Changed packages: ==== Mesa ==== Version update (10.6.2 -> 10.6.3) Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit libOSMesa-devel libOSMesa9 libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2 - update to 10.6.3 * fdo#90728 - dvd playback with vlc and vdpau causes segmentation fault * fdo#91337 - OSMesaGetProcAdress("OSMesaPixelStore") returns nil * osmesa: fix OSMesaPixelsStore typo * vl: cleanup video buffer private when the decoder is destroyed * st/vdpau: fix mixer size checks * auxiliary/vl: use the correct screen index * i965/gen9: Use custom MOCS entries set up by the kernel. * nv50, nvc0: enable at least one color RT if alphatest is enabled * nvc0/ir: fix txq on indirect samplers * nvc0/ir: don't worry about sampler in txq handling * gm107/ir: fix indirect txq emission * nv50: fix max level clamping on G80 * program: Allow redundant OPTION ARB_fog_* directives. * xa: don't leak fences ==== MozillaFirefox ==== Version update (39.0 -> 39.0.3) Subpackages: MozillaFirefox-translations-common - security update to Firefox 39.0.3 (bnc#940918) * MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058) Same origin violation and local file stealing via PDF reader ==== ant ==== Version update (1.9.4 -> 1.9.6) Subpackages: ant-jmf ant-scripts ant-swing - Add xalan-j2-serializer to ant-antlr requirements - Sync the changes files among the subpkgs - Version bump to 1.9.6: * Read WHATSNEW file for full changelist ==== ant-antlr ==== Version update (1.9.4 -> 1.9.6) Subpackages: ant-apache-bcel ant-apache-bsf ant-apache-log4j ant-apache-oro ant-apache-regexp ant-apache-resolver ant-commons-logging ant-javadoc ant-javamail ant-jdepend ant-manual - Add xalan-j2-serializer to ant-antlr requirements - Sync the changes files among the subpkgs - Version bump to 1.9.6: * Read WHATSNEW file for full changelist - Do better quoting to get better error messages when it fails - Fix build with new javapackages-tools - to bootstrap 13.2 we need another split because bsf depends on things that depend on junit and as antlr requires bsf, we need a 3rd step -> split ant-junit to build in between ant and ant-antlr ==== ant-junit ==== Version update (1.9.4 -> 1.9.6) - Add xalan-j2-serializer to ant-antlr requirements - Sync the changes files among the subpkgs - Version bump to 1.9.6: * Read WHATSNEW file for full changelist ==== autoyast2 ==== Version update (3.1.87 -> 3.1.88) Subpackages: autoyast2-installation - Writing init scipts to installed system in the first installation stage now. The init scrpits will be called while starting the autoyast-initscripts service. So, these scripts will be called while a system upgrade too. (bnc#940823) - 3.1.88 ==== bind ==== Version update (9.10.2P2 -> 9.10.2P3) Subpackages: bind-chrootenv bind-doc bind-utils libbind9-140 libdns161 libirs141 libisc148 libisccc140 libisccfg140 liblwres141 - Update to version 9.10.2-P3 Security Fixes * A specially crafted query could trigger an assertion failure in message.c. This flaw was discovered by Jonathan Foote, and is disclosed in CVE-2015-5477. [RT #39795] * On servers configured to perform DNSSEC validation, an assertion failure could be triggered on answers from a specially configured server. This flaw was discovered by Breno Silveira Soares, and is disclosed in CVE-2015-4620. [RT #39795] Bug Fixes * Asynchronous zone loads were not handled correctly when the zone load was already in progress; this could trigger a crash in zt.c. [RT #37573] * Several bugs have been fixed in the RPZ implementation: + Policy zones that did not specifically require recursion could be treated as if they did; consequently, setting qname-wait-recurse no; was sometimes ineffective. This has been corrected. In most configurations, behavioral changes due to this fix will not be noticeable. [RT #39229] + The server could crash if policy zones were updated (e.g. via rndc reload or an incoming zone transfer) while RPZ processing was still ongoing for an active query. [RT #39415] + On servers with one or more policy zones configured as slaves, if a policy zone updated during regular operation (rather than at startup) using a full zone reload, such as via AXFR, a bug could allow the RPZ summary data to fall out of sync, potentially leading to an assertion failure in rpz.c when further incremental updates were made to the zone, such as via IXFR. [RT #39567] + The server could match a shorter prefix than what was available in CLIENT-IP policy triggers, and so, an unexpected action could be taken. This has been corrected. [RT #39481] + The server could crash if a reload of an RPZ zone was initiated while another reload of the same zone was already in progress. [RT #39649] ==== cmake ==== Version update (3.2.3 -> 3.3.0) - Update to 3.3.0: * New Features * Generators * The *Makefile Generators* now add ".DELETE_ON_ERROR" to the makefiles that contain the actual build rules for files on disk. This tells GNU make to remove rule outputs when their recipe modifies an output but fails. * The *Visual Studio Generators* learned to support ".xaml" source files and automatically associate them with corresponding ".h" and ".cpp" sources. * A new experimental "Green Hills MULTI" generator was added on Windows. Green Hills MULTI is an IDE for embedded real-time systems. * Commands * The "add_dependencies()" command learned to allow dependencies to be added to *interface libraries*. Dependencies added to an interface library are followed transitively in its place since the target itself does not build. * The "execute_process()" command learned to support specifying the same file for "OUTPUT_FILE" and "ERROR_FILE". * The "file(GLOB)" and "file(GLOB_RECURSE)" commands learned a new "LIST_DIRECTORIES " option to specify whether the glob result * The "find_library()", "find_path()", and "find_file()" commands now search in installation prefixes derived from the "PATH" environment variable. * The "if()" command learned a new "IN_LIST" operator that evaluates to true if a given element is contained in a named list. * The "install(EXPORT)" and "export()" commands learned to export targets that populate the "INTERFACE_SOURCES" target property. * The "install(TARGETS)" command learned to support generator expressions in the "DESTINATION" value. * Variables * The version of some Fortran compilers is now detected and stored in the "CMAKE_Fortran_COMPILER_VERSION" variable. * The *Visual Studio Generators* learned a new "CMAKE_VS_INCLUDE_INSTALL_TO_DEFAULT_BUILD" option to put the "INSTALL" target in the default build of a solution (".sln") file. * Properties * A "CROSSCOMPILING_EMULATOR" target property and supporting "CMAKE_CROSSCOMPILING_EMULATOR" variable were introduced to allow target platform binaries to run on the host during cross compiling. * A "_INCLUDE_WHAT_YOU_USE" target property and supporting "CMAKE__INCLUDE_WHAT_YOU_USE" variable were introduced to tell the *Makefile Generators* and the "Ninja" generator to run "include-what-you-use" along with the compiler for "C" and "CXX" languages. * The "_VISIBILITY_PRESET" and "VISIBILITY_INLINES_HIDDEN" target properties now affect compilation in sources of all target types. See policy "CMP0063". * The "XCODE_ATTRIBUTE_" target property learned to support generator expressions. * Modules * The "CheckFortranCompilerFlag" module was introduced to check "Fortran" compiler flags, much like the "CheckCCompilerFlag" module already does for "C". * The "ExternalData" module learned a new "ExternalData_NO_SYMLINKS" option to disable use of symbolic links to populate the real data files and use copies instead. * The "ExternalData" module learned a new "RECURSE:" option in "DATA{}" references specifying directories. This allows an entire directory tree of associated files to be matched. * The "ExternalData" module learned a new URL template placeholder "%(algo:)" to allow custom mapping from algorithm name to URL component through configuration of new "ExternalData_URL_ALGO__" variables. This allows more flexibility in remote URLs. * The "ExternalProject" module learned to replace tokens like "" in the "BYPRODUCTS" of each step. * The "ExternalProject" module APIs learned to support "generator expressions" when using "LOG_*" options and in CMake initial cache options. * The "FindBoost" module now tracks the directories containing libraries separately for RELEASE and DEBUG configurations. * The "FindCUDA" module now defaults to using the static CUDA runtime library if it is available. A new "CUDA_USE_STATIC_CUDA_RUNTIME" option is offered to control this behavior. * The "FindMatlab" module was completely rewritten. It learned about versions and components and to find Matlab in a more precise and multiplatform way. The module now offers APIs to create mex extensions, documentation, and unit tests. * The "FindPackageHandleStandardArgs" module "FIND_PACKAGE_HANDLE_STANDARD_ARGS" function now always populates both the "_FOUND" and "_FOUND" variables (the latter for backwards compatibility). The "FOUND_VAR" option is now ignored except to enforce its allowed values. * The "InstallRequiredSystemLibraries" module learned a new "CMAKE_INSTALL_SYSTEM_RUNTIME_COMPONENT" option to specify the installation component. * Generator Expressions * A new "COMPILE_LANGUAGE" generator expression was introduced to allow specification of compile options for target files based on the "LANGUAGE" of each source file. Due to limitations of the underlying native build tools, this feature has varying support across generators. See the "cmake-generator-expressions(7)" manual for details. * CTest * The "ctest(1)" tool learned a new "--repeat-until-fail " option to help find sporadic test failures. * The "CTestCoverageCollectGCOV" module learned to support the same "CTEST_CUSTOM_COVERAGE_EXCLUDE" option as the "ctest_coverage()" command. * CPack * The "cpack(1)" "IFW" generator and the "CPackIFW" module learned to support Qt Framework Installer 2.0 tools. * The "CPackDeb" module learned a new "CPACK_DEBIAN__PACKAGE_SHLIBDEPS" variable to specify per-component use of "dpkg-shlibdeps". * The "CPackDeb" module learned a new "CPACK_DEBIAN__PACKAGE_DEPENDS" option to specify per-component dependencies. * The "CPackRPM" module learned to package symbolic links more cleanly and now supports directory symlinks with recent "rpmbuild" versions. * The "CPackRPM" module learned a new "CPACK_RPM_ADDITIONAL_MAN_DIRS" variable to specify directories containing man pages for the brp- compress RPM macro. * The "CPackRPM" module learned a new "CPACK_RPM__PACKAGE_ARCHITECTURE" variable to specify a component-specific package architecture. * The CPack WIX generator learned the new "CPACK_START_MENU_SHORTCUTS", "CPACK_DESKTOP_SHORTCUTS" and "CPACK_STARTUP_SHORTCUTS" installed file properties which can be used to install shorcuts in the Start Menu, on the Desktop and in the Startup Folder respectively. * Other * The "Compile Features" functionality is now aware of features supported by GNU compilers on Windows, versions 4.4 through 5.0. * The "cmake(1)" "-E tar" command learned a new "--format" option to specify the archive format to be written. * On OS X, CMake learned to create XCTest bundles to test Frameworks and App Bundles within Xcode. The "FindXCTest" module provides convenience functions to handle "XCTEST" bundles. * Deprecated and Removed Features * On OS X the "cmake-gui(1)" no longer has the "Install For Command Line Use" menu item. Instead there is a "How to Install For Command Line Use" menu item that shows an informational dialog box explaining how to make the command line tools available. For example: /Applications/CMake.app/Contents/bin/cmake-gui --install * The "ctest_build()" and "build_command()" commands no longer tell "make" tools to ignore errors with the "-i" option. Previously this was done for *Makefile Generators* but not others. See policy "CMP0061". * The "Visual Studio 10 2010" generator no longer checks for running VS IDEs with the project open or asks them to reload. This was originally done for VS 10 because it had been done for VS 7 through 9 to avoid prompting for every project in a solution. Since VS >= 10 allow the whole solution to reload at once they do not need CMake to help them. * The "Visual Studio 7" generator (.NET 2002) is now deprecated and will be removed in a future version of CMake. * The "Visual Studio 6" generator is now deprecated and will be removed in a future version of CMake. * The "find_package()" command no longer considers project build trees recently configured in a "cmake-gui(1)". This was previously done only on Windows and is now never done. The "NO_CMAKE_BUILDS_PATH" option is now ignored if given and effectively always on. Projects may populate the *User Package Registry* to aid users building multiple dependent projects one after another. * When building with GNU tools on Windows (MinGW tools), the "find_library()" command will no longer consider ".dll" files to be linkable libraries. All dynamic link libraries are expected to provide separate ".dll.a" or ".lib" import libraries. * The "add_definitions()" command no longer causes a "DEFINITIONS" directory property to be populated. See policy "CMP0059". * With Visual Studio 7, 8, and 9 generators the value of the "$(OutDir)" placeholder no longer evaluates to the configuration name. Projects should use "$(ConfigurationName)" for that instead. * Using the output of "export()" with the "install(FILES)" command is no longer allowed. See policy "CMP0062" for details. * Other Changes * The "Ninja" generator now requires that calls to the "add_custom_command()" and "add_custom_target()" commands use the "BYPRODUCTS" option to explicitly specify any files generated by the custom commands that are not listed as outputs (perhaps because their timestamps are allowed to be older than the inputs). See policy "CMP0058". * Build-time progress output of *Makefile Generators* has been improved. It no longer mixes progress and build rule messages during parallel builds. The link rule messages now have progress and are displayed as bold green instead of bold red (since red is often associated with an error message). * The "CMAKE_CFG_INTDIR" variable value for Visual Studio 7, 8, and 9 is now "$(ConfigurationName)" instead of "$(OutDir)". This should have no effect on the intended use cases of the variable. * Linking to library files by a full path in an implicit linker search directory (e.g. "/usr/lib/libfoo.a") no longer asks the linker to search for the library (e.g. "-lfoo") and now links by full path. See policy "CMP0060". - Drop patches merged upstream: cmake.git-4552bc8.patch and cmake-fix-pie-binaries.patch ==== digikam ==== Subpackages: kipi-plugins kipi-plugins-acquireimage kipi-plugins-geolocation libmediawiki-devel libmediawiki1 - Add fix-crash-with-tags-manager-add-tag-with-null-parent.patch: fix crash with tag manager when adding tags with no parent tag selected (boo#940857, kde#343548) ==== emacs ==== Subpackages: emacs-info emacs-nox emacs-x11 etags - Give XFt a try for emacs-x11 ==== evolution-data-server ==== Subpackages: evolution-data-server-devel libcamel-1_2-52 libebackend-1_2-10 libebook-1_2-16 libebook-contacts-1_2-1 libecal-1_2-18 libedata-book-1_2-25 libedata-cal-1_2-27 libedataserver-1_2-20 libedataserverui-1_2-1 typelib-1_0-EBook-1_2 typelib-1_0-EBookContacts-1_2 typelib-1_0-EDataServer-1_2 - Build evolution-data-server-32bit: there are a couple private librarires provided (inside %{_libdir}/evolution-data-server) that are needed. ==== ghostscript ==== Subpackages: ghostscript-devel ghostscript-x11 - CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow in gsmalloc.c (boo#939342). ==== git ==== Version update (2.4.6 -> 2.5.0) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.5.0: * Improvements working with perforce (git p4) * A new short-hand @{push} * Introduce http..SSLCipherList configuration variable to tweak the list of cipher suite to be used with libcURL when talking with https:// sites. * "git cat-file --batch(-check)" new option "--follow-symlinks" * "git send-email" learned the alias file format used by the sendmail program * For 3-way merge drivers, add %P (final path) * "git blame" learned blame.showEmail configuration variable. * Add the "--allow-unknown-type" option to "cat-file" * Many long-running operations now show progress eye-candy - git 2.4.7: * Fix "git fsck" regression related to body-less tag object * Ask libCURL to use the most secure proxy authentication method * Fix shell handling issues in git log * Fix git config on read-only fs * Make "git rebase" exit with failure when format-patch fails ==== libgraphite2-3 ==== Version update (1.2.4 -> 1.3.0) Subpackages: libgraphite2-3-32bit - Version bump to 1.3.0: * Various tweaks for the arabic fonts - Added patches: * graphite-nonvoid-return.patch * graphite2-1.2.0-cmakepath.patch - Removed patches: * no-specific-nunit-version.diff * soname.diff ==== gutenprint ==== - Make it build again for SLE10 (cf. "SLE10" spec file comments). - define_GNU_SOURCE_makes_isblank_known.patch adds "#define _GNU_SOURCE" in escputil/d4lib.c because isblank() needs _XOPEN_SOURCE >= 600 (see "man 3 isblank" and "man 7 feature_test_macros") otherwise compile fails with "error: implicit declaration of function 'isblank'". ==== hwinfo ==== Version update (21.17 -> 21.19) Subpackages: hwinfo-devel - update git2log script to create nicer logs - 21.19 - Expose more properties to all devices in /proc/device-tree/vpd - 21.18 ==== kdeclarative-components ==== Subpackages: kdeclarative-devel libKF5Declarative5 libKF5QuickAddons5 - Added 0001-Don-t-refresh-the-entire-window-when-we-render-the-p.patch (kde#348385) ==== kernel-default ==== Version update (4.1.3 -> 4.1.4) Subpackages: kernel-default-devel - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-desktop ==== Version update (4.1.3 -> 4.1.4) Subpackages: kernel-desktop-devel - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-docs ==== Version update (4.1.3 -> 4.1.4) - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-pv-devel ==== Version update (4.1.3 -> 4.1.4) - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-devel ==== Version update (4.1.3 -> 4.1.4) Subpackages: kernel-macros kernel-source - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-syms ==== Version update (4.1.3 -> 4.1.4) - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kernel-xen ==== Version update (4.1.3 -> 4.1.4) Subpackages: kernel-xen-devel - Update patches.suse/0001-Revert-mmc-sdhci-fix-low-memory-corruption.patch (bnc#934531). - Update patches.suse/0002-Revert-mmc-sdhci-use-pipeline-mmc-requests-to-improv.patch (bnc#934531). - commit 3081bf0 - Linux 4.1.4 (CVE-2015-1333 bnc#938645 boo#939394). - Refresh patches.xen/pci-guestdev. - Delete patches.arch/arm64-Don-t-report-clear-pmds-and-puds-as-huge.patch. - Delete patches.drivers/ideapad_laptop-lenovo-g50-30-fix-rfkill-reports-wireless-blocked. - Delete patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. - commit a37e14f - Refresh patches.fixes/KEYS-ensure-we-free-the-assoc-array-edit-if-edit-is-.patch. Ad git commit id. - commit 7cf8f32 - config: arm64: Clean up serial options Change SERIAL_8250_DW from =m to =y. Change SERIAL_SAMSUNG from =m to =y and enable SERIAL_SAMSUNG_CONSOLE=y. Enable Qualcomm serial: SERIAL_MSM=y and SERIAL_MSM_CONSOLE=y Enable Spreadtrum serial: SERIAL_SPRD=y and SERIAL_SPRD_CONSOLE=y Disable Altera serial: SERIAL_ALTERA_JTAGUART and SERIAL_ALTERA_UART We can revisit this when they have arm64 support out. Disable Conexant serial: SERIAL_CONEXANT_DIGICOLOR (not arm64) (cherry picked from commit 26cb131d91a7ba44068f1abed841b890518ea176) - commit 057f0a3 - config: armv7hl: Clean up serial options Fix SERIAL_OF_PLATFORM to be =y. This unbreaks AC100 serial and hopefully Cubietruck as well. Fix CONFIG_SERIAL_CONEXANT_DIGICOLOR from =m to =y and enable CONFIG_SERIAL_CONEXANT_DIGICOLOR_CONSOLE=y, but only for default and vanilla, as it is a Cortex-A8. Fix SERIAL_AMBA_PL010 from =m to =y for lpae, matching default, and enable CONFIG_SERIAL_AMBA_PL010_CONSOLE=y for lpae, too. Disable SERIAL_ST_ASC for lpae, as STi are Cortex-A9 only. (cherry picked from commit 5f5dbd3a9cd58bfb803b83459a564d06eb1e1a37) - commit 0c88332 - KEYS: ensure we free the assoc array edit if edit is valid (bnc#938645 CVE-2015-1333). - commit e755463 ==== kf5-filesystem ==== - Fix the create_subdir_filelist macro. ==== kwindowsystem-devel ==== Subpackages: libKF5WindowSystem5 - Added 0001-Harden-NETWM-data-reading.patch (kde#350173) ==== libdrm-devel ==== Subpackages: libdrm2 libdrm2-32bit libdrm_intel1 libdrm_intel1-32bit libdrm_nouveau2 libdrm_nouveau2-32bit libdrm_radeon1 libdrm_radeon1-32bit libkms1 - Disable valgrind support if not available ==== libimobiledevice-devel ==== Subpackages: libimobiledevice6 - fix baselibs.conf - libimobiledevice-nosslv3.patch: In tumbleweed, SSLv3_method fails because there is no sslv3 support, use SSLv233_method instead to negotiate the highest TLS version available. ==== libpwquality1 ==== Version update (1.2.4 -> 1.3.0) - Update to version 1.3.0: + Change the defaults for credits, difok, and minlen. + Make the cracklib check optional but on by default. + Add implicit support for parsing .d/*.conf files. + Add libpwquality API manual page. ==== libzypp ==== Version update (15.9.0 -> 15.10.0) - Resolver: Track changed requested locales and adjust installed packages accordingly. (part of FATE#318099) - Testcase: Store autoinstalled packages - Locale: Make it IdString based - Get rid of std::tr1:: hashes - Flags: Fix to work with 'enum class' - Hide away resolver internals - version 15.10.0 (10) - Update zypp-po.tar.bz2 - Update sle-zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 ==== liblua5_3 ==== Subpackages: lua lua-devel - Update RPM group classification ==== device-mapper ==== Subpackages: device-mapper-32bit lvm2 - fix spec to change /sbin/thin-check to %{_sbindir}/thin-check. (bnc#940754) ==== libminiupnpc10 ==== - Add baselibs.conf: build libminiupnpc10-32bit, as needed by libsocks0-32bit. ==== openbox ==== - Implement the shared library packaging style - Resolve rpmlint warning: files-duplicate /usr/share/doc/packages/openbox/xbm/shade.xbm /usr/share/doc/packages/openbox/xbm/shade_toggled.xbm ==== gtk2-engine-oxygen ==== Subpackages: gtk2-theme-oxygen - Use %cmake marco. - Add qt-config-path.patch: search Qt (oxygen-qt5) config paths. - Switch to TS_PLAIN tabstyles as oxygen-qt5 did. - Prettify description. ==== perl-Log-Dispatch ==== Version update (2.45 -> 2.48) - updated to 2.48 see /usr/share/doc/packages/perl-Log-Dispatch/Changes 2.48 2015-08-07 - Fixed (I hope) tests that were added in the last release that fail on Windows. 2.47 2015-08-06 - Really, really make per-thread locking work. Depending on when threads and threads::shared were loaded, you might get an error like 'Type of arg 1 to threads::shared::share must be one of $@% at .../Log/Dispatch/Syslog.pm line 67, near "$thread_lock)"'. Reported by David Schweikert. - Added support for auth-related parameters and replyto to Log::Dispatch::Email::MailSender. Implemented by Rohan Carly. Based on GitHub #10. - Added a utf8 flag for Log::Dispatch::Screen. If this is true, then it sets the ":encoding(UTF-8)" flag on the handle it uses for output (without affecting STDOUT or STDERR elsewhere). Suggested by Ivan Baidakou. 2.46 2015-08-05 - Really make the per-thread locking in the Syslog output work. Based on a patch by David Schweikert. GitHub #9. ==== libphonon4qt5 ==== Subpackages: phonon4qt5-devel - Added 0001-tear-cmake-logic-for-qt4-and-qt5-apart.patch from upstream, to handle better -fPIC flag in Qt 5 builds - Drop pic.patch - Added extra-cmake-modules >= 1.7.0 (Build)Requires, needed with the added patch ==== plasma-framework ==== Subpackages: plasma-framework-components plasma-framework-devel plasma-framework-private - use update-alternatives for desktoptheme/input.svgz to provide space for inputmethods to step in. - in KDE 4, this icon wasn't held by KDE upstream, so many inputmethods use it to integrate monochrome systray icons for the DE. Now as it is held and reserved, we need to allow inputmethods to override it until they find a new solution. ==== python-cryptography ==== Version update (0.8.2 -> 0.9.3) - update to 0.9.3: * Updated Windows wheels to be compiled against OpenSSL 1.0.2d. * Updated Windows wheels to be compiled against OpenSSL 1.0.2c. * **SECURITY ISSUE**: Fixed a double free in the OpenSSL backend when using DSA to verify signatures. Note that this only affects PyPy 2.6.0 and (presently unreleased) CFFI versions greater than 1.1.0. * Removed support for Python 3.2. This version of Python is rarely used and caused support headaches. Users affected by this should upgrade to 3.3+. * Deprecated support for Python 2.6. At the time there is no time table for actually dropping support, however we strongly encourage all users to upgrade their Python, as Python 2.6 no longer receives support from the Python core team. * Add support for the :class:`~cryptography.hazmat.primitives.asymmetric.ec.SECP256K1` elliptic curve. * Fixed compilation when using an OpenSSL which was compiled with the ``no-comp`` (``OPENSSL_NO_COMP``) option. * Support :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER` serialization of public keys using the ``public_bytes`` method of :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithSerialization`, :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithSerialization`, and :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithSerialization`. * Support :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER` serialization of private keys using the ``private_bytes`` method of :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization`, :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithSerialization`, and :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithSerialization`. * Add support for parsing X.509 certificate signing requests (CSRs) with :func:`~cryptography.x509.load_pem_x509_csr` and :func:`~cryptography.x509.load_der_x509_csr`. * Moved ``cryptography.exceptions.InvalidToken`` to :class:`cryptography.hazmat.primitives.twofactor.InvalidToken` and deprecated the old location. This was moved to minimize confusion between this exception and :class:`cryptography.fernet.InvalidToken`. * Added support for X.509 extensions in :class:`~cryptography.x509.Certificate` objects. The following extensions are supported as of this release: * :class:`~cryptography.x509.BasicConstraints` * :class:`~cryptography.x509.AuthorityKeyIdentifier` * :class:`~cryptography.x509.SubjectKeyIdentifier` * :class:`~cryptography.x509.KeyUsage` * :class:`~cryptography.x509.SubjectAlternativeName` * :class:`~cryptography.x509.ExtendedKeyUsage` * :class:`~cryptography.x509.CRLDistributionPoints` * :class:`~cryptography.x509.AuthorityInformationAccess` * :class:`~cryptography.x509.CertificatePolicies` Note that unsupported extensions with the critical flag raise :class:`~cryptography.x509.UnsupportedExtension` while unsupported extensions set to non-critical are silently ignored. Read the :doc:`X.509 documentation` for more information. - add python-pyasn1, python-ipaddress and python-idna as Requires/BuildRequires ==== scons ==== Version update (2.3.4 -> 2.3.5) - SCons 2.3.5: * Documentation fixes * Fixed symlink support * Fixed incomplete LIBS flattening and substitution in Program scanner * Added new method rentry_exists_on_disk to Node.FS * Add support for f08 file extensions for Fortran 2008 code. * Show --config choices if no argument is specified * Added an 'exclude' parameter to Glob() * Added support for '-isystem' to ParseFlags. ==== libsqlite3-0 ==== Version update (3.8.10.2 -> 3.8.11.1) Subpackages: libsqlite3-0-32bit sqlite3 sqlite3-devel sqlite3-doc - Update to 3.8.11.1 * Restore an undocumented side-effect of PRAGMA cache_size: force the database schema to be parsed if the database has not been previously accessed. * Fix a long-standing problem in sqlite3_changes() for WITHOUT ROWID tables that was reported a few hours after the 3.8.11 release. - SQLite 3.8.11: * Significantly improved performance * new interfaces and enhancements * Important bug fixes for CREATE TABLE AS * Fix the skip-scan optimization so that it works correctly when the OR optimization is used on WITHOUT ROWID tables. * Fix the sqlite3_memory_used() and sqlite3_memory_highwater() interfaces so that they actually do provide a 64-bit answer. * experimental extensions, not enabled: + RBU (Resumable Bulk Update) extension + FTS5 (Full-text search) extension ==== gvim ==== Version update (7.4.788 -> 7.4.803) Subpackages: vim vim-data - Updated to revision 803, fixes the following problems * Repeating a change in Visual mode does not work as expected. (Urtica Dioica) * Accessing memory before an allocated block. * Using freed memory when triggering CmdUndefined autocommands. * Test for ":diffoff" doesn't catch all potential problems. * Using "A" in Visual mode while 'linebreak' is set is not tested. * C indent does not support C11 raw strings. (Mark Lodato) - Updated to revision 797, fixes the following problems * Using freed memory and crash. (Dominique Pellej) * Test fails when the autochdir feature is not available. Test output contains the test script. * The buffer list can be very long. * Can only conceal text by defining syntax items. * Can't specify when not to ring the bell. * The 'fixeol' option is not copied to a new window. * Warning from 64 bit compiler. * Crash when using more lines for the command line than 'maxcombine'. ==== xdm ==== - display-manager: don't try to kill DM if it's no longer running (bsc#939843) - Add some used programs to the requirement of xdm - Use xli aka xsetbg if xpmroot is not available (hint from jemoreno@novell.com) ==== xmlbeans ==== - Fix build with Java 8: * add xmlbeans-2.6.0-java8.patch ==== yast2 ==== Version update (3.1.142 -> 3.1.144) Subpackages: yast2-devel-doc - Fixed a conflict between Wizard and CommandLine components that was breaking the CLI for some modules (bnc#940341) - 3.1.144 - Properly display information about exceptions when running in command line mode (bnc#939565). - Fixed a bug preventing Yast::CommandLine to be executed twice in the same script. - 3.1.143 ==== yast2-bootloader ==== Version update (3.1.138 -> 3.1.139) - always run mkinitrd at the end of S/390 installation (bsc#933177) - 3.1.139 ==== yast2-country ==== Version update (3.1.21 -> 3.1.22) Subpackages: yast2-country-data - Removed dependencies to packages dropped in 2002. - 3.1.22 ==== yast2-installation ==== Version update (3.1.152 -> 3.1.153) - Fix release notes loading when network is not working (bsc#940648) - 3.1.153 ==== yast2-network ==== Version update (3.1.123 -> 3.1.124) - bnc#916013 - IPv6 forwarding setup is stored persistently - 3.1.124 ==== yast2-ntp-client ==== Version update (3.1.16 -> 3.1.18) - bnc#799473 - Do not use chronos.cru.fr which is is not really freely accessible: Access policy : acces sous conditions - 3.1.18 - If Install Recommended Packages is disabled during system installation, explicitly install ntp.rpm, avoiding error pop-up "Cannot adjust 'NTP' service" (boo#938951). - 3.1.17 ==== yast2-ruby-bindings ==== - Applied the style guide, with Rubocop. ==== yast2-storage ==== Version update (3.1.64 -> 3.1.65) - Fix special /boot handling on custom partitioning (bsc#940374) - 3.1.65 ==== zypper ==== Version update (1.12.8 -> 1.12.9) Subpackages: zypper-aptitude zypper-log - Update zypper-po.tar.bz2 - version 1.12.9 - Update sle-zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Show installed packages in Summary when --no-build-deps is used for source-install (fixes #75) (bnc#937770) Removed packages: bundle-lang-common-ar Added packages: bundle-lang-common-nl libobrender32 > libobt2 python-idna python-ipaddress