Changed packages: ==== MozillaFirefox ==== Subpackages: MozillaFirefox-translations-common - fix bashism in mozilla.sh script ==== amarok ==== - Require correct libtag.so to avoid undefined symbols at runtime ==== apparmor-abstractions ==== Subpackages: apparmor-docs apparmor-parser apparmor-profiles apparmor-utils libapparmor-devel libapparmor1 libapparmor1-32bit pam_apparmor pam_apparmor-32bit perl-apparmor python3-apparmor - Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001 - rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename - add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858 ==== autoyast2 ==== Version update (3.1.70 -> 3.1.71) Subpackages: autoyast2-installation - Setting normal mode while applying single module settings to system. (bnc#909223) - 3.1.71 - Removed code which will be already done by service_manager. (bnc#909745) ==== blender ==== - Add blender-freetype-2.5.4.patch: Silence warnings when building against freetype 2.5.4 (which has a structure change on FT_Bitmap). ==== bzip2 ==== Subpackages: libbz2-1 libbz2-1-32bit libbz2-devel - build with PIE ==== cabextract ==== - build with PIE ==== calibre ==== - Harden required Qt5Core and Qt5Gui library versions: Qt's private headers are not under BC guarantee, and can break it even with patch releases ==== desktop-file-utils ==== - Add U_trailing-semicolons-are-optional_aec5711.patch bfo#76902, fixes a no longer correct rpmlint warning for some upstream desktop files without trailing semicolon - Add U_add-EDE-desktop-environment_97d6ba3.patch, U_add-Cinnamon-desktop-environment_50271fe.patch bfo#56353, bfo#73497 ==== efibootmgr ==== - Enable i586 build ==== espeak ==== - Add missing mbrola files for Lithuanian language ==== file ==== Subpackages: file-devel file-magic libmagic1 libmagic1-32bit - build with PIE ==== gdb ==== Version update (7.8 -> 7.8.1) - Update for GDB 7.8.1 * removed (already in upstream): gdb-babeltrace-configure.patch gdb-async-stopped-on-pid-arg-2of2.patch * amended (partially in upstream): gdb-archer.patch gdb-attach-fail-reasons-5of5.patch gdb-async-stopped-on-pid-arg-1of2.patch gdb-async-stopped-on-pid-arg-testsuite.patch ==== git ==== Version update (2.2.0 -> 2.2.1) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.2.1 Fixes arbitrary command execution vulnerability on case- insensitive file systems. [boo#910756] [CVE-2014-9390] This is not a usual case on GNU/Linux, but this update prevents such commits to propagate to third parties (Windows, OS X) that may be vulnerable. ==== groff ==== - build with PIE ==== groff-full ==== Subpackages: gxditview - build with PIE ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-xen - Require efibootmgr also on i586 ==== gzip ==== - build with PIE ==== hylafax+ ==== Subpackages: hylafax+-client - corrected typo (path) in README.SUSE ==== install-initrd-openSUSE ==== - new.patch for getting DVD with new kernel ==== kernel-default ==== Version update (3.17.4 -> 3.18.1) Subpackages: kernel-default-devel - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kernel-desktop ==== Version update (3.17.4 -> 3.18.1) Subpackages: kernel-desktop-devel - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kernel-docs ==== Version update (3.17.4 -> 3.18.1) - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kernel-devel ==== Version update (3.17.4 -> 3.18.1) Subpackages: kernel-macros kernel-source - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kernel-syms ==== Version update (3.17.4 -> 3.18.1) - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kernel-xen ==== Version update (3.17.4 -> 3.18.1) Subpackages: kernel-xen-devel - x86/tls: Validate TLS entries to protect espfix (bsc#909077,CVE-2014-8133). - commit 5f2f35e - Linux 3.18.1. - Delete patches.drivers/ALSA-usb-audio-Don-t-resubmit-pending-URBs-at-MIDI-e. - commit 0fdb00f - blk-mq: Fix uninitialized kobject at CPU hotplugging (bnc#908794). - commit b68f510 - Refresh Xen patches (adjustments for pv-ops builds and a huge memory DomU boot fix). - commit 0510331 - Update Xen patches to 3.18-final. - x86-64/MCE: flip CPU and bank numbers in log message. - commit 2b473fc - Update to 3.18-final. - commit fb05465 - Linux 3.17.6. - commit 12b7bf1 - Linux 3.17.5 (bnc#904417). - Refresh patches.xen/xen3-patch-2.6.18. - Refresh patches.xen/xen3-patch-2.6.31. - Delete patches.drivers/drm-radeon-report-disconnected-for-LVDS-eDP-with-PX. - commit 8bebfb6 - ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery. - commit a6e513d - drm: Implement O_NONBLOCK support on /dev/dri/cardN (bnc#904097). - commit 1b14fe6 - KEYS: Fix stale key registration at error path (bnc#908163). - commit 7d9c8f3 - arm64: Enable 64k page size (bnc#908468) - commit 088d59b - ARMv7: Bump NR_CPUs to 16, the HIP04D01 has that many - commit 9c41958 - Update to 3.18-rc7. - commit 58b7b67 - Update Xen config files (restore RTC_DRV_EFI). - commit ab8d181 - Update Xen patches to 3.18-rc6 and c/s 1269. - commit 7e21a29 - rpm/constraints.in: Require 10GB of disk space also on 32bit POWER - commit 33a282b - Update to 3.18-rc6. - commit 961dff7 - rpm/constraints.in: Require 10GB disk space on POWER A debuginfo build currently requires about 8.5 GB on POWER. Also, require at least 8 CPUs, so that builds do not get accidentally scheduled on slow machines. - commit 596d9cf ==== kiwi ==== Version update (7.02.10 -> 7.02.18) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools - v7.02.18 released - Fixed post install script from kiwi-templates it should not end with a non zero exit code - v7.02.17 released - Fixed bootloader setup for SLE11 JeOS template legacy grub is default unless uefi firmware is selected - v7.02.16 released - Fixed spec file for CentOS package On CentOS squashfs is packaged in squashfs-tools - Fixed kiwi-templates %post scriptlet Check if old image description exists before deleting it. This prevents warning messages spit out by rpm on install - Fix bashisms in image.sh shell scripts Replace '&>/dev/null' output redirections to '>/dev/null 2>&1'. - Fall back to lazyly umount /dev nodes in case of failure - v7.02.15 released - Fixed use of uninitialized value $format - Fixup logging with a logfile If a logfile is used the state of the call if it was successful or not is also part of the logfile and not exposed to the calling terminal. With this patch the overall success or error information is also printed on the calling terminal. - Print a message if the target directory is created - Code cleanup use createDirInteractive and replace redundant parts - v7.02.14 released - DB: rebuild documentation - v7.02.13 released - Added support for custom qemu-img format options When kiwi calls qemu-img to convert the image into the format the user has specified in the XML description it might be required to pass on additional format options like the compat mode for the qcow2 format. This can now be done like the following example shows: - Eliminate weird kiwi revision from unit tests The unit test environment sets a static kiwi revision number 4711 which is odd because it can easily use the correct git revision from the git metadata - Fixed print() on closed filehandle - v7.02.12 released - Eliminate grub2-efi path At the beginning of grub2 the home in boot was set to grub2-efi as well as some tools take this information in their name. It's time to cleanup this. In addition kiwi now creates a grub.cfg which is able to check for grub_platform in order to distinguish between efi and non efi configuration differences if there are any - Added EFI support for none aarch64 arm systems There are armv7 based boards which comes with an EFI firmware. In order to boot them we have to make sure to use grub2 bootarm.efi and call the right grub2 bootloader configuration methods (bnc #908469) - Follow up fix for overlayfs changes in kernel 3.18 overlayfs complains: upperdir and workdir must be in separate subtrees. Thus we create workdir and upperdir in different subdirs below read-write - Follow up fix for overlayfs changes in kernel 3.18 overlayfs complains: workdir and upperdir must reside under the same mount. Thus we create work-stage below read-write - Fixed setupBootLoaderGrub2 GRUB_TERMINAL setup in case of uefi we configured a text console terminal but graphics terminal works well with the shim efi module now - Apply former overlayfs adaption to kiwi caching kiwi image caches are also based on overlayfs. Thus the changes in the mount call has to be adapted there too - Adapt changes in overlayfs in kernel 3.18 Starting with overlayfs v22 the workdir mount option is required. In addition the module has been renamed from overlayfs to overlay which also impacts the mount options. In order to stay compatible kiwi implements a two way mount call, first with the legacy mount options and second with the current mount options - v7.02.11 released - Fixed setupBTRFSSubVolumes if a subvolume for e.g /var/spool should be created kiwi failed because the /var path did not exist. As a workaround people could add /var as a volume but if only /var/spool should be a volume and not /var there was no way to do it. This commit fixed it in a way that kiwi checks if the path to the volume exists and if not it is created prior to the creation of the subvolume - fix handling of source rpms when binaries require src and nosrc version The is the case when using glibc i686 or -32bit packages ==== libldb1 ==== Version update (1.1.17 -> 1.1.18) Subpackages: libldb1-32bit - Update to 1.1.18. + fix a typo in the comment, LDB_FLAGS_MOD_xxx -> LDB_FLAG_MOD_xxx + Fix check for third_party + make the successful ldb_transaction_start() message clearer + ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory() + ldb-samba: Move pyldb-utils dependency to python_samba__ldb + build: improve detection of srcdir ==== libHX28 ==== Subpackages: libHX28-32bit - Switch to an out-of-tree build. Drop /pkg from include path. ==== libabw-0_1-1 ==== Version update (0.1.0 -> 0.1.1) - Version bump to 0.1.1: * Various small fixes - Fix source url. ==== libbluray1 ==== - Added patch libbluray-jvm_dir.patch to set the correct path to java lib because variable JAVA_HOME on openSUSE is defined as '/usr//jvm/jre' by update-alternatives. ==== libgphoto2-6 ==== Version update (2.5.5.1 -> 2.5.6) Subpackages: libgphoto2-6-32bit libgphoto2-devel - 2.5.6 release ptp2: * Nikon D3000/D3100/D3200: It hides the "good" capture opcodes from the DeviceInfo. Override and add them. If you see capture bugs, please report with debuglogfile. * "exposurecompensation" now in correct size (-3.0 <-> 3.0 usually) * Canon EOS: decode and report "focusinfo" variable that outputs the focus information of the camera. * Canon EOS: autofocusdrive=0 and cancelautofocus=1 added to cancel autofocusing, to avoid blocking the camera. * Canon EOS: "eosviewfinder" renamed to "viewfinder" * Sony SLT: Make property setting work for "iso", "exposurecompensation", "f-number", "shutterspeed" * Canon EOS: crash on 700D fixed * Nikon DSLR: race condition on object addition handled better * Nikon DSLR: make sure we make a pause a bit during polling after capture. * IDs added: Nikon: Coolpix P7800, S1, J4 Nikon: D3300, D610, D4s, D810, D750 Canon: IXUS 125HS, PowerShot Elph340HS Leica M9 * various bugfixes libgphoto2_port/usb1: * fixed a memory leak * api changed for gp_log_data to make smaller debuglogs possible ==== libgweather-3-6 ==== Version update (3.14.1 -> 3.14.2) Subpackages: libgweather-data libgweather-devel typelib-1_0-GWeather-3_0 - Update to version 3.14.2: + Fixed a crash in the location entry (bgo#739899). + Location database fixes (bgo#740932, bgo#721446). + Updated translations. ==== libvirt-python ==== Version update (1.2.10 -> 1.2.11) - Update to 1.2.11 - Add all new APIs and constants in libvirt 1.2.11 ==== meld ==== Version update (3.12.1 -> 3.12.2) Subpackages: meld-lang - Add meld-Dont-pass-git-env-vars.patch and meld-Repaint-TextView-background.patch from upstream. Fixes boo#909824. - Update to version 3.12.2: + Fix display of change action buttons and line numbers when line numbers are shown + Fix positioning of the change action buttons + Fix tab width setting not working correctly + Fix starting comparison of Subversion checkouts from a subdirectory + Fix starting Meld from a differently-named symlink + Ignore errors when copying file metadata if the destination file system doesn't support it + Automatically recompile stale in-place gschemas + Handle SIGINT to support previous quit-on-Ctrl-C behaviour + Drop patches (incorporated upstream): - meld-ignore-error-when-copying-metadata.patch - meld-fix-tab-width-handling.patch - meld-starting-from-different-name-symlink.patch - meld-SIGINT-handler.patch. ==== mercurial ==== Version update (3.2.2 -> 3.2.3) Subpackages: mercurial-lang - update to v3.2.3 * context: stop setting None for modified or added nodes * darwin: omit ignorable codepoints when normcase()ing a file path * encoding: add hfsignoreclean to clean out HFS-ignored characters * largefiles: don't actually remove largefiles in an addremove dry run * log: fix log -f slow path to actually follow history * log: fix log revset instability * manifest: disallow setting the node id of an entry to None * pathauditor: check for Windows shortname aliases * pathauditor: check for codepoints ignored on OS X * rebase: ignore negative state when updating back to original wc parent * update: add tests for untracked local file * update: don't overwrite untracked ignored files on update ==== fcitx-mozc ==== Subpackages: ibus-mozc ibus-mozc-candidate-window mozc mozc-gui-tools - Add boo906143-revert-session.patch * Fix pre-edit is not reset after focus lost (boo#906143) ==== libsnmp30 ==== Subpackages: libsnmp30-32bit net-snmp net-snmp-devel perl-SNMP snmp-mibs - also stop snmptrapd on removal ==== ntp ==== Subpackages: ntp-doc - bnc#910764: VU#852879 ntp security fixes * A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure() where updated to avoid buffer overflows that could be exploited. (CVE-2014-9295) * Furthermore a problem inside the ntpd error handling was found that is missing a return statement. This could also lead to a potentially attack vector. (CVE-2014-9296) - ntp-CVE-2014-9295.patch and ntp-CVE-2014-9296.patch will be obsoleted by the upcoming update to version 4.2.8. - fix typo in version check regarding /usr/lib/initscripts/legacy-actions to fix build for <= 13.1 ==== patterns-openSUSE-apparmor ==== Subpackages: patterns-openSUSE-apparmor_opt patterns-openSUSE-base patterns-openSUSE-books patterns-openSUSE-console patterns-openSUSE-devel_C_C++ patterns-openSUSE-devel_basis patterns-openSUSE-devel_gnome patterns-openSUSE-devel_ide patterns-openSUSE-devel_java patterns-openSUSE-devel_kde patterns-openSUSE-devel_kernel patterns-openSUSE-devel_perl patterns-openSUSE-devel_python patterns-openSUSE-devel_qt4 patterns-openSUSE-devel_rpm_build patterns-openSUSE-devel_ruby patterns-openSUSE-devel_web patterns-openSUSE-dhcp_dns_server patterns-openSUSE-directory_server patterns-openSUSE-enhanced_base patterns-openSUSE-enhanced_base_opt patterns-openSUSE-file_server patterns-openSUSE-fonts patterns-openSUSE-fonts_opt patterns-openSUSE-games patterns-openSUSE-gateway_server patterns-openSUSE-gnome patterns-openSUSE-gnome_admin patterns-openSUSE-gnome_basis patterns-openSUSE-gnome_basis_opt patterns-openSUSE-gnome_games patterns-openSUSE-gnome_ide patterns-openSUSE-gnome_imaging patterns-openSUSE-gnome_imaging_opt patterns-openSUSE-gnome_internet patterns-openSUSE-gnome_laptop patterns-openSUSE-gnome_multimedia patterns-openSUSE-gnome_multimedia_opt patterns-openSUSE-gnome_office patterns-openSUSE-gnome_office_opt patterns-openSUSE-gnome_utilities patterns-openSUSE-gnome_yast patterns-openSUSE-imaging patterns-openSUSE-imaging_opt patterns-openSUSE-kde patterns-openSUSE-kde4_admin patterns-openSUSE-kde4_basis patterns-openSUSE-kde4_edutainment patterns-openSUSE-kde4_games patterns-openSUSE-kde4_ide patterns-openSUSE-kde4_imaging patterns-openSUSE-kde4_internet patterns-openSUSE-kde4_laptop patterns-openSUSE-kde4_multimedia patterns-openSUSE-kde4_office patterns-openSUSE-kde4_utilities patterns-openSUSE-kde4_utilities_opt patterns-openSUSE-kde4_yast patterns-openSUSE-kvm_server patterns-openSUSE-lamp_server patterns-openSUSE-laptop patterns-openSUSE-lxde patterns-openSUSE-lxde_laptop patterns-openSUSE-lxde_office patterns-openSUSE-mail_server patterns-openSUSE-minimal_base patterns-openSUSE-minimal_base-conflicts patterns-openSUSE-misc_server patterns-openSUSE-multimedia patterns-openSUSE-multimedia_opt patterns-openSUSE-network_admin patterns-openSUSE-non_oss patterns-openSUSE-non_oss_opt patterns-openSUSE-office patterns-openSUSE-office_opt patterns-openSUSE-print_server patterns-openSUSE-remote_desktop patterns-openSUSE-rest_dvd patterns-openSUSE-sw_management patterns-openSUSE-sw_management_gnome patterns-openSUSE-sw_management_kde4 patterns-openSUSE-tabletpc patterns-openSUSE-technical_writing patterns-openSUSE-x11 patterns-openSUSE-x11_opt patterns-openSUSE-x11_yast patterns-openSUSE-xen_server patterns-openSUSE-xfce patterns-openSUSE-xfce_basis patterns-openSUSE-xfce_laptop patterns-openSUSE-xfce_office patterns-openSUSE-yast2_basis patterns-openSUSE-yast2_install_wf - Replace microcode_ctl with ucode-amd and ucode-intel ==== libpython2_7-1_0 ==== Subpackages: libpython2_7-1_0-32bit python-base python-devel python-xml - python-2.7.4-aarch64.patch: Remove obsolete patch - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64 ==== ruby-common ==== - fix bashisms in generate_buildrequires.sh script ==== systemd-presets-branding-openSUSE ==== - enable vmtoolsd service for VMWare by default (bnc#901272) ==== tar ==== - build with PIE ==== libtdb1 ==== Version update (1.3.1 -> 1.3.3) Subpackages: libtdb1-32bit - Update to version 1.3.3. + test: TDB_CLEAR_IF_FIRST | TDB_MUTEX_LOCKING, O_RDONLY is a valid combination - Update to version 1.3.2. + allow tdb_open_ex() with O_RDONLY of TDB_FEATURE_FLAG_MUTEX tdbs. + Fix a comment + Fix tdb_runtime_check_for_robust_mutexes() + Improve wording in a comment + tdb.h needs bool type; obsoletes include_stdbool_bso10625.patch + tdb_wrap: Make mutexes easier to use + tdb_wrap: Only pull in samba-debug + tdb_wrap: Standalone compile without includes.h + tdb_wrap: tdb_wrap.h doesn't need struct loadparm_context ==== libtiff-devel ==== Subpackages: libtiff5 libtiff5-32bit tiff - build with PIE ==== unzip ==== Subpackages: unzip-doc - build with PIE ==== virtualbox ==== Version update (4.3.18 -> 4.3.20) Subpackages: virtualbox-guest-kmp-default virtualbox-guest-kmp-desktop virtualbox-guest-tools virtualbox-guest-x11 virtualbox-host-kmp-default virtualbox-host-kmp-desktop virtualbox-qt - update to version 4.3.20: + VMM: fixed reboot hang of 32-bit Windows SMP guests (bug #13319, #13462) + VMM: proper Math Fault handling with certain legacy guests (bug #9042, AMD hosts) + VMM: fixed a Guru Meditation VINF_EM_TRIPLE_FAULT on older CPUs that don't support MSR-bitmaps (VT-x only; bugs #13034, #13125, #13311, #13425, #13426, #13463, #13585) + GUI: fix 3D overlay window re-parenting issue when VM goes to full screen mode on X11 hosts. + GUI: fix occasional loss of focus in full-screen mode on X11 host systems (4.3.16 regression) + GUI: Mac OS X: wizards should have Cancel button (bug #12541) + GUI: added a global option to prevent automatic raising of the new window by mouse move with multi-screen guests (bug #8878) + API: accept remote display port 0 as the default RDP port (bug #8534) + VBoxManage: fixed crash when executing showvminfo command under certain circumstances (bug #13190) + ACPI: fixed occasional Guru Meditations in ACPI timer code (4.3.18 regression; bug #13521) + EFI: improved performance of IDE disk access + EFI: fixed a bug in the EFI video driver which prevented Windows to boot in UEFI mode (bug #12022) + EFI: properly announce the amount of RAM for big VMs (bugs #11103 and #13211) + Storage: fixed a crash under certain circumstances when a medium was ejected from a drive attached to the SATA controller without inserting a new medium before pausing or closing the VM (4.3.16 regression) + Storage: fixed an interrupt acknowledge issue causing hanging guests or slower I/O (4.3.18 regression) + Storage: fixed broken resume after the VM was suspended due to a full disk if host I/O caching is used + Storage: fixed a Guru Meditation under certain conditions when using the DevLsiLogic controller with VMs running in raw mode (4.3 regression; bugs #12254, #12655, #12709, #12774, #12886) + Guest Control: fixed a bug which might lead to a crash during recursive copy + SDK: Java COM bindings fixes + iPXE: enable the HTTP download protocol (bug #13628) + Runtime: do not use a fixed stack size creating temporary threads during initialization (bug #13038) + Windows hosts: fixed more startup problems on certain Windows hosts due to conflicts with anti-virus software; better error reporting (4.3.14 regression; bug #13187) + Windows hosts: fixed DirectSound host audio failure under certain conditions (bug #13418) + Windows hosts: fixed additional cases of 4.3.14 regression whereby AltGr stopped working for some people (bug #13216) + Windows Additions: preserve guest monitor layout when resizing Windows 7 or newer guests + Linux Additions: Linux 3.18 compile fixes (bug #13515) - download the Manual directly without rename ==== w3m ==== - build with PIE support ==== xdg-menu ==== - On openSUSE > 13.2, xterm has been split into xterm-bin for the program and xterm for the app launcher. We only need the program, so conditionall Require xterm-bin. ==== xdm ==== - On openSUSE > 13.2, xterm has been split into xterm-bin for the program and xterm for the app launcher. We only need the program, so conditionall Require xterm-bin. ==== xfce4-panel-plugin-cpufreq ==== Version update (1.1.0 -> 1.1.1) Subpackages: xfce4-panel-plugin-cpufreq-lang - update to version 1.1.1 - fix panel resizing caused by freq format function (bxo#10385) - various other widget layout fixes and simplifications - fix missing return type of cpufreq_show_about (bxo#10343) - fix typo in panel-plugin/Makefile.am (bxo#10332) - various other fixes to the build system - many translation updates - remove obsolete xfce4-panel-plugin-cpufreq-fix-missing-return-type.patch ==== xfce4-panel-plugin-eyes ==== Version update (4.4.2 -> 4.4.3) Subpackages: xfce4-panel-plugin-eyes-lang - update to version 4.4.3 - fixes for the build system - translation updates ==== xfce4-panel-plugin-weather ==== Version update (0.8.4 -> 0.8.5) Subpackages: xfce4-panel-plugin-weather-lang - update to version 0.8.5 - translation updates ==== xfce4-taskmanager ==== Version update (1.0.1 -> 1.1.0) Subpackages: xfce4-taskmanager-lang - update to version 1.1.0 - stop using lots of deprecated Gtk2 API - add a process treeview mode - general UI/graph overhaul - various crash & correctness fixes on the bsd backend - add a searchbox to filter on process names (bxo#9856) - make Escape key close the main window (bxo#11343) - fix window settings not properly saved (bxo#10670) - fix build issue on FreeBSD 9.0 (bxo#8081) - fix the refresh rate menu - default the focus on the process list instead of the exec button (bxo#10643) - add an option to show memory/swap usage as bytes instead of % (bxo#6503) - add unique app behaviour (bxo#8808) - default to close the window instead of hiding in systray (bxo#10941) - fix type causing high cpu usage on ARM (bxo#10417) - tons of translation updates ==== xinit ==== - On openSUSE > 13.2, xterm has been split into xterm-bin for the program and xterm for the app launcher. We only need the program, so conditionall Require xterm-bin. ==== xterm ==== Subpackages: xterm-bin - Remove xorg-x11 and xorg-x11-devel BuildRequires: there is no need, and it causes that xterm requires itself to build through indirect requires (xdm, xinit). - Own the directory %{xappdefs}. ==== liblzma5 ==== Subpackages: liblzma5-32bit xz xz-devel - build with PIE support. - Build XZ with full RELRO. ==== yast2-drbd ==== Version update (3.1.10 -> 3.1.11) - BNC#900818. Corresponding change of modification of drbd-utils. - drbd kernel module default installed in kernel, package drbd also be replaced by package drbd-utils. - This change should co-work with the first drbd-utils version. - Version 3.1.11 ==== yast2-network ==== Version update (3.1.111 -> 3.1.112) - Removed a bash specific post script with a workaround for an ancient bug (bnc#39842). - 3.1.112 ==== yast2-services-manager ==== - AutoYaST: Moved code from autoyast2 package to import function of services_manager_target. (bnc#909745) ==== zoo ==== - build with PIE support. stack-protector is now default - zoo.patch: also include utime.h and unistd.h for some more prototypes to fix implicit warnings Removed packages: bundle-lang-common-fi Added packages: bundle-lang-common-ko ucode-amd ucode-intel