Changed packages: ==== Mesa ==== Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2 - Fix file permissions for the Gallium Nine files - specfile/baselibs.conf: Manually provide d3d library (bnc#918294) ==== MozillaFirefox ==== Version update (35.0 -> 36.0) Subpackages: MozillaFirefox-translations-common - update to Firefox 36.0 (bnc#917597) * mozilla-xremote-client was removed * added libclearkey.so media plugin * Pinned tiles on the new tab page can be synced * Support for the full HTTP/2 protocol. HTTP/2 enables a faster, more scalable, and more responsive web. * Locale added: Uzbek (uz) security fixes: * MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 Miscellaneous memory safety hazards * MFSA 2015-12/CVE-2015-0833 (bmo#945192) Invoking Mozilla updater will load locally stored DLL files (Windows only) * MFSA 2015-13/CVE-2015-0832 (bmo#1065909) Appended period to hostnames can bypass HPKP and HSTS protections * MFSA 2015-14/CVE-2015-0830 (bmo#1110488) Malicious WebGL content crash when writing strings * MFSA 2015-15/CVE-2015-0834 (bmo#1098314) TLS TURN and STUN connections silently fail to simple TCP connections * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) Use-after-free in IndexedDB * MFSA 2015-17/CVE-2015-0829 (bmo#1128939) Buffer overflow in libstagefright during MP4 video playback * MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675) Double-free when using non-default memory allocators with a zero-length XHR * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) Out-of-bounds read and write while rendering SVG content * MFSA 2015-20/CVE-2015-0826 (bmo#1092363) Buffer overflow during CSS restyling * MFSA 2015-21/CVE-2015-0825 (bmo#1092370) Buffer underflow during MP3 playback * MFSA 2015-22/CVE-2015-0824 (bmo#1095925) Crash using DrawTarget in Cairo graphics library * MFSA 2015-23/CVE-2015-0823 (bmo#1098497) Use-after-free in Developer Console date with OpenType Sanitiser * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) Reading of local files through manipulation of form autocomplete * MFSA 2015-25/CVE-2015-0821 (bmo#1111960) Local files or privileged URLs in pages can be opened into new tabs * MFSA 2015-26/CVE-2015-0819 (bmo#1079554) UI Tour whitelisted sites in background tab can spoof foreground tabs * MFSA 2015-27CVE-2015-0820 (bmo#1125398) Caja Compiler JavaScript sandbox bypass - rebased patches - requires NSS 3.17.4 - update to Firefox 35.0.1 * With the Enhanced Steam extension, Firefox could crash (bmo#1123732) * Kerberos authentication did not work with alias (bmo#1108971) * SVG / CSS animation had a regression causing rendering issues on websites like openstreemap.org (bmo#1083079) * On Godaddy webmail, Firefox could crash (bmo#1113121) * document.baseURI did not get updated to document.location after base tag was removed from DOM for site with a CSP (bmo#1121857) * With a Right-to-left (RTL) version of Firefox, the text selection could be broken (bmo#1104036) * CSP had a change in behavior with regard to case sensitivity resources loading (bmo#1122445) ==== MozillaThunderbird ==== Version update (31.4.0 -> 31.5.0) Subpackages: MozillaThunderbird-translations-common - update to Thunderbird 31.5.0 (bnc#917597) * MFSA 2015-11/CVE-2015-0836 Miscellaneous memory safety hazards * MFSA 2015-12/CVE-2015-0833 (bmo#945192) Invoking Mozilla updater will load locally stored DLL files (Windows only) * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) Use-after-free in IndexedDB * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) Out-of-bounds read and write while rendering SVG content * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) Reading of local files through manipulation of form autocomplete ==== aaa_base ==== Version update (13.2+git20150126.090294e -> 13.2+git20150211.c745414) Subpackages: aaa_base-extras - Correct the boolean in /etc/profile.d/lang.sh - Even if GDM has done language setup the personal ~/.i18n should be sourced (boo#567324) ==== abiword ==== Subpackages: libabiword-3_0 - Drop loudmouth-devel BuildRequires: loudmouth is dead upstream and not worth to be maintained. ==== argyllcms ==== - Use -std=gnu89 for building to not run into broken __declspec uses with the GCC 5 default of -std=gnu99. - allow building with udev-mini by using pkgconfig(udev) - do not rpm -q udev ==== bison ==== Version update (3.0.3 -> 3.0.4) Subpackages: bison-lang - Add gpg signature - Update to 3.0.4: * Fix a compiler warning when no %destructor use $$. * Several portability issues in tests were fixed. ==== boost-devel ==== Subpackages: boost-license1_56_0 libboost_atomic1_56_0 libboost_chrono1_56_0 libboost_container1_56_0 libboost_context1_56_0 libboost_coroutine1_56_0 libboost_date_time1_56_0 libboost_filesystem1_56_0 libboost_graph1_56_0 libboost_graph_parallel1_56_0 libboost_iostreams1_56_0 libboost_locale1_56_0 libboost_log1_56_0 libboost_math1_56_0 libboost_mpi1_56_0 libboost_program_options1_56_0 libboost_python1_56_0 libboost_random1_56_0 libboost_regex1_56_0 libboost_serialization1_56_0 libboost_signals1_56_0 libboost_system1_56_0 libboost_test1_56_0 libboost_thread1_56_0 libboost_timer1_56_0 libboost_wave1_56_0 - Use $RPM_OPT_FLAGS for building, force use of the GCC toolset. Be more verbose and fail building with the first error. - Add boost-gcc5.patch to use -std=c++11 when building the coroutines module which fixes build with GCC 5. ==== choqok ==== Version update (1.4 -> 1.5) - Update to 1.5: * Yourls plugin fixed. (by Benjamin Marwell) [BUG:265219] * Pump.io plugin added. (by Andrea Scarpino) [BUG:319348] * Preview of images posted via Twitter.com added. (by Daniel Kreuter) [BUG:299433] * Option to disable system tray. (by Andrea Scarpino) [BUG:241152] * Twitter friend list update fixed. [BUG:325071] * Add "Report User" to User menu Actions (by Ahmed I. Khalil) * Get custom char limit for the Status.net accounts. (by Andrea Scarpino) [BUG:283298] * Goo.gl shortner plugin fixed. (by Andrea Scarpino) [BUG:338917] * New plugin for expanding tiny URLs. (by Andrea Scarpino) [BUG:294600] * KDE Telepathy support in IMStatus Plugin (by Ahmed I. Khalil) [BUG:301702] * Broken shortening plugins removed - removed patches that have been integrated upstream * choqok-1.4-twitter-favorities-fix.patch * choqok-1.4-plugin-yourls-fix.patch - added libattical devel to the BuildRequires ==== cim-schema ==== Version update (2.42.0 -> 2.43.0) - Upgrade to version 2.43.0 http://dmtf.org/sites/default/files/cim/cim_schema_v2430/releasenotes.html ==== ddd ==== - Add ddd-texinfo-5.0.patch: Fix HTML generation with texinfo 5.0. ==== dmidecode ==== - dmidecode.keyring was empty, reference the savannah keyring. but the tarball is signed by someone unknown without gpg signatures, so no keyring for now. - Cleanup spec file with spec-cleaner - Add gpg signature ==== docbook-xsl-stylesheets ==== - Slightly adapted %post and %postun section to fix bsc#918565 ==== fcitx ==== Subpackages: fcitx-branding-openSUSE fcitx-gtk2 fcitx-gtk3 fcitx-pinyin fcitx-qt4 fcitx-table libfcitx-4_2_8 - update version of opencc to 1.0.2 ==== gdbm-devel ==== Subpackages: libgdbm4 libgdbm4-32bit - Clenup spec file with spec-cleaner - Update project and download url - Add gpg signature - Enable checks ==== gnome-dictionary ==== Subpackages: libgdict-1_0-6 - Added support for translation-update-upstream. ==== gtk2-data ==== Version update (2.24.25 -> 2.24.26) Subpackages: gtk2-devel gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-vietnamese gtk2-immodule-xim gtk2-tools gtk2-tools-32bit libgtk-2_0-0 libgtk-2_0-0-32bit typelib-1_0-Gtk-2_0 - Update to version 2.24.26: + gailbutton: Avoid a possible NULL dereference. + label: Avoid a possible NULL dereference. + Bugs fixed: bgo#635380, bgo#738837, bgo#741060, bgo#741959, bgo#743544, bgo#743917. - Drop gtk2-allow-deprecated-gdk-pixbuf-API.patch, gtk2-gdk_window_begin_paint_region.patch and gtk2-Do-not-leak-a-cairo-region.patch: fixed upstream. ==== indent ==== - Replace texinfo BuildRequires with makeinfo and texi2html: only those parts are needed. - Add indent-texi2html-5.0.patch: Fix build with texi2html 5.0 (note: patches Makeinfo.in in order to not depend on libtool) - Move install_info_delete from postun to preun. - Use url for source - Add gpg signature - Cleanup spec file with spec cleaner - Remove useless configure option --with-pic ==== kiwi ==== Version update (7.02.26 -> 7.02.27) Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools - v7.02.27 released - Fixed critic for KIWIMiniIsoPlugin.pm - Fixed critic for KIWIDescrPlugin.pm - Fixed potential link attack security issue kiwi statically creates a tmp executable in /dev/shm. Apart from the fact that it's the wrong place in the filesystem to do this kiwi should use a correctly created tmpfile. This Fixes #444 - Fixed zero block analyser If all free blocks in a filesystem contain a zero the compression result of the later image is better compared to if there is any random junk in it. In order to have all free blocks set to a zero byte kiwi used the dd + rm method which had the disadvantage of destroying the sparseness of the image file. Because of that the method was applied only if the image was built from a real disk device which did not allow us to strip away a sparse image from anyways. However this is not very flexible because: 1. In most cases an image is built from a loop device mapped against a sparse file. Thus the method is not called most of the time 2. With filesystems using more complex internal structures like xfs btrfs, zfs and friends there is not much difference in the compression results, but the time to create a huge empty file which is removed later is signifcantly recognized Thus this change deletes the old way of zero out free blocks and uses a tool to do the job for us. For extX based filesystems the zerofree utility exists and is used if installed. For other filesystems I'm not aware of a tool and thus we don't handle them at the moment. If there is tool available kiwi print a warning message - DB: rebuild documentation - DB: added chapter how to create vagrant boxes - Revert archives to consistent state Following three files were probably corrupted by f69d1d7bc3104f9e221abf8fc5efdf94ee0eb8b1 template/armv7l/suse-12.3-JeOS/uboot-setup.tgz tools/livestick/theme/upstream/booting.tgz tools/livestick/theme/upstream/tooling.tgz - pass repo url for NET iso via linuxrc (bnc#916175) - check user_name is defined when checking file tree It is possible to have files that should be owned by root which are owned by a non-existing user, meaning the uid has no corresponding username. When this happens, the check used to give the error "Use of uninitialized value $user_name in concatenation (.) or string at /usr/share/kiwi/modules/KIWIRuntimeChecker.pm line 1558." Thus we need to check whether the user exists. ==== lensfun-data ==== Version update (0.2.8 -> 0.3.0) Subpackages: lensfun-devel lensfun-doc liblensfun0 - update to version 0.3.0 * Streamlined the names of Nikkor, Tamron, Tokina, Panasonic, Leica, Olympus, Sony, and Sigma lenses so that auto-detection works better * Fixed names of Sony Coolpix cameras * Comprehensive update of Lensfun's documentation * Lens lists may now be sorted by focal length * The tag is now mandatory for and in the database files * Increased accuracy because APS-C is not anymore assumed to have the crop factor 1.5 (non-Canon) or 1.6 (Canon), but the accurate crop factor of the respective camera * Added command line tool "update-lensfun-data" for updating the database * Added command line tool "lensfun-add-adapter" for managing mount compatibilities * Removed compatibility of Four Third on Micro Four Third * Removed compatibility of Sony Alpha on Sony E * Many bugfixes, especially for the case if sensor sizes of calibration and image to-be-corrected are different * MaxAperture is now the maximal f-stop number one can set on the given lens * Removed non-working implementation of CCI * Made primary keys of the database tables explicit and documented * Replaced field-of-view data with real-focal-length data; marked the FOV API deprecated * Higher accuracy for fisheye <--> rectinilear transformation for lenses with real focal length data * The field-of-view distortion model (FOV1) was removed because it is inherently flawed * Simplified method for finding the database directories; see documentation * Removed old non-CMake build system * Added new cameras New interchangeable lenses: * Canon EF-S 15-85mm f/3.5-5.6 IS USM * Canon EF 16-35mm f/2.8L II USM * Canon EF-S 18-55mm f/3.5-5.6 IS * Canon EF-M 18-55mm f/3.5-5.6 IS STM * Canon EF-S 18-135mm f/3.5-5.6 IS STM * Canon EF-S 18-200mm f/3.5-5.6 IS * Canon EF-M 22mm f/2 STM * Canon EF 24-70mm f/2.8L II USM * Canon EF 28-80mm f/3.5-5.6 USM IV * Canon EF 50mm f/1.8 MkII * Canon EF 50-200mm f/3.5-4.5L * Canon EF-S 55-250mm f/4-5.6 IS * Canon EF 70-300mm f/4-5.6L IS USM * Cosina Cosinon-S 50mm 1:2 * KMZ MC MTO 11CA mirror tele * Leica DG Macro-Elmarit 45mm f/2.8 * Mitakon wide MC f=24mm 1:2.8 * 1 Nikkor AW 11-27.5mm f/3.5-5.6 * Nikkor AI-S 6mm f/2.8 Fisheye * Nikkor AF-S 18-140mm f/3.5-5.6G DX ED VR * Nikkor AF-S 18-200mm f/3.5-5.6G DX VR IF-ED * Nikkor AF-S 24-85 mm f/3.5-4.5G ED VR * Nikkor AI-S 50mm f/1.2 * Nikkor AF-S 50mm f/1.8G * Nikkor AF-S 55-300mm f/4.5-5.6G DX ED VR * Nikkor AF-S 70-200mm f/4G VR IF-ED * Nikkor AF-S 70-300mm f/4.5-5.6G VR IF-ED * Nikkor AF-S VR 105mm f/2.8G IF-ED * Nikkor AF-S 600mm f/4G ED VR * Nikkor AF-S 800mm f/5.6E FL ED VR * Fujian 35mm f/1.7 * Fujifilm XC 16-50mm f/3.5-5.6 OIS * Fujifilm XF 18mm f/2 R * Fujifilm XF 18-55mm f/2.8-4 R LM OIS * Fujifilm XF 27mm f/2.8 * Fujifilm XF 35mm f/1.4 R * Fujifilm XC 50-230mm f/4.5-6.7 OIS * Fujifilm XF 55-200mm f/3.5-4.8 R LM OIS * Olympus M.9-18mm f/4.0-5.6 * Olympus Zuiko Digital ED 12-60mm f/2.8-4.0 SWD * Olympus M.Zuiko Digital 25mm f/1.8 * Olympus M.40-150mm f/4.0-5.6 R * Olympus M.Zuiko Digital ED 75mm f/1.8 * Olympus M.Zuiko Digital 75-300mm f/4.8-6.7 II * Panasonic Lumix G Vario 7-14mm f/4.0 * Panasonic Lumix G Vario 12-35mm f/2.8 * Panasonic Lumix G Vario 14-42mm f/3.5-5.6 II * Panasonic Lumix G Vario 14-45mm f/3.5-5.6 Asph. Mega OIS * Panasonic Lumix G 20mm f/1.7 II * Panasonic Lumix G Vario 35-100mm f/2.8 * Panasonic Lumix G Vario 45-150mm f/4.0-5.6 * Panasonic Lumix G Vario PZ 45-175mm f/4.0-5.6 * Pentacon 50mm f/1.8 auto multi coating * Pentax-DA Fish-Eye 10-17mm f/3.5-4.5 ED IF * Pentax-FA 28mm f/2.8 AL * Pentax-M 28mm 1:3.5 * Pentax-FA 31mm F1.8 AL Limited * Pentax-M 35mm 1:2 * Pentax-A 50mm f/1.7 * Pentax-DA L 55-300mm f/4-5.8 ED * Ricoh XR Rikenon 1:1.4 50mm * Samyang 8mm f/3.5 Fish-Eye CS * Samyang T-S 24mm f/3.5 ED AS UMC * Samsung NX 16-50mm f/3.5-5.6 PZ ED OIS * Samsung Zoom 18-55mm f/3.5-5.6 OIS * Samsung NX 20mm f/2.8 Pancake * Samsung NX 45mm f/1.8 2D/3D * Samyang 12mm f/2.0 NCS CS * Samyang 35mm f/1.4 AS UMC * Samyang 50mm f/1.4 AS UMC (APS-C only) * Sigma 10mm f/2.8 EX DC Fisheye HSM * Sigma 18-35mm f/1.8 DC HSM * Sigma 18-250mm f/3.5-6.3 DC OS MACRO HSM * Sigma 24-70mm f/2.8 IF EX DG HSM * Sigma 24-105mm f/4.0 DG OS HSM [A] * Sigma 17-70mm f/2.8-4 DC Macro OS HSM * Sigma 19mm f/2.8 DN * Sigma 19mm f/2.8 EX DN * Sigma 30mm f/2.8 EX DN * Sigma 50mm f/1.4 DG HSM [A] * Sigma 50-150mm f/2.8 APO EX DC HSM II * Sigma 60mm f/2.8 DN * Sigma 70-200mm f/2.8 EX DG APO OS HSM * Sigma 70-200mm f/2.8 EX DG Macro HSM II * Sigma 80-400mm f/4.5-5.6 EX DG OS * Sigma 100-300mm f/4 APO EX DG HSM * Sigma 105mm f/2.8 EX DG OS HSM Macro * Sigma 180mm f/2.8 EX DG OS HSM APO Macro * Sigma 180mm f/5.6 APO Macro * Sony E 10-18mm f/4 OSS * Sony E 16-70mm f/4 ZA OSS * Sony E PZ 18-105mm f/4 G OSS * Sony DT 18-135mm f/3.5-5.6 SAM * Sony AF DT 35mm f/1.8 SAM * Sony AF DT 50mm f/1.8 SAM * Sony DT 55-300mm f/4.5-5.6 SAM * Tamron SP AF 11-18mm f/4.5-5.6 Di-II LD Aspherical (IF) * Tamron 16-300mm f/3.5-6.3 Di II VC PZD * Tamron 18-200mm f/3.5-6.3 XR Di II LD * Tokina AF 12-28mm f/4 AT-X Pro DX * Tokina AF 16-28mm f/2.8 AT-X Pro SD FX * Tokina 500mm f/8 RMC Mirror Lens * Vivitar 100mm f/3.5 AF Macro * Carl Zeiss Distagon T* 2,8/21 ZE * Carl Zeiss Distagon T* 2,8/21 ZF.2 * Zeiss E 32mm f/1.8 New compact cameras: * Canon PowerShot A640 * Canon PowerShot A720 * Canon PowerShot IXUS 70 * Canon PowerShot S90 * Canon PowerShot S120 * Canon PowerShot SX220 HS * Canon PowerShot SX230 HS * Canon PowerShot SX260 HS * Fujifilm FinePix F770EXR * Fujifilm FinePix HS20EXR * Fujifilm FineFix S5600 * Fujifilm X20 * GoPro Hero HD2 * Kodak CX6330 * Nikon Coolpix S3300 * Nokia Lumia 1020 * Olympus Stylus 1 * Panasonic Lumix DMC-LX7 * Panasonic Lumix DMC-FZ200 * Sony DSC-HX300 * Sony RX100 II * Sony RX100 III Additional/updated data for: * Canon EF-S 18-55mm f/3.5-5.6 IS II * Canon EF 24-70mm f/2.8L II USM * Canon EF 24-105mm f/4L IS USM * Canon EF 50mm f/1.8 MkII * Canon EF 50-200mm f/3.5-4.5L * Canon EF 70-200mm f/2.8L IS II USM * Canon EF 70-200mm f/4L IS USM * Canon EF 85mm f/1.8 USM * Canon EF 100mm f/2.8L Macro IS USM * Nikkor AF-S 10-24mm f/3.5-4.5G DX ED * Nikkor AF-S 16-85mm f/3.5-5.6G DX ED VR * Nikkor AF-S 18-55mm f/3.5-5.6G DX VR * Nikkor AF-S 18-105mm f/3.5-5.6G DX ED VR * Nikkor AF-S 18-200mm f/3.5-5.6G DX VR IF-ED II * Nikkor AF 20mm f/2.8D * Nikkor AF-S 35mm f/1.8G DX * Nikkor AF-S 50mm f/1.4G * Nikkor AF-S 55-300mm f/4.5-5.6G DX ED VR * Olympus M.Zuiko Digital ED 14-42mm f/3.5-5.6 L * Olympus M.Zuiko Digital 17mm f/1.8 * Panasonic Lumix G Vario 45-200mm f/4.0-5.6 Mega OIS * Pentax 01 Standard Prime 8.5 mm f/1.9 AL [IF] * Pentax-DA* 16-50mm f/2.8 ED AL IF SDM * Pentax-DA* 50-135mm f/2.8 ED IF SDM * Pentax-D FA Macro 100mm f/2.8 WR * Samyang 8mm f/2.8 Fisheye * Sigma 8-16mm F4.5-5.6 DC HSM * Sigma 10-20mm f/3.5 EX DC HSM * Sigma 10-20mm f/4-5.6 EX DC HSM * Sigma 15-30mm f/3.5-4.5 EX DG Aspherical * Sigma 30mm f/1.4 EX DC HSM * Sigma 35mm f/1.4 DG HSM * Sigma 50mm f/1.4 EX DG HSM * Sigma 70-200mm f/2.8 EX DG Macro HSM II * Sigma 150mm f/2.8 EX DG APO HSM Macro * Sony RX100 * Sony DT 18-55mm f/3.5-5.6 SAM * Sony E 20mm f/2.8 * Sony AF DT 55-200mm f/4-5.6 SAM * Panasonic Lumix G Vario 14-42 f/3.5-5.6 II * Panasonic Lumix G X Vario PZ 14-42 f/3.5-5.6 * Tamron SP AF 17-50mm f/2.8 ==== libdrm-devel ==== Subpackages: libdrm2 libdrm2-32bit libdrm_intel1 libdrm_intel1-32bit libdrm_nouveau2 libdrm_nouveau2-32bit libdrm_radeon1 libdrm_radeon1-32bit libkms1 - Fix include directories - Add subpackage libdrm_tegra0 for Nvidia Tegra chips ==== libevent-2_0-5 ==== Version update (2.0.21 -> 2.0.22) - update to 2.0.22: * Avoid integer overflow bugs in evbuffer_add() and related functions. See CVE-2014-6272 advisory for more information * fix #73 and fix http_connection_fail_test to catch it * Avoid racy bufferevent activation * Fix compilation with WIN32_HAVE_CONDITION_VARIABLES enabled * Fix missing AC_PROG_SED on older Autoconfs * Backport libevent to vanilla Autoconf 2.59 (as used in RHEL5) * Use AC_CONFIG_HEADERS in place of AM_CONFIG_HEADERS for autmake 1.13 compat * Rename configure.in to configure.ac to appease newer autoconfs * Avoid using top_srcdir in TESTS: new automakes do not like this * Use windows vsnprintf fixup logic on all windows environments * Fix a compiler warning when checking for arc4random_buf linker breakage * Fix another arc4random_buf-related warning * Add -Qunused-arguments for clang on macos * Avoid leaking fds on evconnlistener with no callback set * Avoid double-close on getsockname error in evutil_ersatz_socketpair * Fix a locking error in bufferevent_socket_get_dns_error * libevent/win32_dealloc() : fix sizeof(pointer) vs sizeof(*pointer) * bufferevent_pair: don't call downcast(NULL) * Consistently check for failure from evbuffer_pullup() * Fix race caused by event_active * Avoid redundant invocations of init_extension_functions for IOCP * Typo fixes from Linus Nordberg * Add a few files created by "make verify" to .gitignore * regress_buffer: fix 'memcmp' compare size * Fix bufferevent setwatermark suspend_read * Fix evbuffer_peek() with len==-1 and start_at non-NULL * Checking request nameserver for NULL, before using it * Fix SEGFAULT after evdns_base_resume if no nameservers installed * Fix a crash in evdns related to shutting down evdns * Check does arch have the epoll_create and __NR_epoll_wait syscalls * Avoid other RNG initialization FS reads when urandom file is specified * When we seed from /proc/sys/kernel/random/uuid, count it as success * Document that arc4random is not a great cryptographic PRNG * Add evutil_secure_rng_set_urandom_device_file * Really remove RNG seeds from the stack * Fix a mistake in evbuffer_remove() arguments in example http server code * Fix a typo in a comment in buffer.h * Clarify event_base_loop exit conditions * Use FindClose for handle from FindFirstFile in http-server.c * Fix a typo in a doxygen comment - update source URL ==== libgusb2 ==== Version update (0.2.3 -> 0.2.4) - Update to version 0.2.4: + Various API extensions. + Bugfixes: - Don't filter out hub devices when getting the device list. - Make the platform ID persistent across re-plug. - Port to GTask. - Use new Glib features for various code cleanups. ==== libqt4 ==== Subpackages: libqt4-32bit libqt4-devel libqt4-linguist libqt4-qt3support libqt4-qt3support-32bit libqt4-sql libqt4-sql-32bit libqt4-sql-sqlite libqt4-sql-sqlite-32bit libqt4-x11 libqt4-x11-32bit - Added fix-detection-of-GCC5.patch ==== libqt4-sql-mysql ==== Subpackages: libqt4-sql-mysql-32bit libqt4-sql-postgresql libqt4-sql-postgresql-32bit libqt4-sql-unixODBC libqt4-sql-unixODBC-32bit - Added fix-detection-of-GCC5.patch ==== libsamplerate-devel ==== Subpackages: libsamplerate0 - Avoid running configure twice and using -fprofile-generate or - fprofile-use for compiling configure tests when profiling. ==== libspnav0 ==== Version update (0.2.2 -> 0.2.3) - Update to version 0.2.3 * No changelog available - Add libspnav-0.2.3-lib_links.patch; fix libraries link against $BUILDROOT ==== libvpx1 ==== Subpackages: libvpx1-32bit - Add baselibs.conf as source - Build with -std=gnu89 to deal with GCC 5 defaulting to -std=gnu11 and the C11 stddef.h providing a max_align_t that conflicts with the one provided by nestegg/halloc/src/align.h. ==== libzio1 ==== Version update (1.00 -> 1.02) - Update to version 1.02 * Fixed version: handle fseek() correct for bzip2 and lzma/xz - Spec file cleanup - Remove libzio-1.00.dif; fixed on upstream release ==== libzypp ==== Version update (14.34.0 -> 14.36.0) - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Don't execute scripts in /tmp or /var/tmp, as they could be mounted noexec for security reasons (bnc#915928) - zypp/PublicKey.cc: Use GPG_BINARY from KeyRing - Support $releasever_major/$releasever_minor repo variables (FATE#318354) - version 14.36.0 (30) - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - PathInfo: Deprecate major/minor in favor of new devMajor/devMinor. The old names clash with GNU libc macros. - version 14.35.0 (30) - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 ==== man-pages ==== Version update (3.79 -> 3.80) - update to 3.80: - new and rewritten pages * ioctl_fat.2, madvise.2 - newly documented interfaces in existing pages * proc.5 (Briefly) document /proc/PID/attr/socketcreate (Briefly) document /proc/PID/attr/keycreate Document /proc/PID/attr/{current,exec,fscreate,prev} Document /proc/sys/kernel/auto_msgmni * socket.7 Document SO_REUSEPORT socket option ==== nasm ==== Version update (2.10.09 -> 2.11.08) - Build doc package as noarch - Use fdupes to remove duplicates - Update to 2.11.08 * Fix section length computation in bin backend which leaded in incorrect relocation records. * Add a warning for numeric preprocessor definitions passed via command line which might have unexpected results otherwise. * Add ability to specify a module name record in rdoff linker with -mn option. * Increase label length capacity up to 256 bytes in rdoff backend for FreePascal sake, which tends to generate very long labels for procedures. * Fix segmentation failure when rip addressing is used in macho64 backend. * Fix access on out of memory when handling strings with a single grave. We have sixed similar problem in previous release but not all cases were covered. * Fix NULL dereference in disassembled on BND instruction. - Changes for 2.11.07 * Fix 256 bit VMOVNTPS instruction. * Fix -MD option handling, which was rather broken in previous release changing command line api. * Fix access to unitialized space when handling strings with a single grave. * Fix nil dereference in handling memory reference parsing. - Cleanup spec file with spec-cleaner - Update project url - Switch to .xz source - Update to 2.11.06: * Add support for the Intel AVX-512 instruction set: * 16 new, 512-bit SIMD registers. Total 32 (ZMM0 ~ ZMM31) * 8 new opmask registers (K0 ~ K7). One of 7 registers (K1 ~ K7) can be used as an opmask for conditional execution. * A new EVEX encoding prefix. EVEX is based on VEX and provides more capabilities: opmasks, broadcasting, embedded rounding and compressed displacements. * Add support for ZWORD (512 bits), DZ and RESZ. * Add support for the MPX and SHA instruction sets. * Better handling of section redefinition. * Generate manpages when running 'make dist'. * Handle all token chains in mmacro params range. * Support split [base,index] effective address: * for more details see http://www.nasm.us/doc/nasmdocc.html ==== libncurses5 ==== Subpackages: libncurses5-32bit libncurses6 ncurses-devel ncurses-utils tack terminfo terminfo-base - Add ncurses patch 20150214 + regenerate html manpages using improved man2html from work on xterm. + regenerated ".map" and ".sym" files using improved script, accounting for the "--enable-weak-symbols" configure option (report by Werner Fink). ==== libnuma1 ==== Subpackages: numactl - package fails to build with PIE globally enabled, due to error: inconsistent operand constraints in an 'asm'. Turns out there is a GCC builtin for doing the operation cleanly. (numactl-clearcache-pie.patch) ==== obs-service-source_validator ==== - fix 20-files-present-and-referenced for ocaml macro ==== openmpi-libs ==== - Disable Fortran 2008 module and remove mpi_ext.mod which get built automatically when using GCC 5. ==== openvpn ==== - Fixed to use correct sha digest data length (boo#914166) ==== par ==== - Correct source url - Cleanup spec file with spec-clener - Use url for source ==== apache2-mod_php5 ==== Version update (5.6.5 -> 5.6.6) Subpackages: php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd php5-gettext php5-gmp php5-iconv php5-imap php5-json php5-ldap php5-mbstring php5-mcrypt php5-mysql php5-odbc php5-openssl php5-pdo php5-pear php5-pgsql php5-shmop php5-snmp php5-sockets php5-sqlite php5-suhosin php5-sysvsem php5-sysvshm php5-tidy php5-tokenizer php5-wddx php5-xmlreader php5-xmlwriter php5-xsl php5-zip php5-zlib - update to 5.6.6: fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. ==== python-CherryPy ==== Version update (3.3.0 -> 3.6.0) - update to version 3.6.0: * Fixed HTTP range headers for negative length larger than content size * Disabled universal wheel generation as wsgiserver has Python duality * Pull Request #42: Correct TypeError in ``check_auth`` when encrypt is used * Pull Request #59: Correct signature of HandlerWrapperTool * Pull Request #60: Fix error in SessionAuth where login_screen was incorrectly used * Issue #1077: Support keyword-only arguments in dispatchers (Python 3) * Issue #1019: Allow logging host name in the access log * Pull Request #50: Fixed race condition in session cleanup - changes from version 3.5.0: * Issue #1301: When the incoming queue is full, now reject additional connections. This functionality was added to CherryPy 3.0, but unintentionally lost in 3.1 - changes from version 3.4.0: * Miscellaneous quality improvements - remove CFLAGS export - use update-alternatives for cherryd binary ==== python-paramiko ==== Version update (1.15.1 -> 1.15.2) - update to version 1.15.2: * [Bug] #320: Update our win_pageant module to be Python 3 compatible * [Bug] #429: Server-level debug message logging was overlooked during the Python 3 compatibility update; Python 3 clients attempting to log SSH debug packets encountered type errors. This is now fixed * [Bug] #459: Tighten up agent connection closure behavior to avoid spurious ResourceWarning display in some situations * [Bug] #266: Change numbering of Transport channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels * [Support] #419: Modernize a bunch of the codebase internals to leverage decorators. Props to @beckjake for realizing we?re no longer on Python 2.2 :D * [Support] #421: Modernize threading calls to user newer API * [Support] #422: Clean up some unused imports * [Support] #431: Replace handrolled ssh_config parsing code with use of the shlex module * [Bug] #415: Fix ssh_config parsing to correctly interpret ProxyCommand none as the lack of a proxy command, instead of as a literal command string of "none" * [Bug] #428: Fix an issue in BufferedFile (primarily used in the SFTP modules) concerning incorrect behavior by readlines on files whose size exceeds the buffer size * [Bug] #455: Tweak packet size handling to conform better to the OpenSSH RFCs; this helps address issues with interactive program cursors * [Bug] #413: (also #414, #420, #454) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid unnecessary (often 100%!) CPU usage ==== quilt ==== Version update (0.63 -> 0.64) Translation fixes: - translation-fixes-01.patch: Make gettext happy (needed so that following patches apply cleanly.) - translation-fixes-02.patch: Missing escape in Japanese translation. - translation-fixes-03.patch: Improve the German translation (including a number of important fixes.) - translation-fixes-04.patch: Fix translation of main usage message (all languages.) Fixes to the "edit" command: - edit-01-test-file-creation.patch: edit: Improve the test case (needed so that following patches apply cleanly.) - edit-02-call-remove-not-revert.patch: edit: Use command "remove" to remove files. - edit-03-fix-corner-case.patch: edit: Fix a corner case. - Update to version 0.64: o Performance: Several optimizations o Test suite: Several fixes and coverage improvements o Test suite: Run the tests in predictable order o files: Add support for unapplied patches o graph: Check for graphviz availability o mail: Remove procmail dependency o push: Do not use interactive mode with -f o Obsoletes dont-substitute-release.patch o Obsoletes hackweek-11-01-comment-update.patch o Obsoletes hackweek-11-02-cleanups.patch o Obsoletes hackweek-11-03-inspect-list-all-options.patch o Obsoletes hackweek-11-04-pass-through.patch o Obsoletes hackweek-11-05-no-explicit-rm.patch o Obsoletes hackweek-11-06-exclude-from-md5sums.patch o Obsoletes hackweek-11-07-normalize-path.patch o Obsoletes hackweek-11-08-inspect-split-wrapper-script.patch o Obsoletes hackweek-11-09-inspect-temporary-data-file.patch o Obsoletes hackweek-11-10-setup-fix-path-to-extra-patches.patch o Obsoletes hackweek-11-11-setup-trace-call-first.patch o Obsoletes hackweek-11-12-setup-alternative-implementation-v2.patch o Obsoletes hackweek-11-13-setup-let-normalize_path-deal-with-dot.patch o Obsoletes hackweek-11-14-setup-fix-link-creation.patch o Obsoletes hackweek-11-15-setup-missing-escape-in-normalize_path.patch o Obsoletes hackweek-11-16-setup-fix-create_symlink-corner-case.patch o Obsoletes inspect-skip-version-check.patch o Obsoletes pop-add-auto-refresh.patch o Obsoletes push-add-auto-refresh.patch o Obsoletes quilt-check-modified-series-rearm.patch o Obsoletes quilt-check-modified-series.patch o Obsoletes quilt-el-fix-patch-select-completion.patch o Obsoletes quilt-el-fix-tramp-support.patch o Obsoletes quilt-format-options-pass-through.patch o Obsoletes setup-check-for-rpmbuild.patch o Obsoletes setup-fix-tar-with-long-options.patch o Obsoletes setup-skip-version-check.patch - Refresh suse-workaround-pseudo-release.patch ==== sessreg ==== - u_Pass-P-to-the-preprocessor-when-generating-filenames.patch * Pass -P to the preprocessor when generating filenames for the manpage. Fixes build with GCC 5. Patch by Richard Biener ==== spax ==== Version update (1.5final -> 1.5.3) Subpackages: star - remove /usr/share/man/man1/mt.1.gz man page because this causes a conflict with cpio package. - Fix build on i586 - Do not install docu that describes how to compile - Convert spec file and changelog to UTF8 - Cleanup install section - Copy testsuite run to %check phase - Fix the install phase to pass - Add few patches from fedora: * star-1.5.1-selinux-segfault.patch * star-1.5.2-bufferoverflow.patch * star-1.5.2-use-ssh-by-default.patch * star-1.5.3-pax-X-option.patch * star-1.5.3-star-mk.patch - Remove german from README-FIRST - Version bump to 1.5.3 release, Various changes without changelog - Upstream moved to sourceforge - Libtool is needed always, so stop the if conditions around it - Refresh few patches: * star-configuration.diff * star-no_fsync.diff * star-lock.diff * star-selinux.patch * bnc#858660_detect_gzip_failures.patch - Obsoleted patch: * rmt-move.diff * star-getline.diff * star-fexecve.diff * star-1.5.1-bufferoverflow.patch ==== sudo ==== Version update (1.8.11p2 -> 1.8.12) - update to 1.8.12 (fixes bnc#918953) - changelog: * The embedded copy of zlib has been upgraded to version 1.2.8 and is now installed as a shared library where supported. * Debug settings for the sudo front end and sudoers plugin are now configured separately. * Multiple sudo.conf Debug entries may now be specified per program (or plugin). * The plugin API has been extended such that the path to the plugin that was loaded is now included in the settings array. This path can be used to register with the debugging subsystem. The debug_flags setting is now prefixed with a file name and may be specified multiple times if there is more than one matching Debug setting in sudo.conf. * The sudoers regression tests now run with the locale set to C since some of the tests compare output that includes locale-specific messages. Bug #672. * Fixed a bug where sudo would not run commands on Linux when compiled with audit support if audit is disabled. Bug #671. * The default password prompt now includes a trailing space after "Password:" for consistency with su(1) on most systems. Bug #663. * Visudo will now use the optional sudoers_file, sudoers_mode, sudoers_uid and sudoers_gid arguments if specified on the sudoers.so Plugin line in the sudo.conf file. * Fixed a problem introduced in sudo 1.8.8 that prevented the full host name from being used when the fqdn sudoers option is used. Bug #678. * Sudo now installs a handler for SIGCHLD signal handler immediately before stating the process that will execute the command (or start the monitor). * Removed a limit on the length of command line arguments expanded by a wild card using sudo's version of the fnmatch() function. This limit was introduced when sudo's version of fnmatch() was replaced in sudo 1.8.4. * LDAP-based sudoers can now query an LDAP server for a user's netgroups directly. This is often much faster than fetching every sudoRole object containing a sudoUser that begins with a `+' prefix and checking whether the user is a member of any of the returned netgroups. * The mail_always sudoers option no longer sends mail for sudo -l or sudo -v unless the user is unable to authenticate themselves. * Fixed a crash when sudo is run with an empty argument vector. * Fixed two potential crashes when sudo is run with very low resource limits. * The TZ environment variable is now checked for safety instead of simply being copied to the environment of the command. This fixes a potential security issue. ==== suse-xsl-stylesheets ==== - Slightly adapted %post and %postun section to fix bsc#918565 ==== suspend ==== - Build with -std=gnu89 as GCC 5 defaults to -std=gnu11 and that breaks build due to changed semantics of 'inline'. ==== syslinux ==== - Do not use gcc-PIE here, lots of assembler (cpuid etc.) that would be hard to make ready for PIC. ==== sysvinit-tools ==== - Build with -std=gnu89 to deal with GCC 5 defaulting to -std=gnu11 ==== texlive-latex-doc ==== Version update (2013.90.svn27907 -> 2013.91.svn27907) - avoid bootstrap problems by ignoring built packages for packages required by texlive ==== tigervnc ==== Subpackages: xorg-x11-Xvnc - Fix build against X server 1.17.x. * u_tigervnc-build-with-xserver-1.17.patch - Use xserver sources from xorg-x11-server-source. - Drop no longer needed patches: * N_xorg-server-xdmcp.patch * n_tigervnc-dont-build-gtf.patch ==== vsftpd ==== - Add service calls for other unit files too - Udate filter patch to work as expected: * vsftpd-2.1.0-filter.patch ==== xorg-x11-server ==== Subpackages: xorg-x11-server-extra xorg-x11-server-sdk - Enable systemd-logind integration support: + Add pkgconfig(libsystemd-logind) and pkgconfig(dbus-1) BuildRequires. + Pass --enable-systemd-logind to configure. ==== zypper ==== Version update (1.11.20 -> 1.11.22) Subpackages: zypper-aptitude zypper-log - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - repos(lr): Fix wrong exit status using the --xmlout option (bnc#914258) - version 1.11.22 - Refresh plugin services on 'lr' 'ls -r' and 'ref' (bnc#893294)(FATE#318117) Repositories provided by a plugin service (SUSE Manager) must always be (auto-)refreshed to reflect server side changes immediately. - zypper.conf: new color/pkglistHighlightAttribute (bnc#914284) Tune the color atrribute used for package list highlighting. - version 1.11.21 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 Removed packages: banshee > banshee-backend-engine-gstreamer > banshee-backend-io-gio > banshee-backend-platform-gnome > banshee-backend-platform-unix > banshee-core > banshee-dmp > banshee-dmp-apple-devices > banshee-dmp-mtp > banshee-extensions-default bundle-lang-common-ca gdata-sharp gio-sharp wnck-sharp gnome-do-plugins > gnome-do-plugins-lang gnome-vfs-sharp2 gtk-sharp-beans gudev-sharp liblazy-devel > liblazy1 mono-zeroconf > mono-zeroconf-provider-avahi taglib-sharp Added packages: ibus-libzhuyin ibus-pinyin juk libtunepimp > libtunepimp-devel > libtunepimp5 libpyzy-1_0-0 > pyzy-db-android > pyzy-db-open-phrase