.1.7: + Allow disabling ACL. + udisksctl: Properly redirect stdout. + Catch bogus UUID changes of MDRAIDs. + Fix udiskctl help for glib 2.45. + udisks2.service.in: Add [Install] section. + Fix translator comments in udisksobjectinfo.c. + integration-test: Explicitly require UDisks 2.0 typelib. + integration-test: Fix wait_timeout/busy error messages. + integration-test: PEP-8 fixes. + integration-test: Fix Polkit.test_removable_fs. + test_polkitd.py: Fix race condition in waiting for test polkitd. + integration-test: Fix race condition in fake CD drive creation. + integration-test: Add timeout to readd_device(). + Add support for read look-ahead ATA settings (fdo#92488). - Add tarball signing. - Change group to System/Daemons. ==== videoproto ==== Version update (2.3.1 -> 2.3.3) - Update to version 2.3.3: No functional change, just squashing a build warning for new xserver. ==== vim ==== Version update (7.4.1525 -> 7.4.1558) Subpackages: gvim vim-data - Updated to revision 1558, fixes the following problems * Using "ever" for packages is confusing. * Specifying buffer number for channel not implemented yet. * MS-Windows job_start() closes wrong handle. * Compiler warning for unitinialized variable. * MS-Windows channel leaks file descriptor. * Using feedkeys() with an empty string disregards 'x' option. * Compiler warning for shadowed variable. * The feedkeys test has a one second delay. * Cannot re-use a channel for another job. * Too many feature flags for pipes, jobs and channels. * Selection with the mouse does not work in command line mode. * Too much code in eval.c. * Channel test is a bit flaky. * Missing job_info(). * job_start() with a list is not tested. * Channel log methods are not tested. * On Win32 escaping the command does not work properly. * GTK3: horizontal cursor movement in Visual selection not good. * Sticky type checking is more annoying than useful. * Getting a cterm highlight attribute that is not set results in the string "-1". * Two tests fail. * Cannot load packages early. * Cannot generate help tags in all doc directories. * ":colorscheme" does not use 'packpath'. * ":runtime" does not use 'packpath'. * Completion for :colorscheme does not use 'packpath'. * List of test targets incomplete. * "make install" changes the help tags file, causing it to differ from the repository. * Windows cannot be identified. * It is not easy to find out what windows display a buffer. ==== yast2 ==== Version update (3.1.177 -> 3.1.179) Subpackages: yast2-devel-doc - Added cfg_mail.scr from yast-mail to avoid circular dependencies with yast2-security, yast2-users and yast2-mail (FATE#319711) - 3.1.179 - Introduce PowerNV platform (boo#970582) - 3.1.178 ==== yast2-bootloader ==== Version update (3.1.163 -> 3.1.164) - include quiet in default kernel boot parameters for POWER (bsc#965347) - 3.1.164 ==== yast2-installation ==== Version update (3.1.172 -> 3.1.175) - Added automatic update during installation (FATE#319716) - 3.1.175 - System Role: align labels (FATE#317481). - System Role: pop-up if changing the role to a different one. - 3.1.174 - Moved Yast::Transfer::FileFromUrl here from yast2-update (FATE#319716). - 3.1.173 ==== yast2-mail ==== Version update (3.1.6 -> 3.1.7) - Moved cfg_mail.scr to yast2 due to circular dependencies with yast2-security and yast2-users. (FATE#319711) - 3.1.7 ==== yast2-security ==== Version update (3.2.1 -> 3.2.2) - Added support for multiple display managers (bnc#946889). - Replaced testsuite tests by rspec tests. - Removed autotools. - Updated yast2 dependency for cfg_mail.scr - 3.2.2 ==== yast2-update ==== Version update (3.1.36 -> 3.1.37) - Remove Yast::Transfer::FileFromUrl as it will be present in yast2-installation (FATE#319716). - 3.1.37