Packages changed: Mesa (13.0.3 -> 13.0.4) akonadi-runtime akonadi-server babl (0.1.22 -> 0.1.24) bash cmis-client curl gegl gimp (2.8.18 -> 2.8.20) gstreamer-plugins-bad gstreamer-plugins-ugly installation-images (14.297 -> 14.299) iptables (1.6.0 -> 1.6.1) irqbalance kactivities-stats kactivities5 kactivitymanagerd kdepimlibs4 kernel-source (4.9.7 -> 4.9.8) kget kiwi (7.04.21 -> 7.04.26) kleopatra kpimtextedit krb5 kwallet libcamgm libdlm (4.0.6 -> 4.0.7) libimobiledevice libkcddb libkleo libkolabxml libkomparediff2 libksane libplist libwacom (0.15 -> 0.23) ncurses nghttp2 obs-service-format_spec_file (20160929 -> 20170204) openjpeg plasma5-desktop python3-kiwi (8.29.0 -> 9.0.2) screen (4.4.0 -> 4.5.0) shotwell (0.24.4 -> 0.24.5) spice spice-gtk telepathy-logger-qt5 telnet thin-provisioning-tools thrift tiff totem tracker tracker-extras vim (8.0.194 -> 8.0.311) wget (1.18 -> 1.19) whois xapian-core (1.4.1 -> 1.4.3) yast2-packager (3.2.12 -> 3.2.14) zbar === Details === ==== Mesa ==== Version update (13.0.3 -> 13.0.4) Subpackages: Mesa-32bit Mesa-dri-devel Mesa-dri-nouveau Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv2-2 Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa9 libOSMesa9-32bit libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libwayland-egl1 libxatracker2 - specfile: fix build configuration for arm, ppc and s390 platforms - update to 13.0.4 * Multiple fixes for the i965 and radeonsi drivers. An odd glitch in glxgears when using the freedreno driver was also addressed. * The ANV driver being the prime source of patches - from compatibility improvements with newer Vulkan loaders, smoketesting and various rendering and compliance fixes. * A couple of longstanding issues in the VA state tracker have also been resolved. ==== akonadi-runtime ==== - use individual libboost-*-devel packages instead of boost-devel ==== akonadi-server ==== Subpackages: akonadi-server-sqlite libKF5AkonadiAgentBase5 libKF5AkonadiCore5 libKF5AkonadiPrivate5 libKF5AkonadiWidgets5 libKF5AkonadiXml5 - use individual libboost-*-devel packages instead of boost-devel ==== babl ==== Version update (0.1.22 -> 0.1.24) - Update to version 0.1.24: + Improvements to profile cache persistance, fast paths that improve actual GIMP use on various precisions, use single precision constants for some more of CIE computions. ==== bash ==== Subpackages: bash-doc libreadline7 readline-devel readline-doc - Add upstream patch readline70-002 which replace old one There is a race condition in add_history() that can be triggered by a fatal signal arriving between the time the history length is updated and the time the history list update is completed. A later attempt to reference an invalid history entry can cause a crash. - Add upstream patch readline70-003 Readline-7.0 uses pselect(2) to allow readline to handle signals that do not interrupt read(2), such as SIGALRM, before reading another character. The signal mask used in the pselect call did not take into account signals the calling application blocked before calling readline(). - Add upstream patch bash44-006 Out-of-range negative offsets to popd can cause the shell to crash attempting to free an invalid memory block. - Remove patch popd-offset-overflow.patch to use bash44-006 - Add upstream patch bash44-007 When performing filename completion, bash dequotes the directory name being completed, which can result in match failures and potential unwanted expansion. - Duplicate bash44-007 as readline70-002 as it seems to be missed - Add upstream patch bash44-008 Under certain circumstances, bash will evaluate arithmetic expressions as part of reading an expression token even when evaluation is suppressed. This happens while evaluating a conditional expression and skipping over the failed branch of the expression. - Add upstream patch bash44-009 There is a race condition in add_history() that can be triggered by a fatal signal arriving between the time the history length is updated and the time the history list update is completed. A later attempt to reference an invalid history entry can cause a crash. - Add upstream patch bash44-010 Depending on compiler optimizations and behavior, the `read' builtin may not save partial input when a timeout occurs. - Add upstream patch bash44-011 Subshells begun to run command and process substitutions may attempt to set the terminal's process group to an incorrect value if they receive a fatal signal. This depends on the behavior of the process that starts the shell. - Add upstream patch bash44-012 When -N is used, the input is not supposed to be split using $IFS, but leading and trailing IFS whitespace was still removed. - Remove -L option on screen call dues API change, now we depend on environment variables only. ==== cmis-client ==== - use individual libboost-*-devel packages instead of boost-devel ==== curl ==== Subpackages: libcurl-devel libcurl4 - build with libidn2 for IDNA2008 support FATE#321897 CVE-2016-8625 bsc#1005649 add curl-7.52.1-idn-fixes.patch to fix test, among other things - re-enable tests that are no longer failing, remove curl-disable_failing_tests.patch ==== gegl ==== Subpackages: gegl-0_2 gegl-0_2-lang libgegl-0_2-0 - Fix CVE-2012-4433: + Add gegl-0.2.0-CVE-2012-4433.patch: Fix buffer overflow in and add plausibility checks to ppm-load op. ==== gimp ==== Version update (2.8.18 -> 2.8.20) Subpackages: gimp-lang gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - Remove --with-pic, this is only for static libs. - Trim description on non-main subpackages. - update to 2.8.20 - Core: - Avoid D-Bus error message when built without D-Bus support - fix OS X min required conditional in gimpimagewindow.c - Saving to existing .xcf.bz and .xcf.gz files didn't truncate them and could lead to unnecessarily large files - Text layer created by gimp-text-fontname doesn't respect border when resized - avoid seeking when saving XCF files to prevent corruption with file network shares (fixed since 2014, but not mentioned in NEWS yet) GUI: - Flow on Paint Dynamics editor dialog: the 'y' axis is indicating 'Rate' instead 'Flow' - Vertical ruler shows artifacts if the status bar isn't showing - Tablet stylus misbehaves when crossing the edge of a dock in multi-window-mode - Disable the new "automatic window tabbing" feature introduced on macOS Sierra - Improve the visiblity of slider handles with dark themes - Make it harder to switch to renaming if selecting already selected items in resource lists Tools: - make toggling to color picker mode of paint tools more robust Libgimp: - call gimp_file_entry_set_filename() with filename encoding Plug-ins: - Prevent the Python console from closing by the Escape key - Help browser does not launch on OS X - Filter 'Edge Detect/Difference of Gaussians' returns empty image - only use -xobjective-c for compile commands - mkgen.pl: fix calls to write_file() routine to write to current directory - When printing, the images are composed onto a white background to prevent printing a black box instead of a transaprent image - Fix color visison deficiency display filters to apply gamma correction directly Updated Translations: - Catalan - Czech - Danish - Finnish - French - German - Greek - Hungarian - Icelandic - Italian - Polish - Portuguese - Slovak - Slovenian - Scottish Gaelic - Spanish - Swedish General: - Bug fixes - Replace -devel BuildRequires for their pkgconfig version aligned with what configure looks for: - babl-devel for pkgconfig(babl). - gegl-devel for pkgconfig(gegl-0.2). - libpng-devel for pkgconfig(libpng). - libpoppler-glib-devel for pkgconfig(poppler-glib). - xorg-x11-libXfixes-devel for pkgconfig(xfixes). - xorg-x11-libXpm-devel for pkgconfig(xpm). - zlib-devel for pkgconfig(zlib). - Add an explicit pkgconfig(cairo-pdf) BuildRequires: configure checks for it (full pdf support). - Run spec-cleaner: drop obsolete clean, modernise macros. - No longer depend on libwebkit-devel for Tumbleweed and pass - -disable-webkit to configure for Tumbleweed. ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbadbase-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstgl-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0 - Fix CVE-2017-5847 (boo#1023259): + Add gstreamer-plugins-bad-CVE-2017-5848.patch: psdemux: Rewrite PSM parsing using GstByteReader. Avoid possible buffer overflows and ignore invalid PSM packets better by using GstByteReader (bgo#777957). - Add gstreamer-plugins-bad Requires in devel subpackage. ==== gstreamer-plugins-ugly ==== - Fix CVE-2017-5847 (boo#1023259): + Add gstreamer-plugins-ugly-CVE-2017-5847.patch: asfdemux: Check that we have enough data available before parsing bool/uint extended content descriptors (bgo#777955). + Only apply when using BUILD_ORIG, as we already remove this part of the code (we build the patched tarball). ==== installation-images ==== Version update (14.297 -> 14.299) - adjust /srv/tftpboot permissions - install tftp files to /srv/tftpboot - drop obsolete telnet and remaining ncurses5 uses - 14.299 - adjust module config - 14.298 ==== iptables ==== Version update (1.6.0 -> 1.6.1) Subpackages: libiptc0 xtables-plugins - Update to new upstream release 1.6.1 * add support for hashlimit rev 2 for higher pps rates * add support for cgroup2 path matching * translation program for nft ==== irqbalance ==== - Switch to ncurses6: use ncurses6-config to find the correct CFLAGS and libraries (boo#1021328). ==== kactivities-stats ==== - use individual libboost-*-devel packages instead of boost-devel ==== kactivities5 ==== Subpackages: kactivities5-devel kactivities5-imports libKF5Activities5 - use individual libboost-*-devel packages instead of boost-devel ==== kactivitymanagerd ==== - use individual libboost-*-devel packages instead of boost-devel ==== kdepimlibs4 ==== Subpackages: libakonadi4 libkdepimlibs4 - use individual libboost-*-devel packages instead of boost-devel ==== kernel-source ==== Version update (4.9.7 -> 4.9.8) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Linux 4.9.8 (bnc#1012628). - commit af90696 - Update config files. - Refresh patches.suse/DWARF-EH-frame-based-stack-unwinding.patch. - fix for save_stack_trace (lockdep et al.) - depends on !KASAN (too slow) - commit 7c0ba48 ==== kget ==== - use individual libboost-*-devel packages instead of boost-devel ==== kiwi ==== Version update (7.04.21 -> 7.04.26) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-templates - v7.04.26 released - Fixup setupMachineID Cleaning up existing machine id files by deleting them causes an interactive session to be started by systemd This is something we don't want. As the consequences of touching the machine id files seems to be too critical the method has been turned into a hook caller. This allows the user to make use of it on their own purpose and by default doesn't mess with the machine id files This Fixes #628 - v7.04.25 released - Validate package memtest86+ is present for Memory Test This commits adds a validation to verify memtest86+ package is included in the kiwi description file before including the 'Memory Test' entry in the grub configuration. It applies for ISO images. This fixes bnc#1014150 - v7.04.24 released - Change processing of setupMachineID Instead of creating new machine ids for systemd and dbus the method now cleans up all existing machine ids and leave it up to systemd to initialize and create new ids. This allows to make use of the native way how systemd retrieves and handles machine ids - v7.04.23 released - Initialize the systemd machine ID on first boot The systemd machine id is considered to be a unique information Thus it is required to initialize it on first boot of the image. If the image uses the kiwi boot code (initrd) this action is performed and and Fixes #624 - v7.04.22 released - Allow unix device names in oem-unattended-id setup - Don't delete ip tools from oemboot network tools are needed for oem disk deployment via pxe - Translated using Weblate (Polish) Currently translated at 100.0% (28 of 28 strings) - Translated using Weblate (Greek) Currently translated at 89.2% (25 of 28 strings) ==== kleopatra ==== - use individual libboost-*-devel packages instead of boost-devel ==== kpimtextedit ==== - use individual libboost-*-devel packages instead of boost-devel ==== krb5 ==== Subpackages: krb5-32bit krb5-client krb5-devel - remove useless environment.pickle to make build-compare happy ==== kwallet ==== Subpackages: kwallet-devel kwallet-tools kwalletd5 libKF5Wallet5 libkwalletbackend5-5 - use individual libboost-*-devel packages instead of boost-devel ==== libcamgm ==== Subpackages: libcamgm100 perl-camgm - use individual libboost-*-devel packages instead of boost-devel ==== libdlm ==== Version update (4.0.6 -> 4.0.7) - Update to v4.0.7 * bsc#1023595: libdlm: upgrade version to 4.0.7 ==== libimobiledevice ==== Subpackages: libimobiledevice-devel libimobiledevice6 - added _service file to clearly show the package origin - SRPM group assignment fix. Trim DLL/library format baggage from description. ==== libkcddb ==== - Use description from Debian ==== libkleo ==== Subpackages: libKF5Libkleo5 - use individual libboost-*-devel packages instead of boost-devel ==== libkolabxml ==== - use individual libboost-*-devel packages instead of boost-devel ==== libkomparediff2 ==== - RPM group correction, trim extraneous words from descriptions. ==== libksane ==== Subpackages: libKF5Sane5 libksane-devel - Update RPM groups, and descriptions (partly from Debian) ==== libplist ==== Subpackages: libplist-devel libplist3 - RPM group assignment fixes ==== libwacom ==== Version update (0.15 -> 0.23) Subpackages: libwacom-data libwacom2 - Update to version 0.23 + New devices: - ISDV4 5040, MobileStudio Pro + The 22HD(T) is now marked as having strip modes - Changes from version 0.22 + New API: libwacom_get_paired_device() + The EKR has the modes enabled now + Fixes to the show-svg-image tool - Changes from version 0.21 + New devices: - MTE-450 "Bamboo", Lenovo ThinkPad Tablet 10 + Layout fixes for the Express Key Remote, Intuos series - Changes from version 0.20 + New devices: "One by wacom" + Layout fixes, especially for the Express Key Remote - Changes from version 0.19 + New devices: - DTK-1651, ISDv4 0x504a + Quirk added to prevent udev tagging HUION Consumer Control devices as tablets - Changes from version 0.18 + Renamed ".tablet" files for Bamboo devices + Modified user-visible names of Bamboo devices - "Wacom Bamboo 16FG 4x5" -> "Wacom Bamboo Capture" - "Wacom Bamboo 2FG 4x5" -> "Wacom Bamboo (2FG)" - "Wacom Bamboo 2FG 6x8" -> "Wacom Bamboo Fun medium (2FG)" - "Wacom Bamboo 2FG" -> "Wacom Bamboo Touch (2FG)" - "Wacom Bamboo Craft" -> "Wacom Bamboo Fun small (2FG)" - "Wacom Bamboo Pen" -> "Wacom Bamboo Pen small" + New devices: - Missing gen-1 Bamboo (0xd5) - Missing gen-2.5 Bamboos (0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb) - Missing gen-3 Bamboos (0xdc, 0xdd, 0dxf) - Changes from version 0.17 + New devices: - Cintiq Companion 2 (DTH-1310) - ExpressKey Remote + New WacomClass: WCLASS_REMOTE - Changes from version 0.16 + Data files for Intuos and Intuos 2 series added + New stylus ID 0x8e2 ==== ncurses ==== Subpackages: libncurses5 libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base - Use gzip shell script as GZIP envornment variable becomes obsolescent - Split of ncurses5-devel from ncurses-devel - Now ncurses-devel also provides ncurses6-devel - Also ncurses5-devel requires libncurses5 (boo#1023296) packages which want to be build with ncurses5-devel may require pkgconfig(ncurses5) or pkgconfig(ncursesw5) or /usr/bin/ncurses5-config or /usr/bin/ncursesw5-config - Add ncurses patch 20170128 + minor comment-fixes to help automate links to bug-urls -TD + add dvtm, dvtm-256color -TD + add settings corresponding to xterm-keys option to tmux entry to reflect upcoming change to make that option "on" by default (patch by Nicholas Marriott). + uncancel Ms in tmux entry (Harry Gindi, Nicholas Marriott). + add dumb-emacs-ansi -TD - Add ncurses patch 20170121 + improve discussion of early history of tput program. + incorporate A_COLOR mask into COLOR_PAIR(), in case user application provides an out-of-range pair number (report by Elijah Stone). + clarify description in tput manual page regarding support for termcap names (prompted by FreeBSD #214709). + remove a restriction in tput's support for termcap names which omitted capabilities normally not shown in termcap translations (cf: 990123). + modify configure script for clang as used on FreeBSD, to work around clang's differences in exit codes vs gcc. - Remove -L option on screen call dues API change, now we depend on environment variables only. - Add ncurses patch 20170114 + improve discussion of early history of tset/reset programs. + clarify in manual pages that the optional verbose option level is available only when ncurses is configured for tracing. + amend change from 20161231 to avoid writing traces to the standard error after initializing the trace feature using the environment variable. - Add ncurses patch 20170107 + amend changes for tput to reset tty modes to "sane" if the program is run as "reset", like tset. Likewise, ensure that tset sends either reset- or init-strings. + improve manual page descriptions of tput init/reset and tset/reset, to make it easier to see how they are similar and different. + move a static result from key_name() to _nc_globals + modify _nc_get_screensize to allow for use_env() and use_tioctl() state to be per-screen when sp-funcs are configured, better matching the behavior when using the term-driver configuration. + improve cross-references in manual pages for often used functions + move SCREEN field for use_tioctl() data before the ncursesw fields, and limit that to the sp-funcs configuration to improve termlib compatibility (cf: 20120714). + correct order of initialization for traces in use_env() and use_tioctl() versus first trace calls. - Add ncurses patch 20161231 + fix errata for ncurses-howto (report by Damien Ruscoe). + fix a few places in configure/build scripts where DESTDIR and rpath were combined (report by Thomas Klausner). + merge current st description (report by Harry Gindi) -TD + modify flash capability for linux and wyse entries to put the delay between the reverse/normal escapes rather than after -TD + modify program tabs to pass the actual tty file descriptor to setupterm rather than the standard output, making padding work consistently. + explain in clear's manual page that it writes to stdout. + add special case for verbose debugging traces of command-line utilities which write to stderr (cf: 20161126). + remove a trace with literal escapes from skip_DECSCNM(), added in 20161203. + update config.guess, config.sub from http://git.savannah.gnu.org/cgit/config.git - Add ncurses patch 20161224 + correct parmeters for copywin call in _nc_Synchronize_Attributes() (patch by Leon Winter). + improve color-handling section in terminfo manual page (prompted by patch by Mihail Konev). + modify programs clear, tput and tset to pass the actual tty file descriptor to setupterm rather than the standard output, making padding work. ==== nghttp2 ==== - use individual libboost-*-devel packages instead of boost-devel ==== obs-service-format_spec_file ==== Version update (20160929 -> 20170204) - update licenes (from git) ==== openjpeg ==== - Add openjpeg-bsc999817-cve2016-7445-null-deref.patch to fix null pointer dereference in convert.c (bsc#999817, CVE-2016-7445). ==== plasma5-desktop ==== - use individual libboost-*-devel packages instead of boost-devel - Add patch to fix prompt for executing files in folderview containment: * boo#1022904, kde#375793 * 0001-Folder-View-show-script-execution-prompt-when-clicki.patch * 0002-Folder-View-Open-selection-in-preferred-application-.patch ==== python3-kiwi ==== Version update (8.29.0 -> 9.0.2) Subpackages: kiwi-pxeboot kiwi-tools - Bump version: 9.0.1 ? 9.0.2 - Added uri translation for SUSE factory The obs uri 'obs://openSUSE:Factory/standard' does not follow the standard http url translation schema and needed a special handling in order to resolve correctly - Eliminate instsource element and requirements The schema defintions for kiwi v8 still contained the product schema definitions aka instsource which is no longer supported by this version of kiwi. Building SUSE products is done with the kiwi v7 code base and will most probably be handled by an extra product builder tool in the future maintained and developed by the buildservice team. We would be proud if the api of the kiwi v8 code base can be helpful for the product builder in the future - Bump version: 9.0.0 ? 9.0.1 - Added arch attribute for ignore section The packages subsection only accepted a package name to become ignored. However a subsection to install a package allows for an arch selection. The same should apply to ignore a package. In addition the allowed content for the arch attribute has been changed from simple text to a regular expression. Allowed is a comma seperated list of reserved architecture words like they are displayed by uname -m - User format method to form the message - Added support for package locking for zypper Zypper supports the al (add lock) command which allows to ignore a package in the dependecny resolution process. This is useful to prevent installation of a package which was pulled in by e.g a recommendation flag from the spec file. Packages marked to be ignored are not handled for apt and yum right now. Using this feature together with an unsupported package manager backend results in a warning to the user - Included some file naming convetions - Components of an Image Description section This commit extends the doc/sources/workflow.rst documentation by including details about config.sh and images.sh files. - Bump version: 8.29.6 ? 9.0.0 - Update documentation Add information about new hook: handleMachineID - Bump version: 8.29.5 ? 8.29.6 - Fixup isolinux timeout configuration isolinux counts the timeout in units of 1/10 seconds. Thus the value provided in the image description needs to be adapted correctly. This Fixes #228 - Bump version: 8.29.4 ? 8.29.5 - Fixup setupMachineID Cleaning up existing machine id files by deleting them causes an interactive session to be started by systemd This is something we don't want. As the consequences of touching the machine id files seems to be too critical the method has been turned into a hook caller. This allows the user to make use of it on their own purpose and by default doesn't mess with the machine id files - Bump version: 8.29.3 ? 8.29.4 - Change processing of setupMachineID Instead of creating new machine ids for systemd and dbus the method now cleans up all existing machine ids and leave it up to systemd to initialize and create new ids. This allows to make use of the native way how systemd retrieves and handles machine ids - Fixup typo in ReST style - Bump version: 8.29.2 ? 8.29.3 - Add utils.sysconfig to api documentation - Completion for grub bootloader configuration The configuration files /etc/sysconfig/bootloader and /etc/default/grub needs to be created/updated with the relevant values regarding the bootloader setup done by kiwi. This Fixes #226 - Apply volume attributes for btrfs and lvm The chattr utility is used to apply file attributes So far only the no-copy-on-write attribute can be specified in a volume setup. If further attributes are needed they will be added on demand - Added attributes element in volume type - Added volume attribute copy_on_write The copy_on_write attribute allows to activate or deactivate the copy on write functionality for the desired volume. This Fixes #218 - Make sure there is a storage default setup on s390 Storage disks on s390 requires an information about the type and the blocksize. In case these information is not provided in the kiwi XML configuration, None was set as value in the zipl configuration which lead to an error. This commit provides default values for those parameters - Bump version: 8.29.1 ? 8.29.2 - Allow unix device names in oem-unattended-id setup In order to allow a raw device name in oem-unattended-id the /dev tree has been added to search list. This is useful if e.g a ramdisk device which is not part of any /dev/disk/... or /dev/mapper device map should be used as target disk for the deployment. Thus a setup to stick the deployment to e.g /dev/ram1 would look like this ram1 This Fixes #221 - Don't delete ip tools from oemboot network tools are needed for oem disk deployment via pxe - Added .coveragerc Clearly indicate which source files are excluded from the coverage report - Make sure setupMachineID also cares for dbus Systemd and dbus should use the same machine-id. Therefore a symlink /var/lib/dbus/machine-id pointing to /etc/machine-id is created right after systemd-machine-id-setup. Fixes #219 - Fixup duplication of btrfs toplevel volume If using root btrfs snapshot, the default toplevel subvolume is set to /@/.snapshots/1/snapshot, thus all defined subvolumes are mounted under that cusomized default subvolume. For the first time subvolumes are mounted it is fine to include /@/.snapshots/1/snapshot prefix as root is not yet set to that specific path, however in any future mount this path prefix is not needed any more, as the root get mounted in /@/.snapshots/1/snapshot by default. Fixes (bsc#1015549) ==== screen ==== Version update (4.4.0 -> 4.5.0) - Add fix_enable_logfile.patch * fix loging screen API (bnc#1020870) * fix privilege escalation - GNU Screen 4.5.0: * It's possible to specify logfile's name via command line parameter '-L'. Fixes: * broken handling of "bind u digraph U+" * crash with long $TERM * crash when bumping blank window * build for AIX * %x improperly separating arguments * install with custom DESTDIR ==== shotwell ==== Version update (0.24.4 -> 0.24.5) Subpackages: shotwell-lang - Update to version 0.24.5: + Publishing: Use HTTPS consistently. + Updated translations. - Turn on HTTPS encyption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of Picasa and Youtube publishing are strongly advised to reauthenticate (Log out and back in) Shotwell to those services after upgrade. ==== spice ==== - Synchronize with SLES (fate#322402): + bnc#894069: disable smartcard support for SLES + merge changelog ==== spice-gtk ==== Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper libspice-client-gtk-3_0-5 libspice-controller0 typelib-1_0-SpiceClientGlib-2_0 typelib-1_0-SpiceClientGtk-3_0 - Merge SLES changelog (fate#322402) ==== telepathy-logger-qt5 ==== - use individual libboost-*-devel packages instead of boost-devel ==== telnet ==== - Switch to ncurses6: use ncurses6-config to find the correct CFLAGS and libraries. ==== thin-provisioning-tools ==== - use individual libboost-*-devel packages instead of boost-devel ==== thrift ==== - use individual libboost-*-devel packages instead of boost-devel ==== tiff ==== Subpackages: libtiff-devel libtiff5 libtiff5-32bit - Added patch: * tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch - Fix a regression introduced in 4.0.7 (bsc#1022103) - http://bugzilla.maptools.org/show_bug.cgi?id=2636 ==== totem ==== Subpackages: nautilus-totem totem-plugins - Remove ancient %clean section. Improve summaries. - Lower gstreamer-plugins-bad Requires to a Recommends, scaletempo have been moved to gstreamer-plugins-good (back in 2012). - Split out the brasero plugin in own sub package. - Following this: Highten brasero Recommends to Requires, the full app is really needed for this to work properly. ==== tracker ==== Subpackages: libtracker-common-1_0 libtracker-control-1_0-0 libtracker-miner-1_0-0 libtracker-sparql-1_0-0 tracker-miner-files typelib-1_0-Tracker-1_0 typelib-1_0-TrackerControl-1_0 - Disable pkgconfig(libseccomp) BuildRequires as this feature (sandboxing) is not ready for use (boo#1017652). - Conditionally apply translations-update-upstream BuildRequires and macro for non-openSUSE only. - Replace NetworkManager-devel with pkgconfig(libnm-glib) BuildRequires: Align with what configure looks for. - Add tracker-fix-more-whitelists-sandbox.patch: Whitelist more syscalls (bgo#776117). ==== tracker-extras ==== Subpackages: nautilus-extension-tracker-tags tracker-gui - Disable pkgconfig(libseccomp) BuildRequires as this feature (sandboxing) is not ready for use (boo#1017652). - Conditionally apply translations-update-upstream BuildRequires and macro for non-openSUSE only. - Replace NetworkManager-devel with pkgconfig(libnm-glib) BuildRequires: Align with what configure looks for. - Add tracker-fix-more-whitelists-sandbox.patch: Whitelist more syscalls (bgo#776117). ==== vim ==== Version update (8.0.194 -> 8.0.311) Subpackages: gvim vim-data - Updated to revision 311, fixes the following problems * Double free on exit when using a closure. (James McCoy) * Ex command range with repeated search does not work. (Bruce DeVisser) * When the GUI window is resized Vim does not always take over the new size. (Luchr) * Cannot stop diffing hidden buffers. (Daniel Hahler) * No tests for ":set completion" and various errors of the :set command. * Cannot set terminal key codes with :let. * Bracketed paste does not work in Visual mode. * Assign test fails in the GUI. * Invalid memory access when option has duplicate flag. * mode() not sufficiently tested. * Asan detects a memory error when EXITFREE is defined. (Dominique Pelle) * When using a symbolic link, the package path will not be inserted at the right position in 'runtimepath'. (Dugan Chen, Norio Takagi) * Cannot use an empty key in json. * Not enough testing for GUI functionality. * Linebreak tests are old style. - Updated to revision 296, fixes the following problems * Jumping to a tag that is a static item in the current file fails. (Kazunobu Kuriyama) * The test for :profile is slow and does not work on MS-Windows. * On MS-Windows the system() test skips a few parts. * Some syntax arguments take effect even after "if 0". (Taylor Venable) * Warning for an unused parameter when the libcall feature is disabled. Warning for a function type cast when compiling with -pedantic. * Some syntax arguments are not tested. * When completing a group name for a highlight or syntax command cleared groups are included. * No test for invalid syntax group name. * Order of complication flags is sometimes wrong. * Compiler warns for uninitialized variable. (Tony Mechelynck) * After :undojoin some commands don't work properly, such as :redo. (Matthew Malcomson) * Test coverage for :retab insufficient. * Leaking file descriptor when system() cannot find the buffer. (Coverity) * Internally used commands for CTRL-Z and mouse click end up in history. (Matthew Malcomson) * When using :substitute with the "c" flag and 'cursorbind' is set the cursor is not updated in other windows. * Vim does not support bracketed paste, as implemented by xterm and other terminals. * Build fails if the multi-byte feature is disabled. * The buffer used to store a key name theoreticaly could be too small. (Coverity) * The Netbeans "specialKeys" command does not check if the argument fits in the buffer. (Coverity) * Leaking memory when syntax cluster id is unknown. (Coverity) * When a Cscope line contains CTRL-L a NULL pointer may be used. (Coverity) * When decoding JSON with a JS style object the JSON test may use a NULL pointer. (Coverity) * Build fails without the cscope feature. * No command line completion for :cexpr, :cgetexpr, :caddexpr, etc. * Ubsan reports errors for integer overflow. * Completion for :match does not show "none" and other missing highlight names. * Checking if PROTO is defined inside a function has no effect. * When a multi-byte character ends in a zero byte, putting blockwise text puts it before the character instead of after it. * Coverity gets confused by the flags passed to find_tags() and warnts for an uninitialized variable. * When 'fileformats' is changed in a BufReadPre auto command, it does not take effect in readfile(). (Gary Johnson) * When a block is visually selected and put is used on the end of the selection only one line is changed. * The test for patch 8.0.0224 misses the CR characters and passes even without the fix. (Christian Brabandt) * Crash when 'fileformat' is forced to "dos" and the first line in the file is empty and does not have a CR character. * When pasting test in an xterm on the command line it is surrounded by and . (Johannes Kaltenbach) * When freeing a buffer the local value of the 'formatprg' option is not cleared. * When using bracketed paste line breaks are not respected. * There are no tests for bracketed paste mode. * Pasting in Insert mode does not work when bracketed paste is used and 'esckeys' is off. * The paste test fails if the GUI is being used. * When several lines are visually selected and one of them is short, using put may cause a crash. (Axel Bender) * Memory leak detected when running tests for diff mode. * Gcc complains that a variable may be used uninitialized. Confusion between variable and label name. (John Marriott) * When setting wildoptions=tagfile the completion context is not set correctly. (desjardins) * When using bracketed paste autoindent causes indent to be increased. * The address sanitizer sometimes finds errors, but it needs to be run manually. * The clang build on CI fails with one configuration. * Vim defines a mch_memmove() function but it doesn't work, thus is always unused. * Completion of user defined functions is not covered by tests. * When making a character lower case with tolower() changes the byte cound, it is not made lower case. * When the user sets t_BE empty after startup to disable bracketed paste, this has no direct effect. * The generated zh_CN.cp936.po message file is not encoded properly. * Compiler warnings for int to pointer conversion. * Under some circumstances, one needs to type Ctrl-N or Ctrl-P twice to have a menu entry selected. (Lifepillar) * vim_strcat() cannot handle overlapping arguments. * When two submits happen quick after each other, the tests for the first one may error out. * When virtcol() gets a column that is not the first byte of a multi-byte character the result is unpredictable. (Christian Ludwig) * It is not so easy to write a script that works with both Python 2 and Python 3, even when the Python code works with both. * Characters below 256 that are not one byte are not always recognized as word characters. * When creating a session when winminheight is 2 or larger and loading that session gives an error. * When using an assert function one can either specify a message or get a message about what failed, not both. * When calling setpos() with a buffer argument it often is ignored. (Matthew Malcomson) * Tests fail because some changes were not included. * The keyword test file is not included in the archive. * The keyword test file is not included in the archive. * Tab commands do not handle count correctly. (Ken Hamada) * Build fails with tiny features. * Not enough test coverage for eval functions. * Farsi support is barely tested. * Farsi support is not tested enough. * Memory error reported by ubsan, probably for using the string returned by execute(). * May get ml_get error when :pydo deletes lines or switches to another buffer. (Nikolai Pavlov, issue #1421) * Compiler warning for using uninitialized variable. * A channel test sometimes fails on Mac. * May get ml_get error when :luado deletes lines or switches to another buffer. (Nikolai Pavlov, issue #1421) * May get ml_get error when :perldo deletes lines or switches to another buffer. (Nikolai Pavlov, issue #1421) * May get ml_get error when :rubydo deletes lines or switches to another buffer. (Nikolai Pavlov, issue #1421) * May get ml_get error when :tcldo deletes lines or switches to another buffer. (Nikolai Pavlov, closes #1421) * Crash on exit is not detected when running tests. * Dead code detected by Coverity when not using gnome. * When update_single_line() is called recursively, or another screen update happens while it is busy, errors may occur. * When checking for CTRL-C typed the GUI may detect a screen resize and redraw the screen, causing trouble. * Checking for FEAT_GUI_GNOME inside GTK 3 code is unnecessary. * The GUI test may trigger fontconfig and take a long time. * GUI test fails on MS-Windows. * With MSVC 2015 the dll name is vcruntime140.dll. * On MS-Windows setting an environment variable with multi-byte strings does not work well. * MS-Windows files are still using ARGSUSED while most other files have UNUSED. * When doing a Visual selection and using "I" to go to insert mode, CTRL-O needs to be used twice to go to Normal mode. (Coacher) * The return value of mode() does not indicate that completion is active in Replace and Insert mode. (Zhen-Huan (Kenny) Hu) * The Test_collapse_buffers() test failed once, looks like it is flaky. * Tests fail with tiny build on Unix. * When concealing is active and the screen is resized in the GUI it is not immediately redrawn. * Cannot access the arguments of the current function in debug mode. (Luc Hermitte) * Errors reported while running tests. * No test for "ga" and :ascii. * If a wide character doesn't fit at the end of the screen line, and the line doesn't fit on the screen, then the cursor position may be wrong. (anliting) * Visual block insertion does not insert in all lines. * The stat test is a bit slow. * Some tests have a one or three second wait. * Argument list is not stored correctly in a session file. (lgpasquale) * test_viml hangs. * Bracketed paste can only append, not insert. ==== wget ==== Version update (1.18 -> 1.19) - build with libidn2 to actually support IDNA2008 - FATE#321897 - Update to wget-1.19: * New option --use-askpass=COMMAND. Fetch user/password by calling an external program. * Use IDNA2008 (+ TR46 if available) through libidn2 * When processing a Metalink header, --metalink-index= allows to process the header's application/metalink4+xml files. * When processing a Metalink file, --trust-server-names enables the use of the destination file names specified in the Metalink file, otherwise a safe destination file name is computed. * When processing a Metalink file, enforce a safe destination path. Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call libmetalink's metalink_check_safe_path() to prevent absolute, relative, or home paths: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * When processing a Metalink file, --directory-prefix= sets the top of the retrieval tree to prefix for Metalink downloads. * When processing a Metalink file, reject downloaded files which don't agree with their own metalink:size value: https://tools.ietf.org/html/rfc5854#section-4.2.16 * When processing a Metalink file, with --continue resume partially downloaded files and keep fully downloaded files even if they fail the verification. * When processing a Metalink file, create the parent directories of a "path/file" destination file name: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * On a recursive download, append a .tmp suffix to temporary files that will be deleted after being parsed, and create them readable/writable only by the owner. * New make target 'check-valgrind' * Fix several bugs * Fix compatibility issues ==== whois ==== - add support for IDNA2008 and build with libidn2 FATE#321897 add whois-5.2.14-IDNA2008.patch ==== xapian-core ==== Version update (1.4.1 -> 1.4.3) - Update to 1.4.3: * MSet::snippet(): Favour candidate snippets which contain more of a diversity of matching terms by discounting the relevance of repeated terms using an exponential decay. A snippet which contains more terms from the query is likely to be better than one which contains the same term or terms multiple times, but a repeated term is still interesting, just less with each additional appearance. Diversity issue highlighted by Robert Stepanek's patch in https://github.com/xapian/xapian/pull/117 - testcases taken from his patch. * MSet::snippet(): New flag SNIPPET_EMPTY_WITHOUT_MATCH to get an empty snippet if there are no matches in the text passed in. Implemented by Robert Stepanek. * Round MSet::get_matches_estimated() to an appropriate number of significant figures. The algorithm used looks at the lower and upper bound and where the estimate sits between them, and then picks an appropriate number of significant figures. Thanks to Sébastien Le Callonnec for help sorting out a portability issue on OS X. * Add Database::locked() method - where possible this non-invasively checks if the database is currently open for writing, which can be useful for dashboards and other status reporting tools. * See also https://xapian.org/docs/xapian-core-1.4.3/NEWS - Update to 1.4.2: * Add XAPIAN_AT_LEAST(A,B,C) macro. * MSet::snippet(): Optimise snippet generation - it's now ~46% faster in a simple test. * Add Xapian::DOC_ASSUME_VALID flag which tells Database::get_document() that it doesn't need to check that the passed docid is valid. Fixes #739, reported by Germán M. Bravo. * TfIdfWeight: Add support for the L wdf normalisation. Patch from Vivek Pal. * BB2Weight: Fix weights when database has just one document. Our existing attempt to clamp N to be at least 2 was ineffective due to computing N - 2 < 0 in an unsigned type. * DPHWeight: Fix reversed sign in quadratic formula, making the upper bound a tiny amount higher. * DLHWeight: Correct upper bound which was a bit too low, due to flawed logic in its derivation. The new bound is slightly less tight (by a few percent). * DLHWeight,DPHWeight: Avoid calculating log(0) when wdf is equal to the document length. * TermGenerator: Handle stemmer returning empty string - the Arabic stemmer can currently do this (e.g. for a single tatweel) and user stemmers can too. Fixes #741, reported by Emmanuel Engelhart. * Database::check(): Fix check that the first docid in each doclength chunk is more than the last docid in the previous chunk - this code was in the wrong place so didn't actually work. * Database::get_unique_terms(): Clamp returned value to be <= document length. Ideally get_unique_terms() ought to only count terms with wdf > 0, but that's expensive to calculate on demand. * See also https://xapian.org/docs/xapian-core-1.4.2/NEWS ==== yast2-packager ==== Version update (3.2.12 -> 3.2.14) - Fix escaping spaces ( yast uses web form escaping to "+" but libzypp expects percentage escaping to "%20" ) (bsc#954813) - Fix also valid showing valid libzypp formats of iso URL like iso:/test?iso=test.iso&path=url%3A%2Finstall - Fix editing of iso:/ without triple slash that previously caused lost of first element of path - 3.2.14 - Packages module is able to perform a package selection proposal during system upgrade (bsc#1009834) - 3.2.13 - do not check content file on media if there is none in the ramdisk (fate#322276) ==== zbar ==== - Compact and update descriptions - Properly packaeg %_defaultdocdir: new rpm versions no longer implicitly add this to the packages.