Packages changed: AppStream (0.12.11 -> 0.13.1) LibVNCServer MozillaFirefox MozillaThunderbird (78.6.0 -> 78.6.1) adwaita-qt (1.1.4 -> 1.2.0) akregator alpine (2.23.2 -> 2.24) apache2 apache2-manual apache2-mod_php7 apache2-prefork apache2-utils ca-certificates (2+git20201002.34daf7f -> 2+git20210111.eeae41c) ebook-tools ell (0.35 -> 0.36) evolution (3.38.2 -> 3.38.3) evolution-data-server (3.38.2 -> 3.38.3) evolution-ews (3.38.2 -> 3.38.3) firewalld fprintd (1.90.8 -> 1.90.9) git (2.29.2 -> 2.30.0) gjs (1.66.1 -> 1.66.2) gnome-desktop (3.38.2 -> 3.38.3) gnome-maps (3.38.2 -> 3.38.3) gnome-packagekit gnome-terminal (3.38.1 -> 3.38.2) gpgme (1.15.0 -> 1.15.1) gpgmeqt (1.15.0 -> 1.15.1) guile (3.0.4 -> 3.0.5) gvfs (1.46.1 -> 1.46.2) heaptrack hplip (3.20.9 -> 3.20.11) kernel-64kb (5.10.5 -> 5.10.7) kernel-source (5.10.5 -> 5.10.7) kmod kplotting (5.77.0 -> 5.78.0) libarchive (3.5.0 -> 3.5.1) libfprint (1.90.6 -> 1.90.7) libgarcon (0.8.0 -> 4.16.1) libinput libjpeg-turbo libkgapi libmaxminddb (1.4.3 -> 1.5.0) libpwquality libqmi (1.26.6 -> 1.26.8) libqt5-qtdeclarative libqt5-qtwebengine libreoffice libzypp (17.25.5 -> 17.25.6) llvm11 (11.0.0 -> 11.0.1) mozjs78 (78.5.0 -> 78.6.1) net-tools openSUSE-build-key openafs (1.8.6.1 -> 1.8.7) openssh perl-Mail-AuthenticationResults (1.20200824.1 -> 2.20210112) perl-Net-HTTP (6.19 -> 6.20) perl-libwww-perl (6.51 -> 6.52) php7 polkit-default-privs (1550+20201208.135bf51 -> 1550+20210111.f725c25) psmisc (23.2 -> 23.3) purple-rocketchat (0.0+git.20200717T223247 -> 0.0+git20201219) python-rpm-macros (20200824.8fa42a7 -> 20210112.86f4d9d) qalculate (3.15.0 -> 3.16.1) rav1e (0.3.4 -> 0.4.0) redis (6.0.9 -> 6.0.10) rubygem-nokogiri (1.11.0 -> 1.11.1) salt (3000.3 -> 3002.2) speexdsp sudo (1.9.4p2 -> 1.9.5p1) thunar (4.16.1 -> 4.16.2) tracker (3.0.2 -> 3.0.3) tracker-miners (3.0.3 -> 3.0.4) vala (0.50.2 -> 0.50.3) vim (8.2.2129 -> 8.2.2327) vlc vte (0.62.1 -> 0.62.2) wireshark xfce4-appfinder (4.16.0 -> 4.16.1) xfce4-cpufreq-plugin (1.2.2 -> 1.2.3) xfce4-screensaver xfce4-whiskermenu-plugin (2.5.1 -> 2.5.2) yast2 (4.3.46 -> 4.3.49) yast2-bootloader (4.3.16 -> 4.3.17) yast2-network (4.3.37 -> 4.3.38) yast2-pkg-bindings (4.3.5 -> 4.3.6) yast2-storage-ng (4.3.35 -> 4.3.37) yast2-trans (84.87.20201231.ee5608b05e -> 84.87.20210109.77c13975e0) zypper (1.14.41 -> 1.14.42) === Details === ==== AppStream ==== Version update (0.12.11 -> 0.13.1) Subpackages: libAppStreamQt2 libappstream4 - Disable vala bindings, fails to build on Leap 15.2 because g-ir-scanner emits the return type before parameters, which vapigen does not like - Update to 0.13.1: Bugfixes: * Install enum types headers to the right location * qt: Construct library using libappstream dependency object * validator: Improve check for invalid hyperlinks to reduce false-positives - Update to 0.13.0: Notes: * This release introduces a new library, libappstream-compose, designed to provide building blocks for composing AppStream metadata. This includes GUI stuff like font and SVG rendering, which libappstream deliberately does not provide. The new compose library is not API/ABI stable and should - for now - only be used by appstream-generator. Features: * qt: add missing Provided::KindId enum (Aleix Pol) * Add experimental libappstream-compose (Matthias Klumpp) * Implement support for display_length relation kind (Matthias Klumpp) * Implement "tv-remote" input control kind (Matthias Klumpp) * Refactor AsRelation to use GVariant internally (Matthias Klumpp) * content-rating: Align the OARS/CSM mappings of sex-* (Philip Withnall) * content-rating: Add content rating system APIs from gnome-software (Philip Withnall) * content-rating: Expand translator comments to link to OARS website (Philip Withnall) Specification: * spec: Specify display_length requires/recommends item (Matthias Klumpp) * spec: Add tv-remote user input control type (Matthias Klumpp) Bugfixes: * Use glib-mkenums to create the GType of all the available enums (Corentin Noël) * Set FD_CLOEXEC on the LMDB FD manually (Fabian Vogt) * Never ship with an embedded convenience copy of Highlight.js (Matthias Klumpp) * Don't fail doc install if global highlight.js wasn't found (Matthias Klumpp) * Properly escape markup when fixing invalid description data (Matthias Klumpp) * validator: Don't pass NULL to vprintf, it's not an allowed value (Matthias Klumpp) * meson: Kill deprecation warning for pkgconfig.generate (Matthias Klumpp) * validator: Demote cid-contains-uppercase-letter from INFO to PEDANTIC (Matthias Klumpp) * Change some AsPool GIR annotations to only transfer container, as workaround for issue in GIR (Matthias Klumpp) * Properly parse YAML font provides entry (Matthias Klumpp) * content-rating: Lower the OARS/CSM mapping of sex-homosexuality/intense (Philip Withnall) * Change return annotation of as_agreement_get_sections to "transfer none" (Rico Tzschichholz) * contrib: Vala expects element-type of PtrArray to reflect their ownership (Rico Tzschichholz) - Drop patches, now upstream: * 0001-Set-FD_CLOEXEC-on-the-LMDB-FD-manually.patch * properly-escape-markup.patch - Refresh fix-build-gcc7.patch ==== LibVNCServer ==== Subpackages: libvncclient1 libvncserver1 - Add many patches needed for GNOME Remote desktop (already in Fedora): * TLS security type enablement patches gh#LibVNC/libvncserver!234 - 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch - 0002-libvncserver-Add-channel-security-handlers.patch - 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch * Fix crash on all runs after the first gh#LibVNC/libvncserver!444 rh#1882718 - 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch * Fix another crasher glgo#GNOME/gnome-remote-desktop#45 rh#1882718 - 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch ==== MozillaFirefox ==== Subpackages: MozillaFirefox-translations-common - Fix AppStream screenshot links ==== MozillaThunderbird ==== Version update (78.6.0 -> 78.6.1) - Mozilla Thunderbird 78.6.1 MFSA 2021-02 (bsc#1180623) * CVE-2020-16044 (bmo#1683964) Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk ==== adwaita-qt ==== Version update (1.1.4 -> 1.2.0) - Update to 1.2.0 * Adwaita-qt now provides a library providing Adwaita specific colors * Checkbox: removed space before indicator for better consistency with other widgets * Qt4 version is no longer supported * Adwaita-qt can be successfuly build on Windows and Mac OS - Stop building qt4 version since support for it have been dropped - add devel package and shared library package for qt5 - Require adwaita-qt5 and obsolete adwaita-qt4 for older versions ==== akregator ==== Subpackages: akregator-lang - Add akregator-fix_systray.patch (fixes boo#1177572) ==== alpine ==== Version update (2.23.2 -> 2.24) Subpackages: pico - Update to release 2.24 * A few crash fixes * Implementation of XOAUTH2 for Yahoo! Mail. ==== apache2 ==== - re-add rcapache2 symlink (was lost about 6 weeks ago) - gensslcert sets CA:TRUE in basic constrains of CA cert [bsc#1180530] - modified sources % apache2-gensslcert - mod_php8 provides php_module - modified sources % apache2-script-helpers ==== apache2-manual ==== - re-add rcapache2 symlink (was lost about 6 weeks ago) - gensslcert sets CA:TRUE in basic constrains of CA cert [bsc#1180530] - modified sources % apache2-gensslcert - mod_php8 provides php_module - modified sources % apache2-script-helpers ==== apache2-mod_php7 ==== - deleted patch (redundant cast, both sides are already signed int) - php-odbc-cmp-int-cast.patch - install php7-cli if no sapi is selected upon php7 installation - add conflicts with earlier version of php-cli, php-fastcgi and php-fpm - put CLI binary in -cli subpackage so that other moduldes can depend on the php base package that remains (and provides files and maps common for all) - use pkgconfig() to resolve BuildRequires where upstream uses it too - since php-7.4.0 when using --with-external-gd the configure options - -with-xpm, --with-freetype and --with-jpeg are not needed anymore (and neither are the respective BuildRequires) - add Recommends: php-openssl as many modules can optionally use it - use new %ldconfig macros in Tumbleweed ==== apache2-prefork ==== - re-add rcapache2 symlink (was lost about 6 weeks ago) - gensslcert sets CA:TRUE in basic constrains of CA cert [bsc#1180530] - modified sources % apache2-gensslcert - mod_php8 provides php_module - modified sources % apache2-script-helpers ==== apache2-utils ==== - re-add rcapache2 symlink (was lost about 6 weeks ago) - gensslcert sets CA:TRUE in basic constrains of CA cert [bsc#1180530] - modified sources % apache2-gensslcert - mod_php8 provides php_module - modified sources % apache2-script-helpers ==== ca-certificates ==== Version update (2+git20201002.34daf7f -> 2+git20210111.eeae41c) - Update to version 2+git20210111.eeae41c: * Make certbundle.run container friendly ==== ebook-tools ==== - use cmake build macros + spec-cleaner ==== ell ==== Version update (0.35 -> 0.36) - Update to release 0.36 * Fix issue with strict netlink attribute validation. * Fix issue with DUID generation for DHCPv6. * Add support for Address Conflict Detection. * Add support for PKCS#12 algorithms handling. * Add support for PKCS#12 key derivation algorithm. * Add support for RC2 and ARC4 cipher suites. ==== evolution ==== Version update (3.38.2 -> 3.38.3) Subpackages: evolution-plugin-bogofilter evolution-plugin-pst-import evolution-plugin-spamassassin evolution-plugin-text-highlight - Update to version 3.38.3: + Add Kabyle translation into the e_supported_locales array. + Composer: UL/OL not wrapped properly in Plain Text mode. + EABContactFormatter: Remove obsolete WebKitGTK code. + Bugs fixed: glgo#GNOME/evolution#1242, glgo#GNOME/evolution#1243, glgo#GNOME/evolution#1259, glgo#GNOME/evolution#1262, glgo#GNOME/evolution#1266, glgo#GNOME/evolution#1286, glgo#GNOME/evolution#1309, glgo#GNOME/evolution#1312. + Updated translations. ==== evolution-data-server ==== Version update (3.38.2 -> 3.38.3) Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-25 libedataserverui-1_2-2 - Update to version 3.38.3: + e-categories: Show migration runtime warning only if the file exists. + DataCalView: Created objects could be notified twice. + EReminderWatcher: - Add detailed debug prints about the scheduled reminders. - Catch a race condition when creating a calendar view. + alarm-notify: Provide application reference in canberra calls. + CamelMimeFilterToHTML: Change how empty
is recognized. + Addressbook:file backend: Prevent percent letter in photo filename. + Bugs fixed: glgo#GNOME/evolution-data-server#277, glgo#GNOME/evolution-data-server#286. + Updated translations. ==== evolution-ews ==== Version update (3.38.2 -> 3.38.3) - Update to version 3.38.3: + EEwsNotification: Use proxy settings from the connection object. + Bugs fixed: glgo#GNOME/evolution-ews#286. ==== firewalld ==== Subpackages: python3-firewall - Add dependency for firewall-offline-cmd (bsc#1180883) ==== fprintd ==== Version update (1.90.8 -> 1.90.9) Subpackages: fprintd-lang fprintd-pam - Update to version 1.90.9 * Fix multiple daemon lockup issues (#97) * Fix print garbage collection to not delete used prints * pam: Use the device with the most prints ==== git ==== Version update (2.29.2 -> 2.30.0) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.30.0: * Userdiff updates for PHP, Rust, CSS * New features and options to multiple subcommands and workflows * Avoid administrator error leading to data loss with "git push --force-with-lease[=]" by introducing "--force-if-includes" * Updates to shell autocompletion * Bug fixes and internal improvements ==== gjs ==== Version update (1.66.1 -> 1.66.2) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.66.2: + Performance improvements and crash fixes backported from the development branch. + Bug fixes enabling use of GTK 4. + Closed bugs and merge requests: - Error in function "_init()" in module "modules/overrides/GObject.js" - Revert "arg-cache: Save space by not caching GType" - gi/wrapperutils: Move gjs_get_string_id() into resolve() implementations - overrides/Gtk: Set BuilderScope in class init - Fix readline build on certain systems ==== gnome-desktop ==== Version update (3.38.2 -> 3.38.3) Subpackages: gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0 - Update to version 3.38.3: + Updated translations. ==== gnome-maps ==== Version update (3.38.2 -> 3.38.3) - Update to version 3.38.3: + Fix a bug where place details gets lost after searching again for the same place. + Updated translations. - Add check section and run meson_test macro. Add pkgconfig(gweather-3.0) BuildRequires needed for tests to succeed. - Stop packaging versionless so file to avoid rpmlint warning. ==== gnome-packagekit ==== - Add gnome-packagekit-bring-back-logout-support.patch: Add back logout support(glgo#GNOME/gnome-packagekit!2, bsc#1180247). ==== gnome-terminal ==== Version update (3.38.1 -> 3.38.2) Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal - Update to version 3.38.2: + search: - Use timestamp when presenting the search dialogue - Make sure to focus the search dialogue + desktop: Set StartupWMClass + nautilus: Pass environment when creating a terminal in the current directory + Updated translations. ==== gpgme ==== Version update (1.15.0 -> 1.15.1) Subpackages: libgpgme11 libgpgmepp6 - gpgme 1.15.1: * Fix a bug in the secret key export * Make listing of signatures work if only secret keys are listed * qt: Avoid empty "rem@gnupg.org" signature notations * python: Fix key_export functions - remove deprecated texinfo macros ==== gpgmeqt ==== Version update (1.15.0 -> 1.15.1) - gpgme 1.15.1: * Fix a bug in the secret key export * Make listing of signatures work if only secret keys are listed * qt: Avoid empty "rem@gnupg.org" signature notations * python: Fix key_export functions - remove deprecated texinfo macros ==== guile ==== Version update (3.0.4 -> 3.0.5) Subpackages: guile-modules-3_0 libguile-3_0-1 - GNU guile 3.0.5: * O(1) compilation of `case' and related expressions * New (ice-9 copy-tree) module * New warning: use-before-definition * New warning: non-idempotent-definition * A number of functions were deprecated with replacements * copy read-option removed - remove deprecated texinfo packaging macros ==== gvfs ==== Version update (1.46.1 -> 1.46.2) Subpackages: gvfs-backend-afc gvfs-backend-samba gvfs-backends gvfs-fuse - Update to version 1.46.2: + ftp: Prevent source file removal in case of transfer failure. + trash: Explicitly cancel file monitor to prevent deadlock. + smb: - Set fast content type independently of other attributes. - smb: Report progress when move operation is done. + google: Set the display name for the root folder also. + Updated translations. ==== heaptrack ==== Subpackages: heaptrack-gui heaptrack-lang - Add quotes to text comparison to fix build with rpm 4.16. ==== hplip ==== Version update (3.20.9 -> 3.20.11) Subpackages: hplip-hpijs hplip-sane - Update to 3.20.11 * Upstream version update and bug fixes (no new printers) * Fix crash in hp-doctor if python3-qt4 is not installed (bsc#1180724) Added patch: dcheck.py-fix-crash-in-Qt4-version-check.patch ==== kernel-64kb ==== Version update (5.10.5 -> 5.10.7) - scsi: ufs: Fix -Wsometimes-uninitialized warning (git-fixes). - commit 1c33a89 - Linux 5.10.7 (bsc#1012628). - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (bsc#1012628). - iavf: fix double-release of rtnl_lock (bsc#1012628). - net: mvpp2: Add TCAM entry to drop flow control pause frames (bsc#1012628). - net: mvpp2: prs: fix PPPoE with ipv6 packet parse (bsc#1012628). - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (bsc#1012628). - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (bsc#1012628). - ethernet: ucc_geth: set dev->max_mtu to 1518 (bsc#1012628). - ionic: account for vlan tag len in rx buffer len (bsc#1012628). - atm: idt77252: call pci_disable_device() on error path (bsc#1012628). - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (bsc#1012628). - net: stmmac: dwmac-meson8b: ignore the second clock input (bsc#1012628). - ibmvnic: fix login buffer memory leak (bsc#1012628). - ibmvnic: continue fatal error reset after passive init (bsc#1012628). - net: ethernet: mvneta: Fix error handling in mvneta_probe (bsc#1012628). - qede: fix offload for IPIP tunnel packets (bsc#1012628). - virtio_net: Fix recursive call to cpus_read_lock() (bsc#1012628). - net/ncsi: Use real net-device for response handler (bsc#1012628). - net: ethernet: Fix memleak in ethoc_probe (bsc#1012628). - net-sysfs: take the rtnl lock when storing xps_cpus (bsc#1012628). - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (bsc#1012628). - net-sysfs: take the rtnl lock when storing xps_rxqs (bsc#1012628). - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc (bsc#1012628). - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (bsc#1012628). - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (bsc#1012628). - e1000e: Only run S0ix flows if shutdown succeeded (bsc#1012628). - e1000e: bump up timeout to wait when ME un-configures ULP mode (bsc#1012628). - Revert "e1000e: disable s0ix entry and exit flows for ME systems" (bsc#1012628). - e1000e: Export S0ix flags to ethtool (bsc#1012628). - bnxt_en: Check TQM rings for maximum supported value (bsc#1012628). - net: mvpp2: fix pkt coalescing int-threshold configuration (bsc#1012628). - bnxt_en: Fix AER recovery (bsc#1012628). - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (bsc#1012628). - net: sched: prevent invalid Scell_log shift count (bsc#1012628). - net: hns: fix return value check in __lb_other_process() (bsc#1012628). - erspan: fix version 1 check in gre_parse_header() (bsc#1012628). - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (bsc#1012628). - bareudp: set NETIF_F_LLTX flag (bsc#1012628). - bareudp: Fix use of incorrect min_headroom size (bsc#1012628). - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (bsc#1012628). - r8169: work around power-saving bug on some chip versions (bsc#1012628). - net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs (bsc#1012628). - net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (bsc#1012628). - CDC-NCM: remove "connected" log message (bsc#1012628). - ibmvnic: fix: NULL pointer dereference (bsc#1012628). - net: usb: qmi_wwan: add Quectel EM160R-GL (bsc#1012628). - selftests: mlxsw: Set headroom size of correct port (bsc#1012628). - stmmac: intel: Add PCI IDs for TGL-H platform (bsc#1012628). - selftests/vm: fix building protection keys test (bsc#1012628). - block: add debugfs stanza for QUEUE_FLAG_NOWAIT (bsc#1012628). - workqueue: Kick a worker based on the actual activation of delayed works (bsc#1012628). - scsi: ufs: Fix wrong print message in dev_err() (bsc#1012628). - scsi: ufs-pci: Fix restore from S4 for Intel controllers (bsc#1012628). - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (bsc#1012628). - scsi: ufs-pci: Fix recovery from hibernate exit errors for Intel controllers (bsc#1012628). - scsi: ufs-pci: Enable UFSHCD_CAP_RPM_AUTOSUSPEND for Intel controllers (bsc#1012628). - scsi: block: Introduce BLK_MQ_REQ_PM (bsc#1012628). - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (bsc#1012628). - scsi: ide: Mark power management requests with RQF_PM instead of RQF_PREEMPT (bsc#1012628). - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands (bsc#1012628). - scsi: core: Only process PM requests if rpm_status != RPM_ACTIVE (bsc#1012628). - local64.h: make mandatory (bsc#1012628). - lib/genalloc: fix the overflow when size is too big (bsc#1012628). - depmod: handle the case of /sbin/depmod without /sbin in PATH (bsc#1012628). - scsi: ufs: Clear UAC for FFU and RPMB LUNs (bsc#1012628). - kbuild: don't hardcode depmod path (bsc#1012628). - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close (bsc#1012628). - scsi: block: Remove RQF_PREEMPT and BLK_MQ_REQ_PREEMPT (bsc#1012628). - scsi: block: Do not accept any requests while suspended (bsc#1012628). - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (bsc#1012628). - crypto: asym_tpm: correct zero out potential secrets (bsc#1012628). - powerpc: Handle .text.{hot,unlikely}.* in linker script (bsc#1012628). - Staging: comedi: Return -EFAULT if copy_to_user() fails (bsc#1012628). - staging: mt7621-dma: Fix a resource leak in an error handling path (bsc#1012628). - usb: gadget: enable super speed plus (bsc#1012628). - USB: cdc-acm: blacklist another IR Droid device (bsc#1012628). - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt() (bsc#1012628). - usb: typec: intel_pmc_mux: Configure HPD first for HPD+IRQ request (bsc#1012628). - usb: dwc3: meson-g12a: disable clk on error handling path in probe (bsc#1012628). - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (bsc#1012628). - usb: dwc3: gadget: Clear wait flag on dequeue (bsc#1012628). - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (bsc#1012628). - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (bsc#1012628). - usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (bsc#1012628). - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (bsc#1012628). - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (bsc#1012628). - usb: usbip: vhci_hcd: protect shift size (bsc#1012628). - usb: uas: Add PNY USB Portable SSD to unusual_uas (bsc#1012628). - USB: serial: iuu_phoenix: fix DMA from stack (bsc#1012628). - USB: serial: option: add LongSung M5710 module support (bsc#1012628). - USB: serial: option: add Quectel EM160R-GL (bsc#1012628). - USB: yurex: fix control-URB timeout handling (bsc#1012628). - USB: usblp: fix DMA to stack (bsc#1012628). - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (bsc#1012628). - usb: gadget: select CONFIG_CRC32 (bsc#1012628). - USB: Gadget: dummy-hcd: Fix shift-out-of-bounds bug (bsc#1012628). - usb: gadget: f_uac2: reset wMaxPacketSize (bsc#1012628). - usb: gadget: function: printer: Fix a memory leak for interface descriptor (bsc#1012628). - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (bsc#1012628). - USB: gadget: legacy: fix return error code in acm_ms_bind() (bsc#1012628). - usb: gadget: Fix spinlock lockup on usb_function_deactivate (bsc#1012628). - usb: gadget: configfs: Preserve function ordering after bind failure (bsc#1012628). - usb: gadget: configfs: Fix use-after-free issue with udc_name (bsc#1012628). - USB: serial: keyspan_pda: remove unused variable (bsc#1012628). - hwmon: (amd_energy) fix allocation of hwmon_channel_info config (bsc#1012628). - mm: make wait_on_page_writeback() wait for multiple pending writebacks (bsc#1012628). - x86/mm: Fix leak of pmd ptlock (bsc#1012628). - KVM: x86/mmu: Use -1 to flag an undefined spte in get_mmio_spte() (bsc#1012628). - KVM: x86/mmu: Get root level from walkers when retrieving MMIO SPTE (bsc#1012628). - kvm: check tlbs_dirty directly (bsc#1012628). - KVM: x86/mmu: Ensure TDP MMU roots are freed after yield (bsc#1012628). - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (bsc#1012628). - x86/resctrl: Don't move a task to the same resource group (bsc#1012628). - blk-iocost: fix NULL iocg deref from racing against initialization (bsc#1012628). - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (bsc#1012628). - ALSA: hda/conexant: add a new hda codec CX11970 (bsc#1012628). - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (bsc#1012628). - ALSA: hda/realtek: Add mute LED quirk for more HP laptops (bsc#1012628). - ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (bsc#1012628). - ALSA: hda/realtek: Add two "Intel Reference board" SSID in the ALC256 (bsc#1012628). - iommu/vt-d: Move intel_iommu info from struct intel_svm to struct intel_svm_dev (bsc#1012628). - btrfs: qgroup: don't try to wait flushing if we're already holding a transaction (bsc#1012628). - btrfs: send: fix wrong file path when there is an inode with a pending rmdir (bsc#1012628). - Revert "device property: Keep secondary firmware node secondary by type" (bsc#1012628). - dmabuf: fix use-after-free of dmabuf's file->f_inode (bsc#1012628). - arm64: link with -z norelro for LLD or aarch64-elf (bsc#1012628). - drm/i915: clear the shadow batch (bsc#1012628). - drm/i915: clear the gpu reloc batch (bsc#1012628). - bcache: fix typo from SUUP to SUPP in features.h (bsc#1012628). - bcache: check unsupported feature sets for bcache register (bsc#1012628). - bcache: introduce BCH_FEATURE_INCOMPAT_LOG_LARGE_BUCKET_SIZE for large bucket (bsc#1012628). - net/mlx5e: Fix SWP offsets when vlan inserted by driver (bsc#1012628). - ARM: dts: OMAP3: disable AES on N950/N9 (bsc#1012628). - netfilter: x_tables: Update remaining dereference to RCU (bsc#1012628). - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (bsc#1012628). - netfilter: xt_RATEEST: reject non-null terminated string from userspace (bsc#1012628). - netfilter: nft_dynset: report EOPNOTSUPP on missing set feature (bsc#1012628). - dmaengine: idxd: off by one in cleanup code (bsc#1012628). - x86/mtrr: Correct the range check before performing MTRR type lookups (bsc#1012628). - KVM: x86: fix shift out of bounds reported by UBSAN (bsc#1012628). - xsk: Fix memory leak for failed bind (bsc#1012628). - rtlwifi: rise completion at the last step of firmware callback (bsc#1012628). - scsi: target: Fix XCOPY NAA identifier lookup (bsc#1012628). - commit 1ca962e - Linux 5.10.6 (bsc#1012628). - Revert "drm/amd/display: Fix memory leaks in S3 resume" (bsc#1012628). - Revert "mtd: spinand: Fix OOB read" (bsc#1012628). - rtc: pcf2127: move watchdog initialisation to a separate function (bsc#1012628). - rtc: pcf2127: only use watchdog when explicitly available (bsc#1012628). - dt-bindings: rtc: add reset-source property (bsc#1012628). - kdev_t: always inline major/minor helper functions (bsc#1012628). - Bluetooth: Fix attempting to set RPA timeout when unsupported (bsc#1012628). - ALSA: hda/realtek - Modify Dell platform name (bsc#1012628). - drm/i915/tgl: Fix Combo PHY DPLL fractional divider for 38.4MHz ref clock (bsc#1012628). - scsi: ufs: Allow an error return value from ->device_reset() (bsc#1012628). - scsi: ufs: Re-enable WriteBooster after device reset (bsc#1012628). - RDMA/core: remove use of dma_virt_ops (bsc#1012628). - RDMA/siw,rxe: Make emulated devices virtual in the device tree (bsc#1012628). - fuse: fix bad inode (bsc#1012628). - perf: Break deadlock involving exec_update_mutex (bsc#1012628). - rwsem: Implement down_read_killable_nested (bsc#1012628). - rwsem: Implement down_read_interruptible (bsc#1012628). - exec: Transform exec_update_mutex into a rw_semaphore (bsc#1012628). - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (bsc#1012628). - commit 5bdc505 - regulator: mt6323: Add OF match table (bsc#1180731). - regulator: mt6358: Add OF match table (bsc#1180731). - regulator: mt6360: Add OF match table (bsc#1180731). - commit a930122 - drm: bail out of nouveau_channel_new if channel init fails (CVE-2020-25639 bsc#1176846). - commit 4739e43 ==== kernel-source ==== Version update (5.10.5 -> 5.10.7) Subpackages: kernel-default kernel-docs - scsi: ufs: Fix -Wsometimes-uninitialized warning (git-fixes). - commit 1c33a89 - Linux 5.10.7 (bsc#1012628). - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (bsc#1012628). - iavf: fix double-release of rtnl_lock (bsc#1012628). - net: mvpp2: Add TCAM entry to drop flow control pause frames (bsc#1012628). - net: mvpp2: prs: fix PPPoE with ipv6 packet parse (bsc#1012628). - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (bsc#1012628). - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (bsc#1012628). - ethernet: ucc_geth: set dev->max_mtu to 1518 (bsc#1012628). - ionic: account for vlan tag len in rx buffer len (bsc#1012628). - atm: idt77252: call pci_disable_device() on error path (bsc#1012628). - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (bsc#1012628). - net: stmmac: dwmac-meson8b: ignore the second clock input (bsc#1012628). - ibmvnic: fix login buffer memory leak (bsc#1012628). - ibmvnic: continue fatal error reset after passive init (bsc#1012628). - net: ethernet: mvneta: Fix error handling in mvneta_probe (bsc#1012628). - qede: fix offload for IPIP tunnel packets (bsc#1012628). - virtio_net: Fix recursive call to cpus_read_lock() (bsc#1012628). - net/ncsi: Use real net-device for response handler (bsc#1012628). - net: ethernet: Fix memleak in ethoc_probe (bsc#1012628). - net-sysfs: take the rtnl lock when storing xps_cpus (bsc#1012628). - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (bsc#1012628). - net-sysfs: take the rtnl lock when storing xps_rxqs (bsc#1012628). - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc (bsc#1012628). - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (bsc#1012628). - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (bsc#1012628). - e1000e: Only run S0ix flows if shutdown succeeded (bsc#1012628). - e1000e: bump up timeout to wait when ME un-configures ULP mode (bsc#1012628). - Revert "e1000e: disable s0ix entry and exit flows for ME systems" (bsc#1012628). - e1000e: Export S0ix flags to ethtool (bsc#1012628). - bnxt_en: Check TQM rings for maximum supported value (bsc#1012628). - net: mvpp2: fix pkt coalescing int-threshold configuration (bsc#1012628). - bnxt_en: Fix AER recovery (bsc#1012628). - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (bsc#1012628). - net: sched: prevent invalid Scell_log shift count (bsc#1012628). - net: hns: fix return value check in __lb_other_process() (bsc#1012628). - erspan: fix version 1 check in gre_parse_header() (bsc#1012628). - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (bsc#1012628). - bareudp: set NETIF_F_LLTX flag (bsc#1012628). - bareudp: Fix use of incorrect min_headroom size (bsc#1012628). - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (bsc#1012628). - r8169: work around power-saving bug on some chip versions (bsc#1012628). - net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs (bsc#1012628). - net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (bsc#1012628). - CDC-NCM: remove "connected" log message (bsc#1012628). - ibmvnic: fix: NULL pointer dereference (bsc#1012628). - net: usb: qmi_wwan: add Quectel EM160R-GL (bsc#1012628). - selftests: mlxsw: Set headroom size of correct port (bsc#1012628). - stmmac: intel: Add PCI IDs for TGL-H platform (bsc#1012628). - selftests/vm: fix building protection keys test (bsc#1012628). - block: add debugfs stanza for QUEUE_FLAG_NOWAIT (bsc#1012628). - workqueue: Kick a worker based on the actual activation of delayed works (bsc#1012628). - scsi: ufs: Fix wrong print message in dev_err() (bsc#1012628). - scsi: ufs-pci: Fix restore from S4 for Intel controllers (bsc#1012628). - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (bsc#1012628). - scsi: ufs-pci: Fix recovery from hibernate exit errors for Intel controllers (bsc#1012628). - scsi: ufs-pci: Enable UFSHCD_CAP_RPM_AUTOSUSPEND for Intel controllers (bsc#1012628). - scsi: block: Introduce BLK_MQ_REQ_PM (bsc#1012628). - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (bsc#1012628). - scsi: ide: Mark power management requests with RQF_PM instead of RQF_PREEMPT (bsc#1012628). - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands (bsc#1012628). - scsi: core: Only process PM requests if rpm_status != RPM_ACTIVE (bsc#1012628). - local64.h: make mandatory (bsc#1012628). - lib/genalloc: fix the overflow when size is too big (bsc#1012628). - depmod: handle the case of /sbin/depmod without /sbin in PATH (bsc#1012628). - scsi: ufs: Clear UAC for FFU and RPMB LUNs (bsc#1012628). - kbuild: don't hardcode depmod path (bsc#1012628). - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close (bsc#1012628). - scsi: block: Remove RQF_PREEMPT and BLK_MQ_REQ_PREEMPT (bsc#1012628). - scsi: block: Do not accept any requests while suspended (bsc#1012628). - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (bsc#1012628). - crypto: asym_tpm: correct zero out potential secrets (bsc#1012628). - powerpc: Handle .text.{hot,unlikely}.* in linker script (bsc#1012628). - Staging: comedi: Return -EFAULT if copy_to_user() fails (bsc#1012628). - staging: mt7621-dma: Fix a resource leak in an error handling path (bsc#1012628). - usb: gadget: enable super speed plus (bsc#1012628). - USB: cdc-acm: blacklist another IR Droid device (bsc#1012628). - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt() (bsc#1012628). - usb: typec: intel_pmc_mux: Configure HPD first for HPD+IRQ request (bsc#1012628). - usb: dwc3: meson-g12a: disable clk on error handling path in probe (bsc#1012628). - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (bsc#1012628). - usb: dwc3: gadget: Clear wait flag on dequeue (bsc#1012628). - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (bsc#1012628). - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (bsc#1012628). - usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (bsc#1012628). - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (bsc#1012628). - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (bsc#1012628). - usb: usbip: vhci_hcd: protect shift size (bsc#1012628). - usb: uas: Add PNY USB Portable SSD to unusual_uas (bsc#1012628). - USB: serial: iuu_phoenix: fix DMA from stack (bsc#1012628). - USB: serial: option: add LongSung M5710 module support (bsc#1012628). - USB: serial: option: add Quectel EM160R-GL (bsc#1012628). - USB: yurex: fix control-URB timeout handling (bsc#1012628). - USB: usblp: fix DMA to stack (bsc#1012628). - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (bsc#1012628). - usb: gadget: select CONFIG_CRC32 (bsc#1012628). - USB: Gadget: dummy-hcd: Fix shift-out-of-bounds bug (bsc#1012628). - usb: gadget: f_uac2: reset wMaxPacketSize (bsc#1012628). - usb: gadget: function: printer: Fix a memory leak for interface descriptor (bsc#1012628). - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (bsc#1012628). - USB: gadget: legacy: fix return error code in acm_ms_bind() (bsc#1012628). - usb: gadget: Fix spinlock lockup on usb_function_deactivate (bsc#1012628). - usb: gadget: configfs: Preserve function ordering after bind failure (bsc#1012628). - usb: gadget: configfs: Fix use-after-free issue with udc_name (bsc#1012628). - USB: serial: keyspan_pda: remove unused variable (bsc#1012628). - hwmon: (amd_energy) fix allocation of hwmon_channel_info config (bsc#1012628). - mm: make wait_on_page_writeback() wait for multiple pending writebacks (bsc#1012628). - x86/mm: Fix leak of pmd ptlock (bsc#1012628). - KVM: x86/mmu: Use -1 to flag an undefined spte in get_mmio_spte() (bsc#1012628). - KVM: x86/mmu: Get root level from walkers when retrieving MMIO SPTE (bsc#1012628). - kvm: check tlbs_dirty directly (bsc#1012628). - KVM: x86/mmu: Ensure TDP MMU roots are freed after yield (bsc#1012628). - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (bsc#1012628). - x86/resctrl: Don't move a task to the same resource group (bsc#1012628). - blk-iocost: fix NULL iocg deref from racing against initialization (bsc#1012628). - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (bsc#1012628). - ALSA: hda/conexant: add a new hda codec CX11970 (bsc#1012628). - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (bsc#1012628). - ALSA: hda/realtek: Add mute LED quirk for more HP laptops (bsc#1012628). - ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (bsc#1012628). - ALSA: hda/realtek: Add two "Intel Reference board" SSID in the ALC256 (bsc#1012628). - iommu/vt-d: Move intel_iommu info from struct intel_svm to struct intel_svm_dev (bsc#1012628). - btrfs: qgroup: don't try to wait flushing if we're already holding a transaction (bsc#1012628). - btrfs: send: fix wrong file path when there is an inode with a pending rmdir (bsc#1012628). - Revert "device property: Keep secondary firmware node secondary by type" (bsc#1012628). - dmabuf: fix use-after-free of dmabuf's file->f_inode (bsc#1012628). - arm64: link with -z norelro for LLD or aarch64-elf (bsc#1012628). - drm/i915: clear the shadow batch (bsc#1012628). - drm/i915: clear the gpu reloc batch (bsc#1012628). - bcache: fix typo from SUUP to SUPP in features.h (bsc#1012628). - bcache: check unsupported feature sets for bcache register (bsc#1012628). - bcache: introduce BCH_FEATURE_INCOMPAT_LOG_LARGE_BUCKET_SIZE for large bucket (bsc#1012628). - net/mlx5e: Fix SWP offsets when vlan inserted by driver (bsc#1012628). - ARM: dts: OMAP3: disable AES on N950/N9 (bsc#1012628). - netfilter: x_tables: Update remaining dereference to RCU (bsc#1012628). - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (bsc#1012628). - netfilter: xt_RATEEST: reject non-null terminated string from userspace (bsc#1012628). - netfilter: nft_dynset: report EOPNOTSUPP on missing set feature (bsc#1012628). - dmaengine: idxd: off by one in cleanup code (bsc#1012628). - x86/mtrr: Correct the range check before performing MTRR type lookups (bsc#1012628). - KVM: x86: fix shift out of bounds reported by UBSAN (bsc#1012628). - xsk: Fix memory leak for failed bind (bsc#1012628). - rtlwifi: rise completion at the last step of firmware callback (bsc#1012628). - scsi: target: Fix XCOPY NAA identifier lookup (bsc#1012628). - commit 1ca962e - Linux 5.10.6 (bsc#1012628). - Revert "drm/amd/display: Fix memory leaks in S3 resume" (bsc#1012628). - Revert "mtd: spinand: Fix OOB read" (bsc#1012628). - rtc: pcf2127: move watchdog initialisation to a separate function (bsc#1012628). - rtc: pcf2127: only use watchdog when explicitly available (bsc#1012628). - dt-bindings: rtc: add reset-source property (bsc#1012628). - kdev_t: always inline major/minor helper functions (bsc#1012628). - Bluetooth: Fix attempting to set RPA timeout when unsupported (bsc#1012628). - ALSA: hda/realtek - Modify Dell platform name (bsc#1012628). - drm/i915/tgl: Fix Combo PHY DPLL fractional divider for 38.4MHz ref clock (bsc#1012628). - scsi: ufs: Allow an error return value from ->device_reset() (bsc#1012628). - scsi: ufs: Re-enable WriteBooster after device reset (bsc#1012628). - RDMA/core: remove use of dma_virt_ops (bsc#1012628). - RDMA/siw,rxe: Make emulated devices virtual in the device tree (bsc#1012628). - fuse: fix bad inode (bsc#1012628). - perf: Break deadlock involving exec_update_mutex (bsc#1012628). - rwsem: Implement down_read_killable_nested (bsc#1012628). - rwsem: Implement down_read_interruptible (bsc#1012628). - exec: Transform exec_update_mutex into a rw_semaphore (bsc#1012628). - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (bsc#1012628). - commit 5bdc505 - regulator: mt6323: Add OF match table (bsc#1180731). - regulator: mt6358: Add OF match table (bsc#1180731). - regulator: mt6360: Add OF match table (bsc#1180731). - commit a930122 - drm: bail out of nouveau_channel_new if channel init fails (CVE-2020-25639 bsc#1176846). - commit 4739e43 ==== kmod ==== Subpackages: libkmod2 - Update usr-lib-modprobe.patch to upstream submission (boo#1180821). - Require libxslt-tools for xsltproc and use local stylesheet. + no-stylesheet-download.patch ==== kplotting ==== Version update (5.77.0 -> 5.78.0) - Update to 5.78.0 * New feature release * For more details please see: * https://kde.org/announcements/kde-frameworks-5.78.0 - Changes since 5.77.0: * Don't use QtTest which includes all QtCore includes ==== libarchive ==== Version update (3.5.0 -> 3.5.1) - update to 3.5.1: * various compilation fixes (#1461, #1462, #1463, #1464) * fixed undefined behavior in a function in warc reader (#1465) ==== libfprint ==== Version update (1.90.6 -> 1.90.7) - Update version to 1.90.7 * vfs5011: Fix possible use-after-free * goodixmoc: Add two new PIDs (0x63AC, 0x639C) * goodixmoc: Support finger status API * synaptics: Only identify within provided prints * synaptics: Reject devices with old firmware during probe ==== libgarcon ==== Version update (0.8.0 -> 4.16.1) Subpackages: libgarcon-1-0 libgarcon-data libgarcon-lang - Update to version 4.16.1 * Launch applications as children again (gxo#xfce/garcon#18) * Translation Updates ==== libinput ==== Subpackages: libinput-udev libinput10 - Limit the dep libinput-debug-gui -> libinput-tools only to %{version}, not %{version}-%{release}. As they are not built in the same run, the rebuild counters are not guaranteed to match forever. ==== libjpeg-turbo ==== Subpackages: libjpeg8 libturbojpeg0 - Fix setting of FLOATTEST ==== libkgapi ==== Subpackages: libKPimGAPICalendar5 libKPimGAPIContacts5 libKPimGAPICore5 libKPimGAPITasks5 libkgapi-lang sasl2-kdexoauth2 - add kde-429406-dont-reset-account-scopes.patch (kde#429406) ==== libmaxminddb ==== Version update (1.4.3 -> 1.5.0) - libmaxminddb 1.5.0: * build system changes for other platforms only ==== libpwquality ==== Subpackages: libpwquality1 pam_pwquality - Do not use macro %make_build pre SLE-15 Use "make -O %{?_smp_mflags}" instead [libpwquality.spec] ==== libqmi ==== Version update (1.26.6 -> 1.26.8) Subpackages: libqmi-glib5 libqmi-tools - update to 1.26.8: * libqmi-glib: + Fix proxy segfault when accessing length of NULL GArray. + Add "Release USSD" indication to Basic collection. * qmicli: + Fix element types used in "NAS Get Cell Location Info". * Several other minor improvements and fixes. ==== libqt5-qtdeclarative ==== - Enable qml-autoreqprov ==== libqt5-qtwebengine ==== - Drop baselibs.conf, not needed after libksysguard5 got adjusted ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Fix bsc#1179025 - LO-L3: LibreOffice crashes opening a PPTX * bsc1179025.diff - Fix bsc#1178807 - LO-L3: Text box from PowerPoint renders vertically instead of horizontally * bsc1178807.diff - Add icu68.patch: fix build with ICU 68 ==== libzypp ==== Version update (17.25.5 -> 17.25.6) - Rephrase solver problem descriptions (jsc#SLE-8482) - Adapt to changed gpg2/libgpgme behavior (bsc#1180721) - Multicurl backend breaks with with unknown filesize (fixes #277) - version 17.25.6 (22) ==== llvm11 ==== Version update (11.0.0 -> 11.0.1) Subpackages: clang-tools clang11 clang11-doc libLLVM11 libLTO11 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang11 - Update to version 11.0.1. * This release contains bug-fixes for the LLVM 11.0.0 release. This release is API and ABI compatible with 11.0.0. - Rebase llvm-do-not-install-static-libraries.patch. - Drop obsolete compiler-rt-dont-compile-assembly-files-as-c.patch. - Make documentation tarballs more reproducible. ==== mozjs78 ==== Version update (78.5.0 -> 78.6.1) - Update to version 78.6.1esr. ==== net-tools ==== - prepare usrmerge (boo#1029961) ==== openSUSE-build-key ==== - update openSUSE:Factory:zSystems signing key to current version: pub rsa2048 2016-02-17 [SC] [expires: 2022-08-16] F00C20EF1E1114C9B5F69B2276CA4244F6AB3975 openSUSE:Factory:zSystems OBS Project ==== openafs ==== Version update (1.8.6.1 -> 1.8.7) Subpackages: openafs-client openafs-kmp-64kb openafs-kmp-default - update to HEAD of git branch openafs-stable-1_8_x * fix critical bug described in https://lists.openafs.org/pipermail/openafs-info/2021-January/043026.html * remove remove-get_ds-usage.patch * remove add_arch_to_linux_kernel_make.patch ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Update openssh-8.1p1-audit.patch (bsc#1180501). This fixes occasional crashes on connection termination caused by accessing freed memory. ==== perl-Mail-AuthenticationResults ==== Version update (1.20200824.1 -> 2.20210112) - updated to 2.20210112 see /usr/share/doc/packages/perl-Mail-AuthenticationResults/Changes 2.20210112 2021-01-12 22:10:28+00:00 UTC - Switch to a purely numeric version string ==== perl-Net-HTTP ==== Version update (6.19 -> 6.20) - update to 6.20: * Replace last use of "vars" with "our" (GH#67) (James Raspass) ==== perl-libwww-perl ==== Version update (6.51 -> 6.52) - updated to 6.52 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.52 2021-01-07 21:20:51Z - Remove block of code which creates message-digest auth request field (GH#369) (Olaf Alders) ==== php7 ==== Subpackages: php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - deleted patch (redundant cast, both sides are already signed int) - php-odbc-cmp-int-cast.patch - install php7-cli if no sapi is selected upon php7 installation - add conflicts with earlier version of php-cli, php-fastcgi and php-fpm - put CLI binary in -cli subpackage so that other moduldes can depend on the php base package that remains (and provides files and maps common for all) - use pkgconfig() to resolve BuildRequires where upstream uses it too - since php-7.4.0 when using --with-external-gd the configure options - -with-xpm, --with-freetype and --with-jpeg are not needed anymore (and neither are the respective BuildRequires) - add Recommends: php-openssl as many modules can optionally use it - use new %ldconfig macros in Tumbleweed ==== polkit-default-privs ==== Version update (1550+20201208.135bf51 -> 1550+20210111.f725c25) - Update to version 1550+20210111.f725c25: * polkit-rules-whitelist: add brltty brlapi group rule (bsc#1180593) ==== psmisc ==== Version update (23.2 -> 23.3) - Now with 23.3 peekfd is build even for aarch64 - Rework 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch and split off the patch psmisc-v23.3-selinux.patch - Rework 0002-Use-new-statx-2-system-call-to-avoid-hangs-on-NFS.patch - New patch psmisc-v23.3-selinux.patch - Rename patch psmisc-v23.2.dif which is now psmisc-v23.3.dif - Update to 23.3: * killall: check also truncated 16 char comm names Debian * fuser: Return early if have nulls * peekfd: Add support for ARM64 * pstree: Add color by age * fuser: Use larger inode sizes - Rebase 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch - Rebase 0002-Use-new-statx-2-system-call-to-avoid-hangs-on-NFS.patch - Rebase psmisc-22.21-pstree.patch ==== purple-rocketchat ==== Version update (0.0+git.20200717T223247 -> 0.0+git20201219) Subpackages: libpurple-plugin-rocketchat pidgin-plugin-rocketchat - Update to version 0.0+git20201219 (changes since 0.0+git20200717): * Handle data structure change from newer Rocket.Chat servers (boo#1180806). * Add some additional checks to reduce debug warnings. ==== python-rpm-macros ==== Version update (20200824.8fa42a7 -> 20210112.86f4d9d) Subpackages: python-rpm-generators - Update to version 20210112.86f4d9d: * fix gh#openSUSE/python-rpm-macros#84: python_sysconfig_ macros - Update to version 20201207.2177fcf: * README update after merge - Update to version 20201207.259cdda: * Update python_expand description in README * python_expand to basename only - Update to version 20201204.32a910e: * fix print_provided_flavor again - Update to version 20201203.5331183: * fix print_provided_flavor - Update to version 20201128.669edb3: * fix provides (for python-numpy f2py, in gh#openSUSE/python-rpm-macros#66) - Update to version 20201123.6978323: * also rewrite subpackage_only default providers * pytest: ignore _build dirs for all flavors - Update to version 20201119.6bb5f69: * add default provider properties * don't replace %name, for subpackage_only * expand parameters for subpackage_only packages - Update to version 20201112.a4c80dc: * handle python_subpackage_only, fixes gh#openSUSE/python-rpm-macros#73 * define default providers for pythonX from pythonXY flavors: fixes #69 - Update to version 20201103.cec67c2: * document python_find_lang * add python_find_lang and allow to specify in %python_files. Fixes #5 - Update to version 20201102.31ccfc2: * fix python_clone shebang replacement * one less expansion for python_exec * expand default %python_ macros earlier * update README for multiple flavors * more command delimiters for %python_expand - Update to version 20201022.7f87908: * Add python36 and python38 flavours. - Update to version 20201021.adb6953: * Prepare for multiple python3 flavors - Remove multiple_flavors.patch as it is included in the upstream tarball. - Update to version 20201016.5d22545: * fix whitespace after escape in compileall macro - Update to version 20201016.db09189: * Delete pycache files before compilealll * Update macros/010-common-defs * Reword compileall * mention pyproject.toml and link to PEP517 and PEP518 * add description for pyunittest macro * add description for python_compileall macro * add description for pyproject macros * add python_compileall macro and use it in pyproject_install * disable pip version check: no connection to pypi.org - Update multiple_flavors.patch to generate correct names of the python binary. - %__#FLAVOR# should be defined as /usr/bin/python%{#FLAVOR#_version} not just /usr/bin/#FLAVOR# - Add patch multiple_flavors.patch which makes compile_macros.sh generate alternative flavours as well. ==== qalculate ==== Version update (3.15.0 -> 3.16.1) Subpackages: libqalculate21 qalculate-data - Update to 3.16.1: * Fix saving of local data objects (user data was deleted) * Fix kWh unit * Always place units with prefixes before other units * Improve prefixes when expression contains both units that do and units that do not use prefixes * Add daysInMonth() function - Update to 3.16.0: * Chain syntax (e.g. 1+2*3=(1+2)*3=6) * Make all currency codes (except CUP and KGS) case insensitive * Fixes for floating point format output * Fix segfault on factorization in qalc * Fix saving of local data objects * Fix BYN exchange rate url * Redesigned expression, status, and result widgets * Chain mode (GUI) * Configurable calculate-as-you-type add to history delay * Improved completion * Support for qalc commands in GUI (expression is interpreted as command if it begins with '/') * Support for reading expressions and commands from file in GUI (as in qalc, using command line option -f/--file) * Use arrow instead of "to" by default * French GUI translation * Minor bug fixes and feature improvements - ran spec-cleaner ==== rav1e ==== Version update (0.3.4 -> 0.4.0) - Update to version 0.4.0 * https://github.com/xiph/rav1e/releases/tag/v0.4.0 ==== redis ==== Version update (6.0.9 -> 6.0.10) - HTTPS download link for source - redis 6.0.10: Command behavior changes: * SWAPDB invalidates WATCHed keys (#8239) * SORT command behaves differently when used on a writable replica (#8283) * EXISTS should not alter LRU (#8016) In Redis 5.0 and 6.0 it would have touched the LRU/LFU of the key. * OBJECT should not reveal logically expired keys (#8016) Will now behave the same TYPE or any other non-DEBUG command. * GEORADIUS[BYMEMBER] can fail with -OOM if Redis is over the memory limit (#8107) Other behavior changes: * Sentinel: Fix missing updates to the config file after SENTINEL SET command (#8229) * CONFIG REWRITE is atomic and safer, but requires write access to the config file's folder (#7824, #8051) This change was already present in 6.0.9, but was missing from the release notes. Bug fixes with compatibility implications (bugs introduced in Redis 6.0): * Fix RDB CRC64 checksum on big-endian systems (#8270) If you're using big-endian please consider the compatibility implications with RESTORE, replication and persistence. * Fix wrong order of key/value in Lua's map response (#8266) If your scripts use redis.setresp() or return a map (new in Redis 6.0), please consider the implications. Bug fixes: * Fix an issue where a forked process deletes the parent's pidfile (#8231) * Fix crashes when enabling io-threads-do-reads (#8230) * Fix a crash in redis-cli after executing cluster backup (#8267) * Handle output buffer limits for module blocked clients (#8141) Could result in a module sending reply to a blocked client to go beyond the limit. * Fix setproctitle related crashes. (#8150, #8088) Caused various crashes on startup, mainly on Apple M1 chips or under instrumentation. * Backup/restore cluster mode keys to slots map for repl-diskless-load=swapdb (#8108) In cluster mode with repl-diskless-load, when loading failed, slot map wouldn't have been restored. * Fix oom-score-adj-values range, and bug when used in config file (#8046) Enabling setting this in the config file in a line after enabling it, would have been buggy. * Reset average ttl when empty databases (#8106) Just causing misleading metric in INFO * Disable rehash when Redis has child process (#8007) This could have caused excessive CoW during BGSAVE, replication or AOFRW. * Further improved ACL algorithm for picking categories (#7966) Output of ACL GETUSER is now more similar to the one provided by ACL SETUSER. * Fix bug with module GIL being released prematurely (#8061) Could in theory (and rarely) cause multi-threaded modules to corrupt memory. * Reduce effect of client tracking causing feedback loop in key eviction (#8100) * Fix cluster access to unaligned memory (SIGBUS on old ARM) (#7958) * Fix saving of strings larger than 2GB into RDB files (#8306) Additional improvements: * Avoid wasteful transient memory allocation in certain cases (#8286, #5954) Platform / toolchain support related improvements: * Fix crash log registers output on ARM. (#8020) * Add a check for an ARM64 Linux kernel bug (#8224) Due to the potential severity of this issue, Redis will print log warning on startup. * Raspberry build fix. (#8095) New configuration options: * oom-score-adj-values config can now take absolute values (besides relative ones) (#8046) Module related fixes: * Moved RMAPI_FUNC_SUPPORTED so that it's usable (#8037) * Improve timer accuracy (#7987) * Allow '\0' inside of result of RM_CreateStringPrintf (#6260) ==== rubygem-nokogiri ==== Version update (1.11.0 -> 1.11.1) Subpackages: ruby2.7-rubygem-nokogiri ruby3.0-rubygem-nokogiri - updated to version 1.11.1 see CHANGELOG.md ==== salt ==== Version update (3000.3 -> 3002.2) Subpackages: python3-salt salt-master salt-minion - Remove deprecated warning that breaks minion execution when "server_id_use_crc" opts is missing - Added: * remove-deprecated-warning-that-breaks-miniion-execut.patch - Revert wrong zypper patch to support vendorchanges flags on pkg.install - Added: * revert-add-patch-support-for-allow-vendor-change-opt.patch - Force zyppnotify to prefer Packages.db than Packages if it exists - Allow vendor change option with zypper - Add pkg.services_need_restart - Fix for file.check_perms to work with numeric uid/gid - Added: * force-zyppnotify-to-prefer-packages.db-than-packages.patch * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch * add-patch-support-for-allow-vendor-change-option-wit.patch * add-pkg.services_need_restart-302.patch - virt: more network support Add more network and PCI/USB host devices passthrough support to virt module and states - Added: * open-suse-3002.2-virt-network-311.patch - Bigvm backports virt consoles, CPU tuning and topology, and memory tuning. - Added: * open-suse-3002.2-bigvm-310.patch - Fix pkg states when DEB package has "all" arch - Added: * fix-aptpkg.normalize_name-when-package-arch-is-all.patch - Do not force beacons configuration to be a list. Revert https://github.com/saltstack/salt/pull/58655 - Added: * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch - Drop wrong virt capabilities code after rebasing patches - Added: * drop-wrong-virt-capabilities-code-after-rebasing-pat.patch - Update to Salt release version 3002.2 - See release notes: https://docs.saltstack.com/en/latest/topics/releases/3002.2.html - Modified: * add-environment-variable-to-know-if-yum-is-invoked-f.patch * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch * fix-__mount_device-wrapper-254.patch * opensuse-3000.2-virt-backports-236-257.patch * fixes-cve-2018-15750-cve-2018-15751.patch * strip-trailing-from-repo.uri-when-comparing-repos-in.patch * include-aliases-in-the-fqdns-grains.patch * support-config-non-root-permission-issues-fixes-u-50.patch * support-for-btrfs-and-xfs-in-parted-and-mkfs.patch * fix-batch_async-obsolete-test.patch * early-feature-support-config.patch * changed-imports-to-vendored-tornado.patch * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch * add-hold-unhold-functions.patch * do-not-crash-when-there-are-ipv6-established-connect.patch * add-docker-logout-237.patch * add-saltssh-multi-version-support-across-python-inte.patch * fix-a-test-and-some-variable-names-229.patch * implement-network.fqdns-module-function-bsc-1134860-.patch * debian-info_installed-compatibility-50453.patch * fix-bsc-1065792.patch * use-current-ioloop-for-the-localclient-instance-of-b.patch * restore-default-behaviour-of-pkg-list-return.patch * virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch * add-migrated-state-and-gpg-key-management-functions-.patch * info_installed-works-without-status-attr-now.patch * bsc-1176024-fix-file-directory-user-and-group-owners.patch * opensuse-3000.3-spacewalk-runner-parse-command-250.patch * fix-aptpkg-systemd-call-bsc-1143301.patch * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch * ansiblegate-take-care-of-failed-skipped-and-unreacha.patch * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch * add-cpe_name-for-osversion-grain-parsing-u-49946.patch * python3.8-compatibility-pr-s-235.patch * backport-virt-patches-from-3001-256.patch * do-not-break-repo-files-with-multiple-line-values-on.patch * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch * accumulated-changes-required-for-yomi-165.patch * support-transactional-systems-microos-271.patch * use-adler32-algorithm-to-compute-string-checksums.patch * remove-vendored-backports-abc-from-requirements.patch * fall-back-to-pymysql.patch * xen-disk-fixes-264.patch * fix-for-temp-folder-definition-in-loader-unit-test.patch * batch.py-avoid-exception-when-minion-does-not-respon.patch * move-server_id-deprecation-warning-to-reduce-log-spa.patch * avoid-traceback-when-http.query-request-cannot-be-pe.patch * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch * grains-master-can-read-grains.patch * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch * accumulated-changes-from-yomi-167.patch * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch * add-astra-linux-common-edition-to-the-os-family-list.patch * fix-async-batch-race-conditions.patch * batch-async-catch-exceptions-and-safety-unregister-a.patch * activate-all-beacons-sources-config-pillar-grains.patch * drop-wrong-mock-from-chroot-unit-test.patch * fix-for-suse-expanded-support-detection.patch * fix-novendorchange-option-284.patch * fix-virt.update-with-cpu-defined-263.patch * add-batch_presence_ping_timeout-and-batch_presence_p.patch * fix-git_pillar-merging-across-multiple-__env__-repos.patch * add-publish_batch-to-clearfuncs-exposed-methods.patch * fix-unit-tests-for-batch-async-after-refactor.patch * add-new-custom-suse-capability-for-saltutil-state-mo.patch * prevent-test_mod_del_repo_multiline_values-to-fail.patch * x509-fixes-111.patch * adds-explicit-type-cast-for-port.patch * run-salt-master-as-dedicated-salt-user.patch * remove-msgpack-1.0.0-requirement-in-the-installed-me.patch * switch-firewalld-state-to-use-change_interface.patch * option-to-en-disable-force-refresh-in-zypper-215.patch * fix-async-batch-multiple-done-events.patch * make-setup.py-script-to-not-require-setuptools-9.1.patch * add-custom-suse-capabilities-as-grains.patch * don-t-call-zypper-with-more-than-one-no-refresh.patch * transactional_update-unify-with-chroot.call.patch * fix-ipv6-scope-bsc-1108557.patch * temporary-fix-extend-the-whitelist-of-allowed-comman.patch * opensuse-3000-libvirt-engine-fixes-251.patch * fix-grains.test_core-unit-test-277.patch * pkgrepo-support-python-2.7-function-call-295.patch * prevent-import-errors-when-running-test_btrfs-unit-t.patch * do-not-make-ansiblegate-to-crash-on-python3-minions.patch * fix-issue-2068-test.patch * ensure-virt.update-stop_on_reboot-is-updated-with-it.patch * remove-deprecated-usage-of-no_mock-and-no_mock_reaso.patch * read-repo-info-without-using-interpolation-bsc-11356.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * fixing-streamclosed-issue.patch * virt._get_domain-don-t-raise-an-exception-if-there-i.patch * loop-fix-variable-names-for-until_no_eval.patch * improve-batch_async-to-release-consumed-memory-bsc-1.patch * prevent-systemd-run-description-issue-when-running-a.patch * integration-of-msi-authentication-with-azurearm-clou.patch * add-all_versions-parameter-to-include-all-installed-.patch * sanitize-grains-loaded-from-roster_grains.json.patch * fix-failing-unit-tests-for-batch-async.patch * reintroducing-reverted-changes.patch * fix-for-log-checking-in-x509-test.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch * opensuse-3000-virt-defined-states-222.patch * add-virt.all_capabilities.patch * prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch * fix-cve-2020-25592-and-add-tests-bsc-1178319.patch * fix-unit-test-for-grains-core.patch * async-batch-implementation.patch * apply-patch-from-upstream-to-support-python-3.8.patch * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch * re-adding-function-to-test-for-root.patch * zypperpkg-filter-patterns-that-start-with-dot-244.patch * fix-a-wrong-rebase-in-test_core.py-180.patch * add-multi-file-support-and-globbing-to-the-filetree-.patch * fix-the-removed-six.itermitems-and-six.-_type-262.patch * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch * add-standalone-configuration-file-for-enabling-packa.patch * make-profiles-a-package.patch * return-the-expected-powerpc-os-arch-bsc-1117995.patch * batch_async-avoid-using-fnmatch-to-match-event-217.patch * do-not-raise-streamclosederror-traceback-but-only-lo.patch * provide-the-missing-features-required-for-yomi-yet-o.patch * make-aptpkg.list_repos-compatible-on-enabled-disable.patch * backport-a-few-virt-prs-272.patch * add-supportconfig-module-for-remote-calls-and-saltss.patch * run-salt-api-as-user-salt-bsc-1064520.patch * path-replace-functools.wraps-with-six.wraps-bsc-1177.patch * get-os_arch-also-without-rpm-package-installed.patch * invalidate-file-list-cache-when-cache-file-modified-.patch * xfs-do-not-fails-if-type-is-not-present.patch * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch - Removed: * do-not-report-patches-as-installed-when-not-all-the-.patch * add-pkg.services_need_restart-302.patch * removes-unresolved-merge-conflict-in-yumpkg-module.patch * add-missing-fun-for-returns-from-wfunc-executions.patch * force-zyppnotify-to-prefer-packages.db-than-packages.patch * decide-if-the-source-should-be-actually-skipped.patch * make-lazyloader.__init__-call-to-_refresh_file_mappi.patch * avoid-has_docker-true-if-import-messes-with-salt.uti.patch * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch * set-passphrase-for-salt-ssh-keys-to-empty-string-293.patch * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch * add-patch-support-for-allow-vendor-change-option-wit.patch * opensuse-3000.3-bigvm-backports-303.patch * msgpack-support-versions-1.0.0.patch * fix-typo-on-msgpack-version-when-sanitizing-msgpack-.patch * use-full-option-name-instead-of-undocumented-abbrevi.patch * add-missing-_utils-at-loader-grains_func.patch * loader-invalidate-the-import-cachefor-extra-modules.patch * fix-for-return-value-ret-vs-return-in-batch-mode.patch * make-salt.ext.tornado.gen-to-use-salt.ext.backports_.patch - Force zyppnotify to prefer Packages.db than Packages if it exists - Allow vendor change option with zypper - Added: * add-patch-support-for-allow-vendor-change-option-wit.patch * force-zyppnotify-to-prefer-packages.db-than-packages.patch - Add pkg.services_need_restart - Bigvm backports: virt consoles, CPU tuning and topology, and memory tuning. - Fix for file.check_perms to work with numeric uid/gid - Added: * add-pkg.services_need_restart-302.patch * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch * opensuse-3000.3-bigvm-backports-303.patch - Change 'Requires(pre)' to 'Requires' for salt-minion package (bsc#1083110) ==== speexdsp ==== - Update dependencies and update spec file ==== sudo ==== Version update (1.9.4p2 -> 1.9.5p1) Subpackages: sudo-plugin-python - Update to 1.9.5.p1 * Fixed a regression introduced in sudo 1.9.5 where the editor run by sudoedit was set-user-ID root unless SELinux RBAC was in use. The editor is now run with the user's real and effective user-IDs. - News in 1.9.5 * Fixed a crash introduced in 1.9.4 when running "sudo -i" as an unknown user. This is related to but distinct from Bug #948. * If the "lecture_file" setting is enabled in sudoers, it must now refer to a regular file or a symbolic link to a regular file. * Fixed a potential use-after-free bug in sudo_logsrvd when the server shuts down if there are existing connections from clients that are only logging events and not session I/O data. * Fixed a buffer size mismatch when serializing the list of IP addresses for configured network interfaces. This bug is not actually exploitable since the allocated buffer is large enough to hold the list of addresses. * If sudo is executed with a name other than "sudo" or "sudoedit", it will now fall back to "sudo" as the program name. This affects warning, help and usage messages as well as the matching of Debug lines in the /etc/sudo.conf file. Previously, it was possible for the invoking user to manipulate the program name by setting argv[0] to an arbitrary value when executing sudo. * Sudo now checks for failure when setting the close-on-exec flag on open file descriptors. This should never fail but, if it were to, there is the possibility of a file descriptor leak to a child process (such as the command sudo runs). * Fixed CVE-2021-23239, a potential information leak in sudoedit that could be used to test for the existence of directories not normally accessible to the user in certain circumstances. When creating a new file, sudoedit checks to make sure the parent directory of the new file exists before running the editor. However, a race condition exists if the invoking user can replace (or create) the parent directory. If a symbolic link is created in place of the parent directory, sudoedit will run the editor as long as the target of the link exists. If the target of the link does not exist, an error message will be displayed. The race condition can be used to test for the existence of an arbitrary directory. However, it _cannot_ be used to write to an arbitrary location. * Fixed CVE-2021-23240, a flaw in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux is enabled, a user with sudoedit permissions may be able to set the owner of an arbitrary file to the user-ID of the target user. On Linux kernels that support "protected symlinks", setting /proc/sys/fs/protected_symlinks to 1 will prevent the bug from being exploited. For more information see https://www.sudo.ws/alerts/sudoedit_selinux.html. * Added writability checks for sudoedit when SELinux RBAC is in use. This makes sudoedit behavior consistent regardless of whether or not SELinux RBAC is in use. Previously, the "sudoedit_checkdir" setting had no effect for RBAC entries. * A new sudoers option "selinux" can be used to disable sudo's SELinux RBAC support. * Quieted warnings from PVS Studio, clang analyzer, and cppcheck. Added suppression annotations for PVS Studio false positives. ==== thunar ==== Version update (4.16.1 -> 4.16.2) Subpackages: libthunarx-3-0 thunar-lang - Update to version 4.16.2 * Regression: "Open with other application" missing (gxo#xfce/thunar#470) * Always create new files and folders in current directory (gxo#xfce/thunar#462) * Translation Updates ==== tracker ==== Version update (3.0.2 -> 3.0.3) Subpackages: libtracker-sparql-3_0-0 tracker-data-files typelib-1_0-Tracker-3_0 - Update to version 3.0.3: + Avoid FTS5 table inconsistency with SQLite >= 3.34.0. + Fix out parameter in VAPI/Vala files. ==== tracker-miners ==== Version update (3.0.3 -> 3.0.4) Subpackages: tracker-miner-files - Update to version 3.0.4: + Improve time_t interpretation for negative timestamps. + Fix "tracker3 search --folders". + Fix crasher after tracker-miner-fs SPARQL failures. + CI fixes. ==== vala ==== Version update (0.50.2 -> 0.50.3) Subpackages: libvala-0_50-0 - Update to version 0.50.3: + Various improvements and bug fixes: - codegen: . Use CCodeInvalidExpression instead of place holders . Don't leak memory of already assigned out-parameter on error . Don't leak memory on internal value comparison of property setter . Fix assignment of casted struct value to property - vala: . Report an error if gio-2.0 is missing for DBus support . Add missing TraverseVisitor.visit_addressof_expression() . value_type of PointerIndirection expressions must not be owned . SliceExpression need to return heap-allocated or unowned references . Accept "unowned var" as type for foreach variable declaration . Ownership transfer of inline-allocated array is not allowed - tests: Use Automake?s parallel test driver to speed up running tests - testrunner: A lot of simplifications + Bindings: - gio-2.0: Fix DBusSubtreeIntrospectFunc binding - gstreamer-1.0: Fix direction of GLib.Value typed parameters - gstreamer: Update from 1.19.0+ git master - gtk4: . Use correct cheader_include for wayland/x11 gdk backend . Don't rename binding for gtk_css_provider_load_from_data . Update to 4.0.1 - webkit2gtk-4.0: Update to 2.30.3 ==== vim ==== Version update (8.2.2129 -> 8.2.2327) Subpackages: gvim vim-data vim-data-common - Updated to version 8.2.2327, fixes the following problems * Insert mode completion messages end up in message history. * Vim9: crash when lambda uses same var as assignment. * Padding not drawn properly for popup window with title. * Vim9: checking for a non-empty string is too strict. * Vim9: get E1099 when autocmd triggered in builtin function. * Vim9: #{ still seen as start of dict in some places. * Vim9: Using uninitialized variable. * Vim9: :echo and :execute give error for empty argument. * Vim9: "exit_cb" causes Vim to exit. * Vim9: unreachable code in assignment. * Build failure with tiny features. * A user command with try/catch may not catch an expression error. * Memory leak when heredoc is not terminated. * Vim9: dead code in compiling :unlet. * Vim9: some corner cases not tested. * Vim9: concatenating lists does not adjust type of result. * Vim9: automatic conversion of number to string for dict key. * Quickfix window title not updated in all tab pages. * Vim9: crash when user command doesn't match. * Popupwin test for latin1 sometimes fails. * Github actions CI isn't used for all available platforms. * $dir not expanded when configure checks for moonjit. * screenpos() does not include the WinBar offset. * Popupwin test for latin1 still fails sometimes. * Popupwin test for terminal buffer fails sometimes. * Warning from Github actions for code analysis. * Github actions run on pusing a tag. * Vim9: can delete a Vim9 script variable from a function. * CI on cirrus times out, coveralls doesn't always run. * Vim9: when declaring a list it is not allocated yet, causing a following extend() to fail. * Various typos. * Arguments -T and -x not tested yet. * Vim9: Cannot load or store autoload variables. * Crash when discarded exception is the current exception. * Vim9: autoload function doesn't work in script that starts with an upper case letter. * Vim9: assignment to dict member does not work. * Auto format doesn't work when deleting text. * Vim9: assign test fails. (Elimar Riesebieter) * Vim9: error for assigning to dict of dict. * Vim9: test leaves file behind. * Vim9: a global function defined in a :def function fails if it uses the context. * Valgrind warning for using uninitialized value. * Vim9: number of arguments is not always checked. (Yegappan Lakshmanan) * Vim9: get internal error when assigning to undefined variable. * Mac version doesn't specify the CPU architecture. * Github actions: clang-11 handling suboptimal. * Crash with a sequence of fold commands. * Pattern "^" does not match if the first character in the line is combining. (Rene Kita) * Python 3: non-utf8 character cannot be handled. * Vim9: crash when indexing a dict with a number. * Vim9: test for error after error is flaky. * Valgrind warnings for using uninitialized value. * Vim9: value of 'magic' is still relevant. * Vim9: value of 'edcompatible' and 'gdefault' are used. * Vim9: no error when using "2" for a line number. * BufUnload is not triggered for the quickfix dummy buffer. * Vim9: error when using 'opfunc'. * Python 3 test fails sometimes. (Christian Brabandt) * Vim9: crash when calling global function from :def function. * Cannot repeat a command that uses the small delete register. * Vim9: crash when compiled with EXITFREE. * Vim9: using wrong name with lambda in nested function. * Codecov on github actions fails. * Vim9: can change constant in :def function. * Vim9: cannot use :const or :final at the script level. * Failing tests for :const. * :version output has extra spaces in compile and link command. * Assert arguments order reversed. * ml_get error when resizing window and using text property. * First write after setting 'eol' does not have NL added. (Tomá? Janou?ek) * Vim9: lambda without white space around -> is confusing. * Write file test fails on MS-Windows. * Write file test still fails on MS-Windows. * Moodle gift files are not recognized. * Vim9: using -> both for method and lambda is confusing. * Vim9: memory leak when parsing lambda fails. * :exe command line completion only works for first argument. * Illegal memory access if popup menu items are changed while the menu is visible. (Tomá? Janou?ek) * Vim9: after reloading a script variable index may be invalid. * Vim9: return type of => lambda not parsed. * Vim9: allocating a type to set TTFLAG_BOOL_OK. * Vim9: lambda with => does not work at the script level. * Checking white space around -> is not backwards compatible. * ":e#" does not give a warning for missing white space. * Vim9: `=expr` not recognized in global command. * Vim9: range with missing colon can be hard to spot. * Vim9: command modifiers not restored in catch block. * Vim9: failure if passing more arguments to a lambda than expected. * Vim9: method call with expression not supported. * Vim9: memory leak when parsing nested parenthesis. * If is mapped on the command line 'wildchar' is inserted. * Vim9: cannot keep script variables when reloading. * Vim9: Reloading marks a :def function as deleted. * Vim9: crash if script reloaded with different variable type. * Vim9: error when using :import in legacy script twice. * Vim9: script test fails. * Vim9: recognizing lambda is too complicated. * Vim9: cannot use ":e #" because # starts a comment. * build failure without the +eval feature. * Vim9: insert completion runs into error. * When "--remote file" is used "file" is not reloaded. * Compiler error for falling through into next case. * Cannot convert a byte index into a character index. * Command line wildmenu test often fails with Unix GUI. * Build failure with some Ruby versions. * 'scroll' option can change when setting the statusline or tabline but the option context is not updated. * Vim9: cannot load a Vim9 script without the +eval feature. * Vim9: concatenating lines with backslash is inconvenient. * Clientserver test fails if full path is used. * Build with Ruby and clang may fail. * Vim9: line continuation with bar does not work at script level. * Crash when popup mask contains zeroes. * Crash when making the window width of the not-current window negative. * Vim9: return value of winrestcmd() cannot be executed. * Cursor keys not recognized at the hit-Enter prompt after executing an external command. * VMS: various smaller problems. * ASAN error on exit with GUI. * Termcodes test is flaky when used over ssh with X forwarding. * Vim9: sublist is ambiguous. * Test failures in legacy script. * Vim9: crash when using lambda without return type in dict. * Vim9: expr test fails. * Vim9: bool option type is number. * Tcl test fails. * Vim9: cannot use function( after line break in :def function. * Vim9: using -> for lambda is ambiguous. * Not all OCaml related files are detected. * Test_Executable() fails when using chroot. * Window resize test fails in very wide terminal. * Vim9: boolean option gets string type. * Vim9: converting bool to string prefixes v:. * Vim9: compilation error with try-catch in skipped block. * Vim9: no error for mismatched :endfunc or :enddef. * Error message for missing endfunc/enddef is last line. * Vim9: it can be hard to see where white space is missing. * Vim9: cannot use unlet for a dict member. * Vim9: list unpack seen as declaration. * Not all :hardcopy code covered by tests. * Warning for size_t to int conversion. (Randall W. Morris) * ml_get error when changing hidden buffer in Python. * Vim9: extend() can violate the type of a variable. * Build failure. * badge for Travis is outdated. * CTRL-C not recognized in Mintty. * List of distributed files is outdated. * Missing backslash. * Falling back to old regexp engine can some patterns. * Vim9: memory leak with catch in skipped block. * Fuzzy matching doesn't give access to the scores. * Vim9: compiled "wincmd" cannot be followed by bar. * Length check mismatch with argument of strncmp(). (Christian Brabandt) * Vim9: crash when lambda has fewer arguments than expected. * Vim9: cannot set an option to a boolean value. * Vim9: cannot set an option to a false. * Sort test fails when locale is Canadian English. (Neil H Watson) * Sort test fails when locale is French Canadian. * Vim9: line break and comment not always skipped. * Vim9: 'cpo' can become empty. * Vim9: unlet of global variable cannot be compiled. * Vim9: cannot use "null" for v:null. * Vim: expr test fails. * Build failure with Motif. (Tony Mechelynck) * VMS: a few remaining problems. * Incsearch does not detect empty pattern properly. * Cannot use CTRL-N and CTRL-P in a popup menu. * Vim9: cannot set 'number' to a boolean value. * Vim9: comment right after "(" of function not recognized. * Vim9: invalid memory access making error message flaky. * Vim9: wrong order on type stack when using dict. * Vim9: cannot unlet a dict or list item. * Vim9: using an option value may use uninitialized memory. * Vim9: backtick expansion doesn't work for :foldopen. * Vim9: no test for unletting an imported variable. * Vim9: "++var" and "--var" are silently accepted. * Vim9: when using function reference type is not checked. * A shell command in the vimrc causes terminal output. * Vim9: no error when assigning lambda to funcref without return value. * 0o777 not recognized as octal. * Vim9: winsaveview() return type is too generic. * Vim9: cannot assign to a variable that shadows a command modifier. * Build failure with Ruby 3.0 and 32 bits. * Vim9: using uninitialized field when parsing range. ":silent!" not respected when parsing range fails. * Vim9: returning zero takes two instructions. * Vim9: "enddef" as dict key misintepreted as function end. * Vim9: cannot list a lambda function. * Vim9: command modifier before list unpack doesn't work. * Vim9: string and list index work differently. * "exptype_T" can be read as "expected type". * Vim9: no error for comparing bool with string. * Vim9: cannot nest closures. * Vim9: closure nested limiting to one level. * Vim9: error when inferring type from empty dict/list. * Not easy to get mark en cursor posotion by character count. * Vim9: crash if map() changes the item type. * Build error with +eval feature but without +spell. * Debugging code included. ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau - Add vlc-CVE-2020-26664.patch: mkv: Ensure we don't use an EbmlDummy element for something it's not (CVE-2020-26664, boo#1180755). ==== vte ==== Version update (0.62.1 -> 0.62.2) Subpackages: libvte-2_91-0 typelib-1_0-Vte-2.91 - Update to version 0.62.2: + widget: - Limit select-all to the writable region not including the scrollback - Fix idle child-exited signal after dispose + app: - Fix search next/prev button sensitivity - Fix background image drawing + lib: - desc is not a smart pointer in 0.62 - Fix unused variable warning when not using getrlimit - Use sysconf on macos to get the upper limit of number of FDs - Sanitise the passed-in font description - Add missing nullable annotation to spawn child setup functions ==== wireshark ==== Subpackages: libwireshark14 libwiretap11 libwsutil12 wireshark-ui-qt - provide helpful error message if user doesn't have permissions to run dumpcap (bsc#1180102) add wireshark-0001-dumpcap-permission-denied.patch ==== xfce4-appfinder ==== Version update (4.16.0 -> 4.16.1) Subpackages: xfce4-appfinder-lang - Update to version 4.16.1 * Launch applications as children again ==== xfce4-cpufreq-plugin ==== Version update (1.2.2 -> 1.2.3) Subpackages: xfce4-cpufreq-plugin-lang - Update to 1.2.3 * configure.ac: use AC_PROG_CC_C99 * Remove duplicate information from configuration window's title * Fix missing-prototypes * Remove GSourceFunc casts * Fix font color memory leak * Fix fatal compiler warnings * Record release date in the NEWS file like in all previous releases * Fix CSS provider memory leak and an invalid line ordering in an * if-statement * Use heap allocations instead of stack allocations * Better handling of changes in the number of installed CPUs * Display the actual governor instead of "current" * Fix font size (gxo#panel-plugins/xfce4-cpufreq-plugin#5) * Translation Updates ==== xfce4-screensaver ==== - Unbreak Leap build. * Make "%(_libexecdir}" file list more explicit, thus avoiding '/usr/lib/debug' being picked up on Leap, where libexec is '/usr/lib'. ==== xfce4-whiskermenu-plugin ==== Version update (2.5.1 -> 2.5.2) Subpackages: xfce4-whiskermenu-plugin-lang - Update to version 2.5.2 * Do not reparent launched programs. (gxo#panel-plugins/xfce4-whiskermenu-plugin#32) * Translation updates ==== yast2 ==== Version update (4.3.46 -> 4.3.49) Subpackages: yast2-logs - Keep the libzypp target open to verify other packages (bsc#1180858, related to the previous fix bsc#1179773) - 4.3.49 - Ensure the libzypp target is initialized when downloading the skelcd packages (to verify the GPG signatures) (bsc#1179773) - Log more details when several resolvables (instead of a single one) are unexpectedly found (related to bsc#1176276) - 4.3.48 - Fix default for hibernation proposal (bsc#1169874) - 4.3.47 ==== yast2-bootloader ==== Version update (4.3.16 -> 4.3.17) - The logic for calculating a device udev link is now delegated to the yast2-storage-ng module (jsc#SLE-17081, also related to bsc#1177926 and bsc#1169874). - 4.3.17 ==== yast2-network ==== Version update (4.3.37 -> 4.3.38) - Fix network configuration progress bar steps (bsc#1180702) - 4.3.38 - Improve additional addresses validation (bsc#1174766) - 4.3.37 ==== yast2-pkg-bindings ==== Version update (4.3.5 -> 4.3.6) - Fixed repository refresh (a bug caused downloading only the index file in some cases) (bsc#1180203) - 4.3.6 ==== yast2-storage-ng ==== Version update (4.3.35 -> 4.3.37) - Partitioner: removed warning for too small EFI system partition. - Proposal: reuse pre-existing EFI partition even if it's small - Related to bsc#1177358, bsc#1170625 and bsc#1119318. - 4.3.37 - Added API methods to get the preferred name to reference a block device or its filesystem (jsc#SLE-17081, also related to bsc#1177926 and bsc#1169874). - 4.3.36 ==== yast2-trans ==== Version update (84.87.20201231.ee5608b05e -> 84.87.20210109.77c13975e0) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210109.77c13975e0: * New POT for text domain 'vm'. * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * New POT for text domain 'control'. * New POT for text domain 'cluster'. * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) ==== zypper ==== Version update (1.14.41 -> 1.14.42) Subpackages: zypper-log zypper-needs-restarting - Fix source-download commnds help (bsc#1180663) - man: Recommend to use the --non-interactive global option rather than the command option -y (bsc#1179816) - Extend apt packagemap (fixes #366) - --quitet: Fix install summary to write nothing if there's nothing todo (bsc#1180077) - Prefer /run over /var/run. - version 1.14.42