openSUSE-2020-67 moderate openSUSE Backports SLE-15-SP1 Update This update for icingaweb2 to version 2.7.3 fixes the following issues: icingaweb2 update to 2.7.3: * Fixed an issue where servicegroups for roles with filtered objects were not available icingaweb2 update to 2.7.2: * Performance imrovements and bug fixes icingaweb2 update to 2.7.1: * Highlight links in the notes of an object * Fixed an issue where sort rules were no longer working * Fixed an issue where statistics were shown with an anarchist way * Fixed an issue where wildcards could no show results icingaweb2 update to 2.7.0: * New languages support * Now module developers got additional ways to customize Icinga Web 2 * UI enhancements icingaweb2 update to 2.6.3: * Fixed various issues with LDAP * Fixed issues with timezone * UI enhancements * Stability fixes icingaweb2 update to 2.6.2: You can find issues and features related to this release on our Roadmap. This bugfix release addresses the following topics: * Database connections to MySQL 8 no longer fail * LDAP connections now have a timeout configuration which defaults to 5 seconds * User groups are now correctly loaded for externally authenticated users * Filters are respected for all links in the host and service group overviews * Fixed permission problems where host and service actions provided by modules were missing * Fixed an SQL error in the contact list view when filtering for host groups * Fixed time zone (DST) detection * Fixed the contact details view if restrictions are active * Doc parser and documentation fixes Fix security issues: - CVE-2018-18246: fixed an CSRF in moduledisable (boo#1119784) - CVE-2018-18247: fixed an XSS via /icingaweb2/navigation/add (boo#1119785) - CVE-2018-18248: fixed an XSS attack is possible via query strings or a dir parameter (boo#1119801) - CVE-2018-18249: fixed an injection of PHP ini-file directives involves environment variables as channel to send out information (boo#1119799) - CVE-2018-18250: fixed parameters that can break navigation dashlets (boo#1119800) - Remove setuid from new upstream spec file for following dirs: /etc/icingaweb2, /etc/icingaweb/modules, /etc/icingaweb2/modules/setup, /etc/icingaweb2/modules/translation, /var/log/icingaweb2 icingaweb2 updated to 2.6.1: - You can find issues and features related to this release on our [Roadmap](https://github.com/Icinga/icingaweb2/milestone/51?closed=1). - The command audit now logs a command's payload as JSON which fixes a [bug](https://github.com/Icinga/icingaweb2/issues/3535) that has been introduced in version 2.6.0. icingaweb2 was updated to 2.6.0: - You can find issues and features related to this release on our Roadmap. * Enabling you to do stuff you couldn't before - Support for PHP 7.2 added - Support for SQLite resources added - Login and Command (monitoring) auditing added with the help of a dedicated module - Pluginoutput rendering is now hookable by modules which allows to render custom icons, emojis and .. cute kitties :octocat: * Avoiding that you miss something - It's now possible to toggle between list- and grid-mode for the host- and servicegroup overviews - The servicegrid now supports to flip its axes which allows it to be put into a landscape mode - Contacts only associated with services are visible now when restricted based on host filters - Negated and combined membership filters now work as expected (#2934) - A more prominent error message in case the monitoring backend goes down - The filter editor doesn't get cleared anymore upon hitting Enter * Making your life a bit easier - The tactical overview is now filterable and can be safely put into the dashboard - It is now possible to register new announcements over the REST Api - Filtering for custom variables now works in UTF8 environments * Ensuring you understand everything - The monitoring health is now beautiful to look at and properly behaves in narrow environments - Updated German localization - Updated Italian localization * Freeing you from unrealiable things - Removed support for PHP < 5.6 - Removed support for persistent database connections icingacli-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-2.7.3-bp151.5.3.1.src.rpm icingaweb2-common-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-HTMLPurifier-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-JShrink-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-Parsedown-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-dompdf-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-lessphp-2.7.3-bp151.5.3.1.noarch.rpm icingaweb2-vendor-zf1-2.7.3-bp151.5.3.1.noarch.rpm php-Icinga-2.7.3-bp151.5.3.1.noarch.rpm openSUSE-2019-1706 moderate openSUSE Backports SLE-15-SP1 Update This update for habootstrap-formula, python-shaptools, salt-shaptools, saphanabootstrap-formula fixes the following issues: Changes in saphanabootstrap-formula: - Create package version 0.2.1. (boo#1137989, jsc#SLE-4143) Changes in habootstrap-formula: - Create package version 0.2.1. (boo#1137989, jsc#SLE-4031) Changes in salt-shaptools: - Create package version 0.2.1. (jsc#SLE-4031, jsc#SLE-4143, boo#1137989) Changes in python-shaptools: - Create package version 0.2.1. (jsc#SLE-4031, jsc#SLE-4143, boo#1137989) habootstrap-formula-0.2.1-bp151.2.3.noarch.rpm habootstrap-formula-0.2.1-bp151.2.3.src.rpm python-shaptools-0.2.1-bp151.2.4.src.rpm python2-shaptools-0.2.1-bp151.2.4.noarch.rpm python3-shaptools-0.2.1-bp151.2.4.noarch.rpm salt-shaptools-0.2.1-bp151.2.3.noarch.rpm salt-shaptools-0.2.1-bp151.2.3.src.rpm saphanabootstrap-formula-0.2.1-bp151.2.3.noarch.rpm saphanabootstrap-formula-0.2.1-bp151.2.3.src.rpm openSUSE-2019-1851 important openSUSE Backports SLE-15-SP1 Update This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). kconf_update5-5.55.0-bp151.3.5.1.x86_64.rpm kconf_update5-debuginfo-5.55.0-bp151.3.5.1.x86_64.rpm kconfig-5.55.0-bp151.3.5.1.src.rpm kconfig-debugsource-5.55.0-bp151.3.5.1.x86_64.rpm kconfig-devel-5.55.0-bp151.3.5.1.x86_64.rpm kconfig-devel-debuginfo-5.55.0-bp151.3.5.1.x86_64.rpm libKF5ConfigCore5-5.55.0-bp151.3.5.1.x86_64.rpm libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1.x86_64.rpm libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1.noarch.rpm libKF5ConfigGui5-5.55.0-bp151.3.5.1.x86_64.rpm libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1.x86_64.rpm kdelibs4-apidocs-4.14.38-bp151.9.5.1.noarch.rpm kdelibs4-apidocs-4.14.38-bp151.9.5.1.src.rpm kdelibs4-4.14.38-bp151.9.5.1.src.rpm kdelibs4-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-core-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-debugsource-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-doc-4.14.38-bp151.9.5.1.x86_64.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm libkde4-4.14.38-bp151.9.5.1.x86_64.rpm libkde4-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm libkde4-devel-4.14.38-bp151.9.5.1.x86_64.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm libkdecore4-4.14.38-bp151.9.5.1.x86_64.rpm libkdecore4-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm libkdecore4-devel-4.14.38-bp151.9.5.1.x86_64.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm libksuseinstall-devel-4.14.38-bp151.9.5.1.x86_64.rpm libksuseinstall1-4.14.38-bp151.9.5.1.x86_64.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1.x86_64.rpm kconf_update5-5.55.0-bp151.3.5.1.aarch64.rpm kconf_update5-debuginfo-5.55.0-bp151.3.5.1.aarch64.rpm kconfig-debugsource-5.55.0-bp151.3.5.1.aarch64.rpm kconfig-devel-5.55.0-bp151.3.5.1.aarch64.rpm kconfig-devel-64bit-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm kconfig-devel-64bit-debuginfo-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm kconfig-devel-debuginfo-5.55.0-bp151.3.5.1.aarch64.rpm libKF5ConfigCore5-5.55.0-bp151.3.5.1.aarch64.rpm libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm libKF5ConfigCore5-64bit-debuginfo-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1.aarch64.rpm libKF5ConfigGui5-5.55.0-bp151.3.5.1.aarch64.rpm libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm libKF5ConfigGui5-64bit-debuginfo-5.55.0-bp151.3.5.1.aarch64_ilp32.rpm libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1.aarch64.rpm kdelibs4-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-core-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-debugsource-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-doc-4.14.38-bp151.9.5.1.aarch64.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm libkde4-4.14.38-bp151.9.5.1.aarch64.rpm libkde4-64bit-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libkde4-64bit-debuginfo-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libkde4-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm libkde4-devel-4.14.38-bp151.9.5.1.aarch64.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm libkdecore4-4.14.38-bp151.9.5.1.aarch64.rpm libkdecore4-64bit-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libkdecore4-64bit-debuginfo-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libkdecore4-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm libkdecore4-devel-4.14.38-bp151.9.5.1.aarch64.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm libksuseinstall-devel-4.14.38-bp151.9.5.1.aarch64.rpm libksuseinstall1-4.14.38-bp151.9.5.1.aarch64.rpm libksuseinstall1-64bit-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libksuseinstall1-64bit-debuginfo-4.14.38-bp151.9.5.1.aarch64_ilp32.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1.aarch64.rpm kconf_update5-5.55.0-bp151.3.5.1.ppc64le.rpm kconf_update5-debuginfo-5.55.0-bp151.3.5.1.ppc64le.rpm kconfig-debugsource-5.55.0-bp151.3.5.1.ppc64le.rpm kconfig-devel-5.55.0-bp151.3.5.1.ppc64le.rpm kconfig-devel-debuginfo-5.55.0-bp151.3.5.1.ppc64le.rpm libKF5ConfigCore5-5.55.0-bp151.3.5.1.ppc64le.rpm libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1.ppc64le.rpm libKF5ConfigGui5-5.55.0-bp151.3.5.1.ppc64le.rpm libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1.ppc64le.rpm kdelibs4-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-core-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-debugsource-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-doc-4.14.38-bp151.9.5.1.ppc64le.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm libkde4-4.14.38-bp151.9.5.1.ppc64le.rpm libkde4-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm libkde4-devel-4.14.38-bp151.9.5.1.ppc64le.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm libkdecore4-4.14.38-bp151.9.5.1.ppc64le.rpm libkdecore4-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm libkdecore4-devel-4.14.38-bp151.9.5.1.ppc64le.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm libksuseinstall-devel-4.14.38-bp151.9.5.1.ppc64le.rpm libksuseinstall1-4.14.38-bp151.9.5.1.ppc64le.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1.ppc64le.rpm kconf_update5-5.55.0-bp151.3.5.1.s390x.rpm kconf_update5-debuginfo-5.55.0-bp151.3.5.1.s390x.rpm kconfig-debugsource-5.55.0-bp151.3.5.1.s390x.rpm kconfig-devel-5.55.0-bp151.3.5.1.s390x.rpm kconfig-devel-debuginfo-5.55.0-bp151.3.5.1.s390x.rpm libKF5ConfigCore5-5.55.0-bp151.3.5.1.s390x.rpm libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1.s390x.rpm libKF5ConfigGui5-5.55.0-bp151.3.5.1.s390x.rpm libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1.s390x.rpm kdelibs4-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-core-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-debugsource-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-doc-4.14.38-bp151.9.5.1.s390x.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm libkde4-4.14.38-bp151.9.5.1.s390x.rpm libkde4-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm libkde4-devel-4.14.38-bp151.9.5.1.s390x.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm libkdecore4-4.14.38-bp151.9.5.1.s390x.rpm libkdecore4-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm libkdecore4-devel-4.14.38-bp151.9.5.1.s390x.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm libksuseinstall-devel-4.14.38-bp151.9.5.1.s390x.rpm libksuseinstall1-4.14.38-bp151.9.5.1.s390x.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1.s390x.rpm openSUSE-2019-1854 moderate openSUSE Backports SLE-15-SP1 Update This update for GraphicsMagick fixes the following issues: - disable indirect reads that disclosed file contents from the local system (boo#1138425) This update was imported from the openSUSE:Leap:15.0:Update update project. GraphicsMagick-1.3.29-bp151.5.3.1.src.rpm GraphicsMagick-1.3.29-bp151.5.3.1.x86_64.rpm GraphicsMagick-devel-1.3.29-bp151.5.3.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.29-bp151.5.3.1.x86_64.rpm libGraphicsMagick++-devel-1.3.29-bp151.5.3.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.29-bp151.5.3.1.x86_64.rpm libGraphicsMagick3-config-1.3.29-bp151.5.3.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.3.1.x86_64.rpm perl-GraphicsMagick-1.3.29-bp151.5.3.1.x86_64.rpm openSUSE-2019-1968 moderate openSUSE Backports SLE-15-SP1 Update This update for libcryptopp fixes the following issues: - CVE-2019-14318: Fixed a timing side channel vulnerability in the ECDSA signature generation (boo#1143532). libcryptopp-5.6.5-bp151.4.3.1.src.rpm libcryptopp-devel-5.6.5-bp151.4.3.1.x86_64.rpm libcryptopp5_6_5-5.6.5-bp151.4.3.1.x86_64.rpm libcryptopp-devel-5.6.5-bp151.4.3.1.aarch64.rpm libcryptopp5_6_5-5.6.5-bp151.4.3.1.aarch64.rpm libcryptopp5_6_5-64bit-5.6.5-bp151.4.3.1.aarch64_ilp32.rpm libcryptopp-devel-5.6.5-bp151.4.3.1.ppc64le.rpm libcryptopp5_6_5-5.6.5-bp151.4.3.1.ppc64le.rpm libcryptopp-devel-5.6.5-bp151.4.3.1.s390x.rpm libcryptopp5_6_5-5.6.5-bp151.4.3.1.s390x.rpm openSUSE-2019-1857 moderate openSUSE Backports SLE-15-SP1 Update This update for akonadi-server fixes the following issues: - Fixed a possible crash on exit (kde#401692) This update was imported from the openSUSE:Leap:15.1:Update update project. akonadi-server-18.12.3-bp151.4.3.1.src.rpm akonadi-server-18.12.3-bp151.4.3.1.x86_64.rpm akonadi-server-devel-18.12.3-bp151.4.3.1.x86_64.rpm akonadi-server-lang-18.12.3-bp151.4.3.1.noarch.rpm akonadi-server-sqlite-18.12.3-bp151.4.3.1.x86_64.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.3.1.x86_64.rpm libKF5AkonadiCore5-18.12.3-bp151.4.3.1.x86_64.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.3.1.x86_64.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.3.1.x86_64.rpm libKF5AkonadiXml5-18.12.3-bp151.4.3.1.x86_64.rpm akonadi-server-18.12.3-bp151.4.3.1.aarch64.rpm akonadi-server-devel-18.12.3-bp151.4.3.1.aarch64.rpm akonadi-server-sqlite-18.12.3-bp151.4.3.1.aarch64.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.3.1.aarch64.rpm libKF5AkonadiCore5-18.12.3-bp151.4.3.1.aarch64.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.3.1.aarch64.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.3.1.aarch64.rpm libKF5AkonadiXml5-18.12.3-bp151.4.3.1.aarch64.rpm akonadi-server-18.12.3-bp151.4.3.1.ppc64le.rpm akonadi-server-devel-18.12.3-bp151.4.3.1.ppc64le.rpm akonadi-server-sqlite-18.12.3-bp151.4.3.1.ppc64le.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.3.1.ppc64le.rpm libKF5AkonadiCore5-18.12.3-bp151.4.3.1.ppc64le.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.3.1.ppc64le.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.3.1.ppc64le.rpm libKF5AkonadiXml5-18.12.3-bp151.4.3.1.ppc64le.rpm akonadi-server-18.12.3-bp151.4.3.1.s390x.rpm akonadi-server-devel-18.12.3-bp151.4.3.1.s390x.rpm akonadi-server-sqlite-18.12.3-bp151.4.3.1.s390x.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.3.1.s390x.rpm libKF5AkonadiCore5-18.12.3-bp151.4.3.1.s390x.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.3.1.s390x.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.3.1.s390x.rpm libKF5AkonadiXml5-18.12.3-bp151.4.3.1.s390x.rpm openSUSE-2019-1858 moderate openSUSE Backports SLE-15-SP1 Update This update for ansible fixes the following issues: Ansible was updated to version 2.8.1: Full changelog is at /usr/share/doc/packages/ansible/changelogs/ - Bugfixes - ACI - DO not encode query_string - ACI modules - Fix non-signature authentication - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading - Fix "Interface not found" errors when using eos_l2_interface with nonexistant interfaces configured - Fix cannot get credential when `source_auth` set to `credential_file`. - Fix netconf_config backup string issue - Fix privilege escalation support for the docker connection plugin when credentials need to be supplied (e.g. sudo with password). - Fix vyos cli prompt inspection - Fixed loading namespaced documentation fragments from collections. - Fixing bug came up after running cnos_vrf module against coverity. - Properly handle data importer failures on PVC creation, instead of timing out. - To fix the ios static route TC failure in CI - To fix the nios member module params - To fix the nios_zone module idempotency failure - add terminal initial prompt for initial connection - allow include_role to work with ansible command - allow python_requirements_facts to report on dependencies containing dashes - asa_config fix - azure_rm_roledefinition - fix a small error in build scope. - azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network peering. - cgroup_perf_recap - When not using file_per_task, make sure we don't prematurely close the perf files - display underlying error when reporting an invalid ``tasks:`` block. - dnf - fix wildcard matching for state: absent - docker connection plugin - accept version ``dev`` as 'newest version' and print warning. - docker_container - ``oom_killer`` and ``oom_score_adj`` options are available since docker-py 1.8.0, not 2.0.0 as assumed by the version check. - docker_container - fix network creation when ``networks_cli_compatible`` is enabled. - docker_container - use docker API's ``restart`` instead of ``stop``/``start`` to restart a container. - docker_image - if ``build`` was not specified, the wrong default for ``build.rm`` is used. - docker_image - if ``nocache`` set to ``yes`` but not ``build.nocache``, the module failed. - docker_image - module failed when ``source: build`` was set but ``build.path`` options not specified. - docker_network module - fix idempotency when using ``aux_addresses`` in ``ipam_config``. - ec2_instance - make Name tag idempotent - eos: don't fail modules without become set, instead show message and continue - eos_config: check for session support when asked to 'diff_against: session' - eos_eapi: fix idempotency issues when vrf was unspecified. - fix bugs for ce - more info see - fix incorrect uses of to_native that should be to_text instead. - hcloud_volume - Fix idempotency when attaching a server to a volume. - ibm_storage - Added a check for null fields in ibm_storage utils module. - include_tasks - whitelist ``listen`` as a valid keyword - k8s - resource updates applied with force work correctly now - keep results subset also when not no_log. - meraki_switchport - improve reliability with native VLAN functionality. - netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and clearing functionality - netapp_e_volumes - fix workload profileId indexing when no previous workload tags exist on the storage array. - nxos_acl some platforms/versions raise when no ACLs are present - nxos_facts fix <https://github.com/ansible/ansible/pull/57009> - nxos_file_copy fix passwordless workflow - nxos_interface Fix admin_state check for n6k - nxos_snmp_traps fix group all for N35 platforms - nxos_snmp_user fix platform fixes for get_snmp_user - nxos_vlan mode idempotence bug - nxos_vlan vlan names containing regex ctl chars should be escaped - nxos_vtp_* modules fix n6k issues - openssl_certificate - fix private key passphrase handling for ``cryptography`` backend. - openssl_pkcs12 - fixes crash when private key has a passphrase and the module is run a second time. - os_stack - Apply tags conditionally so that the module does not throw up an error when using an older distro of openstacksdk - pass correct loading context to persistent connections other than local - pkg_mgr - Ansible 2.8.0 failing to install yum packages on Amazon Linux - postgresql - added initial SSL related tests - postgresql - added missing_required_libs, removed excess param mapping - postgresql - move connect_to_db and get_pg_version into module_utils/postgres.py (https://github.com/ansible/ansible/pull/55514) - postgresql_db - add note to the documentation about state dump and the incorrect rc (https://github.com/ansible/ansible/pull/57297) - postgresql_db - fix for postgresql_db fails if stderr contains output - postgresql_ping - fixed a typo in the module documentation - preserve actual ssh error when we cannot connect. - route53_facts - the module did not advertise check mode support, causing it not to be run in check mode. - sysctl: the module now also checks the output of STDERR to report if values are correctly set (https://github.com/ansible/ansible/pull/55695) - ufw - correctly check status when logging is off - uri - always return a value for status even during failure - urls - Handle redirects properly for IPv6 address by not splitting on ``:`` and rely on already parsed hostname and port values - vmware_vm_facts - fix the support with regular ESXi - vyos_interface fix <https://github.com/ansible/ansible/pull/57169> - we don't really need to template vars on definition as we do this on demand in templating. - win_acl - Fix qualifier parser when using UNC paths - - win_hostname - Fix non netbios compliant name handling - winrm - Fix issue when attempting to parse CLIXML on send input failure - xenserver_guest - fixed an issue where VM whould be powered off even though check mode is used if reconfiguration requires VM to be powered off. - xenserver_guest - proper error message is shown when maximum number of network interfaces is reached and multiple network interfaces are added at once. - yum - Fix false error message about autoremove not being supported - yum - fix failure when using ``update_cache`` standalone - yum - handle special "_none_" value for proxy in yum.conf and .repo files Update to version 2.8.0 Major changes: * Experimental support for Ansible Collections and content namespacing - Ansible content can now be packaged in a collection and addressed via namespaces. This allows for easier sharing, distribution, and installation of bundled modules/roles/plugins, and consistent rules for accessing specific content via namespaces. * Python interpreter discovery - The first time a Python module runs on a target, Ansible will attempt to discover the proper default Python interpreter to use for the target platform/version (instead of immediately defaulting to /usr/bin/python). You can override this behavior by setting ansible_python_interpreter or via config. (see https://github.com/ansible/ansible/pull/50163) * become - The deprecated CLI arguments for --sudo, --sudo-user, --ask-sudo-pass, -su, --su-user, and --ask-su-pass have been removed, in favor of the more generic --become, --become-user, --become-method, and --ask-become-pass. * become - become functionality has been migrated to a plugin architecture, to allow customization of become functionality and 3rd party become methods (https://github.com/ansible/ansible/pull/50991) - addresses CVE-2018-16859, CVE-2018-16876, CVE-2019-3828, CVE-2018-16837 For the full changelog see /usr/share/doc/packages/ansible/changelogs or online: https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst This update was imported from the openSUSE:Leap:15.1:Update update project. ansible-2.8.1-bp151.3.3.1.noarch.rpm ansible-2.8.1-bp151.3.3.1.src.rpm openSUSE-2019-1893 moderate openSUSE Backports SLE-15-SP1 Update This update for aubio fixes the following issues: - CVE-2019-1010224: Fixed a denial of service (boo#1142435). This update was imported from the openSUSE:Leap:15.0:Update update project. aubio-0.4.6-bp151.5.3.1.src.rpm aubio-tools-0.4.6-bp151.5.3.1.x86_64.rpm libaubio-devel-0.4.6-bp151.5.3.1.x86_64.rpm libaubio5-0.4.6-bp151.5.3.1.x86_64.rpm python-aubio-0.4.6-bp151.5.3.1.src.rpm python-aubio-debugsource-0.4.6-bp151.5.3.1.x86_64.rpm python2-aubio-0.4.6-bp151.5.3.1.x86_64.rpm python2-aubio-debuginfo-0.4.6-bp151.5.3.1.x86_64.rpm python3-aubio-0.4.6-bp151.5.3.1.x86_64.rpm python3-aubio-debuginfo-0.4.6-bp151.5.3.1.x86_64.rpm python-aubio-debugsource-0.4.6-bp151.5.3.1.aarch64.rpm python2-aubio-0.4.6-bp151.5.3.1.aarch64.rpm python2-aubio-debuginfo-0.4.6-bp151.5.3.1.aarch64.rpm python3-aubio-0.4.6-bp151.5.3.1.aarch64.rpm python3-aubio-debuginfo-0.4.6-bp151.5.3.1.aarch64.rpm python-aubio-debugsource-0.4.6-bp151.5.3.1.ppc64le.rpm python2-aubio-0.4.6-bp151.5.3.1.ppc64le.rpm python2-aubio-debuginfo-0.4.6-bp151.5.3.1.ppc64le.rpm python3-aubio-0.4.6-bp151.5.3.1.ppc64le.rpm python3-aubio-debuginfo-0.4.6-bp151.5.3.1.ppc64le.rpm python-aubio-debugsource-0.4.6-bp151.5.3.1.s390x.rpm python2-aubio-0.4.6-bp151.5.3.1.s390x.rpm python2-aubio-debuginfo-0.4.6-bp151.5.3.1.s390x.rpm python3-aubio-0.4.6-bp151.5.3.1.s390x.rpm python3-aubio-debuginfo-0.4.6-bp151.5.3.1.s390x.rpm openSUSE-2019-1901 important openSUSE Backports SLE-15-SP1 Update This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher (boo#1143492) - CVE-2019-5860: Use-after-free in PDFium (boo#1143492) - CVE-2019-5853: Memory corruption in regexp length check (boo#1143492) - CVE-2019-5851: Use-after-poison in offline audio context (boo#1143492) - CVE-2019-5859: res: URIs can load alternative browsers (boo#1143492) - CVE-2019-5856: Insufficient checks on filesystem: URI permissions (boo#1143492) - CVE-2019-5855: Integer overflow in PDFium (boo#1143492) - CVE-2019-5865: Site isolation bypass from compromised renderer (boo#1143492) - CVE-2019-5858: Insufficient filtering of Open URL service parameters (boo#1143492) - CVE-2019-5864: Insufficient port filtering in CORS for extensions (boo#1143492) - CVE-2019-5862: AppCache not robust to compromised renderers (boo#1143492) - CVE-2019-5861: Click location incorrectly checked (boo#1143492) - CVE-2019-5857: Comparison of -0 and null yields crash (boo#1143492) - CVE-2019-5854: Integer overflow in PDFium text rendering (boo#1143492) - CVE-2019-5852: Object leak of utility functions (boo#1143492) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-76.0.3809.87-bp151.3.3.3.x86_64.rpm chromium-76.0.3809.87-bp151.3.3.3.src.rpm chromium-76.0.3809.87-bp151.3.3.3.x86_64.rpm chromedriver-76.0.3809.87-bp151.3.3.3.aarch64.rpm chromium-76.0.3809.87-bp151.3.3.3.aarch64.rpm openSUSE-2019-1959 moderate openSUSE Backports SLE-15-SP1 Update This update for clementine fixes the following issues: - CVE-2018-14332: Fixed a NULL ptr dereference (crash) in the moodbar pipeline (boo#1103041) This update was imported from the openSUSE:Leap:15.0:Update update project. clementine-1.3.1-bp151.4.3.2.src.rpm clementine-1.3.1-bp151.4.3.2.x86_64.rpm openSUSE-2019-1890 moderate openSUSE Backports SLE-15-SP1 Update This update for cluster-glue fixes the following issues: - Directory /var/run/heartbeat/rsctmp will now get created if it doesn't exist (bsc#1131545) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. cluster-glue-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.src.rpm cluster-glue-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.x86_64.rpm libglue-devel-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.x86_64.rpm libglue2-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.x86_64.rpm cluster-glue-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.aarch64.rpm libglue-devel-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.aarch64.rpm libglue-devel-64bit-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.aarch64_ilp32.rpm libglue2-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.aarch64.rpm libglue2-64bit-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.aarch64_ilp32.rpm cluster-glue-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.ppc64le.rpm libglue-devel-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.ppc64le.rpm libglue2-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.ppc64le.rpm cluster-glue-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.s390x.rpm libglue-devel-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.s390x.rpm libglue2-1.0.12+v1.git.1560323319.fd5a3bef-bp151.2.3.3.s390x.rpm openSUSE-2019-1896 moderate openSUSE Backports SLE-15-SP1 Update This update for dolphin fixes the following issues: - Updated Lithuanian translations (boo#1139359). This update was imported from the openSUSE:Leap:15.1:Update update project. dolphin-18.12.3-bp151.3.3.4.src.rpm dolphin-18.12.3-bp151.3.3.4.x86_64.rpm dolphin-devel-18.12.3-bp151.3.3.4.x86_64.rpm dolphin-part-18.12.3-bp151.3.3.4.x86_64.rpm dolphin-part-lang-18.12.3-bp151.3.3.4.noarch.rpm libdolphinvcs5-18.12.3-bp151.3.3.4.x86_64.rpm dolphin-18.12.3-bp151.3.3.4.aarch64.rpm dolphin-devel-18.12.3-bp151.3.3.4.aarch64.rpm dolphin-part-18.12.3-bp151.3.3.4.aarch64.rpm libdolphinvcs5-18.12.3-bp151.3.3.4.aarch64.rpm dolphin-18.12.3-bp151.3.3.4.ppc64le.rpm dolphin-devel-18.12.3-bp151.3.3.4.ppc64le.rpm dolphin-part-18.12.3-bp151.3.3.4.ppc64le.rpm libdolphinvcs5-18.12.3-bp151.3.3.4.ppc64le.rpm dolphin-18.12.3-bp151.3.3.4.s390x.rpm dolphin-devel-18.12.3-bp151.3.3.4.s390x.rpm dolphin-part-18.12.3-bp151.3.3.4.s390x.rpm libdolphinvcs5-18.12.3-bp151.3.3.4.s390x.rpm openSUSE-2019-1856 moderate openSUSE Backports SLE-15-SP1 Update This update for git-review fixes the following issues: git-review was updated to 1.28.0 (boo#1134089): * Support for auto-configuration of topic names based on the presence of keywords in the commit message is removed. Previously, keywords such as bug, bp or lp followed by a number would result in branch names containing the associated number, e.g. bug/123. This feature was OpenStack specific, was a frequent source of bugs and clearly wasn’t being used that often, given that StoryBoard is a thing now and no one had updated this feature to handle that metadata. * Fixed usepushurl to work when a read-only mirror being used as origin does not contain refs/changes from gerrit. This update was imported from the openSUSE:Leap:15.0:Update update project. git-review-1.28.0-bp151.4.3.1.noarch.rpm git-review-1.28.0-bp151.4.3.1.src.rpm openSUSE-2019-1922 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuhealth fixes the following issues: Changes in gnuhealth: - correction for gnuhealth-control (v 3.2.4) - Adding a dummy executable called 'gnuhealth' with some help text (boo#1107771) This update was imported from the openSUSE:Leap:15.1:Update update project. gnuhealth-3.4.1-bp151.3.3.3.noarch.rpm gnuhealth-3.4.1-bp151.3.3.3.src.rpm openSUSE-2019-1984 moderate openSUSE Backports SLE-15-SP1 Update This update for guake fixes the following issues: guake was updated to version 3.6.3: * Add drag-n-drop to terminal (text & uris) * When scrolling with "shift" (1 page) or "shift + ctrl" (4 pages) it will be faster (gh#Guake/guake#271) * Add schema_version check for tabs session restore * Add save/restore terminal split for tabs session - Save/Restore terminal split by pre-order traversal full binary tree in list * Bump tabs session schema_version to 2 (to support terminal split) * Lazy restore terminal split until Guake is visible * Manage terminal signal handler by handler_ids * Avoid spurious resize event when showing fullscreened window * Make sure workspace-specific-tab-sets only enable on X11 backend (due to wnck) * Add install/uninstall-dev-locale to support dev locale * Fix DualTerminalBox grab focus when remove dead child * Support customize prefix for make * Fix re-focus on terminal after rename dialog destroy * Fix split terminal by menu will not follow last terminal cwd (if option set) * Fix delete_shell using os.waitpid (should not use it) guake was updated to 3.6.1: * new feature: search in current terminal * new feature: session saving * new feature: settings export and import * various fixes to the core * minor build system fixes * translation updates guake was updated to version 3.5.0: * new hotkey (CTRL+SHIFT+H) to open new tab in home directory * "New tab" button (gh#Guake/guake#1471) * Open new tab by double-clicking on the tab bar * Add new context menu on the notebook * Add a CLI option to change palette scheme (gh#Guake/guake#1345) * Bold text is also bright (>= VTE 0.52 only) * guake --split-vertical and --split-horizontal split the current * tab just like the context menu does * Optional close buttons for tabs (disabled by default) * Guake can now provide a set of tabs per workspace * Reverse transparency slider to be more meaningful (gh#Guake/guake#1501) * Fix command-line select tab behavior (gh#Guake/guake#1492) * removed duplicate event bind? previously I had issue where quick-open event would be fired twice because of this. * fix settings only applied to the active workspace if more the 1 is used * fix prompt quit dialog numbers when more then 1 workspace is used * Updated translations. This update was imported from the openSUSE:Leap:15.1:Update update project. guake-3.6.3-bp151.3.3.3.noarch.rpm guake-3.6.3-bp151.3.3.3.src.rpm openSUSE-2019-1894 moderate openSUSE Backports SLE-15-SP1 Update This update for irssi fixes the following issues: irssi was updated to 1.1.3: - CVE-2019-13045: Fix a use after free issue when sending the SASL login on (automatic and manual) reconnects (#1055, #1058) (boo#1139802) - Fix regression of #779 where autolog_ignore_targets would not matching itemless windows anymore (#1012, #1013) This update was imported from the openSUSE:Leap:15.1:Update update project. irssi-1.1.3-bp151.3.3.3.src.rpm irssi-1.1.3-bp151.3.3.3.x86_64.rpm irssi-devel-1.1.3-bp151.3.3.3.x86_64.rpm irssi-1.1.3-bp151.3.3.3.aarch64.rpm irssi-devel-1.1.3-bp151.3.3.3.aarch64.rpm irssi-1.1.3-bp151.3.3.3.ppc64le.rpm irssi-devel-1.1.3-bp151.3.3.3.ppc64le.rpm irssi-1.1.3-bp151.3.3.3.s390x.rpm irssi-devel-1.1.3-bp151.3.3.3.s390x.rpm openSUSE-2019-1900 low openSUSE Backports SLE-15-SP1 Update This update for kde-l10n fixes the following issue: * boo#1103027: Kopete was missing localization This update was imported from the openSUSE:Leap:15.0:Update update project. kde-l10n-17.08.3-bp151.5.3.3.src.rpm kde-l10n-ar-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ast-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-bg-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-bs-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ca-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-caValencia-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-cs-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-da-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-da-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-da-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-de-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-de-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-de-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-el-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-en_GB-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-en_GB-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-en_GB-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-eo-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-es-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-es-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-es-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-et-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-et-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-et-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-eu-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-fa-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-fi-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-fr-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-fr-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-fr-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ga-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-gl-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-he-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-hi-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-hr-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-hu-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ia-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-id-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-is-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-it-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-it-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-it-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ja-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-kk-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-km-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ko-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-lt-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-lv-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-mr-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nb-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nds-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nl-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nl-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nl-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-nn-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pa-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pl-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pl-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pl-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pt-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pt_BR-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pt_BR-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-pt_BR-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ro-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ru-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ru-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ru-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sk-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sl-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sr-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sv-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sv-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-sv-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-tr-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-ug-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-uk-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-uk-data-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-uk-doc-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-wa-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-zh_CN-17.08.3-bp151.5.3.3.noarch.rpm kde-l10n-zh_TW-17.08.3-bp151.5.3.3.noarch.rpm openSUSE-2019-1898 important openSUSE Backports SLE-15-SP1 Update This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). This update was imported from the openSUSE:Leap:15.1:Update update project. kconf_update5-5.55.0-bp151.3.8.1.x86_64.rpm kconfig-5.55.0-bp151.3.8.1.src.rpm kconfig-devel-5.55.0-bp151.3.8.1.x86_64.rpm libKF5ConfigCore5-5.55.0-bp151.3.8.1.x86_64.rpm libKF5ConfigCore5-lang-5.55.0-bp151.3.8.1.noarch.rpm libKF5ConfigGui5-5.55.0-bp151.3.8.1.x86_64.rpm kdelibs4-apidocs-4.14.38-bp151.9.8.1.noarch.rpm kdelibs4-apidocs-4.14.38-bp151.9.8.1.src.rpm kdelibs4-4.14.38-bp151.9.8.2.src.rpm kdelibs4-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-core-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-debugsource-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-doc-4.14.38-bp151.9.8.2.x86_64.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm libkde4-4.14.38-bp151.9.8.2.x86_64.rpm libkde4-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm libkde4-devel-4.14.38-bp151.9.8.2.x86_64.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm libkdecore4-4.14.38-bp151.9.8.2.x86_64.rpm libkdecore4-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm libkdecore4-devel-4.14.38-bp151.9.8.2.x86_64.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm libksuseinstall-devel-4.14.38-bp151.9.8.2.x86_64.rpm libksuseinstall1-4.14.38-bp151.9.8.2.x86_64.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.8.2.x86_64.rpm kconf_update5-5.55.0-bp151.3.8.1.aarch64.rpm kconfig-devel-5.55.0-bp151.3.8.1.aarch64.rpm kconfig-devel-64bit-5.55.0-bp151.3.8.1.aarch64_ilp32.rpm libKF5ConfigCore5-5.55.0-bp151.3.8.1.aarch64.rpm libKF5ConfigCore5-64bit-5.55.0-bp151.3.8.1.aarch64_ilp32.rpm libKF5ConfigGui5-5.55.0-bp151.3.8.1.aarch64.rpm libKF5ConfigGui5-64bit-5.55.0-bp151.3.8.1.aarch64_ilp32.rpm kdelibs4-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-core-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-debugsource-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-doc-4.14.38-bp151.9.8.2.aarch64.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm libkde4-4.14.38-bp151.9.8.2.aarch64.rpm libkde4-64bit-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libkde4-64bit-debuginfo-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libkde4-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm libkde4-devel-4.14.38-bp151.9.8.2.aarch64.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm libkdecore4-4.14.38-bp151.9.8.2.aarch64.rpm libkdecore4-64bit-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libkdecore4-64bit-debuginfo-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libkdecore4-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm libkdecore4-devel-4.14.38-bp151.9.8.2.aarch64.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm libksuseinstall-devel-4.14.38-bp151.9.8.2.aarch64.rpm libksuseinstall1-4.14.38-bp151.9.8.2.aarch64.rpm libksuseinstall1-64bit-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libksuseinstall1-64bit-debuginfo-4.14.38-bp151.9.8.2.aarch64_ilp32.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.8.2.aarch64.rpm kconf_update5-5.55.0-bp151.3.8.1.ppc64le.rpm kconfig-devel-5.55.0-bp151.3.8.1.ppc64le.rpm libKF5ConfigCore5-5.55.0-bp151.3.8.1.ppc64le.rpm libKF5ConfigGui5-5.55.0-bp151.3.8.1.ppc64le.rpm kdelibs4-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-core-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-debugsource-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-doc-4.14.38-bp151.9.8.2.ppc64le.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm libkde4-4.14.38-bp151.9.8.2.ppc64le.rpm libkde4-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm libkde4-devel-4.14.38-bp151.9.8.2.ppc64le.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm libkdecore4-4.14.38-bp151.9.8.2.ppc64le.rpm libkdecore4-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm libkdecore4-devel-4.14.38-bp151.9.8.2.ppc64le.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm libksuseinstall-devel-4.14.38-bp151.9.8.2.ppc64le.rpm libksuseinstall1-4.14.38-bp151.9.8.2.ppc64le.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.8.2.ppc64le.rpm kconf_update5-5.55.0-bp151.3.8.1.s390x.rpm kconfig-devel-5.55.0-bp151.3.8.1.s390x.rpm libKF5ConfigCore5-5.55.0-bp151.3.8.1.s390x.rpm libKF5ConfigGui5-5.55.0-bp151.3.8.1.s390x.rpm kdelibs4-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-branding-upstream-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-core-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-core-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-debugsource-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-doc-4.14.38-bp151.9.8.2.s390x.rpm kdelibs4-doc-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm libkde4-4.14.38-bp151.9.8.2.s390x.rpm libkde4-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm libkde4-devel-4.14.38-bp151.9.8.2.s390x.rpm libkde4-devel-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm libkdecore4-4.14.38-bp151.9.8.2.s390x.rpm libkdecore4-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm libkdecore4-devel-4.14.38-bp151.9.8.2.s390x.rpm libkdecore4-devel-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm libksuseinstall-devel-4.14.38-bp151.9.8.2.s390x.rpm libksuseinstall1-4.14.38-bp151.9.8.2.s390x.rpm libksuseinstall1-debuginfo-4.14.38-bp151.9.8.2.s390x.rpm openSUSE-2019-1886 moderate openSUSE Backports SLE-15-SP1 Update This update for kdepim-runtime fixes the following issues: - Add Qt5NetworkAuth and qca-qt5 BuildRequires for OAuth2 support for the EWS resource (boo#1139721) This update was imported from the openSUSE:Leap:15.1:Update update project. kdepim-runtime-18.12.3-bp151.3.3.4.src.rpm kdepim-runtime-18.12.3-bp151.3.3.4.x86_64.rpm kdepim-runtime-lang-18.12.3-bp151.3.3.4.noarch.rpm kdepim-runtime-18.12.3-bp151.3.3.4.aarch64.rpm openSUSE-2019-1899 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: keepassxc updated to 2.4.3: - Fix library loading issues in the Snap and macOS releases [#3247] - Fix various keyboard navigation issues [#3248] - Fix main window toggling regression when clicking the tray icon on KDE [#3258] - Add documentation for keyboard shortcuts to source code distribution [#3215] This update was imported from the openSUSE:Leap:15.1:Update update project. keepassxc-2.4.3-bp151.3.3.3.src.rpm keepassxc-2.4.3-bp151.3.3.3.x86_64.rpm keepassxc-lang-2.4.3-bp151.3.3.3.noarch.rpm keepassxc-2.4.3-bp151.3.3.3.aarch64.rpm keepassxc-2.4.3-bp151.3.3.3.ppc64le.rpm keepassxc-2.4.3-bp151.3.3.3.s390x.rpm openSUSE-2019-1864 moderate openSUSE Backports SLE-15-SP1 Update This update for kidentitymanagement fixes the following issues: - Fixed that newly created itentities are not showing up in the settings dialog before kmail is restarted (kde#391631) This update was imported from the openSUSE:Leap:15.1:Update update project. kidentitymanagement-18.12.3-bp151.3.3.1.src.rpm kidentitymanagement-devel-18.12.3-bp151.3.3.1.x86_64.rpm kidentitymanagement-lang-18.12.3-bp151.3.3.1.noarch.rpm libKF5IdentityManagement5-18.12.3-bp151.3.3.1.x86_64.rpm kidentitymanagement-devel-18.12.3-bp151.3.3.1.aarch64.rpm libKF5IdentityManagement5-18.12.3-bp151.3.3.1.aarch64.rpm kidentitymanagement-devel-18.12.3-bp151.3.3.1.ppc64le.rpm libKF5IdentityManagement5-18.12.3-bp151.3.3.1.ppc64le.rpm kidentitymanagement-devel-18.12.3-bp151.3.3.1.s390x.rpm libKF5IdentityManagement5-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2019-1863 moderate openSUSE Backports SLE-15-SP1 Update This update for kio fixes the following issues: - Updated translations for da eu gl id ja ko lt nn pa pl pt_BR ru sk languages based on KDE Frameworks 5.59 translations - Add upstream patch to fix downloaded files (via http) getting an "invalid" modification time (boo#1104595, kde#374420) - Updated Lithuanian translations, the included ones KDE Frameworks 5.55 were rather incomplete (boo#1139359). This update was imported from the openSUSE:Leap:15.1:Update update project. kio-5.55.0-bp151.4.3.1.src.rpm kio-5.55.0-bp151.4.3.1.x86_64.rpm kio-core-5.55.0-bp151.4.3.1.x86_64.rpm kio-devel-5.55.0-bp151.4.3.1.x86_64.rpm kio-lang-5.55.0-bp151.4.3.1.noarch.rpm kio-5.55.0-bp151.4.3.1.aarch64.rpm kio-64bit-5.55.0-bp151.4.3.1.aarch64_ilp32.rpm kio-core-5.55.0-bp151.4.3.1.aarch64.rpm kio-core-64bit-5.55.0-bp151.4.3.1.aarch64_ilp32.rpm kio-devel-5.55.0-bp151.4.3.1.aarch64.rpm kio-devel-64bit-5.55.0-bp151.4.3.1.aarch64_ilp32.rpm kio-5.55.0-bp151.4.3.1.ppc64le.rpm kio-core-5.55.0-bp151.4.3.1.ppc64le.rpm kio-devel-5.55.0-bp151.4.3.1.ppc64le.rpm kio-5.55.0-bp151.4.3.1.s390x.rpm kio-core-5.55.0-bp151.4.3.1.s390x.rpm kio-devel-5.55.0-bp151.4.3.1.s390x.rpm openSUSE-2019-1884 moderate openSUSE Backports SLE-15-SP1 Update This update for kmail fixes the following issues: - Ensure that the "To:" field always has focus when creating a new mail (boo#1136481, kde#407967) - Set icon name for "new mail" systray icon instead of passing bitmap data to avoid bad visibility with certain desktop settings, dark themes in particular (boo#1055079) This update was imported from the openSUSE:Leap:15.1:Update update project. kmail-18.12.3-bp151.4.3.1.src.rpm kmail-18.12.3-bp151.4.3.1.x86_64.rpm kmail-application-icons-18.12.3-bp151.4.3.1.x86_64.rpm kmail-lang-18.12.3-bp151.4.3.1.noarch.rpm ktnef-18.12.3-bp151.4.3.1.x86_64.rpm kmail-18.12.3-bp151.4.3.1.aarch64.rpm kmail-application-icons-18.12.3-bp151.4.3.1.aarch64.rpm ktnef-18.12.3-bp151.4.3.1.aarch64.rpm openSUSE-2019-1940 moderate openSUSE Backports SLE-15-SP1 Update This update for kmymoney fixes the following issues: - Update to 5.0.5 - Bugs fixed: * Tag not shown in ledger if only an category is set (kde#352029) * Budgeted vs. Actual report: Budgeted values broken if ticks selected to Bi-Monthly, Quarterly or Yearly (kde#393752) * Can't edit loan account with institution of "Accounts with no institution assigned" (kde#402672) * OFX import targets the wrong account (kde#405206) * Show hidden accounts (kde#407021) * Invalid online statement balance shown (kde#407422) * 21st June 2019 shows as non-processing day when holiday calendar is configured (kde#407800) * KMyMoney crashes in LEAP15.1 (kde#407902, boo#1136300) * Categories with different currencies, no more rate (kde#407982) * Crash during CSV import (kde#408026) * Merging payees results in error and data loss if payee is in matched transaction (kde#408205) * AqBanking File Import does not allow to select account (kde#408494) * Gnucash importer ignores the accounts currencies (kde#409098) * Converted amount not entered into exchange rate editor (kde#409428) - Enhancements: * In Payees view, change "Default Account" tab to "Default Category" (kde#409089) - Fix incompatibilities in how schedules are saved compared to previous versions (kde#406082) This update was imported from the openSUSE:Leap:15.1:Update update project. kmymoney-5.0.5-bp151.3.3.8.src.rpm kmymoney-5.0.5-bp151.3.3.8.x86_64.rpm kmymoney-devel-5.0.5-bp151.3.3.8.x86_64.rpm kmymoney-lang-5.0.5-bp151.3.3.8.noarch.rpm openSUSE-2019-1939 moderate openSUSE Backports SLE-15-SP1 Update This update for krdc fixes the following issues: - Fixed broken VNC display with color depths other than 32bit. This update was imported from the openSUSE:Leap:15.1:Update update project. krdc-18.12.3-bp151.3.3.4.src.rpm krdc-18.12.3-bp151.3.3.4.x86_64.rpm krdc-devel-18.12.3-bp151.3.3.4.x86_64.rpm krdc-lang-18.12.3-bp151.3.3.4.noarch.rpm openSUSE-2019-1895 moderate openSUSE Backports SLE-15-SP1 Update This update for ledger fixes the following issues: ledger was updated to 3.1.3: + Properly reject postings with a comment right after the flag (bug #1753) + Make sorting order of lot information deterministic (bug #1747) + Fix bug in tag value parsing (bug #1702) + Remove the org command, which was always a hack to begin with (bug #1706) + Provide Docker information in README + Various small documentation improvements This also includes the update to 3.1.2: + Increase maximum length for regex from 255 to 4095 (bug #981) + Initialize periods from from/since clause rather than earliest transaction date (bug #1159) + Check balance assertions against the amount after the posting (bug #1147) + Allow balance assertions with multiple posts to same account (bug #1187) + Fix period duration of "every X days" and similar statements (bug #370) + Make option --force-color not require --color anymore (bug #1109) + Add quoted_rfc4180 to allow CVS output with RFC 4180 compliant quoting. + Add support for --prepend-format in accounts command + Fix handling of edge cases in trim function (bug #520) + Fix auto xact posts not getting applied to account total during journal parse (bug #552) + Transfer null_post flags to generated postings + Fix segfault when using --market with --group-by + Use amount_width variable for budget report + Keep pending items in budgets until the last day they apply + Fix bug where .total used in value expressions breaks totals + Make automated transactions work with assertions (bug #1127) + Improve parsing of date tokens (bug #1626) + Don't attempt to invert a value if it's already zero (bug #1703) + Do not parse user-specified init-file twice + Fix parsing issue of effective dates (bug #1722, TALOS-2017-0303, CVE-2017-2807) + Fix use-after-free issue with deferred postings (bug #1723, TALOS-2017-0304, CVE-2017-2808) + Fix possible stack overflow in option parsing routine (bug #1222, CVE-2017-12481) + Fix possible stack overflow in date parsing routine (bug #1224, CVE-2017-12482) + Fix use-after-free when using --gain (bug #541) + Python: Removed double quotes from Unicode values. + Python: Ensure that parse errors produce useful RuntimeErrors + Python: Expose journal expand_aliases + Python: Expose journal_t::register_account + Improve bash completion + Emacs Lisp files have been moved to https://github.com/ledger/ledger-mode + Various documentation improvements This update was imported from the openSUSE:Leap:15.0:Update update project. ledger-3.1.3-bp151.4.3.1.src.rpm ledger-3.1.3-bp151.4.3.1.x86_64.rpm ledger-3.1.3-bp151.4.3.1.ppc64le.rpm ledger-3.1.3-bp151.4.3.1.s390x.rpm openSUSE-2019-1887 moderate openSUSE Backports SLE-15-SP1 Update This update for libebml, libmatroska fixes the following issues: - Update libeml to version 1.3.9: * Fixed the handling of Unicode codepoints > U+FFFF * Some build system related changes * Fix memory leak (boo#1104354) - Update libmatroska to version 1.5.2: * KaxBlock: fixed a potential access to invalid memory due to invalid lace sizes read from invalid data. * KaxBlock: fixed a potential null pointer dereference triggerable by reading invalid data. (boo#1141027) * Compatibilty with libEBML 1.3.7 * Switched to cmake. * KaxBlockGroup, KaxSimpleBlock: fixed writing the block header * Setting the version number in the "KaxCodeVersion" variable * KaxSemantic: add new elements dealing with 360°/VR content and This update was imported from the openSUSE:Leap:15.1:Update update project. libebml-1.3.9-bp151.5.3.1.src.rpm libebml-devel-1.3.9-bp151.5.3.1.x86_64.rpm libebml4-1.3.9-bp151.5.3.1.x86_64.rpm libmatroska-1.5.2-bp151.3.3.1.src.rpm libmatroska-debugsource-1.5.2-bp151.3.3.1.x86_64.rpm libmatroska-devel-1.5.2-bp151.3.3.1.x86_64.rpm libmatroska6-1.5.2-bp151.3.3.1.x86_64.rpm libmatroska6-debuginfo-1.5.2-bp151.3.3.1.x86_64.rpm libebml-devel-1.3.9-bp151.5.3.1.aarch64.rpm libebml4-1.3.9-bp151.5.3.1.aarch64.rpm libebml4-64bit-1.3.9-bp151.5.3.1.aarch64_ilp32.rpm libmatroska-debugsource-1.5.2-bp151.3.3.1.aarch64.rpm libmatroska-devel-1.5.2-bp151.3.3.1.aarch64.rpm libmatroska6-1.5.2-bp151.3.3.1.aarch64.rpm libmatroska6-64bit-1.5.2-bp151.3.3.1.aarch64_ilp32.rpm libmatroska6-64bit-debuginfo-1.5.2-bp151.3.3.1.aarch64_ilp32.rpm libmatroska6-debuginfo-1.5.2-bp151.3.3.1.aarch64.rpm libebml-devel-1.3.9-bp151.5.3.1.ppc64le.rpm libebml4-1.3.9-bp151.5.3.1.ppc64le.rpm libmatroska-debugsource-1.5.2-bp151.3.3.1.ppc64le.rpm libmatroska-devel-1.5.2-bp151.3.3.1.ppc64le.rpm libmatroska6-1.5.2-bp151.3.3.1.ppc64le.rpm libmatroska6-debuginfo-1.5.2-bp151.3.3.1.ppc64le.rpm libebml-devel-1.3.9-bp151.5.3.1.s390x.rpm libebml4-1.3.9-bp151.5.3.1.s390x.rpm libmatroska-debugsource-1.5.2-bp151.3.3.1.s390x.rpm libmatroska-devel-1.5.2-bp151.3.3.1.s390x.rpm libmatroska6-1.5.2-bp151.3.3.1.s390x.rpm libmatroska6-debuginfo-1.5.2-bp151.3.3.1.s390x.rpm openSUSE-2019-1892 moderate openSUSE Backports SLE-15-SP1 Update This update for libgpiod to version 1.4 fixes the following issues: * New features: - updated the testing framework to work with linux v5.1 in which the debugfs interface of the GPIO testing module changed in a backward incompatible way - factored out the code controlling the GPIO testing module into a separate shared library that may be reused by future testing executables for different language bindings - removed the --enable-install-tests build option and the make check target as they were redundant, subsequently tests are now installed as a normal program whenever they're enabled with --enable-tests * Improvements: - removed unnecessary std::move calls from C++ bindings - added the explicit keyword to bool() operators in C++ bindings * Bug fixes: - fix out of source build of man pages This update was imported from the openSUSE:Leap:15.1:Update update project. libgpiod-1.4-bp151.3.3.1.src.rpm libgpiod-1.4-bp151.3.3.1.x86_64.rpm libgpiod-devel-1.4-bp151.3.3.1.x86_64.rpm libgpiod2-1.4-bp151.3.3.1.x86_64.rpm libgpiodcxx1-1.4-bp151.3.3.1.x86_64.rpm python-libgpiod-1.4-bp151.3.3.1.x86_64.rpm libgpiod-1.4-bp151.3.3.1.aarch64.rpm libgpiod-devel-1.4-bp151.3.3.1.aarch64.rpm libgpiod2-1.4-bp151.3.3.1.aarch64.rpm libgpiodcxx1-1.4-bp151.3.3.1.aarch64.rpm python-libgpiod-1.4-bp151.3.3.1.aarch64.rpm libgpiod-1.4-bp151.3.3.1.ppc64le.rpm libgpiod-devel-1.4-bp151.3.3.1.ppc64le.rpm libgpiod2-1.4-bp151.3.3.1.ppc64le.rpm libgpiodcxx1-1.4-bp151.3.3.1.ppc64le.rpm python-libgpiod-1.4-bp151.3.3.1.ppc64le.rpm libgpiod-1.4-bp151.3.3.1.s390x.rpm libgpiod-devel-1.4-bp151.3.3.1.s390x.rpm libgpiod2-1.4-bp151.3.3.1.s390x.rpm libgpiodcxx1-1.4-bp151.3.3.1.s390x.rpm python-libgpiod-1.4-bp151.3.3.1.s390x.rpm openSUSE-2019-1888 moderate openSUSE Backports SLE-15-SP1 Update This update for libheimdal fixes the following issues: libheimdal was updated to version 7.7.0: + Bug fixes: - PKCS#11 hcrypto back-end: + initialize the p11_module_load function list + verify that not only is a mechanism present but that its mechanism info states that it offers the required encryption, decryption or digest services - krb5: + Starting with 7.6, Heimdal permitted requesting authenticated anonymous tickets. However, it did not verify that a KDC in fact returned an anonymous ticket when one was requested. + Cease setting the KDCOption reaquest_anonymous flag when issuing S4UProxy (constrained delegation) TGS requests. + when the Win2K PKINIT compatibility option is set, do not require krbtgt otherName to match when validating KDC certificate. + set PKINIT_BTMM flag per Apple implementation + use memset_s() instead of memset() - kdc: + When generating KRB5SignedPath in the AS, use the reply client name rather than the one from the request, so validation will work correctly in the TGS. + allow checksum of PA-FOR-USER to be HMAC_MD5. Even if TGT used an enctype with a different checksum. Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is always HMAC_MD5, and that's what Windows and MIT clients send. In Heimdal both the client and kdc use instead the checksum of the TGT, and therefore work with each other but Windows and MIT clients fail against Heimdal KDC. Both Windows and MIT KDC would allow any keyed checksum to be used so Heimdal client work fine against it. Change Heimdal KDC to allow HMAC_MD5 even for non RC4 based TGT in order to support per-spec clients. + use memset_s() instead of memset() + Detect Heimdal 1.0 through 7.6 clients that issue S4UProxy (constrained delegation) TGS Requests with the request anonymous flag set. These requests will be treated as S4UProxy requests and not anonymous requests. - HDB: + Set SQLite3 backend default page size to 8KB. + Add hdb_set_sync() method - kadmind: + disable HDB sync during database load avoiding unnecessary disk i/o. - ipropd: + disable HDB sync during receive_everything. Doing an fsync per-record when receiving the complete HDB is a performance disaster. Among other things, if the HDB is very large, then one slave receving a full HDB can cause other slaves to timeout and, if HDB write activity is high enough to cause iprop log truncation, then also need full syncs, which leads to a cycle of full syncs for all slaves until HDB write activity drops. Allowing the iprop log to be larger helps, but improving receive_everything() performance helps even more. - kinit: + Anonymous PKINIT tickets discard the realm information used to locate the issuing AS. Store the issuing realm in the credentials cache in order to locate a KDC which can renew them. + Do not leak the result of krb5_cc_get_config() when determining anonymous PKINIT start realm. - klist: + Show transited-policy-checked, ok-as-delegate and anonymous flags when listing credentials. - tests: + Regenerate certs so that they expire before the 2038 armageddon so the test suite will pass on 32-bit operating systems until the underlying issues can be resolved. - documentation: + rename verify-password to verify-password-quality + hprop default mode is encrypt + kadmind "all" permission does not include "get-keys" + verify-password-quality might not be stateless Version 7.6.0: + Security (#555): - CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum When the Heimdal KDC checks the checksum that is placed on the S4U2Self packet by the server to protect the requested principal against modification, it does not confirm that the checksum algorithm that protects the user name (principal) in the request is keyed. This allows a man-in-the-middle attacker who can intercept the request to the KDC to modify the packet by replacing the user name (principal) in the request with any desired user name (principal) that exists in the KDC and replace the checksum protecting that name with a CRC32 checksum (which requires no prior knowledge to compute). This would allow a S4U2Self ticket requested on behalf of user name (principal) user@EXAMPLE.COM to any service to be changed to a S4U2Self ticket with a user name (principal) of Administrator@EXAMPLE.COM. This ticket would then contain the PAC of the modified user name (principal). - CVE-2019-12098, client-only: RFC8062 Section 7 requires verification of the PA-PKINIT-KX key exchange when anonymous PKINIT is used. Failure to do so can permit an active attacker to become a man-in-the-middle. + Bug fixes: - Happy eyeballs: Don't wait for responses from known-unreachable KDCs. - kdc: + check return copy_Realm, copy_PrincipalName, copy_EncryptionKey - kinit: + cleanup temporary ccaches + see man page for "kinit --anonymous" command line syntax change - kdc: + Make anonymous AS-requests more RFC8062-compliant. Updated expired test certificates + Features: - kuser: support authenticated anonymous AS-REQs in kinit - kdc: support for anonymous TGS-REQs - kgetcred support for anonymous service tickets - Support builds with OpenSSL 1.1.1 This update was imported from the openSUSE:Leap:15.0:Update update project. libheimdal-7.7.0-bp151.4.3.1.src.rpm libheimdal-7.7.0-bp151.4.3.1.x86_64.rpm libheimdal-devel-7.7.0-bp151.4.3.1.x86_64.rpm libheimdal-7.7.0-bp151.4.3.1.aarch64.rpm libheimdal-devel-7.7.0-bp151.4.3.1.aarch64.rpm libheimdal-7.7.0-bp151.4.3.1.ppc64le.rpm libheimdal-devel-7.7.0-bp151.4.3.1.ppc64le.rpm libheimdal-7.7.0-bp151.4.3.1.s390x.rpm libheimdal-devel-7.7.0-bp151.4.3.1.s390x.rpm openSUSE-2019-1889 moderate openSUSE Backports SLE-15-SP1 Update This update for libmediainfo fixes the following issues: * CVE-2019-11373: Fixed out-of-bounds read in function File__Analyze:Get_L8 (boo#1133156) * CVE-2019-11372: Fixed out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (boo#1133157) This update was imported from the openSUSE:Leap:15.0:Update update project. libmediainfo-18.03-bp151.4.3.2.src.rpm libmediainfo-devel-18.03-bp151.4.3.2.x86_64.rpm libmediainfo0-18.03-bp151.4.3.2.x86_64.rpm libmediainfo-devel-18.03-bp151.4.3.2.aarch64.rpm libmediainfo0-18.03-bp151.4.3.2.aarch64.rpm libmediainfo0-64bit-18.03-bp151.4.3.2.aarch64_ilp32.rpm libmediainfo-devel-18.03-bp151.4.3.2.ppc64le.rpm libmediainfo0-18.03-bp151.4.3.2.ppc64le.rpm libmediainfo-devel-18.03-bp151.4.3.2.s390x.rpm libmediainfo0-18.03-bp151.4.3.2.s390x.rpm openSUSE-2019-1891 moderate openSUSE Backports SLE-15-SP1 Update This update for libqb fixes the following issue: Security issue fixed: - CVE-2019-12779: Fixed an insecure treatment of IPC temporary files which could have allowed a local attacker to overwrite privileged system files (bsc#1137835). This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libqb-1.0.3+20190326.a521604-bp151.2.3.1.src.rpm libqb-devel-1.0.3+20190326.a521604-bp151.2.3.1.x86_64.rpm libqb-tests-1.0.3+20190326.a521604-bp151.2.3.1.x86_64.rpm libqb-tools-1.0.3+20190326.a521604-bp151.2.3.1.x86_64.rpm libqb20-1.0.3+20190326.a521604-bp151.2.3.1.x86_64.rpm libqb-devel-1.0.3+20190326.a521604-bp151.2.3.1.aarch64.rpm libqb-devel-64bit-1.0.3+20190326.a521604-bp151.2.3.1.aarch64_ilp32.rpm libqb-tests-1.0.3+20190326.a521604-bp151.2.3.1.aarch64.rpm libqb-tools-1.0.3+20190326.a521604-bp151.2.3.1.aarch64.rpm libqb20-1.0.3+20190326.a521604-bp151.2.3.1.aarch64.rpm libqb20-64bit-1.0.3+20190326.a521604-bp151.2.3.1.aarch64_ilp32.rpm libqb-devel-1.0.3+20190326.a521604-bp151.2.3.1.ppc64le.rpm libqb-tests-1.0.3+20190326.a521604-bp151.2.3.1.ppc64le.rpm libqb-tools-1.0.3+20190326.a521604-bp151.2.3.1.ppc64le.rpm libqb20-1.0.3+20190326.a521604-bp151.2.3.1.ppc64le.rpm libqb-devel-1.0.3+20190326.a521604-bp151.2.3.1.s390x.rpm libqb-tests-1.0.3+20190326.a521604-bp151.2.3.1.s390x.rpm libqb-tools-1.0.3+20190326.a521604-bp151.2.3.1.s390x.rpm libqb20-1.0.3+20190326.a521604-bp151.2.3.1.s390x.rpm openSUSE-2019-1883 moderate openSUSE Backports SLE-15-SP1 Update This update for libsass to version 3.6.1 fixes the following issues: Security issues fixed: - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*) (boo#1121943). - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives (boo#1121944). - CVE-2019-6286: Fixed heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes (boo#1121945). - CVE-2018-11499: Fixed use-after-free vulnerability in sass_context.cpp:handle_error (boo#1096894). - CVE-2018-19797: Disallowed parent selector in selector_fns arguments (boo#1118301). - CVE-2018-19827: Fixed use-after-free vulnerability exists in the SharedPtr class (boo#1118346). - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348). - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS expansion (boo#1118349). - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid input (boo#1118351). - CVE-2018-20190: Fixed Null pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789). - CVE-2018-20821: Fixed uncontrolled recursion in Sass:Parser:parse_css_variable_value (boo#1133200). - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator() (boo#1133201). This update was imported from the openSUSE:Leap:15.0:Update update project. libsass-3.6.1-bp151.4.3.1.src.rpm libsass-3_6_1-1-3.6.1-bp151.4.3.1.x86_64.rpm libsass-devel-3.6.1-bp151.4.3.1.x86_64.rpm libsass-3_6_1-1-3.6.1-bp151.4.3.1.aarch64.rpm libsass-devel-3.6.1-bp151.4.3.1.aarch64.rpm libsass-3_6_1-1-3.6.1-bp151.4.3.1.ppc64le.rpm libsass-devel-3.6.1-bp151.4.3.1.ppc64le.rpm libsass-3_6_1-1-3.6.1-bp151.4.3.1.s390x.rpm libsass-devel-3.6.1-bp151.4.3.1.s390x.rpm openSUSE-2019-1880 moderate openSUSE Backports SLE-15-SP1 Update This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. (boo#1127341) - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free error causing the RTSP server to crash or possibly have unspecified other impact. (boo#1124159) - Update to version 2019.06.28, - Convert to dynamic libraries (boo#1121995): + Use make ilinux-with-shared-libraries: build the dynamic libs instead of the static one. + Use make install instead of a manual file copy script: this also reveals that we missed quite a bit of code to be installed before. + Split out shared library packages according the SLPP. - Use FAT LTO objects in order to provide proper static library. This update was imported from the openSUSE:Leap:15.1:Update update project. libBasicUsageEnvironment1-2019.06.28-bp151.3.3.1.x86_64.rpm libUsageEnvironment3-2019.06.28-bp151.3.3.1.x86_64.rpm libgroupsock8-2019.06.28-bp151.3.3.1.x86_64.rpm libliveMedia66-2019.06.28-bp151.3.3.1.x86_64.rpm live555-2019.06.28-bp151.3.3.1.src.rpm live555-2019.06.28-bp151.3.3.1.x86_64.rpm live555-devel-2019.06.28-bp151.3.3.1.x86_64.rpm libBasicUsageEnvironment1-2019.06.28-bp151.3.3.1.aarch64.rpm libUsageEnvironment3-2019.06.28-bp151.3.3.1.aarch64.rpm libgroupsock8-2019.06.28-bp151.3.3.1.aarch64.rpm libliveMedia66-2019.06.28-bp151.3.3.1.aarch64.rpm live555-2019.06.28-bp151.3.3.1.aarch64.rpm live555-devel-2019.06.28-bp151.3.3.1.aarch64.rpm libBasicUsageEnvironment1-2019.06.28-bp151.3.3.1.ppc64le.rpm libUsageEnvironment3-2019.06.28-bp151.3.3.1.ppc64le.rpm libgroupsock8-2019.06.28-bp151.3.3.1.ppc64le.rpm libliveMedia66-2019.06.28-bp151.3.3.1.ppc64le.rpm live555-2019.06.28-bp151.3.3.1.ppc64le.rpm live555-devel-2019.06.28-bp151.3.3.1.ppc64le.rpm libBasicUsageEnvironment1-2019.06.28-bp151.3.3.1.s390x.rpm libUsageEnvironment3-2019.06.28-bp151.3.3.1.s390x.rpm libgroupsock8-2019.06.28-bp151.3.3.1.s390x.rpm libliveMedia66-2019.06.28-bp151.3.3.1.s390x.rpm live555-2019.06.28-bp151.3.3.1.s390x.rpm live555-devel-2019.06.28-bp151.3.3.1.s390x.rpm openSUSE-2019-1946 moderate openSUSE Backports SLE-15-SP1 Update This update for lua-lua-mpris fixes the following issues: Changes in lua-lua-mpris: - Fixed an error introduced by bad last minute refactoring (boo#1136883). This update was imported from the openSUSE:Leap:15.0:Update update project. lua51-lua-mpris-0.0+git20170918.28b1c75-bp151.4.3.1.src.rpm lua51-lua-mpris-0.0+git20170918.28b1c75-bp151.4.3.1.x86_64.rpm mpv-plugin-mpris-0.0+git20170918.28b1c75-bp151.4.3.1.x86_64.rpm lua53-lua-mpris-0.0+git20170918.28b1c75-bp151.4.3.1.src.rpm lua53-lua-mpris-0.0+git20170918.28b1c75-bp151.4.3.1.x86_64.rpm openSUSE-2019-1932 moderate openSUSE Backports SLE-15-SP1 Update This update for lxqt-panel fixes the following issues: - lxqt-panel has called an invalid volume plugin name (boo#1043608) This update was imported from the openSUSE:Leap:15.0:Update update project. lxqt-panel-0.12.0-bp151.4.3.3.src.rpm lxqt-panel-0.12.0-bp151.4.3.3.x86_64.rpm lxqt-panel-devel-0.12.0-bp151.4.3.3.x86_64.rpm lxqt-panel-0.12.0-bp151.4.3.3.aarch64.rpm lxqt-panel-devel-0.12.0-bp151.4.3.3.aarch64.rpm lxqt-panel-0.12.0-bp151.4.3.3.ppc64le.rpm lxqt-panel-devel-0.12.0-bp151.4.3.3.ppc64le.rpm openSUSE-2019-1875 low openSUSE Backports SLE-15-SP1 Update This update for lxqt-sudo fixes the following issues: Fixes layout problem with CJK by setting the locale to C (boo#1100871). This update was imported from the openSUSE:Leap:15.0:Update update project. lxqt-sudo-0.12.0-bp151.4.3.1.src.rpm lxqt-sudo-0.12.0-bp151.4.3.1.x86_64.rpm lxqt-sudo-0.12.0-bp151.4.3.1.aarch64.rpm lxqt-sudo-0.12.0-bp151.4.3.1.ppc64le.rpm lxqt-sudo-0.12.0-bp151.4.3.1.s390x.rpm openSUSE-2019-1885 moderate openSUSE Backports SLE-15-SP1 Update This update for machinery fixes the following issues: machinery was updated to version 1.24.1: * Fix HTML man page * Switch image building support from legacy Kiwi to Kiwi Next Generation * Allow newer json-schema releases than 2.2.5. Newer versions slow down parsing of manifests but newer Ruby versions have issues with old json schema releases. The performance issue is known upstream: (gh#ruby-json-schema/json-schema#261) * Fix machinery helper go version parsing (boo#1125785) * Improve parsing of SSH exceptions (gh#SUSE/machinery#2257) * Allow inspection of old 32-bit systems even when their architecture is reported as i586 or i386 This update was imported from the openSUSE:Leap:15.0:Update update project. machinery-1.24.1-bp151.4.3.1.src.rpm machinery-1.24.1-bp151.4.3.1.x86_64.rpm machinery-doc-1.24.1-bp151.4.3.1.x86_64.rpm machinery-1.24.1-bp151.4.3.1.aarch64.rpm machinery-doc-1.24.1-bp151.4.3.1.aarch64.rpm machinery-1.24.1-bp151.4.3.1.ppc64le.rpm machinery-doc-1.24.1-bp151.4.3.1.ppc64le.rpm machinery-1.24.1-bp151.4.3.1.s390x.rpm machinery-doc-1.24.1-bp151.4.3.1.s390x.rpm openSUSE-2019-1882 moderate openSUSE Backports SLE-15-SP1 Update This update for mailgraph fixes the following issues: - Stop requesting an image from http://oss.oetiker.ch every time the mailgraph.cgi is opened - add support (graphs) to postgrey and greylisting - handle postscreen in the same way as smtpd - added mailgraph.service file -> use systemd (boo#1116020) * add systemd support * add file mailgraph.service * set defaults in sysconfig file - add support for rsyslog This update was imported from the openSUSE:Leap:15.0:Update update project. mailgraph-1.14-bp151.4.3.1.noarch.rpm mailgraph-1.14-bp151.4.3.1.src.rpm openSUSE-2019-1876 moderate openSUSE Backports SLE-15-SP1 Update This update for mumble fixes the following issues: CVE-2018-20743: murmur mishandled multiple concurrent requests that were persisted in the database, which allowed remote attackers to cause a denial of service (daemon hang or crash) via a message flood. (boo#1123334) This update was imported from the openSUSE:Leap:15.0:Update update project. mumble-1.2.19-bp151.6.3.1.src.rpm mumble-1.2.19-bp151.6.3.1.x86_64.rpm mumble-server-1.2.19-bp151.6.3.1.x86_64.rpm mumble-1.2.19-bp151.6.3.1.aarch64.rpm mumble-64bit-1.2.19-bp151.6.3.1.aarch64_ilp32.rpm mumble-server-1.2.19-bp151.6.3.1.aarch64.rpm mumble-1.2.19-bp151.6.3.1.ppc64le.rpm mumble-server-1.2.19-bp151.6.3.1.ppc64le.rpm mumble-1.2.19-bp151.6.3.1.s390x.rpm mumble-server-1.2.19-bp151.6.3.1.s390x.rpm openSUSE-2019-1997 important openSUSE Backports SLE-15-SP1 Update This update for neovim fixes the following issues: neovim was updated to version 0.3.7: * CVE-2019-12735: source should check sandbox (boo#1137443) * genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5: * options: properly reset directories on 'autochdir' * Remove MSVC optimization workaround for SHM_ALL * Make SHM_ALL to a variable instead of a compound literal #define * doc: mention "pynvim" module rename * screen: don't crash when drawing popupmenu with 'rightleft' option * look-behind match may use the wrong line number * :terminal : set topline based on window height * :recover : Fix crash on non-existent *.swp Version Update to version 0.3.4: * test: add tests for conceal cursor movement * display: unify ursorline and concealcursor redraw logic Version Update to version 0.3.3: * health/provider: Check for available pynvim when neovim mod is missing * python#CheckForModule: Use the given module string instead of hard-coding pynvim * (health.provider)/python: Import the neovim, rather than pynvim, module * TUI: Konsole DECSCUSR fixup Version Update to version 0.3.2:- * Features - clipboard: support Custom VimL functions (#9304) - win/TUI: improve terminal/console support (#9401) - startup: Use $XDG_CONFIG_DIRS/nvim/sysinit.vim if exists (#9077) - support mapping in more places (#9299) - diff/highlight: show underline for low-priority CursorLine (#9028) - signs: Add "nuhml" argument (#9113) - clipboard: support Wayland (#9230) - TUI: add support for undercurl and underline color (#9052) - man.vim: soft (dynamic) wrap (#9023) * API - API: implement object namespaces (#6920) - API: implement nvim_win_set_buf() (#9100) - API: virtual text annotations (nvim_buf_set_virtual_text) (#8180) - API: add nvim_buf_is_loaded() (#8660) - API: nvm_buf_get_offset_for_line (#8221) - API/UI: ext_newgrid, ext_histate (#8221) * UI - TUI: use BCE again more often (smoother resize) (#8806) - screen: add missing status redraw when redraw_later(CLEAR) was used (#9315) - TUI: clip invalid regions on resize (#8779) - TUI: improvements for scrolling and clearing (#9193) - TUI: disable clearing almost everywhere (#9143) - TUI: always use safe cursor movement after resize (#9079) - ui_options: also send when starting or from OptionSet (#9211) - TUI: Avoid reset_color_cursor_color in old VTE (#9191) - Don't erase screen on :hi Normal during startup (#9021) - TUI: Hint wrapped lines to terminals (#8915) * FIXES - RPC: turn errors from async calls into notifications - TUI: Restore terminal title via "title stacking" (#9407) - genappimage: Unset $ARGV0 at invocation (#9376) - TUI: Konsole 18.07.70 supports DECSCUSR (#9364) - provider: improve error message (#9344) - runtime/syntax: Fix highlighting of autogroup contents (#9328) - VimL/confirm(): Show dialog even if :silent (#9297) - clipboard: prefer xclip (#9302) - provider/nodejs: fix npm, yarn detection - channel: avoid buffering output when only terminal is active (#9218) - ruby: detect rbenv shims for other versions (#8733) - third party/unibilium: Fix parsing of extended capabilitiy entries (#9123) - jobstart(): Fix hang on non-executable cwd (#9204) - provide/nodejs: Simultaneously query npm and yarn (#9054) - undo: Fix infinite loop if undo_read_byte returns EOF (#2880) - 'swapfile: always show dialog' (#9034) - Add to the system-wide configuration file extension of runtimepath by /usr/share/vim/site, so that neovim uses other Vim plugins installed from packages. - Add /usr/share/vim/site tree of directories to be owned by neovim as well. This update was imported from the openSUSE:Leap:15.1:Update update project. neovim-0.3.7-bp151.3.3.1.src.rpm neovim-0.3.7-bp151.3.3.1.x86_64.rpm neovim-lang-0.3.7-bp151.3.3.1.noarch.rpm openSUSE-2019-1881 moderate openSUSE Backports SLE-15-SP1 Update This update for nim fixes the following issues: - Fixed location of config files (boo#1137006) Update to version 0.19.6: * Please see: https://nim-lang.org/blog/2019/05/13/version-0196-released.html Update to version 0.19.2: * Please see: https://nim-lang.org/blog/2018/12/31/version-0192-released.html Update to version 0.19.0: * Please see: https://nim-lang.org/blog/2018/09/26/version-0190-released.html This update was imported from the openSUSE:Leap:15.0:Update update project. nim-0.19.6-bp151.4.3.1.src.rpm nim-0.19.6-bp151.4.3.1.x86_64.rpm openSUSE-2019-1878 low openSUSE Backports SLE-15-SP1 Update This update for osc, openSUSE-release-tools fixes the following issues: - Add new package openSUSE-release-tools in version 20190603.49a5e95b: * Support licensedigger as reviewer for SUSE and openSUSE * [ttm] remove ppc64 (BE) for TW bypass boo#1112920 - osc was updated to 0.165.1: * add Provides: %{use_python}-osc so that other packages can require the correct version (either python2-osc or python3-osc) * fix oscssl "urldefrag is not defined error" * osc release command now python3 compatible * add more decode logic in get_commitlog * osc add <dir> in compressed mode now works with python3 * osc getbinaries now prints the output instead of using the quiet mode as a default This update was imported from the openSUSE:Leap:15.1:Update update project. openSUSE-release-tools-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-20190603.49a5e95b-bp151.3.3.1.src.rpm openSUSE-release-tools-abichecker-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-announcer-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-check-source-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-devel-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-leaper-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-maintenance-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-metrics-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-metrics-access-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-obs-operator-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-origin-manager-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-pkglistgen-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-repo-checker-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-release-tools-staging-bot-20190603.49a5e95b-bp151.3.3.1.noarch.rpm osc-plugin-cycle-20190603.49a5e95b-bp151.3.3.1.noarch.rpm osc-plugin-origin-20190603.49a5e95b-bp151.3.3.1.noarch.rpm osc-plugin-staging-20190603.49a5e95b-bp151.3.3.1.noarch.rpm osc-plugin-vdelreq-20190603.49a5e95b-bp151.3.3.1.noarch.rpm osclib-20190603.49a5e95b-bp151.3.3.1.noarch.rpm openSUSE-2019-1861 moderate openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.0.1: * Several issues with SYSTEM VERSIONING tables * Fixed json encode error in export * Fixed JavaScript events not activating on input (sql bookmark issue) * Show Designer combo boxes when adding a constraint * Fix edit view * Fixed invalid default value for bit field * Fix several errors relating to GIS data types * Fixed javascript error PMA_messages is not defined * Fixed import XML data with leading zeros * Fixed php notice, added support for 'DELETE HISTORY' table privilege (MariaDB >= 10.3.4) * Fixed MySQL 8.0.0 issues with GIS display * Fixed "Server charset" in "Database server" tab showing wrong information * Fixed can not copy user on Percona Server 5.7 * Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems - boo#1137497 / PMASA-2019-4 / CVE-2019-12616 / CWE-661: Fixed CSRF vulnerability in login form https://www.phpmyadmin.net/security/PMASA-2019-4/ - boo#1137496 / PMASA-2019-3 / CVE-2019-11768 / CWE-661: Fixed SQL injection in Designer feature https://www.phpmyadmin.net/security/PMASA-2019-3/ This update was imported from the openSUSE:Leap:15.0:Update update project. phpMyAdmin-4.9.0.1-bp151.3.3.1.noarch.rpm phpMyAdmin-4.9.0.1-bp151.3.3.1.src.rpm openSUSE-2019-1869 moderate openSUSE Backports SLE-15-SP1 Update This update for plasma-framework fixes the following issues: - Fixed another incompatibility with Qt 5.9 (boo#1136473) This update was imported from the openSUSE:Leap:15.1:Update update project. libKF5Plasma5-5.55.0-bp151.3.3.2.x86_64.rpm plasma-framework-5.55.0-bp151.3.3.2.src.rpm plasma-framework-5.55.0-bp151.3.3.2.x86_64.rpm plasma-framework-components-5.55.0-bp151.3.3.2.x86_64.rpm plasma-framework-devel-5.55.0-bp151.3.3.2.x86_64.rpm plasma-framework-lang-5.55.0-bp151.3.3.2.noarch.rpm libKF5Plasma5-5.55.0-bp151.3.3.2.aarch64.rpm libKF5Plasma5-64bit-5.55.0-bp151.3.3.2.aarch64_ilp32.rpm plasma-framework-5.55.0-bp151.3.3.2.aarch64.rpm plasma-framework-64bit-5.55.0-bp151.3.3.2.aarch64_ilp32.rpm plasma-framework-components-5.55.0-bp151.3.3.2.aarch64.rpm plasma-framework-components-64bit-5.55.0-bp151.3.3.2.aarch64_ilp32.rpm plasma-framework-devel-5.55.0-bp151.3.3.2.aarch64.rpm plasma-framework-devel-64bit-5.55.0-bp151.3.3.2.aarch64_ilp32.rpm libKF5Plasma5-5.55.0-bp151.3.3.2.ppc64le.rpm plasma-framework-5.55.0-bp151.3.3.2.ppc64le.rpm plasma-framework-components-5.55.0-bp151.3.3.2.ppc64le.rpm plasma-framework-devel-5.55.0-bp151.3.3.2.ppc64le.rpm libKF5Plasma5-5.55.0-bp151.3.3.2.s390x.rpm plasma-framework-5.55.0-bp151.3.3.2.s390x.rpm plasma-framework-components-5.55.0-bp151.3.3.2.s390x.rpm plasma-framework-devel-5.55.0-bp151.3.3.2.s390x.rpm openSUSE-2019-1870 important openSUSE Backports SLE-15-SP1 Update This update for proftpd fixes the following issues: Security issues fixed: - CVE-2019-12815: Fixed arbitrary file copy in mod_copy that allowed for remote code execution and information disclosure without authentication (bnc#1142281). This update was imported from the openSUSE:Leap:15.0:Update update project. proftpd-1.3.5e-bp151.4.3.1.src.rpm proftpd-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-devel-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-doc-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-lang-1.3.5e-bp151.4.3.1.noarch.rpm proftpd-ldap-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-mysql-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-pgsql-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-radius-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-sqlite-1.3.5e-bp151.4.3.1.x86_64.rpm proftpd-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-devel-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-doc-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-ldap-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-mysql-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-pgsql-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-radius-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-sqlite-1.3.5e-bp151.4.3.1.aarch64.rpm proftpd-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-devel-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-doc-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-ldap-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-mysql-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-pgsql-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-radius-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-sqlite-1.3.5e-bp151.4.3.1.ppc64le.rpm proftpd-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-devel-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-doc-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-ldap-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-mysql-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-pgsql-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-radius-1.3.5e-bp151.4.3.1.s390x.rpm proftpd-sqlite-1.3.5e-bp151.4.3.1.s390x.rpm openSUSE-2019-1866 moderate openSUSE Backports SLE-15-SP1 Update This update for pure-ftpd fixes the following issues: - Add missing run-time dependency on system-user-ftp to ensure that user exits. [boo#1136997] - Add a configuration option that sets the process memory limit used by "ls" for globbing. The value can be specified as optional third argument to "-L" (or LimitRecursion in config file). Because it's optional, the old configuration files will still work without change with new binaries and update will be smooth. This change allows sites that store an extremely large set of files inside a single directory to tune their installation so that the "ls" command in that directory will succeed without exceeding the ftpd process memory limit. [boo#1119187] This update was imported from the openSUSE:Leap:15.1:Update update project. pure-ftpd-1.0.47-bp151.6.3.1.src.rpm pure-ftpd-1.0.47-bp151.6.3.1.x86_64.rpm pure-ftpd-1.0.47-bp151.6.3.1.aarch64.rpm pure-ftpd-1.0.47-bp151.6.3.1.ppc64le.rpm pure-ftpd-1.0.47-bp151.6.3.1.s390x.rpm openSUSE-2019-1872 moderate openSUSE Backports SLE-15-SP1 Update This update for python-Django fixes the following issues: Security issues fixed: - CVE-2019-11358: Fixed prototype pollution. - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468) - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945). - CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880). - CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882). - CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883). - CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885). Non-security issues fixed: - Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type. This update was imported from the openSUSE:Leap:15.1:Update update project. python-Django-2.2.4-bp151.3.3.1.src.rpm python3-Django-2.2.4-bp151.3.3.1.noarch.rpm openSUSE-2019-1871 moderate openSUSE Backports SLE-15-SP1 Update This update for python-billiard fixes the following issues: Update to v3.6.0.0 (boo#1136100) + Add support of sending parent process death signal. + Previous fix for handling timeouts caused a problem in warm shutdowns due to use of deepcopy. We now use a shallow copy of the cache and do so only when it is needed. This update was imported from the openSUSE:Leap:15.0:Update update project. python-billiard-3.6.0.0-bp151.4.3.1.src.rpm python-billiard-doc-3.6.0.0-bp151.4.3.1.noarch.rpm python2-billiard-3.6.0.0-bp151.4.3.1.x86_64.rpm python3-billiard-3.6.0.0-bp151.4.3.1.noarch.rpm python2-billiard-3.6.0.0-bp151.4.3.1.aarch64.rpm python2-billiard-3.6.0.0-bp151.4.3.1.ppc64le.rpm python2-billiard-3.6.0.0-bp151.4.3.1.s390x.rpm openSUSE-2019-1874 moderate openSUSE Backports SLE-15-SP1 Update This update for python-relatorio fixes the following issues: - python-magic added to requirements Update to version 0.8.1: * Add support for Python 3.7 * Escape invalid XML characters * Enforce closing tag to be the same directive as the opening * Use compression for zip file * Write mimetype as first file of the zip file This update was imported from the openSUSE:Leap:15.0:Update update project. python-relatorio-0.8.1-bp151.4.3.1.src.rpm python2-relatorio-0.8.1-bp151.4.3.1.noarch.rpm python3-relatorio-0.8.1-bp151.4.3.1.noarch.rpm openSUSE-2019-1867 moderate openSUSE Backports SLE-15-SP1 Update This update for python-tzlocal fixes the following issues: - fix fdupes handling as it was linking python2 source into python3 package breaking it boo#1137352 This update was imported from the openSUSE:Leap:15.0:Update update project. python-tzlocal-1.4-bp151.4.3.1.src.rpm python2-tzlocal-1.4-bp151.4.3.1.noarch.rpm python3-tzlocal-1.4-bp151.4.3.1.noarch.rpm openSUSE-2019-1879 moderate openSUSE Backports SLE-15-SP1 Update This update for rclone fixes the following issues: rclone was updated to version 1.47.0. boo#1137685: - New backends - Backend for Koofr cloud storage service. (jaKa) - New Features - Resume downloads if the reader fails in copy (Nick Craig-Wood) - Use `--fast-list` for listing operations where it won't use more memory (Nick Craig-Wood) - Make `--files-from` traverse the destination unless `--no-traverse` is set (Nick Craig-Wood) - Make server side copy account bytes and obey `--max-transfer` (Nick Craig-Wood) - Add `--create-empty-src-dirs` flag and default to not creating empty dirs (ishuah) - Add client side TLS/SSL flags `--ca-cert`/`--client-cert`/`--client-key` (Nick Craig-Wood) - Implement `--suffix-keep-extension` for use with `--suffix` (Nick Craig-Wood) - serve dlna: Add connection manager service description to improve compatibility (Dan Walters) - lsf: Add 'e' format to show encrypted names and 'o' for original IDs (Nick Craig-Wood) - lsjson: Added `--files-only` and `--dirs-only` flags (calistri) - rc: Implement operations/publiclink the equivalent of `rclone link` (Nick Craig-Wood) - Bug Fixes - accounting: Fix total ETA when `--stats-unit bits` is in effect (Nick Craig-Wood) - Bash TAB completion - Use private custom func to fix clash between rclone and kubectl (Nick Craig-Wood) - Fix for remotes with underscores in their names (Six) - Fix completion of remotes (Florian Gamböck) - Fix autocompletion of remote paths with spaces (Danil Semelenov) - serve dlna: Fix root XML service descriptor (Dan Walters) - ncdu: Fix display corruption with Chinese characters (Nick Craig-Wood) - Add SIGTERM to signals which run the exit handlers on unix (Nick Craig-Wood) - rc: Reload filter when the options are set via the rc (Nick Craig-Wood) - VFS / Mount - Fix FreeBSD: Ignore Truncate if called with no readers and already the correct size (Nick Craig-Wood) - Read directory and check for a file before mkdir (Nick Craig-Wood) - Shorten the locking window for vfs/refresh (Nick Craig-Wood) - Azure Blob - Enable MD5 checksums when uploading files bigger than the "Cutoff" (Dr.Rx) - Fix SAS URL support (Nick Craig-Wood) - B2 - Allow manual configuration of backblaze downloadUrl (Vince) - Ignore already_hidden error on remove (Nick Craig-Wood) - Ignore malformed `src_last_modified_millis` (Nick Craig-Wood) - Drive - Add `--skip-checksum-gphotos` to ignore incorrect checksums on Google Photos (Nick Craig-Wood) - Allow server side move/copy between different remotes. (Fionera) - Add docs on team drives and `--fast-list` eventual consistency (Nestar47) - Fix imports of text files (Nick Craig-Wood) - Fix range requests on 0 length files (Nick Craig-Wood) - Fix creation of duplicates with server side copy (Nick Craig-Wood) - Dropbox - Retry blank errors to fix long listings (Nick Craig-Wood) - FTP - Add `--ftp-concurrency` to limit maximum number of connections (Nick Craig-Wood) - Google Cloud Storage - Fall back to default application credentials (marcintustin) - Allow bucket policy only buckets (Nick Craig-Wood) - HTTP - Add `--http-no-slash` for websites with directories with no slashes (Nick Craig-Wood) - Remove duplicates from listings (Nick Craig-Wood) - Fix socket leak on 404 errors (Nick Craig-Wood) - Jottacloud - Fix token refresh (Sebastian Bünger) - Add device registration (Oliver Heyme) - Onedrive - Implement graceful cancel of multipart uploads if rclone is interrupted (Cnly) - Always add trailing colon to path when addressing items, (Cnly) - Return errors instead of panic for invalid uploads (Fabian Möller) - S3 - Add support for "Glacier Deep Archive" storage class (Manu) - Update Dreamhost endpoint (Nick Craig-Wood) - Note incompatibility with CEPH Jewel (Nick Craig-Wood) - SFTP - Allow custom ssh client config (Alexandru Bumbacea) - Swift - Obey Retry-After to enable OVH restore from cold storage (Nick Craig-Wood) - Work around token expiry on CEPH (Nick Craig-Wood) - WebDAV - Allow IsCollection property to be integer or boolean (Nick Craig-Wood) - Fix race when creating directories (Nick Craig-Wood) - Fix About/df when reading the available/total returns 0 (Nick Craig-Wood) - Add bash-completion and zsh-completion support. This update was imported from the openSUSE:Leap:15.0:Update update project. rclone-1.47.0-bp151.4.3.1.src.rpm rclone-1.47.0-bp151.4.3.1.x86_64.rpm rclone-bash-completion-1.47.0-bp151.4.3.1.noarch.rpm rclone-zsh-completion-1.47.0-bp151.4.3.1.noarch.rpm rclone-1.47.0-bp151.4.3.1.aarch64.rpm rclone-1.47.0-bp151.4.3.1.ppc64le.rpm rclone-1.47.0-bp151.4.3.1.s390x.rpm openSUSE-2019-1865 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner to version 1.1.4 fixes the following issues: - Exclude stuff from openstack macros (boo#1099674). - Replace 'http' with 'https' in URL (boo#1099674). - Replace legacy packageand() with 'and' expression (boo#1099674). - Replace pwdutils with shadow in Requires (boo#1099674). - Add openstack_cleanup_prep to bracketing excludes (boo#1099674). - Do not curlify yast_metainfo and yast_check (boo#1099674). - Fixup the eating of Source lines with whitespace (boo#1099674). - Document '#nospeccleaner' tag (boo#1099674). - Various small fixes (boo#1099674). This update was imported from the openSUSE:Leap:15.0:Update update project. spec-cleaner-1.1.4-bp151.3.3.1.noarch.rpm spec-cleaner-1.1.4-bp151.3.3.1.src.rpm spec-cleaner-format_spec_file-1.1.4-bp151.3.3.1.noarch.rpm openSUSE-2019-1868 moderate openSUSE Backports SLE-15-SP1 Update This update for spectacle fixes the following issues: - Updated Lithuanian translations (boo#1139359). This update was imported from the openSUSE:Leap:15.1:Update update project. spectacle-18.12.3-bp151.3.3.2.src.rpm spectacle-18.12.3-bp151.3.3.2.x86_64.rpm spectacle-doc-18.12.3-bp151.3.3.2.x86_64.rpm spectacle-lang-18.12.3-bp151.3.3.2.noarch.rpm spectacle-18.12.3-bp151.3.3.2.aarch64.rpm spectacle-doc-18.12.3-bp151.3.3.2.aarch64.rpm spectacle-18.12.3-bp151.3.3.2.ppc64le.rpm spectacle-doc-18.12.3-bp151.3.3.2.ppc64le.rpm spectacle-18.12.3-bp151.3.3.2.s390x.rpm spectacle-doc-18.12.3-bp151.3.3.2.s390x.rpm openSUSE-2019-1999 moderate openSUSE Backports SLE-15-SP1 Update This update for teeworlds fixes the following issues: - CVE-2019-10879: An integer overflow in CDataFileReader::Open() could have lead to a buffer overflow and possibly remote code execution, because size-related multiplications were mishandled. (boo#1131729) - CVE-2019-10878: A failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions could have lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution. - CVE-2019-10877: An integer overflow in CMap::Load() could have lead to a buffer overflow, because multiplication of width and height were mishandled. - CVE-2018-18541: Connection packets could have been forged. There was no challenge-response involved in the connection build up. A remote attacker could have sent connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets. (boo#1112910) - Update to version 0.7.3.1 * Colorful gametype and level icons in the browser instead of grayscale. * Add an option to use raw mouse inputs, revert to (0.6) relative mode by default. * Demo list marker indicator. * Restore ingame Player and Tee menus, add a warning that a reconnect is needed. * Emotes can now be cancelled by releasing the mouse in the middle of the circle. * Improve add friend text. * Add a confirmation for removing a filter * Add a "click a player to follow" hint * Also hint players which key they should press to set themselves ready. * fixed using correct array measurements when placing egg doodads * fixed demo recorder downloaded maps using the sha256 hash * show correct game release version in the start menu and console * Fix platform-specific client libraries for Linux * advanced scoreboard with game statistics * joystick support (experimental!) * copy paste (one-way) * bot cosmetics (a visual difference between players and NPCs) * chat commands (type / in chat) * players can change skin without leaving the server (again) * live automapper and complete rules for 0.7 tilesets * audio toggling HUD * an Easter surprise... * new gametypes: "last man standing" (LMS) and "last team standing" (LTS). survive by your own or as a team with limited weaponry * 64 players support. official gametypes are still restricted to 16 players maximum but allow more spectators * new skin system. build your own skins based on a variety of provided parts * enhanced security. all communications require a handshake and use a token to counter spoofing and reflection attacks * new maps: ctf8, dm3, lms1. Click to discover them! * animated background menu map: jungle, heavens (day/night themes, customisable in the map editor) * new design for the menus: added start menus, reworked server browser, settings * customisable gametype icons (browser). make your own! * chat overhaul, whispers (private messages) * composed binds (ctrl+, shift+, alt+) * scoreboard remodelled, now shows kills/deaths * demo markers * master server list cache (in case the masters are unreachable) * input separated from rendering (optimisation) * upgrade to SDL2. support for multiple monitors, non-english keyboards, and more * broadcasts overhaul, optional colours support * ready system, for competitive settings * server difficulty setting (casual, competitive, normal), shown in the browser * spectator mode improvements: follow flags, click on players * bot flags for modified servers: indicate NPCs, can be filtered out in the server browser * sharper graphics all around (no more tileset_borderfix and dilate) * refreshed the HUD, ninja cooldown, new mouse cursor * mapres update (higher resolution, fixes...) This update was imported from the openSUSE:Leap:15.1:Update update project. teeworlds-0.7.3.1-bp151.2.3.3.src.rpm teeworlds-0.7.3.1-bp151.2.3.3.x86_64.rpm teeworlds-0.7.3.1-bp151.2.3.3.aarch64.rpm teeworlds-0.7.3.1-bp151.2.3.3.ppc64le.rpm openSUSE-2019-1860 moderate openSUSE Backports SLE-15-SP1 Update This update for thunar fixes the following issues: - Fixed crash on USB flash connection (boo#1135362) - Fixed "create document" sub-menu not showing any content (boo#1134899) This update was imported from the openSUSE:Leap:15.1:Update update project. libthunarx-3-0-1.8.4-bp151.3.3.1.x86_64.rpm thunar-1.8.4-bp151.3.3.1.src.rpm thunar-1.8.4-bp151.3.3.1.x86_64.rpm thunar-devel-1.8.4-bp151.3.3.1.x86_64.rpm thunar-lang-1.8.4-bp151.3.3.1.noarch.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.3.1.x86_64.rpm libthunarx-3-0-1.8.4-bp151.3.3.1.aarch64.rpm thunar-1.8.4-bp151.3.3.1.aarch64.rpm thunar-devel-1.8.4-bp151.3.3.1.aarch64.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.3.1.aarch64.rpm libthunarx-3-0-1.8.4-bp151.3.3.1.ppc64le.rpm thunar-1.8.4-bp151.3.3.1.ppc64le.rpm thunar-devel-1.8.4-bp151.3.3.1.ppc64le.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.3.1.ppc64le.rpm libthunarx-3-0-1.8.4-bp151.3.3.1.s390x.rpm thunar-1.8.4-bp151.3.3.1.s390x.rpm thunar-devel-1.8.4-bp151.3.3.1.s390x.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.3.1.s390x.rpm openSUSE-2019-1897 important openSUSE Backports SLE-15-SP1 Update This update for vlc to version 3.0.7.1 fixes the following issues: Security issues fixed: - CVE-2019-5439: Fixed a buffer overflow (bsc#1138354). - CVE-2019-5459: Fixed an integer underflow (bsc#1143549). - CVE-2019-5460: Fixed a double free (bsc#1143547). - CVE-2019-12874: Fixed a double free in zlib_decompress_extra in modules/demux/mkv/util.cpp (bsc#1138933). - CVE-2019-13602: Fixed an integer underflow in mp4 demuxer (boo#1141522). - CVE-2019-13962: Fixed a heap-based buffer over-read in avcodec (boo#1142161). Non-security issues fixed: - Video Output: * Fix hardware acceleration with some AMD drivers * Improve direct3d11 HDR support - Access: * Improve Blu-ray support - Audio output: * Fix pass-through on Android-23 * Fix DirectSound drain - Demux: Improve MP4 support - Video Output: * Fix 12 bits sources playback with Direct3D11 * Fix crash on iOS * Fix midstream aspect-ratio changes when Windows hardware decoding is on * Fix HLG display with Direct3D11 - Stream Output: Improve Chromecast support with new ChromeCast apps - Misc: * Update Youtube, Dailymotion, Vimeo, Soundcloud scripts * Work around busy looping when playing an invalid item with loop enabled - Updated translations. This update was imported from the openSUSE:Leap:15.1:Update update project. libvlc5-3.0.7.1-bp151.5.3.3.x86_64.rpm libvlccore9-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-3.0.7.1-bp151.5.3.3.src.rpm vlc-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-devel-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-jack-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-lang-3.0.7.1-bp151.5.3.3.noarch.rpm vlc-noX-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-qt-3.0.7.1-bp151.5.3.3.x86_64.rpm vlc-vdpau-3.0.7.1-bp151.5.3.3.x86_64.rpm openSUSE-2019-1862 moderate openSUSE Backports SLE-15-SP1 Update This update for xfdesktop fixes the following issues: - Wallpaper scaling failed if image contained EXIF markup for rotation (boo#1134125) This update was imported from the openSUSE:Leap:15.1:Update update project. xfdesktop-4.12.4-bp151.5.3.2.src.rpm xfdesktop-4.12.4-bp151.5.3.2.x86_64.rpm xfdesktop-branding-upstream-4.12.4-bp151.5.3.2.noarch.rpm xfdesktop-lang-4.12.4-bp151.5.3.2.noarch.rpm xfdesktop-4.12.4-bp151.5.3.2.aarch64.rpm xfdesktop-4.12.4-bp151.5.3.2.ppc64le.rpm xfdesktop-4.12.4-bp151.5.3.2.s390x.rpm openSUSE-2019-1877 moderate openSUSE Backports SLE-15-SP1 Update This update for yubioath-desktop fixes the following issues: - Version 4.3.6 (released 2019-05-29) (boo#1137070) - Windows: improve support for YubiKey NEO on Windows 10 - Version 4.3.5 (released 2019-01-02) - Bugfix: Show correct message when YubiKey doesn’t have the correct transport enabled - Improve error handling in Slot Mode - Linux: Add experimental support for .AppImage - Version 4.3.4 (released 2018-05-07) - Support YubiKey Preview - Add credential: allow space in secret key. - Bugfix: Don’t show "No credentials found..." incorrectly. - Bugfix: Forget the password when removing the device. This update was imported from the openSUSE:Leap:15.0:Update update project. yubioath-desktop-4.3.6-bp151.4.3.1.src.rpm yubioath-desktop-4.3.6-bp151.4.3.1.x86_64.rpm yubioath-desktop-4.3.6-bp151.4.3.1.aarch64.rpm yubioath-desktop-4.3.6-bp151.4.3.1.ppc64le.rpm yubioath-desktop-4.3.6-bp151.4.3.1.s390x.rpm openSUSE-2019-1859 important openSUSE Backports SLE-15-SP1 Update This update for znc to version 1.7.4 fixes the following issues: Security issues fixed: - CVE-2019-12816: Fixed a remote code execution in Modules.cpp (boo#1138572). - CVE-2019-9917: Fixed a denial of service on invalid encoding (boo#1130360). This update was imported from the openSUSE:Leap:15.0:Update update project. znc-1.7.4-bp151.4.3.1.src.rpm znc-1.7.4-bp151.4.3.1.x86_64.rpm znc-devel-1.7.4-bp151.4.3.1.x86_64.rpm znc-lang-1.7.4-bp151.4.3.1.noarch.rpm znc-perl-1.7.4-bp151.4.3.1.x86_64.rpm znc-python3-1.7.4-bp151.4.3.1.x86_64.rpm znc-tcl-1.7.4-bp151.4.3.1.x86_64.rpm znc-1.7.4-bp151.4.3.1.aarch64.rpm znc-devel-1.7.4-bp151.4.3.1.aarch64.rpm znc-perl-1.7.4-bp151.4.3.1.aarch64.rpm znc-python3-1.7.4-bp151.4.3.1.aarch64.rpm znc-tcl-1.7.4-bp151.4.3.1.aarch64.rpm znc-1.7.4-bp151.4.3.1.ppc64le.rpm znc-devel-1.7.4-bp151.4.3.1.ppc64le.rpm znc-perl-1.7.4-bp151.4.3.1.ppc64le.rpm znc-python3-1.7.4-bp151.4.3.1.ppc64le.rpm znc-tcl-1.7.4-bp151.4.3.1.ppc64le.rpm znc-1.7.4-bp151.4.3.1.s390x.rpm znc-devel-1.7.4-bp151.4.3.1.s390x.rpm znc-perl-1.7.4-bp151.4.3.1.s390x.rpm znc-python3-1.7.4-bp151.4.3.1.s390x.rpm znc-tcl-1.7.4-bp151.4.3.1.s390x.rpm openSUSE-2019-1928 important openSUSE Backports SLE-15-SP1 Update This update for chromium to verion 76.0.3809.100 fixes the following issues: - CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction (boo#1145242) - CVE-2019-5867: Out-of-bounds read in V8 (boo#1145242). This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-76.0.3809.100-bp151.3.6.1.x86_64.rpm chromium-76.0.3809.100-bp151.3.6.1.src.rpm chromium-76.0.3809.100-bp151.3.6.1.x86_64.rpm chromedriver-76.0.3809.100-bp151.3.6.1.aarch64.rpm chromium-76.0.3809.100-bp151.3.6.1.aarch64.rpm openSUSE-2019-1920 important openSUSE Backports SLE-15-SP1 Update This update for dosbox fixes the following issues: Security issues fixed: - CVE-2019-7165: Fixed that a very long line inside a bat file would overflow the parsing buffer (bnc#1140254). - CVE-2019-12594: Added a basic permission system so that a program running inside DOSBox can't access the contents of /proc (e.g. /proc/self/mem) when / or /proc were (to be) mounted (bnc#1140254). - Several other fixes for out of bounds access and buffer overflows. This update was imported from the openSUSE:Leap:15.0:Update update project. dosbox-0.74.3-bp151.4.3.1.src.rpm dosbox-0.74.3-bp151.4.3.1.x86_64.rpm dosbox-0.74.3-bp151.4.3.1.aarch64.rpm dosbox-0.74.3-bp151.4.3.1.ppc64le.rpm dosbox-0.74.3-bp151.4.3.1.s390x.rpm openSUSE-2019-1921 important openSUSE Backports SLE-15-SP1 Update This update for pdns fixes the following issues: Security issues fixed: - CVE-2019-10203: Updated PostgreSQL schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (boo#1142810) - CVE-2019-10162: Fixed a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (boo#1138582) - CVE-2019-10163: Fixed a denial of service of slave server when an authorized master server sends large number of NOTIFY messages. (boo#1138582) Non-security issues fixed: - Enabled the option to disable superslave support. - Fixed `pdnsutil b2b-migrate` to not lose NSEC3 settings. This update was imported from the openSUSE:Leap:15.1:Update update project. To fix the security issue in existing installations, run the following command against your PostgreSQL pdns database: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; pdns-4.1.8-bp151.3.3.1.src.rpm pdns-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-geoip-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-godbc-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-ldap-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-lua-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-mydns-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-mysql-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-postgresql-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-remote-4.1.8-bp151.3.3.1.x86_64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.3.1.x86_64.rpm pdns-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-geoip-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-godbc-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-ldap-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-lua-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-mydns-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-mysql-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-postgresql-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-remote-4.1.8-bp151.3.3.1.aarch64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.3.1.aarch64.rpm pdns-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-geoip-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-godbc-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-ldap-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-lua-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-mydns-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-mysql-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-postgresql-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-remote-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-backend-sqlite3-4.1.8-bp151.3.3.1.ppc64le.rpm pdns-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-geoip-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-godbc-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-ldap-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-lua-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-mydns-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-mysql-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-postgresql-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-remote-4.1.8-bp151.3.3.1.s390x.rpm pdns-backend-sqlite3-4.1.8-bp151.3.3.1.s390x.rpm openSUSE-2019-1947 moderate openSUSE Backports SLE-15-SP1 Update This update for python-acme, python-certbot and related packages fixes the following issues: This update adds support for ACMEv2. The old version ACME will be deprecated November 1st. (boo#1141928) This update was imported from the openSUSE:Leap:15.1:Update update project. python-acme-0.36.0-bp151.3.3.1.src.rpm python2-acme-0.36.0-bp151.3.3.1.noarch.rpm python3-acme-0.36.0-bp151.3.3.1.noarch.rpm python-certbot-apache-0.36.0-bp151.3.3.1.src.rpm python2-certbot-apache-0.36.0-bp151.3.3.1.noarch.rpm python3-certbot-apache-0.36.0-bp151.3.3.1.noarch.rpm python-certbot-dns-cloudflare-0.36.0-bp151.3.3.1.src.rpm python2-certbot-dns-cloudflare-0.36.0-bp151.3.3.1.noarch.rpm python3-certbot-dns-cloudflare-0.36.0-bp151.3.3.1.noarch.rpm python-certbot-dns-cloudxns-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-cloudxns-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-cloudxns-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-digitalocean-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-digitalocean-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-digitalocean-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-dnsimple-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-dnsimple-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-dnsimple-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-dnsmadeeasy-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-dnsmadeeasy-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-dnsmadeeasy-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-google-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-google-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-google-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-luadns-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-luadns-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-luadns-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-nsone-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-nsone-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-nsone-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-rfc2136-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-rfc2136-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-rfc2136-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-dns-route53-0.36.0-bp151.2.3.1.src.rpm python2-certbot-dns-route53-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-dns-route53-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-nginx-0.36.0-bp151.2.3.1.src.rpm python2-certbot-nginx-0.36.0-bp151.2.3.1.noarch.rpm python3-certbot-nginx-0.36.0-bp151.2.3.1.noarch.rpm python-certbot-0.36.0-bp151.3.3.1.src.rpm python2-certbot-0.36.0-bp151.3.3.1.noarch.rpm python3-certbot-0.36.0-bp151.3.3.1.noarch.rpm openSUSE-2019-2006 moderate openSUSE Backports SLE-15-SP1 Update This update for apache2-mod_auth_kerb fixes the following issues: - Fix a segmentation fault in function authenticate_user_krb5pwd() when credentials were supplied using basic authentication [boo#1142545] This update was imported from the openSUSE:Leap:15.0:Update update project. apache2-mod_auth_kerb-5.4-bp151.4.3.1.src.rpm apache2-mod_auth_kerb-5.4-bp151.4.3.1.x86_64.rpm apache2-mod_auth_kerb-debuginfo-5.4-bp151.4.3.1.x86_64.rpm apache2-mod_auth_kerb-debugsource-5.4-bp151.4.3.1.x86_64.rpm apache2-mod_auth_kerb-5.4-bp151.4.3.1.aarch64.rpm apache2-mod_auth_kerb-debuginfo-5.4-bp151.4.3.1.aarch64.rpm apache2-mod_auth_kerb-debugsource-5.4-bp151.4.3.1.aarch64.rpm apache2-mod_auth_kerb-5.4-bp151.4.3.1.ppc64le.rpm apache2-mod_auth_kerb-debuginfo-5.4-bp151.4.3.1.ppc64le.rpm apache2-mod_auth_kerb-debugsource-5.4-bp151.4.3.1.ppc64le.rpm apache2-mod_auth_kerb-5.4-bp151.4.3.1.s390x.rpm apache2-mod_auth_kerb-debuginfo-5.4-bp151.4.3.1.s390x.rpm apache2-mod_auth_kerb-debugsource-5.4-bp151.4.3.1.s390x.rpm openSUSE-2019-2007 moderate openSUSE Backports SLE-15-SP1 Update This update for dkgpg, libTMCG fixes the following issues: libTMCG was updated to version 1.3.18 * This release is two-fold: first, it fixes some bugs (e.g. iterated S2K) of the OpenPGP interface, and second, it adds functionality for handling v5 keys and signatures (see RFC 4880bis-07). Update to version 1.3.17 * VTMF,ASTC,DKG,VRHE,EOTP,COM,VSS: make CheckGroup() more robust * VSSHE: security bugfix for Verify_[non]interactive_[_publiccoin] * mpz_spowm: added check for correct base in fast exponentiation * mpz_sqrtm: remove unused parameter in tmcg_mpz_qrmn_p() * configure.ac: added compiler option "-Wextra" * mpz_sprime: added tmcg_mpz_smprime() with increased B = 80000 * RFC4880: changed type of tmcg_openpgp_mem_alloc to unsigned long Update to version 1.3.16 * changed constant TMCG_MAX_CARDS (decreased by factor 2) * changed formulas for TMCG_MAX_VALUE_CHARS and TMCG_MAX_KEY_CHARS * RFC4880: added support of Preferred AEAD Algorithms [RFC 4880bis] * RFC4880: added output for key usage "timestamping" [RFC 4880bis] * RFC4880: changed tmcg_openpgp_byte_t: unsigned char -> uint8_t * RFC4880: added PacketAeadEncode() [RFC 4880bis] * RFC4880: added SymmetricDecryptAEAD() and SymmetricEncryptAEAD() * changed formula for TMCG_MAX_KEYBITS (increased by factor 2) * mpz_srandom: bugfix in Botan code branch of mpz_grandomb() Update to version 1.3.15: * This is a maintenance release that fixes some bugs, e.g. in the Botan support of functions from module mpz_srandom. Moreover, some interfaces of the OpenPGP implemenation have been added and removed. For some modules of LibTMCG a basic exception handling has been introduced. Update to version 1.3.14: * With this release three additional parameters for the control of secure memory allocation have been added to init_libTMCG(). They are explained in the reference manual. Moreover, the OpenPGP interface has been enhanced in several way, e.g., ECDH, ECDSA and EdDSA are supported now. Update to 1.3.13: * Lots of major improvements for undocumented OpenPGP interface * PRNG from Botan is used as additional source of randomness * SHA3 is emulated if runtime version of libgcrypt is too old dkgpg was updated to version 1.1.3: * This is a bugfix release that includes only three minor improvements: a direct-key signature (0x1f) for the primary key is added by default such that restricting key servers (e.g. keys.openpgp.org) can deliver a cryptographically checkable key without verification of any included user ID or without appended subkey. The command line interface of dkg-decrypt has been improved in order to give users an easy access to the symmetric-key decryption mode. An additional option ("-5") for dkg-sign allows to generate V5 signatures (cf. draft RFC 4880bis). Update to version 1.1.2: * This release adds a lot of features to some programs: two new options ("-K" and "-f") allow dkg-keysign to read the certification key from a keyring instead of a single key block file. Moreover, with option "-a" an interactive confirmation by the user is required for each signature. Passive support of V5 keys (cf. draft RFC 4880bis) has been added for all programs, however, dkg-generate still generates V4 keys only, because this new feature of the draft is not widely spread. There is also a new encryption capability: an empty KEYSPEC tells dkg-encrypt to create a symmetric-key encrypted session key, i.e., the user has to supply a passphrase for encryption and decryption without any public-key cryptography involved. Last but not least, two bugs have been fixed: First, dkg-decrypt failed on many ZIP-compressed OpenPGP messages with "ZLIB ERROR: -3 invalid block type" due to a bug in decompression logic. Second, dkg-decrypt failed in a special case of symmetric-key encrypted session keys. Finally, the non-installing program dkg-fuzzer (generates fuzzy samples of somehow corrupted OpenPGP stuctures) has been added. Update to version 1.1.1: * Some small improvements have been applied for dkg-generate: Two new options ("-u" and "-N") allow providing the initial user ID and to disable the passphrase at command line. Moreover, since this release dkg-timestamp and dkg-timestamp-verify require a special key usage flag from recent RFC 4880bis draft to select so-called timestamping keys. Finally, the synchronization time of the internally used broadcast protocol was reduced to a more reasonable amount and in dkg-decrypt the detection of end of data for message and decryption shares was changed. Update to version 1.1.0: * This release supports Authenticated Encryption with Associated Data (AEAD) in accordance to RFC 4880bis (draft); this can be enforced with the new added option "-a" when dkg-(d)encrypt is used. For using domain parameters, as described in RFC 7919, one should specify the new option "-r", when dkg-gencrs is used. Last, for key generation (dkg-generate) the timestamp option was added ( "--timestamping") which sets a key usage flag. - Update to version 1.0.9 This release improves the possibilities of DKGPG further. With the new programs dkg-adduid and dkg-revuid an user ID can be added and revoked, respectively. The program dkg-revoke now supports a human-readable reason for revocation (by option "-R") and dkg-decrypt verifies an included signature according to a given key ring (option "-k"). Last but not least, by the program dkg-addrevoker an external revocation key can be specified. Update to version 1.0.8: * First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637 and Werner Koch's draft RFC 4880bis) has been added by relying on the most recent version of LibTMCG. The threshold signature scheme and the threshold encryption are still limited to finite field cryptography (i.e. DSA and ElGamal). Moreover, the programs generate and recognize a few other new OpenPGP features (e.g. issuer fingerprint subpackets) from RFC 4880bis. Compressed messages are now decompressed by the program dkg-decrypt using zlib Compression Library (and optionally by library routines from libbzip2). This completes DKGPG's compatibility with other OpenPGP software, however, the prefered compression algorithm (i.e. "no compression") in self-signatures of generated keys is kept for now. Support for symmetric-key decryption by dkg-decrypt has been added too. The program dkg-verify now reads the signature from a file, if option "-s" is used. To keep track of later protocol changes, all interactive programs include a version identifier in their common ID of the reliable broadcast channel. Thus programs from previous releases will not communicate with those of this release. With the new programs dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature can be generated and verified, respectively. Last but not least, by the new option "-y" some programs (dkg-generate, dkg-decrypt, dkg-sign, dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too. The README file contains a configuration sample showing how to replace classic PGP by DKGPG in the famous mail user agent mutt based on this option. Please note that this feature is experimental and semantics may be changed later. Update to 1.0.7: * Small improvments due to the new OpenPGP structures from libTMCG * "-k" option has been added to further programs * OpenPGP cleartext signatures can be generated with the "-t" option * Output of potentially malicious user IDs has been sanitized in dkg-keycheck, dkg-keyinfo, and dkg-keysign This update was imported from the openSUSE:Leap:15.0:Update update project. dkgpg-1.1.3-bp151.4.3.1.src.rpm dkgpg-1.1.3-bp151.4.3.1.x86_64.rpm dkgpg-debuginfo-1.1.3-bp151.4.3.1.x86_64.rpm dkgpg-debugsource-1.1.3-bp151.4.3.1.x86_64.rpm libTMCG-1.3.18-bp151.4.3.1.src.rpm libTMCG-debugsource-1.3.18-bp151.4.3.1.x86_64.rpm libTMCG-devel-1.3.18-bp151.4.3.1.x86_64.rpm libTMCG18-1.3.18-bp151.4.3.1.x86_64.rpm libTMCG18-debuginfo-1.3.18-bp151.4.3.1.x86_64.rpm dkgpg-1.1.3-bp151.4.3.1.aarch64.rpm dkgpg-debuginfo-1.1.3-bp151.4.3.1.aarch64.rpm dkgpg-debugsource-1.1.3-bp151.4.3.1.aarch64.rpm libTMCG-debugsource-1.3.18-bp151.4.3.1.aarch64.rpm libTMCG-devel-1.3.18-bp151.4.3.1.aarch64.rpm libTMCG18-1.3.18-bp151.4.3.1.aarch64.rpm libTMCG18-debuginfo-1.3.18-bp151.4.3.1.aarch64.rpm dkgpg-1.1.3-bp151.4.3.1.ppc64le.rpm dkgpg-debuginfo-1.1.3-bp151.4.3.1.ppc64le.rpm dkgpg-debugsource-1.1.3-bp151.4.3.1.ppc64le.rpm libTMCG-debugsource-1.3.18-bp151.4.3.1.ppc64le.rpm libTMCG-devel-1.3.18-bp151.4.3.1.ppc64le.rpm libTMCG18-1.3.18-bp151.4.3.1.ppc64le.rpm libTMCG18-debuginfo-1.3.18-bp151.4.3.1.ppc64le.rpm dkgpg-1.1.3-bp151.4.3.1.s390x.rpm dkgpg-debuginfo-1.1.3-bp151.4.3.1.s390x.rpm dkgpg-debugsource-1.1.3-bp151.4.3.1.s390x.rpm libTMCG-debugsource-1.3.18-bp151.4.3.1.s390x.rpm libTMCG-devel-1.3.18-bp151.4.3.1.s390x.rpm libTMCG18-1.3.18-bp151.4.3.1.s390x.rpm libTMCG18-debuginfo-1.3.18-bp151.4.3.1.s390x.rpm openSUSE-2019-2008 moderate openSUSE Backports SLE-15-SP1 Update This update for zstd fixes the following issues: - Update to version 1.4.2: * bug: Fix bug in zstd-0.5 decoder by @terrelln (#1696) * bug: Fix seekable decompression in-memory API by @iburinoc (#1695) * bug: Close minor memory leak in CLI by @LeeYoung624 (#1701) * misc: Validate blocks are smaller than size limit by @vivekmig (#1685) * misc: Restructure source files by @ephiepark (#1679) - Update to version 1.4.1: * bug: Fix data corruption in niche use cases by @terrelln (#1659) * bug: Fuzz legacy modes, fix uncovered bugs by @terrelln (#1593, #1594, #1595) * bug: Fix out of bounds read by @terrelln (#1590) * perf: Improve decode speed by ~7% @mgrice (#1668) * perf: Slightly improved compression ratio of level 3 and 4 (ZSTD_dfast) by @cyan4973 (#1681) * perf: Slightly faster compression speed when re-using a context by @cyan4973 (#1658) * perf: Improve compression ratio for small windowLog by @cyan4973 (#1624) * perf: Faster compression speed in high compression mode for repetitive data by @terrelln (#1635) * api: Add parameter to generate smaller dictionaries by @tyler-tran (#1656) * cli: Recognize symlinks when built in C99 mode by @felixhandte (#1640) * cli: Expose cpu load indicator for each file on -vv mode by @ephiepark (#1631) * cli: Restrict read permissions on destination files by @chungy (#1644) * cli: zstdgrep: handle -f flag by @felixhandte (#1618) * cli: zstdcat: follow symlinks by @vejnar (#1604) * doc: Remove extra size limit on compressed blocks by @felixhandte (#1689) * doc: Fix typo by @yk-tanigawa (#1633) * doc: Improve documentation on streaming buffer sizes by @cyan4973 (#1629) * build: CMake: support building with LZ4 @leeyoung624 (#1626) * build: CMake: install zstdless and zstdgrep by @leeyoung624 (#1647) * build: CMake: respect existing uninstall target by @j301scott (#1619) * build: Make: skip multithread tests when built without support by @michaelforney (#1620) * build: Make: Fix examples/ test target by @sjnam (#1603) * build: Meson: rename options out of deprecated namespace by @lzutao (#1665) * build: Meson: fix build by @lzutao (#1602) * build: Visual Studio: don't export symbols in static lib by @scharan (#1650) * build: Visual Studio: fix linking by @absotively (#1639) * build: Fix MinGW-W64 build by @myzhang1029 (#1600) * misc: Expand decodecorpus coverage by @ephiepark (#1664) - Add baselibs.conf: libarchive gained zstd support and provides -32bit libraries. This means, zstd also needs to provide -32bit libs. - Update to new upstream release 1.4.0 * perf: level 1 compression speed was improved * cli: added --[no-]compress-literals flag to enable or disable literal compression - Reword "real-time" in description by some actual statistics, because 603MB/s (lowest zstd level) is not "real-time" for quite some applications. - zstd 1.3.8: * better decompression speed on large files (+7%) and cold dictionaries (+15%) * slightly better compression ratio at high compression modes * new --rsyncable mode * support decompression of empty frames into NULL (used to be an error) * support ZSTD_CLEVEL environment variable * --no-progress flag, preserving final summary * various CLI fixes * fix race condition in one-pass compression functions that could allow out of bounds write (CVE-2019-11922, boo#1142941) - zstd 1.3.7: * fix ratio for dictionary compression at levels 9 and 10 * add man pages for zstdless and zstdgrep - includes changes from zstd 1.3.6: * faster dictionary builder, also the new default for --train * previous (slower, slightly higher quality) dictionary builder to be selected via --train-cover * Faster dictionary decompression and compression under memory limits with many dictionaries used simultaneously * New command --adapt for compressed network piping of data adjusted to the perceived network conditions - update to 1.3.5: * much faster dictionary compression * small quality improvement for dictionary generation * slightly improved performance at high compression levels * automatic memory release for long duration contexts * fix overlapLog can be manually set * fix decoding invalid lz4 frames * fix performance degradation for dictionary compression when using advanced API - fix pzstd tests - enable pzstd (parallel zstd) - Use %license instead of %doc [boo#1082318] - Add disk _constraints to fix ppc64le build - Use FAT LTO objects in order to provide proper static library (boo#1133297). This update was imported from the openSUSE:Leap:15.0:Update update project. libzstd-devel-1.4.2-bp151.4.3.1.x86_64.rpm libzstd-devel-static-1.4.2-bp151.4.3.1.x86_64.rpm libzstd1-1.4.2-bp151.4.3.1.x86_64.rpm libzstd1-debuginfo-1.4.2-bp151.4.3.1.x86_64.rpm zstd-1.4.2-bp151.4.3.1.src.rpm zstd-1.4.2-bp151.4.3.1.x86_64.rpm zstd-debuginfo-1.4.2-bp151.4.3.1.x86_64.rpm zstd-debugsource-1.4.2-bp151.4.3.1.x86_64.rpm libzstd-devel-1.4.2-bp151.4.3.1.aarch64.rpm libzstd-devel-static-1.4.2-bp151.4.3.1.aarch64.rpm libzstd1-1.4.2-bp151.4.3.1.aarch64.rpm libzstd1-64bit-1.4.2-bp151.4.3.1.aarch64_ilp32.rpm libzstd1-64bit-debuginfo-1.4.2-bp151.4.3.1.aarch64_ilp32.rpm libzstd1-debuginfo-1.4.2-bp151.4.3.1.aarch64.rpm zstd-1.4.2-bp151.4.3.1.aarch64.rpm zstd-debuginfo-1.4.2-bp151.4.3.1.aarch64.rpm zstd-debugsource-1.4.2-bp151.4.3.1.aarch64.rpm libzstd-devel-1.4.2-bp151.4.3.1.ppc64le.rpm libzstd-devel-static-1.4.2-bp151.4.3.1.ppc64le.rpm libzstd1-1.4.2-bp151.4.3.1.ppc64le.rpm libzstd1-debuginfo-1.4.2-bp151.4.3.1.ppc64le.rpm zstd-1.4.2-bp151.4.3.1.ppc64le.rpm zstd-debuginfo-1.4.2-bp151.4.3.1.ppc64le.rpm zstd-debugsource-1.4.2-bp151.4.3.1.ppc64le.rpm libzstd-devel-1.4.2-bp151.4.3.1.s390x.rpm libzstd-devel-static-1.4.2-bp151.4.3.1.s390x.rpm libzstd1-1.4.2-bp151.4.3.1.s390x.rpm libzstd1-debuginfo-1.4.2-bp151.4.3.1.s390x.rpm zstd-1.4.2-bp151.4.3.1.s390x.rpm zstd-debuginfo-1.4.2-bp151.4.3.1.s390x.rpm zstd-debugsource-1.4.2-bp151.4.3.1.s390x.rpm openSUSE-2019-2013 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuhealth-client, gnuhealth-thalamus, tryton, trytond, trytond_account, trytond_stock fixes the following issues: Bugfix release for gnuthealth and tryton (boo#1141369) This update was imported from the openSUSE:Leap:15.1:Update update project. gnuhealth-client-3.4.4-bp151.3.3.1.noarch.rpm gnuhealth-client-3.4.4-bp151.3.3.1.src.rpm gnuhealth-thalamus-0.9.9-bp151.2.3.1.noarch.rpm gnuhealth-thalamus-0.9.9-bp151.2.3.1.src.rpm tryton-4.6.21-bp151.3.3.1.noarch.rpm tryton-4.6.21-bp151.3.3.1.src.rpm trytond-4.6.17-bp151.3.3.1.noarch.rpm trytond-4.6.17-bp151.3.3.1.src.rpm trytond_account-4.6.10-bp151.3.3.1.noarch.rpm trytond_account-4.6.10-bp151.3.3.1.src.rpm trytond_stock-4.6.7-bp151.3.3.1.noarch.rpm trytond_stock-4.6.7-bp151.3.3.1.src.rpm openSUSE-2019-2009 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: strawberry was updated to version 0.6.3 + Fixed crash when using internet services. + Fixed musicbrainz tagfetcher only showing 1 result per song. + Fixed collection watcher to unwatch deleted directories. + Added "album - disc" grouping. Update to version 0.6.2: + Disabled fatal error for FTS5 cmake test. Update to version 0.6.1: + Compare artist and album case-insensitive when generating score for album covers. + Fixed broken return value of sendMessage() in SingleApplication causing application to be started twice. + Improved error handling in local redirectserver. + Added new tabs view with search and favorites to Tidal. + Fixed gst_pad_send_event lock in gstreamer pipeline. + Made Xine analyzer optional to fix compilation with newer Xine. + Implemented offset and queue to all Tidal requests. + Added new artist, album and song ids to songs schemas to add/remove favorites. + Improved lyrics searcher. + Fixed disabling fading option in backend settings when volume control is disabled. + Added x-scheme-handler/tidal to desktop file to handle tidal songs and allow OAuth redirect url. + Added love button for scrobblers. + Fixed gapless playback when using url handler. + Fixed enabling/disabling fading options in backend settings. + Added support for Subsonic streaming. + Added support for Qobuz streaming. + Added confirmation box for opening songs in file browser to avoid users accidentally opening too many songs. + Added OSD notification on playback resume option. + Fixed MusicBrainz tag fetcher to respect rate limiting when fetching tags. + Fixed hardcoded systemtray icon. + Added live scanning and option to rescan songs. + Added playlist background image stretch option to zoom image with cutting the height. + Replaced use of QDesktopWidget with QDesktop + Replaced all uses of QSignalMapper with lambda expressions + Fixed collection album covers stuck to old ones when new album covers are fetched + Fixed all Json services to check HttpStatusCodeAttribute in addition to checking network errors + Fixed track change hang + Fixed playlist sorting to ignore articles + Fixed MessageReply crash in tagreader + Fixed MTP support + Fixed possible crashes with libimobiledevice devices + Removed older devicekit udisks backend + Using iconv to replace non-ascii characters when organising files + Fixed IPod support when listed from UDisks2 + Fixed memory leaks when establishing database connections and in database backup. + Fixed dangling database connections when loading collection, playlists and devices. + Fixed closing and deleting backends to free memory and database connections on exit. + Fixed dangling pointers causing crashes when loading new album covers in collection. + Fixed playlist shortcuts being broken because they were hidden in playlist right click menu. + Replaced FTS3 and custom tokenizer with FTS5 with unicode61. + Fixed certain cases where track slider popup was stuck. + Fixed certain cases where the playing widget gets stuck when switching fast between context and other widgets. + Removed ChartLyrics provider (service have been down for a long time). Update to version 0.5.5: + Fixed Tidal API url Update to version 0.5.4: + Changed description for offline mode scrobbling for less confusion + Fixed scrobbler to not send "playing now" when in offline mode + Added common RPM spec file for openSUSE, Fedora, RedHat, CentOS and Mageia + Improved cover manager score system + Added Deezer and Tidal cover providers + Added ChartLyrics lyrics provider + Added HTTPS workaround for Last.Fm OAuth to solve redirect https to http (localhost) problems + Added Moodbar + Fixed incorrect desktop file returned by mpris2 + Fixed mpris2 CanPlay + Fixed updating play and skip count properly + Fixed track seeking with mouse wheel + Fixed CDDA tracks being invalidated (greyed) in the playlist + Fixed problems using transcoder when other engines were selected + Improved song loader error handling + Fixed enabling equalizer having no affect + Disable notification art setting when tray icon notification is selected + Applying settings immediately when pressing Apply in settings dialog instead of just saving + Disable scroll over icon to change track setting on non-X11 systems and KDE + Removed nvidia workaround on exit which is no longer needed + Fixed chromaprinter unref buffer crash when using complete tags automatically + Fixed crash on exit using VLC engine when using static taglib caused by tagblib linking collision + Fixed context background to follow base colors instead of always white + Fixed fancy tabbar small sidebar mode width + Added some missing taglib configure checks + Saving geometry, tabbar, playlist column settings on exit only to reduce wear on SSD's and fix sluggish resizing with non-SSD + Fixed and improved snap including upgrading to core18 and adding proper alsa support + Fixed resume playback on startup not working for other than the first playlist This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.3-bp151.2.3.1.src.rpm strawberry-0.6.3-bp151.2.3.1.x86_64.rpm openSUSE-2019-2014 moderate openSUSE Backports SLE-15-SP1 Update This update for python-billiard fixes the following issues: - Adjust description grammar. Drop filler wording. This update was imported from the openSUSE:Leap:15.0:Update update project. python-billiard-3.6.0.0-bp151.4.6.1.src.rpm python-billiard-debugsource-3.6.0.0-bp151.4.6.1.x86_64.rpm python-billiard-doc-3.6.0.0-bp151.4.6.1.noarch.rpm python2-billiard-3.6.0.0-bp151.4.6.1.x86_64.rpm python2-billiard-debuginfo-3.6.0.0-bp151.4.6.1.x86_64.rpm python3-billiard-3.6.0.0-bp151.4.6.1.noarch.rpm python-billiard-debugsource-3.6.0.0-bp151.4.6.1.aarch64.rpm python2-billiard-3.6.0.0-bp151.4.6.1.aarch64.rpm python2-billiard-debuginfo-3.6.0.0-bp151.4.6.1.aarch64.rpm python-billiard-debugsource-3.6.0.0-bp151.4.6.1.ppc64le.rpm python2-billiard-3.6.0.0-bp151.4.6.1.ppc64le.rpm python2-billiard-debuginfo-3.6.0.0-bp151.4.6.1.ppc64le.rpm python-billiard-debugsource-3.6.0.0-bp151.4.6.1.s390x.rpm python2-billiard-3.6.0.0-bp151.4.6.1.s390x.rpm python2-billiard-debuginfo-3.6.0.0-bp151.4.6.1.s390x.rpm openSUSE-2019-2017 moderate openSUSE Backports SLE-15-SP1 Update This update for putty fixes the following issues: Update to new upstream release 0.72 [boo#1144547, boo#1144548] * Fixed two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. * Fixed a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant. * Fixed a crash in GSSAPI / Kerberos key exchange triggered if the server provided an ordinary SSH host key as part of the exchange. This update was imported from the openSUSE:Leap:15.0:Update update project. putty-0.72-bp151.4.3.1.src.rpm putty-0.72-bp151.4.3.1.x86_64.rpm putty-debuginfo-0.72-bp151.4.3.1.x86_64.rpm putty-debugsource-0.72-bp151.4.3.1.x86_64.rpm putty-0.72-bp151.4.3.1.aarch64.rpm putty-debuginfo-0.72-bp151.4.3.1.aarch64.rpm putty-debugsource-0.72-bp151.4.3.1.aarch64.rpm putty-0.72-bp151.4.3.1.ppc64le.rpm putty-debuginfo-0.72-bp151.4.3.1.ppc64le.rpm putty-debugsource-0.72-bp151.4.3.1.ppc64le.rpm putty-0.72-bp151.4.3.1.s390x.rpm putty-debuginfo-0.72-bp151.4.3.1.s390x.rpm putty-debugsource-0.72-bp151.4.3.1.s390x.rpm openSUSE-2019-2053 moderate openSUSE Backports SLE-15-SP1 Update This update for kompare fixes the following issues: - Fixed the "Compare" button not getting enabled in the initial dialog when selecting files via the file browser (boo#1146394, kde#390024): kompare-18.12.3-bp151.3.3.1.src.rpm kompare-18.12.3-bp151.3.3.1.x86_64.rpm kompare-devel-18.12.3-bp151.3.3.1.x86_64.rpm kompare-lang-18.12.3-bp151.3.3.1.noarch.rpm kompare-18.12.3-bp151.3.3.1.aarch64.rpm kompare-devel-18.12.3-bp151.3.3.1.aarch64.rpm kompare-18.12.3-bp151.3.3.1.ppc64le.rpm kompare-devel-18.12.3-bp151.3.3.1.ppc64le.rpm kompare-18.12.3-bp151.3.3.1.s390x.rpm kompare-devel-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2019-2019 important openSUSE Backports SLE-15-SP1 Update This update for schismtracker fixes the following issues: The following security issues were fixed: - CVE-2019-14523: Fixed an integer underflow in the Amiga Oktalyzer parser (boo#1144266). - CVE-2019-14524: Fixed a heap overflow in the MTM loader (boo#1144261). The following non-security issues were fixed: - Support 15-channel MOD files. - Support undocumented MIDI macro characters, and support character p (MIDI program) properly. This update was imported from the openSUSE:Leap:15.0:Update update project. schismtracker-20190805-bp151.4.3.1.src.rpm schismtracker-20190805-bp151.4.3.1.x86_64.rpm schismtracker-debuginfo-20190805-bp151.4.3.1.x86_64.rpm schismtracker-debugsource-20190805-bp151.4.3.1.x86_64.rpm schismtracker-20190805-bp151.4.3.1.aarch64.rpm schismtracker-debuginfo-20190805-bp151.4.3.1.aarch64.rpm schismtracker-debugsource-20190805-bp151.4.3.1.aarch64.rpm schismtracker-20190805-bp151.4.3.1.ppc64le.rpm schismtracker-debuginfo-20190805-bp151.4.3.1.ppc64le.rpm schismtracker-debugsource-20190805-bp151.4.3.1.ppc64le.rpm schismtracker-20190805-bp151.4.3.1.s390x.rpm schismtracker-debuginfo-20190805-bp151.4.3.1.s390x.rpm schismtracker-debugsource-20190805-bp151.4.3.1.s390x.rpm openSUSE-2019-2026 moderate openSUSE Backports SLE-15-SP1 Update This update for clementine fixes the following issues: - Fix a clementine crash and memory leak (boo#1138261) - Fix many memory leaks (boo#1141444) This update was imported from the openSUSE:Leap:15.0:Update update project. clementine-1.3.1-bp151.4.6.1.src.rpm clementine-1.3.1-bp151.4.6.1.x86_64.rpm openSUSE-2019-2023 moderate openSUSE Backports SLE-15-SP1 Update This update for obs-service-tar_scm fixes the following issues: - Fixes that osc service does not run under german locale (bsc#1138377) obs-service-tar_scm was updated to version 0.10.9.1559745964.22c86cd: * [dist] python3 for SLE12 and openSUSE 42.3 * [dist] enable python3 in SLE >= 12 * fix encoding error for surrogates * glibc-common was used up to FC23 and RHEL7 * Compile python files before install * change order in GNUMakefile to prefer python3 * More thorought spec file cleanup * predefine python version in spec file for GNUMAkefile * [dist] spec file: python3 only and multidist * Git also uses the LANGUAGE variable * centos_version and rhel_version are triple digits * Minimize diff with the version in openSUSE:Tools * Fix the logic to pick the locale package on Fedora * Forgot the guard 0 in one conditional * Require packages to get the en_US.UTF-8 locales * enforce bytes for cpio file list This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. obs-service-appimage-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-obs_scm-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-obs_scm-common-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-snapcraft-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-tar-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-tar_scm-0.10.9.1559745964.22c86cd-bp151.2.3.1.noarch.rpm obs-service-tar_scm-0.10.9.1559745964.22c86cd-bp151.2.3.1.src.rpm openSUSE-2019-2024 moderate openSUSE Backports SLE-15-SP1 Update This update for qbittorrent fixes the following issues: - CVE-2019-13640: avoid command injection (boo#1141967) This update was imported from the openSUSE:Leap:15.1:Update update project. qbittorrent-4.1.5-bp151.3.3.1.src.rpm qbittorrent-4.1.5-bp151.3.3.1.x86_64.rpm qbittorrent-nox-4.1.5-bp151.3.3.1.x86_64.rpm qbittorrent-4.1.5-bp151.3.3.1.aarch64.rpm qbittorrent-nox-4.1.5-bp151.3.3.1.aarch64.rpm qbittorrent-4.1.5-bp151.3.3.1.ppc64le.rpm qbittorrent-nox-4.1.5-bp151.3.3.1.ppc64le.rpm qbittorrent-4.1.5-bp151.3.3.1.s390x.rpm qbittorrent-nox-4.1.5-bp151.3.3.1.s390x.rpm openSUSE-2019-2073 moderate openSUSE Backports SLE-15-SP1 Update This update for phpPgAdmin fixes the following issues: Update to 5.6.0 - Fixed that distributed phpPgAdmin 5.1 did not support distributed PostgreSQL 10.3 (boo#1094772) - Released: 12th November, 2018 - Features * Add support for PostgreSQL 9.3, 9.4, 9.5, 9.6, 10, 11 * Development support for PostgreSQL 12 * Add support for brows/select navigation tabs (firzen) * Add new theme, "bootstrap" (amenadiel) * Improved support for json/jsonb - Bugs * Fix bug in Turkish translation which caused failed ajax responses * Account for Blocked field in admin processes Selenium test * Properly handle column comments * Fix background css issue * Additional language updates - Incompatabilities * Dropped testing of pre-9.3 versions of Postgres, which are now EOL phpPgAdmin-5.6.0-bp151.4.3.1.noarch.rpm phpPgAdmin-5.6.0-bp151.4.3.1.src.rpm openSUSE-2019-2050 moderate openSUSE Backports SLE-15-SP1 Update This update for httpie fixes the following issues: httpie was updated to version 1.0.3: * Fix CVE-2019-10751 (HTTPie is volnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control. (bsc#1148466) httpie-1.0.3-bp151.2.3.1.src.rpm python3-httpie-1.0.3-bp151.2.3.1.noarch.rpm openSUSE-2019-2076 moderate openSUSE Backports SLE-15-SP1 Update This update for sddm fixes the following issues: - Add SLE branding package for PackageHub (boo#1101297) - Change the Supplements of branding packages, so they get installed when sddm and the respective branding package is installed. Also added a Supplements to sddm so it gets recommended when plasma5-workspace is installed. - Provide a sddm-branding-SLE package with correct dependencies, together with sddm-branding-openSUSE (boo#1025387, boo#1069396) This update was imported from the openSUSE:Leap:15.1:Update update project. sddm-0.18.0-bp151.4.3.1.src.rpm sddm-0.18.0-bp151.4.3.1.x86_64.rpm sddm-branding-SLE-0.18.0-bp151.4.3.1.x86_64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.3.1.x86_64.rpm sddm-branding-upstream-0.18.0-bp151.4.3.1.x86_64.rpm sddm-0.18.0-bp151.4.3.1.aarch64.rpm sddm-branding-SLE-0.18.0-bp151.4.3.1.aarch64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.3.1.aarch64.rpm sddm-branding-upstream-0.18.0-bp151.4.3.1.aarch64.rpm sddm-0.18.0-bp151.4.3.1.ppc64le.rpm sddm-branding-SLE-0.18.0-bp151.4.3.1.ppc64le.rpm sddm-branding-openSUSE-0.18.0-bp151.4.3.1.ppc64le.rpm sddm-branding-upstream-0.18.0-bp151.4.3.1.ppc64le.rpm sddm-0.18.0-bp151.4.3.1.s390x.rpm sddm-branding-SLE-0.18.0-bp151.4.3.1.s390x.rpm sddm-branding-openSUSE-0.18.0-bp151.4.3.1.s390x.rpm sddm-branding-upstream-0.18.0-bp151.4.3.1.s390x.rpm openSUSE-2019-2077 moderate openSUSE Backports SLE-15-SP1 Update This update for libmirage fixes the following issues: CVE-2019-15540: The CSO filter in libMirage in CDemu did not validate the part size, triggering a heap-based buffer overflow that could lead to root access by a local user. [boo#1148087] - Update to new upstream release 3.2.2 * ISO parser: fixed ISO9660/UDF pattern search for sector sizes 2332 and 2336. * ISO parser: added support for Nintendo GameCube and Wii ISO images. * Extended medium type guess to distinguish between DVD and BluRay images based on length. * Removed fabrication of disc structures from the library (moved to CDEmu daemon). * MDS parser: cleanup of disc structure parsing, fixed the incorrectly set structure sizes. This update was imported from the openSUSE:Leap:15.0:Update update project. libmirage-3.2.2-bp151.4.3.1.src.rpm libmirage-3_2-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-data-3.2.2-bp151.4.3.1.noarch.rpm libmirage-debuginfo-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-debugsource-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-devel-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-lang-3.2.2-bp151.4.3.1.noarch.rpm libmirage11-3.2.2-bp151.4.3.1.x86_64.rpm libmirage11-debuginfo-3.2.2-bp151.4.3.1.x86_64.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.3.1.x86_64.rpm libmirage-3_2-3.2.2-bp151.4.3.1.aarch64.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.3.1.aarch64.rpm libmirage-debuginfo-3.2.2-bp151.4.3.1.aarch64.rpm libmirage-debugsource-3.2.2-bp151.4.3.1.aarch64.rpm libmirage-devel-3.2.2-bp151.4.3.1.aarch64.rpm libmirage11-3.2.2-bp151.4.3.1.aarch64.rpm libmirage11-debuginfo-3.2.2-bp151.4.3.1.aarch64.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.3.1.aarch64.rpm libmirage-3_2-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage-debuginfo-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage-debugsource-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage-devel-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage11-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage11-debuginfo-3.2.2-bp151.4.3.1.ppc64le.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.3.1.ppc64le.rpm libmirage-3_2-3.2.2-bp151.4.3.1.s390x.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.3.1.s390x.rpm libmirage-debuginfo-3.2.2-bp151.4.3.1.s390x.rpm libmirage-debugsource-3.2.2-bp151.4.3.1.s390x.rpm libmirage-devel-3.2.2-bp151.4.3.1.s390x.rpm libmirage11-3.2.2-bp151.4.3.1.s390x.rpm libmirage11-debuginfo-3.2.2-bp151.4.3.1.s390x.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.3.1.s390x.rpm openSUSE-2019-2088 moderate openSUSE Backports SLE-15-SP1 Update This update for youtube-dl fixes the following issues: youtube-dl was updated to new upstream release 2019.08.13: * downloader/fragment: Fix ETA calculation of resumed download * discovery: extract series meta field * roosterteeth: add support for watch URLs Update to new upstream release 2019.08.02 * [yahoo:japannews] Add support for yahoo.co.jp (#21698, #21265) * [discovery] Add support go.discovery.com URLs * [youtube:playlist] Relax video regular expression (#21844) * [generic] Restrict --default-search schemeless URLs detection pattern (#21842) * [vrv] Fix CMS signing query extraction (#21809) * [youtube] Fix and improve title and description extraction (#21934) * [tvigle] Add support for HLS and DASH formats (#21967) * [tvigle] Fix extraction (#21967) * [yandexvideo] Add support for DASH formats (#21971) * [discovery] Use API call for video data extraction (#21808) * [mgtv] Extract format_note (#21881) * [tvn24] Fix metadata extraction (#21833, #21834) * [dlive] Relax URL regular expression (#21909) * [openload] Add support for oload.best (#21913) * [youtube] Improve metadata extraction for age gate content (#21943) Update to new upstream release 2019.07.16: * [asiancrush] Add support for yuyutv.com, midnightpulp.com and cocoro.tv * (#21281, #21290) * [kaltura] Check source format URL (#21290) * [ctsnews] Fix YouTube embeds extraction (#21678) * [einthusan] Add support for einthusan.com (#21748, #21775) * [youtube] Add support for invidious.mastodon.host (#21777) * [gfycat] Extend URL regular expression (#21779, #21780) * [youtube] Restrict is_live extraction (#21782) Update to new upstream release 2019.07.02 * Introduce random_user_agent and use as default User-Agent (closes #21546) * dailymotion: add support embed with DM.player js call * openload: Add support for oload.biz This update was imported from the openSUSE:Leap:15.0:Update update project. python-youtube-dl-2019.08.13-bp151.5.3.1.src.rpm python2-youtube-dl-2019.08.13-bp151.5.3.1.noarch.rpm python3-youtube-dl-2019.08.13-bp151.5.3.1.noarch.rpm youtube-dl-2019.08.13-bp151.5.3.1.noarch.rpm youtube-dl-2019.08.13-bp151.5.3.1.src.rpm youtube-dl-bash-completion-2019.08.13-bp151.5.3.1.noarch.rpm youtube-dl-fish-completion-2019.08.13-bp151.5.3.1.noarch.rpm youtube-dl-zsh-completion-2019.08.13-bp151.5.3.1.noarch.rpm openSUSE-2019-2089 moderate openSUSE Backports SLE-15-SP1 Update This update for httpie fixes the following issues: httpie was updated to version 1.0.3: * Fix CVE-2019-10751 (HTTPie is vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control. (bsc#1148466) This update was imported from the openSUSE:Leap:15.1:Update update project. httpie-1.0.3-bp151.2.6.1.src.rpm python3-httpie-1.0.3-bp151.2.6.1.noarch.rpm openSUSE-2019-2090 moderate openSUSE Backports SLE-15-SP1 Update This update for plasma5-pk-updates fixes the following issues: Various fixes were done to improve the french translations (boo#1086068) Also implemented EULA handling (boo#1148168): This update was imported from the openSUSE:Leap:15.1:Update update project. plasma5-pk-updates-0.3.2-bp151.5.3.1.src.rpm True plasma5-pk-updates-0.3.2-bp151.5.3.1.x86_64.rpm True plasma5-pk-updates-lang-0.3.2-bp151.5.3.1.noarch.rpm True plasma5-pk-updates-0.3.2-bp151.5.3.1.aarch64.rpm True plasma5-pk-updates-0.3.2-bp151.5.3.1.ppc64le.rpm True plasma5-pk-updates-0.3.2-bp151.5.3.1.s390x.rpm True openSUSE-2019-2108 moderate openSUSE Backports SLE-15-SP1 Update This update for SDL2_image fixes the following issues: Update to new upstream release 2.0.5. Security issues fixed: * TALOS-2019-0820 CVE-2019-5051: exploitable heap-based buffer overflow vulnerability when loading a PCX file (boo#1140419) * TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file (boo#1140421) * TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the PCX image-rendering functionality of SDL2_image (boo#1143763) * TALOS-2019-0842 CVE-2019-5058: heap overflow in XCF image rendering can lead to code execution (boo#1143764) * TALOS-2019-0843 CVE-2019-5059: heap overflow in XPM image (boo#1143766) * TALOS-2019-0844 CVE-2019-5060: integer overflow in the XPM image (boo#1143768) Not mentioned by upstream, but issues seemingly further fixed: * CVE-2019-12218: NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW (boo#1135789) * CVE-2019-12217: NULL pointer dereference in the SDL stdio_read function (boo#1135787) * CVE-2019-12220: SDL_image triggers an out-of-bounds read in the SDL function SDL_FreePalette_REAL (boo#1135806) * CVE-2019-12221: a SEGV caused by SDL_image in SDL function SDL_free_REAL in stdlib/SDL_malloc.c (boo#1135796) * CVE-2019-12222: out-of-bounds read triggered by SDL_image in the function SDL_InvalidateMap at video/SDL_pixels.c (boo#1136101) * CVE-2019-13616: fix heap buffer overflow when reading a crafted bmp file (boo#1141844). This update was imported from the openSUSE:Leap:15.0:Update update project. SDL2_image-2.0.5-bp151.4.3.1.src.rpm SDL2_image-debugsource-2.0.5-bp151.4.3.1.x86_64.rpm libSDL2_image-2_0-0-2.0.5-bp151.4.3.1.x86_64.rpm libSDL2_image-2_0-0-debuginfo-2.0.5-bp151.4.3.1.x86_64.rpm libSDL2_image-devel-2.0.5-bp151.4.3.1.x86_64.rpm SDL2_image-debugsource-2.0.5-bp151.4.3.1.aarch64.rpm libSDL2_image-2_0-0-2.0.5-bp151.4.3.1.aarch64.rpm libSDL2_image-2_0-0-64bit-2.0.5-bp151.4.3.1.aarch64_ilp32.rpm libSDL2_image-2_0-0-64bit-debuginfo-2.0.5-bp151.4.3.1.aarch64_ilp32.rpm libSDL2_image-2_0-0-debuginfo-2.0.5-bp151.4.3.1.aarch64.rpm libSDL2_image-devel-2.0.5-bp151.4.3.1.aarch64.rpm libSDL2_image-devel-64bit-2.0.5-bp151.4.3.1.aarch64_ilp32.rpm SDL2_image-debugsource-2.0.5-bp151.4.3.1.ppc64le.rpm libSDL2_image-2_0-0-2.0.5-bp151.4.3.1.ppc64le.rpm libSDL2_image-2_0-0-debuginfo-2.0.5-bp151.4.3.1.ppc64le.rpm libSDL2_image-devel-2.0.5-bp151.4.3.1.ppc64le.rpm SDL2_image-debugsource-2.0.5-bp151.4.3.1.s390x.rpm libSDL2_image-2_0-0-2.0.5-bp151.4.3.1.s390x.rpm libSDL2_image-2_0-0-debuginfo-2.0.5-bp151.4.3.1.s390x.rpm libSDL2_image-devel-2.0.5-bp151.4.3.1.s390x.rpm openSUSE-2019-2109 moderate openSUSE Backports SLE-15-SP1 Update This update for SDL_image fixes the following issues: Update SDL_Image to new snapshot 1.2.12+hg695. Security issues fixed: * TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file (boo#1140421) * TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the PCX image-rendering functionality of SDL2_image (boo#1143763) * TALOS-2019-0842 CVE-2019-5058: heap overflow in XCF image rendering can lead to code execution (boo#1143764) * TALOS-2019-0843 CVE-2019-5059: heap overflow in XPM image handling (boo#1143766) * TALOS-2019-0844 CVE-2019-5060: integer overflow in the XPM image (boo#1143768) * CVE-2019-7635: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c (boo#1124827) * CVE-2019-13616: fix heap buffer overflow when reading a crafted bmp file (boo#1141844). This update was imported from the openSUSE:Leap:15.0:Update update project. SDL_image-1.2.12+hg695-bp151.4.3.1.src.rpm SDL_image-debugsource-1.2.12+hg695-bp151.4.3.1.x86_64.rpm libSDL_image-1_2-0-1.2.12+hg695-bp151.4.3.1.x86_64.rpm libSDL_image-1_2-0-debuginfo-1.2.12+hg695-bp151.4.3.1.x86_64.rpm libSDL_image-devel-1.2.12+hg695-bp151.4.3.1.x86_64.rpm SDL_image-debugsource-1.2.12+hg695-bp151.4.3.1.aarch64.rpm libSDL_image-1_2-0-1.2.12+hg695-bp151.4.3.1.aarch64.rpm libSDL_image-1_2-0-64bit-1.2.12+hg695-bp151.4.3.1.aarch64_ilp32.rpm libSDL_image-1_2-0-64bit-debuginfo-1.2.12+hg695-bp151.4.3.1.aarch64_ilp32.rpm libSDL_image-1_2-0-debuginfo-1.2.12+hg695-bp151.4.3.1.aarch64.rpm libSDL_image-devel-1.2.12+hg695-bp151.4.3.1.aarch64.rpm libSDL_image-devel-64bit-1.2.12+hg695-bp151.4.3.1.aarch64_ilp32.rpm SDL_image-debugsource-1.2.12+hg695-bp151.4.3.1.ppc64le.rpm libSDL_image-1_2-0-1.2.12+hg695-bp151.4.3.1.ppc64le.rpm libSDL_image-1_2-0-debuginfo-1.2.12+hg695-bp151.4.3.1.ppc64le.rpm libSDL_image-devel-1.2.12+hg695-bp151.4.3.1.ppc64le.rpm SDL_image-debugsource-1.2.12+hg695-bp151.4.3.1.s390x.rpm libSDL_image-1_2-0-1.2.12+hg695-bp151.4.3.1.s390x.rpm libSDL_image-1_2-0-debuginfo-1.2.12+hg695-bp151.4.3.1.s390x.rpm libSDL_image-devel-1.2.12+hg695-bp151.4.3.1.s390x.rpm openSUSE-2019-2094 moderate openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Security issues fixed: - CVE-2019-5869: Fixed use-after-free in Blink (boo#1149143). - Various fixes from internal audits, fuzzing and other initiatives. Non-security issues fixed: - Fixed no video playback on Intel Kaby Lake and later (boo#1146219). This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-76.0.3809.132-bp151.3.9.1.x86_64.rpm chromium-76.0.3809.132-bp151.3.9.1.src.rpm chromium-76.0.3809.132-bp151.3.9.1.x86_64.rpm chromedriver-76.0.3809.132-bp151.3.9.1.aarch64.rpm chromium-76.0.3809.132-bp151.3.9.1.aarch64.rpm openSUSE-2019-2128 moderate openSUSE Backports SLE-15-SP1 Update srt was updated to version 1.3.4. Security issues fixed: * CVE-2019-15784: avoid a potential array overflow. (boo#1148844) * New binary: srt-tunnel * srt-multiplexer binary is now a testing application and thus is dropped from our package. This update was imported from the openSUSE:Leap:15.1:Update update project. libsrt1-1.3.4-bp151.3.3.1.x86_64.rpm srt-1.3.4-bp151.3.3.1.src.rpm srt-1.3.4-bp151.3.3.1.x86_64.rpm srt-devel-1.3.4-bp151.3.3.1.x86_64.rpm libsrt1-1.3.4-bp151.3.3.1.aarch64.rpm libsrt1-64bit-1.3.4-bp151.3.3.1.aarch64_ilp32.rpm srt-1.3.4-bp151.3.3.1.aarch64.rpm srt-devel-1.3.4-bp151.3.3.1.aarch64.rpm libsrt1-1.3.4-bp151.3.3.1.ppc64le.rpm srt-1.3.4-bp151.3.3.1.ppc64le.rpm srt-devel-1.3.4-bp151.3.3.1.ppc64le.rpm libsrt1-1.3.4-bp151.3.3.1.s390x.rpm srt-1.3.4-bp151.3.3.1.s390x.rpm srt-devel-1.3.4-bp151.3.3.1.s390x.rpm openSUSE-2019-2129 moderate openSUSE Backports SLE-15-SP1 Update This update for libmirage fixes the following issues: Security issues fixed: - CVE-2019-15757: Fixed NULL pointer dereference in the NRG parser (boo#1148728). This update was imported from the openSUSE:Leap:15.0:Update update project. libmirage-3.2.2-bp151.4.6.1.src.rpm libmirage-3_2-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-data-3.2.2-bp151.4.6.1.noarch.rpm libmirage-debuginfo-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-debugsource-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-devel-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-lang-3.2.2-bp151.4.6.1.noarch.rpm libmirage11-3.2.2-bp151.4.6.1.x86_64.rpm libmirage11-debuginfo-3.2.2-bp151.4.6.1.x86_64.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.6.1.x86_64.rpm libmirage-3_2-3.2.2-bp151.4.6.1.aarch64.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.6.1.aarch64.rpm libmirage-debuginfo-3.2.2-bp151.4.6.1.aarch64.rpm libmirage-debugsource-3.2.2-bp151.4.6.1.aarch64.rpm libmirage-devel-3.2.2-bp151.4.6.1.aarch64.rpm libmirage11-3.2.2-bp151.4.6.1.aarch64.rpm libmirage11-debuginfo-3.2.2-bp151.4.6.1.aarch64.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.6.1.aarch64.rpm libmirage-3_2-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage-debuginfo-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage-debugsource-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage-devel-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage11-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage11-debuginfo-3.2.2-bp151.4.6.1.ppc64le.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.6.1.ppc64le.rpm libmirage-3_2-3.2.2-bp151.4.6.1.s390x.rpm libmirage-3_2-debuginfo-3.2.2-bp151.4.6.1.s390x.rpm libmirage-debuginfo-3.2.2-bp151.4.6.1.s390x.rpm libmirage-debugsource-3.2.2-bp151.4.6.1.s390x.rpm libmirage-devel-3.2.2-bp151.4.6.1.s390x.rpm libmirage11-3.2.2-bp151.4.6.1.s390x.rpm libmirage11-debuginfo-3.2.2-bp151.4.6.1.s390x.rpm typelib-1_0-libmirage-3_2-3.2.2-bp151.4.6.1.s390x.rpm openSUSE-2019-2098 moderate openSUSE Backports SLE-15-SP1 Update This update for habootstrap-formula, python-shaptools, saphanabootstrap-formula fixes the following issues: python-shaptools was updated to version 0.3.1: - Add support for Power machines (jsc#SLE-4031, jsc#SLE-4143, boo#1137989) - Add an option to run the commands in remote nodes to shapcli - shapcli is provided to expose shaptools api methods as command line tool - Add support for Power machines - Add an option to run the commands in remote nodes to shapcli - shapcli is provided to expose shaptools api methods as command line tool habootstrap-formula was updated to version 0.2.4: - Fix issue with file permissions during package installation in /usr/share/salt-formulas (boo#1142306) - Make pkg.install more resilient, allowing retries during install - Change the salt-formula directories permissions to 0750 to avoid conflicts with the package salt-standalone-formulas-configuration. - Correct the required package name to salt-standalone-formulas-configuration saphanabootstrap-formula was updated to version 0.2.9: - Fix srHook script usage for cost optimized scenario - Add scenario type options to the form.yml file (boo#1137989) - Fix errors in the form.yml file to match with the formula names - Fix some styling issues - Add support for Power machines - Fix issues with SAP HANA deployment template and the exporter - Fix issue with file permissions during package installation in /usr/share/salt-formulas (boo#1142306) - Retry pkg.install multiple times, in case a pkg installtion fails for having a more resilient installation. - hanadb_exporter executed as a daemon - hanadb_exporter installation suggested - Change the salt-formula directories permissions to 0750 to avoid conflicts with the package salt-standalone-formulas-configuration. - Correct the required package name to salt-standalone-formulas-configuration - supporting hanadb_exporter logging system - adding hanadb_exporter deployment This update was imported from the openSUSE:Leap:15.0:Update update project. habootstrap-formula-0.2.4-bp151.5.1.noarch.rpm habootstrap-formula-0.2.4-bp151.5.1.src.rpm python-shaptools-0.3.1-bp151.5.1.src.rpm python2-shaptools-0.3.1-bp151.5.1.noarch.rpm python3-shaptools-0.3.1-bp151.5.1.noarch.rpm saphanabootstrap-formula-0.2.9-bp151.5.1.noarch.rpm saphanabootstrap-formula-0.2.9-bp151.5.1.src.rpm openSUSE-2019-2134 moderate openSUSE Backports SLE-15-SP1 Update This update for kpat fixes the following issues: - Fixed crashes due to resource exhaustion (boo#1146622, kde#395624) kpat-18.12.3-bp151.4.3.1.src.rpm kpat-18.12.3-bp151.4.3.1.x86_64.rpm kpat-lang-18.12.3-bp151.4.3.1.noarch.rpm kpat-18.12.3-bp151.4.3.1.aarch64.rpm kpat-18.12.3-bp151.4.3.1.ppc64le.rpm kpat-18.12.3-bp151.4.3.1.s390x.rpm openSUSE-2019-2135 important openSUSE Backports SLE-15-SP1 Update This update for rdesktop fixes the following issues: rdesktop was updated to 1.8.6: * Fix protocol code handling new licenses rdesktop was updated to 1.8.5: * Add bounds checking to protocol handling in order to fix many security problems when communicating with a malicious server. rdesktop was updated to 1.8.4 (fix for boo#1121448): * Add rdp_protocol_error function that is used in several fixes * Refactor of process_bitmap_updates * Fix possible integer overflow in s_check_rem() on 32bit arch * Fix memory corruption in process_bitmap_data - CVE-2018-8794 * Fix remote code execution in process_bitmap_data - CVE-2018-8795 * Fix remote code execution in process_plane - CVE-2018-8797 * Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175 * Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175 * Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176 * Fix Denial of Service in sec_recv - CVE-2018-20176 * Fix minor information leak in rdpdr_process - CVE-2018-8791 * Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792 * Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793 * Fix Denial of Service in process_bitmap_data - CVE-2018-8796 * Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798 * Fix Denial of Service in process_secondary_order - CVE-2018-8799 * Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800 * Fix major information leak in ui_clip_handle_data - CVE-2018-20174 * Fix memory corruption in rdp_in_unistr - CVE-2018-20177 * Fix Denial of Service in process_demand_active - CVE-2018-20178 * Fix remote code execution in lspci_process - CVE-2018-20179 * Fix remote code execution in rdpsnddbg_process - CVE-2018-20180 * Fix remote code execution in seamless_process - CVE-2018-20181 * Fix remote code execution in seamless_process_line - CVE-2018-20182 * Fix building against OpenSSL 1.1 - remove obsolete patches * rdesktop-Fix-OpenSSL-1.1-compability-issues.patch * rdesktop-Fix-crash-in-rdssl_cert_to_rkey.patch - update changes file * add missing info about bugzilla 1121448 - Added rdesktop-Fix-decryption.patch Patch from https://github.com/rdesktop/rdesktop/pull/334 to fix connections to VirtualBox. - update to 1.8.6 * Fix protocol code handling new licenses - update to 1.8.5 * Add bounds checking to protocol handling in order to fix many security problems when communicating with a malicious server. - Trim redundant wording from description. - Use %make_install. - update to 1.8.4 (fix for boo#1121448) * Add rdp_protocol_error function that is used in several fixes * Refactor of process_bitmap_updates * Fix possible integer overflow in s_check_rem() on 32bit arch * Fix memory corruption in process_bitmap_data - CVE-2018-8794 * Fix remote code execution in process_bitmap_data - CVE-2018-8795 * Fix remote code execution in process_plane - CVE-2018-8797 * Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175 * Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175 * Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176 * Fix Denial of Service in sec_recv - CVE-2018-20176 * Fix minor information leak in rdpdr_process - CVE-2018-8791 * Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792 * Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793 * Fix Denial of Service in process_bitmap_data - CVE-2018-8796 * Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798 * Fix Denial of Service in process_secondary_order - CVE-2018-8799 * Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800 * Fix major information leak in ui_clip_handle_data - CVE-2018-20174 * Fix memory corruption in rdp_in_unistr - CVE-2018-20177 * Fix Denial of Service in process_demand_active - CVE-2018-20178 * Fix remote code execution in lspci_process - CVE-2018-20179 * Fix remote code execution in rdpsnddbg_process - CVE-2018-20180 * Fix remote code execution in seamless_process - CVE-2018-20181 * Fix remote code execution in seamless_process_line - CVE-2018-20182 * Fix building against OpenSSL 1.1 rdesktop-1.8.6-bp151.2.3.1.src.rpm rdesktop-1.8.6-bp151.2.3.1.x86_64.rpm rdesktop-1.8.6-bp151.2.3.1.aarch64.rpm rdesktop-1.8.6-bp151.2.3.1.ppc64le.rpm rdesktop-1.8.6-bp151.2.3.1.s390x.rpm openSUSE-2019-2185 moderate openSUSE Backports SLE-15-SP1 Update This update for links fixes the following issues: links was updated to 2.20.1: * libevent bug fixes links was updated to 2.20: * Security bug fixed: when links was connected to tor, it would send real dns requests outside the tor network when the displayed page contains link elements with rel=dns-prefetch boo#1149886 * stability improvements * file urls support local hostnames * mouse support improvement * improve interaction with Google * Support the zstd compression algorithm * Use proper cookie expiry links was updated to 2.19: * Fixed a crash on invalidn IDN URLs * Make font selection possible via fontconfig * Show certificate authority in Document info box * Use international error messages * The -dump switch didn't report errors on stdout write links was updated to 2.18: * Automatically enable tor mode when the socks port is 9050 * When in tor mode, invert colors on top line and bottom line * Fix an incorrect shift in write_ev_queue * Fix runtime error sanitizer warning * Add a menu entry to save and load a clipboard * Don't synch with Xserver on every pixmap load * Fix "Network Options" bug that caused a timeout * Fix a possible integer overflow in decoder_memory_expand * Fix possible pointer arithmetics bug if os allocated few bytes * Add a button to never accept invalid certs for a given server * Fix incorrect strings -html-t-text-color * Add ascii replacement of Romanian S and T with comma * Fix a bug when IPv6 control connection to ftp server fails links was updated to 2.17: * Fix verifying SSL certificates for numeric IPv6 addresses * Delete the option -ftp.fast - it doesn't always work and ftp performance is not an issue anymore * Add bold and monospaced Turkish letter 'i' without a dot * On OS/2 allocate OpenSSL memory fro the lower heap. It fixes SSL on systems with old 16-bit TCP/IP stack * Fix IPv6 on OpenVMS Alpha * Support mouse scroll wheel in textarea * Delete the option -http-bugs.bug-302-redirect - RFC7231 allows the "buggy" behavior and defines new codes 307 and 308 that retain the post data * X11 - fixed colormap leak when creating a new window * Fixed an infinite loop that happened in graphics mode if the user clicked on OK in "Miscellaneous options" dialog and more than one windows were open. This bug was introduced in Links 2.15 * Support 6x6x6 RGB palette in 256-bit color mode on framebuffer * Implement dithering properly on OS/2 in 15-bit and 16-bit color mode. In 8-bit mode, Links may optionally use a private palette - it improves visual quality of Links images, but degrades visual quality of other concurrently running programs. * Improve scrolling smoothness when the user drags the whole document * On OS/2, allocate large memory blocks directly (not with malloc). It reduces memory waste * Fixed a bug that setting terminal title and resizing a terminal didn't work on OS/2 and Windows. The bug was introduced in Links 2.16 when shutting up coverity warnings * Set link color to yellow by default * Delete the option -http-bugs.bug-post-no-keepalive. It was needed in 1999 to avoid some bug in some http server and it is not needed anymore * Trust Content-Length on HTTP/1.0 redirect requests. This fixes hangs with misbehaving servers that honor Connection:keep-alive but send out HTTP/1.0 reply without Connection: keep-alive. Links thought that they don't support keep-alive and waited for the connection to close (for example http://www.raspberrypi.org) * Use keys 'H' and 'L' to select the top and bottom link on the current page links was updated to 2.16: * Improve handling of the DELETE key * Implement the bracketed paste mode * Fix various bugs found by coverity * Fix a crash in proxy authentication code * Fixed internal error "invalid set_handlers call" on framebuffer if links is suspend and terminate at the same time links-2.20.1-bp151.4.3.1.src.rpm links-2.20.1-bp151.4.3.1.x86_64.rpm links-2.20.1-bp151.4.3.1.aarch64.rpm links-2.20.1-bp151.4.3.1.ppc64le.rpm links-2.20.1-bp151.4.3.1.s390x.rpm openSUSE-2019-2156 important openSUSE Backports SLE-15-SP1 Update This update for chromium to 77.0.3865.75 fixes the following issues: Security issues fixed: - CVE-2019-5870: Fixed a use-after-free in media. (boo#1150425) - CVE-2019-5871: Fixed a heap overflow in Skia. (boo#1150425) - CVE-2019-5872: Fixed a use-after-free in Mojo (boo#1150425) - CVE-2019-5874: Fixed a behavior that made external URIs trigger other browsers. (boo#1150425) - CVE-2019-5875: Fixed a URL bar spoof via download redirect. (boo#1150425) - CVE-2019-5876: Fixed a use-after-free in media (boo#1150425) - CVE-2019-5877: Fixed an out-of-bounds access in V8. (boo#1150425) - CVE-2019-5878: Fixed a use-after-free in V8. (boo#1150425) - CVE-2019-5879: Fixed an extension issue that allowed the bypass of a same origin policy. (boo#1150425) - CVE-2019-5880: Fixed a SameSite cookie bypass. (boo#1150425) - CVE-2019-5881: Fixed an arbitrary read in SwiftShader. (boo#1150425) - CVE-2019-13659: Fixed an URL spoof. (boo#1150425) - CVE-2019-13660: Fixed a full screen notification overlap. (boo#1150425) - CVE-2019-13661: Fixed a full screen notification spoof. (boo#1150425) - CVE-2019-13662: Fixed a CSP bypass. (boo#1150425) - CVE-2019-13663: Fixed an IDN spoof. (boo#1150425) - CVE-2019-13664: Fixed a CSRF bypass. (boo#1150425) - CVE-2019-13665: Fixed a multiple file download protection bypass. (boo#1150425) - CVE-2019-13666: Fixed a side channel weakness using storage size estimate. (boo#1150425) - CVE-2019-13667: Fixed a URI bar spoof when using external app URIs. (boo#1150425) - CVE-2019-13668: Fixed a global window leak via console. (boo#1150425) - CVE-2019-13669: Fixed an HTTP authentication spoof. (boo#1150425) - CVE-2019-13670: Fixed a V8 memory corruption in regex. (boo#1150425) - CVE-2019-13671: Fixed a dialog box that failed to show the origin. (boo#1150425) - CVE-2019-13673: Fixed a cross-origin information leak using devtools. (boo#1150425) - CVE-2019-13674: Fixed an IDN spoofing opportunity. (boo#1150425) - CVE-2019-13675: Fixed an error that allowed extensions to be disabled by trailing slash. (boo#1150425) - CVE-2019-13676: Fixed a mistakenly shown Google URI in certificate warnings. (boo#1150425) - CVE-2019-13677: Fixed a lack of isolation in Chrome web store origin. (boo#1150425) - CVE-2019-13678: Fixed a download dialog spoofing opportunity. (boo#1150425) - CVE-2019-13679: Fixed a the necessity of a user gesture for printing. (boo#1150425) - CVE-2019-13680: Fixed an IP address spoofing error. (boo#1150425) - CVE-2019-13681: Fixed a bypass on download restrictions. (boo#1150425) - CVE-2019-13682: Fixed a site isolation bypass. (boo#1150425) - CVE-2019-13683: Fixed an exceptions leaked by devtools. (boo#1150425) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-77.0.3865.75-bp151.3.12.1.x86_64.rpm chromium-77.0.3865.75-bp151.3.12.1.src.rpm chromium-77.0.3865.75-bp151.3.12.1.x86_64.rpm chromedriver-77.0.3865.75-bp151.3.12.1.aarch64.rpm chromium-77.0.3865.75-bp151.3.12.1.aarch64.rpm openSUSE-2019-2211 moderate openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin to 4.9.1 fixes the following issues: Security issue fixed: - CVE-2019-12922: Fixed CSRF issue that allowed deletion of any server in the Setup page. (boo#1150914) phpMyAdmin-4.9.1-bp151.3.6.1.noarch.rpm phpMyAdmin-4.9.1-bp151.3.6.1.src.rpm openSUSE-2019-2180 moderate openSUSE Backports SLE-15-SP1 Update This update for bird fixes the following issues: - CVE-2019-16159: Fixed a stack-based buffer overflow via administrative shutdown communication messages. (bnc#1150108) This update was imported from the openSUSE:Leap:15.1:Update update project. bird-1.6.8-bp151.2.3.1.src.rpm bird-1.6.8-bp151.2.3.1.x86_64.rpm bird-common-1.6.8-bp151.2.3.1.x86_64.rpm bird-doc-1.6.8-bp151.2.3.1.x86_64.rpm bird6-1.6.8-bp151.2.3.1.x86_64.rpm bird-1.6.8-bp151.2.3.1.aarch64.rpm bird-common-1.6.8-bp151.2.3.1.aarch64.rpm bird-doc-1.6.8-bp151.2.3.1.aarch64.rpm bird6-1.6.8-bp151.2.3.1.aarch64.rpm bird-1.6.8-bp151.2.3.1.ppc64le.rpm bird-common-1.6.8-bp151.2.3.1.ppc64le.rpm bird-doc-1.6.8-bp151.2.3.1.ppc64le.rpm bird6-1.6.8-bp151.2.3.1.ppc64le.rpm bird-1.6.8-bp151.2.3.1.s390x.rpm bird-common-1.6.8-bp151.2.3.1.s390x.rpm bird-doc-1.6.8-bp151.2.3.1.s390x.rpm bird6-1.6.8-bp151.2.3.1.s390x.rpm openSUSE-2019-2221 moderate openSUSE Backports SLE-15-SP1 Update This update for varnish fixes the following issues: Security issue fixed: - CVE-2019-15892: Fixed a potential denial of service by sending crafted HTTP/1 requests (boo#1149382). Non-security issues fixed: - Updated the package to release 6.2.1. - Added a thread pool watchdog which will restart the worker process if scheduling tasks onto worker threads appears stuck. The new parameter "thread_pool_watchdog" configures it. - Disabled error for clobbering, which caused bogus error in varnishtest. This update was imported from the openSUSE:Leap:15.0:Update update project. libvarnishapi2-6.2.1-bp151.4.3.1.x86_64.rpm libvarnishapi2-debuginfo-6.2.1-bp151.4.3.1.x86_64.rpm varnish-6.2.1-bp151.4.3.1.src.rpm varnish-6.2.1-bp151.4.3.1.x86_64.rpm varnish-debuginfo-6.2.1-bp151.4.3.1.x86_64.rpm varnish-debugsource-6.2.1-bp151.4.3.1.x86_64.rpm varnish-devel-6.2.1-bp151.4.3.1.x86_64.rpm libvarnishapi2-6.2.1-bp151.4.3.1.aarch64.rpm libvarnishapi2-debuginfo-6.2.1-bp151.4.3.1.aarch64.rpm varnish-6.2.1-bp151.4.3.1.aarch64.rpm varnish-debuginfo-6.2.1-bp151.4.3.1.aarch64.rpm varnish-debugsource-6.2.1-bp151.4.3.1.aarch64.rpm varnish-devel-6.2.1-bp151.4.3.1.aarch64.rpm libvarnishapi2-6.2.1-bp151.4.3.1.ppc64le.rpm libvarnishapi2-debuginfo-6.2.1-bp151.4.3.1.ppc64le.rpm varnish-6.2.1-bp151.4.3.1.ppc64le.rpm varnish-debuginfo-6.2.1-bp151.4.3.1.ppc64le.rpm varnish-debugsource-6.2.1-bp151.4.3.1.ppc64le.rpm varnish-devel-6.2.1-bp151.4.3.1.ppc64le.rpm libvarnishapi2-6.2.1-bp151.4.3.1.s390x.rpm libvarnishapi2-debuginfo-6.2.1-bp151.4.3.1.s390x.rpm varnish-6.2.1-bp151.4.3.1.s390x.rpm varnish-debuginfo-6.2.1-bp151.4.3.1.s390x.rpm varnish-debugsource-6.2.1-bp151.4.3.1.s390x.rpm varnish-devel-6.2.1-bp151.4.3.1.s390x.rpm openSUSE-2019-2229 important openSUSE Backports SLE-15-SP1 Update This update for chromium to version 77.0.3865.90 fixes the following issues: - CVE-2019-13685: Fixed a use-after-free in UI. (boo#1151229) - CVE-2019-13688: Fixed a use-after-free in media. (boo#1151229) - CVE-2019-13687: Fixed a use-after-free in media. (boo#1151229) - CVE-2019-13686: Fixed a use-after-free in offline pages. (boo#1151229) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-77.0.3865.90-bp151.3.15.1.x86_64.rpm chromium-77.0.3865.90-bp151.3.15.1.src.rpm chromium-77.0.3865.90-bp151.3.15.1.x86_64.rpm chromedriver-77.0.3865.90-bp151.3.15.1.aarch64.rpm chromium-77.0.3865.90-bp151.3.15.1.aarch64.rpm openSUSE-2019-2247 moderate openSUSE Backports SLE-15-SP1 Update This update for mosquitto fixes the following issues: - CVE-2019-11779: Fixed insufficient parsing of SUBSCRIBE packets that could lead to a stack overflow (bsc#1151494). This update was imported from the openSUSE:Leap:15.1:Update update project. libmosquitto1-1.5.7-bp151.3.3.1.x86_64.rpm libmosquittopp1-1.5.7-bp151.3.3.1.x86_64.rpm mosquitto-1.5.7-bp151.3.3.1.src.rpm mosquitto-1.5.7-bp151.3.3.1.x86_64.rpm mosquitto-clients-1.5.7-bp151.3.3.1.x86_64.rpm mosquitto-devel-1.5.7-bp151.3.3.1.x86_64.rpm libmosquitto1-1.5.7-bp151.3.3.1.aarch64.rpm libmosquittopp1-1.5.7-bp151.3.3.1.aarch64.rpm mosquitto-1.5.7-bp151.3.3.1.aarch64.rpm mosquitto-clients-1.5.7-bp151.3.3.1.aarch64.rpm mosquitto-devel-1.5.7-bp151.3.3.1.aarch64.rpm libmosquitto1-1.5.7-bp151.3.3.1.ppc64le.rpm libmosquittopp1-1.5.7-bp151.3.3.1.ppc64le.rpm mosquitto-1.5.7-bp151.3.3.1.ppc64le.rpm mosquitto-clients-1.5.7-bp151.3.3.1.ppc64le.rpm mosquitto-devel-1.5.7-bp151.3.3.1.ppc64le.rpm libmosquitto1-1.5.7-bp151.3.3.1.s390x.rpm libmosquittopp1-1.5.7-bp151.3.3.1.s390x.rpm mosquitto-1.5.7-bp151.3.3.1.s390x.rpm mosquitto-clients-1.5.7-bp151.3.3.1.s390x.rpm mosquitto-devel-1.5.7-bp151.3.3.1.s390x.rpm openSUSE-2019-2259 moderate openSUSE Backports SLE-15-SP1 Update This update for python-numpy fixes the following issues: Non-security issues fixed: - Updated to upstream version 1.16.1. (bsc#1149203) (jsc#SLE-8532) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.src.rpm python2-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.x86_64.rpm python2-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.x86_64.rpm python3-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.x86_64.rpm python3-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.x86_64.rpm python-numpy-1.16.1-bp151.2.3.1.src.rpm python2-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.aarch64.rpm python2-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.aarch64.rpm python3-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.aarch64.rpm python3-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.aarch64.rpm python2-numpy-gnu-hpc-1.16.1-bp151.2.3.1.ppc64le.rpm python2-numpy-gnu-hpc-devel-1.16.1-bp151.2.3.1.ppc64le.rpm python2-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.ppc64le.rpm python2-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.ppc64le.rpm python3-numpy-gnu-hpc-1.16.1-bp151.2.3.1.ppc64le.rpm python3-numpy-gnu-hpc-devel-1.16.1-bp151.2.3.1.ppc64le.rpm python3-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.ppc64le.rpm python3-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.ppc64le.rpm python2-numpy-gnu-hpc-1.16.1-bp151.2.3.1.s390x.rpm python2-numpy-gnu-hpc-devel-1.16.1-bp151.2.3.1.s390x.rpm python2-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.s390x.rpm python2-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.s390x.rpm python3-numpy-gnu-hpc-1.16.1-bp151.2.3.1.s390x.rpm python3-numpy-gnu-hpc-devel-1.16.1-bp151.2.3.1.s390x.rpm python3-numpy_1_16_1-gnu-hpc-1.16.1-bp151.2.3.1.s390x.rpm python3-numpy_1_16_1-gnu-hpc-devel-1.16.1-bp151.2.3.1.s390x.rpm openSUSE-2019-2273 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: Version update to 1.1.5 (boo#1099674): * Use https in URL in spec-cleaner.spec test * Remove duplicated backslash in regexp * Parallelize test run * Add jupyter_move_config to excludes from bracketing * Do not fail if URL is ftp:// or other protocol * Make xdist enabled by default on all test runs and add xdist to deps * By default remove groups from packages This update was imported from the openSUSE:Leap:15.0:Update update project. spec-cleaner-1.1.5-bp151.3.6.1.noarch.rpm spec-cleaner-1.1.5-bp151.3.6.1.src.rpm spec-cleaner-format_spec_file-1.1.5-bp151.3.6.1.noarch.rpm openSUSE-2019-2287 moderate openSUSE Backports SLE-15-SP1 Update This update for lxcfs fixes the following issues: lxcfs was updated to version 3.1.2 (released on the 24th of July 2019) New Features: * Add support for per-container cpu usage in /proc/stat * Add support for load average (loadavg) virtualization * Display cpus in /proc/cpuinfo based on cpu quotas * Allow to disable swap in /proc/meminfo output * Virtualize /sys/devices/system/cpu/online * Enable higher precision output in /proc/uptime * Add support for FUSE nonempty option Bugfixes: * bindings: ensure that opts is non NULL * Makefile: Fix typo in file name * remove unused functions * sys dirs do not need to implement 'read' method * lxcfs: coding style update * config: Adds RPM spec file. * config: Adds reload mode to sysvinit and systemd scripts. * bindings: prevent NULL pointer dereference * stat: check for out of bound access to cpuacct usage data * calc_hash(): do not apply modulo LOAD_SIZE * tests: include missing sys/sysmacros.h header * bindings: prevent double free * bindings: better logging for write_string() * meminfo: set ShmemHugePages and ShmemPmdMapped to zero * bindings: fix memory leak in calc_pid() * travis: fix .travis.yml * bindings: fix memory leak in proc_loadavg_read() - Make lxcfs-hooks-lxc supplement liblxc1 instead of lxc, since there are other liblxc1 users (such as LXD). This update was imported from the openSUSE:Leap:15.1:Update update project. lxcfs-3.1.2-bp151.3.3.1.src.rpm lxcfs-3.1.2-bp151.3.3.1.x86_64.rpm lxcfs-hooks-lxc-3.1.2-bp151.3.3.1.noarch.rpm lxcfs-3.1.2-bp151.3.3.1.aarch64.rpm lxcfs-3.1.2-bp151.3.3.1.ppc64le.rpm lxcfs-3.1.2-bp151.3.3.1.s390x.rpm openSUSE-2019-2286 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: Update to lxc 3.2.1. The changelog can be found at https://discuss.linuxcontainers.org/t/lxc-3-2-1-has-been-released/5322 + seccomp: support syscall forwarding to userspace + add lxc.seccomp.allow_nesting + pidfd: Add initial support for the new pidfd api * Many hardening improvements. * Use /sys/kernel/cgroup/delegate file for cgroup v2. * Fix CVE-2019-5736 equivalent bug. - fix apparmor dropin to be compatible with LXC 3.1.0 (boo#1131762) This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-3.2.1-bp151.5.3.1.x86_64.rpm liblxc1-3.2.1-bp151.5.3.1.x86_64.rpm lxc-3.2.1-bp151.5.3.1.src.rpm lxc-3.2.1-bp151.5.3.1.x86_64.rpm lxc-bash-completion-3.2.1-bp151.5.3.1.noarch.rpm pam_cgfs-3.2.1-bp151.5.3.1.x86_64.rpm liblxc-devel-3.2.1-bp151.5.3.1.aarch64.rpm liblxc1-3.2.1-bp151.5.3.1.aarch64.rpm lxc-3.2.1-bp151.5.3.1.aarch64.rpm pam_cgfs-3.2.1-bp151.5.3.1.aarch64.rpm liblxc-devel-3.2.1-bp151.5.3.1.ppc64le.rpm liblxc1-3.2.1-bp151.5.3.1.ppc64le.rpm lxc-3.2.1-bp151.5.3.1.ppc64le.rpm pam_cgfs-3.2.1-bp151.5.3.1.ppc64le.rpm liblxc-devel-3.2.1-bp151.5.3.1.s390x.rpm liblxc1-3.2.1-bp151.5.3.1.s390x.rpm lxc-3.2.1-bp151.5.3.1.s390x.rpm pam_cgfs-3.2.1-bp151.5.3.1.s390x.rpm openSUSE-2019-2288 moderate openSUSE Backports SLE-15-SP1 Update This update for singularity fixes the following issues: singularity was updated to version 3.4.1: This point release addresses the following issues: - Fixes an issue where a PID namespace was always being used - Fixes compilation on non 64-bit architectures - Allows fakeroot builds for zypper, pacstrap, and debootstrap - Correctly detects seccomp on OpenSUSE - Honors GO_MODFLAGS properly in the mconfig generated makefile - Passes the Mac hostname to the VM in MacOS Singularity builds - Handles temporary EAGAIN failures when setting up loop devices on recent kernels. New version 3.4.0. Many changes since 3.2.1, for the full changelog please read CHANGELOG.md Update to version 3.2.1: This point release fixes the following bugs: - Allows users to join instances with non-suid workflow - Removes false warning when seccomp is disabled on the host - Fixes an issue in the terminal when piping output to commands - Binds NVIDIA persistenced socket when `--nv` is invoked Improve integration with SUSE Products: add support to create Singularity images with SLE. * Newer SUSE versions use a different path for the RPM database. * When the installation succeeds by an installation scriptlet fails zypper returns error code 107. Don't treat this as an error. * In order to specify a repository GPG key, add support for multi line variables. * In order to specify a list of additional repos, add support to 'indexed' variables. * Improve handling of SUSE repositires: - For SLE, use SUSEConnect to get all product repos. - Allow to specify a repository GPG key. - Allow to specify additional installation repositories. - Add group 'singularity', fix ownerships. Updated to singularity v3.2.0 * CVE-2019-11328: Instance files are now stored in user's home directory for privacy and many checks have been added to ensure that a user can't manipulate files to change `starter-suid` behavior when instances are joined (many thanks to Matthias Gerstner from the SUSE security team for finding and securely reporting this vulnerability) (boo#1128598) * New features / functionalities - Introduced a new basic framework for creating and managing plugins - Added the ability to create containers through multi-stage builds - Created the concept of a Sylabs Cloud "remote" endpoint and added the ability for users and admins to set them through CLI and conf files - Added caching for images from Singularity Hub - Made it possible to compile Singularity outside of `$GOPATH` - Added a json partition to SIF files for OCI configuration when building from an OCI source - Full integration with Singularity desktop for MacOS code base * New Commands - Introduced the `plugin` command group for creating and managing plugins. * Introduced the `remote` command group to support management of Singularity endpoints. * Added to the `key` command group to improve PGP key management. * Added the `Stage: <name>` keyword to the definition file header and the `from <stage name>` option/argument pair to the `%files` section to support multistage builds * Deprecated / removed commands - The `--token/-t` option has been deprecated in favor of the `singularity remote` command group * Changed defaults / behaviors - Ask to confirm password on a newly generated PGP key - Prompt to push a key to the KeyStore when generated - Refuse to push an unsigned container unless overridden with `--allow-unauthenticated/-U` option - Warn and prompt when pulling an unsigned container without the `--allow-unauthenticated/-U` option For more information check: https://github.com/sylabs/singularity/blob/release-3.2/CHANGELOG.md Updated to singularity v3.1.1: * New Commands - New hidden `buildcfg` command to display compile-time parameters - Added support for `LDFLAGS`, `CFLAGS`, `CGO_` variables in build system - Added `--nocolor` flag to Singularity client to disable color in logging * Removed Commands - `singularity capability <add/drop> --desc` has been removed - `singularity capability list <--all/--group/--user>` flags have all been removed * New features / functionalities - The `--builder` flag to the `build` command implicitly sets `--remote` - Repeated binds no longer cause Singularity to exit and fail, just warn instead - Corrected typos and improved docstrings throughout - Removed warning when CWD does not exist on the host system - Added support to spec file for RPM building on SLES 11 Update to singularity 3.1.0 what is reimplementaion in go so this is a complete new build and just reusing the changelog entries, following build differences were made to the upstream spec file * build position independent executable * build stripped executable - Change from /var/singularity to /var/lib/singularity - Fix warning on bash-completion file about non-executible script. - Add bash completions directory to file list for suse_version < 1500 to keep the build checker happy. singularity-3.4.1-bp151.3.3.1.src.rpm singularity-3.4.1-bp151.3.3.1.x86_64.rpm singularity-debuginfo-3.4.1-bp151.3.3.1.x86_64.rpm singularity-3.4.1-bp151.3.3.1.aarch64.rpm singularity-debuginfo-3.4.1-bp151.3.3.1.aarch64.rpm singularity-3.4.1-bp151.3.3.1.ppc64le.rpm singularity-debuginfo-3.4.1-bp151.3.3.1.ppc64le.rpm singularity-3.4.1-bp151.3.3.1.s390x.rpm singularity-debuginfo-3.4.1-bp151.3.3.1.s390x.rpm openSUSE-2019-2292 moderate openSUSE Backports SLE-15-SP1 Update This update for putty to version 0.73 fixes the following issues: Security issues fixed: - CVE-2019-17068: Fixed the insufficient handling of terminal escape sequences, that should delimit the pasted data in bracketed paste mode (boo#1152753). - CVE-2019-17069: Fixed a possible information leak caused by SSH-1 disconnection messages (boo#1152753). This update was imported from the openSUSE:Leap:15.0:Update update project. putty-0.73-bp151.4.6.1.src.rpm putty-0.73-bp151.4.6.1.x86_64.rpm putty-debuginfo-0.73-bp151.4.6.1.x86_64.rpm putty-debugsource-0.73-bp151.4.6.1.x86_64.rpm putty-0.73-bp151.4.6.1.aarch64.rpm putty-debuginfo-0.73-bp151.4.6.1.aarch64.rpm putty-debugsource-0.73-bp151.4.6.1.aarch64.rpm putty-0.73-bp151.4.6.1.ppc64le.rpm putty-debuginfo-0.73-bp151.4.6.1.ppc64le.rpm putty-debugsource-0.73-bp151.4.6.1.ppc64le.rpm putty-0.73-bp151.4.6.1.s390x.rpm putty-debuginfo-0.73-bp151.4.6.1.s390x.rpm putty-debugsource-0.73-bp151.4.6.1.s390x.rpm openSUSE-2019-2293 moderate openSUSE Backports SLE-15-SP1 Update This update for charliecloud fixes the following issues: charliecloud was updated to version 0.11: - ch-run: /etc/resolv.conf on the host is now optional - ch-grow: support ARG instruction - build now does not infinite loop if no Python installed - miscellaneous bug fixes, and documentation and test suite improvements Update to version 0.10: - New builder ch-grow - ch-build includes option --builder - ch-docker2tar renamed to ch-builder2tar - new quashFS wrapper scripts: ch-docker2squash, ch-docker2squash, ch-tar2squash, ch-mount and ch-umount - new namespace tester ch-checkns - Full changelog at https://groups.io/g/charliecloud/message/96 Update to version 0.9.10: - Documentation and examples: misc improvements. - Full changelog at https://groups.io/g/charliecloud/message/88 Update to version 0.9.9: - Bugfixes and documentation improvements. - Full changelog at https://groups.io/g/charliecloud/message/87 This update was imported from the openSUSE:Leap:15.1:Update update project. charliecloud-0.11-bp151.2.3.1.src.rpm charliecloud-0.11-bp151.2.3.1.x86_64.rpm charliecloud-doc-0.11-bp151.2.3.1.noarch.rpm charliecloud-examples-0.11-bp151.2.3.1.noarch.rpm charliecloud-0.11-bp151.2.3.1.aarch64.rpm charliecloud-0.11-bp151.2.3.1.ppc64le.rpm charliecloud-0.11-bp151.2.3.1.s390x.rpm openSUSE-2019-2303 low openSUSE Backports SLE-15-SP1 Update This update for kfilemetadata5 fixes the following issue: kfilemetadata5 is now built with ffmpeg-4 instead of ffmpeg-3. kfilemetadata5-5.55.0-bp151.3.2.1.src.rpm kfilemetadata5-5.55.0-bp151.3.2.1.x86_64.rpm kfilemetadata5-debuginfo-5.55.0-bp151.3.2.1.x86_64.rpm kfilemetadata5-debugsource-5.55.0-bp151.3.2.1.x86_64.rpm kfilemetadata5-devel-5.55.0-bp151.3.2.1.x86_64.rpm kfilemetadata5-lang-5.55.0-bp151.3.2.1.noarch.rpm kfilemetadata5-5.55.0-bp151.3.2.1.aarch64.rpm kfilemetadata5-64bit-5.55.0-bp151.3.2.1.aarch64_ilp32.rpm kfilemetadata5-64bit-debuginfo-5.55.0-bp151.3.2.1.aarch64_ilp32.rpm kfilemetadata5-debuginfo-5.55.0-bp151.3.2.1.aarch64.rpm kfilemetadata5-debugsource-5.55.0-bp151.3.2.1.aarch64.rpm kfilemetadata5-devel-5.55.0-bp151.3.2.1.aarch64.rpm kfilemetadata5-5.55.0-bp151.3.2.1.ppc64le.rpm kfilemetadata5-debuginfo-5.55.0-bp151.3.2.1.ppc64le.rpm kfilemetadata5-debugsource-5.55.0-bp151.3.2.1.ppc64le.rpm kfilemetadata5-devel-5.55.0-bp151.3.2.1.ppc64le.rpm kfilemetadata5-5.55.0-bp151.3.2.1.s390x.rpm kfilemetadata5-debuginfo-5.55.0-bp151.3.2.1.s390x.rpm kfilemetadata5-debugsource-5.55.0-bp151.3.2.1.s390x.rpm kfilemetadata5-devel-5.55.0-bp151.3.2.1.s390x.rpm openSUSE-2019-2304 moderate openSUSE Backports SLE-15-SP1 Update This update for epiphany fixes the following issues: - CVE-2018-11396: Fixed a JavaScript crash when an invalid URI is opened (boo#1094464). epiphany-3.28.1.1-bp151.4.3.1.src.rpm epiphany-3.28.1.1-bp151.4.3.1.x86_64.rpm epiphany-branding-upstream-3.28.1.1-bp151.4.3.1.noarch.rpm epiphany-lang-3.28.1.1-bp151.4.3.1.noarch.rpm gnome-shell-search-provider-epiphany-3.28.1.1-bp151.4.3.1.x86_64.rpm epiphany-3.28.1.1-bp151.4.3.1.aarch64.rpm gnome-shell-search-provider-epiphany-3.28.1.1-bp151.4.3.1.aarch64.rpm epiphany-3.28.1.1-bp151.4.3.1.ppc64le.rpm gnome-shell-search-provider-epiphany-3.28.1.1-bp151.4.3.1.ppc64le.rpm epiphany-3.28.1.1-bp151.4.3.1.s390x.rpm gnome-shell-search-provider-epiphany-3.28.1.1-bp151.4.3.1.s390x.rpm openSUSE-2019-2314 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 77.0.3865.120 (boo#1153660): - CVE-2019-13693: Fixed a use-after-free in IndexedDB - CVE-2019-13694: Fixed a use-after-free in WebRTC - CVE-2019-13695: Fixed a use-after-free in audio - CVE-2019-13696: Fixed a use-after-free in V8 - CVE-2019-13697: Fixed a cross-origin size leak. - Fixed an issue with the video playback on Intel Kaby Lake and later (boo#1146219). This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-77.0.3865.120-bp151.3.18.1.x86_64.rpm chromium-77.0.3865.120-bp151.3.18.1.src.rpm chromium-77.0.3865.120-bp151.3.18.1.x86_64.rpm chromedriver-77.0.3865.120-bp151.3.18.1.aarch64.rpm chromium-77.0.3865.120-bp151.3.18.1.aarch64.rpm openSUSE-2019-2315 moderate openSUSE Backports SLE-15-SP1 Update This update for python-cluster-preflight-check fixes the following issues: This update ships python-cluster-preflight-check 0.0.33. python-cluster-preflight-check-0.0.33-bp151.2.1.src.rpm python2-cluster-preflight-check-0.0.33-bp151.2.1.noarch.rpm python3-cluster-preflight-check-0.0.33-bp151.2.1.noarch.rpm openSUSE-2019-2347 moderate openSUSE Backports SLE-15-SP1 Update This update for lighttpd to version 1.4.54 fixes the following issues: Security issues fixed: - CVE-2018-19052: Fixed a path traversal in mod_alias (boo#1115016). - Changed the default TLS configuration of lighttpd for better security out-of-the-box (boo#1087369). lighttpd-1.4.54-bp151.4.3.1.src.rpm lighttpd-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_authn_gssapi-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_authn_ldap-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_authn_mysql-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_authn_pam-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_authn_sasl-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_cml-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_geoip-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_magnet-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_maxminddb-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_mysql_vhost-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_rrdtool-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_vhostdb_dbi-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_vhostdb_ldap-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_vhostdb_mysql-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_vhostdb_pgsql-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-mod_webdav-1.4.54-bp151.4.3.1.x86_64.rpm lighttpd-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_authn_gssapi-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_authn_ldap-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_authn_mysql-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_authn_pam-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_authn_sasl-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_cml-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_geoip-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_magnet-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_maxminddb-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_mysql_vhost-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_rrdtool-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_trigger_b4_dl-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_vhostdb_dbi-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_vhostdb_ldap-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_vhostdb_mysql-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_vhostdb_pgsql-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-mod_webdav-1.4.54-bp151.4.3.1.aarch64.rpm lighttpd-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_authn_gssapi-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_authn_ldap-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_authn_mysql-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_authn_pam-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_authn_sasl-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_cml-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_geoip-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_magnet-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_maxminddb-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_mysql_vhost-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_rrdtool-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_trigger_b4_dl-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_vhostdb_dbi-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_vhostdb_ldap-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_vhostdb_mysql-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_vhostdb_pgsql-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-mod_webdav-1.4.54-bp151.4.3.1.ppc64le.rpm lighttpd-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_authn_gssapi-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_authn_ldap-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_authn_mysql-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_authn_pam-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_authn_sasl-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_cml-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_geoip-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_magnet-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_maxminddb-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_mysql_vhost-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_rrdtool-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_trigger_b4_dl-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_vhostdb_dbi-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_vhostdb_ldap-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_vhostdb_mysql-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_vhostdb_pgsql-1.4.54-bp151.4.3.1.s390x.rpm lighttpd-mod_webdav-1.4.54-bp151.4.3.1.s390x.rpm openSUSE-2019-2321 moderate openSUSE Backports SLE-15-SP1 Update This update for GraphicsMagick fixes the following issues: - CVE-2019-16709: Fixed a memory leak in coders/dps.c (boo#1151782). This update was imported from the openSUSE:Leap:15.0:Update update project. GraphicsMagick-1.3.29-bp151.5.6.1.src.rpm GraphicsMagick-1.3.29-bp151.5.6.1.x86_64.rpm GraphicsMagick-debuginfo-1.3.29-bp151.5.6.1.x86_64.rpm GraphicsMagick-debugsource-1.3.29-bp151.5.6.1.x86_64.rpm GraphicsMagick-devel-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick++-Q16-12-debuginfo-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick++-devel-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick-Q16-3-debuginfo-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagick3-config-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.6.1.x86_64.rpm libGraphicsMagickWand-Q16-2-debuginfo-1.3.29-bp151.5.6.1.x86_64.rpm perl-GraphicsMagick-1.3.29-bp151.5.6.1.x86_64.rpm perl-GraphicsMagick-debuginfo-1.3.29-bp151.5.6.1.x86_64.rpm openSUSE-2019-2369 moderate openSUSE Backports SLE-15-SP1 Update This update for python-bugzilla fixes the following issues: - Backport from upstream: HTTP Basic authentication feature (as used by SUSE and openSUSE) (boo#1098219) python-bugzilla-2.1.0-bp151.4.3.1.src.rpm python2-bugzilla-2.1.0-bp151.4.3.1.noarch.rpm python3-bugzilla-2.1.0-bp151.4.3.1.noarch.rpm openSUSE-2019-2368 moderate openSUSE Backports SLE-15-SP1 Update This update for darktable fixes the following issues: - New Features - April 1st game is now disabled by default - Add preference to disable/enable April 1st game - Print module default margin set 17mm - Add support for disabling base-curve by default - Add support for disabling sharpen by default - Bugfixes - Source with OpenMP can be compiled with GCC-9 and clang - Update skin tone preset on color-zones module - Fix file access permissions on macOS Catalina 10.15 - Fix shift+scroll only scrolling in one direction on macOS - Fix picasa, piwigo and facebook SSL support - Fix CSS issue on MacOS - Base Support - Epson R-D1s - Epson R-D1x - Fujifilm FinePix F770EXR - Fujifilm X-T30 (compressed) - Fujifilm XF10 - Kodak EasyShare Z981 - Kodak EasyShare Z990 - Leica C (Typ 112) (4:3) - Leica CL (dng) - Leica Q (Typ 116) (dng) - Leica Q2 (dng) - Leica SL (Typ 601) (dng) - Leica V-LUX (Typ 114) (3:2, 4:3, 16:9, 1:1) - Olympus E-M1X - Olympus TG-6 - Panasonic DC-G90 (4:3) - Panasonic DC-G91 (4:3) - Panasonic DC-G95 (4:3) - Panasonic DC-G99 (4:3) - Panasonic DC-ZS200 (3:2) - Panasonic DMC-TX1 (3:2) - Sony DSC-RX0M2 - Sony ILCE-6400 - Sony ILCE-7RM4 - White Balance Presets - Panasonic DC-LX100M2 - Noise Profiles - Panasonic DC-LX100M2 darktable-2.6.3-bp151.4.3.1.src.rpm darktable-2.6.3-bp151.4.3.1.x86_64.rpm darktable-doc-2.6.3-bp151.4.3.1.noarch.rpm darktable-tools-basecurve-2.6.3-bp151.4.3.1.x86_64.rpm darktable-tools-noise-2.6.3-bp151.4.3.1.x86_64.rpm openSUSE-2019-2475 low openSUSE Backports SLE-15-SP1 Update This update for fcitx-qt5 fixes the following issue: - QOwnNotes always crash at close with fcitx-qt5 installed. (boo#1152412) fcitx-qt5-1.2.2-bp151.4.3.3.src.rpm fcitx-qt5-1.2.2-bp151.4.3.3.x86_64.rpm fcitx-qt5-devel-1.2.2-bp151.4.3.3.x86_64.rpm fcitx-qt5-1.2.2-bp151.4.3.3.aarch64.rpm fcitx-qt5-64bit-1.2.2-bp151.4.3.3.aarch64_ilp32.rpm fcitx-qt5-devel-1.2.2-bp151.4.3.3.aarch64.rpm fcitx-qt5-1.2.2-bp151.4.3.3.ppc64le.rpm fcitx-qt5-devel-1.2.2-bp151.4.3.3.ppc64le.rpm fcitx-qt5-1.2.2-bp151.4.3.3.s390x.rpm fcitx-qt5-devel-1.2.2-bp151.4.3.3.s390x.rpm openSUSE-2019-2476 moderate openSUSE Backports SLE-15-SP1 Update This update for arp-scan to version 1.9.6 fixes the following issues: - Update to version 1.9.6 (boo#1154552): * Use libpcap function pcap_set_immediate_mode() instead of ioctl calls to ensure packets are delivered immediately. This means that arp-scan now requires libpcap 1.5.0 or later and will not work with earlier libpcap versions - Update to version 1.9.5: * Updated IEEE OUI and IAB MAC/Vendor files. * Added new --plain (-x) option to surpress printing of header and footer text, and only display one output line for each responding host. * Use LWP::UserAgent instead of LWP::Simple in get-oui and get-iab to enable the raw content to be obtained, which avoids Unicode/UTF-8 issues. * Added arp-fingerprint patterns for WIZnet W5100 and Cisco IOS 15.0. arp-scan-1.9.6-bp151.4.3.1.src.rpm arp-scan-1.9.6-bp151.4.3.1.x86_64.rpm arp-scan-1.9.6-bp151.4.3.1.aarch64.rpm arp-scan-1.9.6-bp151.4.3.1.ppc64le.rpm arp-scan-1.9.6-bp151.4.3.1.s390x.rpm openSUSE-2019-2425 important openSUSE Backports SLE-15-SP1 Update This update for chromium, re2 fixes the following issues: Chromium was updated to 78.0.3904.70 boo#1154806: * CVE-2019-13699: Use-after-free in media * CVE-2019-13700: Buffer overrun in Blink * CVE-2019-13701: URL spoof in navigation * CVE-2019-13702: Privilege elevation in Installer * CVE-2019-13703: URL bar spoofing * CVE-2019-13704: CSP bypass * CVE-2019-13705: Extension permission bypass * CVE-2019-13706: Out-of-bounds read in PDFium * CVE-2019-13707: File storage disclosure * CVE-2019-13708: HTTP authentication spoof * CVE-2019-13709: File download protection bypass * CVE-2019-13710: File download protection bypass * CVE-2019-13711: Cross-context information leak * CVE-2019-15903: Buffer overflow in expat * CVE-2019-13713: Cross-origin data leak * CVE-2019-13714: CSS injection * CVE-2019-13715: Address bar spoofing * CVE-2019-13716: Service worker state error * CVE-2019-13717: Notification obscured * CVE-2019-13718: IDN spoof * CVE-2019-13719: Notification obscured * Various fixes from internal audits, fuzzing and other initiatives - Use internal resources for icon and appdata This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-78.0.3904.70-bp151.3.21.1.x86_64.rpm chromium-78.0.3904.70-bp151.3.21.1.src.rpm chromium-78.0.3904.70-bp151.3.21.1.x86_64.rpm libre2-0-20190901-bp151.6.3.1.x86_64.rpm libre2-0-debuginfo-20190901-bp151.6.3.1.x86_64.rpm re2-20190901-bp151.6.3.1.src.rpm re2-debugsource-20190901-bp151.6.3.1.x86_64.rpm re2-devel-20190901-bp151.6.3.1.x86_64.rpm chromedriver-78.0.3904.70-bp151.3.21.1.aarch64.rpm chromium-78.0.3904.70-bp151.3.21.1.aarch64.rpm libre2-0-20190901-bp151.6.3.1.aarch64.rpm libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32.rpm libre2-0-64bit-debuginfo-20190901-bp151.6.3.1.aarch64_ilp32.rpm libre2-0-debuginfo-20190901-bp151.6.3.1.aarch64.rpm re2-debugsource-20190901-bp151.6.3.1.aarch64.rpm re2-devel-20190901-bp151.6.3.1.aarch64.rpm libre2-0-20190901-bp151.6.3.1.ppc64le.rpm libre2-0-debuginfo-20190901-bp151.6.3.1.ppc64le.rpm re2-debugsource-20190901-bp151.6.3.1.ppc64le.rpm re2-devel-20190901-bp151.6.3.1.ppc64le.rpm libre2-0-20190901-bp151.6.3.1.s390x.rpm libre2-0-debuginfo-20190901-bp151.6.3.1.s390x.rpm re2-debugsource-20190901-bp151.6.3.1.s390x.rpm re2-devel-20190901-bp151.6.3.1.s390x.rpm openSUSE-2019-2427 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 78.0.3904.87 boo#1155643: * CVE-2019-13721: Use-after-free in PDFium * CVE-2019-13720: Use-after-free in audio This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-78.0.3904.87-bp151.3.25.1.x86_64.rpm chromium-78.0.3904.87-bp151.3.25.1.src.rpm chromium-78.0.3904.87-bp151.3.25.1.x86_64.rpm chromedriver-78.0.3904.87-bp151.3.25.1.aarch64.rpm chromium-78.0.3904.87-bp151.3.25.1.aarch64.rpm openSUSE-2019-2450 moderate openSUSE Backports SLE-15-SP1 Update This update for borgbackup fixes the following issues: - Require python3-setuptools since it's needed when running borg to find the entry point (boo#1134650) This update was imported from the openSUSE:Leap:15.1:Update update project. borgbackup-1.1.9-bp151.4.3.1.src.rpm borgbackup-1.1.9-bp151.4.3.1.x86_64.rpm borgbackup-bash-completion-1.1.9-bp151.4.3.1.noarch.rpm borgbackup-doc-1.1.9-bp151.4.3.1.x86_64.rpm borgbackup-fish-completion-1.1.9-bp151.4.3.1.noarch.rpm borgbackup-zsh-completion-1.1.9-bp151.4.3.1.noarch.rpm borgbackup-1.1.9-bp151.4.3.1.aarch64.rpm borgbackup-doc-1.1.9-bp151.4.3.1.aarch64.rpm borgbackup-1.1.9-bp151.4.3.1.ppc64le.rpm borgbackup-doc-1.1.9-bp151.4.3.1.ppc64le.rpm borgbackup-1.1.9-bp151.4.3.1.s390x.rpm borgbackup-doc-1.1.9-bp151.4.3.1.s390x.rpm openSUSE-2019-2466 moderate openSUSE Backports SLE-15-SP1 Update This update for gdal to version 2.4.3 fixes the following issues: gdal was updated to 2.4.3: - CVE-2019-17545: Fixed a double free vulnerability in OGRExpatRealloc (boo#1153918). - Multiple bug and stability fixes For more information regarding the release at: https://trac.osgeo.org/gdal/wiki/Release/2.4.3-News gdal-2.4.3-bp151.4.3.1.src.rpm gdal-2.4.3-bp151.4.3.1.x86_64.rpm gdal-devel-2.4.3-bp151.4.3.1.x86_64.rpm libgdal20-2.4.3-bp151.4.3.1.x86_64.rpm perl-gdal-2.4.3-bp151.4.3.1.x86_64.rpm python2-GDAL-2.4.3-bp151.4.3.1.x86_64.rpm python3-GDAL-2.4.3-bp151.4.3.1.x86_64.rpm gdal-2.4.3-bp151.4.3.1.aarch64.rpm gdal-devel-2.4.3-bp151.4.3.1.aarch64.rpm libgdal20-2.4.3-bp151.4.3.1.aarch64.rpm perl-gdal-2.4.3-bp151.4.3.1.aarch64.rpm python2-GDAL-2.4.3-bp151.4.3.1.aarch64.rpm python3-GDAL-2.4.3-bp151.4.3.1.aarch64.rpm gdal-2.4.3-bp151.4.3.1.ppc64le.rpm gdal-devel-2.4.3-bp151.4.3.1.ppc64le.rpm libgdal20-2.4.3-bp151.4.3.1.ppc64le.rpm perl-gdal-2.4.3-bp151.4.3.1.ppc64le.rpm python2-GDAL-2.4.3-bp151.4.3.1.ppc64le.rpm python3-GDAL-2.4.3-bp151.4.3.1.ppc64le.rpm openSUSE-2019-2479 important openSUSE Backports SLE-15-SP1 Update This update for chromium to version 78.0.3904.97 fixes the following issues: Chromium was updated to 78.0.3904.97 (boo#1156172): * Various security fixes from internal audits, fuzzing and other initiatives chromedriver-78.0.3904.97-bp151.3.28.1.x86_64.rpm chromedriver-debuginfo-78.0.3904.97-bp151.3.28.1.x86_64.rpm chromium-78.0.3904.97-bp151.3.28.1.src.rpm chromium-78.0.3904.97-bp151.3.28.1.x86_64.rpm chromium-debuginfo-78.0.3904.97-bp151.3.28.1.x86_64.rpm chromium-debugsource-78.0.3904.97-bp151.3.28.1.x86_64.rpm chromedriver-78.0.3904.97-bp151.3.28.1.aarch64.rpm chromedriver-debuginfo-78.0.3904.97-bp151.3.28.1.aarch64.rpm chromium-78.0.3904.97-bp151.3.28.1.aarch64.rpm chromium-debuginfo-78.0.3904.97-bp151.3.28.1.aarch64.rpm chromium-debugsource-78.0.3904.97-bp151.3.28.1.aarch64.rpm openSUSE-2019-2492 moderate openSUSE Backports SLE-15-SP1 Update This update for psi+ fixes the following issues: psi+ was updated to 1.4.877. * Fixed psi autostart on Linux OS * An attempt to fix text drag-n-drop in OS Linux with Qt>=5.11 * fixed drag'n'drop for sharing * PEP options updated. Added possibility to enable/disable tunes from options * Update sound record button on chatedit type switching * Fixed potential crash on audio histogram normalization * Added actions to desktop file * Fixed crash on roster contact search * make histogram working * Jingle over http (#464) * Removed A Tip Of The Day dialog as outdated * Rubbish removed * themeserver removed * Enabled http server on all unix systems * Fixed text label emptiness at start of recording * File sharing for arbitrary mimetype * Voice messaging UI * Deprecate http upload plugin in favor of internal media sharing * Auto accept jingle download requests for shared files * save downloaded share to cache * Handle only audio references for now * Make audio messages working * Work in progress on reference display * Fixed crash on apply of terminated session * Fixed crash on double delete of httpupload * Remove temporary shared files * Send all shared items in one message * Send references in one message * iris relinked * qite relinked This update was imported from the openSUSE:Leap:15.0:Update update project. psi+-lang-1.4.877+2-bp151.4.3.2.noarch.rpm psi+-lang-1.4.877+2-bp151.4.3.2.src.rpm psi+-1.4.885+0-bp151.4.3.2.src.rpm psi+-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-data-1.4.885+0-bp151.4.3.2.noarch.rpm psi+-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-debugsource-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-attentionplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-attentionplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-autoreplyplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-autoreplyplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-birthdayreminderplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-birthdayreminderplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-chessplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-chessplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-cleanerplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-cleanerplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-clientswitcherplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-clientswitcherplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-conferenceloggerplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-conferenceloggerplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-contentdownloaderplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-contentdownloaderplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-devel-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-enummessagesplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-enummessagesplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-extendedmenuplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-extendedmenuplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-extendedoptionsplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-extendedoptionsplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-gnupgplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-gnupgplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-gomokugameplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-gomokugameplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-historykeeperplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-historykeeperplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-icqdieplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-icqdieplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-imageplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-imageplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-imagepreviewplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-imagepreviewplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-jabberdiskplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-jabberdiskplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-juickplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-juickplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-messagefilterplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-messagefilterplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-omemoplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-omemoplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-otrplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-otrplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-pepchangenotifyplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-pepchangenotifyplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-qipxstatusesplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-qipxstatusesplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-screenshotplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-screenshotplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-skinsplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-skinsplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-stopspamplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-stopspamplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-storagenotesplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-storagenotesplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-translateplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-translateplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-videostatusplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-videostatusplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-watcherplugin-1.4.885+0-bp151.4.3.2.x86_64.rpm psi+-plugins-watcherplugin-debuginfo-1.4.885+0-bp151.4.3.2.x86_64.rpm openSUSE-2019-2484 low openSUSE Backports SLE-15-SP1 Update This update for fcitx-qt5 fixes the following issue: - QOwnNotes always crash at close with fcitx-qt5 installed. (boo#1152412) This update was imported from the openSUSE:Leap:15.0:Update update project. fcitx-qt5-1.2.2-bp151.4.6.1.src.rpm fcitx-qt5-1.2.2-bp151.4.6.1.x86_64.rpm fcitx-qt5-devel-1.2.2-bp151.4.6.1.x86_64.rpm fcitx-qt5-1.2.2-bp151.4.6.1.aarch64.rpm fcitx-qt5-64bit-1.2.2-bp151.4.6.1.aarch64_ilp32.rpm fcitx-qt5-devel-1.2.2-bp151.4.6.1.aarch64.rpm fcitx-qt5-1.2.2-bp151.4.6.1.ppc64le.rpm fcitx-qt5-devel-1.2.2-bp151.4.6.1.ppc64le.rpm fcitx-qt5-1.2.2-bp151.4.6.1.s390x.rpm fcitx-qt5-devel-1.2.2-bp151.4.6.1.s390x.rpm openSUSE-2019-2486 important openSUSE Backports SLE-15-SP1 Update This update for syslog-ng fixes the following issues: - fixed timezone package parsing that led to crashes (boo#1152420) This update was imported from the openSUSE:Leap:15.1:Update update project. libevtlog-3_19-0-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-3.19.1-bp151.4.3.1.src.rpm syslog-ng-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-curl-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-devel-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-geoip-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-java-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-python-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-redis-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-smtp-3.19.1-bp151.4.3.1.x86_64.rpm syslog-ng-sql-3.19.1-bp151.4.3.1.x86_64.rpm libevtlog-3_19-0-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-curl-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-devel-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-geoip-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-java-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-python-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-redis-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-smtp-3.19.1-bp151.4.3.1.aarch64.rpm syslog-ng-sql-3.19.1-bp151.4.3.1.aarch64.rpm libevtlog-3_19-0-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-curl-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-devel-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-geoip-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-java-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-python-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-redis-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-smtp-3.19.1-bp151.4.3.1.ppc64le.rpm syslog-ng-sql-3.19.1-bp151.4.3.1.ppc64le.rpm libevtlog-3_19-0-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-curl-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-devel-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-geoip-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-java-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-python-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-redis-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-smtp-3.19.1-bp151.4.3.1.s390x.rpm syslog-ng-sql-3.19.1-bp151.4.3.1.s390x.rpm openSUSE-2019-2496 moderate openSUSE Backports SLE-15-SP1 Update This update for trytond fixes the following issues: trytond was updated to version 4.6.21 - Bugfix Release: home directory of tryton user corrected (boo #1155685) This update was imported from the openSUSE:Leap:15.1:Update update project. trytond-4.6.21-bp151.3.6.1.noarch.rpm trytond-4.6.21-bp151.3.6.1.src.rpm openSUSE-2019-2498 moderate openSUSE Backports SLE-15-SP1 Update This update for python-kubernetes fixes the following issues: - python-ipaddress is only required for building on Python2 (on Python3 is part of the standard library) - Backport fix for base64 padding in kubeconfig (bsc#1151481) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-kubernetes-8.0.1-bp151.2.3.1.src.rpm python2-kubernetes-8.0.1-bp151.2.3.1.noarch.rpm python3-kubernetes-8.0.1-bp151.2.3.1.noarch.rpm openSUSE-2019-2513 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: Update to 1.1.6 (boo#1099674): * Do not remove groups by default. Now, groups are kept untouched by default. Introduce a new option '--remove-groups' that removes Group tags from the specfile. Remove '--preserve_groups' option. * Say goodbye to setup.py test usage as it is deprecated * Update the copyring and SUSE header string wrt #264 * Ignore hpc_configure macro from bracketing This update was imported from the openSUSE:Leap:15.0:Update update project. spec-cleaner-1.1.6-bp151.3.9.1.noarch.rpm spec-cleaner-1.1.6-bp151.3.9.1.src.rpm spec-cleaner-format_spec_file-1.1.6-bp151.3.9.1.noarch.rpm openSUSE-2019-2542 moderate openSUSE Backports SLE-15-SP1 Update This update for twinkle fixes the following issues: twinkle was updated to version 1.10.2: * fix sound not working with ALSA 1.1.7 * translation updates * various bug fixes twinkle-1.10.2-bp151.4.3.1.src.rpm twinkle-1.10.2-bp151.4.3.1.x86_64.rpm twinkle-1.10.2-bp151.4.3.1.aarch64.rpm twinkle-1.10.2-bp151.4.3.1.ppc64le.rpm twinkle-1.10.2-bp151.4.3.1.s390x.rpm openSUSE-2019-2525 moderate openSUSE Backports SLE-15-SP1 Update This update for python-translation-finder provides the following fixes: - Update from version 1.6 to 1.7. (boo#1142582) * Improved handling of invalid JSON files. * Improved detection of flat JSON files. * Improved compatibility with OSX. * Improved detection of new base with gettext PO files. This update was imported from the openSUSE:Leap:15.1:Update update project. python-translation-finder-1.7-bp151.2.4.1.src.rpm python2-translation-finder-1.7-bp151.2.4.1.noarch.rpm python3-translation-finder-1.7-bp151.2.4.1.noarch.rpm openSUSE-2019-2539 important openSUSE Backports SLE-15-SP1 Update This update for chromium to version 78.0.3904.108 fixes the following issues: - Chromium was updated to 78.0.3904.108 (boo#1157269) Security issues fixed: - CVE-2019-13723: Fixed a use-after-free in Bluetooth - CVE-2019-13724: Fixed an out of bounds access in Bluetooth chromedriver-78.0.3904.108-bp151.3.31.1.x86_64.rpm chromium-78.0.3904.108-bp151.3.31.1.src.rpm chromium-78.0.3904.108-bp151.3.31.1.x86_64.rpm chromedriver-78.0.3904.108-bp151.3.31.1.aarch64.rpm chromium-78.0.3904.108-bp151.3.31.1.aarch64.rpm openSUSE-2019-2546 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: spec-cleaner was updated to 1.1.7 boo#1099674: * Fix a duplication with new SUSE copyright line * Exclude all pom_ macros from bracketing This update was imported from the openSUSE:Leap:15.0:Update update project. spec-cleaner-1.1.7-bp151.3.12.1.noarch.rpm spec-cleaner-1.1.7-bp151.3.12.1.src.rpm spec-cleaner-format_spec_file-1.1.7-bp151.3.12.1.noarch.rpm openSUSE-2019-2558 moderate openSUSE Backports SLE-15-SP1 Update This update for apache2-mod_perl to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account (bsc#1156944). Other issue addressed: - Restore process name after sv_setpv_mg() call. (bsc#1091625) This update was imported from the openSUSE:Leap:15.0:Update update project. apache2-mod_perl-2.0.11-bp151.4.3.1.src.rpm apache2-mod_perl-2.0.11-bp151.4.3.1.x86_64.rpm apache2-mod_perl-debuginfo-2.0.11-bp151.4.3.1.x86_64.rpm apache2-mod_perl-debugsource-2.0.11-bp151.4.3.1.x86_64.rpm apache2-mod_perl-devel-2.0.11-bp151.4.3.1.x86_64.rpm apache2-mod_perl-2.0.11-bp151.4.3.1.aarch64.rpm apache2-mod_perl-debuginfo-2.0.11-bp151.4.3.1.aarch64.rpm apache2-mod_perl-debugsource-2.0.11-bp151.4.3.1.aarch64.rpm apache2-mod_perl-devel-2.0.11-bp151.4.3.1.aarch64.rpm apache2-mod_perl-2.0.11-bp151.4.3.1.ppc64le.rpm apache2-mod_perl-debuginfo-2.0.11-bp151.4.3.1.ppc64le.rpm apache2-mod_perl-debugsource-2.0.11-bp151.4.3.1.ppc64le.rpm apache2-mod_perl-devel-2.0.11-bp151.4.3.1.ppc64le.rpm apache2-mod_perl-2.0.11-bp151.4.3.1.s390x.rpm apache2-mod_perl-debuginfo-2.0.11-bp151.4.3.1.s390x.rpm apache2-mod_perl-debugsource-2.0.11-bp151.4.3.1.s390x.rpm apache2-mod_perl-devel-2.0.11-bp151.4.3.1.s390x.rpm openSUSE-2019-2599 moderate openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.2: * CVE-2019-18622: SQL injection in Designer feature (boo#1157614) * Fixes for "Failed to set session cookie" error * Advisor with MySQL 8.0.3 and newer * Fix PHP deprecation errors * Fix a situation where exporting users after a delete query could remove users * Fix incorrect "You do not have privileges to manipulate with the users!" warning * Fix copying a database's privileges and several other problems moving columns with MariaDB * Fix for phpMyAdmin not selecting all the values when using shift-click to select during Export phpMyAdmin-4.9.2-bp151.3.9.1.noarch.rpm phpMyAdmin-4.9.2-bp151.3.9.1.src.rpm openSUSE-2019-2583 moderate openSUSE Backports SLE-15-SP1 Update This update for thunar fixes the following issues: - Fixes tree view jumps (scrolls) when clicking on a directory (boo#1139815) libthunarx-3-0-1.8.4-bp151.3.6.1.x86_64.rpm thunar-1.8.4-bp151.3.6.1.src.rpm thunar-1.8.4-bp151.3.6.1.x86_64.rpm thunar-devel-1.8.4-bp151.3.6.1.x86_64.rpm thunar-lang-1.8.4-bp151.3.6.1.noarch.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.6.1.x86_64.rpm libthunarx-3-0-1.8.4-bp151.3.6.1.aarch64.rpm thunar-1.8.4-bp151.3.6.1.aarch64.rpm thunar-devel-1.8.4-bp151.3.6.1.aarch64.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.6.1.aarch64.rpm libthunarx-3-0-1.8.4-bp151.3.6.1.ppc64le.rpm thunar-1.8.4-bp151.3.6.1.ppc64le.rpm thunar-devel-1.8.4-bp151.3.6.1.ppc64le.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.6.1.ppc64le.rpm libthunarx-3-0-1.8.4-bp151.3.6.1.s390x.rpm thunar-1.8.4-bp151.3.6.1.s390x.rpm thunar-devel-1.8.4-bp151.3.6.1.s390x.rpm typelib-1_0-Thunarx-3_0-1.8.4-bp151.3.6.1.s390x.rpm openSUSE-2019-2646 moderate openSUSE Backports SLE-15-SP1 Update This update for drbd-formula, habootstrap-formula, python-shaptools, salt-shaptools, saphanabootstrap-formula and salt fixes the following issues: habootstrap-formula 0.2.9: * Fix issue with file permissions during package installation in /usr/share/salt-formulas (0755, root, salt) (boo#1142306) * Add customizable timeout to the join process and rename join_timer to wait_for_initialization * remove and replace hawk-apiserver with prometheus-ha_cluster_exporter pkg * Update the pkg.info_available call to avoid repositories refresh as it may cause errors * Add packages and ha_exporter options to the SUMA form.yml file * Fix typo in Pillar attribute name * Add HA monitoring to the formula salt-shaptools 0.2.3: - Create package version 0.2.3 with drbd files renamed. - Create package version 0.2.2 updating how additional_dvds is used in netweavermod - Create first salt modules and states to manage SAP Netweaver * Install ASCS SAP instance in a idempotent way python-shaptools 0.3.3: - Add update_conf_file for Netweaver - Add isconnected and reconnect methods - Add the required code to install SAP Netweaver instances * Wrap sapcontrol command usage * Install and uninstall SAP instances * Check current installation status - Add support for Power machines (jsc#SLE-4031, jsc#SLE-4143, boo#1137989) saphanabootstrap-formula 0.3.2: * Fix issue with file permissions during package installation in /usr/share/salt-formulas (0755, root, salt) (boo#1142306) * Fix 'true' rendering in jinja to convert to json correctly * Add support for multi tenant hanadb_exporter * Update the pkg.info_available call to avoid repositories refresh as it may cause errors * Fix issue with file permissions during package installation in /usr/share/salt-formulas (0755, root, salt) (boo#1142306) drbd-formula 0.3.7: * Retry the packages installation to make the code more robust * Remove additional_repos salt state * Fix issue with file permissions during package installation in /usr/share/salt-formulas (0755, root, salt) (boo#1142306) * Remove the duplicate default value in salt state * Not to install package by default * Remove salt indent and change the order of pillar * Add prefix to ID to avoid conflicts * Install xfsprogs when need to format xfs - Version 0.3.2, boo#1142762 * Restructure the deploy and examples directories * Add examples of using NFS formula * Fix the issue of mkfs and mount NFS share * Polish the form.yml based on SUMA4.0, change some default values. - Version 0.3.1 * Change the requires to salt-formulas-configuration as this is the virtual "provides" shared by salt and SUMA to guarantee that the formula works integrated with both (not at the same time). (boo#1142306) * Change the directory permission to avoid file conflicts with SUMA. - Version 0.3.0, jsc#SLE-6970 * Move to SUSE org * Add SUSE manager support - Version 0.2.2 * Support make file system after initialization * Support mount to specific folder * Add habootstrap-formula pillar/tempalte - Version 0.2.1 * Polish the README * Add travis file for auto package to obs * Change node names in example * Modify state ID to avoid conflict of other formulas - Version 0.2.0 * Add description in pillar.example. * Support more parameters in global_common.conf * Fix bugs in initial sync. * Add promote/demote state. * Use grains['host'] for primary node. salt for openSUSE Leap 15.1 received the following fixes: - Add missing 'fun' on events coming from salt-ssh wfunc executions (bsc#1151947) - Fix failing unit tests for batch async - Fix memory consumption problem on BatchAsync (bsc#1137642) - Remove wrong %endif on spec file - fix dependencies for RHEL 8 - Differentiating between markupsafe and MarkupSafe for Python3 - Prevent systemd-run description issue when running aptpkg (bsc#1152366) - Take checksums arg into account for postgres.datadir_init (bsc#1151650) - Improve batch_async to release consumed memory (bsc#1140912) - Require shadow instead of old pwdutils (bsc#1130588) - Conflict with tornado >= 5; for now we can only cope with Tornado 4.x (bsc#1101780). - Fix virt.full_info (bsc#1146382) - virt.volume_infos: silence libvirt error message - virt.volume_infos needs to ignore inactive pools - Fix for various bugs in virt network and pool states - Implement network.fqdns module function (bsc#1134860) - Strip trailing "/" from repo.uri when comparing repos in apktpkg.mod_repo (bsc#1146192) - Make python3 default for RHEL8 - Use python3 to build package Salt for RHEL8 - Fix aptpkg systemd call (bsc#1143301) - Move server_id deprecation warning to reduce log spamming (bsc#1135567) (bsc#1135732) salt was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.0:Update update project. habootstrap-formula-0.2.9-bp151.8.1.noarch.rpm habootstrap-formula-0.2.9-bp151.8.1.src.rpm python-shaptools-0.3.3-bp151.8.1.src.rpm python2-shaptools-0.3.3-bp151.8.1.noarch.rpm python3-shaptools-0.3.3-bp151.8.1.noarch.rpm saphanabootstrap-formula-0.3.2-bp151.8.1.noarch.rpm saphanabootstrap-formula-0.3.2-bp151.8.1.src.rpm openSUSE-2019-2660 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuhealth, gnuhealth-client, proteus, tryton, trytond, trytond_account, trytond_account_product, trytond_product, trytond_stock_supply fixes the following issues: - proteus was updated to version 4.6.9 - Bugfix Release - tryton was updated to version 4.6.24 - Bugfix Release - trytond was updated to version 4.6.22 - Bugfix Release - trytond_account was updated to version 4.6.11 - Bugfix Release - trytond_account_product was updated to version 4.6.2 - Bugfix Release - trytond_product was updated to version 4.6.1 - Bugfix Release - trytond_stock_supply was updated to version 4.6.4 - Bugfix Release This update was imported from the openSUSE:Leap:15.1:Update update project. gnuhealth-client-3.4.4-bp151.3.6.1.noarch.rpm gnuhealth-client-3.4.4-bp151.3.6.1.src.rpm gnuhealth-3.4.1-bp151.3.6.1.noarch.rpm gnuhealth-3.4.1-bp151.3.6.1.src.rpm proteus-4.6.9-bp151.3.3.1.noarch.rpm proteus-4.6.9-bp151.3.3.1.src.rpm tryton-4.6.24-bp151.3.6.1.noarch.rpm tryton-4.6.24-bp151.3.6.1.src.rpm trytond-4.6.22-bp151.3.9.1.noarch.rpm trytond-4.6.22-bp151.3.9.1.src.rpm trytond_account-4.6.11-bp151.3.6.1.noarch.rpm trytond_account-4.6.11-bp151.3.6.1.src.rpm trytond_account_product-4.6.2-bp151.3.3.1.noarch.rpm trytond_account_product-4.6.2-bp151.3.3.1.src.rpm trytond_product-4.6.1-bp151.3.3.1.noarch.rpm trytond_product-4.6.1-bp151.3.3.1.src.rpm trytond_stock_supply-4.6.4-bp151.3.3.1.noarch.rpm trytond_stock_supply-4.6.4-bp151.3.3.1.src.rpm openSUSE-2019-2648 moderate openSUSE Backports SLE-15-SP1 Update This update for python-pep8 fixes the following issues: - Fix test failures with more recent versions of Python (gh#PyCQA/pycodestyle#786 and gh#PyCQA/pycodestyle#801) This update was imported from the openSUSE:Leap:15.0:Update update project. python-pep8-1.7.0-bp151.4.3.1.src.rpm python2-pep8-1.7.0-bp151.4.3.1.noarch.rpm python3-pep8-1.7.0-bp151.4.3.1.noarch.rpm openSUSE-2019-2649 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuhealth-thalamus fixes the following issues: Version 0.9.11 update. This update was imported from the openSUSE:Leap:15.1:Update update project. gnuhealth-thalamus-0.9.11-bp151.2.6.1.noarch.rpm gnuhealth-thalamus-0.9.11-bp151.2.6.1.src.rpm openSUSE-2019-2653 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: Update to version 0.6.6 + Fixed lowercased album artist in playlist column + Fixed compiling with different optional features turned off + Fixed hang in stream discoverer with certain formats + Fixed Subsonic to correctly read disc + Fixed preventing system logoff or shutdown + Fixed correctly updating compilations + Simplified gstreamer pipeline code + Disabled showing analyzer for bit depths not supported by the analyzer + Made stereo balancer independent from equalizer + Added option to prefer album artist when sending scrobbles + Removed lines in settings + Added limit for number of tagreader processes to 2 + Improved system theme icon option to better pick correct icons + Added option to automatically select current playing track + (Windows) Added support for WASAPI Update to version 0.6.5 + Fixed scrobbler not to send scrobbles multiple times when metadata is updated + Fixed Listenbrainz scrobbler not to send "various artists" as album artist + Fixed missing cover image in OSD pretty reposition image + Fixed OSD pretty upper left positioning + Fixed OSD pretty positioning on Windows on screens with negative geometry + Fixed appdata file to pass full validation Update to version 0.6.4 + Added setting for fancy tabbar background color + Added setting to make marking songs unavailable optional + Added lyrics from lyrics.ovh and lololyrics.com + Fixed so that Subsonic verify certificate setting takes affect immediately + Fixed all services to follow redirects + Fixed so that songs with different albums are not treated as duplicates + Fixed SingleApplication to use native system calls on Linux for getting username + Added stream discoverer to gstreamer pipeline to detect stream filetype, samplerate and bit depth + Disabled video in gstreamer pipeline + Fixed ampache compatibility + Fixed lyrics searcher not to try search for lyrics with empty song artist or title + Fixed Qobuz login to send mac address as device manufacturer id on login + Fixed Qobuz invalid signature parameter error when retrieving stream urls + Fixed player not using preloaded stream url causing gapless playback to break + Increased preload gap for gstreamer to make sure gapless playback works better + Fixed setting and resetting temporary metadata for next playlist item + Replaced media buttons with more correct ones + Fixed windows thumbbar + Lowered required Subsonic API version to 1.11.0 + Fixed Subsonic to allow empty artist and album in song replies + Added Russian translations + Fixed some services API urls using http to use https + Fixed restoring to original window size when restoring from system tray + Updated 3rdparty taglib This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.6-bp151.2.6.1.src.rpm strawberry-0.6.6-bp151.2.6.1.x86_64.rpm openSUSE-2019-2655 moderate openSUSE Backports SLE-15-SP1 Update This update for calamares fixes the following issues: - Launch with "pkexec calamares" in openSUSE Tumbleweed, but launch with "xdg-su -c calamares" in openSUSE Leap 15. Update to Calamares 3.2.15: - "displaymanager" module now treats "sysconfig" as a regular entry in the "displaymanagers" list, and the "sysconfigSetup" key is used as a shorthand to force only that entry in the list. - "machineid" module has been re-written in C++ and extended with a new configuration key to generate urandom pool data. - "unpackfs" now supports a special "sourcefs" value of file for copying single files (optionally with renaming) or directory trees to the target system. - "unpackfs" now support an "exclude" and "excludeFile" setting for excluding particular files or patters from unpacking. Update to Calamares 3.2.14: - "locale" module no longer recognizes the legacy GeoIP configuration. This has been deprecated since Calamares 3.2.8 and is now removed. - "packagechooser" module can now be custom-labeled in the overall progress (left-hand column). - "displaymanager" module now recognizes KDE Plasma 5.17. - "displaymanager" module now can handle Wayland sessions and can detect sessions from their .desktop files. - "unpackfs" now has special handling for sourcefs setting “file”. Update to Calamares 3.2.13. More about upstream changes: https://calamares.io/calamares-3.2.13-is-out/ and https://calamares.io/calamares-3.2.12-is-out/ Update to Calamares 3.2.11: - Fix race condition in modules/luksbootkeyfile/main.py (boo#1140256, CVE-2019-13178) - more about upstream changes in 3.2 versions can be found in https://calamares.io/ and https://github.com/calamares/calamares/releases This update was imported from the openSUSE:Leap:15.1:Update update project. calamares-3.2.15-bp151.4.3.1.src.rpm calamares-3.2.15-bp151.4.3.1.x86_64.rpm calamares-branding-upstream-3.2.15-bp151.4.3.1.noarch.rpm calamares-webview-3.2.15-bp151.4.3.1.x86_64.rpm calamares-3.2.15-bp151.4.3.1.aarch64.rpm calamares-webview-3.2.15-bp151.4.3.1.aarch64.rpm openSUSE-2019-2666 moderate openSUSE Backports SLE-15-SP1 Update This update for smc-tools fixes the following issues: smc-tools was upgraded to version 1.2.1 (Fate#327839, bsc#1153947) * Version 1.2.1 Bug fixes: - smc_rnics: Install man page on s390 only - smc-preload: Handle behavior flags in type argument to socket() call - smc_pnet: changes in support of kernel 5.1 * Version 1.2.0 - Changes: - smc_rnics: Initial version added - smc_dbg: Initial version added - Bug fixes: - smcss: Parse address family of ip address This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. smc-tools-1.2.1-bp151.2.3.1.src.rpm smc-tools-1.2.1-bp151.2.3.1.x86_64.rpm smc-tools-1.2.1-bp151.2.3.1.aarch64.rpm smc-tools-1.2.1-bp151.2.3.1.ppc64le.rpm openSUSE-2019-2663 moderate openSUSE Backports SLE-15-SP1 Update This update for suse-xsl-stylesheets fixes the following issues: - Fix old documentation link to add https protocol. (bsc#1157783) - Fix for SUSE XSL stylesheets. (bsc#1157783) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. suse-xsl-stylesheets-2.0.15-bp151.2.3.1.noarch.rpm suse-xsl-stylesheets-2.0.15-bp151.2.3.1.src.rpm openSUSE-2019-2678 low openSUSE Backports SLE-15-SP1 Update Fix CVE-2019-19118 (boo#1157705) This update was imported from the openSUSE:Leap:15.1:Update update project. python-Django-2.2.8-bp151.3.6.1.src.rpm python3-Django-2.2.8-bp151.3.6.1.noarch.rpm openSUSE-2019-2679 important openSUSE Backports SLE-15-SP1 Update This update for ceph fixes the following issue: - A previous update introduced a regression with the potential to cause RocksDB data corruption in Nautilus (bsc#1156282). Also openSUSE-release-tools is included in this update, to align permissions of /etc/grafana between ceph and openSUSE-release-tools. This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. openSUSE-release-tools-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-20191129.411c0452-bp151.3.6.1.src.rpm openSUSE-release-tools-abichecker-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-announcer-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-check-source-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-devel-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-leaper-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-maintenance-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-metrics-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-metrics-access-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-obs-operator-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-origin-manager-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-pkglistgen-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-repo-checker-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-release-tools-staging-bot-20191129.411c0452-bp151.3.6.1.noarch.rpm osc-plugin-cycle-20191129.411c0452-bp151.3.6.1.noarch.rpm osc-plugin-origin-20191129.411c0452-bp151.3.6.1.noarch.rpm osc-plugin-staging-20191129.411c0452-bp151.3.6.1.noarch.rpm osclib-20191129.411c0452-bp151.3.6.1.noarch.rpm openSUSE-2019-2680 moderate openSUSE Backports SLE-15-SP1 Update This update for kde-print-manager fixes the following issues: - Add patch to fix crash with duplicate job ids (boo#1158246, kde#326289): kde-print-manager-18.12.3-bp151.3.3.1.src.rpm kde-print-manager-18.12.3-bp151.3.3.1.x86_64.rpm kde-print-manager-lang-18.12.3-bp151.3.3.1.noarch.rpm kde-print-manager-18.12.3-bp151.3.3.1.aarch64.rpm kde-print-manager-18.12.3-bp151.3.3.1.ppc64le.rpm kde-print-manager-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2019-2694 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 79.0.3945.79 (boo#1158982) - CVE-2019-13725: Fixed a use after free in Bluetooth - CVE-2019-13726: Fixed a heap buffer overflow in password manager - CVE-2019-13727: Fixed an insufficient policy enforcement in WebSockets - CVE-2019-13728: Fixed an out of bounds write in V8 - CVE-2019-13729: Fixed a use after free in WebSockets - CVE-2019-13730: Fixed a type Confusion in V8 - CVE-2019-13732: Fixed a use after free in WebAudio - CVE-2019-13734: Fixed an out of bounds write in SQLite - CVE-2019-13735: Fixed an out of bounds write in V8 - CVE-2019-13764: Fixed a type Confusion in V8 - CVE-2019-13736: Fixed an integer overflow in PDFium - CVE-2019-13737: Fixed an insufficient policy enforcement in autocomplete - CVE-2019-13738: Fixed an insufficient policy enforcement in navigation - CVE-2019-13739: Fixed an incorrect security UI in Omnibox - CVE-2019-13740: Fixed an incorrect security UI in sharing - CVE-2019-13741: Fixed an insufficient validation of untrusted input in Blink - CVE-2019-13742: Fixed an incorrect security UI in Omnibox - CVE-2019-13743: Fixed an incorrect security UI in external protocol handling - CVE-2019-13744: Fixed an insufficient policy enforcement in cookies - CVE-2019-13745: Fixed an insufficient policy enforcement in audio - CVE-2019-13746: Fixed an insufficient policy enforcement in Omnibox - CVE-2019-13747: Fixed an uninitialized Use in rendering - CVE-2019-13748: Fixed an insufficient policy enforcement in developer tools - CVE-2019-13749: Fixed an incorrect security UI in Omnibox - CVE-2019-13750: Fixed an insufficient data validation in SQLite - CVE-2019-13751: Fixed an uninitialized Use in SQLite - CVE-2019-13752: Fixed an out of bounds read in SQLite - CVE-2019-13753: Fixed an out of bounds read in SQLite - CVE-2019-13754: Fixed an insufficient policy enforcement in extensions - CVE-2019-13755: Fixed an insufficient policy enforcement in extensions - CVE-2019-13756: Fixed an incorrect security UI in printing - CVE-2019-13757: Fixed an incorrect security UI in Omnibox - CVE-2019-13758: Fixed an insufficient policy enforcement in navigation - CVE-2019-13759: Fixed an incorrect security UI in interstitials - CVE-2019-13761: Fixed an incorrect security UI in Omnibox - CVE-2019-13762: Fixed an insufficient policy enforcement in downloads - CVE-2019-13763: Fixed an insufficient policy enforcement in payments This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-79.0.3945.79-bp151.3.35.1.x86_64.rpm chromium-79.0.3945.79-bp151.3.35.1.src.rpm chromium-79.0.3945.79-bp151.3.35.1.x86_64.rpm chromedriver-79.0.3945.79-bp151.3.35.1.aarch64.rpm chromium-79.0.3945.79-bp151.3.35.1.aarch64.rpm openSUSE-2019-2707 moderate openSUSE Backports SLE-15-SP1 Update This update for krdc fixes the following issues: - Add 0001-RDP-Warn-if-trying-to-share-a-non-existing-folder.patch to prevent silent connection errors if the shared folder doesn't exist (boo#1135364, kde#394551) This update was imported from the openSUSE:Leap:15.1:Update update project. krdc-18.12.3-bp151.3.6.1.src.rpm krdc-18.12.3-bp151.3.6.1.x86_64.rpm krdc-devel-18.12.3-bp151.3.6.1.x86_64.rpm krdc-lang-18.12.3-bp151.3.6.1.noarch.rpm openSUSE-2020-14 moderate openSUSE Backports SLE-15-SP1 Update This update for php7-imagick fixes the following issues: Upgrade to version 3.4.4: Added: * function Imagick::optimizeImageTransparency() * METRIC_STRUCTURAL_SIMILARITY_ERROR * METRIC_STRUCTURAL_DISSIMILARITY_ERROR * COMPRESSION_ZSTD - https://github.com/facebook/zstd * COMPRESSION_WEBP * CHANNEL_COMPOSITE_MASK * FILTER_CUBIC_SPLINE - "Define the lobes with the -define filter:lobes={2,3,4} (reference https://imagemagick.org/discourse-server/viewtopic.php?f=2&t=32506)." * Imagick now explicitly conflicts with the Gmagick extension. Fixes: * Correct version check to make RemoveAlphaChannel and FlattenAlphaChannel be available when using Imagick with ImageMagick version 6.7.8-x * Bug 77128 - Imagick::setImageInterpolateMethod() not available on Windows * Prevent memory leak when ImagickPixel::__construct called after object instantiation. * Prevent segfault when ImagickPixel internal constructor not called. * Imagick::setResourceLimit support for values larger than 2GB (2^31) on 32bit platforms. * Corrected memory overwrite in Imagick::colorDecisionListImage() * Bug 77791 - ImagickKernel::fromMatrix() out of bounds write. Fixes CVE-2019-11037, boo#1135418 The following functions have been deprecated: * ImagickDraw, matte * Imagick::averageimages * Imagick::colorfloodfillimage * Imagick::filter * Imagick::flattenimages * Imagick::getimageattribute * Imagick::getimagechannelextrema * Imagick::getimageclipmask * Imagick::getimageextrema * Imagick::getimageindex * Imagick::getimagematte * Imagick::getimagemattecolor * Imagick::getimagesize * Imagick::mapimage * Imagick::mattefloodfillimage * Imagick::medianfilterimage * Imagick::mosaicimages * Imagick::orderedposterizeimage * Imagick::paintfloodfillimage * Imagick::paintopaqueimage * Imagick::painttransparentimage * Imagick::radialblurimage * Imagick::recolorimage * Imagick::reducenoiseimage * Imagick::roundcornersimage * Imagick::roundcorners * Imagick::setimageattribute * Imagick::setimagebias * Imagick::setimageclipmask * Imagick::setimageindex * Imagick::setimagemattecolor * Imagick::setimagebiasquantum * Imagick::setimageopacity * Imagick::transformimage php7-imagick-3.4.4-bp151.2.3.1.src.rpm php7-imagick-3.4.4-bp151.2.3.1.x86_64.rpm php7-imagick-3.4.4-bp151.2.3.1.aarch64.rpm php7-imagick-3.4.4-bp151.2.3.1.ppc64le.rpm php7-imagick-3.4.4-bp151.2.3.1.s390x.rpm openSUSE-2020-531 moderate openSUSE Backports SLE-15-SP1 Update This update for keepalived fixes the following issues: - update to 2.0.19 For the detailed changelog see https://keepalived.org/changelog.html - new BR pkgconfig(libnftnl) to fix nftables support keepalived-2.0.19-bp151.3.3.2.src.rpm keepalived-2.0.19-bp151.3.3.2.x86_64.rpm keepalived-2.0.19-bp151.3.3.2.aarch64.rpm keepalived-2.0.19-bp151.3.3.2.ppc64le.rpm keepalived-2.0.19-bp151.3.3.2.s390x.rpm openSUSE-2020-17 moderate openSUSE Backports SLE-15-SP1 Update This update for kpimtextedit fixes the following issues: - Add upstream patches to fix pasting URI in composer not adding href in richtext mode: (boo#1141308, kde#409695) kpimtextedit-18.12.3-bp151.3.3.1.src.rpm kpimtextedit-18.12.3-bp151.3.3.1.x86_64.rpm kpimtextedit-devel-18.12.3-bp151.3.3.1.x86_64.rpm kpimtextedit-lang-18.12.3-bp151.3.3.1.noarch.rpm libKF5PimTextEdit5-18.12.3-bp151.3.3.1.x86_64.rpm kpimtextedit-18.12.3-bp151.3.3.1.aarch64.rpm kpimtextedit-devel-18.12.3-bp151.3.3.1.aarch64.rpm libKF5PimTextEdit5-18.12.3-bp151.3.3.1.aarch64.rpm kpimtextedit-18.12.3-bp151.3.3.1.ppc64le.rpm kpimtextedit-devel-18.12.3-bp151.3.3.1.ppc64le.rpm libKF5PimTextEdit5-18.12.3-bp151.3.3.1.ppc64le.rpm kpimtextedit-18.12.3-bp151.3.3.1.s390x.rpm kpimtextedit-devel-18.12.3-bp151.3.3.1.s390x.rpm libKF5PimTextEdit5-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2019-2712 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 79.0.3945.88: - CVE-2019-13767: Fixed a use after free in media picker (boo#1159498) chromedriver-79.0.3945.88-bp151.3.38.1.x86_64.rpm chromedriver-debuginfo-79.0.3945.88-bp151.3.38.1.x86_64.rpm chromium-79.0.3945.88-bp151.3.38.1.src.rpm chromium-79.0.3945.88-bp151.3.38.1.x86_64.rpm chromium-debuginfo-79.0.3945.88-bp151.3.38.1.x86_64.rpm chromium-debugsource-79.0.3945.88-bp151.3.38.1.x86_64.rpm chromedriver-79.0.3945.88-bp151.3.38.1.aarch64.rpm chromedriver-debuginfo-79.0.3945.88-bp151.3.38.1.aarch64.rpm chromium-79.0.3945.88-bp151.3.38.1.aarch64.rpm chromium-debuginfo-79.0.3945.88-bp151.3.38.1.aarch64.rpm chromium-debugsource-79.0.3945.88-bp151.3.38.1.aarch64.rpm openSUSE-2020-24 moderate openSUSE Backports SLE-15-SP1 Update This update for ffmpeg-4 fixes the following issues: ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified. (bsc#1133153) - For other changes see /usr/share/doc/packages/libavcodec58/Changelog Update to version 4.2.1: * Stable bug fix release, mainly codecs and format fixes. - CVE-2019-15942: Conditional jump or move depends on uninitialised value" issue in h2645_parse (boo#1149839) Update to FFmpeg 4.2 "Ada" * tpad filter * AV1 decoding support through libdav1d * dedot filter * chromashift and rgbashift filters * freezedetect filter * truehd_core bitstream filter * dhav demuxer * PCM-DVD encoder * GIF parser * vividas demuxer * hymt decoder * anlmdn filter * maskfun filter * hcom demuxer and decoder * ARBC decoder * libaribb24 based ARIB STD-B24 caption support (profiles A and C) * Support decoding of HEVC 4:4:4 content in nvdec and cuviddec * removed libndi-newtek * agm decoder * KUX demuxer * AV1 frame split bitstream filter * lscr decoder * lagfun filter * asoftclip filter * Support decoding of HEVC 4:4:4 content in vdpau * colorhold filter * xmedian filter * asr filter * showspatial multimedia filter * VP4 video decoder * IFV demuxer * derain filter * deesser filter * mov muxer writes tracks with unspecified language instead of English by default * added support for using clang to compile CUDA kernels - See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. Update to version 4.1.4 * See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. - Enable runtime enabling for fdkaac via --enable-libfdk-aac-dlopen Update to version 4.1.3: * Updates and bug fixes for codecs, filters and formats. [boo#1133153, boo#1133155, CVE-2019-11338, CVE-2019-11339] Update to version 4.1.2: * Updates and bug fixes for codecs, filters and formats. Update to version 4.1.1: * Various filter and codec fixes and enhancements. * configure: Add missing xlib dependency for VAAPI X11 code. * For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog * enable AV1 support on x86_64 Update ffmpeg to 4.1: * Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz, aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip, lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue, transpose_npp, amultiply, Block-Matching 3d (bm3d) denoising filter, acrossover filter, audio denoiser as afftdn filter, sinc audio filter source, chromahold, setparams, vibrance, xstack, (a)graphmonitor filter yadif_cuda filter. * AV1 parser * Support for AV1 in MP4 * PCM VIDC decoder and encoder * libtensorflow backend for DNN based filters like srcnn * -- The following only enabled in third-party builds: * ATRAC9 decoder * AVS2 video decoder via libdavs2 * IMM4 video decoder * Brooktree ProSumer video decoder * MatchWare Screen Capture Codec decoder * WinCam Motion Video decoder * RemotelyAnywhere Screen Capture decoder * AVS2 video encoder via libxavs2 * ILBC decoder * SER demuxer * Decoding S12M timecode in H264 * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1 Update ffmpeg to 4.0.3: * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3 - CVE-2018-13305: Added a missing check for negative values of mqaunt variable (boo#1100345). ffmpeg-4-4.2.1-bp151.5.3.1.src.rpm ffmpeg-4-debugsource-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-private-devel-4.2.1-bp151.5.3.1.x86_64.rpm libavcodec58-4.2.1-bp151.5.3.1.x86_64.rpm libavcodec58-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libavdevice58-4.2.1-bp151.5.3.1.x86_64.rpm libavdevice58-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libavfilter7-4.2.1-bp151.5.3.1.x86_64.rpm libavfilter7-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libavformat58-4.2.1-bp151.5.3.1.x86_64.rpm libavformat58-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libavresample4-4.2.1-bp151.5.3.1.x86_64.rpm libavresample4-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libavutil56-4.2.1-bp151.5.3.1.x86_64.rpm libavutil56-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libpostproc55-4.2.1-bp151.5.3.1.x86_64.rpm libpostproc55-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libswresample3-4.2.1-bp151.5.3.1.x86_64.rpm libswresample3-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm libswscale5-4.2.1-bp151.5.3.1.x86_64.rpm libswscale5-debuginfo-4.2.1-bp151.5.3.1.x86_64.rpm ffmpeg-4-debugsource-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-private-devel-4.2.1-bp151.5.3.1.aarch64.rpm libavcodec58-4.2.1-bp151.5.3.1.aarch64.rpm libavcodec58-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavcodec58-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavcodec58-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libavdevice58-4.2.1-bp151.5.3.1.aarch64.rpm libavdevice58-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavdevice58-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavdevice58-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libavfilter7-4.2.1-bp151.5.3.1.aarch64.rpm libavfilter7-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavfilter7-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavfilter7-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libavformat58-4.2.1-bp151.5.3.1.aarch64.rpm libavformat58-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavformat58-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavformat58-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libavresample4-4.2.1-bp151.5.3.1.aarch64.rpm libavresample4-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavresample4-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavresample4-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libavutil56-4.2.1-bp151.5.3.1.aarch64.rpm libavutil56-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavutil56-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libavutil56-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libpostproc55-4.2.1-bp151.5.3.1.aarch64.rpm libpostproc55-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libpostproc55-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libpostproc55-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libswresample3-4.2.1-bp151.5.3.1.aarch64.rpm libswresample3-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libswresample3-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libswresample3-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm libswscale5-4.2.1-bp151.5.3.1.aarch64.rpm libswscale5-64bit-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libswscale5-64bit-debuginfo-4.2.1-bp151.5.3.1.aarch64_ilp32.rpm libswscale5-debuginfo-4.2.1-bp151.5.3.1.aarch64.rpm ffmpeg-4-debugsource-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-private-devel-4.2.1-bp151.5.3.1.ppc64le.rpm libavcodec58-4.2.1-bp151.5.3.1.ppc64le.rpm libavcodec58-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libavdevice58-4.2.1-bp151.5.3.1.ppc64le.rpm libavdevice58-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libavfilter7-4.2.1-bp151.5.3.1.ppc64le.rpm libavfilter7-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libavformat58-4.2.1-bp151.5.3.1.ppc64le.rpm libavformat58-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libavresample4-4.2.1-bp151.5.3.1.ppc64le.rpm libavresample4-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libavutil56-4.2.1-bp151.5.3.1.ppc64le.rpm libavutil56-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libpostproc55-4.2.1-bp151.5.3.1.ppc64le.rpm libpostproc55-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libswresample3-4.2.1-bp151.5.3.1.ppc64le.rpm libswresample3-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm libswscale5-4.2.1-bp151.5.3.1.ppc64le.rpm libswscale5-debuginfo-4.2.1-bp151.5.3.1.ppc64le.rpm ffmpeg-4-debugsource-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1.s390x.rpm ffmpeg-4-private-devel-4.2.1-bp151.5.3.1.s390x.rpm libavcodec58-4.2.1-bp151.5.3.1.s390x.rpm libavcodec58-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libavdevice58-4.2.1-bp151.5.3.1.s390x.rpm libavdevice58-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libavfilter7-4.2.1-bp151.5.3.1.s390x.rpm libavfilter7-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libavformat58-4.2.1-bp151.5.3.1.s390x.rpm libavformat58-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libavresample4-4.2.1-bp151.5.3.1.s390x.rpm libavresample4-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libavutil56-4.2.1-bp151.5.3.1.s390x.rpm libavutil56-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libpostproc55-4.2.1-bp151.5.3.1.s390x.rpm libpostproc55-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libswresample3-4.2.1-bp151.5.3.1.s390x.rpm libswresample3-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm libswscale5-4.2.1-bp151.5.3.1.s390x.rpm libswscale5-debuginfo-4.2.1-bp151.5.3.1.s390x.rpm openSUSE-2020-26 moderate openSUSE Backports SLE-15-SP1 Update This update for gummi fixes the following issues: gummi was updated to version 0.8.0 (see boo#1154704): * Migrated codebase GTK2->GTK3 * Open multiple files at once from command line * Replaced use of old bundled synctex (for system synctex) * Monitor document for external changes * Automatically scroll build log to end * Allow editor themes/styles from a custom filepath * Visual improvements to file saving dialog * Remember preview scroll position and zoom mode per tab * Bugs fixed: - Replace all is now one action for sane undo/redo'ing - Fix erroneous return code for makeindex - Fix gtkspell init failure when EN language unavailable - Fix inconsistent wholeword text searching - Build script fixes for MacOSX - Show statusbar message when PDF creation fails - Fix rare hang on gummi exit - Now suggests file extension on save window - Run bibtex menu item no longer disabled after running - Replaced multiple homebrew functions with glib - Fix jumping editor caret on closing search - Allow using synctex when using rubber - A multitude of minor fixes gummi-0.8.0-bp151.4.3.1.src.rpm gummi-0.8.0-bp151.4.3.1.x86_64.rpm gummi-lang-0.8.0-bp151.4.3.1.noarch.rpm gummi-0.8.0-bp151.4.3.1.aarch64.rpm gummi-0.8.0-bp151.4.3.1.ppc64le.rpm gummi-0.8.0-bp151.4.3.1.s390x.rpm openSUSE-2020-30 moderate openSUSE Backports SLE-15-SP1 Update This update for mailgraph fixes the following issues: Fixed for break from last maintenance update (boo#1138214) * fix filling of empty sysconfig vars - MAILGRAPH_LOG_TYPE="syslog" - MAILGRAPH_LOG_FILE="/var/log/mail" * remove '-d' option from MAILGRAPH_OPTS - MAILGRAPH_OPTS=" -v" - fix sysconfig file * for systemd there needs to be a [SPACE] before first option - Removed ExecStop from service file, since it is not needed and systemd can keep track ot the process by itself. - Adjusted ExecStart in service file to use $MAILGRAPH_OPTS instead of ${MAILGRAPH_OPTS}, so that parameters are properly passed to mailgraph script. - Removed "-d" from MAILGRAPH_OPTS in sysconfig file, since the script should not run in deamon mode by default, but rather should keep running continiously (in the foreground) so that systemd can properly track the status. This is something that might need to be re-adjusted on systems where this package is already installed. mailgraph-1.14-bp151.4.6.2.noarch.rpm mailgraph-1.14-bp151.4.6.2.src.rpm openSUSE-2020-31 moderate openSUSE Backports SLE-15-SP1 Update This update for proftpd fixes the following issues: * GeoIP has been discontinued by Maxmind (boo#1156210) This update removes module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuation-notice/ - CVE-2019-19269: Fixed a NULL pointer dereference may occur when validating the certificate of a client connecting to the server (boo#1157803) - CVE-2019-19270: Fixed a Failure to check for the appropriate field of a CRL entry prevents some valid CRLs from being taken into account (boo#1157798) - CVE-2019-18217: Fixed remote unauthenticated denial-of-service due to incorrect handling of overly long commands (boo#1154600 gh#846) Update to 1.3.6b * Fixed pre-authentication remote denial-of-service issue (Issue #846). * Backported fix for building mod_sql_mysql using MySQL 8 (Issue #824). Update to 1.3.6a: * Fixed symlink navigation (Bug#4332). * Fixed building of mod_sftp using OpenSSL 1.1.x releases (Issue#674). * Fixed SITE COPY honoring of <Limit> restrictions (Bug#4372). * Fixed segfault on login when using mod_sftp + mod_sftp_pam (Issue#656). * Fixed restarts when using mod_facl as a static module * Add missing Requires(pre): group(ftp) for Leap 15 and Tumbleweed (boo#1155834) * Add missing Requires(pre): user(ftp) for Leap 15 and Tumbleweed (boo#1155834) * Use pam_keyinit.so (boo#1144056) - Reduce hard dependency on systemd to only that which is necessary for building and installation. update to 1.3.6: * Support for using Redis for caching, logging; see the doc/howto/Redis.html documentation. * Fixed mod_sql_postgres SSL support (Issue #415). * Support building against LibreSSL instead of OpenSSL (Issue #361). * Better support on AIX for login restraictions (Bug #4285). * TimeoutLogin (and other timeouts) were not working properly for SFTP connections (Bug#4299). * Handling of the SIGILL and SIGINT signals, by the daemon process, now causes the child processes to be terminated as well (Issue #461). * RPM .spec file naming changed to conform to Fedora guidelines. * Fix for "AllowChrootSymlinks off" checking each component for symlinks (CVE-2017-7418). New Modules: * mod_redis, mod_tls_redis, mod_wrap2_redis With Redis now supported as a caching mechanism, similar to Memcache, there are now Redis-using modules: mod_redis (for configuring the Redis connection information), mod_tls_redis (for caching SSL sessions and OCSP information using Redis), and mod_wrap2_redis (for using ACLs stored in Redis). Changed Modules: * mod_ban: The mod_ban module's BanCache directive can now use Redis-based caching; see doc/contrib/mod_ban.html#BanCache. -New Configuration Directives * SQLPasswordArgon2, SQLPasswordScrypt The key lengths for Argon2 and Scrypt-based passwords are now configurable via these new directives; previously, the key length had been hardcoded to be 32 bytes, which is not interoperable with all other implementations (Issue #454). Changed Configuration Directives * AllowChrootSymlinks When "AllowChrootSymlinks off" was used, only the last portion of the DefaultRoot path would be checked to see if it was a symlink. Now, each component of the DefaultRoot path will be checked to see if it is a symlink when "AllowChrootSymlinks off" is used. * Include The Include directive can now be used within a <Limit> section, e.g.: <Limit LOGIN> Include /path/to/allowed.txt DenyAll </Limit> API Changes * A new JSON API has been added, for use by third-party modules. proftpd-1.3.6b-bp151.4.6.2.src.rpm proftpd-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-devel-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-doc-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-lang-1.3.6b-bp151.4.6.2.noarch.rpm proftpd-ldap-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-mysql-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-pgsql-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-radius-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-sqlite-1.3.6b-bp151.4.6.2.x86_64.rpm proftpd-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-devel-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-doc-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-ldap-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-mysql-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-pgsql-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-radius-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-sqlite-1.3.6b-bp151.4.6.2.aarch64.rpm proftpd-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-devel-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-doc-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-ldap-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-mysql-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-pgsql-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-radius-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-sqlite-1.3.6b-bp151.4.6.2.ppc64le.rpm proftpd-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-devel-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-doc-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-ldap-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-mysql-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-pgsql-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-radius-1.3.6b-bp151.4.6.2.s390x.rpm proftpd-sqlite-1.3.6b-bp151.4.6.2.s390x.rpm openSUSE-2020-44 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: keepassxc was updated to version 2.5.2: * https://github.com/keepassxreboot/keepassxc/releases/tag/2.5.2 * https://github.com/keepassxreboot/keepassxc/releases/tag/2.5.1 * https://github.com/keepassxreboot/keepassxc/releases/tag/2.5.0 keepassxc-2.5.2-bp151.3.6.1.src.rpm keepassxc-2.5.2-bp151.3.6.1.x86_64.rpm keepassxc-lang-2.5.2-bp151.3.6.1.noarch.rpm keepassxc-2.5.2-bp151.3.6.1.aarch64.rpm keepassxc-2.5.2-bp151.3.6.1.s390x.rpm openSUSE-2020-4 important openSUSE Backports SLE-15-SP1 Update This update for chromium version 79.0.3945.117 fixes the following issues: - CVE-2020-6377: Fixed a use-after-free in audio - Various fixes from internal audits, fuzzing and other initiatives chromedriver-79.0.3945.117-bp151.3.41.1.x86_64.rpm chromedriver-debuginfo-79.0.3945.117-bp151.3.41.1.x86_64.rpm chromium-79.0.3945.117-bp151.3.41.1.src.rpm chromium-79.0.3945.117-bp151.3.41.1.x86_64.rpm chromium-debuginfo-79.0.3945.117-bp151.3.41.1.x86_64.rpm chromium-debugsource-79.0.3945.117-bp151.3.41.1.x86_64.rpm chromedriver-79.0.3945.117-bp151.3.41.1.aarch64.rpm chromedriver-debuginfo-79.0.3945.117-bp151.3.41.1.aarch64.rpm chromium-79.0.3945.117-bp151.3.41.1.aarch64.rpm chromium-debuginfo-79.0.3945.117-bp151.3.41.1.aarch64.rpm chromium-debugsource-79.0.3945.117-bp151.3.41.1.aarch64.rpm openSUSE-2020-56 important openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin to version 4.9.4 fixes the following issues: - CVE-2020-5504: SQL injection in user accounts page (boo#1160456). phpMyAdmin-4.9.4-bp151.3.12.1.noarch.rpm phpMyAdmin-4.9.4-bp151.3.12.1.src.rpm openSUSE-2020-7 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 79.0.3945.88: - CVE-2019-13767: Fixed a use after free in media picker (boo#1159498) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-79.0.3945.88-bp151.3.44.2.x86_64.rpm chromium-79.0.3945.88-bp151.3.44.2.src.rpm chromium-79.0.3945.88-bp151.3.44.2.x86_64.rpm chromedriver-79.0.3945.88-bp151.3.44.2.aarch64.rpm chromium-79.0.3945.88-bp151.3.44.2.aarch64.rpm openSUSE-2020-9 important openSUSE Backports SLE-15-SP1 Update This update for chromium version 79.0.3945.117 fixes the following issues: - CVE-2020-6377: Fixed a use-after-free in audio - Various fixes from internal audits, fuzzing and other initiatives This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-79.0.3945.117-bp151.3.47.1.x86_64.rpm chromium-79.0.3945.117-bp151.3.47.1.src.rpm chromium-79.0.3945.117-bp151.3.47.1.x86_64.rpm libre2-0-20200101-bp151.6.6.1.x86_64.rpm libre2-0-debuginfo-20200101-bp151.6.6.1.x86_64.rpm re2-20200101-bp151.6.6.1.src.rpm re2-debugsource-20200101-bp151.6.6.1.x86_64.rpm re2-devel-20200101-bp151.6.6.1.x86_64.rpm chromedriver-79.0.3945.117-bp151.3.47.1.aarch64.rpm chromium-79.0.3945.117-bp151.3.47.1.aarch64.rpm libre2-0-20200101-bp151.6.6.1.aarch64.rpm libre2-0-64bit-20200101-bp151.6.6.1.aarch64_ilp32.rpm libre2-0-64bit-debuginfo-20200101-bp151.6.6.1.aarch64_ilp32.rpm libre2-0-debuginfo-20200101-bp151.6.6.1.aarch64.rpm re2-debugsource-20200101-bp151.6.6.1.aarch64.rpm re2-devel-20200101-bp151.6.6.1.aarch64.rpm libre2-0-20200101-bp151.6.6.1.ppc64le.rpm libre2-0-debuginfo-20200101-bp151.6.6.1.ppc64le.rpm re2-debugsource-20200101-bp151.6.6.1.ppc64le.rpm re2-devel-20200101-bp151.6.6.1.ppc64le.rpm libre2-0-20200101-bp151.6.6.1.s390x.rpm libre2-0-debuginfo-20200101-bp151.6.6.1.s390x.rpm re2-debugsource-20200101-bp151.6.6.1.s390x.rpm re2-devel-20200101-bp151.6.6.1.s390x.rpm openSUSE-2020-10 important openSUSE Backports SLE-15-SP1 Update This update for chromium, re2 fixes the following issues: Chromium was updated to 78.0.3904.70 boo#1154806: * CVE-2019-13699: Use-after-free in media * CVE-2019-13700: Buffer overrun in Blink * CVE-2019-13701: URL spoof in navigation * CVE-2019-13702: Privilege elevation in Installer * CVE-2019-13703: URL bar spoofing * CVE-2019-13704: CSP bypass * CVE-2019-13705: Extension permission bypass * CVE-2019-13706: Out-of-bounds read in PDFium * CVE-2019-13707: File storage disclosure * CVE-2019-13708: HTTP authentication spoof * CVE-2019-13709: File download protection bypass * CVE-2019-13710: File download protection bypass * CVE-2019-13711: Cross-context information leak * CVE-2019-15903: Buffer overflow in expat * CVE-2019-13713: Cross-origin data leak * CVE-2019-13714: CSS injection * CVE-2019-13715: Address bar spoofing * CVE-2019-13716: Service worker state error * CVE-2019-13717: Notification obscured * CVE-2019-13718: IDN spoof * CVE-2019-13719: Notification obscured * Various fixes from internal audits, fuzzing and other initiatives - Use internal resources for icon and appdata This update was imported from the openSUSE:Leap:15.0:Update update project. chromedriver-78.0.3904.70-bp151.3.50.1.x86_64.rpm chromedriver-debuginfo-78.0.3904.70-bp151.3.50.1.x86_64.rpm chromium-78.0.3904.70-bp151.3.50.1.src.rpm chromium-78.0.3904.70-bp151.3.50.1.x86_64.rpm chromium-debuginfo-78.0.3904.70-bp151.3.50.1.x86_64.rpm chromium-debugsource-78.0.3904.70-bp151.3.50.1.x86_64.rpm libre2-0-20190901-bp151.6.9.1.x86_64.rpm re2-20190901-bp151.6.9.1.src.rpm re2-devel-20190901-bp151.6.9.1.x86_64.rpm chromedriver-78.0.3904.70-bp151.3.50.1.aarch64.rpm chromedriver-debuginfo-78.0.3904.70-bp151.3.50.1.aarch64.rpm chromium-78.0.3904.70-bp151.3.50.1.aarch64.rpm chromium-debuginfo-78.0.3904.70-bp151.3.50.1.aarch64.rpm chromium-debugsource-78.0.3904.70-bp151.3.50.1.aarch64.rpm libre2-0-20190901-bp151.6.9.1.aarch64.rpm libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32.rpm re2-devel-20190901-bp151.6.9.1.aarch64.rpm libre2-0-20190901-bp151.6.9.1.ppc64le.rpm re2-devel-20190901-bp151.6.9.1.ppc64le.rpm libre2-0-20190901-bp151.6.9.1.s390x.rpm re2-devel-20190901-bp151.6.9.1.s390x.rpm openSUSE-2020-53 important openSUSE Backports SLE-15-SP1 Update This update for chromium version 79.0.3945.117 fixes the following issues: - CVE-2020-6377: Fixed a use-after-free in audio - Various fixes from internal audits, fuzzing and other initiatives This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-79.0.3945.117-bp151.3.53.3.x86_64.rpm chromium-79.0.3945.117-bp151.3.53.3.src.rpm chromium-79.0.3945.117-bp151.3.53.3.x86_64.rpm libre2-0-20200101-bp151.6.12.1.x86_64.rpm libre2-0-debuginfo-20200101-bp151.6.12.1.x86_64.rpm re2-20200101-bp151.6.12.1.src.rpm re2-debugsource-20200101-bp151.6.12.1.x86_64.rpm re2-devel-20200101-bp151.6.12.1.x86_64.rpm chromedriver-79.0.3945.117-bp151.3.53.3.aarch64.rpm chromium-79.0.3945.117-bp151.3.53.3.aarch64.rpm libre2-0-20200101-bp151.6.12.1.aarch64.rpm libre2-0-64bit-20200101-bp151.6.12.1.aarch64_ilp32.rpm libre2-0-64bit-debuginfo-20200101-bp151.6.12.1.aarch64_ilp32.rpm libre2-0-debuginfo-20200101-bp151.6.12.1.aarch64.rpm re2-debugsource-20200101-bp151.6.12.1.aarch64.rpm re2-devel-20200101-bp151.6.12.1.aarch64.rpm libre2-0-20200101-bp151.6.12.1.ppc64le.rpm libre2-0-debuginfo-20200101-bp151.6.12.1.ppc64le.rpm re2-debugsource-20200101-bp151.6.12.1.ppc64le.rpm re2-devel-20200101-bp151.6.12.1.ppc64le.rpm libre2-0-20200101-bp151.6.12.1.s390x.rpm libre2-0-debuginfo-20200101-bp151.6.12.1.s390x.rpm re2-debugsource-20200101-bp151.6.12.1.s390x.rpm re2-devel-20200101-bp151.6.12.1.s390x.rpm openSUSE-2020-71 moderate openSUSE Backports SLE-15-SP1 Update This update for httpie fixes the following issues: * Lower requirements for requests and Pygemnts to make it work on Leap 15.1 (boo#1158330) This update was imported from the openSUSE:Leap:15.1:Update update project. httpie-1.0.3-bp151.2.9.1.src.rpm python3-httpie-1.0.3-bp151.2.9.1.noarch.rpm openSUSE-2020-72 moderate openSUSE Backports SLE-15-SP1 Update This update for python-numpy fixes the following issues: - Add new random module including selectable random number generators: MT19937, PCG64, Philox and SFC64 (bsc#1149203) - NumPy's FFT implementation was changed from fftpack to pocketfft, resulting in faster, more accurate transforms and better handling of datasets of prime length. (bsc#1149203) - New radix sort and timsort sorting methods. (bsc#1149203) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.6.1.src.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.6.1.x86_64.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.6.1.x86_64.rpm python-numpy-1.17.3-bp151.2.6.1.src.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.6.1.aarch64.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.6.1.aarch64.rpm python3-numpy-gnu-hpc-1.17.3-bp151.2.6.1.ppc64le.rpm python3-numpy-gnu-hpc-devel-1.17.3-bp151.2.6.1.ppc64le.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.6.1.ppc64le.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.6.1.ppc64le.rpm python3-numpy-gnu-hpc-1.17.3-bp151.2.6.1.s390x.rpm python3-numpy-gnu-hpc-devel-1.17.3-bp151.2.6.1.s390x.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.6.1.s390x.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.6.1.s390x.rpm openSUSE-2020-211 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: strawberry was updated to version 0.6.8: + Fixed stuck tabbar and collection GUI with some themes. + Fixed possible crashes related to QProxyStyle. + Fixed a bug where metadata in the playlist was not updated when editing metadata for the current playing track. + Fixed crash when deleting a folder with playlists. + Fixed restoring to correct screen when maximized. + Increased lyrics score if lyrics text is larger than 60 characters to avoid using "no lyrics available" text. + Made context title and summary changeable. + Added option to disable playlist clear button. + Added confirmation dialog before clearing playlists with more than 500 songs. + Added German, French, Italian and Indonesian translations. + Added StartupWMClass to desktop file. + Replaced use of Qt deprecated functionality as of 5.14. strawberry was updated to version 0.6.7: + Fixed crash when cancelling scrobbler authentication + Fixed "Double clicking a song in the playlist" behaviour setting + Fixed "Pressing Previous in player" behaviour setting + Fixed updating compilations where there are spaces or special characters in filenames + Fixed cases where songs were stuck in "Various Artists" because not all songs in the same compilation was removed from the model before readded with actual artist. + Fixed a bug when importing playlists where metadata was reset + Fixed scrobbler to also scrobble songs without album title + Fixed text for replay gain setting not loading in backend setting + Added back lyrics from Chartlyrics + Added ability to show fullsize cover on double-click in playing widget + Added separator between "unset cover" and "show fullsize" in popup menu + Removed left click on analyzer to popup menu + (Windows) Added killproc executable to terminate running process before uninstalling strawberry-0.6.8-bp151.2.11.2.src.rpm strawberry-0.6.8-bp151.2.11.2.x86_64.rpm strawberry-debuginfo-0.6.8-bp151.2.11.2.x86_64.rpm strawberry-debugsource-0.6.8-bp151.2.11.2.x86_64.rpm openSUSE-2020-73 moderate openSUSE Backports SLE-15-SP1 Update This update for supervisor fixes the following issues: - Add python2-setuptools to the runtime-requirements (boo#1159471) This update was imported from the openSUSE:Leap:15.1:Update update project. supervisor-3.3.5-bp151.2.3.1.noarch.rpm supervisor-3.3.5-bp151.2.3.1.src.rpm openSUSE-2020-97 moderate openSUSE Backports SLE-15-SP1 Update This update for python-acme, python-certbot, python-certbot-apache, python-certbot-dns-cloudflare, python-certbot-dns-cloudxns, python-certbot-dns-digitalocean, python-certbot-dns-dnsimple, python-certbot-dns-dnsmadeeasy, python-certbot-dns-google, python-certbot-dns-luadns, python-certbot-dns-nsone, python-certbot-dns-rfc2136, python-certbot-dns-route53, python-certbot-nginx fixes the following issues: Changes in python-acme: update to version 1.0.0 (boo#1160066) * Deprecated attributes related to the TLS-SNI-01 challenge in acme.challenges and acme.standalone have been removed. update to version 0.40.1 * acme.standalone.BaseRequestHandlerWithLogging and acme.standalone.simple_tls_sni_01_server have been deprecated and will be removed in a future release of the library. update to version 0.37.2 * acme: Authz deactivation added to acme module. Changes in python-certbot: update to version 1.0.0 (boo#1160066) * certbot-auto has deprecated support for systems using OpenSSL 1.0.1 that are not running on x86-64. * Certbot's config_changes subcommand has been removed * certbot.plugins.common.TLSSNI01 has been removed. * The functions certbot.client.view_config_changes, certbot.main.config_changes, certbot.plugins.common.Installer.view_config_changes, certbot.reverter.Reverter.view_config_changes, and certbot.util.get_systemd_os_info have been removed * Certbot's register --update-registration subcommand has been removed * When possible, default to automatically configuring the webserver so all requests redirect to secure HTTPS access. This is mostly relevant when running Certbot in non-interactive mode. Previously, the default was to not redirect all requests. update to version 0.40.1 * --server may now be combined with --dry-run. * --dry-run now requests fresh authorizations every time, fixing the issue where it was prone to falsely reporting success. * The OS detection logic again uses distro library for Linux OSes * certbot.plugins.common.TLSSNI01 has been deprecated and will be removed in a future release. * CLI flags --tls-sni-01-port and --tls-sni-01-address have been removed. * The values tls-sni and tls-sni-01 for the --preferred-challenges flag are no longer accepted. * Removed the flags: --agree-dev-preview, --dialog, and --apache-init-script update to version 0.39.0 * Support for Python 3.8 was added to Certbot and all of its components. * Don't send OCSP requests for expired certificates update to version 0.38.0 * If Certbot fails to rollback your server configuration, the error message links to the Let's Encrypt forum. * Replace platform.linux_distribution with distro.linux_distribution as a step towards Python 3.8 support in Certbot. update to version 0.37.2 * nginx and apache fixes Changes in python-certbot-apache: update to version 1.0.0 (boo#1160066) * The docs extras for the certbot-apache and certbot-nginx packages have been removed. update to version 0.40.1 * Sync with main certbot package. update to version 0.39.0 * Support for Python 3.8 was added to Certbot and all of its components. update to version 0.38.0 * Fixed OS detection in the Apache plugin on Scientific Linux. update to version 0.37.2 * Turn off session tickets for apache plugin by default * Stop disabling TLS session tickets in Apache as it caused TLS failures on some systems. Changes in python-certbot-dns-cloudflare: update to version 0.39.0 * Support for Python 3.8 was added to Certbot and all of its components. Changes in python-certbot-dns-rfc2136: update to version 1.0.0 * certbot-dns-rfc2136 now uses TCP to query SOA records. Changes in python-certbot-nginx: update to version 1.0.0 (boo#1160066) * Disable session tickets for Nginx users when appropriate. update to version 0.37.2 * Follow updated Mozilla recommendations for Nginx ssl_protocols, ssl_ciphers, and ssl_prefer_server_ciphers * Stop disabling TLS session tickets in Nginx as it caused TLS failures on some systems. This update was imported from the openSUSE:Leap:15.1:Update update project. python-acme-1.0.0-bp151.3.6.3.src.rpm python2-acme-1.0.0-bp151.3.6.3.noarch.rpm python3-acme-1.0.0-bp151.3.6.3.noarch.rpm python-certbot-apache-1.0.0-bp151.3.6.3.src.rpm python2-certbot-apache-1.0.0-bp151.3.6.3.noarch.rpm python3-certbot-apache-1.0.0-bp151.3.6.3.noarch.rpm python-certbot-dns-cloudflare-1.0.0-bp151.3.6.3.src.rpm python2-certbot-dns-cloudflare-1.0.0-bp151.3.6.3.noarch.rpm python3-certbot-dns-cloudflare-1.0.0-bp151.3.6.3.noarch.rpm python-certbot-dns-cloudxns-1.0.0-bp151.2.6.4.src.rpm python2-certbot-dns-cloudxns-1.0.0-bp151.2.6.4.noarch.rpm python3-certbot-dns-cloudxns-1.0.0-bp151.2.6.4.noarch.rpm python-certbot-dns-digitalocean-1.0.0-bp151.2.6.3.src.rpm python2-certbot-dns-digitalocean-1.0.0-bp151.2.6.3.noarch.rpm python3-certbot-dns-digitalocean-1.0.0-bp151.2.6.3.noarch.rpm python-certbot-dns-dnsimple-1.0.0-bp151.2.6.4.src.rpm python2-certbot-dns-dnsimple-1.0.0-bp151.2.6.4.noarch.rpm python3-certbot-dns-dnsimple-1.0.0-bp151.2.6.4.noarch.rpm python-certbot-dns-dnsmadeeasy-1.0.0-bp151.2.6.4.src.rpm python2-certbot-dns-dnsmadeeasy-1.0.0-bp151.2.6.4.noarch.rpm python3-certbot-dns-dnsmadeeasy-1.0.0-bp151.2.6.4.noarch.rpm python-certbot-dns-google-1.0.0-bp151.2.6.2.src.rpm python2-certbot-dns-google-1.0.0-bp151.2.6.2.noarch.rpm python3-certbot-dns-google-1.0.0-bp151.2.6.2.noarch.rpm python-certbot-dns-luadns-1.0.0-bp151.2.6.4.src.rpm python2-certbot-dns-luadns-1.0.0-bp151.2.6.4.noarch.rpm python3-certbot-dns-luadns-1.0.0-bp151.2.6.4.noarch.rpm python-certbot-dns-nsone-1.0.0-bp151.2.6.4.src.rpm python2-certbot-dns-nsone-1.0.0-bp151.2.6.4.noarch.rpm python3-certbot-dns-nsone-1.0.0-bp151.2.6.4.noarch.rpm python-certbot-dns-rfc2136-1.0.0-bp151.2.6.3.src.rpm python2-certbot-dns-rfc2136-1.0.0-bp151.2.6.3.noarch.rpm python3-certbot-dns-rfc2136-1.0.0-bp151.2.6.3.noarch.rpm python-certbot-dns-route53-1.0.0-bp151.2.6.3.src.rpm python2-certbot-dns-route53-1.0.0-bp151.2.6.3.noarch.rpm python3-certbot-dns-route53-1.0.0-bp151.2.6.3.noarch.rpm python-certbot-nginx-1.0.0-bp151.2.6.3.src.rpm python2-certbot-nginx-1.0.0-bp151.2.6.3.noarch.rpm python3-certbot-nginx-1.0.0-bp151.2.6.3.noarch.rpm python-certbot-1.0.0-bp151.3.6.3.src.rpm python2-certbot-1.0.0-bp151.3.6.3.noarch.rpm python3-certbot-1.0.0-bp151.3.6.3.noarch.rpm openSUSE-2020-200 moderate openSUSE Backports SLE-15-SP1 Update This update for bitcoin fixes the following issues: bitcoin was updated to version 0.19.0.1: * New RPCs + `getbalances` returns an object with all balances + `setwalletflag` sets and unsets wallet flags that enable or disable features specific to that existing wallet + `getblockfilter` fets the BIP158 filter for the specified block * New settings + `-blockfilterindex` enables the creation of BIP158 block filters for the entire blockchain * Updated settings + `whitebind` and `whitelist` now accept a list of permissions to provide peers connecting using the indicated interfaces or IP addresses + Users setting custom `dbcache` values can increase their setting slightly without using any more real memory * Updated RPCs + `sendmany` no longer has a `minconf` argument + `getbalance` and `sendtoaddress`, plus the new RPCs `getbalances` and `createwaller`, now accept an `acoid_reuse` parameter that controls whether already used addresses should be included in the operation + RPCs which have an `include_watchonly` argument or `includeWatching` option now default to true for watch-only wallets + `listunspent` now returns a `reused` bool for each output if the wallet flag `avoid_reuse` is enabled + `getblockstats` now uses BlockUndo data instead of the transaction index, making it much faster, no longer dependent on the `-txindex` configuration option, and functional for all non-pruned blocks + `utxoupdatepsbt` now accepts a `descriptors` parameter that will fill out input and output scripts and keys when known + `sendrawtransaction` and `testmempoolaccept` no longer accept a allowhighfees parameter to fail mempool acceptance if the transaction fee exceeds the value of the configuration option `-maxtxfee` + `getmempoolancestors`, `getmempooldescendants`, `getmempoolentry`, and `getrawmempool` no longer return a size field unless the configuration option `-deprecatedrpc=size` is used + `getwalletinfo` now includes a scanning field that is either false (no scanning) or an object with information about the duration and progress of the wallet's scanning historical blocks for transactions affecting its balances + `gettransaction` now accepts a third (boolean) argument `verbose` + `createwallet` accepts a new passphrase parameter + `getchaintxstats` RPC now returns the additional key of `window_final_block_height` + `getmempoolentry` now provides a weight field containing the transaction weight as defined in BIP141 + The `getnetworkinfo` and `getpeerinfo` commands now contain a new field with decoded network service flags + `getdescriptorinfo` now returns an additional `checksum` field containing the checksum for the unmodified descriptor provided by the user + `joinpsbts` now shuffles the order of the inputs and outputs of the resulting joined PSBT + `walletcreatefundedpsbt` now signals BIP125 Replace-by-Fee if the -walletrbf configuration option is set to true * GUI changes + The GUI wallet now provides bech32 addresses by default. The user may change the address type during invoice generation using a GUI toggle, or the default address type may be changed with the -addresstype configuration option. + In 0.18.0, a ./configure flag was introduced to allow disabling BIP70 support in the GUI (support was enabled by default). In 0.19.0, this flag is now disabled by default. * P2P changes + BIP 61 reject messages were deprecated in version 0.18. They are now disabled by default, but can be enabled by setting the -enablebip61 command line option. + To eliminate well-known denial-of-service vectors in Bitcoin Core, especially for nodes with spinning disks, the default value for the -peerbloomfilters configuration option has been changed to false. + By default, Bitcoin Core will now make two additional outbound connections that are exclusively used for block-relay. * CLI changes + The testnet field in bitcoin-cli -getinfo has been renamed to chain and now returns the current network name as defined in BIP70 bitcoin-0.19.0.1-bp151.5.3.10.src.rpm bitcoin-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-debugsource-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-qt5-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-qt5-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-test-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-test-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-utils-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-utils-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoind-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoind-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm libbitcoinconsensus-devel-0.19.0.1-bp151.5.3.10.x86_64.rpm libbitcoinconsensus0-0.19.0.1-bp151.5.3.10.x86_64.rpm libbitcoinconsensus0-debuginfo-0.19.0.1-bp151.5.3.10.x86_64.rpm bitcoin-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-debugsource-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-qt5-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-qt5-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-test-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-test-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-utils-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-utils-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoind-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoind-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm libbitcoinconsensus-devel-0.19.0.1-bp151.5.3.10.aarch64.rpm libbitcoinconsensus0-0.19.0.1-bp151.5.3.10.aarch64.rpm libbitcoinconsensus0-debuginfo-0.19.0.1-bp151.5.3.10.aarch64.rpm bitcoin-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-debugsource-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-qt5-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-qt5-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-test-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-test-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-utils-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoin-utils-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoind-0.19.0.1-bp151.5.3.10.s390x.rpm bitcoind-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm libbitcoinconsensus-devel-0.19.0.1-bp151.5.3.10.s390x.rpm libbitcoinconsensus0-0.19.0.1-bp151.5.3.10.s390x.rpm libbitcoinconsensus0-debuginfo-0.19.0.1-bp151.5.3.10.s390x.rpm openSUSE-2020-78 moderate openSUSE Backports SLE-15-SP1 Update This update for baloo5 fixes the following issues: - Added fixes to avoid potential database corruption and crashes (boo#1157380, kde#372880): baloo5-5.55.0-bp151.4.3.1.src.rpm baloo5-devel-5.55.0-bp151.4.3.1.x86_64.rpm baloo5-file-5.55.0-bp151.4.3.1.x86_64.rpm baloo5-file-lang-5.55.0-bp151.4.3.1.noarch.rpm baloo5-imports-5.55.0-bp151.4.3.1.x86_64.rpm baloo5-imports-lang-5.55.0-bp151.4.3.1.noarch.rpm baloo5-kioslaves-5.55.0-bp151.4.3.1.x86_64.rpm baloo5-kioslaves-lang-5.55.0-bp151.4.3.1.noarch.rpm baloo5-tools-5.55.0-bp151.4.3.1.x86_64.rpm baloo5-tools-lang-5.55.0-bp151.4.3.1.noarch.rpm libKF5Baloo5-5.55.0-bp151.4.3.1.x86_64.rpm libKF5BalooEngine5-5.55.0-bp151.4.3.1.x86_64.rpm libKF5BalooEngine5-lang-5.55.0-bp151.4.3.1.noarch.rpm baloo5-devel-5.55.0-bp151.4.3.1.aarch64.rpm baloo5-file-5.55.0-bp151.4.3.1.aarch64.rpm baloo5-imports-5.55.0-bp151.4.3.1.aarch64.rpm baloo5-kioslaves-5.55.0-bp151.4.3.1.aarch64.rpm baloo5-tools-5.55.0-bp151.4.3.1.aarch64.rpm libKF5Baloo5-5.55.0-bp151.4.3.1.aarch64.rpm libKF5Baloo5-64bit-5.55.0-bp151.4.3.1.aarch64_ilp32.rpm libKF5BalooEngine5-5.55.0-bp151.4.3.1.aarch64.rpm libKF5BalooEngine5-64bit-5.55.0-bp151.4.3.1.aarch64_ilp32.rpm baloo5-devel-5.55.0-bp151.4.3.1.ppc64le.rpm baloo5-file-5.55.0-bp151.4.3.1.ppc64le.rpm baloo5-imports-5.55.0-bp151.4.3.1.ppc64le.rpm baloo5-kioslaves-5.55.0-bp151.4.3.1.ppc64le.rpm baloo5-tools-5.55.0-bp151.4.3.1.ppc64le.rpm libKF5Baloo5-5.55.0-bp151.4.3.1.ppc64le.rpm libKF5BalooEngine5-5.55.0-bp151.4.3.1.ppc64le.rpm baloo5-devel-5.55.0-bp151.4.3.1.s390x.rpm baloo5-file-5.55.0-bp151.4.3.1.s390x.rpm baloo5-imports-5.55.0-bp151.4.3.1.s390x.rpm baloo5-kioslaves-5.55.0-bp151.4.3.1.s390x.rpm baloo5-tools-5.55.0-bp151.4.3.1.s390x.rpm libKF5Baloo5-5.55.0-bp151.4.3.1.s390x.rpm libKF5BalooEngine5-5.55.0-bp151.4.3.1.s390x.rpm openSUSE-2020-91 moderate openSUSE Backports SLE-15-SP1 Update This update for nextcloud-client fixes the following issues: - Update to version 2.5.3: * See https://github.com/nextcloud/desktop/compare/v2.5.1...v2.5.3 This update was imported from the openSUSE:Leap:15.1:Update update project. caja-extension-nextcloud-2.5.3-bp151.3.3.5.noarch.rpm libnextcloudsync-devel-2.5.3-bp151.3.3.5.x86_64.rpm libnextcloudsync0-2.5.3-bp151.3.3.5.x86_64.rpm nautilus-extension-nextcloud-2.5.3-bp151.3.3.5.noarch.rpm nemo-extension-nextcloud-2.5.3-bp151.3.3.5.noarch.rpm nextcloud-client-2.5.3-bp151.3.3.5.src.rpm nextcloud-client-2.5.3-bp151.3.3.5.x86_64.rpm nextcloud-client-doc-2.5.3-bp151.3.3.5.noarch.rpm nextcloud-client-dolphin-2.5.3-bp151.3.3.5.x86_64.rpm nextcloud-client-lang-2.5.3-bp151.3.3.5.noarch.rpm libnextcloudsync-devel-2.5.3-bp151.3.3.5.aarch64.rpm libnextcloudsync0-2.5.3-bp151.3.3.5.aarch64.rpm nextcloud-client-2.5.3-bp151.3.3.5.aarch64.rpm nextcloud-client-dolphin-2.5.3-bp151.3.3.5.aarch64.rpm openSUSE-2020-95 moderate openSUSE Backports SLE-15-SP1 Update This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: * Added the -x,--extnames option to dwglayers for r13-r14 DWGs. * Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle for r13. * Add DICTIONARY.itemhandles[] for r13 and r14. * Fixed some dwglayers null pointer derefs, and flush its output for each layer. * Added several overflow checks from fuzzing [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826], [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828], [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832] * Disallow illegal SPLINE scenarios [CVE-2019-20009, boo#1159824] Update to release 0.9.1: * Fixed more null pointer dereferences, overflows, hangs and memory leaks for fuzzed (i.e. illegal) DWGs. Update to release 0.9 [boo#1154080]: * Added the DXF importer, using the new dynapi and the r2000 encoder. Only for r2000 DXFs. * Added utf8text conversion functions to the dynapi. * Added 3DSOLID encoder. * Added APIs to find handles for names, searching in tables and dicts. * API breaking changes - see NEWS file in package. * Fixed null pointer dereferences, and memory leaks (except DXF importer) [boo#1129868, CVE-2019-9779] [boo#1129869, CVE-2019-9778] [boo#1129870, CVE-2019-9777] [boo#1129873, CVE-2019-9776] [boo#1129874, CVE-2019-9773] [boo#1129875, CVE-2019-9772] [boo#1129876, CVE-2019-9771] [boo#1129878, CVE-2019-9775] [boo#1129879, CVE-2019-9774] [boo#1129881, CVE-2019-9770] Update to 0.8: * add a new dynamic API, read and write all header and object fields by name * API breaking changes * Fix many errors in DXF output * Fix JSON output * Many more bug fixes to handle specific object types This update was imported from the openSUSE:Leap:15.1:Update update project. libredwg-0.9.3-bp151.2.3.1.src.rpm libredwg-devel-0.9.3-bp151.2.3.1.x86_64.rpm libredwg-tools-0.9.3-bp151.2.3.1.x86_64.rpm libredwg0-0.9.3-bp151.2.3.1.x86_64.rpm libredwg-devel-0.9.3-bp151.2.3.1.aarch64.rpm libredwg-tools-0.9.3-bp151.2.3.1.aarch64.rpm libredwg0-0.9.3-bp151.2.3.1.aarch64.rpm libredwg-devel-0.9.3-bp151.2.3.1.ppc64le.rpm libredwg-tools-0.9.3-bp151.2.3.1.ppc64le.rpm libredwg0-0.9.3-bp151.2.3.1.ppc64le.rpm libredwg-devel-0.9.3-bp151.2.3.1.s390x.rpm libredwg-tools-0.9.3-bp151.2.3.1.s390x.rpm libredwg0-0.9.3-bp151.2.3.1.s390x.rpm openSUSE-2020-99 moderate openSUSE Backports SLE-15-SP1 Update This update for kaccounts-providers fixes the following issues: - Fixed Google account usage. This update was imported from the openSUSE:Leap:15.1:Update update project. kaccounts-providers-18.12.3-bp151.3.3.1.src.rpm kaccounts-providers-18.12.3-bp151.3.3.1.x86_64.rpm kaccounts-providers-lang-18.12.3-bp151.3.3.1.noarch.rpm kaccounts-providers-18.12.3-bp151.3.3.1.aarch64.rpm kaccounts-providers-18.12.3-bp151.3.3.1.ppc64le.rpm kaccounts-providers-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-93 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to version 79.0.3945.130 (boo#1161252): - CVE-2020-6378, CVE-2020-6379: Fixed a use-after-free in speech recognizer - CVE-2020-6380: Fixed an extension message verification error - Various fixes from audits, fuzzing and other initiatives chromedriver-79.0.3945.130-bp151.3.56.3.x86_64.rpm chromedriver-debuginfo-79.0.3945.130-bp151.3.56.3.x86_64.rpm chromium-79.0.3945.130-bp151.3.56.3.src.rpm chromium-79.0.3945.130-bp151.3.56.3.x86_64.rpm chromium-debuginfo-79.0.3945.130-bp151.3.56.3.x86_64.rpm chromium-debugsource-79.0.3945.130-bp151.3.56.3.x86_64.rpm chromedriver-79.0.3945.130-bp151.3.56.3.aarch64.rpm chromedriver-debuginfo-79.0.3945.130-bp151.3.56.3.aarch64.rpm chromium-79.0.3945.130-bp151.3.56.3.aarch64.rpm chromium-debuginfo-79.0.3945.130-bp151.3.56.3.aarch64.rpm chromium-debugsource-79.0.3945.130-bp151.3.56.3.aarch64.rpm openSUSE-2020-103 moderate openSUSE Backports SLE-15-SP1 Update This update for arc fixes the following issues: - CVE-2015-9275: Fixed a directory traversal vulnerability (boo#1121032). arc-5.21q-bp151.4.3.1.src.rpm arc-5.21q-bp151.4.3.1.x86_64.rpm arc-debuginfo-5.21q-bp151.4.3.1.x86_64.rpm arc-debugsource-5.21q-bp151.4.3.1.x86_64.rpm arc-5.21q-bp151.4.3.1.aarch64.rpm arc-debuginfo-5.21q-bp151.4.3.1.aarch64.rpm arc-debugsource-5.21q-bp151.4.3.1.aarch64.rpm arc-5.21q-bp151.4.3.1.ppc64le.rpm arc-debuginfo-5.21q-bp151.4.3.1.ppc64le.rpm arc-debugsource-5.21q-bp151.4.3.1.ppc64le.rpm arc-5.21q-bp151.4.3.1.s390x.rpm arc-debuginfo-5.21q-bp151.4.3.1.s390x.rpm arc-debugsource-5.21q-bp151.4.3.1.s390x.rpm openSUSE-2020-104 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: - Update to version 2.5.3: * https://github.com/keepassxreboot/keepassxc/releases/tag/2.5.3 keepassxc-2.5.3-bp151.3.9.1.src.rpm keepassxc-2.5.3-bp151.3.9.1.x86_64.rpm keepassxc-lang-2.5.3-bp151.3.9.1.noarch.rpm keepassxc-2.5.3-bp151.3.9.1.aarch64.rpm keepassxc-2.5.3-bp151.3.9.1.ppc64le.rpm keepassxc-2.5.3-bp151.3.9.1.s390x.rpm openSUSE-2020-112 moderate openSUSE Backports SLE-15-SP1 Update This update for zabbix fixes the following issues: zabbix was upated to the latest release 3.0.29 Bug Fixes: + ZBX-17101 Fixed url validation before output + ZBX-16750 Fixed broken validation of peer certificate issuer and subject strings in tls connect, fixed logging + ZBX-16178 Fixed distributive can contain untracked backup file include/config.h.in~ Updated to latest release 3.0.28: + ZBX-15915 Fixed linking error if round() is undefined + ZBX-16074 Added file revision number generation for compilation on ms windows + ZBX-11284 Removed sid url argument for form cancel buttons + ZBX-15416 Fixed locale validation in user create and update api methods This update was imported from the openSUSE:Leap:15.1:Update update project. zabbix-3.0.29-bp151.4.3.1.src.rpm zabbix-agent-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-bash-completion-3.0.29-bp151.4.3.1.noarch.rpm zabbix-java-gateway-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-phpfrontend-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-proxy-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-proxy-mysql-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-proxy-postgresql-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-proxy-sqlite-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-server-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-server-mysql-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-server-postgresql-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-server-sqlite-3.0.29-bp151.4.3.1.x86_64.rpm zabbix-agent-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-java-gateway-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-phpfrontend-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-proxy-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-proxy-mysql-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-proxy-postgresql-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-proxy-sqlite-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-server-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-server-mysql-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-server-postgresql-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-server-sqlite-3.0.29-bp151.4.3.1.aarch64.rpm zabbix-agent-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-java-gateway-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-phpfrontend-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-proxy-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-proxy-mysql-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-proxy-postgresql-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-proxy-sqlite-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-server-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-server-mysql-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-server-postgresql-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-server-sqlite-3.0.29-bp151.4.3.1.ppc64le.rpm zabbix-agent-3.0.29-bp151.4.3.1.s390x.rpm zabbix-java-gateway-3.0.29-bp151.4.3.1.s390x.rpm zabbix-phpfrontend-3.0.29-bp151.4.3.1.s390x.rpm zabbix-proxy-3.0.29-bp151.4.3.1.s390x.rpm zabbix-proxy-mysql-3.0.29-bp151.4.3.1.s390x.rpm zabbix-proxy-postgresql-3.0.29-bp151.4.3.1.s390x.rpm zabbix-proxy-sqlite-3.0.29-bp151.4.3.1.s390x.rpm zabbix-server-3.0.29-bp151.4.3.1.s390x.rpm zabbix-server-mysql-3.0.29-bp151.4.3.1.s390x.rpm zabbix-server-postgresql-3.0.29-bp151.4.3.1.s390x.rpm zabbix-server-sqlite-3.0.29-bp151.4.3.1.s390x.rpm openSUSE-2020-114 moderate openSUSE Backports SLE-15-SP1 Update This update for znc fixes the following issues: - Update to version 1.7.5. znc-1.7.5-bp151.4.6.1.src.rpm znc-1.7.5-bp151.4.6.1.x86_64.rpm znc-devel-1.7.5-bp151.4.6.1.x86_64.rpm znc-lang-1.7.5-bp151.4.6.1.noarch.rpm znc-perl-1.7.5-bp151.4.6.1.x86_64.rpm znc-python3-1.7.5-bp151.4.6.1.x86_64.rpm znc-tcl-1.7.5-bp151.4.6.1.x86_64.rpm znc-1.7.5-bp151.4.6.1.aarch64.rpm znc-devel-1.7.5-bp151.4.6.1.aarch64.rpm znc-perl-1.7.5-bp151.4.6.1.aarch64.rpm znc-python3-1.7.5-bp151.4.6.1.aarch64.rpm znc-tcl-1.7.5-bp151.4.6.1.aarch64.rpm znc-1.7.5-bp151.4.6.1.ppc64le.rpm znc-devel-1.7.5-bp151.4.6.1.ppc64le.rpm znc-perl-1.7.5-bp151.4.6.1.ppc64le.rpm znc-python3-1.7.5-bp151.4.6.1.ppc64le.rpm znc-tcl-1.7.5-bp151.4.6.1.ppc64le.rpm znc-1.7.5-bp151.4.6.1.s390x.rpm znc-devel-1.7.5-bp151.4.6.1.s390x.rpm znc-perl-1.7.5-bp151.4.6.1.s390x.rpm znc-python3-1.7.5-bp151.4.6.1.s390x.rpm znc-tcl-1.7.5-bp151.4.6.1.s390x.rpm openSUSE-2020-115 moderate openSUSE Backports SLE-15-SP1 Update This update for libredwg fixes the following issues: libredwg was updated to release 0.10: API breaking changes: * Added a new int *isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not. * removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and UNKNOWN_ENT left, with common_entity_data. * renamed BLOCK_HEADER.preview_data to preview, preview_data_size to preview_size. * renamed SHAPE.shape_no to style_id. * renamed CLASS.wasazombie to is_zombie. Bugfixes: * Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c. * Fixed encoding of added r2000 AUXHEADER address. * Fixed EED encoding from dwgrewrite. * Add several checks against [CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522], [CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524], [CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526], [CVE-2020-6615, boo#1160527] This update was imported from the openSUSE:Leap:15.1:Update update project. libredwg-0.10-bp151.2.6.1.src.rpm libredwg-devel-0.10-bp151.2.6.1.x86_64.rpm libredwg-tools-0.10-bp151.2.6.1.x86_64.rpm libredwg0-0.10-bp151.2.6.1.x86_64.rpm libredwg-devel-0.10-bp151.2.6.1.aarch64.rpm libredwg-tools-0.10-bp151.2.6.1.aarch64.rpm libredwg0-0.10-bp151.2.6.1.aarch64.rpm libredwg-devel-0.10-bp151.2.6.1.ppc64le.rpm libredwg-tools-0.10-bp151.2.6.1.ppc64le.rpm libredwg0-0.10-bp151.2.6.1.ppc64le.rpm libredwg-devel-0.10-bp151.2.6.1.s390x.rpm libredwg-tools-0.10-bp151.2.6.1.s390x.rpm libredwg0-0.10-bp151.2.6.1.s390x.rpm openSUSE-2020-119 moderate openSUSE Backports SLE-15-SP1 Update This update for storeBackup fixes the following issues: - CVE-2020-7040: Fixed a symlink attack which could lead to denial of service (boo#1156767). storeBackup-3.5-bp151.4.3.1.noarch.rpm storeBackup-3.5-bp151.4.3.1.src.rpm openSUSE-2020-153 moderate openSUSE Backports SLE-15-SP1 Update This update for dnf-plugins-core fixes the following issues: - Deconflict with zypper-needs-restarting on SLE to unblock PackageHub updates This update was imported from the openSUSE:Leap:15.1:Update update project. dnf-plugins-core-4.0.7-bp151.4.4.5.noarch.rpm dnf-plugins-core-4.0.7-bp151.4.4.5.src.rpm dnf-plugins-core-lang-4.0.7-bp151.4.4.5.noarch.rpm dnf-utils-4.0.7-bp151.4.4.5.noarch.rpm python3-dnf-plugin-leaves-4.0.7-bp151.4.4.5.noarch.rpm python3-dnf-plugin-local-4.0.7-bp151.4.4.5.noarch.rpm python3-dnf-plugin-show-leaves-4.0.7-bp151.4.4.5.noarch.rpm python3-dnf-plugin-versionlock-4.0.7-bp151.4.4.5.noarch.rpm python3-dnf-plugins-core-4.0.7-bp151.4.4.5.noarch.rpm openSUSE-2020-127 moderate openSUSE Backports SLE-15-SP1 Update This update for live-net-installer fixes the following issues: - Stop nscd before starting the installation (boo#1155687) - Fix URL for aarch64 - URL is arch specific, so drop noarch This update was imported from the openSUSE:Leap:15.1:Update update project. live-net-installer-1.0-bp151.2.3.6.src.rpm live-net-installer-1.0-bp151.2.3.6.x86_64.rpm live-net-installer-1.0-bp151.2.3.6.aarch64.rpm live-net-installer-1.0-bp151.2.3.6.ppc64le.rpm live-net-installer-1.0-bp151.2.3.6.s390x.rpm openSUSE-2020-128 moderate openSUSE Backports SLE-15-SP1 Update This update for DisplayCAL fixes the following issues: - Added dependency on python-xml. Without it, DisplayCAL won't start. This update was imported from the openSUSE:Leap:15.1:Update update project. DisplayCAL-3.5.3.0-bp151.4.3.1.src.rpm DisplayCAL-3.5.3.0-bp151.4.3.1.x86_64.rpm DisplayCAL-3.5.3.0-bp151.4.3.1.aarch64.rpm DisplayCAL-3.5.3.0-bp151.4.3.1.ppc64le.rpm DisplayCAL-3.5.3.0-bp151.4.3.1.s390x.rpm openSUSE-2020-145 moderate openSUSE Backports SLE-15-SP1 Update This update for GraphicsMagick fixes the following issues: - CVE-2019-19950: Fixed a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. (boo#1159852) - CVE-2019-19951: Fixed a heap-based buffer overflow in ImportRLEPixels() (boo#1160321). - CVE-2019-19953: Fixed a heap-based buffer overflow in EncodeImage() (boo#1160364). This update was imported from the openSUSE:Leap:15.1:Update update project. GraphicsMagick-1.3.29-bp151.5.9.1.src.rpm GraphicsMagick-1.3.29-bp151.5.9.1.x86_64.rpm GraphicsMagick-devel-1.3.29-bp151.5.9.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.29-bp151.5.9.1.x86_64.rpm libGraphicsMagick++-devel-1.3.29-bp151.5.9.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.29-bp151.5.9.1.x86_64.rpm libGraphicsMagick3-config-1.3.29-bp151.5.9.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.9.1.x86_64.rpm perl-GraphicsMagick-1.3.29-bp151.5.9.1.x86_64.rpm openSUSE-2020-129 moderate openSUSE Backports SLE-15-SP1 Update This update for amanda fixes the following issues: Updated the list of suid binaries [boo#1110797] - added: ambind, ambsdtar, amgtar, amstar - removed: amcheck, planner, dumper Updated README.SUSE and add a note about setuid binaries and the fact that user amanda and members of the group amanda should be considered privileged users This update was imported from the openSUSE:Leap:15.1:Update update project. amanda-3.5.1-bp151.4.3.7.src.rpm amanda-3.5.1-bp151.4.3.7.x86_64.rpm amanda-3.5.1-bp151.4.3.7.aarch64.rpm amanda-3.5.1-bp151.4.3.7.ppc64le.rpm amanda-3.5.1-bp151.4.3.7.s390x.rpm openSUSE-2020-130 moderate openSUSE Backports SLE-15-SP1 Update This update for apache2-mod_auth_kerb fixes the following issues: - Fix a segmentation fault in function authenticate_user_krb5pwd() when credentials were supplied using basic authentication [boo#1142545] This update was imported from the openSUSE:Leap:15.1:Update update project. apache2-mod_auth_kerb-5.4-bp151.4.6.1.src.rpm apache2-mod_auth_kerb-5.4-bp151.4.6.1.x86_64.rpm apache2-mod_auth_kerb-5.4-bp151.4.6.1.aarch64.rpm apache2-mod_auth_kerb-5.4-bp151.4.6.1.ppc64le.rpm apache2-mod_auth_kerb-5.4-bp151.4.6.1.s390x.rpm openSUSE-2020-131 moderate openSUSE Backports SLE-15-SP1 Update This update for calamaris fixes the following issues: - Fix generation of reports with Perl 5.12 (boo#1145328) This update was imported from the openSUSE:Leap:15.1:Update update project. calamaris-2.59-bp151.4.3.1.noarch.rpm calamaris-2.59-bp151.4.3.1.src.rpm openSUSE-2020-132 low openSUSE Backports SLE-15-SP1 Update This update for fcitx-qt5 fixes the following issue: - QOwnNotes always crash at close with fcitx-qt5 installed. (boo#1152412) This update was imported from the openSUSE:Leap:15.1:Update update project. fcitx-qt5-1.2.2-bp151.4.9.1.src.rpm fcitx-qt5-1.2.2-bp151.4.9.1.x86_64.rpm fcitx-qt5-devel-1.2.2-bp151.4.9.1.x86_64.rpm fcitx-qt5-1.2.2-bp151.4.9.1.aarch64.rpm fcitx-qt5-64bit-1.2.2-bp151.4.9.1.aarch64_ilp32.rpm fcitx-qt5-devel-1.2.2-bp151.4.9.1.aarch64.rpm fcitx-qt5-1.2.2-bp151.4.9.1.ppc64le.rpm fcitx-qt5-devel-1.2.2-bp151.4.9.1.ppc64le.rpm fcitx-qt5-1.2.2-bp151.4.9.1.s390x.rpm fcitx-qt5-devel-1.2.2-bp151.4.9.1.s390x.rpm openSUSE-2020-133 moderate openSUSE Backports SLE-15-SP1 Update This update for gitlint fixes the following issues: Update to v0.11.0: * make it work with openSUSE This update was imported from the openSUSE:Leap:15.1:Update update project. gitlint-0.11.0-bp151.4.3.1.src.rpm python2-gitlint-0.11.0-bp151.4.3.1.noarch.rpm python3-gitlint-0.11.0-bp151.4.3.1.noarch.rpm openSUSE-2020-134 moderate openSUSE Backports SLE-15-SP1 Update This update for imap fixes the following issues: - read certificates from /etc/imap/certs ([boo#1145195]) This update was imported from the openSUSE:Leap:15.1:Update update project. imap-2007e_suse-bp151.4.3.1.src.rpm imap-2007e_suse-bp151.4.3.1.x86_64.rpm imap-devel-2007e_suse-bp151.4.3.1.x86_64.rpm libc-client2007e_suse-2007e_suse-bp151.4.3.1.x86_64.rpm imap-2007e_suse-bp151.4.3.1.aarch64.rpm imap-devel-2007e_suse-bp151.4.3.1.aarch64.rpm libc-client2007e_suse-2007e_suse-bp151.4.3.1.aarch64.rpm imap-2007e_suse-bp151.4.3.1.ppc64le.rpm imap-devel-2007e_suse-bp151.4.3.1.ppc64le.rpm libc-client2007e_suse-2007e_suse-bp151.4.3.1.ppc64le.rpm imap-2007e_suse-bp151.4.3.1.s390x.rpm imap-devel-2007e_suse-bp151.4.3.1.s390x.rpm libc-client2007e_suse-2007e_suse-bp151.4.3.1.s390x.rpm openSUSE-2020-135 moderate openSUSE Backports SLE-15-SP1 Update This update for kmozillahelper fixes the following issues: - Update to 5.0.5: * Recognize if started from Thunderbird * Cache helper protocols (boo#1037806) * Use new style connect * Don't use deprecated KRun:runUrl without flags, use with flags * Improve HiDPI support - Add %license This update was imported from the openSUSE:Leap:15.1:Update update project. kmozillahelper-5.0.5-bp151.4.3.1.src.rpm kmozillahelper-5.0.5-bp151.4.3.1.x86_64.rpm kmozillahelper-5.0.5-bp151.4.3.1.aarch64.rpm kmozillahelper-5.0.5-bp151.4.3.1.ppc64le.rpm kmozillahelper-5.0.5-bp151.4.3.1.s390x.rpm openSUSE-2020-136 moderate openSUSE Backports SLE-15-SP1 Update This update for mate-terminal fixes the following issues: Update to version 1.20.1: * terminal-window: Fix Session dbus daemon saturated (fixes boo#1160686) * Translation updates. This update was imported from the openSUSE:Leap:15.1:Update update project. mate-terminal-1.20.1-bp151.4.3.1.src.rpm mate-terminal-1.20.1-bp151.4.3.1.x86_64.rpm mate-terminal-lang-1.20.1-bp151.4.3.1.noarch.rpm mate-terminal-1.20.1-bp151.4.3.1.aarch64.rpm mate-terminal-1.20.1-bp151.4.3.1.ppc64le.rpm mate-terminal-1.20.1-bp151.4.3.1.s390x.rpm openSUSE-2020-137 moderate openSUSE Backports SLE-15-SP1 Update This update for mumble fixes the following issues: CVE-2018-20743: murmur mishandled multiple concurrent requests that were persisted in the database, which allowed remote attackers to cause a denial of service (daemon hang or crash) via a message flood. (boo#1123334) This update was imported from the openSUSE:Leap:15.1:Update update project. mumble-1.2.19-bp151.6.6.1.src.rpm mumble-1.2.19-bp151.6.6.1.x86_64.rpm mumble-server-1.2.19-bp151.6.6.1.x86_64.rpm mumble-1.2.19-bp151.6.6.1.aarch64.rpm mumble-64bit-1.2.19-bp151.6.6.1.aarch64_ilp32.rpm mumble-server-1.2.19-bp151.6.6.1.aarch64.rpm mumble-1.2.19-bp151.6.6.1.ppc64le.rpm mumble-server-1.2.19-bp151.6.6.1.ppc64le.rpm mumble-1.2.19-bp151.6.6.1.s390x.rpm mumble-server-1.2.19-bp151.6.6.1.s390x.rpm openSUSE-2020-138 moderate openSUSE Backports SLE-15-SP1 Update This update for python-virtualenvwrapper fixes the following issues: - Update to 4.8.4: * various typo / docu fixes * Support for python 3.7 - Use python3 instead of python2 boo#1159243 This update was imported from the openSUSE:Leap:15.1:Update update project. python-virtualenvwrapper-4.8.4-bp151.4.3.1.src.rpm python2-virtualenvwrapper-4.8.4-bp151.4.3.1.noarch.rpm python3-virtualenvwrapper-4.8.4-bp151.4.3.1.noarch.rpm openSUSE-2020-139 moderate openSUSE Backports SLE-15-SP1 Update This update for rubygem-excon fixes the following issues: CVE-2019-16779 (boo#1159342): Fix a race condition around persistent connections, where a connection, which was interrupted, would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. This update was imported from the openSUSE:Leap:15.1:Update update project. ruby2.5-rubygem-excon-0.59.0-bp151.4.3.1.x86_64.rpm ruby2.5-rubygem-excon-doc-0.59.0-bp151.4.3.1.x86_64.rpm ruby2.5-rubygem-excon-testsuite-0.59.0-bp151.4.3.1.x86_64.rpm rubygem-excon-0.59.0-bp151.4.3.1.src.rpm ruby2.5-rubygem-excon-0.59.0-bp151.4.3.1.aarch64.rpm ruby2.5-rubygem-excon-doc-0.59.0-bp151.4.3.1.aarch64.rpm ruby2.5-rubygem-excon-testsuite-0.59.0-bp151.4.3.1.aarch64.rpm ruby2.5-rubygem-excon-0.59.0-bp151.4.3.1.ppc64le.rpm ruby2.5-rubygem-excon-doc-0.59.0-bp151.4.3.1.ppc64le.rpm ruby2.5-rubygem-excon-testsuite-0.59.0-bp151.4.3.1.ppc64le.rpm ruby2.5-rubygem-excon-0.59.0-bp151.4.3.1.s390x.rpm ruby2.5-rubygem-excon-doc-0.59.0-bp151.4.3.1.s390x.rpm ruby2.5-rubygem-excon-testsuite-0.59.0-bp151.4.3.1.s390x.rpm openSUSE-2020-140 important openSUSE Backports SLE-15-SP1 Update This update for sarg fixes the following issues: - CVE-2019-18932: Fixed insecure usage of /tmp/sarg which potentially allowed privilege escalation or denial of service (boo#1156643). This update was imported from the openSUSE:Leap:15.1:Update update project. sarg-2.3.10-bp151.4.3.1.src.rpm sarg-2.3.10-bp151.4.3.1.x86_64.rpm sarg-2.3.10-bp151.4.3.1.aarch64.rpm sarg-2.3.10-bp151.4.3.1.ppc64le.rpm sarg-2.3.10-bp151.4.3.1.s390x.rpm openSUSE-2020-141 moderate openSUSE Backports SLE-15-SP1 Update This update for scap-workbench fixes the following issues: * security hardening for pk-exec usage (boo#1084706). This update was imported from the openSUSE:Leap:15.1:Update update project. scap-workbench-1.1.5-bp151.4.3.1.src.rpm scap-workbench-1.1.5-bp151.4.3.1.x86_64.rpm scap-workbench-doc-1.1.5-bp151.4.3.1.x86_64.rpm scap-workbench-1.1.5-bp151.4.3.1.aarch64.rpm scap-workbench-doc-1.1.5-bp151.4.3.1.aarch64.rpm scap-workbench-1.1.5-bp151.4.3.1.ppc64le.rpm scap-workbench-doc-1.1.5-bp151.4.3.1.ppc64le.rpm scap-workbench-1.1.5-bp151.4.3.1.s390x.rpm scap-workbench-doc-1.1.5-bp151.4.3.1.s390x.rpm openSUSE-2020-142 moderate openSUSE Backports SLE-15-SP1 Update This update for shadowsocks-libev fixes the following issues: - Update version to 3.3.3 * Refine the handling of suspicious connections. * Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality (boo#1158251, CVE-2019-5163) * Fix code execution vulnerability in the ss-manager binary (boo#1158365, CVE-2019-5164) * Refine the handling of fragment request. * Fix a high CPU bug introduced in 3.3.0. (#2449) * Enlarge the socket buffer size to 16KB. * Fix the empty list bug in ss-manager. * Fix the IPv6 address parser. * Fix a bug of port parser. * Fix a crash with MinGW. * Refine SIP003 plugin interface. * Remove connection timeout from all clients. * Fix the alignment bug again. * Fix a bug on 32-bit arch. * Add TCP fast open support to ss-tunnel by @PantherJohn. This update was imported from the openSUSE:Leap:15.1:Update update project. libshadowsocks-libev2-3.3.3-bp151.5.3.1.x86_64.rpm shadowsocks-libev-3.3.3-bp151.5.3.1.src.rpm shadowsocks-libev-3.3.3-bp151.5.3.1.x86_64.rpm shadowsocks-libev-devel-3.3.3-bp151.5.3.1.x86_64.rpm shadowsocks-libev-doc-3.3.3-bp151.5.3.1.noarch.rpm libshadowsocks-libev2-3.3.3-bp151.5.3.1.aarch64.rpm shadowsocks-libev-3.3.3-bp151.5.3.1.aarch64.rpm shadowsocks-libev-devel-3.3.3-bp151.5.3.1.aarch64.rpm libshadowsocks-libev2-3.3.3-bp151.5.3.1.ppc64le.rpm shadowsocks-libev-3.3.3-bp151.5.3.1.ppc64le.rpm shadowsocks-libev-devel-3.3.3-bp151.5.3.1.ppc64le.rpm libshadowsocks-libev2-3.3.3-bp151.5.3.1.s390x.rpm shadowsocks-libev-3.3.3-bp151.5.3.1.s390x.rpm shadowsocks-libev-devel-3.3.3-bp151.5.3.1.s390x.rpm openSUSE-2020-143 moderate openSUSE Backports SLE-15-SP1 Update This update for synergy fixes the following issues: - Added BuildRequires on xrandr and xinerama (boo#1158470) This update was imported from the openSUSE:Leap:15.1:Update update project. qsynergy-1.8.8-bp151.4.3.1.x86_64.rpm synergy-1.8.8-bp151.4.3.1.src.rpm synergy-1.8.8-bp151.4.3.1.x86_64.rpm qsynergy-1.8.8-bp151.4.3.1.aarch64.rpm synergy-1.8.8-bp151.4.3.1.aarch64.rpm qsynergy-1.8.8-bp151.4.3.1.ppc64le.rpm synergy-1.8.8-bp151.4.3.1.ppc64le.rpm qsynergy-1.8.8-bp151.4.3.1.s390x.rpm synergy-1.8.8-bp151.4.3.1.s390x.rpm openSUSE-2020-144 moderate openSUSE Backports SLE-15-SP1 Update This update for zstd fixes the following issues: Update to version 1.4.4 (boo#1161432): * perf: Improved decompression speed, by > 10% * perf: Better compression speed when re-using a context * perf: Fix compression ratio when compressing large files with small dictionary * perf: zstd reference encoder can generate RLE blocks * perf: minor generic speed optimization * api: new ability to extract sequences from the parser for analysis * api: fixed decoding of magic-less frames * api: fixed ZSTD_initCStream_advanced() performance with fast modes * cli: Named pipes support * cli: short tar's extension support * cli: command --output-dir-flat=DIE , generates target files into requested directory * cli: commands --stream-size=# and --size-hint=# * cli: command --exclude-compressed * cli: faster -t test mode * cli: improved some error messages * cli: fix rare deadlock condition within dictionary builder * misc: Improved documentation : ZSTD_CLEVEL, DYNAMIC_BMI2, ZSTD_CDict, function deprecation, zstd format * misc: fixed educational decoder : accept larger literals section, and removed UNALIGNED() macro Update to version 1.4.3 * bug: Fix Dictionary Compression Ratio Regression (#1709) * bug: Fix Buffer Overflow in v0.3 Decompression (#1722) * build: Add support for IAR C/C++ Compiler for Arm (#1705) * misc: Add NULL pointer check in util.c (#1706) This update was imported from the openSUSE:Leap:15.1:Update update project. libzstd-devel-1.4.4-bp151.4.6.1.x86_64.rpm libzstd-devel-static-1.4.4-bp151.4.6.1.x86_64.rpm libzstd1-1.4.4-bp151.4.6.1.x86_64.rpm zstd-1.4.4-bp151.4.6.1.src.rpm zstd-1.4.4-bp151.4.6.1.x86_64.rpm libzstd-devel-1.4.4-bp151.4.6.1.aarch64.rpm libzstd-devel-static-1.4.4-bp151.4.6.1.aarch64.rpm libzstd1-1.4.4-bp151.4.6.1.aarch64.rpm libzstd1-64bit-1.4.4-bp151.4.6.1.aarch64_ilp32.rpm zstd-1.4.4-bp151.4.6.1.aarch64.rpm libzstd-devel-1.4.4-bp151.4.6.1.ppc64le.rpm libzstd-devel-static-1.4.4-bp151.4.6.1.ppc64le.rpm libzstd1-1.4.4-bp151.4.6.1.ppc64le.rpm zstd-1.4.4-bp151.4.6.1.ppc64le.rpm libzstd-devel-1.4.4-bp151.4.6.1.s390x.rpm libzstd-devel-static-1.4.4-bp151.4.6.1.s390x.rpm libzstd1-1.4.4-bp151.4.6.1.s390x.rpm zstd-1.4.4-bp151.4.6.1.s390x.rpm openSUSE-2020-146 important openSUSE Backports SLE-15-SP1 Update This update for apt-cacher-ng fixes the following issues: - CVE-2019-18899: Fixed a symlink attack which could allow to overwrite arbitrary data (boo#1157703). - CVE-2020-5202: Fixed an information leak if a local user won a race condition to listen to localhost:3142 (boo#1157706). This update was imported from the openSUSE:Leap:15.1:Update update project. apt-cacher-ng-3.1-bp151.4.3.1.src.rpm apt-cacher-ng-3.1-bp151.4.3.1.x86_64.rpm apt-cacher-ng-3.1-bp151.4.3.1.aarch64.rpm apt-cacher-ng-3.1-bp151.4.3.1.ppc64le.rpm apt-cacher-ng-3.1-bp151.4.3.1.s390x.rpm openSUSE-2020-164 moderate openSUSE Backports SLE-15-SP1 Update This update for kio fixes the following issues: - Fix a possible crash when copying an already existing dir and pressing "Skip" (boo#1161851, kde#408350) kio-5.55.0-bp151.4.6.1.src.rpm kio-5.55.0-bp151.4.6.1.x86_64.rpm kio-core-5.55.0-bp151.4.6.1.x86_64.rpm kio-devel-5.55.0-bp151.4.6.1.x86_64.rpm kio-lang-5.55.0-bp151.4.6.1.noarch.rpm kio-5.55.0-bp151.4.6.1.aarch64.rpm kio-64bit-5.55.0-bp151.4.6.1.aarch64_ilp32.rpm kio-core-5.55.0-bp151.4.6.1.aarch64.rpm kio-core-64bit-5.55.0-bp151.4.6.1.aarch64_ilp32.rpm kio-devel-5.55.0-bp151.4.6.1.aarch64.rpm kio-devel-64bit-5.55.0-bp151.4.6.1.aarch64_ilp32.rpm kio-5.55.0-bp151.4.6.1.ppc64le.rpm kio-core-5.55.0-bp151.4.6.1.ppc64le.rpm kio-devel-5.55.0-bp151.4.6.1.ppc64le.rpm kio-5.55.0-bp151.4.6.1.s390x.rpm kio-core-5.55.0-bp151.4.6.1.s390x.rpm kio-devel-5.55.0-bp151.4.6.1.s390x.rpm openSUSE-2020-156 moderate openSUSE Backports SLE-15-SP1 Update This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a privilege escalation during package install. Could be exploited by a local users who is members of the the mailman group. (boo#1154328) This update was imported from the openSUSE:Leap:15.1:Update update project. mailman-2.1.29-bp151.5.3.1.src.rpm mailman-2.1.29-bp151.5.3.1.x86_64.rpm mailman-2.1.29-bp151.5.3.1.aarch64.rpm mailman-2.1.29-bp151.5.3.1.ppc64le.rpm mailman-2.1.29-bp151.5.3.1.s390x.rpm openSUSE-2020-176 moderate openSUSE Backports SLE-15-SP1 Update This update for gajim, python-nbxmpp fixes the following issues: gajim: - Always use the system certificates and remove the provided one, fix build with newer ca-certificates bundle (boo#1159017) - Require python3-nbxmpp greater than 0.6.9 (boo#1123247) - Add Requires for python3-precis-i18n (boo#1116161). - Update to 1.1.3: New: * Add a mobile phone indicator to the chat window * Rework HTTPUpload dialog * Add a "paste as quote" option to the message input Bug fixes: * #8822 Fix memory leak when using spell checker * #9514 Fix jingle filetransfers not working in some circumstances * #9573 Dont leak DNS query when connecting over proxy * #9578 Determine Windows version more reliably * #9622 Fix an error while quitting Gajim * #9633 Fix an error while sending a file * #9637 Restore window size correctly on wayland * #9660 GPG Agent setting is ignored * #9645 Make zeroconf IPV6 compatible * Improve dark theme colors * Fix access to GnuPG keys * Use UUID4 item ids for pubsub posts * Dont send invalid show values * Various smaller improvements - Update to 1.1.2: * #9518 Windows: Pressing "^" yields "^^" * #9522 Windows: Switching keyboard layouts leads to a crash * #9525 Windows/Mac: Links are not clickable in the About dialog * #9535 Jingle Audio: Update codecs * #9537 DiscoveryWindow: Fix bookmarking a group chat * DBus: Correctly raise NewMessage signal * Clicking on tray notifications does not open the chat - Update to 1.1.1: * 8362 DBus: Incorrect unread message count * 9427 Placeholder not cleared if pasting text into message input * 9444 Determine the delay timestamp correctly when using mam:1 * 9453 Fix opening links inside the group chat subject (MacOS/Windows) * 9465 Allow the full range of possible nicknames in group chats * 9067 Gajim crashes when receiving xhtml messages * 9096 Error when clicking on a subscription notification * 9446 Chatstate error in MUC conversation * 9471 Conversation Textview: Error on key press * 9472 Handle presences without from attr correctly * 9473 Error when creating a new group chat * 9491 Identify group chat subject changes correctly * 9496 Error on MUC roster selection change * Determine soundplayer correctly on unix systems * In some circumstances plugins could not be deleted * Show correct contact status on tabs * Dont answer group chat receipt requests * Fix receipts for private messages * Pressing the back button in the Accounts window leads to an error * Better handle not available keyring backends * Dont show incorrect contact on private messages * Join group chat menu is disabled when there are no bookmarks * Error on start chat menu action * Error when opening sign-in/out notification * Copying text does not work with different keyboard layouts - Update to 1.1.0: * Remove support for XEP-0091 * 8968 Windows: Gajim loads DLLs from wrong location * 9322 Error when adding contact * 9357 Acquire sleep inhibtor correctly after sleep * 9385 Ignore invalid bookmarks * 9386 Discovery: Browsing nodes without identity * 9393 Error when parsing invalid timestamps * 9398 Error on jingle file transfer - For complete ChangeLog from 1.0.99 and 1.0.99.1 please see installed ChaneLog file python-nbxmpp: - Update to 0.6.10: * Add support for domain based name in features for GSSAPI * Fix usage of BOSH * Fix Jingle hash namespace - Update to version 0.6.9 (boo#1123247): * Always bind after SM failed Fixes #64 * Dont try and guess system language - Update to version 0.6.8 (changes since 0.6.6): * Raise default TLS version to 1.2. * Remove DIGEST-MD5 from the default auth mechs. * Add STANZA RECEIVED Event (some servers send more than one stanza in one packet). * Add alternative locations to load TLS certs from. * Reset SM counter after receiving <enabled>. * Issue event when SM resume fails. This update was imported from the openSUSE:Leap:15.1:Update update project. gajim-1.1.3-bp151.5.3.1.noarch.rpm gajim-1.1.3-bp151.5.3.1.src.rpm gajim-lang-1.1.3-bp151.5.3.1.noarch.rpm python-nbxmpp-0.6.10-bp151.4.3.1.src.rpm python2-nbxmpp-0.6.10-bp151.4.3.1.noarch.rpm python2-nbxmpp-doc-0.6.10-bp151.4.3.1.noarch.rpm python3-nbxmpp-0.6.10-bp151.4.3.1.noarch.rpm python3-nbxmpp-doc-0.6.10-bp151.4.3.1.noarch.rpm openSUSE-2020-177 moderate openSUSE Backports SLE-15-SP1 Update This update for libisds fixes the following issues: - Version bump to 0.11: * mobile key authentication * manual pages are generated * compatibility with OpenSSL 1.1.0 - Adjust SRPM group. - Use the default GPGme library instead of OpenSSL [boo#1135761] This update was imported from the openSUSE:Leap:15.1:Update update project. libisds-0.11-bp151.5.3.1.src.rpm libisds-devel-0.11-bp151.5.3.1.x86_64.rpm libisds5-0.11-bp151.5.3.1.x86_64.rpm libisds-devel-0.11-bp151.5.3.1.aarch64.rpm libisds5-0.11-bp151.5.3.1.aarch64.rpm libisds-devel-0.11-bp151.5.3.1.ppc64le.rpm libisds5-0.11-bp151.5.3.1.ppc64le.rpm libisds-devel-0.11-bp151.5.3.1.s390x.rpm libisds5-0.11-bp151.5.3.1.s390x.rpm openSUSE-2020-178 moderate openSUSE Backports SLE-15-SP1 Update This update for obs-service-format_spec_file fixes the following issues: - Update copyright removing the closing colon, according to the SUSE standards. (bsc#1160801) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. obs-service-format_spec_file-20191114-bp151.2.3.1.noarch.rpm obs-service-format_spec_file-20191114-bp151.2.3.1.src.rpm openSUSE-2020-179 moderate openSUSE Backports SLE-15-SP1 Update This update for ucl fixes the following issues: CVE-2018-11243: Fix remotely triggerable DoS via double free (boo#1094138) This update was imported from the openSUSE:Leap:15.1:Update update project. libucl1-1.03-bp151.4.3.1.x86_64.rpm ucl-1.03-bp151.4.3.1.src.rpm ucl-devel-1.03-bp151.4.3.1.x86_64.rpm libucl1-1.03-bp151.4.3.1.aarch64.rpm ucl-devel-1.03-bp151.4.3.1.aarch64.rpm libucl1-1.03-bp151.4.3.1.ppc64le.rpm ucl-devel-1.03-bp151.4.3.1.ppc64le.rpm libucl1-1.03-bp151.4.3.1.s390x.rpm ucl-devel-1.03-bp151.4.3.1.s390x.rpm openSUSE-2020-180 moderate openSUSE Backports SLE-15-SP1 Update This update for upx to version 3.96 fixes the following issues: - CVE-2019-1010048: Fixed a denial of service in PackLinuxElf32::PackLinuxElf32help1() (boo#1141777). - CVE-2019-14296: Fixed a denial of service in canUnpack() (boo#1143839). - CVE-2019-20021: Fixed a heap-based buffer over-read in canUnpack() (boo#1159833). - CVE-2019-20053: Fixed a denial of service in canUnpack() (boo#1159920). - CVE-2018-11243: Fixed a denial of service in PackLinuxElf64::unpack() (boo#1094138). - Update to version 3.96 * Bug fixes: [CVE-2019-1010048, boo#1141777] [CVE-2019-14296, boo#1143839] [CVE-2019-20021, boo#1159833] [CVE-2019-20053, boo#1159920] [CVE-2018-11243 partially - ticket 206 ONLY, boo#1094138] - Update to version 3.95 * Flag --force-pie when ET_DYN main program is not marked as DF_1_PIE * Better compatibility with varying layout of address space on Linux * Support for 4 PT_LOAD layout in ELF generated by binutils-2.31 * bug fixes, particularly better diagnosis of malformed input * bug fixes - see https://github.com/upx/upx/milestone/4 This update was imported from the openSUSE:Leap:15.1:Update update project. upx-3.96-bp151.4.3.1.src.rpm upx-3.96-bp151.4.3.1.x86_64.rpm upx-3.96-bp151.4.3.1.aarch64.rpm upx-3.96-bp151.4.3.1.ppc64le.rpm upx-3.96-bp151.4.3.1.s390x.rpm openSUSE-2020-193 moderate openSUSE Backports SLE-15-SP1 Update This update for kiten fixes the following issues: - Don't use data files from the edict package, they are not compatible (boo#1162654) fonts-KanjiStrokeOrders-18.12.3-bp151.3.3.1.noarch.rpm kiten-18.12.3-bp151.3.3.1.src.rpm kiten-18.12.3-bp151.3.3.1.x86_64.rpm kiten-devel-18.12.3-bp151.3.3.1.x86_64.rpm kiten-lang-18.12.3-bp151.3.3.1.noarch.rpm kiten-18.12.3-bp151.3.3.1.aarch64.rpm kiten-devel-18.12.3-bp151.3.3.1.aarch64.rpm kiten-18.12.3-bp151.3.3.1.ppc64le.rpm kiten-devel-18.12.3-bp151.3.3.1.ppc64le.rpm kiten-18.12.3-bp151.3.3.1.s390x.rpm kiten-devel-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-181 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: - Fix bash-completion paths to match the binary names (and to avoid conflicts with LXD). boo#1162426 - Fixed "Containers fail to start regression lxc 3.2" This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-3.2.1-bp151.5.6.1.x86_64.rpm liblxc1-3.2.1-bp151.5.6.1.x86_64.rpm lxc-3.2.1-bp151.5.6.1.src.rpm lxc-3.2.1-bp151.5.6.1.x86_64.rpm lxc-bash-completion-3.2.1-bp151.5.6.1.noarch.rpm pam_cgfs-3.2.1-bp151.5.6.1.x86_64.rpm liblxc-devel-3.2.1-bp151.5.6.1.aarch64.rpm liblxc1-3.2.1-bp151.5.6.1.aarch64.rpm lxc-3.2.1-bp151.5.6.1.aarch64.rpm pam_cgfs-3.2.1-bp151.5.6.1.aarch64.rpm liblxc-devel-3.2.1-bp151.5.6.1.ppc64le.rpm liblxc1-3.2.1-bp151.5.6.1.ppc64le.rpm lxc-3.2.1-bp151.5.6.1.ppc64le.rpm pam_cgfs-3.2.1-bp151.5.6.1.ppc64le.rpm liblxc-devel-3.2.1-bp151.5.6.1.s390x.rpm liblxc1-3.2.1-bp151.5.6.1.s390x.rpm lxc-3.2.1-bp151.5.6.1.s390x.rpm pam_cgfs-3.2.1-bp151.5.6.1.s390x.rpm openSUSE-2020-182 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: - Update to 1.1.8 (boo#1099674): * Change libexecdir substitution to do /usr/libexec to %{_libexecdir} * Exclude apache_rex_check from bracketing * Add testscase for boolean dependencies that gets mangled currently * Do not remove -p0 from autosetup * Use %make_build if possible issue * Teach spec-cleaner to not break the %elif* macros added with rpm 4.15 * Fixup the nested boolean dependencies * Fixup whitespace reported by flake8 * Set explicit urllib timeout issue * Replace more stuff for %make build This update was imported from the openSUSE:Leap:15.1:Update update project. spec-cleaner-1.1.8-bp151.3.15.1.noarch.rpm spec-cleaner-1.1.8-bp151.3.15.1.src.rpm spec-cleaner-format_spec_file-1.1.8-bp151.3.15.1.noarch.rpm openSUSE-2020-188 moderate openSUSE Backports SLE-15-SP1 Update This update for umoci fixes the following issues: - Enable build for s390x on openSUSE - Update to umoci v0.4.4. * Added full-stack verification of blob hashes and descriptors for all operations (improving our hardening against bad images). * For details, see CHANGELOG.md in the package. - Update to umoci v0.4.3. * Added --no-history to all commands with --history.* flags. Should only be used for umoci-config(1). * Added `umoci insert --tag` to allow non-destructive modifications. * For details, see packaged /usr/share/doc/packages/umoci/CHANGELOG.md. - Update to umoci v0.4.2. * umoci now has an exposed Go API * Added `umoci unpack --keep-dirlinks` * `umoci insert` now supports whiteouts two ways. * For details, see CHANGELOG.md in the package. - Update to umoci v0.4.1. * Support more tags (the valid set of characters in tags has expanded). * Add 'umoci insert' and 'umoci raw unpack'. * 'umoci unpack' correctly handles out-of-order whiteouts now. * 'umoci unpack' and 'umoci repack' make sure of a more optimised gzip implementation now -- in some benchmarks 'umoci repack' can have a speedup of up to 3x. * For details, see CHANGELOG.md in the package. - Update to umoci v0.4.0. Upstream changelog: + `umoci repack` now supports `--refresh-bundle` which will update the OCI bundle's metadata (mtree and umoci-specific manifests) after packing the image tag. This means that the bundle can be used as a base layer for future diffs without needing to unpack the image again. openSUSE/umoci#196 + Added a website, and reworked the documentation to be better structured. You can visit the website at [`umo.ci`][umo.ci]. openSUSE/umoci#188 + Added support for the `user.rootlesscontainers` specification, which allows for persistent on-disk emulation of `chown(2)` inside rootless containers. This implementation is interoperable with [@AkihiroSuda's `PRoot` fork][as-proot-fork] (though we do not test its interoperability at the moment) as both tools use [the same protobuf specification][rootlesscontainers-proto]. openSUSE/umoci#227 + `umoci unpack` now has support for opaque whiteouts (whiteouts which remove all children of a directory in the lower layer), though `umoci repack` does not currently have support for generating them. While this is technically a spec requirement, through testing we've never encountered an actual user of these whiteouts. openSUSE/umoci#224 openSUSE/umoci#229 + `umoci unpack` will now use some rootless tricks inside user namespaces for operations that are known to fail (such as `mknod(2)`) while other operations will be carried out as normal (such as `lchown(2)`). It should be noted that the `/proc/self/uid_map` checking we do can be tricked into not detecting user namespaces, but you would need to be trying to break it on purpose. openSUSE/umoci#171 openSUSE/umoci#230 * Fix a bug in our "parent directory restore" code, which is responsible for ensuring that the mtime and other similar properties of a directory are not modified by extraction inside said directory. The bug would manifest as xattrs not being restored properly in certain edge-cases (which we incidentally hit in a test-case). openSUSE/umoci#161 openSUSE/umoci#162 * `umoci unpack` will now "clean up" the bundle generated if an error occurs during unpacking. Previously this didn't happen, which made cleaning up the responsibility of the caller (which was quite difficult if you were unprivileged). This is a breaking change, but is in the error path so it's not critical. openSUSE/umoci#174 openSUSE/umoci#187 * `umoci gc` now will no longer remove unknown files and directories that aren't `flock(2)`ed, thus ensuring that any possible OCI image-spec extensions or other users of an image being operated on will no longer break. openSUSE/umoci#198 * `umoci unpack --rootless` will now correctly handle regular file unpacking when overwriting a file that `umoci` doesn't have write access to. In addition, the semantics of pre-existing hardlinks to a clobbered file are clarified (the hard-links will not refer to the new layer's inode). openSUSE/umoci#222 openSUSE/umoci#223 [as-proot-fork]: https://github.com/AkihiroSuda/runrootless [rootlesscontainers-proto]: https://rootlesscontaine.rs/proto/rootlesscontainers.proto [umo.ci]: https://umo.ci/ This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. umoci-0.4.4-bp151.2.3.1.src.rpm umoci-0.4.4-bp151.2.3.1.x86_64.rpm umoci-0.4.4-bp151.2.3.1.aarch64.rpm umoci-0.4.4-bp151.2.3.1.ppc64le.rpm umoci-0.4.4-bp151.2.3.1.s390x.rpm openSUSE-2020-210 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to version 80.0.3987.87 (boo#1162833). Security issues fixed: - CVE-2020-6381: Integer overflow in JavaScript (boo#1162833). - CVE-2020-6382: Type Confusion in JavaScript (boo#1162833). - CVE-2019-18197: Multiple vulnerabilities in XML (boo#1162833). - CVE-2019-19926: Inappropriate implementation in SQLite (boo#1162833). - CVE-2020-6385: Insufficient policy enforcement in storage (boo#1162833). - CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite (boo#1162833). - CVE-2020-6387: Out of bounds write in WebRTC (boo#1162833). - CVE-2020-6388: Out of bounds memory access in WebAudio (boo#1162833). - CVE-2020-6389: Out of bounds write in WebRTC (boo#1162833). - CVE-2020-6390: Out of bounds memory access in streams (boo#1162833). - CVE-2020-6391: Insufficient validation of untrusted input in Blink (boo#1162833). - CVE-2020-6392: Insufficient policy enforcement in extensions (boo#1162833). - CVE-2020-6393: Insufficient policy enforcement in Blink (boo#1162833). - CVE-2020-6394: Insufficient policy enforcement in Blink (boo#1162833). - CVE-2020-6395: Out of bounds read in JavaScript (boo#1162833). - CVE-2020-6396: Inappropriate implementation in Skia (boo#1162833). - CVE-2020-6397: Incorrect security UI in sharing (boo#1162833). - CVE-2020-6398: Uninitialized use in PDFium (boo#1162833). - CVE-2020-6399: Insufficient policy enforcement in AppCache (boo#1162833). - CVE-2020-6400: Inappropriate implementation in CORS (boo#1162833). - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox (boo#1162833). - CVE-2020-6402: Insufficient policy enforcement in downloads (boo#1162833). - CVE-2020-6403: Incorrect security UI in Omnibox (boo#1162833). - CVE-2020-6404: Inappropriate implementation in Blink (boo#1162833). - CVE-2020-6405: Out of bounds read in SQLite (boo#1162833). - CVE-2020-6406: Use after free in audio (boo#1162833). - CVE-2019-19923: Out of bounds memory access in SQLite (boo#1162833). - CVE-2020-6408: Insufficient policy enforcement in CORS (boo#1162833). - CVE-2020-6409: Inappropriate implementation in Omnibox (boo#1162833). - CVE-2020-6410: Insufficient policy enforcement in navigation (boo#1162833). - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox (boo#1162833). - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox (boo#1162833). - CVE-2020-6413: Inappropriate implementation in Blink (boo#1162833). - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing (boo#1162833). - CVE-2020-6415: Inappropriate implementation in JavaScript (boo#1162833). - CVE-2020-6416: Insufficient data validation in streams (boo#1162833). - CVE-2020-6417: Inappropriate implementation in installer (boo#1162833). This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-80.0.3987.87-bp151.3.59.1.x86_64.rpm chromium-80.0.3987.87-bp151.3.59.1.src.rpm chromium-80.0.3987.87-bp151.3.59.1.x86_64.rpm chromedriver-80.0.3987.87-bp151.3.59.1.aarch64.rpm chromium-80.0.3987.87-bp151.3.59.1.aarch64.rpm openSUSE-2020-220 moderate openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: Nextcloud was updated to 15.0.14: - NC-SA-2020-002, CVE-2019-15613: workflow rules to depend their behaviour on the file extension when checking file mimetypes (boo#1162766) - NC-SA-2019-016, CVE-2019-15623: Exposure of Private Information caused the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled (boo#1162775) - NC-SA-2019-015, CVE-2019-15624: Improper Input Validation allowed group admins to create users with IDs of system folders (boo#1162776) - NC-SA-2019-012, CVE-2020-8119: Improper authorization caused leaking of previews and files when a file-drop share link is opened via the gallery app (boo#1162781) - NC-SA-2019-014, CVE-2020-8118: An authenticated server-side request forgery allowed to detect local and remote services when adding a new subscription in the calendar application (boo#1162782) - NC-SA-2020-012, CVE-2019-15621: Improper permissions preservation causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link (boo#1162784) - To many changes. For detail see: https://nextcloud.com/changelog/ nextcloud was updated to 13.0.12: - Fix NC-SA-2020-001 - To many changes. For detail see: https://nextcloud.com/changelog/ nextcloud-15.0.14-bp151.3.3.1.noarch.rpm nextcloud-15.0.14-bp151.3.3.1.src.rpm openSUSE-2020-222 moderate openSUSE Backports SLE-15-SP1 Update This update for hostapd fixes the following issues: hostapd was updated to version 2.9: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * fixed FT-EAP initial mobility domain association using PMKSA caching * added configuration of airtime policy * fixed FILS to and RSNE into (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * added support for regulatory WMM limitation (for ETSI) * added support for MACsec Key Agreement using IEEE 802.1X/PSK * added experimental support for EAP-TEAP server (RFC 7170) * added experimental support for EAP-TLS server with TLS v1.3 * added support for two server certificates/keys (RSA/ECC) * added AKMSuiteSelector into "STA <addr>" control interface data to determine with AKM was used for an association * added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and fast reauthentication use to be disabled * fixed an ECDH operation corner case with OpenSSL Update to version 2.8 * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only group 19 (i.e., disable groups 20, 21, 25, 26 from default configuration) and disable all unsuitable groups completely based on REVmd changes - improved anti-clogging token mechanism and SAE authentication frame processing during heavy CPU load; this mitigates some issues with potential DoS attacks trying to flood an AP with large number of SAE messages - added Finite Cyclic Group field in status code 77 responses - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494) - fixed confirm message validation in error cases [https://w1.fi/security/2019-3/] (CVE-2019-9496) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495) - verify peer scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) * Hotspot 2.0 changes - added support for release number 3 - reject release 2 or newer association without PMF * added support for RSN operating channel validation (CONFIG_OCV=y and configuration parameter ocv=1) * added Multi-AP protocol support * added FTM responder configuration * fixed build with LibreSSL * added FT/RRB workaround for short Ethernet frame padding * fixed KEK2 derivation for FILS+FT * added RSSI-based association rejection from OCE * extended beacon reporting functionality * VLAN changes - allow local VLAN management with remote RADIUS authentication - add WPA/WPA2 passphrase/PSK -based VLAN assignment * OpenSSL: allow systemwide policies to be overridden * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * fixed FT and SA Query Action frame with AP-MLME-in-driver cases * OWE: allow Diffie-Hellman Parameter element to be included with DPP in preparation for DPP protocol extension * RADIUS server: started to accept ERP keyName-NAI as user identity automatically without matching EAP database entry * fixed PTK rekeying with FILS and FT wpa_supplicant: * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes - do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms - fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP - started to prefer FT-SAE over SAE AKM if both are enabled - started to prefer FT-SAE over FT-PSK if both are enabled - fixed FT-SAE when SAE PMKSA caching is used - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495) - verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9499) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) * fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y * Hotspot 2.0 changes - do not indicate release number that is higher than the one AP supports - added support for release number 3 - enable PMF automatically for network profiles created from credentials * fixed OWE network profile saving * fixed DPP network profile saving * added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1) * added Multi-AP backhaul STA support * fixed build with LibreSSL * number of MKA/MACsec fixes and extensions * extended domain_match and domain_suffix_match to allow list of values * fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL * started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled * extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384 * fixed KEK2 derivation for FILS+FT * extended client_cert file to allow loading of a chain of PEM encoded certificates * extended beacon reporting functionality * extended D-Bus interface with number of new properties * fixed a regression in FT-over-DS with mac80211-based drivers * OpenSSL: allow systemwide policies to be overridden * extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability * added support for random P2P Device/Interface Address use * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS) * extended domain_match and domain_suffix_match to allow list of values * added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order * fixed PTK rekeying with FILS and FT - Enabled CLI editing and history support. Update to version 2.7 * fixed WPA packet number reuse with replayed messages and key reinstallation [http://w1.fi/security/2017-1/] (CVE-2017-13082) (boo#1056061) * added support for FILS (IEEE 802.11ai) shared key authentication * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA) * added support for DPP (Wi-Fi Device Provisioning Protocol) * FT: - added local generation of PMK-R0/PMK-R1 for FT-PSK (ft_psk_generate_local=1) - replaced inter-AP protocol with a cleaner design that is more easily extensible; this breaks backward compatibility and requires all APs in the ESS to be updated at the same time to maintain FT functionality - added support for wildcard R0KH/R1KH - replaced r0_key_lifetime (minutes) parameter with ft_r0_key_lifetime (seconds) - fixed wpa_psk_file use for FT-PSK - fixed FT-SAE PMKID matching - added expiration to PMK-R0 and PMK-R1 cache - added IEEE VLAN support (including tagged VLANs) - added support for SHA384 based AKM * SAE - fixed some PMKSA caching cases with SAE - added support for configuring SAE password separately of the WPA2 PSK/passphrase - added option to require MFP for SAE associations (sae_require_pmf=1) - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability - added support for Password Identifier * hostapd_cli: added support for command history and completion * added support for requesting beacon report * large number of other fixes, cleanup, and extensions * added option to configure EAPOL-Key retry limits (wpa_group_update_count and wpa_pairwise_update_count) * removed all PeerKey functionality * fixed nl80211 AP mode configuration regression with Linux 4.15 and newer * added support for using wolfSSL cryptographic library * fixed some 20/40 MHz coexistence cases where the BSS could drop to 20 MHz even when 40 MHz would be allowed * Hotspot 2.0 - added support for setting Venue URL ANQP-element (venue_url) - added support for advertising Hotspot 2.0 operator icons - added support for Roaming Consortium Selection element - added support for Terms and Conditions - added support for OSEN connection in a shared RSN BSS * added support for using OpenSSL 1.1.1 * added EAP-pwd server support for salted passwords hostapd-2.9-bp151.5.3.1.src.rpm hostapd-2.9-bp151.5.3.1.x86_64.rpm hostapd-2.9-bp151.5.3.1.aarch64.rpm hostapd-2.9-bp151.5.3.1.ppc64le.rpm hostapd-2.9-bp151.5.3.1.s390x.rpm openSUSE-2020-227 moderate openSUSE Backports SLE-15-SP1 Update This update for python-typed-ast to version 1.4.1 fixes the following issues: Security issue fixed: - Fixed two out-of-bounds array reads (#99). Non-security issues fixed: - update to version 1.4.1: * Clean up old build scripts (#123) * Build artifacts for 3.8 (#127) * Fix build on cpython (3.9) master branch (#128) - version update to 1.4.0 * Fix compilation on Python 3.8 - Do not use the %pytest_arch call but expand it as the tests seem to need more verbosity otherwise they fail sometimes (fishy, but works) - Use %pytest_arch - Add missing fdupes call - version update to 1.3.5 * Counteract PyTuple_SetItem stealing reference in _PyObject_FastCall fallback (#104) - run tests - update to version 1.3.4: * Oops: add the pgenheaders files to the depends lists - update to version 1.3.3: * Don't rely on Python's pgenheaders.h (#101) This update was imported from the openSUSE:Leap:15.1:Update update project. python-typed-ast-1.4.1-bp151.2.3.1.src.rpm python3-typed-ast-1.4.1-bp151.2.3.1.x86_64.rpm python3-typed-ast-1.4.1-bp151.2.3.1.aarch64.rpm python3-typed-ast-1.4.1-bp151.2.3.1.ppc64le.rpm openSUSE-2020-224 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut through the -mini flavors. This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-3.2.1-bp151.5.9.1.x86_64.rpm liblxc1-3.2.1-bp151.5.9.1.x86_64.rpm lxc-3.2.1-bp151.5.9.1.src.rpm lxc-3.2.1-bp151.5.9.1.x86_64.rpm lxc-bash-completion-3.2.1-bp151.5.9.1.noarch.rpm pam_cgfs-3.2.1-bp151.5.9.1.x86_64.rpm liblxc-devel-3.2.1-bp151.5.9.1.aarch64.rpm liblxc1-3.2.1-bp151.5.9.1.aarch64.rpm lxc-3.2.1-bp151.5.9.1.aarch64.rpm pam_cgfs-3.2.1-bp151.5.9.1.aarch64.rpm liblxc-devel-3.2.1-bp151.5.9.1.ppc64le.rpm liblxc1-3.2.1-bp151.5.9.1.ppc64le.rpm lxc-3.2.1-bp151.5.9.1.ppc64le.rpm pam_cgfs-3.2.1-bp151.5.9.1.ppc64le.rpm liblxc-devel-3.2.1-bp151.5.9.1.s390x.rpm liblxc1-3.2.1-bp151.5.9.1.s390x.rpm lxc-3.2.1-bp151.5.9.1.s390x.rpm pam_cgfs-3.2.1-bp151.5.9.1.s390x.rpm openSUSE-2020-229 moderate openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: Nextcloud was updated to 15.0.14: - NC-SA-2020-002, CVE-2019-15613: workflow rules to depend their behaviour on the file extension when checking file mimetypes (boo#1162766) - NC-SA-2019-016, CVE-2019-15623: Exposure of Private Information caused the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled (boo#1162775) - NC-SA-2019-015, CVE-2019-15624: Improper Input Validation allowed group admins to create users with IDs of system folders (boo#1162776) - NC-SA-2019-012, CVE-2020-8119: Improper authorization caused leaking of previews and files when a file-drop share link is opened via the gallery app (boo#1162781) - NC-SA-2019-014, CVE-2020-8118: An authenticated server-side request forgery allowed to detect local and remote services when adding a new subscription in the calendar application (boo#1162782) - NC-SA-2020-012, CVE-2019-15621: Improper permissions preservation causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link (boo#1162784) - To many changes. For detail see: https://nextcloud.com/changelog/ nextcloud was updated to 13.0.12: - Fix NC-SA-2020-001 - To many changes. For detail see: https://nextcloud.com/changelog/ This update was imported from the openSUSE:Leap:15.1:Update update project. nextcloud-15.0.14-bp151.3.6.1.noarch.rpm nextcloud-15.0.14-bp151.3.6.1.src.rpm openSUSE-2020-241 moderate openSUSE Backports SLE-15-SP1 Update This update for calamares fixes the following issues: - Exclude /etc/dracut.conf.d/02-livecd.conf from copying into filesystem, otherwise installation may fail with with "Failed to run dracut on the target" error (boo#1159739) This update was imported from the openSUSE:Leap:15.1:Update update project. calamares-3.2.15-bp151.4.6.2.src.rpm calamares-3.2.15-bp151.4.6.2.x86_64.rpm calamares-branding-upstream-3.2.15-bp151.4.6.2.noarch.rpm calamares-webview-3.2.15-bp151.4.6.2.x86_64.rpm calamares-3.2.15-bp151.4.6.2.aarch64.rpm calamares-webview-3.2.15-bp151.4.6.2.aarch64.rpm openSUSE-2020-239 moderate openSUSE Backports SLE-15-SP1 Update This update for akonadi-server fixes the following issues: - Fixed a possible crash on exit (kde#401692) This update was imported from the openSUSE:Leap:15.1:Update update project. akonadi-server-18.12.3-bp151.4.6.1.src.rpm akonadi-server-18.12.3-bp151.4.6.1.x86_64.rpm akonadi-server-devel-18.12.3-bp151.4.6.1.x86_64.rpm akonadi-server-lang-18.12.3-bp151.4.6.1.noarch.rpm akonadi-server-sqlite-18.12.3-bp151.4.6.1.x86_64.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.6.1.x86_64.rpm libKF5AkonadiCore5-18.12.3-bp151.4.6.1.x86_64.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.6.1.x86_64.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.6.1.x86_64.rpm libKF5AkonadiXml5-18.12.3-bp151.4.6.1.x86_64.rpm akonadi-server-18.12.3-bp151.4.6.1.aarch64.rpm akonadi-server-devel-18.12.3-bp151.4.6.1.aarch64.rpm akonadi-server-sqlite-18.12.3-bp151.4.6.1.aarch64.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.6.1.aarch64.rpm libKF5AkonadiCore5-18.12.3-bp151.4.6.1.aarch64.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.6.1.aarch64.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.6.1.aarch64.rpm libKF5AkonadiXml5-18.12.3-bp151.4.6.1.aarch64.rpm akonadi-server-18.12.3-bp151.4.6.1.ppc64le.rpm akonadi-server-devel-18.12.3-bp151.4.6.1.ppc64le.rpm akonadi-server-sqlite-18.12.3-bp151.4.6.1.ppc64le.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.6.1.ppc64le.rpm libKF5AkonadiCore5-18.12.3-bp151.4.6.1.ppc64le.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.6.1.ppc64le.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.6.1.ppc64le.rpm libKF5AkonadiXml5-18.12.3-bp151.4.6.1.ppc64le.rpm akonadi-server-18.12.3-bp151.4.6.1.s390x.rpm akonadi-server-devel-18.12.3-bp151.4.6.1.s390x.rpm akonadi-server-sqlite-18.12.3-bp151.4.6.1.s390x.rpm libKF5AkonadiAgentBase5-18.12.3-bp151.4.6.1.s390x.rpm libKF5AkonadiCore5-18.12.3-bp151.4.6.1.s390x.rpm libKF5AkonadiPrivate5-18.12.3-bp151.4.6.1.s390x.rpm libKF5AkonadiWidgets5-18.12.3-bp151.4.6.1.s390x.rpm libKF5AkonadiXml5-18.12.3-bp151.4.6.1.s390x.rpm openSUSE-2020-240 moderate openSUSE Backports SLE-15-SP1 Update This update for ebook-tools fixes the following issues: * Fix a crash when a navPoint in toc.ncx has no navLabel, see kde#406116 and https://sourceforge.net/p/ebook-tools/bugs/8/ + add 0001-Avoid-crash-on-toc-navPoint-without-navLabel.patch * specfile cleanup, remove %defattr, add LICENSE This update was imported from the openSUSE:Leap:15.1:Update update project. ebook-tools-0.2.2-bp151.4.3.1.src.rpm ebook-tools-0.2.2-bp151.4.3.1.x86_64.rpm libepub-devel-0.2.2-bp151.4.3.1.x86_64.rpm libepub0-0.2.2-bp151.4.3.1.x86_64.rpm ebook-tools-0.2.2-bp151.4.3.1.aarch64.rpm libepub-devel-0.2.2-bp151.4.3.1.aarch64.rpm libepub0-0.2.2-bp151.4.3.1.aarch64.rpm libepub0-64bit-0.2.2-bp151.4.3.1.aarch64_ilp32.rpm ebook-tools-0.2.2-bp151.4.3.1.ppc64le.rpm libepub-devel-0.2.2-bp151.4.3.1.ppc64le.rpm libepub0-0.2.2-bp151.4.3.1.ppc64le.rpm ebook-tools-0.2.2-bp151.4.3.1.s390x.rpm libepub-devel-0.2.2-bp151.4.3.1.s390x.rpm libepub0-0.2.2-bp151.4.3.1.s390x.rpm openSUSE-2020-248 important openSUSE Backports SLE-15-SP1 Update This update for weechat fixes the following security issue: - CVE-2020-8955: Fixed a buffer overflow in plugins/irc/irc-mode.c that allowed attackers to cause a denial of service (bsc#1163889). weechat-2.1-bp151.4.3.1.src.rpm weechat-2.1-bp151.4.3.1.x86_64.rpm weechat-aspell-2.1-bp151.4.3.1.x86_64.rpm weechat-devel-2.1-bp151.4.3.1.x86_64.rpm weechat-guile-2.1-bp151.4.3.1.x86_64.rpm weechat-lang-2.1-bp151.4.3.1.noarch.rpm weechat-lua-2.1-bp151.4.3.1.x86_64.rpm weechat-perl-2.1-bp151.4.3.1.x86_64.rpm weechat-python-2.1-bp151.4.3.1.x86_64.rpm weechat-ruby-2.1-bp151.4.3.1.x86_64.rpm weechat-tcl-2.1-bp151.4.3.1.x86_64.rpm weechat-2.1-bp151.4.3.1.aarch64.rpm weechat-aspell-2.1-bp151.4.3.1.aarch64.rpm weechat-devel-2.1-bp151.4.3.1.aarch64.rpm weechat-guile-2.1-bp151.4.3.1.aarch64.rpm weechat-lua-2.1-bp151.4.3.1.aarch64.rpm weechat-perl-2.1-bp151.4.3.1.aarch64.rpm weechat-python-2.1-bp151.4.3.1.aarch64.rpm weechat-ruby-2.1-bp151.4.3.1.aarch64.rpm weechat-tcl-2.1-bp151.4.3.1.aarch64.rpm weechat-2.1-bp151.4.3.1.ppc64le.rpm weechat-aspell-2.1-bp151.4.3.1.ppc64le.rpm weechat-devel-2.1-bp151.4.3.1.ppc64le.rpm weechat-guile-2.1-bp151.4.3.1.ppc64le.rpm weechat-lua-2.1-bp151.4.3.1.ppc64le.rpm weechat-perl-2.1-bp151.4.3.1.ppc64le.rpm weechat-python-2.1-bp151.4.3.1.ppc64le.rpm weechat-ruby-2.1-bp151.4.3.1.ppc64le.rpm weechat-tcl-2.1-bp151.4.3.1.ppc64le.rpm weechat-2.1-bp151.4.3.1.s390x.rpm weechat-aspell-2.1-bp151.4.3.1.s390x.rpm weechat-devel-2.1-bp151.4.3.1.s390x.rpm weechat-guile-2.1-bp151.4.3.1.s390x.rpm weechat-lua-2.1-bp151.4.3.1.s390x.rpm weechat-perl-2.1-bp151.4.3.1.s390x.rpm weechat-python-2.1-bp151.4.3.1.s390x.rpm weechat-ruby-2.1-bp151.4.3.1.s390x.rpm weechat-tcl-2.1-bp151.4.3.1.s390x.rpm openSUSE-2020-242 moderate openSUSE Backports SLE-15-SP1 Update This update for inn fixes the following issues: - CVE-2019-3692: Fixed a local privilage escalation from user to 'news' (bsc#1154302). This update was imported from the openSUSE:Leap:15.1:Update update project. inn-2.5.4-bp151.4.3.1.src.rpm inn-2.5.4-bp151.4.3.1.x86_64.rpm inn-devel-2.5.4-bp151.4.3.1.x86_64.rpm mininews-2.5.4-bp151.4.3.1.x86_64.rpm inn-2.5.4-bp151.4.3.1.aarch64.rpm inn-devel-2.5.4-bp151.4.3.1.aarch64.rpm mininews-2.5.4-bp151.4.3.1.aarch64.rpm inn-2.5.4-bp151.4.3.1.ppc64le.rpm inn-devel-2.5.4-bp151.4.3.1.ppc64le.rpm mininews-2.5.4-bp151.4.3.1.ppc64le.rpm inn-2.5.4-bp151.4.3.1.s390x.rpm inn-devel-2.5.4-bp151.4.3.1.s390x.rpm mininews-2.5.4-bp151.4.3.1.s390x.rpm openSUSE-2020-525 moderate openSUSE Backports SLE-15-SP1 Update This update for offlineimap fixes the following issues: Update to 7.3.2 - last stable release of offlineimap. - various bugfixes Adds new dependencies for offlineimap: - python-rfc6555 - python-selectors2 This update was imported from the openSUSE:Leap:15.1:Update update project. offlineimap-7.3.2-bp151.4.3.1.noarch.rpm offlineimap-7.3.2-bp151.4.3.1.src.rpm offlineimap-htmldoc-7.3.2-bp151.4.3.1.noarch.rpm python-rfc6555-0.0.0-bp151.2.1.src.rpm python2-rfc6555-0.0.0-bp151.2.1.noarch.rpm python3-rfc6555-0.0.0-bp151.2.1.noarch.rpm python-selectors2-2.0.1-bp151.2.1.src.rpm python2-selectors2-2.0.1-bp151.2.1.noarch.rpm python3-selectors2-2.0.1-bp151.2.1.noarch.rpm openSUSE-2020-273 moderate openSUSE Backports SLE-15-SP1 Update This update for proftpd fixes the following issues: proftpd was updated to version 1.3.6c. Security issues fixed: - CVE-2020-9272: Fixed an out-of-bounds read in mod_cap (bsc#1164572). - CVE-2020-9273: Fixed a potential memory corruption caused by an interruption of the data transfer channel (bsc#1164574). proftpd-1.3.6c-bp151.4.9.1.src.rpm proftpd-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-devel-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-doc-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-lang-1.3.6c-bp151.4.9.1.noarch.rpm proftpd-ldap-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-mysql-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-pgsql-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-radius-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-sqlite-1.3.6c-bp151.4.9.1.x86_64.rpm proftpd-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-devel-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-doc-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-ldap-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-mysql-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-pgsql-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-radius-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-sqlite-1.3.6c-bp151.4.9.1.aarch64.rpm proftpd-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-devel-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-doc-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-ldap-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-mysql-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-pgsql-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-radius-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-sqlite-1.3.6c-bp151.4.9.1.ppc64le.rpm proftpd-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-devel-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-doc-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-ldap-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-mysql-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-pgsql-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-radius-1.3.6c-bp151.4.9.1.s390x.rpm proftpd-sqlite-1.3.6c-bp151.4.9.1.s390x.rpm openSUSE-2020-367 moderate openSUSE Backports SLE-15-SP1 Update This update for calamares fixes the following issues: Use kdesu to start Calamares: - xdg-su may autoselect gnomesu which fails (boo#1164072); - pkexec may have theme issues. This update was imported from the openSUSE:Leap:15.1:Update update project. calamares-3.2.15-bp151.4.9.5.src.rpm calamares-3.2.15-bp151.4.9.5.x86_64.rpm calamares-branding-upstream-3.2.15-bp151.4.9.5.noarch.rpm calamares-webview-3.2.15-bp151.4.9.5.x86_64.rpm calamares-3.2.15-bp151.4.9.5.aarch64.rpm calamares-webview-3.2.15-bp151.4.9.5.aarch64.rpm openSUSE-2020-283 moderate openSUSE Backports SLE-15-SP1 Update This update for python-ws4py fixes the following issues: - Fix license. Correct one is BSD-3-Clause. This update was imported from the openSUSE:Leap:15.1:Update update project. python-ws4py-0.4.2-bp151.4.3.1.src.rpm python2-ws4py-0.4.2-bp151.4.3.1.noarch.rpm python3-ws4py-0.4.2-bp151.4.3.1.noarch.rpm openSUSE-2020-260 moderate openSUSE Backports SLE-15-SP1 Update This update for rpmdevtools fixes the following issues: - Reflect current spec-cleaner templates * Updated company name * Removed groups - Use generic runtime dependency on distribution-release - Move bash completions to correct dir - Update dependencies This update was imported from the openSUSE:Leap:15.1:Update update project. rpmdevtools-8.10-bp151.4.3.1.noarch.rpm rpmdevtools-8.10-bp151.4.3.1.src.rpm openSUSE-2020-284 important openSUSE Backports SLE-15-SP1 Update This update for cacti, cacti-spine fixes the following issues: cacti-spine was updated to version 1.2.9. Security issues fixed: - CVE-2009-4112: Fixed a privilege escalation (bsc#1122535). - CVE-2018-20723: Fixed a cross-site scripting (XSS) vulnerability (bsc#1122245). - CVE-2018-20724: Fixed a cross-site scripting (XSS) vulnerability (bsc#1122244). - CVE-2018-20725: Fixed a privilege escalation that could occur under certain conditions (bsc#1122535). - CVE-2018-20726: Fixed a cross-site scripting (XSS) vulnerability (bsc#1122242). - CVE-2019-16723: Fixed an authentication bypass vulnerability. - CVE-2019-17357: Fixed an SQL injection vulnerability (bsc#1158990). - CVE-2019-17358: Fixed an unsafe deserialization in sanitize_unserialize_selected_items (bsc#1158992). - CVE-2020-7106: Fixed a potential cross-site scripting (XSS) vulnerability (bsc#1163749). - CVE-2020-7237: Fixed a remote code execution that affected privileged users via shell metacharacters in the Performance Boost Debug Log field (bsc#1161297). Non-security issues fixed: - Fixed missing packages php-json, php-ctype, and php-gd in cacti.spec (boo#1101024). - Fixed Apache2.4 and Apache2.2 runtime configuration issue (boo#1101139). This update was imported from the openSUSE:Leap:15.1:Update update project. cacti-spine-1.2.9-bp151.4.3.1.src.rpm cacti-spine-1.2.9-bp151.4.3.1.x86_64.rpm cacti-spine-debuginfo-1.2.9-bp151.4.3.1.x86_64.rpm cacti-spine-debugsource-1.2.9-bp151.4.3.1.x86_64.rpm cacti-1.2.9-bp151.4.3.1.noarch.rpm cacti-1.2.9-bp151.4.3.1.src.rpm cacti-spine-1.2.9-bp151.4.3.1.aarch64.rpm cacti-spine-debuginfo-1.2.9-bp151.4.3.1.aarch64.rpm cacti-spine-debugsource-1.2.9-bp151.4.3.1.aarch64.rpm cacti-spine-1.2.9-bp151.4.3.1.ppc64le.rpm cacti-spine-debuginfo-1.2.9-bp151.4.3.1.ppc64le.rpm cacti-spine-debugsource-1.2.9-bp151.4.3.1.ppc64le.rpm cacti-spine-1.2.9-bp151.4.3.1.s390x.rpm cacti-spine-debuginfo-1.2.9-bp151.4.3.1.s390x.rpm cacti-spine-debugsource-1.2.9-bp151.4.3.1.s390x.rpm openSUSE-2020-303 moderate openSUSE Backports SLE-15-SP1 Update This update for aws-cli, python-aws-sam-translator, python-cfn-lint, python-nose2, python-parameterized, python-boto3, python-botocore, python-s3transfer fixes the following issues: python-aws-sam-translator was updated to 1.11.0 (bsc#1159018, jsc#PM-1507): Upgrade to 1.11.0: * Add ReservedConcurrentExecutions to globals * Fix ElasticsearchHttpPostPolicy resource reference * Support using AWS::Region in Ref and Sub * Documentation and examples updates * Add VersionDescription property to Serverless::Function * Update ServerlessRepoReadWriteAccessPolicy * Add additional template validation Upgrade to 1.10.0: * Add GSIs to DynamoDBReadPolicy and DynamoDBCrudPolicy * Add DynamoDBReconfigurePolicy * Add CostExplorerReadOnlyPolicy and OrganizationsListAccountsPolicy * Add EKSDescribePolicy * Add SESBulkTemplatedCrudPolicy * Add FilterLogEventsPolicy * Add SSMParameterReadPolicy * Add SESEmailTemplateCrudPolicy * Add s3:PutObjectAcl to S3CrudPolicy * Add allow_credentials CORS option * Add support for AccessLogSetting and CanarySetting Serverless::Api properties * Add support for X-Ray in Serverless::Api * Add support for MinimumCompressionSize in Serverless::Api * Add Auth to Serverless::Api globals * Remove trailing slashes from APIGW permissions * Add SNS FilterPolicy and an example application * Add Enabled property to Serverless::Function event sources * Add support for PermissionsBoundary in Serverless::Function * Fix boto3 client initialization * Add PublicAccessBlockConfiguration property to S3 bucket resource * Make PAY_PER_REQUEST default mode for Serverless::SimpleTable * Add limited support for resolving intrinsics in Serverless::LayerVersion * SAM now uses Flake8 * Add example application for S3 Events written in Go * Updated several example applications python-cfn-lint was added in version 0.21.4: - Add upstream patch to fix EOL dates for lambda runtimes - Add upstream patch to fix test_config_expand_paths test - Rename to python-cfn-lint. This package has a python API, which is required by python-moto. Update to version 0.21.4: + Features * Include more resource types in W3037 + CloudFormation Specifications * Add Resource Type `AWS::CDK::Metadata` + Fixes * Uncap requests dependency in setup.py * Check Join functions have lists in the correct sections * Pass a parameter value for AutoPublishAlias when doing a Transform * Show usage examples when displaying the help Update to version 0.21.3 + Fixes * Support dumping strings for datetime objects when doing a Transform Update to version 0.21.2 + CloudFormation Specifications * Update CloudFormation specs to 3.3.0 * Update instance types from pricing API as of 2019.05.23 Update to version 0.21.1 + Features * Add `Info` logging capability and set the default logging to `NotSet` + Fixes * Only do rule logging (start/stop/time) when the rule is going to be called * Update rule E1019 to allow `Fn::Transform` inside a `Fn::Sub` * Update rule W2001 to not break when `Fn::Transform` inside a `Fn::Sub` * Update rule E2503 to allow conditions to be used and to not default to `network` load balancer when an object is used for the Load Balancer type Update to version 0.21.0 + Features * New rule E3038 to check if a Serverless resource includes the appropriate Transform * New rule E2531 to validate a Lambda's runtime against the deprecated dates * New rule W2531 to validate a Lambda's runtime against the EOL dates * Update rule E2541 to include updates to Code Pipeline capabilities * Update rule E2503 to include checking of values for load balancer attributes + CloudFormation Specifications * Update CloudFormation specs to 3.2.0 * Update instance types from pricing API as of 2019.05.20 + Fixes * Include setuptools in setup.py requires Update to version 0.20.3 + CloudFormation Specifications * Update instance types from pricing API as of 2019.05.16 + Fixes * Update E7001 to allow float/doubles for mapping values * Update W1020 to check pre-transformed Fn::Sub(s) to determine if a Sub is needed * Pin requests to be below or equal to 2.21.0 to prevent issues with botocore Update to version 0.20.2 + Features * Add support for List<String> Parameter types + CloudFormation Specifications * Add allowed values for AWS::EC2 EIP, FlowLog, CustomerGateway, DHCPOptions, EC2Fleet * Create new property type for Security Group IDs or Names * Add new Lambda runtime environment for NodeJs 10.x * Move AWS::ServiceDiscovery::Service Health checks from Only One to Exclusive * Update Glue Crawler Role to take an ARN or a name * Remove PrimitiveType from MaintenanceWindowTarget Targets * Add Min/Max values for Load Balancer Ports to be between 1-65535 + Fixes * Include License file in the pypi package to help with downstream projects * Filter out dynamic references from rule E3031 and E3030 * Convert Python linting and Code Coverage from Python 3.6 to 3.7 Update to version 0.20.1 + Fixes * Update rule E8003 to support more functions inside a Fn::Equals Update to version 0.20.0 + Features * Allow a rule's exception to be defined in a resource's metadata * Add rule configuration capabilities * Update rule E3012 to allow for non strict property checking * Add rule E8003 to test Fn::Equals structure and syntax * Add rule E8004 to test Fn::And structure and syntax * Add rule E8005 to test Fn::Not structure and syntax * Add rule E8006 to test Fn::Or structure and syntax * Include Path to error in the JSON output * Update documentation to describe how to install cfn-lint from brew + CloudFormation Specifications * Update CloudFormation specs to version 3.0.0 * Add new region ap-east-1 * Add list min/max and string min/max for CloudWatch Alarm Actions * Add allowed values for EC2::LaunchTemplate * Add allowed values for EC2::Host * Update allowed values for Amazon MQ to include 5.15.9 * Add AWS::Greengrass::ResourceDefinition to GreenGrass supported regions * Add AWS::EC2::VPCEndpointService to all regions * Update AWS::ECS::TaskDefinition ExecutionRoleArn to be a IAM Role ARN * Patch spec files for SSM MaintenanceWindow to look for Target and not Targets * Update ManagedPolicyArns list size to be 20 which is the hard limit. 10 is the soft limit. + Fixes * Fix rule E3033 to check the string size when the string is inside a list * Fix an issue in which AWS::NotificationARNs was not a list * Add AWS::EC2::Volume to rule W3010 * Fix an issue with W2001 where SAM translate would remove the Ref to a parameter causing this error to falsely trigger * Fix rule W3010 to not error when the availability zone is 'all' Update to version 0.19.1 + Fixes * Fix core Condition processing to support direct Condition in another Condition * Fix the W2030 to check numbers against string allowed values Update to version 0.19.0 + Features * Add NS and PTR Route53 record checking to rule E3020 * New rule E3050 to check if a Ref to IAM Role has a Role path of '/' * New rule E3037 to look for duplicates in a list that doesn't support duplicates * New rule I3037 to look for duplicates in a list when duplicates are allowed + CloudFormation Specifications * Add Min/Max values to AWS::ElasticLoadBalancingV2::TargetGroup HealthCheckTimeoutSeconds * Add Max JSON size to AWS::IAM::ManagedPolicy PolicyDocument * Add allowed values for AWS::EC2 SpotFleet, TransitGateway, NetworkAcl NetworkInterface, PlacementGroup, and Volume * Add Min/max values to AWS::Budgets::Budget.Notification Threshold * Update RDS Instance types by database engine and license definitions using the pricing API * Update AWS::CodeBuild::Project ServiceRole to support Role Name or ARN * Update AWS::ECS::Service Role to support Role Name or ARN + Fixes * Update E3025 to support the new structure of data in the RDS instance type json * Update E2540 to remove all nested conditions from the object * Update E3030 to not do strict type checking * Update E3020 to support conditions nested in the record sets * Update E3008 to better handle CloudFormation sub stacks with different GetAtt formats Update to version 0.18.1 + CloudFormation Specifications * Update CloudFormation Specs to 2.30.0 * Fix IAM Regex Path to support more character types * Update AWS::Batch::ComputeEnvironment.ComputeResources InstanceRole to reference an InstanceProfile or GetAtt the InstanceProfile Arn * Allow VPC IDs to Ref a Parameter of type String + Fixes * Fix E3502 to check the size of the property instead of the parent object Update to version 0.18.0 + Features * New rule E3032 to check the size of lists * New rule E3502 to check JSON Object Size using definitions in the spec file * New rule E3033 to test the minimum and maximum length of a string * New rule E3034 to validate the min and max of a number * Remove Ebs Iops check from E2504 and use rule E3034 instead * Remove rule E2509 and use rule E3033 instead * Remove rule E2508 as it replaced by E3032 and E3502 * Update rule E2503 to check that there are at least two 2 Subnets or SubnetMappings for ALBs * SAM requirement upped to minimal version of 1.10.0 + CloudFormation Specifications * Extend specs to include: > `ListMin` and `ListMax` for the minimum and maximum size of a list > `JsonMax` to check the max size of a JSON Object > `StringMin` and `StringMax` to check the minimum and maximum length of a String > `NumberMin` and `NumberMax` to check the minimum and maximum value of a Number, Float, Long * Update State and ExecutionRoleArn to be required on AWS::DLM::LifecyclePolicy * Add AllowedValues for PerformanceInsightsRetentionPeriod for AWS::RDS::Instance * Add AllowedValues for the AWS::GuardDuty Resources * Add AllowedValues for AWS::EC2 VPC and VPN Resources * Switch IAM Instance Profiles for certain resources to the type that only takes the name * Add regex pattern for IAM Instance Profile when a name (not Arn) is used * Add regex pattern for IAM Paths * Add Regex pattern for IAM Role Arn * Update OnlyOne spec to require require at least one of Subnets or SubnetMappings with ELB v2 + Fixes * Fix serverless transform to use DefinitionBody when Auth is in the API definition * Fix rule W2030 to not error when checking SSM or List Parameters Update to version 0.17.1 + Features * Update rule E2503 to make sure NLBs don't have a Security Group configured + CloudFormation Specifications * Add all the allowed values of the `AWS::Glue` Resources * Update OnlyOne check for `AWS::CloudWatch::Alarm` to only `MetricName` or `Metrics` * Update Exclusive check for `AWS::CloudWatch::Alarm` for properties mixed with `Metrics` and `Statistic` * Update CloudFormation specs to 2.29.0 * Fix type with MariaDB in the AllowedValues * Update pricing information for data available on 2018.3.29 + Fixes * Fix rule E1029 to not look for a sub is needed when looking for iot strings in policies * Fix rule E2541 to allow for ActionId Versions of length 1-9 and meets regex `[0-9A-Za-z_-]+` * Fix rule E2532 to allow for `Parameters` inside a `Pass` action * Fix an issue when getting the location of an error in which numbers are causing an attribute error Update to version 0.17.0 + Features * Add new rule E3026 to validate Redis cluster settings including AutomaticFailoverEnabled and NumCacheClusters. Status: Released * Add new rule W3037 to validate IAM resource policies. Status: Experimental * Add new parameter `-e/--include-experimental` to allow for new rules in that aren't ready to be fully released + CloudFormation Specifications * Update Spec files to 2.28.0 * Add all the allowed values of the AWS::Redshift::* Resources * Add all the allowed values of the AWS::Neptune::* Resources * Patch spec to make AWS::CloudFront::Distribution.LambdaFunctionAssociation.LambdaFunctionARN required * Patch spec to make AWS::DynamoDB::Table AttributeDefinitions required + Fixes * Remove extra blank lines when there is no errors in the output * Add exception to rule E1029 to have exceptions for EMR CloudWatchAlarmDefinition * Update rule E1029 to allow for literals in a Sub * Remove sub checks from rule E3031 as it won't match in all cases of an allowed pattern regex check * Correct typos for errors in rule W1001 * Switch from parsing a template as Yaml to Json when finding an escape character * Fix an issue with SAM related to transforming templates with Serverless Application and Lambda Layers * Fix an issue with rule E2541 when non strings were used for Stage Names Update to version 0.16.0 + Features * Add rule E3031 to look for regex patterns based on the patched spec file * Remove regex checks from rule E2509 * Add parameter `ignore-templates` to allow the ignoring of templates when doing bulk linting + CloudFormation Specifications * Update Spec files to 2.26.0 * Add all the allowed values of the AWS::DirectoryService::* Resources * Add all the allowed values of the AWS::DynamoDB::* Resources * Added AWS::Route53Resolver resources to the Spec Patches of ap-southeast-2 * Patch the spec file with regex patterns * Add all the allowed values of the AWS::DocDb::* Resources + Fixes * Update rule E2504 to have '20000' as the max value * Update rule E1016 to not allow ImportValue inside of Conditions * Update rule E2508 to check conditions when providing limit checks on managed policies * Convert unicode to strings when in Py 3.4/3.5 and updating specs * Convert from `awslabs` to `aws-cloudformation` organization * Remove suppression of logging that was removed from samtranslator >1.7.0 and incompatibility with samtranslator 1.10.0 Update to version 0.15.0 + Features * Add scaffolding for arbitrary Match attributes, adding attributes for Type checks * Add rule E3024 to validate that ProvisionedThroughput is not specified with BillingMode PAY_PER_REQUEST + CloudFormation Specifications * Update Spec files to 2.24.0 * Update OnlyOne spec to have BlockDeviceMapping to include NoDevice with Ebs and VirtualName * Add all the allowed values of the AWS::CloudFront::* Resources * Add all the allowed values of the AWS::DAX::* Resources + Fixes * Update config parsing to use the builtin Yaml decoder * Add condition support for Inclusive E2521, Exclusive E2520, and AtLeastOne E2522 rules * Update rule E1029 to better check Resource strings inside IAM Policies * Improve the line/column information of a Match with array support Update to version 0.14.1 + CloudFormation Specifications * Update CloudFormation Specs to version 2.23.0 * Add allowed values for AWS::Config::* resources * Add allowed values for AWS::ServiceDiscovery::* resources * Fix allowed values for Apache MQ + Fixes * Update rule E3008 to not error when using a list from a custom resource * Support simple types in the CloudFormation spec * Add tests for the formatters Update to version 0.14.0 + Features * Add rule E3035 to check the values of DeletionPolicy * Add rule E3036 to check the values of UpdateReplacePolicy * Add rule E2014 to check that there are no REFs in the Parameter section * Update rule E2503 to support TLS on NLBs + CloudFormation Specifications * Update CloudFormation spec to version 2.22.0 * Add allowed values for AWS::Cognito::* resources + Fixes * Update rule E3002 to allow GetAtts to Custom Resources under a Condition Update to version 0.13.2 + Features * Introducing the cfn-lint logo! * Update SAM dependency version + Fixes * Fix CloudWatchAlarmComparisonOperator allowed values. * Fix typo resoruce_type_spec in several files * Better support for nested And, Or, and Not when processing Conditions Update to version 0.13.1 + CloudFormation Specifications * Add allowed values for AWS::CloudTrail::Trail resources * Patch spec to have AWS::CodePipeline::CustomActionType Version included + Fixes * Fix conditions logic to use AllowedValues when REFing a Parameter that has AllowedValues specified Update to version 0.13.0 + Features * New rule W1011 to check if a FindInMap is using the correct map name and keys * New rule W1001 to check if a Ref/GetAtt to a resource that exists when Conditions are used * Removed logic in E1011 and moved it to W1011 for validating keys * Add property relationships for AWS::ApplicationAutoScaling::ScalingPolicy into Inclusive, Exclusive, and AtLeastOne * Update rule E2505 to check the netmask bit * Include the ability to update the CloudFormation Specs using the Pricing API + CloudFormation Specifications * Update to version 2.21.0 * Add allowed values for AWS::Budgets::Budget * Add allowed values for AWS::CertificateManager resources * Add allowed values for AWS::CodePipeline resources * Add allowed values for AWS::CodeCommit resources * Add allowed values for EC2 InstanceTypes from pricing API * Add allowed values for RedShift InstanceTypes from pricing API * Add allowed values for MQ InstanceTypes from pricing API * Add allowed values for RDS InstanceTypes from pricing API + Fixes * Fixed README indentation issue with .pre-commit-config.yaml * Fixed rule E2541 to allow for multiple inputs/outputs in a CodeBuild task * Fixed rule E3020 to allow for a period or no period at the end of a ACM registration record * Update rule E3001 to support UpdateReplacePolicy * Fix a cli issue where `--template` wouldn't be used when a .cfnlintrc was in the same folder * Update rule E3002 and E1024 to support packaging of AWS::Lambda::LayerVersion content - Initial build + Version 0.12.1 Update to 0.9.1 * the prof plugin now uses cProfile instead of hotshot for profiling * skipped tests now include the user's reason in junit XML's message field * the prettyassert plugin mishandled multi-line function definitions * Using a plugin's CLI flag when the plugin is already enabled via config no longer errors * nose2.plugins.prettyassert, enabled with --pretty-assert * Cleanup code for EOLed python versions * Dropped support for distutils. * Result reporter respects failure status set by other plugins * JUnit XML plugin now includes the skip reason in its output Upgrade to 0.8.0: - List of changes is too long to show here, see https://github.com/nose-devs/nose2/blob/master/docs/changelog.rst changes between 0.6.5 and 0.8.0 Update to 0.7.0: * Added parameterized_class feature, for parameterizing entire test classes (many thanks to @TobyLL for their suggestions and help testing!) * Fix DeprecationWarning on `inspect.getargs` (thanks @brettdh; https://github.com/wolever/parameterized/issues/67) * Make sure that `setUp` and `tearDown` methods work correctly (#40) * Raise a ValueError when input is empty (thanks @danielbradburn; https://github.com/wolever/parameterized/pull/48) * Fix the order when number of cases exceeds 10 (thanks @ntflc; https://github.com/wolever/parameterized/pull/49) aws-cli was updated to version 1.16.223: For detailed changes see the changes entries: https://github.com/aws/aws-cli/blob/1.16.223/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.189/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.182/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.176/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.103/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.94/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.84/CHANGELOG.rst python-boto3 was updated to 1.9.213, python-botocore was updated to 1.9.188, and python-s3transfer was updated to 1.12.74, fixing lots of bugs and adding features (bsc#1146853, bsc#1146854) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-nose2-0.9.1-bp151.4.3.1.src.rpm python2-nose2-0.9.1-bp151.4.3.1.noarch.rpm python3-nose2-0.9.1-bp151.4.3.1.noarch.rpm python-parameterized-0.7.0-bp151.2.3.1.src.rpm python2-parameterized-0.7.0-bp151.2.3.1.noarch.rpm python3-parameterized-0.7.0-bp151.2.3.1.noarch.rpm openSUSE-2020-304 moderate openSUSE Backports SLE-15-SP1 Update This update for cgit fixes the following issues: - Create a /var/cache/cgit [boo#1116567] - Update bundled git to 2.18.1 This update was imported from the openSUSE:Leap:15.1:Update update project. cgit-1.2.1-bp151.4.3.1.src.rpm cgit-1.2.1-bp151.4.3.1.x86_64.rpm cgit-1.2.1-bp151.4.3.1.aarch64.rpm cgit-1.2.1-bp151.4.3.1.ppc64le.rpm cgit-1.2.1-bp151.4.3.1.s390x.rpm openSUSE-2020-323 moderate openSUSE Backports SLE-15-SP1 Update This update for kio fixes the following issues: - Add upstream patch to fix possible crashes when creating new folders in the "Save As" file dialog (boo#1165359, kde#401916) kio-5.55.0-bp151.4.9.1.src.rpm kio-5.55.0-bp151.4.9.1.x86_64.rpm kio-core-5.55.0-bp151.4.9.1.x86_64.rpm kio-devel-5.55.0-bp151.4.9.1.x86_64.rpm kio-lang-5.55.0-bp151.4.9.1.noarch.rpm kio-5.55.0-bp151.4.9.1.aarch64.rpm kio-64bit-5.55.0-bp151.4.9.1.aarch64_ilp32.rpm kio-core-5.55.0-bp151.4.9.1.aarch64.rpm kio-core-64bit-5.55.0-bp151.4.9.1.aarch64_ilp32.rpm kio-devel-5.55.0-bp151.4.9.1.aarch64.rpm kio-devel-64bit-5.55.0-bp151.4.9.1.aarch64_ilp32.rpm kio-5.55.0-bp151.4.9.1.ppc64le.rpm kio-core-5.55.0-bp151.4.9.1.ppc64le.rpm kio-devel-5.55.0-bp151.4.9.1.ppc64le.rpm kio-5.55.0-bp151.4.9.1.s390x.rpm kio-core-5.55.0-bp151.4.9.1.s390x.rpm kio-devel-5.55.0-bp151.4.9.1.s390x.rpm openSUSE-2020-305 important openSUSE Backports SLE-15-SP1 Update This update for openfortivpn to version 1.12.0 fixes the following issues: - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability (boo#1165301). - CVE-2020-7042: Fixed use of uninitialized memory in X509_check_host (boo#1165300). - CVE-2020-7041: Fixed incorrect use of X509_check_host (boo#1165299). This update was imported from the openSUSE:Leap:15.1:Update update project. openfortivpn-1.12.0-bp151.3.3.1.src.rpm openfortivpn-1.12.0-bp151.3.3.1.x86_64.rpm openfortivpn-1.12.0-bp151.3.3.1.aarch64.rpm openfortivpn-1.12.0-bp151.3.3.1.ppc64le.rpm openfortivpn-1.12.0-bp151.3.3.1.s390x.rpm openSUSE-2020-325 important openSUSE Backports SLE-15-SP1 Update This update for python-bleach to version 3.1.1 fixes the following issue: - Python-bleach was updated to 3.1.1 - CVE-2020-6802: Fixed mutation XSS vulnerabilities (boo#1165303). This update was imported from the openSUSE:Leap:15.1:Update update project. python-bleach-3.1.1-bp151.4.4.1.src.rpm python2-bleach-3.1.1-bp151.4.4.1.noarch.rpm python3-bleach-3.1.1-bp151.4.4.1.noarch.rpm openSUSE-2020-337 moderate openSUSE Backports SLE-15-SP1 Update This update for 389-ds to version 1.4.2.2 fixes the following issues: 389-ds was updated to 1.4.2.6 (fate#326677, bsc#1155951), bringing many bug and stability fixes. Issue addressed: - Enabled python lib389 installer tooling to match upstream and suse documentation. More information for this release at: https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-2-1.html This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-ldap-3.1.0-bp151.2.1.src.rpm python2-ldap-3.1.0-bp151.2.1.x86_64.rpm python2-ldap-3.1.0-bp151.2.1.aarch64.rpm python2-ldap-3.1.0-bp151.2.1.ppc64le.rpm python2-ldap-3.1.0-bp151.2.1.s390x.rpm openSUSE-2020-326 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: - Fixed an issue where clicking the tray icon momentarily showed and immediately hid window(boo#1165293). This update was imported from the openSUSE:Leap:15.1:Update update project. keepassxc-2.5.3-bp151.3.12.1.src.rpm keepassxc-2.5.3-bp151.3.12.1.x86_64.rpm keepassxc-lang-2.5.3-bp151.3.12.1.noarch.rpm keepassxc-2.5.3-bp151.3.12.1.aarch64.rpm keepassxc-2.5.3-bp151.3.12.1.ppc64le.rpm keepassxc-2.5.3-bp151.3.12.1.s390x.rpm openSUSE-2020-351 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuserv fixes the following issues: * Fixes build dependencies boo#1120300 gnuserv-3.12.6-bp151.4.3.1.src.rpm gnuserv-3.12.6-bp151.4.3.1.x86_64.rpm gnuserv-3.12.6-bp151.4.3.1.aarch64.rpm gnuserv-3.12.6-bp151.4.3.1.ppc64le.rpm gnuserv-3.12.6-bp151.4.3.1.s390x.rpm openSUSE-2020-363 moderate openSUSE Backports SLE-15-SP1 Update This update for docker-compose fixes the following issue: - a upper level bound on the python-PyYAML version is removed. (bsc#1165620) This update was imported from the openSUSE:Leap:15.1:Update update project. docker-compose-1.17.0-bp151.4.3.1.noarch.rpm docker-compose-1.17.0-bp151.4.3.1.src.rpm openSUSE-2020-526 moderate openSUSE Backports SLE-15-SP1 Update This update for superlu fixes the following issues: - Add support for gcc8/9 building (jsc#SLE-8604). This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libsuperlu-gnu-hpc-5.2.1-bp151.2.3.7.ppc64le.rpm libsuperlu_5_2_1-gnu-hpc-5.2.1-bp151.2.3.7.ppc64le.rpm superlu-gnu-hpc-devel-5.2.1-bp151.2.3.7.noarch.rpm superlu-gnu-hpc-doc-5.2.1-bp151.2.3.7.noarch.rpm superlu-gnu-hpc-examples-5.2.1-bp151.2.3.7.noarch.rpm superlu_5_2_1-gnu-hpc-5.2.1-bp151.2.3.7.src.rpm superlu_5_2_1-gnu-hpc-devel-5.2.1-bp151.2.3.7.ppc64le.rpm superlu_5_2_1-gnu-hpc-doc-5.2.1-bp151.2.3.7.ppc64le.rpm superlu_5_2_1-gnu-hpc-examples-5.2.1-bp151.2.3.7.ppc64le.rpm libsuperlu5-5.2.1-bp151.2.3.7.ppc64le.rpm superlu-5.2.1-bp151.2.3.7.src.rpm superlu-devel-5.2.1-bp151.2.3.7.ppc64le.rpm superlu-doc-5.2.1-bp151.2.3.7.ppc64le.rpm superlu-examples-5.2.1-bp151.2.3.7.ppc64le.rpm libsuperlu-gnu-hpc-5.2.1-bp151.2.3.7.s390x.rpm libsuperlu_5_2_1-gnu-hpc-5.2.1-bp151.2.3.7.s390x.rpm superlu_5_2_1-gnu-hpc-devel-5.2.1-bp151.2.3.7.s390x.rpm superlu_5_2_1-gnu-hpc-doc-5.2.1-bp151.2.3.7.s390x.rpm superlu_5_2_1-gnu-hpc-examples-5.2.1-bp151.2.3.7.s390x.rpm libsuperlu5-5.2.1-bp151.2.3.7.s390x.rpm superlu-devel-5.2.1-bp151.2.3.7.s390x.rpm superlu-doc-5.2.1-bp151.2.3.7.s390x.rpm superlu-examples-5.2.1-bp151.2.3.7.s390x.rpm openSUSE-2020-373 moderate openSUSE Backports SLE-15-SP1 Update This update for kaffeine fixes the following issues: Update to 2.0.18: * mediawidget: Override DVD keys instead of changing their settings (kde#394076) * mediawidget: warn user to use keys for DVD menu * mediawidget: remove a now unneeded check * mediawidget: fix video position movement with mouse wheel * mediawidget: fix the mouse wheel behavior at the streaming window * vlc: with vlc 2.x, use vlcMedia for libvlc_MediaMetaChanged event (kde#407153) * vlc: fix support for vlc 2.x (kde#407153) This update was imported from the openSUSE:Leap:15.1:Update update project. kaffeine-2.0.18-bp151.3.3.2.src.rpm kaffeine-2.0.18-bp151.3.3.2.x86_64.rpm kaffeine-lang-2.0.18-bp151.3.3.2.noarch.rpm openSUSE-2020-372 moderate openSUSE Backports SLE-15-SP1 Update This update for skelcd-control-openSUSE fixes the following issues: - Add /boot/grub2/arm64-efi subvolume for all roles (boo#1162320). This update was imported from the openSUSE:Leap:15.1:Update update project. skelcd-control-openSUSE-promo-15.1.19-bp151.2.3.1.src.rpm skelcd-control-openSUSE-promo-15.1.19-bp151.2.3.1.x86_64.rpm skelcd-control-openSUSE-15.1.19-bp151.2.3.1.src.rpm skelcd-control-openSUSE-15.1.19-bp151.2.3.1.x86_64.rpm skelcd-control-openSUSE-promo-15.1.19-bp151.2.3.1.aarch64.rpm skelcd-control-openSUSE-15.1.19-bp151.2.3.1.aarch64.rpm skelcd-control-openSUSE-promo-15.1.19-bp151.2.3.1.ppc64le.rpm skelcd-control-openSUSE-15.1.19-bp151.2.3.1.ppc64le.rpm skelcd-control-openSUSE-promo-15.1.19-bp151.2.3.1.s390x.rpm skelcd-control-openSUSE-15.1.19-bp151.2.3.1.s390x.rpm openSUSE-2020-389 important openSUSE Backports SLE-15-SP1 Update This update for chromium to version 80.0.3987.149 fixes the following issues: Chromium was update to 80.0.3987.149 (bsc#1167090): - CVE-2020-6422: Fixed a use after free in WebGL. - CVE-2020-6424: Fixed a use after free in media. - CVE-2020-6425: Fixed an insufficient policy enforcement in extensions. - CVE-2020-6426: Fixed an inappropriate implementation in V8. - CVE-2020-6427: Fixed a use after free in audio. - CVE-2020-6428: Fixed a use after free in audio. - CVE-2020-6429: Fixed a use after free in audio. - CVE-2019-20503: Fixed an out of bounds read in usersctplib. - CVE-2020-6449: Fixed a use after free in audio. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-80.0.3987.149-bp151.3.63.3.x86_64.rpm chromium-80.0.3987.149-bp151.3.63.3.src.rpm chromium-80.0.3987.149-bp151.3.63.3.x86_64.rpm chromedriver-80.0.3987.149-bp151.3.63.3.aarch64.rpm chromium-80.0.3987.149-bp151.3.63.3.aarch64.rpm openSUSE-2020-390 moderate openSUSE Backports SLE-15-SP1 Update This update for docker-compose fixes the following issues: - Follow up fix for the upper PyYAML limit (boo#1165620) This update was imported from the openSUSE:Leap:15.1:Update update project. docker-compose-1.17.0-bp151.4.6.1.noarch.rpm docker-compose-1.17.0-bp151.4.6.1.src.rpm openSUSE-2020-489 moderate openSUSE Backports SLE-15-SP1 Update This update for libkcddb, libkcddb4 fixes the following issues: - switch to use gnudb.org by default, freedb.org will be shutdown at the end of March (boo#1167417, kde#418421) libKF5Cddb5-18.12.3-bp151.3.3.7.x86_64.rpm libKF5Cddb5-debuginfo-18.12.3-bp151.3.3.7.x86_64.rpm libKF5CddbWidgets5-18.12.3-bp151.3.3.7.x86_64.rpm libKF5CddbWidgets5-debuginfo-18.12.3-bp151.3.3.7.x86_64.rpm libkcddb-18.12.3-bp151.3.3.7.src.rpm libkcddb-18.12.3-bp151.3.3.7.x86_64.rpm libkcddb-debuginfo-18.12.3-bp151.3.3.7.x86_64.rpm libkcddb-debugsource-18.12.3-bp151.3.3.7.x86_64.rpm libkcddb-devel-18.12.3-bp151.3.3.7.x86_64.rpm libkcddb-lang-18.12.3-bp151.3.3.7.noarch.rpm libkcddb4-16.08.3-bp151.4.3.7.src.rpm libkcddb4-16.08.3-bp151.4.3.7.x86_64.rpm libkcddb4-debuginfo-16.08.3-bp151.4.3.7.x86_64.rpm libkcddb4-debugsource-16.08.3-bp151.4.3.7.x86_64.rpm libkcddb4-devel-16.08.3-bp151.4.3.7.x86_64.rpm libKF5Cddb5-18.12.3-bp151.3.3.7.aarch64.rpm libKF5Cddb5-debuginfo-18.12.3-bp151.3.3.7.aarch64.rpm libKF5CddbWidgets5-18.12.3-bp151.3.3.7.aarch64.rpm libKF5CddbWidgets5-debuginfo-18.12.3-bp151.3.3.7.aarch64.rpm libkcddb-18.12.3-bp151.3.3.7.aarch64.rpm libkcddb-debuginfo-18.12.3-bp151.3.3.7.aarch64.rpm libkcddb-debugsource-18.12.3-bp151.3.3.7.aarch64.rpm libkcddb-devel-18.12.3-bp151.3.3.7.aarch64.rpm libkcddb4-16.08.3-bp151.4.3.7.aarch64.rpm libkcddb4-debuginfo-16.08.3-bp151.4.3.7.aarch64.rpm libkcddb4-debugsource-16.08.3-bp151.4.3.7.aarch64.rpm libkcddb4-devel-16.08.3-bp151.4.3.7.aarch64.rpm libKF5Cddb5-18.12.3-bp151.3.3.7.ppc64le.rpm libKF5Cddb5-debuginfo-18.12.3-bp151.3.3.7.ppc64le.rpm libKF5CddbWidgets5-18.12.3-bp151.3.3.7.ppc64le.rpm libKF5CddbWidgets5-debuginfo-18.12.3-bp151.3.3.7.ppc64le.rpm libkcddb-18.12.3-bp151.3.3.7.ppc64le.rpm libkcddb-debuginfo-18.12.3-bp151.3.3.7.ppc64le.rpm libkcddb-debugsource-18.12.3-bp151.3.3.7.ppc64le.rpm libkcddb-devel-18.12.3-bp151.3.3.7.ppc64le.rpm libkcddb4-16.08.3-bp151.4.3.7.ppc64le.rpm libkcddb4-debuginfo-16.08.3-bp151.4.3.7.ppc64le.rpm libkcddb4-debugsource-16.08.3-bp151.4.3.7.ppc64le.rpm libkcddb4-devel-16.08.3-bp151.4.3.7.ppc64le.rpm libKF5Cddb5-18.12.3-bp151.3.3.7.s390x.rpm libKF5Cddb5-debuginfo-18.12.3-bp151.3.3.7.s390x.rpm libKF5CddbWidgets5-18.12.3-bp151.3.3.7.s390x.rpm libKF5CddbWidgets5-debuginfo-18.12.3-bp151.3.3.7.s390x.rpm libkcddb-18.12.3-bp151.3.3.7.s390x.rpm libkcddb-debuginfo-18.12.3-bp151.3.3.7.s390x.rpm libkcddb-debugsource-18.12.3-bp151.3.3.7.s390x.rpm libkcddb-devel-18.12.3-bp151.3.3.7.s390x.rpm libkcddb4-16.08.3-bp151.4.3.7.s390x.rpm libkcddb4-debuginfo-16.08.3-bp151.4.3.7.s390x.rpm libkcddb4-debugsource-16.08.3-bp151.4.3.7.s390x.rpm libkcddb4-devel-16.08.3-bp151.4.3.7.s390x.rpm openSUSE-2020-391 moderate openSUSE Backports SLE-15-SP1 Update This update for mcpp fixes the following issues: - CVE-2019-14274: Fixed a heap-based buffer overflow in the do_msg() (boo#1143032) This update was imported from the openSUSE:Leap:15.1:Update update project. libmcpp0-2.7.2-bp151.4.3.1.x86_64.rpm mcpp-2.7.2-bp151.4.3.1.src.rpm mcpp-2.7.2-bp151.4.3.1.x86_64.rpm mcpp-devel-2.7.2-bp151.4.3.1.x86_64.rpm libmcpp0-2.7.2-bp151.4.3.1.aarch64.rpm mcpp-2.7.2-bp151.4.3.1.aarch64.rpm mcpp-devel-2.7.2-bp151.4.3.1.aarch64.rpm libmcpp0-2.7.2-bp151.4.3.1.ppc64le.rpm mcpp-2.7.2-bp151.4.3.1.ppc64le.rpm mcpp-devel-2.7.2-bp151.4.3.1.ppc64le.rpm libmcpp0-2.7.2-bp151.4.3.1.s390x.rpm mcpp-2.7.2-bp151.4.3.1.s390x.rpm mcpp-devel-2.7.2-bp151.4.3.1.s390x.rpm openSUSE-2020-527 moderate openSUSE Backports SLE-15-SP1 Update This update for ocr fixes the following issues: - Disable openmpi1 builds for SLE/Leap > 15.1. - Enable openmpi3 builds for Leap and SLE > 15.1 (jsc#SLE-7773). This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. ocr-gnu-hpc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-hpc-devel-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-hpc-doc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-hpc-examples-1.0.1-bp151.2.3.6.noarch.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.3.6.src.rpm ocr_1_0_1-gnu-hpc-devel-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-hpc-doc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-hpc-examples-1.0.1-bp151.2.3.6.ppc64le.rpm ocr-gnu-mpich-hpc-1.0.1-bp151.2.3.5.noarch.rpm ocr-gnu-mpich-hpc-devel-1.0.1-bp151.2.3.5.noarch.rpm ocr-gnu-mpich-hpc-doc-1.0.1-bp151.2.3.5.noarch.rpm ocr-gnu-mpich-hpc-examples-1.0.1-bp151.2.3.5.noarch.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.3.5.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.3.5.src.rpm ocr_1_0_1-gnu-mpich-hpc-devel-1.0.1-bp151.2.3.5.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-doc-1.0.1-bp151.2.3.5.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-examples-1.0.1-bp151.2.3.5.ppc64le.rpm ocr-gnu-mvapich2-hpc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.3.6.noarch.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.3.6.src.rpm ocr_1_0_1-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.3.6.ppc64le.rpm ocr-gnu-openmpi1-hpc-1.0.1-bp151.2.3.7.noarch.rpm ocr-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.3.7.noarch.rpm ocr-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.3.7.noarch.rpm ocr-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.3.7.noarch.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.3.7.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.3.7.src.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.3.7.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.3.7.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.3.7.ppc64le.rpm ocr-gnu-openmpi2-hpc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.3.6.noarch.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.3.6.src.rpm ocr_1_0_1-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.3.6.ppc64le.rpm ocr-gnu-openmpi3-hpc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.3.6.noarch.rpm ocr-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.3.6.noarch.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.3.6.src.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.3.6.ppc64le.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-hpc-devel-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-hpc-doc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-hpc-examples-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.3.5.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-devel-1.0.1-bp151.2.3.5.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-doc-1.0.1-bp151.2.3.5.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-examples-1.0.1-bp151.2.3.5.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.3.7.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.3.7.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.3.7.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.3.7.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.3.6.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.3.6.s390x.rpm openSUSE-2020-392 moderate openSUSE Backports SLE-15-SP1 Update This update for pari-elldata fixes the following issues: Update to release 20190912 * No changelog was provided - Strip /data/ subdirectory [boo#1106378,boo#1165480] This update was imported from the openSUSE:Leap:15.1:Update update project. pari-elldata-20190912-bp151.4.3.1.noarch.rpm pari-elldata-20190912-bp151.4.3.1.src.rpm openSUSE-2020-424 moderate openSUSE Backports SLE-15-SP1 Update This update for live-kiwi-hook fixes the following issues: - Update the filename in .sha256 files as well (boo#1159974) This update was imported from the openSUSE:Leap:15.1:Update update project. live-kiwi-hook-1.0-bp151.2.3.1.noarch.rpm live-kiwi-hook-1.0-bp151.2.3.1.src.rpm openSUSE-2020-425 moderate openSUSE Backports SLE-15-SP1 Update This update for goaccess fixes the following issues: - build with libmaxminddb as GeoIP is discontinued (boo#1156207) - Fixed garbage in HTML reports. This update was imported from the openSUSE:Leap:15.1:Update update project. goaccess-1.3-bp151.2.3.1.src.rpm goaccess-1.3-bp151.2.3.1.x86_64.rpm goaccess-1.3-bp151.2.3.1.aarch64.rpm goaccess-1.3-bp151.2.3.1.ppc64le.rpm goaccess-1.3-bp151.2.3.1.s390x.rpm openSUSE-2020-532 moderate openSUSE Backports SLE-15-SP1 Update This update for metis fixes the following issues: - Add support for gcc8/9 building (jsc#SLE-8604). - Build HPC master package for 'examples'. This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libmetis5-5.1.0-bp151.2.3.6.aarch64.rpm metis-5.1.0-bp151.2.3.6.aarch64.rpm metis-5.1.0-bp151.2.3.6.src.rpm metis-devel-5.1.0-bp151.2.3.6.aarch64.rpm metis-doc-5.1.0-bp151.2.3.6.noarch.rpm metis-examples-5.1.0-bp151.2.3.6.noarch.rpm libmetis-gnu-hpc-5.1.0-bp151.2.3.6.ppc64le.rpm libmetis_5_1_0-gnu-hpc-5.1.0-bp151.2.3.6.ppc64le.rpm metis-gnu-hpc-5.1.0-bp151.2.3.6.noarch.rpm metis-gnu-hpc-devel-5.1.0-bp151.2.3.6.noarch.rpm metis-gnu-hpc-doc-5.1.0-bp151.2.3.6.noarch.rpm metis-gnu-hpc-examples-5.1.0-bp151.2.3.6.noarch.rpm metis_5_1_0-gnu-hpc-5.1.0-bp151.2.3.6.ppc64le.rpm metis_5_1_0-gnu-hpc-5.1.0-bp151.2.3.6.src.rpm metis_5_1_0-gnu-hpc-devel-5.1.0-bp151.2.3.6.ppc64le.rpm metis_5_1_0-gnu-hpc-doc-5.1.0-bp151.2.3.6.noarch.rpm metis_5_1_0-gnu-hpc-examples-5.1.0-bp151.2.3.6.noarch.rpm libmetis5-5.1.0-bp151.2.3.6.ppc64le.rpm metis-5.1.0-bp151.2.3.6.ppc64le.rpm metis-devel-5.1.0-bp151.2.3.6.ppc64le.rpm libmetis-gnu-hpc-5.1.0-bp151.2.3.6.s390x.rpm libmetis_5_1_0-gnu-hpc-5.1.0-bp151.2.3.6.s390x.rpm metis_5_1_0-gnu-hpc-5.1.0-bp151.2.3.6.s390x.rpm metis_5_1_0-gnu-hpc-devel-5.1.0-bp151.2.3.6.s390x.rpm libmetis5-5.1.0-bp151.2.3.6.s390x.rpm metis-5.1.0-bp151.2.3.6.s390x.rpm metis-devel-5.1.0-bp151.2.3.6.s390x.rpm openSUSE-2020-426 moderate openSUSE Backports SLE-15-SP1 Update This update for netsniff-ng fixes the following issues: GeoIP has been discontinued by Maxmind. Please see https://support.maxmind.com/geolite-legacy-discontinuation-notice/ for details. Without the database GeoIP is useless. Update to version 0.6.6: * implement rotating capture files in netsniff-ng * fixed '--in -' to work again with STDIN in trafgen * fixed -t 0 option to use sendto in trafgen * checksum calculation for ICMP and TCP in astraceroute * fix for reading mirrors from file in astraceroute * use GZIP_ENV instead of GZIP in build system * fixed manpage warnings * added error handling for mismatched address families in mausezahn. Update to version 0.6.5: * add DCCP support to netsniff-ng * fix segfault in mausezahn * add date format strings to --out in netsniff-ng * restore handling of raw hex string passed in on command line in mausezahn * support ICMPv6 checksums in trafgen * improve random mac address generation in mausezahn * man page updates and reformatting This update was imported from the openSUSE:Leap:15.1:Update update project. netsniff-ng-0.6.6-bp151.5.3.1.src.rpm netsniff-ng-0.6.6-bp151.5.3.1.x86_64.rpm netsniff-ng-0.6.6-bp151.5.3.1.aarch64.rpm netsniff-ng-0.6.6-bp151.5.3.1.ppc64le.rpm netsniff-ng-0.6.6-bp151.5.3.1.s390x.rpm openSUSE-2020-427 moderate openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password (boo#1167335 PMASA-2020-2). - CVE-2020-10802: Fixed an SQL injection in the search feature (boo#1167336 PMASA-2020-3). - CVE-2020-10803: Fixed an SQL injection and XSS when displaying results (boo#1167337 PMASA-2020-4). - Removed the "options" field for the external transformation. This update was imported from the openSUSE:Leap:15.1:Update update project. phpMyAdmin-4.9.5-bp151.3.15.1.noarch.rpm phpMyAdmin-4.9.5-bp151.3.15.1.src.rpm openSUSE-2020-428 moderate openSUSE Backports SLE-15-SP1 Update This update for tor to version 0.3.5.10 fixes the following issues: - tor was updated to version 0.3.5.10: - CVE-2020-10592: Fixed a CPU consumption denial of service and timing patterns (boo#1167013) - CVE-2020-10593: Fixed a circuit padding memory leak (boo#1167014) This update was imported from the openSUSE:Leap:15.1:Update update project. tor-0.3.5.10-bp151.3.3.1.src.rpm tor-0.3.5.10-bp151.3.3.1.x86_64.rpm tor-0.3.5.10-bp151.3.3.1.aarch64.rpm tor-0.3.5.10-bp151.3.3.1.ppc64le.rpm tor-0.3.5.10-bp151.3.3.1.s390x.rpm openSUSE-2020-430 moderate openSUSE Backports SLE-15-SP1 Update This update for python-mysql-connector-python fixes the following issues: python-mysql-connector-python was updated to 8.0.19 (boo#1122204 - CVE-2019-2435): - WL#13531: Remove xplugin namespace - WL#13372: DNS SRV support - WL#12738: Specify TLS ciphers to be used by a client or session - BUG#30270760: Fix reserved filed should have a length of 22 - BUG#29417117: Close file in handle load data infile - WL#13330: Single C/Python (Win) MSI installer - WL#13335: Connectors should handle expired password sandbox without SET operations - WL#13194: Add support for Python 3.8 - BUG#29909157: Table scans of floats causes memory leak with the C extension - BUG#25349794: Add read_default_file alias for option_files in connect() - WL#13155: Support new utf8mb4 bin collation - WL#12737: Add overlaps and not_overlaps as operator - WL#12735: Add README.rst and CONTRIBUTING.rst files - WL#12227: Indexing array fields - WL#12085: Support cursor prepared statements with C extension - BUG#29855733: Fix error during connection using charset and collation combination - BUG#29833590: Calling execute() should fetch active results - BUG#21072758: Support for connection attributes classic - WL#12864: Upgrade of Protobuf version to 3.6.1 - WL#12863: Drop support for Django versions older than 1.11 - WL#12489: Support new session reset functionality - WL#12488: Support for session-connect-attributes - WL#12297: Expose metadata about the source and binaries - WL#12225: Prepared statement support - BUG#29324966: Add missing username connection argument for driver compatibility - BUG#29278489: Fix wrong user and group for Solaris packages - BUG#29001628: Fix access by column label in Table.select() - BUG#28479054: Fix Python interpreter crash due to memory corruption - BUG#27897881: Empty LONG BLOB throws an IndexError - BUG#29260128: Disable load data local infile by default - WL#12607: Handling of Default Schema - WL#12493: Standardize count method - WL#12492: Be prepared for initial notice on connection - BUG#28646344: Remove expression parsing on values - BUG#28280321: Fix segmentation fault when using unicode characters in tables - BUG#27794178: Using use_pure=False should raise an error if cext is not available - BUG#27434751: Add a TLS/SSL option to verify server name - WL#12239: Add support for Python 3.7 - WL#12226: Implement connect timeout - WL#11897: Implement connection pooling for xprotocol - BUG#28278352: C extension mysqlx Collection.add() leaks memory in sequential calls - BUG#28037275: Missing bind parameters causes segfault or unclear error message - BUG#27528819: Support special characters in the user and password using URI - WL#11951: Consolidate discrepancies between pure and c extension - WL#11932: Remove Fabric support - WL#11898: Core API v1 alignment - BUG#28188883: Use utf8mb4 as the default character set - BUG#28133321: Fix incorrect columns names representing aggregate functions - BUG#27962293: Fix Django 2.0 and MySQL 8.0 compatibility issues - BUG#27567999: Fix wrong docstring in ModifyStatement.patch() - BUG#27277937: Fix confusing error message when using an unsupported collation - BUG#26834200: Deprecate Row.get_string() method - BUG#26660624: Fix missing install option in documentation - WL#11668: Add SHA256_MEMORY authentication mechanism - WL#11614: Enable C extension by default - WL#11448: New document _id generation support - WL#11282: Support new locking modes NOWAIT and SKIP LOCKED - BUG#27639119: Use a list of dictionaries to store warnings - BUG#27634885: Update error codes for MySQL 8.0.11 - BUG#27589450: Remove upsert functionality from WriteStatement class - BUG#27528842: Fix internal queries open for SQL injection - BUG#27364914: Cursor prepared statements do not convert strings - BUG#24953913: Fix failing unittests - BUG#24948205: Results from JSON_TYPE() are returned as bytearray - BUG#24948186: JSON type results are bytearray instead of corresponding python type - WL#11372: Remove configuration API - WL#11303: Remove CreateTable and CreateView - WL#11281: Transaction savepoints - WL#11278: Collection.create_index - WL#11149: Create Pylint test for mysqlx - WL#11142: Modify/MergePatch - WL#11079: Add support for Python 3.6 - WL#11073: Add caching_sha2_password authentication plugin - WL#10975: Add Single document operations - WL#10974: Add Row locking methods to find and select operations - WL#10973: Allow JSON types as operands for IN operator - WL#10899: Add support for pure Python implementation of Protobuf - WL#10771: Add SHA256 authentication - WL#10053: Configuration handling interface - WL#10772: Cleanup Drop APIs - WL#10770: Ensure all Session connections are secure by default - WL#10754: Forbid modify() and remove() with no condition - WL#10659: Support utf8mb4 as default charset - WL#10658: Remove concept of NodeSession - WL#10657: Move version number to 8.0 - WL#10198: Add Protobuf C++ extension implementation - WL#10004: Document UUID generation - BUG#26175003: Fix Session.sql() when using unicode SQL statements with Python 2.7 - BUG#26161838: Dropping an non-existing index should succeed silently - BUG#26160876: Fix issue when using empty condition in Collection.remove() and Table.delete() - BUG#26029811: Improve error thrown when using an invalid parameter in bind() - BUG#25991574: Fix Collection.remove() and Table.delete() missing filters - WL#10452: Add Protobuf C++ extension for Linux variants and Mac OSX - WL#10081: DevAPI: IPv6 support - BUG#25614860: Fix defined_as method in the view creation - BUG#25519251: SelectStatement does not implement order_by() method - BUG#25436568: Update available operators for XPlugin - BUG#24954006: Add missing items in CHANGES.txt - BUG#24578507: Fix import error using Python 2.6 - BUG#23636962: Fix improper error message when creating a Session - BUG#23568207: Fix default aliases for projection fields - BUG#23567724: Fix operator names - DevAPI: Schema.create_table - DevAPI: Flexible Parameter Lists - DevAPI: New transports: Unix domain socket - DevAPI: Core TLS/SSL options for the mysqlx URI scheme - DevAPI: View DDL with support for partitioning in a cluster / sharding - BUG#24520850: Fix unexpected behavior when using an empty collection name - Add support for Protocol Buffers 3 - Add View support (without DDL) - Implement get_default_schema() method in BaseSchema - DevAPI: Per ReplicaSet SQL execution - DevAPI: XSession accepts a list of routers - DevAPI: Define action on adding empty list of documents - BUG#23729357: Fix fetching BIT datatype - BUG#23583381: Add who_am_i and am_i_real methods to DatabaseObject - BUG#23568257: Add fetch_one method to mysqlx.result - BUG#23550743: Add close method to XSession and NodeSession - BUG#23550057: Add support for URI as connection data - Provide initial implementation of new DevAPI This update was imported from the openSUSE:Leap:15.1:Update update project. python-mysql-connector-python-8.0.19-bp151.4.3.1.src.rpm python2-mysql-connector-python-8.0.19-bp151.4.3.1.noarch.rpm python3-mysql-connector-python-8.0.19-bp151.4.3.1.noarch.rpm openSUSE-2020-431 moderate openSUSE Backports SLE-15-SP1 Update This update for inxi fixes the following issues: - Update to version 3.0.38: * See /usr/share/doc/packages/inxi/inxi.changelog - Add additional requirements (boo#1085951). This update was imported from the openSUSE:Leap:15.1:Update update project. inxi-3.0.38-bp151.4.3.1.noarch.rpm inxi-3.0.38-bp151.4.3.1.src.rpm openSUSE-2020-429 moderate openSUSE Backports SLE-15-SP1 Update This update for GraphicsMagick fixes the following issues: - CVE-2019-12921: Fixed an issue where text filename components potentially coulf have allowed reading of arbitrary files via TranslateTextEx (boo#1167208). - CVE-2020-10938: Fixed an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImages (boo#1167623). This update was imported from the openSUSE:Leap:15.1:Update update project. GraphicsMagick-1.3.29-bp151.5.12.1.src.rpm GraphicsMagick-1.3.29-bp151.5.12.1.x86_64.rpm GraphicsMagick-devel-1.3.29-bp151.5.12.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.29-bp151.5.12.1.x86_64.rpm libGraphicsMagick++-devel-1.3.29-bp151.5.12.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.29-bp151.5.12.1.x86_64.rpm libGraphicsMagick3-config-1.3.29-bp151.5.12.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.12.1.x86_64.rpm perl-GraphicsMagick-1.3.29-bp151.5.12.1.x86_64.rpm openSUSE-2020-432 moderate openSUSE Backports SLE-15-SP1 Update This update for geoipupdate, geolite2legacy fixes the following issues: Changes in geoipupdate: - introduce geoipupdate-legacy script [boo#1156194] Update geoipupdate to version 4.2.2: * Prepare for 4.2.2 * Use go get on 1.10 * Only use debug.ReadBuildInfo on 1.12+ * Update changelog * Set required Go version to 1.10 * Test back to Go 1.10 * Do not unnecessarily use errors.Is * Add changelog for #76 * Update for GoReleaser nfpm section change * Bump copyright year - added systemd timer for weekly updates (needs to be enabled by admin) Changes in geolite2legacy: - require python3-ipaddr [boo#1156194] Update to version 0+git20200101.56d8a4f: * silence pycharm warning * add version in comment using dirname inside zip * use geoname2fips.csv in script dir if not specified * remap country code from AS to AP (GH-6) * correct city v6 database version This update was imported from the openSUSE:Leap:15.1:Update update project. geoipupdate-4.2.2-bp151.4.3.1.src.rpm geoipupdate-4.2.2-bp151.4.3.1.x86_64.rpm geoipupdate-legacy-4.2.2-bp151.4.3.1.x86_64.rpm geoipupdate-4.2.2-bp151.4.3.1.aarch64.rpm geoipupdate-legacy-4.2.2-bp151.4.3.1.aarch64.rpm geoipupdate-4.2.2-bp151.4.3.1.ppc64le.rpm geoipupdate-legacy-4.2.2-bp151.4.3.1.ppc64le.rpm geoipupdate-4.2.2-bp151.4.3.1.s390x.rpm geoipupdate-legacy-4.2.2-bp151.4.3.1.s390x.rpm openSUSE-2020-433 moderate openSUSE Backports SLE-15-SP1 Update This update for lighttpd fixes the following issues: - Removed deprecated GeoIP support (boo#1156198) * dropped mod_geoip subpackage Update to 1.4.55: - a multitude of bug fixes This update was imported from the openSUSE:Leap:15.1:Update update project. lighttpd-1.4.55-bp151.4.6.1.src.rpm lighttpd-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_authn_gssapi-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_authn_ldap-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_authn_mysql-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_authn_pam-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_authn_sasl-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_cml-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_magnet-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_maxminddb-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_mysql_vhost-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_rrdtool-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_vhostdb_dbi-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_vhostdb_ldap-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_vhostdb_mysql-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_vhostdb_pgsql-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-mod_webdav-1.4.55-bp151.4.6.1.x86_64.rpm lighttpd-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_authn_gssapi-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_authn_ldap-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_authn_mysql-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_authn_pam-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_authn_sasl-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_cml-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_magnet-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_maxminddb-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_mysql_vhost-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_rrdtool-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_trigger_b4_dl-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_vhostdb_dbi-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_vhostdb_ldap-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_vhostdb_mysql-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_vhostdb_pgsql-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-mod_webdav-1.4.55-bp151.4.6.1.aarch64.rpm lighttpd-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_authn_gssapi-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_authn_ldap-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_authn_mysql-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_authn_pam-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_authn_sasl-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_cml-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_magnet-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_maxminddb-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_mysql_vhost-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_rrdtool-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_trigger_b4_dl-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_vhostdb_dbi-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_vhostdb_ldap-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_vhostdb_mysql-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_vhostdb_pgsql-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-mod_webdav-1.4.55-bp151.4.6.1.ppc64le.rpm lighttpd-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_authn_gssapi-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_authn_ldap-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_authn_mysql-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_authn_pam-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_authn_sasl-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_cml-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_magnet-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_maxminddb-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_mysql_vhost-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_rrdtool-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_trigger_b4_dl-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_vhostdb_dbi-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_vhostdb_ldap-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_vhostdb_mysql-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_vhostdb_pgsql-1.4.55-bp151.4.6.1.s390x.rpm lighttpd-mod_webdav-1.4.55-bp151.4.6.1.s390x.rpm openSUSE-2020-434 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: Update to 1.1.9 boo#1099674: * Add builtin and comprehensions to catch tad more issues * Do not add FIXME comments for already commented lines * Add the article to the comment * Exclude mysql_testserver calls from bracketing * Do not curlify systemd_ordering macro * Ignore dephell setup generator macro from bracketing * Use github actions and drop travis and tox * Use pre-commit framework for the project (it runs black, flake8, flake8-docstrings and mypy on every commit) * Update README * Add %{dephell_gensetup} macro instead of the full call to dephell com This update was imported from the openSUSE:Leap:15.1:Update update project. spec-cleaner-1.1.9-bp151.3.18.1.noarch.rpm spec-cleaner-1.1.9-bp151.3.18.1.src.rpm spec-cleaner-format_spec_file-1.1.9-bp151.3.18.1.noarch.rpm openSUSE-2020-435 moderate openSUSE Backports SLE-15-SP1 Update This update for subnetcalc fixes the following issues: Remove the dependency on deprecated GeoIP-devel, fixes boo#1156201 Update to version 2.4.14. This update was imported from the openSUSE:Leap:15.1:Update update project. subnetcalc-2.4.14-bp151.4.3.1.src.rpm subnetcalc-2.4.14-bp151.4.3.1.x86_64.rpm subnetcalc-2.4.14-bp151.4.3.1.aarch64.rpm subnetcalc-2.4.14-bp151.4.3.1.ppc64le.rpm subnetcalc-2.4.14-bp151.4.3.1.s390x.rpm openSUSE-2020-472 moderate openSUSE Backports SLE-15-SP1 Update This update for uwsgi fixes the following issues: - Disabled geoip plugin [boo#1156199] - Fix systemd kill signal (uwsgi does not die on SIGTERM) - Add reload command to systemd service Update to upstream release 2.0.18: * Fixed support for Python 3.7 * Allow to use autoport (socket :0) with custom socket backlog * pyuwsgi ported to python3 * pyuwsgi packages fixes * pyuwsginossl build configuration for building pyuwsgi without ssl support * Fix unix socket inheritance after reload on FreeBSD * Fix crashes with --wsgi-env-behavior=holy (#1950) * Fix invalid free in python plugin (#1942) * Fix compilation warnings with gcc-8 (#1819) * Fix spooler python references * Don't generate build warnings in systemd_logger * Fix segmentation fault during worker shutdown (#1651) Update to upstream release 2.0.17.1: * Fixed memory leak in HTTPS_CLIENT_CERTIFICATE * TLSv1 is now disabled by default * Improved daemons throttle system * Add “secs” log formatting variable * Improved snprintf() usage to be OpenBSD-friendly * Improved glibc crypt/crypt_r management * Fixed websocket pong timeout check * Add the “License” classifier to setup.py * Add support for php user.ini * Official support for Python 3.7 - Don't create a /run directory for Apache on startup. It fails if Apache is not installed and sockets are defined per-application anyway (boo#1082002) - Fix broken build dependency on Leap 15 - Require Apache 2.4.33 for Leap 15 and Tumbleweed because otherwise mod_proxy_uwsgi is not available (boo#1090695) This update was imported from the openSUSE:Leap:15.1:Update update project. apache2-mod_uwsgi-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-2.0.18-bp151.4.3.6.src.rpm uwsgi-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-emperor_pg-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-emperor_zeromq-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-gevent-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-glusterfs-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-greenlet-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-jvm-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-ldap-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-libffi-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-logzmq-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-lua-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-pam-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-php7-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-psgi-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-pypy-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-python-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-python3-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-sqlite3-2.0.18-bp151.4.3.6.x86_64.rpm uwsgi-xslt-2.0.18-bp151.4.3.6.x86_64.rpm apache2-mod_uwsgi-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-emperor_pg-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-emperor_zeromq-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-gevent-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-glusterfs-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-greenlet-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-jvm-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-ldap-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-libffi-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-logzmq-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-lua-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-pam-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-php7-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-psgi-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-pypy-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-python-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-python3-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-sqlite3-2.0.18-bp151.4.3.6.aarch64.rpm uwsgi-xslt-2.0.18-bp151.4.3.6.aarch64.rpm apache2-mod_uwsgi-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-emperor_pg-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-emperor_zeromq-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-gevent-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-glusterfs-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-greenlet-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-jvm-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-ldap-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-libffi-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-logzmq-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-lua-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-pam-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-php7-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-psgi-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-pypy-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-python-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-python3-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-sqlite3-2.0.18-bp151.4.3.6.ppc64le.rpm uwsgi-xslt-2.0.18-bp151.4.3.6.ppc64le.rpm openSUSE-2020-440 moderate openSUSE Backports SLE-15-SP1 Update This update for python-nltk fixes the following issues: Update to 3.4.5 (boo#1146427, CVE-2019-14751): * CVE-2019-14751: Fixed Zip slip vulnerability in downloader for the unlikely situation where a user configures their downloader to use a compromised server (boo#1146427) Update to 3.4.4: * fix bug in plot function (probability.py) * add improved PanLex Swadesh corpus reader * add Text.generate() * add QuadgramAssocMeasures * add SSP to tokenizers * return confidence of best tag from AveragedPerceptron * make plot methods return Axes objects * don't require list arguments to PositiveNaiveBayesClassifier.train * fix Tree classes to work with native Python copy library * fix inconsistency for NomBank * fix random seeding in LanguageModel.generate * fix ConditionalFreqDist mutation on tabulate/plot call * fix broken links in documentation * fix misc Wordnet issues * update installation instructions Version update to 3.4.1: * add chomsky_normal_form for CFGs * add meteor score * add minimum edit/Levenshtein distance based alignment function * allow access to collocation list via text.collocation_list() * support corenlp server options * drop support for Python 3.4 * other minor fixes Update to v3.4: * Support Python 3.7 * New Language Modeling package * Cistem Stemmer for German * Support Russian National Corpus incl POS tag model * Krippendorf Alpha inter-rater reliability test * Comprehensive code clean-ups * Switch continuous integration from Jenkins to Travis Updated to v3.3: * Support Python 3.6 * New interface to CoreNLP * Support synset retrieval by sense key * Minor fixes to CoNLL Corpus Reader * AlignedSent * Fixed minor inconsistencies in APIs and API documentation * Better conformance to PEP8 * Drop Moses Tokenizer (incompatible license) This update was imported from the openSUSE:Leap:15.1:Update update project. python-nltk-3.4.5-bp151.4.3.1.src.rpm python2-nltk-3.4.5-bp151.4.3.1.noarch.rpm python3-nltk-3.4.5-bp151.4.3.1.noarch.rpm openSUSE-2020-466 moderate openSUSE Backports SLE-15-SP1 Update This update for mumble fixes the following issues: Mumble was updated to 1.3.0. Release notes are at: https://www.mumble.info/blog/mumble-1.3.0-release-announcement/ - set permissions of config file to 640 because it can contain passwords - Really use the system speex and opus dependencies. - Also recommend the Qt mysql and psql backend. Murmur also supports those drivers. mumble-1.3.0-bp151.6.9.1.src.rpm mumble-1.3.0-bp151.6.9.1.x86_64.rpm mumble-server-1.3.0-bp151.6.9.1.x86_64.rpm mumble-1.3.0-bp151.6.9.1.aarch64.rpm mumble-64bit-1.3.0-bp151.6.9.1.aarch64_ilp32.rpm mumble-server-1.3.0-bp151.6.9.1.aarch64.rpm mumble-1.3.0-bp151.6.9.1.ppc64le.rpm mumble-server-1.3.0-bp151.6.9.1.ppc64le.rpm mumble-1.3.0-bp151.6.9.1.s390x.rpm mumble-server-1.3.0-bp151.6.9.1.s390x.rpm openSUSE-2020-443 low openSUSE Backports SLE-15-SP1 Update This update for jovie fixes the following issues: * Fix speechd include paths for SLE This update was imported from the openSUSE:Leap:15.1:Update update project. jovie-17.08.3-bp151.5.3.1.src.rpm jovie-17.08.3-bp151.5.3.1.x86_64.rpm jovie-17.08.3-bp151.5.3.1.aarch64.rpm jovie-17.08.3-bp151.5.3.1.ppc64le.rpm jovie-17.08.3-bp151.5.3.1.s390x.rpm openSUSE-2020-483 moderate openSUSE Backports SLE-15-SP1 Update This update for pdns fixes the following issues: - pdns_maxmind.patch: backport support for MaxMindDB - Build with libmaxminddb instead of the obsolete GeoIP (boo#1156196) pdns-4.1.8-bp151.3.6.1.src.rpm pdns-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-geoip-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-godbc-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-ldap-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-lua-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-mydns-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-mysql-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-postgresql-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-remote-4.1.8-bp151.3.6.1.x86_64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.6.1.x86_64.rpm pdns-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-geoip-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-godbc-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-ldap-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-lua-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-mydns-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-mysql-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-postgresql-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-remote-4.1.8-bp151.3.6.1.aarch64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.6.1.aarch64.rpm pdns-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-geoip-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-godbc-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-ldap-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-lua-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-mydns-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-mysql-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-postgresql-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-remote-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-backend-sqlite3-4.1.8-bp151.3.6.1.ppc64le.rpm pdns-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-geoip-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-godbc-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-ldap-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-lua-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-mydns-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-mysql-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-postgresql-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-remote-4.1.8-bp151.3.6.1.s390x.rpm pdns-backend-sqlite3-4.1.8-bp151.3.6.1.s390x.rpm openSUSE-2020-484 moderate openSUSE Backports SLE-15-SP1 Update This update for pmacct fixes the following issues: Update to version 1.7.4p1 - fix, pre_tag_map: a memory leak in pretag_entry_process() has been introduced in 1.7.4. Update to version 1.7.4 + Introduced support for the 'vxlan' VXLAN/VNI primitive in all traffic daemons + BMP daemon: added support for Peer Up message namespace for TLVs + sfprobe plugin: added support for IPv6 transport for sFlow export. See /usr/share/doc/packages/pmacct/ChangeLog for all changes - Do not longer build with support for the obsolete GeoIP The GeoIP-interface has been discontinued by Maxmind. See https://support.maxmind.com/geolite-legacy-discontinuation-notice/ for details. Without the database GeoIP is useless. pmacct is now build with support for libmaxminddb (GeoIPv2) that provides the same features but with a new supported interface. Update to version 1.7.3 + Introduced the RPKI daemon to build a ROA database and check prefixes validation status and coverages. Resource Public Key Infrastructure (RPKI) is a specialized public key infrastructure (PKI) framework designed to secure the Internet routing. RPKI uses certificates to allow Local Internet Registries (LIRs) to list the Internet number resources they hold. These attestations are called Route Origination Authorizations (ROAs). ROA information can be acquired in one of the two following ways: 1) importing it using the rpki_roas_file config directive from a file in the RIPE Validator format or 2) connecting to a RPKI RTR Cache for live ROA updates; the cache IP address/port being defined by the rpki_rtr_cache config directive (and a few more optional rpki_rtr_* directives are available and can be reviwed in the CONFIG-KEYS doc). The ROA fields will be populated with one of these five values: 'u' Unknown, 'v' Valid, 'i' Invalid no overlaps, 'V' Invalid with a covering Valid prefix, 'U' Invalid with a covering Unknown prefix. + Introducing pmgrpcd.py, written in Python, a daemon to handle gRPC- based Streaming Telemetry sessions and unmarshall GPB data. Code was mostly courtesy by Matthias Arnold ( @tbearma1 ). This is in addition (or feeding into) pmtelemetryd, written in C, a daemon to handle TCP/UDP-based Streaming Telemetry sessions with JSON-encoded data. + pmacctd, uacctd: added support for CFP (Cisco FabricPath) and Cisco Virtual Network Tag protocols. + print plugin: added 'custom' to print_output. This is to cover two main use-cases: 1) use JSON or Avro encodings but fix the format of the messages in a custom way and 2) use a different encoding than JSON or Avro. See also example in examples/custom and new directives print_output_custom_lib and print_output_custom_cfg_file. The patch was courtesy by Edge Intelligence ( @edge-intelligence ). + Introducing mpls_pw_id aggregation primitive and mpls_pw_id key in pre_tag_map to filter on signalled L2 MPLS VPN Pseudowire IDs. + BGP daemon: added bgp_disable_router_id knob to enable/disable BGP Router-ID check, both at BGP OPEN time and BGP lookup. Useful, for example, in scenarios with split BGP v4/v6 AFs over v4/v6 transports. + BGP, BMP daemons: translate origin attribute numeric value into IGP (i), EGP (e) and Incomplete (u) strings. + plugins: added new plugin_exit_any feature to make the daemon bail out if any (not all, which is the default behaviour) of the plugins exits. + maps_index: improved selection of buckets for index hash structure by picking the closest prime number to the double of the entries of the map to be indexed in order to achieve better elements dispersion and hence better performances. + nfacctd: added support for IPFIX templateId-scoped (IE 145) sampling information. + pmacctd, uacctd, sfacctd, nfacctd: added a -M command-line option to set *_markers (ie. print_markers) to true and fixed -A command-line option to set print_output_file_append to align to true/false. ! fix, BGP, BMP, Streaming Telemetry daemons: improved sequencing of dump events by assigning a single sequence number per event (ie. for streaming pipeline scenarios in order to reduce correlation with dump_init/dump_close messages). Also amount of record dumped was added to the close message. ! fix, BGP, BMP, Streaming Telemetry daemons: removed hierarchical json_decref() since json_object_get() borrows reference. This was occasionaly leading to SEGVs. ! fix, uacctd: dynamically allocate jumbo_container buffer size as packets larger than 10KB, previous static allocation, would lead to crashes. ! fix, nfacctd: wired (BGP, BMP, ISIS, etc.) lookups to the NEL/NSEL use-case. ! fix, nfacctd: search for IE 408 (dataLinkFrameType) was leading to SEGVs. Also improved handling of variable-length IPFIX templates. ! fix, BMP daemon: solved an occasional truncation of the last message in a packet. ! fix, BGP daemon: when processing bgp_daemon_md5_file, ipv4 addresses were incorrectly translated to ipv4-mapped ipv6 ones as a result of which TCP-MD5 hashes were not correctly bound to sockets. ! fix, BGP daemon: improved label-unicast and mpls-vpn SAFIs handling (some bogus messages, multiple labels, etc.). ! fix, BGP daemon: introduced PREFIX_STRLEN to make enough room for prefix2str() calls (before unsufficient INET6_ADDRSTRLEN was used). ! fix, BMP daemon: improved handling of ADD-PATH capability. ! fix, plugins: an incorrect evaluation in P_cache_attach_new_node did make possible to buffer overrun in plugins cache allocation. This was found related to a "[..]: Assertion `!cache_ptr->stitch' failed." daemon bail-out message. ! fix, plugins: if pidfile directive was enabled, exit_gracefully() was mistakenly deleting the plugin pidfile when called by a child process (ie. writer, dumper, etc.). ! fix, plugins: when taking exit_gracefully(), if the process is marked as 'is_forked', just exit and don't perform extra ops in exit_all() or exit_plugin(). ! fix, plugins: re-evaluate dynamic tables/files name if *_refresh_time is different than *_history period. ! fix, SQL plugins: a missing 'AND' was making SQL statements related to src_host_coords and dst_host_coords fail. ! fix, GeoIPv2: if no match is returned by libmaxminddb, return O1 code (Other Country) instead of a null value. ! fix, flow_to_rd_map: mpls_vpn_id was not working when maps_index was enabled. Also partly re-written mpls_vpn_id handler. ! fix, nfprobe plugin: serialize_bin() function introduced for correct serialization of custom primitives defined with 'raw' semantics. ! fix, PostgreSQL plugin: testing for presence of PQlibVersion() in libpq to prevent compiling issues (ie. on CentOS 6). ! fix, MySQL plugin: including mysql_version.h to compile successfully against newer MariaDB releases. ! fix, nDPI classification: send log message if 'class' primitive is selected but nDPI is not compiled in; also updated code to follow API changes in versions >= 2.6 of the library. Dropped support for versions < 2.4. ! fix, sfprobe plugin: added (and documented) conditional for optional export of classification info. ! fix, aggregate_primitives: field_type is now also allowed for pmacctd and uaccd daemons so that it can be used for NetFlow v9/IPFIX export (nfprobe plugin) purposes. ! fix, pre_tag_map: if no 'ip' keyword is specified, an entry of the map gets recirculated in order to be set for both v4 and v6 maps. If a 'set_label' is also specified, it was causing a SEGV. Now the label is correctly copied in case of recirculation. ! fix, zmq_common.c: added option for non-blocking p_zmq_send_bin() as otherwise program would block in case of no consumers (main use-case: flow replication over ZeroMQ queues); as a result, a generous hwm value was added on both sides of these queues. ! fix, zmq_common.c: ZAP socket moved inside thread to prevent failed assert() when compiling with gcc7/gcc8. Also a single user/password auto-generated combination is used for all plugins. ! fix, signals.c: SIGUSR1 handler for nfacctd and nfacctd is changed to syncronous in order to prevent race conditions. Also, in pmacctd, upon sending SIGUSR1, stats were not printed when reading packets from a pcap_interfaaces_map. ! fix, plugin_cmn_json.c: if leaving protocols numerical (ie. proto, tunnel_proto primitives), convert them to string-represented numbers for data consistency for consumers. ! fix, util.c: open_output_file(), if file exists and it's a FIFO then set O_NONBLOCK when opening. ! fix, pretag.c: pretag_index_report() was reporting incorrect info of the hash structure built for the maps_index feature. Its format was has also changed to be better parseable. ! fix, compile time warnings: several warnings were addressed including but not restricted to -Wformat ones. Also an annotation was added to the Log function to inform the compiler it's a printf-style function, allowing it to give warnings for argument mismatches. - --enable-ipv6 configure script switch has been deprecated and, as a result, IPv6 support was made mandatory. - BGP daemon: removed unused pathlimit field from bgp_attr structure. - pmacct client: removed deprecated SYM field from from formatted and CSV headers. - Build with support for * ZeroMQ * Maxmind GeoIP DB v2 This update was imported from the openSUSE:Leap:15.1:Update update project. pmacct-1.7.4p1-bp151.2.3.1.src.rpm pmacct-1.7.4p1-bp151.2.3.1.x86_64.rpm pmacct-1.7.4p1-bp151.2.3.1.aarch64.rpm pmacct-1.7.4p1-bp151.2.3.1.ppc64le.rpm pmacct-1.7.4p1-bp151.2.3.1.s390x.rpm openSUSE-2020-485 moderate openSUSE Backports SLE-15-SP1 Update This update for pari-galdata, pari-galpol, pari-seadata fixes the following issues: Changes in pari-galdata: - Strip /data/ subdirectory [boo#1106378, boo#1165480] Changes in pari-galpol: - Update to new upstream release 20180625 * No changelog was provided - Strip /data/ subdirectory [boo#1106378, boo#1165480] Changes in pari-seadata: - Strip /data/ subdirectory [boo#1106378, boo#1165480] This update was imported from the openSUSE:Leap:15.1:Update update project. pari-galdata-20080411-bp151.4.3.1.noarch.rpm pari-galdata-20080411-bp151.4.3.1.src.rpm pari-galpol-20180625-bp151.4.3.1.noarch.rpm pari-galpol-20180625-bp151.4.3.1.src.rpm pari-seadata-20090618-bp151.4.3.1.noarch.rpm pari-seadata-20090618-bp151.4.3.1.src.rpm openSUSE-2020-486 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: Update to LXC 4.0.0. The full upstream changelog is available from: https://discuss.linuxcontainers.org/t/lxc-4-0-lts-has-been-released/7182 Related to the LXD 4.0.0 update (boo#1168338). + cgroups: Full cgroup2 support + cgroups: Freezer support in CGroup2 + cgroups: eBPF device controller support in CGroup2 + AppArmor: Deny access to /proc/acpi/** + config: Add lxc.autodev.tmpfs.size configuration key + config: Add lxc.selinux.context.keyring key + config: Add lxc.keyring.session + seccomp: Add s390 support * network: Improved network device creation and removal + network: Allow moving wireless devices This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-4.0.0-bp151.5.12.1.x86_64.rpm liblxc1-4.0.0-bp151.5.12.1.x86_64.rpm lxc-4.0.0-bp151.5.12.1.src.rpm lxc-4.0.0-bp151.5.12.1.x86_64.rpm lxc-bash-completion-4.0.0-bp151.5.12.1.noarch.rpm pam_cgfs-4.0.0-bp151.5.12.1.x86_64.rpm liblxc-devel-4.0.0-bp151.5.12.1.aarch64.rpm liblxc1-4.0.0-bp151.5.12.1.aarch64.rpm lxc-4.0.0-bp151.5.12.1.aarch64.rpm pam_cgfs-4.0.0-bp151.5.12.1.aarch64.rpm liblxc-devel-4.0.0-bp151.5.12.1.ppc64le.rpm liblxc1-4.0.0-bp151.5.12.1.ppc64le.rpm lxc-4.0.0-bp151.5.12.1.ppc64le.rpm pam_cgfs-4.0.0-bp151.5.12.1.ppc64le.rpm liblxc-devel-4.0.0-bp151.5.12.1.s390x.rpm liblxc1-4.0.0-bp151.5.12.1.s390x.rpm lxc-4.0.0-bp151.5.12.1.s390x.rpm pam_cgfs-4.0.0-bp151.5.12.1.s390x.rpm openSUSE-2020-487 moderate openSUSE Backports SLE-15-SP1 Update This update for lxcfs fixes the following issues: Update to LXCFS 4.0.1. The full upstream changelog is available from: https://discuss.linuxcontainers.org/t/lxcfs-4-0-lts-has-been-released/7031 https://discuss.linuxcontainers.org/t/lxcfs-4-0-1-lts-has-been-released/7130 Related to the LXD 4.0.0 update (boo#1168338). + cgroup2: Support for the new unified cgroup hierarchy + /proc/cpuinfo and cpu output in /proc/stat based on cpu shares + /proc/loadavg virtualization + pidfd supported process tracking * Improved command line options * Compiler based hardening * Minimal compiler based resource management This update was imported from the openSUSE:Leap:15.1:Update update project. lxcfs-4.0.1-bp151.3.6.1.src.rpm lxcfs-4.0.1-bp151.3.6.1.x86_64.rpm lxcfs-hooks-lxc-4.0.1-bp151.3.6.1.noarch.rpm lxcfs-4.0.1-bp151.3.6.1.aarch64.rpm lxcfs-4.0.1-bp151.3.6.1.ppc64le.rpm lxcfs-4.0.1-bp151.3.6.1.s390x.rpm openSUSE-2020-534 moderate openSUSE Backports SLE-15-SP1 Update This update for gnuhealth fixes the following issues: - Fixed a local privilege escalation in gnuhealth-control, use of static tmp file/http transport (bsc#1167126) - Fixed a local DoS of backup functionality in gnuhealth-control due to use of static tmp files (bsc#1167128) This update was imported from the openSUSE:Leap:15.1:Update update project. gnuhealth-3.4.1-bp151.3.9.4.noarch.rpm gnuhealth-3.4.1-bp151.3.9.4.src.rpm openSUSE-2020-514 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: - Fix mis-use of %suse_version when we actually want to check against %sle_version when determining whether lxc-user-nic should be setuid. This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-4.0.0-bp151.5.15.1.x86_64.rpm liblxc1-4.0.0-bp151.5.15.1.x86_64.rpm lxc-4.0.0-bp151.5.15.1.src.rpm lxc-4.0.0-bp151.5.15.1.x86_64.rpm lxc-bash-completion-4.0.0-bp151.5.15.1.noarch.rpm pam_cgfs-4.0.0-bp151.5.15.1.x86_64.rpm liblxc-devel-4.0.0-bp151.5.15.1.aarch64.rpm liblxc1-4.0.0-bp151.5.15.1.aarch64.rpm lxc-4.0.0-bp151.5.15.1.aarch64.rpm pam_cgfs-4.0.0-bp151.5.15.1.aarch64.rpm liblxc-devel-4.0.0-bp151.5.15.1.ppc64le.rpm liblxc1-4.0.0-bp151.5.15.1.ppc64le.rpm lxc-4.0.0-bp151.5.15.1.ppc64le.rpm pam_cgfs-4.0.0-bp151.5.15.1.ppc64le.rpm liblxc-devel-4.0.0-bp151.5.15.1.s390x.rpm liblxc1-4.0.0-bp151.5.15.1.s390x.rpm lxc-4.0.0-bp151.5.15.1.s390x.rpm pam_cgfs-4.0.0-bp151.5.15.1.s390x.rpm openSUSE-2020-517 moderate openSUSE Backports SLE-15-SP1 Update This update for nagios to version 4.4.5 fixes the following issues: - CVE-2019-3698: Symbolic link following vulnerability in the cronjob allows local attackers to cause cause DoS or potentially escalate privileges. (boo#1156309) - CVE-2018-18245: Fixed XSS vulnerability in Alert Summary report (boo#1119832) - CVE-2018-13441, CVE-2018-13458, CVE-2018-13457: Fixed a few denial of service vulnerabilities caused by null pointer dereference (boo#1101293, boo#1101289, boo#1101290). This update was imported from the openSUSE:Leap:15.1:Update update project. nagios-4.4.5-bp151.4.3.1.src.rpm nagios-4.4.5-bp151.4.3.1.x86_64.rpm nagios-contrib-4.4.5-bp151.4.3.1.x86_64.rpm nagios-devel-4.4.5-bp151.4.3.1.x86_64.rpm nagios-theme-exfoliation-4.4.5-bp151.4.3.1.noarch.rpm nagios-www-4.4.5-bp151.4.3.1.x86_64.rpm nagios-www-dch-4.4.5-bp151.4.3.1.x86_64.rpm nagios-4.4.5-bp151.4.3.1.aarch64.rpm nagios-contrib-4.4.5-bp151.4.3.1.aarch64.rpm nagios-devel-4.4.5-bp151.4.3.1.aarch64.rpm nagios-www-4.4.5-bp151.4.3.1.aarch64.rpm nagios-www-dch-4.4.5-bp151.4.3.1.aarch64.rpm nagios-4.4.5-bp151.4.3.1.ppc64le.rpm nagios-contrib-4.4.5-bp151.4.3.1.ppc64le.rpm nagios-devel-4.4.5-bp151.4.3.1.ppc64le.rpm nagios-www-4.4.5-bp151.4.3.1.ppc64le.rpm nagios-www-dch-4.4.5-bp151.4.3.1.ppc64le.rpm nagios-4.4.5-bp151.4.3.1.s390x.rpm nagios-contrib-4.4.5-bp151.4.3.1.s390x.rpm nagios-devel-4.4.5-bp151.4.3.1.s390x.rpm nagios-www-4.4.5-bp151.4.3.1.s390x.rpm nagios-www-dch-4.4.5-bp151.4.3.1.s390x.rpm openSUSE-2020-518 moderate openSUSE Backports SLE-15-SP1 Update This update for kitinerary fixes the following issues: - Build without poppler (i.e. PDF support) to avoid kmail crashing on certain emails due to a conflict between libopenjpeg1 (loaded by QtWebEngine via ffmpeg/libavcodec) and libopenjp2 (used by poppler) (boo#1165440) kitinerary-18.12.3-bp151.3.3.1.src.rpm kitinerary-devel-18.12.3-bp151.3.3.1.x86_64.rpm libKPimItinerary5-18.12.3-bp151.3.3.1.x86_64.rpm libKPimItinerary5-lang-18.12.3-bp151.3.3.1.noarch.rpm kitinerary-devel-18.12.3-bp151.3.3.1.aarch64.rpm libKPimItinerary5-18.12.3-bp151.3.3.1.aarch64.rpm kitinerary-devel-18.12.3-bp151.3.3.1.ppc64le.rpm libKPimItinerary5-18.12.3-bp151.3.3.1.ppc64le.rpm kitinerary-devel-18.12.3-bp151.3.3.1.s390x.rpm libKPimItinerary5-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-516 moderate openSUSE Backports SLE-15-SP1 Update This update for gn, re2 fixes the following issues: chromium dependencies were updated: gn was updated to 0.1726: re2 was updated to version 2020-04-01: * Update Unicode data to 13.0.0 * Include the pattern length in "DFA out of memory" errorrs This update was imported from the openSUSE:Leap:15.1:Update update project. gn-0.1726-bp151.3.3.1.src.rpm gn-0.1726-bp151.3.3.1.x86_64.rpm libre2-6-20200401-bp151.6.15.1.x86_64.rpm libre2-6-debuginfo-20200401-bp151.6.15.1.x86_64.rpm re2-20200401-bp151.6.15.1.src.rpm re2-debugsource-20200401-bp151.6.15.1.x86_64.rpm re2-devel-20200401-bp151.6.15.1.x86_64.rpm gn-0.1726-bp151.3.3.1.aarch64.rpm libre2-6-20200401-bp151.6.15.1.aarch64.rpm libre2-6-64bit-20200401-bp151.6.15.1.aarch64_ilp32.rpm libre2-6-64bit-debuginfo-20200401-bp151.6.15.1.aarch64_ilp32.rpm libre2-6-debuginfo-20200401-bp151.6.15.1.aarch64.rpm re2-debugsource-20200401-bp151.6.15.1.aarch64.rpm re2-devel-20200401-bp151.6.15.1.aarch64.rpm gn-0.1726-bp151.3.3.1.ppc64le.rpm libre2-6-20200401-bp151.6.15.1.ppc64le.rpm libre2-6-debuginfo-20200401-bp151.6.15.1.ppc64le.rpm re2-debugsource-20200401-bp151.6.15.1.ppc64le.rpm re2-devel-20200401-bp151.6.15.1.ppc64le.rpm gn-0.1726-bp151.3.3.1.s390x.rpm libre2-6-20200401-bp151.6.15.1.s390x.rpm libre2-6-debuginfo-20200401-bp151.6.15.1.s390x.rpm re2-debugsource-20200401-bp151.6.15.1.s390x.rpm re2-devel-20200401-bp151.6.15.1.s390x.rpm openSUSE-2020-523 moderate openSUSE Backports SLE-15-SP1 Update This update for ansible to version 2.9.6 fixes the following issues: Security issues fixed: - CVE-2019-14904: Fixed a vulnerability in solaris_zone module via crafted solaris zone (boo#1157968). - CVE-2019-14905: Fixed an issue where malicious code could craft filename in nxos_file_copy module (boo#1157969). - CVE-2019-14864: Fixed Splunk and Sumologic callback plugins leak sensitive data in logs (boo#1154830). - CVE-2019-14846: Fixed secrets disclosure on logs due to display is hardcoded to DEBUG level (boo#1153452) - CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (boo#1154232) - CVE-2019-14858: Fixed data in the sub parameter fields that will not be masked and will be displayed when run with increased verbosity (boo#1154231) - CVE-2019-10206: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. (boo#1142690) - CVE-2019-10217: Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks. (boo#1144453) This update was imported from the openSUSE:Leap:15.1:Update update project. ansible-2.9.6-bp151.3.6.1.noarch.rpm ansible-2.9.6-bp151.3.6.1.src.rpm ansible-doc-2.9.6-bp151.3.6.1.noarch.rpm ansible-test-2.9.6-bp151.3.6.1.noarch.rpm openSUSE-2020-535 moderate openSUSE Backports SLE-15-SP1 Update This update for gstreamer-rtsp-server fixes the following issues: - CVE-2020-6095: Fixed a NULL pointer dereference when handling an invalid basic Authorization header (boo#1168026). gstreamer-rtsp-server-1.12.5-bp151.4.3.1.src.rpm gstreamer-rtsp-server-devel-1.12.5-bp151.4.3.1.x86_64.rpm libgstrtspserver-1_0-0-1.12.5-bp151.4.3.1.x86_64.rpm typelib-1_0-GstRtspServer-1_0-1.12.5-bp151.4.3.1.x86_64.rpm gstreamer-rtsp-server-devel-1.12.5-bp151.4.3.1.aarch64.rpm libgstrtspserver-1_0-0-1.12.5-bp151.4.3.1.aarch64.rpm typelib-1_0-GstRtspServer-1_0-1.12.5-bp151.4.3.1.aarch64.rpm gstreamer-rtsp-server-devel-1.12.5-bp151.4.3.1.ppc64le.rpm libgstrtspserver-1_0-0-1.12.5-bp151.4.3.1.ppc64le.rpm typelib-1_0-GstRtspServer-1_0-1.12.5-bp151.4.3.1.ppc64le.rpm gstreamer-rtsp-server-devel-1.12.5-bp151.4.3.1.s390x.rpm libgstrtspserver-1_0-0-1.12.5-bp151.4.3.1.s390x.rpm typelib-1_0-GstRtspServer-1_0-1.12.5-bp151.4.3.1.s390x.rpm openSUSE-2020-540 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 81.0.4044.92 boo#1168911: * CVE-2020-6454: Use after free in extensions * CVE-2020-6423: Use after free in audio * CVE-2020-6455: Out of bounds read in WebSQL * CVE-2020-6430: Type Confusion in V8 * CVE-2020-6456: Insufficient validation of untrusted input in clipboard * CVE-2020-6431: Insufficient policy enforcement in full screen * CVE-2020-6432: Insufficient policy enforcement in navigations * CVE-2020-6433: Insufficient policy enforcement in extensions * CVE-2020-6434: Use after free in devtools * CVE-2020-6435: Insufficient policy enforcement in extensions * CVE-2020-6436: Use after free in window management * CVE-2020-6437: Inappropriate implementation in WebView * CVE-2020-6438: Insufficient policy enforcement in extensions * CVE-2020-6439: Insufficient policy enforcement in navigations * CVE-2020-6440: Inappropriate implementation in extensions * CVE-2020-6441: Insufficient policy enforcement in omnibox * CVE-2020-6442: Inappropriate implementation in cache * CVE-2020-6443: Insufficient data validation in developer tools * CVE-2020-6444: Uninitialized Use in WebRTC * CVE-2020-6445: Insufficient policy enforcement in trusted types * CVE-2020-6446: Insufficient policy enforcement in trusted types * CVE-2020-6447: Inappropriate implementation in developer tools * CVE-2020-6448: Use after free in V8 Chromium was updated to 80.0.3987.162 boo#1168421: * CVE-2020-6450: Use after free in WebAudio. * CVE-2020-6451: Use after free in WebAudio. * CVE-2020-6452: Heap buffer overflow in media. - Use a symbolic icon for GNOME This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-81.0.4044.92-bp151.3.66.1.x86_64.rpm chromium-81.0.4044.92-bp151.3.66.1.src.rpm chromium-81.0.4044.92-bp151.3.66.1.x86_64.rpm chromedriver-81.0.4044.92-bp151.3.66.1.aarch64.rpm chromium-81.0.4044.92-bp151.3.66.1.aarch64.rpm openSUSE-2020-539 moderate openSUSE Backports SLE-15-SP1 Update This update for mp3gain fixes the following issues: Update to version 1.6.2. - CVE-2019-18359: Fixed a buffer over-read was discovered in ReadMP3APETag (boo#1154971) This update was imported from the openSUSE:Leap:15.1:Update update project. mp3gain-1.6.2-bp151.4.3.1.src.rpm mp3gain-1.6.2-bp151.4.3.1.x86_64.rpm mp3gain-1.6.2-bp151.4.3.1.aarch64.rpm mp3gain-1.6.2-bp151.4.3.1.ppc64le.rpm mp3gain-1.6.2-bp151.4.3.1.s390x.rpm openSUSE-2020-549 moderate openSUSE Backports SLE-15-SP1 Update This update for crawl fixes the following issues: * CVE-2020-11722: Fixed a remote code evaluation issue with lua loadstring (boo#1169381) Update to version 0.24.0 * Vampire species simplified * Thrown weapons streamlined * Fedhas reimagined * Sif Muna reworked Update to version 0.23.2 * Trap system overhaul * New Gauntlet portal to replace Labyrinths * Nemelex Xobeh rework * Nine unrandarts reworked and the new "Rift" unrandart added * Support for seeded dungeon play * build requires python and python-pyYAML Update to 0.22.0 * Player ghosts now only appear in sealed ghost vaults * New spell library interface * User interface revamp for Tiles and WebTiles crawl-0.24.0-bp151.4.3.2.src.rpm crawl-0.24.0-bp151.4.3.2.x86_64.rpm crawl-data-0.24.0-bp151.4.3.2.noarch.rpm crawl-sdl-0.24.0-bp151.4.3.2.x86_64.rpm crawl-0.24.0-bp151.4.3.2.aarch64.rpm crawl-sdl-0.24.0-bp151.4.3.2.aarch64.rpm crawl-0.24.0-bp151.4.3.2.s390x.rpm crawl-sdl-0.24.0-bp151.4.3.2.s390x.rpm openSUSE-2020-546 moderate openSUSE Backports SLE-15-SP1 Update This update for redis fixes the following issues: redis updated to 4.0.14 (boo#1169810): * backport of fixes from Redis 5, addressing memory leaks, possible corruptions and undesired behavior * Important fixes to the AOF implementation - update systemd unit file to fix redis shutdown immedaiate after start - make sure that disabling/restarting servers works See https://nordisch.org/posts/hooking-up-instantiated-services-with-rpm/ - added systemd unit file file redis-sentinel - the unit file uses the same multiple instance mechanism as the normal redis unit file systemctl start redis-sentinel@default will look for /etc/redis/sentinel-default.conf and expects a pid file /var/run/redis/sentinel-default.pid Please make sure your sentinel config sets the pid file. - adapted the default sentinel.conf.example to set the pid file and the log file similar to the normal redis.conf: /var/log/redis/sentinel-<instancename>.log /var/run/redis/sentinel-<instancename>.pid The unit file checks for the pid file so please adapt your local sentinel configs. - adapt and restructure README.SUSE - move the LimitNoFile to the service file itself so the user do not have to manually do that step for every instance - move the apache integration into its own section - add section for redis-sentinel - install sentinel example config with group write permissions to indicate that the actually config needs to be writable. - Update to 4.0.11 * https://raw.githubusercontent.com/antirez/redis/4.0.11/00-RELEASENOTES * The disconnection time between the master and slave was reset in an incorrect place, sometimes a good slave will not be able to failover because it claims it was disconnected for too much time from the master. * A replication bug, rare to trigger but non impossible, is in Redis for years. It was lately discovered at Redis Labs and fixed by Oran Agra. It may cause disconnections, desynchronizations and other issues. * RANDOMKEY may go in infinite loop on rare situations. Now fixed. * EXISTS now works in a more consistent way on slaves. * Sentinel: backport of an option to deny a potential security problem when the SENTINEL command is used to configure an arbitrary script to execute. redis-4.0.14-bp151.3.3.1.src.rpm redis-4.0.14-bp151.3.3.1.x86_64.rpm redis-4.0.14-bp151.3.3.1.aarch64.rpm redis-4.0.14-bp151.3.3.1.ppc64le.rpm redis-4.0.14-bp151.3.3.1.s390x.rpm openSUSE-2020-604 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 81.0.4044.129 (boo#1170107): - CVE-2020-0561: Fixed a use after free in storage - CVE-2020-6462: Fixed a use after free in task scheduling - CVE-2020-6459: Fixed a use after free in payments - CVE-2020-6460: Fixed an insufficient data validation in URL formatting - CVE-2020-6458: Fixed an out of bounds read and write in PDFium chromedriver-81.0.4044.129-bp151.3.75.1.x86_64.rpm chromedriver-debuginfo-81.0.4044.129-bp151.3.75.1.x86_64.rpm chromium-81.0.4044.129-bp151.3.75.1.src.rpm chromium-81.0.4044.129-bp151.3.75.1.x86_64.rpm chromium-debuginfo-81.0.4044.129-bp151.3.75.1.x86_64.rpm chromium-debugsource-81.0.4044.129-bp151.3.75.1.x86_64.rpm openSUSE-2020-551 moderate openSUSE Backports SLE-15-SP1 Update Otrs was updated to 5.0.42, fixing lots of bugs and security issues: https://community.otrs.com/otrs-community-edition-5s-patch-level-42/ - CVE-2020-1773 boo#1168029 OSA-2020-10: * Session / Password / Password token leak An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. - CVE-2020-1772 boo#1168029 OSA-2020-09: * Information Disclosure It’s possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. - CVE-2020-1771 boo#1168030 OSA-2020-08: * Possible XSS in Customer user address book Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. - CVE-2020-1770 boo#1168031 OSA-2020-07: * Information disclosure in support bundle files Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. - CVE-2020-1769 boo#1168032 OSA-2020-06: * Autocomplete in the form login screens In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. Update to 5.0.41 https://community.otrs.com/otrs-community-edition-5s-patch-level-41/ * bug#14912 - Installer refers to non-existing documentation - added code to upgrade OTRS from 4 to 5 READ UPGRADING.SUSE * steps 1 to 4 are done by rpm pkg * steps 5 to *END* need to be done manually cause of DB backup Update to 5.0.40 https://community.otrs.com/otrs-community-edition-5s-patch-level-40/ - CVE-2020-1766 boo#1160663 OSA-2020-02: Improper handling of uploaded inline images Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. * CVE-2020-1765, OSA-2020-01: Spoofing of From field in several screens An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound * run bin/otrs.Console.pl Maint::Config::Rebuild after the upgrade - Update 5.0.39 https://community.otrs.com/otrs-community-edition-5s-patch-level-39/ * CVE-2019-18180 boo#1157001 OSA-2019-15: Denial of service OTRS can be put into an endless loop by providing filenames with overly long extensions. This applies to the PostMaster (sending in email) and also upload (attaching files to mails, for example). * CVE-2019-18179 OSA-2019-14: Information Disclosure An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, which are in the queue where attacker doesn’t have permissions. Update to 5.0.38 https://community.otrs.com/release-notes-otrs-5s-patch-level-38/ * CVE-2019-16375, boo#1156431 OSA-2019-13: Stored XXS An attacker who is logged into OTRS as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent compose an answer to the original article. Update to 5.0.37 https://community.otrs.com/release-notes-otrs-5s-patch-level-37/ * CVE-2019-13458, boo#1141432, OSA-2019-12: Information Disclosure An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS tags in templates in order to disclose hashed user passwords. * CVE-2019-13457, boo#1141431, OSA-2019-11: Information Disclosure A customer user can use the search results to disclose information from their “company” tickets (with the same CustomerID), even when CustomerDisableCompanyTicketAccess setting is turned on. * CVE-2019-12746, boo#1141430, OSA-2019-10: Session ID Disclosure A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then potentially abused in order to impersonate the agent user. Update to 5.0.36 https://community.otrs.com/release-notes-otrs-5s-patch-level-36/ * CVE-2019-12497, boo#1137614, OSA-2019-09: Information Disclosure In the customer or external frontend, personal information of agents can be disclosed like Name and mail address in external notes. * CVE-2019-12248, boo#1137615, OSA-2019-08: Loading External Image Resources An attacker could send a malicious email to an OTRS system. If a logged in agent user quotes it, the email could cause the browser to load external image resources. Update to 5.0.35 https://community.otrs.com/release-notes-otrs-5s-patch-level-35/ * CVE-2019-10067, boo#1139406, OSA-2019-05: Reflected and Stored XSS An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS. * CVE-2019-9892, boo#1139406, OSA-2019-04: XXE Processing An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files of OTRS filesystem. - update missing CVE for OSA-2018-10, OSA-2019-01 Update to 5.0.34 * https://community.otrs.com/release-notes-otrs-5s-patch-level-34/ * CVE-2019-9752, boo#1122560, OSA-2019-01: Stored XSS An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. Update to 5.0.33 * https://community.otrs.com/release-notes-otrs-5s-patch-level-33/ Update to 5.0.26 * https://www.otrs.com/release-notes-otrs-5s-patch-level-26 * https://www.otrs.com/release-notes-otrsitsm-module-5s-patch-level-26/ - remove obsolete * otrs-scheduler.service * otrs-scheduler.init otrs-5.0.42-bp151.3.3.1.noarch.rpm otrs-5.0.42-bp151.3.3.1.src.rpm otrs-doc-5.0.42-bp151.3.3.1.noarch.rpm otrs-itsm-5.0.42-bp151.3.3.1.noarch.rpm openSUSE-2020-562 moderate openSUSE Backports SLE-15-SP1 Update This update for vlc fixes the following issues: vlc was updated to version 3.0.9.2: + Misc: Properly bump the version in configure.ac. Changes from version 3.0.9.1: + Misc: Fix VLSub returning 401 for earch request. Changes from version 3.0.9: + Core: Work around busy looping when playing an invalid item through VLM. + Access: * Multiple dvdread and dvdnav crashs fixes * Fixed DVD glitches on clip change * Fixed dvdread commands/data sequence inversion in some cases causing unwanted glitches * Better handling of authored as corrupted DVD * Added libsmb2 support for SMB2/3 shares + Demux: * Fix TTML entities not passed to decoder * Fixed some WebVTT styling tags being not applied * Misc raw H264/HEVC frame rate fixes * Fix adaptive regression on TS format change (mostly HLS) * Fixed MP4 regression with twos/sowt PCM audio * Fixed some MP4 raw quicktime and ms-PCM audio * Fixed MP4 interlacing handling * Multiple adaptive stack (DASH/HLS/Smooth) fixes * Enabled Live seeking for HLS * Fixed seeking in some cases for HLS * Improved Live playback for Smooth and DASH * Fixed adaptive unwanted end of stream in some cases * Faster adaptive start and new buffering control options + Packetizers: * Fixes H264/HEVC incomplete draining in some cases * packetizer_helper: Fix potential trailing junk on last packet * Added missing drain in packetizers that was causing missing last frame or audio * Improved check to prevent fLAC synchronization drops + Decoder: * avcodec: revector video decoder to fix incomplete drain * spudec: implemented palette updates, fixing missing subtitles on some DVD * Fixed WebVTT CSS styling not being applied on Windows/macOS * Fixed Hebrew teletext pages support in zvbi * Fixed Dav1d aborting decoding on corrupted picture * Extract and display of all CEA708 subtitles * Update libfaad to 2.9.1 * Add DXVA support for VP9 Profile 2 (10 bits) * Mediacodec aspect ratio with Amazon devices + Audio output: * Added support for iOS audiounit audio above 48KHz * Added support for amem audio up to 384KHz + Video output: * Fix for opengl glitches in some drivers * Fix GMA950 opengl support on macOS * YUV to RGB StretchRect fixes with NVIDIA drivers * Use libpacebo new tone mapping desaturation algorithm + Text renderer: * Fix crashes on macOS with SSA/ASS subtitles containing emoji * Fixed unwanted growing background in Freetype rendering and Y padding + Mux: Fixed some YUV mappings + Service Discovery: Update libmicrodns to 0.1.2. + Misc: * Update YouTube, SoundCloud and Vocaroo scripts: this restores playback of YouTube URLs. * Add missing .wpl & .zpl file associations on Windows * Improved chromecast audio quality Update to version 3.0.8 'vetinari': + Fix stuttering for low framerate videos + Improve adaptive streaming + Improve audio output for external audio devices on macOS/iOS + Fix hardware acceleration with Direct3D11 for some AMD drivers + Fix WebVTT subtitles rendering + Vetinari is a major release changing a lot in the media engine of VLC. It is one of the largest release we've ever done. Notably, it: - activates hardware decoding on all platforms, of H.264 & H.265, 8 & 10bits, allowing 4K60 or even 8K decoding with little CPU consumption, - merges all the code from the mobile ports into the same codebase with common numbering and releases, - supports 360 video and 3D audio, and prepares for VR content, - supports direct HDR and HDR tone-mapping, - updates the audio passthrough for HD Audio codecs, - allows browsing of local network drives like SMB, FTP, SFTP, NFS... - stores the passwords securely, - brings a new subtitle rendering engine, supporting ComplexTextLayout and font fallback to support multiple languages and fonts, - supports ChromeCast with the new renderer framework, - adds support for numerous new formats and codecs, including WebVTT, AV1, TTML, HQX, 708, Cineform, and many more, - improves Bluray support with Java menus, aka BD-J, - updates the macOS interface with major cleaning and improvements, - support HiDPI UI on Windows, with the switch to Qt5, - prepares the experimental support for Wayland on Linux, and switches to OpenGL by default on Linux. + Security fixes included: * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) * Fix a read buffer overflow in the FAAD decoder * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) * Fix a use after free in the ASF demuxer (CVE-2019-14533) * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) * Fix a null dereference in the dvdnav demuxer * Fix a null dereference in the ASF demuxer (CVE-2019-14534) * Fix a null dereference in the AVI demuxer * Fix a division by zero in the CAF demuxer (CVE-2019-14498) * Fix a division by zero in the ASF demuxer (CVE-2019-14535) - Disbale mod-plug for the time being: libmodplug 0.8.9 is not yet available. - Disable SDL_image (SDL 1.2) based codec. It is only a wrapper around some image loading libraries (libpng, libjpeg, ...) which are either wrapped by vlc itself (libpng_plugin.so) or via libavcodec (libavcodec_plugin.so). This update was imported from the openSUSE:Leap:15.1:Update update project. libvlc5-3.0.9.2-bp151.5.6.1.x86_64.rpm libvlccore9-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-3.0.9.2-bp151.5.6.1.src.rpm vlc-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-codec-gstreamer-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-devel-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-jack-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-lang-3.0.9.2-bp151.5.6.1.noarch.rpm vlc-noX-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-opencv-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-qt-3.0.9.2-bp151.5.6.1.x86_64.rpm vlc-vdpau-3.0.9.2-bp151.5.6.1.x86_64.rpm openSUSE-2020-560 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: Update to version 0.6.9 * BugFixes: + Fixed playlist metadata updating interfering with manual tag editing. + Fixed order of tabs in all windows. + Fixed playlist right click using wrong songs for determining menu options when playlist was filtered. + Fixed possible crashes on playlist right click. + Fixed possible null pointer crash in OSD pretty. + Fixed track and title in playlist not being movable. + Fixed Subsonic support to handle numeric Json values like track and disc both as strings and integers. + Fixed Subsonic compatibility with LMS (Lightweight Music Server). + Disabled "open Audio CD" from menu on Windows where CD support is currently not supported. + Fixed files containing "MAC" being detected as Monkey's Audio. * Enhancements: + Improved support for High DPI displays. + Added CMake check for backtrace() to fix compilation with musl libc. + Made album cover in context adjust to width. + Made settings, cover manager, organise dialog and transcode music dialog center on the same display where the mainwindow is located. + Removing empty directories when organizing music. + Made file selection work in "Show file in browser" for Dolphin and Nautilus. + Implemented disk caching of album thumbnails in collection tree. + Use a shorter playlist name when songs are added from file view. + Disabled optical drives in copy to device menu. + Added better error handling for CDDA loading. + Added Polish, Hungarian and Korean translations. * Removed features: + Chartlyrics support (Unstable API). + Tidal support (No agreement). + QObuz support (No agreement). This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.9-bp151.2.14.1.src.rpm strawberry-0.6.9-bp151.2.14.1.x86_64.rpm openSUSE-2020-563 moderate openSUSE Backports SLE-15-SP1 Update This update for teeworlds to version 0.7.5 fixes the following issues: Security issues fixed: - CVE-2020-12066: Fixed a denial of service against the server (boo#1170252) - CVE-2019-20787: Fixed an integer overflow when computing a tilemap size (boo#1170253) Non-security issues fixed: - multiple smaller bug fixes and improvements. This update was imported from the openSUSE:Leap:15.1:Update update project. teeworlds-0.7.5-bp151.2.6.1.src.rpm teeworlds-0.7.5-bp151.2.6.1.x86_64.rpm teeworlds-0.7.5-bp151.2.6.1.aarch64.rpm teeworlds-0.7.5-bp151.2.6.1.ppc64le.rpm teeworlds-0.7.5-bp151.2.6.1.s390x.rpm openSUSE-2020-565 important openSUSE Backports SLE-15-SP1 Update This update for cacti, cacti-spine to version 1.2.11 fixes the following issues: This update is fixing multiple vulnerabilities and adding bug fixes. For more details consult the changes file. This update was imported from the openSUSE:Leap:15.1:Update update project. cacti-spine-1.2.11-bp151.4.6.1.src.rpm cacti-spine-1.2.11-bp151.4.6.1.x86_64.rpm cacti-spine-debuginfo-1.2.11-bp151.4.6.1.x86_64.rpm cacti-spine-debugsource-1.2.11-bp151.4.6.1.x86_64.rpm cacti-1.2.11-bp151.4.6.1.noarch.rpm cacti-1.2.11-bp151.4.6.1.src.rpm cacti-spine-1.2.11-bp151.4.6.1.aarch64.rpm cacti-spine-debuginfo-1.2.11-bp151.4.6.1.aarch64.rpm cacti-spine-debugsource-1.2.11-bp151.4.6.1.aarch64.rpm cacti-spine-1.2.11-bp151.4.6.1.ppc64le.rpm cacti-spine-debuginfo-1.2.11-bp151.4.6.1.ppc64le.rpm cacti-spine-debugsource-1.2.11-bp151.4.6.1.ppc64le.rpm cacti-spine-1.2.11-bp151.4.6.1.s390x.rpm cacti-spine-debuginfo-1.2.11-bp151.4.6.1.s390x.rpm cacti-spine-debugsource-1.2.11-bp151.4.6.1.s390x.rpm openSUSE-2020-566 critical openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 81.0.4044.113 (boo#1169729): - CVE-2020-6457: Fixed a use after free in speech recognizer This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-81.0.4044.113-bp151.3.70.1.x86_64.rpm chromium-81.0.4044.113-bp151.3.70.1.src.rpm chromium-81.0.4044.113-bp151.3.70.1.x86_64.rpm chromedriver-81.0.4044.113-bp151.3.70.1.aarch64.rpm chromium-81.0.4044.113-bp151.3.70.1.aarch64.rpm openSUSE-2020-609 low openSUSE Backports SLE-15-SP1 Update This update for python-typed-ast fixes the following issues: python-typed-ast was reverted to version 1.3.1 because it broke another package (bsc#1163532). Security issues fixed: - CVE-2019-19274: Fixed an out-of-bounds read (bsc#1161562). - CVE-2019-19275: Fixed an out-of-bounds read (bsc#1161563). This update was imported from the openSUSE:Leap:15.1:Update update project. python-typed-ast-1.3.1-bp151.2.6.1.src.rpm python3-typed-ast-1.3.1-bp151.2.6.1.x86_64.rpm python3-typed-ast-1.3.1-bp151.2.6.1.aarch64.rpm python3-typed-ast-1.3.1-bp151.2.6.1.ppc64le.rpm python3-typed-ast-1.3.1-bp151.2.6.1.s390x.rpm openSUSE-2020-610 moderate openSUSE Backports SLE-15-SP1 Update This update for inxi fixes the following issues: inxi was update to version 3.1.00: * See /usr/share/doc/packages/inxi/inxi.changelog This update was imported from the openSUSE:Leap:15.1:Update update project. inxi-3.1.00-bp151.4.6.1.noarch.rpm inxi-3.1.00-bp151.4.6.1.src.rpm openSUSE-2020-611 moderate openSUSE Backports SLE-15-SP1 Update This update for sar2 fixes the following issues: Update to version 2.4.0: * Improvements to the Joystick system, adding new Rudder+Brakes mode, moving to libSDL2 and cleaning up unused menu settings. * Fix lagging when aircraft is landed. * Honor wheel brake coefficient. This update was imported from the openSUSE:Leap:15.1:Update update project. sar2-2.4.0-bp151.4.3.1.src.rpm sar2-2.4.0-bp151.4.3.1.x86_64.rpm sar2-data-2.4.0-bp151.4.3.1.noarch.rpm sar2-2.4.0-bp151.4.3.1.aarch64.rpm sar2-2.4.0-bp151.4.3.1.ppc64le.rpm sar2-2.4.0-bp151.4.3.1.s390x.rpm openSUSE-2020-615 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 81.0.4044.129 (boo#1170107): - CVE-2020-0561: Fixed a use after free in storage - CVE-2020-6462: Fixed a use after free in task scheduling - CVE-2020-6459: Fixed a use after free in payments - CVE-2020-6460: Fixed an insufficient data validation in URL formatting - CVE-2020-6458: Fixed an out of bounds read and write in PDFium This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-81.0.4044.129-bp151.3.79.1.x86_64.rpm chromium-81.0.4044.129-bp151.3.79.1.src.rpm chromium-81.0.4044.129-bp151.3.79.1.x86_64.rpm chromedriver-81.0.4044.129-bp151.3.79.1.aarch64.rpm chromium-81.0.4044.129-bp151.3.79.1.aarch64.rpm openSUSE-2020-612 important openSUSE Backports SLE-15-SP1 Update This update for sqliteodbc fixes the following issues: Security issue fixed: - CVE-2020-12050: Fixed a privilege escalation vulnerability (boo#1171041). Non-security issues fixed: - Update to version 0.9996 * update to SQLite 3.22.0 * fixes in handling DDL in SQLExecDirect() et.al., thanks Andre Mikulec for testing * cleanup utf8/unicode conversion functions sqliteodbc-0.9996-bp151.4.3.1.src.rpm sqliteodbc-0.9996-bp151.4.3.1.x86_64.rpm sqliteodbc-doc-0.9996-bp151.4.3.1.x86_64.rpm sqliteodbc-0.9996-bp151.4.3.1.aarch64.rpm sqliteodbc-doc-0.9996-bp151.4.3.1.aarch64.rpm sqliteodbc-0.9996-bp151.4.3.1.ppc64le.rpm sqliteodbc-doc-0.9996-bp151.4.3.1.ppc64le.rpm sqliteodbc-0.9996-bp151.4.3.1.s390x.rpm sqliteodbc-doc-0.9996-bp151.4.3.1.s390x.rpm openSUSE-2020-614 low openSUSE Backports SLE-15-SP1 Update This update fixes the following issues: New python-pytest versions are provided. In Basesystem: - python3-pexpect: updated to 4.8.0 - python3-py: updated to 1.8.1 - python3-zipp: shipped as dependency in version 0.6.0 In Python2: - python2-pexpect: updated to 4.8.0 - python2-py: updated to 1.8.1 This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-filelock-3.0.12-bp151.2.3.1.src.rpm python2-filelock-3.0.12-bp151.2.3.1.noarch.rpm python3-filelock-3.0.12-bp151.2.3.1.noarch.rpm python-pytest-isort-0.3.1-bp151.2.3.1.src.rpm python2-pytest-isort-0.3.1-bp151.2.3.1.noarch.rpm python3-pytest-isort-0.3.1-bp151.2.3.1.noarch.rpm python-pytest-localserver-0.5.0-bp151.2.3.1.src.rpm python2-pytest-localserver-0.5.0-bp151.2.3.1.noarch.rpm python3-pytest-localserver-0.5.0-bp151.2.3.1.noarch.rpm python-pytest-3.10.1-bp151.2.3.1.src.rpm python2-pytest-3.10.1-bp151.2.3.1.noarch.rpm python3-pytest-3.10.1-bp151.2.3.1.noarch.rpm python-pytest-test-3.10.1-bp151.2.3.1.src.rpm python-wcwidth-0.1.8-bp151.4.3.1.src.rpm python2-wcwidth-0.1.8-bp151.4.3.1.noarch.rpm python3-wcwidth-0.1.8-bp151.4.3.1.noarch.rpm openSUSE-2020-644 moderate openSUSE Backports SLE-15-SP1 Update This update for mailman fixes the following issues: - Fix rights and ownership on /var/lib/mailman/archives (boo#1167068) This update was imported from the openSUSE:Leap:15.1:Update update project. mailman-2.1.29-bp151.5.6.1.src.rpm mailman-2.1.29-bp151.5.6.1.x86_64.rpm mailman-2.1.29-bp151.5.6.1.aarch64.rpm mailman-2.1.29-bp151.5.6.1.ppc64le.rpm mailman-2.1.29-bp151.5.6.1.s390x.rpm openSUSE-2020-648 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 81.0.4044.138 (boo#1171247): - CVE-2020-6831: Stack buffer overflow in SCTP - CVE-2020-6464: Type Confusion in Blink This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-81.0.4044.138-bp151.3.82.2.x86_64.rpm chromium-81.0.4044.138-bp151.3.82.2.src.rpm chromium-81.0.4044.138-bp151.3.82.2.x86_64.rpm openSUSE-2020-654 moderate openSUSE Backports SLE-15-SP1 Update This update for cacti, cacti-spine fixes the following issues: cacti-spine and cacti were updated to 1.2.12: cacti fixes: * CVE-2020-7106: Lack of escaping of color items can lead to XSS exposure (boo#1163749) * Fix multiple graphing bugs and web UI issues * Fix multiple warnings, PHP Exceptions and errors * Content-Security-Policy prevents External Links from being opened * Prevent runtime memory issues by increasing memory limit * Improve SNMPv3 handling cacti-spine fixes: * Failed host lookup causes spine to crash cacti-spine-1.2.12-bp151.4.9.1.src.rpm cacti-spine-1.2.12-bp151.4.9.1.x86_64.rpm cacti-1.2.12-bp151.4.9.1.noarch.rpm cacti-1.2.12-bp151.4.9.1.src.rpm cacti-spine-1.2.12-bp151.4.9.1.aarch64.rpm cacti-spine-1.2.12-bp151.4.9.1.ppc64le.rpm cacti-spine-1.2.12-bp151.4.9.1.s390x.rpm openSUSE-2020-655 moderate openSUSE Backports SLE-15-SP1 Update This update for cluster-glue fixes the following issues: - Fix for profile parameter handling EC2 stonith plugin to avoid possible cluster resource failures. (bsc#1169784) - Fix for handling in 'stonith' command by creating '/var/run/heartbeat/rsctmp' directory. (bsc#1131545) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. cluster-glue-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.src.rpm cluster-glue-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.x86_64.rpm libglue-devel-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.x86_64.rpm libglue2-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.x86_64.rpm cluster-glue-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.aarch64.rpm libglue-devel-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.aarch64.rpm libglue-devel-64bit-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.aarch64_ilp32.rpm libglue2-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.aarch64.rpm libglue2-64bit-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.aarch64_ilp32.rpm cluster-glue-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.ppc64le.rpm libglue-devel-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.ppc64le.rpm libglue2-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.ppc64le.rpm cluster-glue-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.s390x.rpm libglue-devel-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.s390x.rpm libglue2-1.0.12+v1.git.1587474580.a5fda2bc-bp151.2.6.1.s390x.rpm openSUSE-2020-666 moderate openSUSE Backports SLE-15-SP1 Update This update for paraview fixes the following issues: Update to version 5.6.3 (boo#1171061): * Bug-fix release: No changelog available from upstream. Changes from version 5.6.1: * See https://blog.kitware.com/paraview-5-6-1-release-notes/ This update was imported from the openSUSE:Leap:15.1:Update update project. paraview-5.6.3-bp151.3.3.1.src.rpm paraview-5.6.3-bp151.3.3.1.x86_64.rpm paraview-devel-5.6.3-bp151.3.3.1.x86_64.rpm paraview-5.6.3-bp151.3.3.1.ppc64le.rpm paraview-devel-5.6.3-bp151.3.3.1.ppc64le.rpm paraview-5.6.3-bp151.3.3.1.s390x.rpm paraview-devel-5.6.3-bp151.3.3.1.s390x.rpm openSUSE-2020-656 moderate openSUSE Backports SLE-15-SP1 Update This update for python-markdown2 fixes the following issues: - CVE-2020-11888: Fixed unsanitized input for cross-site scripting (boo#1171379) This update was imported from the openSUSE:Leap:15.1:Update update project. python-markdown2-2.3.7-bp151.2.3.1.src.rpm python2-markdown2-2.3.7-bp151.2.3.1.noarch.rpm python3-markdown2-2.3.7-bp151.2.3.1.noarch.rpm openSUSE-2020-770 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: strawberry was updated to version 0.6.10: * Bugfixes: + Fixed Subsonic album covers not working for albums with non ASCII charcters. + Fixed reading date and genre from individual tracks in CUE sheets. + Fixed resume playback on startup for CUE songs. + Fixed album cover manager not showing complete album titles in the list of album covers. + Fixed save album cover to file saving "no cover" image instead of actual album cover. + Fixed device state text color in devices not being visible when using a dark theme. + Fixed engine and device in context using too large icons when icons were loaded from the system theme. + Fixed "Secure connection setup failed" problem on Windows when playing streams. + Fixed margin for song title text in context. + Fixed UNC paths with non ASCII charcters not working. * Enhancements: + Allowing all characters except slash and backslash when organising music unless options to strip characters is checked. + New option in organising music to remove problematic filename characters that removes less characters than the FAT option. + General improvements to the album cover loader and album cover providers code. + Fixed loading album cover images from album directory for songs added to the playlist from outside of the collection. + Made automatic album cover search work for songs outside of the collection and for streams. + Made album cover search work based on artist + title if album title is not present for providers supporting song/track search. + Update art manual in playlist for local files, devices and CDDA to avoid loading covers multiple times. + Made lyrics search work for streams. + Added "add stream" to menu. + Only showing song length in context when available. + Sort album cover search results by score and pick the best 3 first before trying others to improve album cover search speed. + Make scrobbler work for streams. + Added search for lyrics as a seperate option in context. + Made font and font sizes in context configurable. + Splitting artist and song title to the relevant metadata when artist and song title is sent as title seperated by a dash in streams. + Added label to show collection pixmap disk cache used in settings. + Icreased default collection pixmap disk cache to 360. * New features: + Added back Tidal streaming support. + Added Qobuz album cover provider. * Removed features: + Removed Phonon engine support. This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.10-bp151.2.17.11.src.rpm strawberry-0.6.10-bp151.2.17.11.x86_64.rpm openSUSE-2020-726 moderate openSUSE Backports SLE-15-SP1 Update This update for paho-mqtt-c fixes the following issues: - Initial packaging of paho-mqtt-c v1.3.1 for opensuse leap 15.1 [jsc#ECO-1126] libpaho-mqtt-devel-1.3.1-bp151.2.1.x86_64.rpm libpaho-mqtt-devel-debuginfo-1.3.1-bp151.2.1.x86_64.rpm libpaho-mqtt1-1.3.1-bp151.2.1.x86_64.rpm libpaho-mqtt1-debuginfo-1.3.1-bp151.2.1.x86_64.rpm paho-mqtt-c-1.3.1-bp151.2.1.src.rpm paho-mqtt-c-debuginfo-1.3.1-bp151.2.1.x86_64.rpm paho-mqtt-c-debugsource-1.3.1-bp151.2.1.x86_64.rpm libpaho-mqtt-devel-1.3.1-bp151.2.1.aarch64.rpm libpaho-mqtt-devel-debuginfo-1.3.1-bp151.2.1.aarch64.rpm libpaho-mqtt1-1.3.1-bp151.2.1.aarch64.rpm libpaho-mqtt1-debuginfo-1.3.1-bp151.2.1.aarch64.rpm paho-mqtt-c-debuginfo-1.3.1-bp151.2.1.aarch64.rpm paho-mqtt-c-debugsource-1.3.1-bp151.2.1.aarch64.rpm libpaho-mqtt-devel-1.3.1-bp151.2.1.ppc64le.rpm libpaho-mqtt-devel-debuginfo-1.3.1-bp151.2.1.ppc64le.rpm libpaho-mqtt1-1.3.1-bp151.2.1.ppc64le.rpm libpaho-mqtt1-debuginfo-1.3.1-bp151.2.1.ppc64le.rpm paho-mqtt-c-debuginfo-1.3.1-bp151.2.1.ppc64le.rpm paho-mqtt-c-debugsource-1.3.1-bp151.2.1.ppc64le.rpm libpaho-mqtt-devel-1.3.1-bp151.2.1.s390x.rpm libpaho-mqtt-devel-debuginfo-1.3.1-bp151.2.1.s390x.rpm libpaho-mqtt1-1.3.1-bp151.2.1.s390x.rpm libpaho-mqtt1-debuginfo-1.3.1-bp151.2.1.s390x.rpm paho-mqtt-c-debuginfo-1.3.1-bp151.2.1.s390x.rpm paho-mqtt-c-debugsource-1.3.1-bp151.2.1.s390x.rpm openSUSE-2020-668 moderate openSUSE Backports SLE-15-SP1 Update This update for nextcloud to 18.0.4 fixes the following issues: Security issues fixed: - CVE-2020-8154: Fixed an XSS vulnerability when opening malicious PDFs (NC-SA-2020-018 boo#1171579). - CVE-2020-8155: Fixed a direct object reference vulnerability that allowed attackers to remotely wipe devices of other users (NC-SA-2020-019 boo#1171572). nextcloud-18.0.4-bp151.3.9.1.noarch.rpm nextcloud-18.0.4-bp151.3.9.1.src.rpm openSUSE-2020-699 moderate openSUSE Backports SLE-15-SP1 Update This update for konqueror fixes the following issues: - Fixed konqueror to not open a window if it is closed and started a second time (boo#1075663, kde#388333) konqueror-18.12.3-bp151.3.3.1.src.rpm konqueror-18.12.3-bp151.3.3.1.x86_64.rpm konqueror-devel-18.12.3-bp151.3.3.1.x86_64.rpm konqueror-lang-18.12.3-bp151.3.3.1.noarch.rpm konqueror-plugins-18.12.3-bp151.3.3.1.x86_64.rpm webenginepart-18.12.3-bp151.3.3.1.x86_64.rpm konqueror-18.12.3-bp151.3.3.1.aarch64.rpm konqueror-devel-18.12.3-bp151.3.3.1.aarch64.rpm konqueror-plugins-18.12.3-bp151.3.3.1.aarch64.rpm webenginepart-18.12.3-bp151.3.3.1.aarch64.rpm openSUSE-2020-698 moderate openSUSE Backports SLE-15-SP1 Update This update for pdns-recursor fixes the following issues: - update to 4.1.16 * fixes an issue where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated (CVE-2020-12244, boo#1171553) * fixes an issue where invalid hostname on the server can result in disclosure of invalid memory (CVE-2020-10030, boo#1171553) * fixes an issue in the DNS protocol has been found that allows malicious parties to use recursive DNS services to attack third party authoritative name servers (CVE-2020-10995, boo#1171553) For details see https://doc.powerdns.com/recursor/changelog/4.1.html#change-4.1.16 pdns-recursor-4.1.12-bp151.4.3.1.src.rpm pdns-recursor-4.1.12-bp151.4.3.1.x86_64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.3.1.x86_64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.3.1.x86_64.rpm pdns-recursor-4.1.12-bp151.4.3.1.aarch64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.3.1.aarch64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.3.1.aarch64.rpm pdns-recursor-4.1.12-bp151.4.3.1.ppc64le.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.3.1.ppc64le.rpm pdns-recursor-debugsource-4.1.12-bp151.4.3.1.ppc64le.rpm pdns-recursor-4.1.12-bp151.4.3.1.s390x.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.3.1.s390x.rpm pdns-recursor-debugsource-4.1.12-bp151.4.3.1.s390x.rpm openSUSE-2020-750 moderate openSUSE Backports SLE-15-SP1 Update This update for kdegraphics-thumbnailers fixes the following issues: - Fixed thumbnail.so processes not quitting after generating thumbnails for PS/PDF files (boo#1172215, kde#404652) kdegraphics-thumbnailers-18.12.3-bp151.3.3.1.src.rpm kdegraphics-thumbnailers-18.12.3-bp151.3.3.1.x86_64.rpm kdegraphics-thumbnailers-debuginfo-18.12.3-bp151.3.3.1.x86_64.rpm kdegraphics-thumbnailers-debugsource-18.12.3-bp151.3.3.1.x86_64.rpm openSUSE-2020-751 moderate openSUSE Backports SLE-15-SP1 Update This update for ksystemlog fixes the following issues: - Fixed a possible crash when closing the window: (boo#1164633, kde#409375) ksystemlog-18.12.3-bp151.3.3.1.src.rpm ksystemlog-18.12.3-bp151.3.3.1.x86_64.rpm ksystemlog-debuginfo-18.12.3-bp151.3.3.1.x86_64.rpm ksystemlog-debugsource-18.12.3-bp151.3.3.1.x86_64.rpm ksystemlog-lang-18.12.3-bp151.3.3.1.noarch.rpm ksystemlog-18.12.3-bp151.3.3.1.aarch64.rpm ksystemlog-debuginfo-18.12.3-bp151.3.3.1.aarch64.rpm ksystemlog-debugsource-18.12.3-bp151.3.3.1.aarch64.rpm ksystemlog-18.12.3-bp151.3.3.1.ppc64le.rpm ksystemlog-debuginfo-18.12.3-bp151.3.3.1.ppc64le.rpm ksystemlog-debugsource-18.12.3-bp151.3.3.1.ppc64le.rpm ksystemlog-18.12.3-bp151.3.3.1.s390x.rpm ksystemlog-debuginfo-18.12.3-bp151.3.3.1.s390x.rpm ksystemlog-debugsource-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-824 moderate openSUSE Backports SLE-15-SP1 Update This update for texworks fixes the following issues: - Update to version 0.6.5 (boo#1172296): * Fix text selection handling when moving the mouse. * Fix auto-reloading of TeX documents that were changed outside TeXworks. * Updated translations. - Changes from version 0.6.4: * Add shortcut (Ctrl+Shift+J) to invoke SyncTeX at the cursor position. * Make shortcuts for autocompletion configurable. * Make "Auto-Follow Focus" configurable in the preferences. * Make editor line spacing customizable. * Make console output accessible by keyboard; among other thigs, this makes the console work with screen readers. * Migrate to a more powerful regular expressions engine (e.g. for finding and replacing). * Fix opening empty files. * Fix the highlighting of TeX commands that include non-ASCII characters. * Fix the auto-closing of PDFs with the associated TeXs. * Fix the PDF display on high-dpi screens like Retina displays. * Properly handle "&" for recent files menu. * Fix syntax highlighting in the "New from template" dialog. * Sort interface locales alphabetically in the preferences. * Don't show invalid PDF page sizes in the meta data dock. * Properly show the PDF file size in the meta data dock even for locked or invalid files. * Fix the conversion of Lua tables in Lua scripts. * Fix the installation of icons on *nix platforms. * Update libraries for pre-built binaries. * Modernize and restructure the code to improve quality, stability, maintainability, and the possibilities for future enhancements. * Improve unit tests and add automated testing on Windows; this ensures better code quality across all supported operating systems. * Discontinue Qt4 support. * Updated translations. - Adapt to changed location of icons: * Add BuildRequires: hicolor-icon-theme. * Update file list with new icon directory. - Update to version 0.6.3: * New features and improvements: - Implement "Insert Citations..." dialog - Implement indenting/unindenting by Tab/Shift+Tab - Make synchronization granularity configurable (highlight corresponding character, word, or line) - Add ability to distinguish identically named files by displaying the respective folders they are in in the window title, window menu, and under "Open Recent" - Implement "Fit to content width" PDF zoom (which ignores empty space around the text) - Disable unavailable typesetting engines - Allow to change the editor font size by Ctrl+Mousewheel - Improve the detection of spellchecking languages (add ability to search multiple directories and list all results) - Hide the menu bar in PDF full screen mode - Rework/expand code completion strings - Add/update syntax highlighting for LaTeX, ConTeXt, Lua, DTX, and BibTeX - Add cleanup-patterns for beamer files .nav & .snm - Add new/unified icons for typeset and zooming - Display paper size and file size in the PDF metadata * Bug fixes: - Fix infinite loop in syntax highlighter (which caused significant slow-down especially for large files) - Fix underline when spellchecking with syntax highlighting - Fix "Place on Left/Right", especially on multi-screen setups - Avoid 'file "" not found' errors when synchronizing - Fix synchronization while searching in a PDF - Fix fine-grained synchronization near paragraph boundaries - Fix the PDF copy menu command - Fix PDF text selection - Fix font color reset when searching and using stylesheets - Fix crashes when working with locked PDFs - Fix unexpected cursor movement when using a combination of backspace and up/down arrow keys (thanks to @mgkuhn) - Fix the font in the log parser output - Fix persistent magnifying glass - Remove unimplemented PDF menu items cut, paste, clear texworks-0.6.5-bp151.4.3.1.src.rpm texworks-0.6.5-bp151.4.3.1.x86_64.rpm texworks-plugin-lua-0.6.5-bp151.4.3.1.x86_64.rpm texworks-plugin-python-0.6.5-bp151.4.3.1.x86_64.rpm texworks-0.6.5-bp151.4.3.1.aarch64.rpm texworks-plugin-lua-0.6.5-bp151.4.3.1.aarch64.rpm texworks-plugin-python-0.6.5-bp151.4.3.1.aarch64.rpm texworks-0.6.5-bp151.4.3.1.ppc64le.rpm texworks-plugin-lua-0.6.5-bp151.4.3.1.ppc64le.rpm texworks-plugin-python-0.6.5-bp151.4.3.1.ppc64le.rpm texworks-0.6.5-bp151.4.3.1.s390x.rpm texworks-plugin-lua-0.6.5-bp151.4.3.1.s390x.rpm texworks-plugin-python-0.6.5-bp151.4.3.1.s390x.rpm openSUSE-2020-769 moderate openSUSE Backports SLE-15-SP1 Update This update for go1.10 fixes the following issues: - Add 'binutils-gold' as a dependency for arm and aarch64 architectures. (bsc#1170826) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. go1.10-1.10.8-bp151.2.3.1.src.rpm go1.10-1.10.8-bp151.2.3.1.x86_64.rpm go1.10-doc-1.10.8-bp151.2.3.1.x86_64.rpm go1.10-race-1.10.8-bp151.2.3.1.x86_64.rpm openSUSE-2020-768 moderate openSUSE Backports SLE-15-SP1 Update This update for go1.9 fixes the following issues: - Fix for bootstrap to work gcc other than gcc9 at armv7l. (bsc#974800) - Fix for build failures with gcc7. (bsc#1121397) - Set GOPATH automatically and removes go.sh and GOROOT, in order to make switching between versions no longer break. (bsc#1119634) - Fix for an issue in build when symlinks pointing to versions that were never installed at all. (bsc#1082409) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. go1.9-1.9.7-bp151.2.3.1.src.rpm go1.9-1.9.7-bp151.2.3.1.x86_64.rpm go1.9-doc-1.9.7-bp151.2.3.1.x86_64.rpm go1.9-race-1.9.7-bp151.2.3.1.x86_64.rpm openSUSE-2020-766 moderate openSUSE Backports SLE-15-SP1 Update This update for golang-packaging fixes the following issues: - Fix for an issue when go installation fails due missing permissions. (bsc#776058) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. golang-packaging-15.0.12-bp151.2.3.1.noarch.rpm golang-packaging-15.0.12-bp151.2.3.1.src.rpm openSUSE-2020-765 moderate openSUSE Backports SLE-15-SP1 Update This update for imapfilter fixes the following issues: Imapfilter was updated to version 2.6.16 including the following security issue: - CVE-2016-10937: Added Support for SSL hostname validation (boo#1149931). This update was imported from the openSUSE:Leap:15.1:Update update project. imapfilter-2.6.16-bp151.4.3.1.src.rpm imapfilter-2.6.16-bp151.4.3.1.x86_64.rpm imapfilter-2.6.16-bp151.4.3.1.aarch64.rpm imapfilter-2.6.16-bp151.4.3.1.ppc64le.rpm imapfilter-2.6.16-bp151.4.3.1.s390x.rpm openSUSE-2020-764 moderate openSUSE Backports SLE-15-SP1 Update This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug (boo#1171363). Non-security issue fixed: - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (boo#682920) This update was imported from the openSUSE:Leap:15.1:Update update project. mailman-2.1.29-bp151.5.9.1.src.rpm mailman-2.1.29-bp151.5.9.1.x86_64.rpm mailman-2.1.29-bp151.5.9.1.aarch64.rpm mailman-2.1.29-bp151.5.9.1.ppc64le.rpm mailman-2.1.29-bp151.5.9.1.s390x.rpm openSUSE-2020-767 moderate openSUSE Backports SLE-15-SP1 Update This update for ocr fixes the following issues: - Enable openmpi3 build for all SLE versions. (bsc#1171636) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. ocr-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.6.1.x86_64.rpm ocr-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.6.1.x86_64.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.6.1.aarch64.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.6.1.aarch64.rpm ocr-gnu-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr-gnu-mpich-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mpich-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mpich-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mpich-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-mpich-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mpich-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr-gnu-mvapich2-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr-gnu-openmpi2-hpc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.6.1.noarch.rpm ocr-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.6.1.noarch.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.6.1.src.rpm ocr_1_0_1-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.6.1.ppc64le.rpm ocr_1_0_1-gnu-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mpich-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-mvapich2-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi1-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi2-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-devel-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-doc-1.0.1-bp151.2.6.1.s390x.rpm ocr_1_0_1-gnu-openmpi3-hpc-examples-1.0.1-bp151.2.6.1.s390x.rpm openSUSE-2020-763 moderate openSUSE Backports SLE-15-SP1 Update This update for python-rpyc to 4.1.5 fixes the following issues: Security issue fixed: - CVE-2019-16328: Fixed a missing protocol security check that could have led to code execution (boo#1152987). This update was imported from the openSUSE:Leap:15.1:Update update project. python-rpyc-4.1.5-bp151.2.3.1.src.rpm python2-rpyc-4.1.5-bp151.2.3.1.noarch.rpm python3-rpyc-4.1.5-bp151.2.3.1.noarch.rpm python-rpyc-test-4.1.5-bp151.2.3.1.src.rpm openSUSE-2020-762 moderate openSUSE Backports SLE-15-SP1 Update This update for shorewall to 5.2.4.4 fixes the following issues: - Update to bugfix version 5.2.4.4 + When DYNAMIC_BLACKLIST=ipset... or when SAVE_IPSETS=Yes in shorewall[6].conf, 'shorewall[6] start' could hang. Fixed. + 'shorewall[6] start' would not automatically create dynamic blacklisting ipsets. That has been corrected. - Update to version 5.2.4.2 https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.4/releasenotes.txt - Update to version 5.2.4.1 + Fixes for openSUSE shorewall-init will now ignore 'start' and 'stop' commands, for running firewalls + Spurious messages have been removed - To fix boo#1166114 never restart shorewall-init.service macro service_del_postun is replaced by simpler systemd_postun - Remove conflict between main and lite package. A managing station need main to build configuration and can use -lite to execute it. Users are in charge of choosing which service has to be started and used. - Update to version 5.2.4 https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.4/releasenotes.txt + Previously, when a Shorewall6 firewall was placed into the 'stopped' state, ICMP6 packets required by RFC 4890 were not automatically accepted by the generated ruleset. Beginning with this release, those packets are automatically accepted. + Previously, the output of 'shorewall[6] help' displayed the superseded 'load' command. That text has been deleted. + The QOSExample.html file in the documentation and on the web site previously showed tcrules content for the /etc/shorewall/mangle file (recall that 'mangle' superseded 'tcrules'). That page has been corrected. + The 'Starting and Stopping' and 'Configuration file basics' documents have been updated to align them with the current product behavior. + The 'ipsets' document has been updated to clarify the use of ipsets in the stoppedrules file. - Packaging + shorewall-init package has a removed %service_del_postun macro to close bug boo#1166114 Restarting this service can lock down admin out of the system. + shorewall(6) and shorewall(6)-lite conflict has they shouldn't be installed together on the same system. - Add version to requires in -lite version - Update to minor bugfix version 5.2.3.7 + When DOCKER=Yes, if both the DOCKER-ISOLATE and DOCKER-ISOLATE-STAGE-1 existed then the DOCKER-ISOLATE-STAGE-* chains were not preserved through shorewall state changes. That has been corrected so that both chains are preserved if present. + Previously, the compiler always detected the OLD_CONNTRACK_MATCH capability as being available in IPv6. When OLD_CONNTRACK_MATCH was available, the compiler also mishandled inversion ('!') in the ORIGDEST columns, leading to an assertion failure. Both the incorrect capability detection and the mishandled inversion have been corrected. + During 'enable' processing, if address variables associated with the interface have values different than those when the firewall was last started/restarted/reloaded, then a 'reload' is performed rather than a simple 'enable'. The logic that checks for those changes was incorrect in some configurations, leading to unneeded reload operations. That has been corrected. + When MANGLE_ENABLED=No in shorewall[6].conf, some features requiring use of the mangle table can be allowed, even though the mangle table is not updated. That has been corrected such that use of such features will raise an error. + When the IfEvent(...,reset) action was invoked, the compiler previously emitted a spurious "Resetting..." message. That message has been suppressed. - Packaging + Introduce define conf_need_update to track when we activate the post update warning for users when there's minor or major version update of shorewall boo#1166114 - Update to bugfix minor 5.2.3.6 + Fix for possible start failure when both Docker containers and Libvirt VMs were in use. - Update to bugfix minor 5.2.3.5 + A typo in the FTP documentation has been corrected. + The recommended mss setting when using IPSec with ipcomp has been corrected. + A number of incorrect links in the manpages have been corrected. + The 'bypass' option is now allowed when specifying an NFQUEUE policy. Previously, specifying that option resulted in an error. + Corrected IPv6 Address Range parsing. + Previously, such ranges were required to be of the form [<addr1>-<addr2>] rather than the more standard form [<addr1>]-[<addr2>]. In the snat file (and in nat actions), the latter form was actually flagged as an error while in other contexts, it resulted in a less obvious error being raised. + The manpages have been updated to refer to https://shorewall.org rather than http://www.shorewall.org. - Refresh spec file - Update to bugfix minor 5.2.3.4 + Update release documents. + Correct handling of multi-queue NFQUEUE as a policy. + Correct handling of multi-queue NFQUEUE as a macro parameter. + Correct the description of the 'bypass' NFQUEUE option in shorewall-rules(5). - Update to bugfix minor 5.2.3.3 Previously, if an ipset was specified in an SPORT column, the compiler would raise an error similar to: ERROR: Invalid ipset name () /etc/shorewall/rules (line 44) - Update to bugfix minor 5.2.3.2 Shorewall 5.2 automatically converts an existing 'masq' file to an equivalent 'snat' file. Regrettably, Shorewall 5.2.3 broke that automatic update, such that the following error message was issued: Use of uninitialized value $Shorewall::Nat::raw::currentline in pattern match (m//) at /usr/share/shorewall/Shorewall/Nat.pm line 511, <$currentfile> line nnn. and the generated 'masq' file contains only initial comments. That has been corrected. - Update to bugfix minor 5.2.3.1 release + An issue in the implementation of policy file zone exclusion, released in 5.2.3 has been resolved. In the original release, if more than one zone was excluded then the following error was raised: ERROR: 'all' is not allowed in a source zone list etc/shorewall/policy (line ...) - Update to new 5.2.3 bugfix release http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.3/releasenotes.txt This is the retirement of Tom Eastep see. https://sourceforge.net/p/shorewall/mailman/message/36589782/ - Removed module* in file section - Clean-up changes and spec (trailing slashes) - Update to new 5.2.2 bugfix release http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.2/releasenotes.txt - Packaging: + As seen with upstream recommend running shorewall update on all version update - Update to major version 5.2.1.4 A lot of changes occurs since last package please consult http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.1/releasenotes.txt and the know problem list at http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.1/known_problems.txt - Update your configuration shorewall update This update was imported from the openSUSE:Leap:15.1:Update update project. shorewall-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall-5.2.4.4-bp151.4.3.1.src.rpm shorewall-core-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall-docs-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall-init-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall-lite-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall6-5.2.4.4-bp151.4.3.1.noarch.rpm shorewall6-lite-5.2.4.4-bp151.4.3.1.noarch.rpm openSUSE-2020-761 moderate openSUSE Backports SLE-15-SP1 Update This update for syslog-ng fixes the following issues: - removed creating news log files from the RPM %post section. Added syslog-ng.conf options to create files/directories automatically, and commenting the relevant part out. This update was imported from the openSUSE:Leap:15.1:Update update project. libevtlog-3_19-0-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-3.19.1-bp151.4.6.1.src.rpm syslog-ng-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-curl-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-devel-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-geoip-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-java-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-python-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-redis-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-smtp-3.19.1-bp151.4.6.1.x86_64.rpm syslog-ng-sql-3.19.1-bp151.4.6.1.x86_64.rpm libevtlog-3_19-0-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-curl-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-devel-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-geoip-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-java-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-python-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-redis-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-smtp-3.19.1-bp151.4.6.1.aarch64.rpm syslog-ng-sql-3.19.1-bp151.4.6.1.aarch64.rpm libevtlog-3_19-0-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-curl-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-devel-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-geoip-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-java-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-python-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-redis-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-smtp-3.19.1-bp151.4.6.1.ppc64le.rpm syslog-ng-sql-3.19.1-bp151.4.6.1.ppc64le.rpm libevtlog-3_19-0-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-curl-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-devel-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-geoip-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-java-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-python-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-redis-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-smtp-3.19.1-bp151.4.6.1.s390x.rpm syslog-ng-sql-3.19.1-bp151.4.6.1.s390x.rpm openSUSE-2020-776 moderate openSUSE Backports SLE-15-SP1 Update This update for fossil fixes the following issues: fossil was updated to 2.11: * Support Markdown in the default ticket configuration * Timestamp strings in object names can now omit punctation * Enhance backlink processing so that it works with Markdown- formatted tickets and so that it works for wiki pages fossil rebuild is needed to take full advantage of this fix * Many improvements to the forum and especially email notification of forum posts * Minimum length of a self-registered user ID increased from 3 to 6 characters * Rework the fossil grep command to be more useful * Expose the redirect-to-https setting to the settings command * Most commands now support the Unix-conventional "--" flag to treat all following arguments as filenames instead of flags * Add the mimetypes config setting * security harening against possibly tampered database schemas * Now sends the Content-Security-Policy header * Stop using the IP address as part of the login cookie * many web UI and CLI improvements, documentation updates fossil was updated to 2.10: * Add support for CGI-based Server Extensions * UI improvement and extensions * Change the default hash policy to SHA3 * Performance optimizations fossil was updated to 2.9: * Add the fossil git export command * Web UI layout and behavior improvements * Add the fossil touch command, and the --setmtime option on the fossil open and fossil update commands * Add the /secureraw page that requires the complete SHA1 or SHA3 hash, not just a prefix, before it will deliver content * Improvement to clone and sync behavior * many other bug fixes and improvements fossil was updated to 2.8: * Show cherry-pick merges as dotted lines on the timeline graph. The "fossil rebuild" command must be run to create and populate the new "cherrypick" table in the repository in order for this feature to operate. * Web UI improvements * Wiki setup is now at /setup_wiki * Provide the ability to redirect all HTTP pages to HTTPS * Add the backoffice-disable setting to completely disable the backoffice feature fossil was updated to 2.7: * New email alerts feature * New discussion forum feature * UI improvements for built-in skins on small screens * Use of Content Security Policy (CSP) in built-in skins fossil was updated to 2.6: * Add the new "Classic" timeline viewing mode * Add support HTTP cache control mechanisms * Improvements to various pages and functions * Additional defenses against web-based attacks fossil-2.11-bp151.4.3.1.src.rpm fossil-2.11-bp151.4.3.1.x86_64.rpm fossil-2.11-bp151.4.3.1.aarch64.rpm fossil-2.11-bp151.4.3.1.ppc64le.rpm fossil-2.11-bp151.4.3.1.s390x.rpm openSUSE-2020-771 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: - Update to version 0.6.11: * Bugfixes: + Fixed MPRIS missing art url when playing albums with embedded cover. + Fixed updating local non collection songs when manually unsetting cover. + Fixed infinite loop and preceding crash when CSS background-color was set in qt5ct. + Fixed UI freeze when updating the database from a large Subsonic or Tidal collection. + Fixed crash when CD loading fails in devices. + Fixed CD devices showing up with having 0 songs after loading. + Fixed the album cover loading indicator being stuck if no cover providers were available. + Fixed the playing widget not updating artist, album or title after metadata has changed for a song when no album cover was loaded. * Enhancements: + Sort songs in collection by song title instead of track if previous grouping is not the album. + Added option to switch on/off automatically searching for album covers to context settings. + Reset last played song when playlist is finished. + Checking content type of received HTTP request for image when receiving album covers. + Added option to scrobbler setting for turning off login error popup. + Made MusicBrainz and Discogs cover providers respect rate limiting. * New features: + Added option to show/hide sidebar. + Added settings for selecting album cover and lyrics providers. + Added album covers from Musixmatch and Spotify. + Added lyrics from Genius, Musixmatch and ChartLyrics. This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.11-bp151.2.21.1.src.rpm strawberry-0.6.11-bp151.2.21.1.x86_64.rpm openSUSE-2020-788 moderate openSUSE Backports SLE-15-SP1 Update This update for GraphicsMagick fixes the following issues: - CVE-2020-12672: heap-based buffer overflow in ReadMNGImage in coders/png.c. (boo#1171271) This update was imported from the openSUSE:Leap:15.1:Update update project. GraphicsMagick-1.3.29-bp151.5.15.1.src.rpm GraphicsMagick-1.3.29-bp151.5.15.1.x86_64.rpm GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64.rpm libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64.rpm libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64.rpm perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64.rpm openSUSE-2020-785 moderate openSUSE Backports SLE-15-SP1 Update This update for axel fixes the following issues: axel was updated to 2.17.8: * CVE-2020-13614: SSL Certificate Hostnames were not verified (boo#1172159) * Replaced progressbar line clearing with terminal control sequence * Fixed parsing of Content-Disposition HTTP header * Fixed User-Agent HTTP header never being included Update to version 2.17.7: - Buildsystem fixes - Fixed release date for man-pages on BSD - Explicitly close TCP sockets on SSL connections too - Fixed HTTP basic auth header generation - Changed the default progress report to "alternate output mode" - Improved English in README.md Update to version 2.17.6: - Fixed handling of non-recoverable HTTP errors - Cleanup of connection setup code - Fixed manpage reproducibility issue - Use tracker instead of PTS from Debian Update to version 2.17.5: - Fixed progress indicator misalignment - Cleaned up the wget-like progress output code - Improved progress output flushing Update to version 2.17.4: - Fixed build with bionic libc (Android) - TCP Fast Open support on Linux - TCP code cleanup - Removed dependency on libm - Data types and format strings cleanup - String handling cleanup - Format string checking GCC attributes added - Buildsystem fixes and improvements - Updates to the documentation - Updated all translations - Fixed Footnotes in documentation - Fixed a typo in README.md Update to version 2.17.3: - Builds now use canonical host triplet instead of `uname -s` - Fixed build on Darwin / Mac OS X - Fixed download loops caused by last byte pointer being off by one - Fixed linking issues (i18n and posix threads) - Updated build instructions - Code cleanup - Added autoconf-archive to building instructions Update to version 2.17.2: - Fixed HTTP request-ranges to be zero-based - Fixed typo "too may" -> "too many" - Replaced malloc + memset calls with calloc - Sanitize progress bar buffer len passed to memset Update to version 2.17.1: - Fixed comparison error in axel_divide - Make sure maxconns is at least 1 Update to version 2.17: - Fixed composition of URLs in redirections - Fixed request range calculation - Updated all translations - Updated build documentation - Major code cleanup - Cleanup of alternate progress output - Removed global string buffers - Fixed min and max macros - Moved User-Agent header to conf->add_header - Use integers for speed ratio and delay calculation - Added support for parsing IPv6 literal hostname - Fixed filename extraction from URL - Fixed request-target message to proxy - Handle secure protocol's schema even with SSL disabled - Fixed Content-Disposition filename value decoding - Strip leading hyphens in extracted filenames This update was imported from the openSUSE:Leap:15.1:Update update project. axel-2.17.8-bp151.4.3.1.src.rpm axel-2.17.8-bp151.4.3.1.x86_64.rpm axel-2.17.8-bp151.4.3.1.aarch64.rpm axel-2.17.8-bp151.4.3.1.ppc64le.rpm axel-2.17.8-bp151.4.3.1.s390x.rpm openSUSE-2020-787 moderate openSUSE Backports SLE-15-SP1 Update This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open() with O_RDWR (boo#1171655). This update was imported from the openSUSE:Leap:15.1:Update update project. alevtd-3.103-bp151.4.3.1.x86_64.rpm motv-3.103-bp151.4.3.1.x86_64.rpm pia-3.103-bp151.4.3.1.x86_64.rpm tv-common-3.103-bp151.4.3.1.x86_64.rpm v4l-conf-3.103-bp151.4.3.1.x86_64.rpm v4l-tools-3.103-bp151.4.3.1.x86_64.rpm xawtv-3.103-bp151.4.3.1.src.rpm xawtv-3.103-bp151.4.3.1.x86_64.rpm openSUSE-2020-2167 moderate openSUSE Backports SLE-15-SP1 Update This update for proftpd fixes the following issues: proftpd was updated to 1.3.6d: * Issue 857 - Fixed regression in the handling of `%{env:...}` configuration variables when the environment variable is not present. * Issue 940 - Second LIST of the same symlink shows different results. * Issue 959 - FTPS uploads using TLSv1.3 are likely to fail unexpectedly. * Issue 980 - mod_sftp sends broken response when CREATETIME attribute is requested. * Bug 4398 - Handle zero-length SFTP WRITE requests without error. * Issue 1018 - PidFile should not be world-writable. * Issue 1014 - TLSv1.3 handshake fails due to missing session ticket key on some systems. * Issue 1023 - Lowercased FTP commands not properly identified. proftpd-1.3.6e-bp151.4.13.1.src.rpm proftpd-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-devel-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-doc-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-lang-1.3.6e-bp151.4.13.1.noarch.rpm proftpd-ldap-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-mysql-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-pgsql-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-radius-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-sqlite-1.3.6e-bp151.4.13.1.x86_64.rpm proftpd-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-devel-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-doc-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-ldap-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-mysql-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-pgsql-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-radius-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-sqlite-1.3.6e-bp151.4.13.1.aarch64.rpm proftpd-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-devel-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-doc-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-ldap-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-mysql-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-pgsql-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-radius-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-sqlite-1.3.6e-bp151.4.13.1.ppc64le.rpm proftpd-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-devel-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-doc-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-ldap-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-mysql-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-pgsql-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-radius-1.3.6e-bp151.4.13.1.s390x.rpm proftpd-sqlite-1.3.6e-bp151.4.13.1.s390x.rpm openSUSE-2020-816 moderate openSUSE Backports SLE-15-SP1 Update This update for libntlm fixes the following issues: Update to release 1.6: * CVE-2019-17455: Fixed a buffer overflow in buildSmbNtlmAuth* function. (boo#1153669) This update was imported from the openSUSE:Leap:15.1:Update update project. libntlm-1.6-bp151.4.3.1.src.rpm libntlm-devel-1.6-bp151.4.3.1.x86_64.rpm libntlm0-1.6-bp151.4.3.1.x86_64.rpm libntlm-devel-1.6-bp151.4.3.1.aarch64.rpm libntlm0-1.6-bp151.4.3.1.aarch64.rpm libntlm-devel-1.6-bp151.4.3.1.ppc64le.rpm libntlm0-1.6-bp151.4.3.1.ppc64le.rpm libntlm-devel-1.6-bp151.4.3.1.s390x.rpm libntlm0-1.6-bp151.4.3.1.s390x.rpm openSUSE-2020-821 moderate openSUSE Backports SLE-15-SP1 Update This update for libupnp fixes the following issues: - CVE-2020-13848: A NULL ptr denial of service via crafted SSDP message was fixed (boo#1172625) This update was imported from the openSUSE:Leap:15.1:Update update project. libupnp-1.6.25-bp151.4.3.1.src.rpm libupnp-devel-1.6.25-bp151.4.3.1.x86_64.rpm libupnp6-1.6.25-bp151.4.3.1.x86_64.rpm libupnp-devel-1.6.25-bp151.4.3.1.aarch64.rpm libupnp6-1.6.25-bp151.4.3.1.aarch64.rpm libupnp6-64bit-1.6.25-bp151.4.3.1.aarch64_ilp32.rpm libupnp-devel-1.6.25-bp151.4.3.1.ppc64le.rpm libupnp6-1.6.25-bp151.4.3.1.ppc64le.rpm libupnp-devel-1.6.25-bp151.4.3.1.s390x.rpm libupnp6-1.6.25-bp151.4.3.1.s390x.rpm openSUSE-2020-820 moderate openSUSE Backports SLE-15-SP1 Update This update for prboom-plus fixes the following issues: - CVE-2019-20797: Fixed a buffer overflow in client and server code responsible for handling received UDP packets (boo#1171974) This update was imported from the openSUSE:Leap:15.1:Update update project. prboom-plus-2.5.1.4-bp151.4.3.1.src.rpm prboom-plus-2.5.1.4-bp151.4.3.1.x86_64.rpm prboom-plus-2.5.1.4-bp151.4.3.1.aarch64.rpm prboom-plus-2.5.1.4-bp151.4.3.1.ppc64le.rpm prboom-plus-2.5.1.4-bp151.4.3.1.s390x.rpm openSUSE-2020-834 moderate openSUSE Backports SLE-15-SP1 Update This update for python-limnoria fixes the following issues: python-limnoria was updated: to version 2020-05-01: * Fix extra arguments to irc.reply() being ignored by messages returned by '@more' (gh#ProgVal/Limnoria#1405). Update to version 2020-03-19: * Update links to the documentation. * Updated translations. Update to version 2020-01-31: + RSS: If ids are missing, use <link> as id. + RSS: Show a meaningful error in case '@rss' is called with a non-URL/… + ChannelStats: Use the safe math evaluator. + core/Math: Move the math evaluator to src/utils/. + Math: Fix log/log10 return type. + Aka, Google, String: fix more DeprecationWarning in tests (#1328) + AutoMode, Channel, Nickometer: fix invalid escape sequence Deprecatio… + plugins: use r'' strings to fix DeprecationWarning in test cases (#1328) + Aka, Debug: cleanup imports + Use importlib instead of imp. + Replace failUnless/failIf with assertTrue/assertFalse. + Socket: Don't add instances twice in cls._instances. + Socket: use a proper lock instead of a boolean. + Add subcommand dispatching for CAP/FAIL/WARN/NOTE. + Rename doAuthenticate* functions to not conflict with callback names. + Make irc.error do nothing is no string is given as argument. + Call super().setValue() before defaultHttpHeaders. + Deduplicate setting Accept-Language HTTP header. + Web: Implement protocols.http.requestLanguage + Add supybot.protocols.http.requestLanguage + Fix getSpecific usage + Import MutableMapping and MutableSet from collections.abc. + setup.py: migrate shebang to Python 3 + setup.py: remove obsolete version_info conditionals + scripts: remove obsolete conditionals for Python 2 + scripts: migrate shebangs and version checks to Python 3 + Be less hostile to users in --allow-root help + Readd Limnoria name to default part & quit messages + SedRegex: skip testReDoSTimeout if multiprocessing is disabled + SedRegex: update plugin metadata + SedRegex: spawn a single process to handle the whole history. + SedRegex: add test for ReDoS timeout + SedRegex: abort when a search times out + SedRegex: test case normalization of channel names + SedRegex: match channel names case insensitively + SedRegex: log all errors, always display the not found mesage + SedRegex: reuse processTimeout in the sub() process too + SedRegex: README: specifically mention that /s is specific to this plugin + SedRegex: make the regexp process timeout configurable + SedRegex: remove compatibility workaround for Python 2.7.6 and lower + SedRegex: skip testBoldReplacement on Python 2 + SedRegex: remove a duplicate test + SedRegex: use self.__class__ instead of __class__ in tests (Python 2 … + SedRegex: add a bunch of test cases + SedRegex: bump copyright year to 2017 + SedRegex: fix some replacement queries not working + SedRegex: also catch errors in the regexp_wrapper() step + SedRegex: log the exact error name instead of "SedRegex error" + SedRegex: require ending delimiter to prevent overzealous matching of… + SedRegex: work around "nothing to replace" errors on < Python 2.7.6 a… + SedRegex: fix flag matching + SedRegex: add configuration / usage instructions + SedRegex: implement 's' regex flag to only match the caller's message + SedRegex: allow free form flags and return them in _unpack_sed() + SedRegex: sanitize against \n\r\t in output + SedRegex: only operate on messages from the current network + SedRegex: work around "nothing to repeat" errors on Python < 2.7.6 Update to version 2020-01-01: + Skip irctest when optional dependencies are not installed. Update to version 2019-12-21: + Add config supybot.reply.format.list.maximumItems to limit the size o… + Add fallback if getting supybot.language from registry cache failed. + All plugins: set Limnoria contributors as maintainer + Better formatting in supybot.Author if some fields are missing + Get locale name on startup from registry cache instead of parsing con… + Make getLocaleFromRegistryCache reload existing locales. + Math: Fix test on Pypy. + Math: Display a nicer error in case of MemoryError. + MoobotFactoids: Fix support of commands sent in private. + Nicer error message in getChannel/makeChannelFilename when channel is… + Plugin: support showing __maintainer__ field in the 'author' command + Plugin: accept author name in 'contributors' command + QuoteGrabs: fix SyntaxWarning (#1391) + Remove dead code from Group that belongs in Value. + Request msgid capability. + RSS: Register feed config in config.py instead of plugin.py. + Scheduler: Use assertRegexp instead of assertNotRegexp in tests. + Scheduler: Use default timeout for assertResponse. + Scheduler: Use mocking to make tests faster. + Services: Fix typo in doInvite() (#1394) + Update core fr translation. + Update supybot-plugin-doc to work with current version of the registry. + Web: Lower log level when title could not be found. + Web: Remove leading space if the prefix is empty. + Web: Add early returns on exception when snarfing titles. + src/callbacks.py: use network-specific values. + test: Don't overwrite the main Schedule in the driver list. + test: Mock calls to time.sleep() + test: choose a random free port for tests using the HTTP server Update to version 2019-11-09: + Fix log on SASL failure. + Math: Rewrite calc functions with a proper evaluator. + Log SASL mechanism on failure. Closes GH-1014. + Config: Add : prefix to network-specific values listed by 'config list'. + Web: Catch more errors in getTitle. + Split 'CAP REQ' commands to not exceed 512 bytes. + Reset capability set state on reconnection. + Fix conditional on CTCP in urlSnarfer + Use a real invalid email in supybot.authors.unknown + Don't repeat nick in supybot.Author if nick and name are the same + regexp_wrapper: return None instead of False when search times out Update to version 2019-09-08: * Interpret empty server tag values as missing tag values. As required by https://ircv3.net/specs/extensions/message-tags Changes from version 2019-08-25: * Config: Prevent accidental leak of private values on public channels. Changes from version 2019-07-17: * Google: Update for Google's new HTML layout. This update was imported from the openSUSE:Leap:15.1:Update update project. python-limnoria-2020.05.01-bp151.3.3.1.src.rpm python3-limnoria-2020.05.01-bp151.3.3.1.noarch.rpm openSUSE-2020-819 moderate openSUSE Backports SLE-15-SP1 Update This update for varnish fixes the following issues: - CVE-2019-20637: Fixed an information leak when handling one client request and the next on the same connection (boo#1169040) - CVE-2020-11653: Fixed a performance loss due to an assertion failure and daemon restart when communicating with TLS termination proxy that uses PROXY version 2 (boo#1169039) This update was imported from the openSUSE:Leap:15.1:Update update project. libvarnishapi2-6.2.1-bp151.4.6.1.x86_64.rpm varnish-6.2.1-bp151.4.6.1.src.rpm varnish-6.2.1-bp151.4.6.1.x86_64.rpm varnish-devel-6.2.1-bp151.4.6.1.x86_64.rpm libvarnishapi2-6.2.1-bp151.4.6.1.aarch64.rpm varnish-6.2.1-bp151.4.6.1.aarch64.rpm varnish-devel-6.2.1-bp151.4.6.1.aarch64.rpm libvarnishapi2-6.2.1-bp151.4.6.1.ppc64le.rpm varnish-6.2.1-bp151.4.6.1.ppc64le.rpm varnish-devel-6.2.1-bp151.4.6.1.ppc64le.rpm libvarnishapi2-6.2.1-bp151.4.6.1.s390x.rpm varnish-6.2.1-bp151.4.6.1.s390x.rpm varnish-devel-6.2.1-bp151.4.6.1.s390x.rpm openSUSE-2020-832 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 83.0.4103.97 (boo#1171910,bsc#1172496): * CVE-2020-6463: Use after free in ANGLE (boo#1170107 boo#1171975). * CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-04-21 * CVE-2020-6466: Use after free in media. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-04-26 * CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song on 2020-04-06 * CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina of Seaside Security, Chani Jindal of Shellphish on 2020-04-30 * CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-02 * CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski of Securitum on 2020-03-30 * CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-08 * CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-25 * CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia on 2020-02-06 * CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-07 * CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani on 2019-10-31 * CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne on 2019-12-18 * CVE-2020-6477: Inappropriate implementation in installer. Reported by RACK911 Labs on 2019-03-26 * CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani on 2019-12-24 * CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen of andsecurity.cn on 2020-01-14 * CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt on 2020-02-21 * CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora on 2020-04-07 * CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi (@qab) on 2017-12-17 * CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-05-23 * CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko on 2020-01-26 * CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov of Google Project Zero on 2020-01-30 * CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg on 2020-02-24 * CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu (@shhnjk) on 2015-10-06 * CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg on 2020-01-21 * CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa (Ophir LOJKINE) on 2020-02-10 * CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter on 2019-12-19 * CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal M.A on 2020-02-07 * CVE-2020-6493: Use after free in WebAuthentication. * CVE-2020-6494: Incorrect security UI in payments. * CVE-2020-6495: Insufficient policy enforcement in developer tools. * CVE-2020-6496: Use after free in payments. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-83.0.4103.97-bp151.3.85.1.x86_64.rpm chromium-83.0.4103.97-bp151.3.85.1.src.rpm chromium-83.0.4103.97-bp151.3.85.1.x86_64.rpm chromedriver-83.0.4103.97-bp151.3.85.1.aarch64.rpm chromium-83.0.4103.97-bp151.3.85.1.aarch64.rpm openSUSE-2020-1035 moderate openSUSE Backports SLE-15-SP1 Update This update for redis fixes the following issues: - CVE-2020-14147: Context dependent attackers with permission to run Lua code in a Redis session could have caused a denial of service (memory corruption and application crash) or possibly bypass sandbox restrictions (boo#1173018) redis-4.0.14-bp151.3.6.1.src.rpm redis-4.0.14-bp151.3.6.1.x86_64.rpm redis-4.0.14-bp151.3.6.1.aarch64.rpm redis-4.0.14-bp151.3.6.1.ppc64le.rpm redis-4.0.14-bp151.3.6.1.s390x.rpm openSUSE-2020-840 moderate openSUSE Backports SLE-15-SP1 Update This update for python-mysql-connector-python fixes the following issues: - Add requirements on python-dnspython and python-protobuf (boo#1172784) This update was imported from the openSUSE:Leap:15.1:Update update project. python-mysql-connector-python-8.0.19-bp151.4.6.1.src.rpm python2-mysql-connector-python-8.0.19-bp151.4.6.1.noarch.rpm python3-mysql-connector-python-8.0.19-bp151.4.6.1.noarch.rpm openSUSE-2020-853 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: Update to 1.2.0 boo#1099674: * Fix pypi rewritter to work with wheels * Do not choke on multiline string macros * Add %{dephell_gensetup} macro instead of the full call This update was imported from the openSUSE:Leap:15.1:Update update project. spec-cleaner-1.2.0-bp151.3.21.1.noarch.rpm spec-cleaner-1.2.0-bp151.3.21.1.src.rpm spec-cleaner-format_spec_file-1.2.0-bp151.3.21.1.noarch.rpm openSUSE-2020-856 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to version 83.0.4103.106 (boo#1173029): * CVE-2020-6505: Use after free in speech * CVE-2020-6506: Insufficient policy enforcement in WebView * CVE-2020-6507: Out of bounds write in V8 - Enforce to not use system borders bsc#1173063 This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-83.0.4103.106-bp151.3.88.1.x86_64.rpm chromium-83.0.4103.106-bp151.3.88.1.src.rpm chromium-83.0.4103.106-bp151.3.88.1.x86_64.rpm chromedriver-83.0.4103.106-bp151.3.88.1.aarch64.rpm chromium-83.0.4103.106-bp151.3.88.1.aarch64.rpm openSUSE-2020-1043 moderate openSUSE Backports SLE-15-SP1 Update This update for xmlgraphics-batik fixes the following issues: - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests (bsc#1172961). This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. xmlgraphics-batik-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-1.9-bp151.2.3.1.src.rpm xmlgraphics-batik-demo-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-rasterizer-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-slideshow-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-squiggle-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-svgpp-1.9-bp151.2.3.1.noarch.rpm xmlgraphics-batik-ttf2svg-1.9-bp151.2.3.1.noarch.rpm openSUSE-2020-948 moderate openSUSE Backports SLE-15-SP1 Update This update for gsoap, kopano, kopano-python-services fixes the following issues: kopano was updated to release 10.0.5: * Enhancements: * gateway: support loading MAPI folders with slash in their name. * Fixes: * admin: fix stack exhaustion calling AclRightsToString. * admin: fix out-of-bounds access in ConsoleTable. * dagent: change SMTP error code for plugin failure from permanent to transient category. * server: recognize more MariaDB-specific status codes and initiate reconnect if needed. * server: fix a cache pollution with PR_HTML and PR_RTF_COMPRESSED. * dagent: failure to run actions will no longer stop rule processing. * mapi4linux: avoid M4LMAPISession going away while ECMsgStore object(s) still alive. Update to release 10.0.4 * Enhancements: * daemons: service units now run with systemd protections on. * icalmapi: support reading multi-iCal and multi-vCard files. * Fixes: * dagent, spooler: workaround crash during Python GC. * dagent, gateway: avoid stack exhaustion in HTML filter. * gateway: avoid non-atomic replacement of SSL context. * gateway: avoid one crash case for deeply-nested HTML mail. * server: cure a mysql wait phase during shutdown. * server: cure a crash when the SQL server has shut down. * daemons: avoid deadlock during signal handling. * libserver: fix use-after-free and crash on shutdown. * Various null deref warnings from clang --analyze were fixed. * libserver: resolve memory leak of MYSQL objects. Update to release 10.0.3 * Enhancements: * server: new config directive request_log_method and request_log_file. * server: The log_level=0x100000 bit (SOAP) no longer has a meaning; use the request_log_file mechanism instead. Update to release 10.0.2 * dagent: add processing time stats and publish via surveyclient * common: fix a malloc/delete[] mismatch in kc_utf8_to_punyaddr * Respect KOPANO_SOCKET environment variable in all programs * server: support numeric UID/GID for local_admin_users directive * daemons: support numeric UID/GID for run_as_* directives Update to release 10.0.1 * common: avoid computing log messages that will not get shown [KC-1674] * freebusy: fix crash in RecurrenceState::Exception instantiation * client: IDN support [KC-1659] * In config files, fractional values can now be used for sizes ("0.5G"). Update to release 9.0.2 * Enhancements: * storeadm: print entity types in orphan list [KC-718] * client: improve dreaded "gsoap connect: ()" reporting * server: fix dreaded "SSL_accept: (null)" reporting * ECtools: add kopano-vcfimport * Fixes: * client: resolve rogue file descriptor closing [KC-1397, KC-1462, KC-1518, KC-1584, KS-42330, KS-43193, KS-43409, KS-43618, KS-43677, KS-43693, KS-43907, KS-43925, KS-43936] * dagent: resolve crash when appointment has empty organizer [KC-1637] * spooler: regard redirected messages as having recipients [KC-1638] - Drop chown calls from scriptlets [boo#1154309] Update to release 8.7.85 * daemons: support "%xxx"-style interface identifiers in bindspecs (the "server_listen" or similarly-named directives in .cfg files) * client: send fewer logoff calls [KC-1590] * daemons: AF_LOCAL sockets were erroneously owned by root rather than run_as_user [KC-1616] * pyko: avoid circular strong reference from notification to store [KC-1572] * php: add missing successful return value for zif_mapi_vcfstomapi [KC-1487] * client: unbreak translation of newly created store folder names [KC-1607] * dagent: the server_bind_intf option is removed in favor of %xxx * search: put back the old value for limit_results=1000 - Update to release 8.7.84 * server: new installations will use files_v2 by default [KC-567] * icalmapi: vCard 4.0 (RFC 6350) is now emitted * kopano-set-oof has been removed; use `kopano-oof` instead [KC-981] * kopano-localize-folders has been removed; use `kopano-storeadm -Y` instead * admin: the --mr-process option has been added * dbadm: the "populate" action has been added * daemons: the {pop3,imap,etc.}_listen directives can now take an interface specifier similar to ping(8), e.g. "%eth0" * server/ldapplugin: LDAP group membership cache [KC-1588] - Update to release 8.7.83 * libserver: fix "withholding" of properties from clients [KC-1547] * dagent, spooler: threaded more is enabled by default now [KC-1475] * ldapplugin: 22% speedup in retriving the entire user list [KC-1399] * client: enable write-caching for properties on stores and folders; improves e.g. store creation time by 17% [KC-1585] * Dropped Python2 and PHP5 support - Update to new upstream release 8.7.3 * Fixes: * dagent: standard casing for RFC 5322 headers [KF-2100] * daemons: do not fail startup on IPv4-only systems [KC-1400] * Feed HTML through libtidy before using it for the to-plaintext conversion stage [KS-40722] * server: fix crash on shutdown [KF-2179] * server: address a potential crash due to type mismatch [KF-2151] * server: use utf8mb3 with mysql 5.1 [KC-1423] * server: avoid entering truncated tproperties data into the cache [KC-1417] * server: avoid using OpenLDAP-specific filters that 389-ds does not know about [KC-1402] * server: fixed TLS negotiation errors with openSSL 1.1.1 [KC-1439] * spooler: avoid unnecessary QP encoding in header fields [KC-1430] * spooler: fix hang on process termination [KC-1449] * srvadm: do not complain about default_store_locale [KC-1416] * dbadm: some long-running statements can now be run in parallel with the new -j option [KS-42617] * pyko: expand stubbed messages when dumping [KC-1159,KC-1168] * pyko: don't mix str/int busy statuses [KC-1433] * oof: fix erroneous -u parsing [KC-1425] * oof: make --message option set the right property [KC-1435] * server: complete utf8mb4->utf8 fallback for RHEL6 [KC-1423] * inetmapi: modified appointments need to produce a new Message-ID [KC-1458] * dagent: set Bcc/RecipMe flags appropriately [KC-319] * inetmapi: restore FQDN in Message-IDs [KC-1393] * inetmapi: parse fake "From:" header better to hinder proliferation of impersonations [KC-1350] * stats: print "PR_..." instead of proptag numbers [KC-1495] * server: no more unbounded thread number increase [KC-1446] * php: fix crash in zif_mapi_getprops [KC-1507] * Enhancements: * backup: do record outofoffice settings * php-ext: performance measurement log now contains a timestamp, thread identifier, and global monotonic counter. This can be used for estimating the achieved command rate. - Update to 8.7.0 stable git HEAD * dagent: standard casing for RFC 5322 headers [KF-2100] * daemons: do not fail startup on IPv4-only systems [KC-1400] * Feed HTML through libtidy before using it for the to-plaintext conversion stage [KS-40722] * server: fix crash on shutdown [KF-2179] * server: address a potential crash due to type mismatch [KF-2151] * server: use utf8mb3 with mysql 5.1 [KC-1423] * srvadm: do not complain about default_store_locale [KC-1416] * dbadm: some long-running statements can now be run in parallel with the new -j option [KS-42617] * pyko: expand stubbed messages when dumping [KC-1159,KC-1168] - Update to 8.7.0 stable * server: fix disappearing inbox rules [KC-1359] * kopano-dbadm: new action "usmp" and "usmp-charset" * server: no more automatic upgrade to utf8mb4, use `kopano-dbadm usmp` instead [KF-1394] * dagent: the spam_header_name was not matched correctly [KF-1961] * dagent/client/libserver: fix inadvertent AF_LOCAL->SSL redirect [KC-1368] * client: ABEIDs were parsed wrong (and it broke with gcc8) [KC-1386] * php7-ext: cease modifying potentially-immutable PHP variables [KC-1355] - Update to 8.7~beta release (8.6.90) * dagent, gateway, ical: modern socket specification in .cfg with lmtp_listen=, pop3_listen=, imap_listen=, ical_listen=, etc. * dagent: PF_LOCAL socket support for communicating with postfix * dagent: limited support for RFC 6531 (SMTPUTF8) * server: LDAP STARTTLS support for user backend * spooler: new config value log_raw_message=error * daemons: coredumps no longer rely on fs.suid_dumpable * server: support for Unicode supplemental plane (Emojis) * spooler: add copy_delegate_mails=move-to-rep config directive * kopano-ibrule: new utility for MAPI rules * server: experimental "files_v2" attachment storage * kopano-statsd: new daemon that records dagent/server/spooler statistics * This is an abridged list; there are more changes to configuration and behavior; see RELNOTES.txt in the "kopano-common" package for more details. - Update to new snapshot 8.6.7.2 * Fixes: * gateway, spooler: (re-)activate RFC 2047 header generation (Outlook is still unable to read the RFC 2231 headers that are generated normally) [KC-1226] * srvadm: make --purge-softdelete=0 work * Enhancements: * dagent: advertise 8BITMIME/RFC6152 support [KS-41452] * dagent/client: fixed broken umlauts in PR_EC_BODY_FILTERED when input was not UTF-8 [KC-1225] - Update to new upstream release 8.6.6 * ical: handle double quotes in Content-Type header * server: repair broken timing log messages for ldapplugin * php7-ext: cure stack corruption in mapi_vcftomapi * gateway: avoid uncaught exception when client disconnects midway * dagent: avoid always running into K-2383 * server: avoid SSL crash near ERR_clear_error on shutdown - Update to new upstream snapshot 8.6.2.25 * Fixes: * ical: handle double quotes in Content-Type header * Enhancements: * client: now emits warnings about own incomplete PR_RULES_DATA processing * inetmapi: now emits a warning when runtime vmime is too old * server: fewer stat calls to the attachment backend * Changes: * dagent: default for log_timestamp changed to "yes" - Update to new upstream snapshot 8.6.1.99 * Fixes: * Fix crash due to ODR violation * libserver: drop all remains of clientupdatestatus table * gateway: fix crash when new client immediately disconnects * mapi: avoid garbage at end of malformed RTF * Enhancements: * kopano-dbadm: new diagnostics program for offline database modification * kopano-server: allow use of --ignore-da to skip schema update that won't complete * build: support ICU 61 * propmap: expose kopanoHidden LDAP attribute as PR_EC_AB_HIDDEN * Changes: * daemons: disable SSL renegotiation for OpenSSL 1.1+ * server: invalid port strings are now rejected * client: quiesce verbose logon failure messages * boot: set default and UTF-8 locale for services - Update to new upstream release 8.6.1 * Fixes: * backup: ignore error when server cannot find attachments * server: search folders were not loaded on startup * monitor: handle absence of config file * dagent: do not treat -d option like -c was given * server: fix a case where an old kopano-server would refuse to start with a newer database even if --ignore-da was used * server: fix server/client getting slower when named properties are created multiple times [KC-1108] * client: fix data corruption when server returns high named property IDs [KC-1107] * Changes (generally requires admin action): * inetmapi: stop treating empty indexed_headers as "X-*" * dagent: cease indexing X-Headers by default * dagent: turn indexed_headers from a prefix list into an exact-match set * If you need certain e-mail headers copied into named properties, they MUST be explicitly listed _one by one_ in dagent.cfg:indexed_headers now. * Enhancements: * server: reorder SQL log messages so the error is shown first, and do say when the message was truncated Changes in kopano-python-services: - Drop chown calls from scriptlets [boo#1154309] - Update to release 10.0.1 * Sync up with kopanocore-10.0.1. No user visible changes to pytils. * Drop kopano-dagent-pytils:/usr/sbin/kopano-autorespond. This program is already provided by the kopano-dagent package. - Update to release 9.0.2 * Fix broken property getter for public:OnlineMeetingExternalLink * Replace cpickle by pickle * pyko: avoid circular strong reference from notification to store * pyko: add text and onlineMeetingUrl setter to Ocurrence(s) - Update to upstream snapshot 8.7.83 * Split Python services into their own RPM package gsoap was updated to release 2.8.102: * Improved HTTP digest authentication plugin to cover additional HTTP methods. Update to release 2.8.101: * Fix read beyond end-of-buffer in soap_accept * Other unspecified improvements Update to release 2.8.100: * Improved proxy connectivity on the client side to handle bearer authentication. * Improved soapcpp2 handling of the `#module` directive. * Fixed an MTOM flag clearing issue hampering MTOM usability. Update to release 2.8.99: * Improved performance of the soapcpp2 tool. * Improved proxy connectivity on the client side with `soap::proxy_host`, `soap::proxy_port`, and NTLM, to maintain HTTP headers, e.g. `soap::http_content` and `soap::http_extra_header`. * Fixed a bug in HTTP cookie handling when the optional `-DWITH_COOKIES` flag is used. Note that cookie support is disabled by default or has no effect when deploying robust services with the gSOAP Apache modules and ISAPI extensions that handle cookies differently. Update to release 2.8.98: * Updated the WS-Security and WS-Trust APIs that use SAML with higher precision timestamps in microseconds, using the `custom/struct_timeval.h` serializer for `xsd__dateTime`. The WS-Security and WS-Trust updates require compiling and linking with `custom/struct_timeval.c`. * Fixed an issue with soapcpp2 code generation of `wchar_t*` serializers when combined with a custom serializer with base type `wchar_t*`, i.e. when `extern typedef wchar_t* name` is declared. * Fixed an issue with soapcpp2 code generation when an element tag names starts with an underscore and the element is namespace qualified. Update to release 2.8.97: * Fixed wsdl2h processing of schemas with a cyclic schema `<xs:include>` that may cause wsdl2h to hang when schemas have no `targetNamespace` attribute. * Improved wsdl2h code generation of unqualified types and names defined in imported schemas (with `<xs:import>`) when these schemas have no `targetNamespace`. Use wsdl2h option `-z10` or lesser to revert to the code generation behavior of versions prior to 2.8.97. Update to release 2.8.96 * Improved `soap_check_mime_attachments()` and `soap_recv_mime_attachment()` functions and documentation, ensure proper close when MIME/MTOM errors occur. Update to release 2.8.95 * Upgraded smdevp.c to replace deprecated OpenSSL API function. * Updated WS-Security WSSE plugin, documentation, and demo. * Improved soapcpp2 execution speed to generate WSDL and XSD files. Update to release 2.8.94 * Fixed a wsdl2h issue that caused it to omit names for local simpleType restrictions in the generated `enum` types of struct/class members; improved soapcpp2 to avoid `enum` symbol numbering clashes in the generated source code. * Removed unnecessary namespace prefixes from some class/struct members in the source code generated by wsdl2h in a specific case, to prevent XML validation issues. * Added wsdl2h option `-z9` for backward compatibility of 2.8.94 and greater to versions 2.8.93 and lesser, which reverts the namespace change. Update to release 2.8.93 * Fixed a wsdl2h schema import/include issue when a `./` occurs in schemaLocation` and schema import/include dependencies are cyclic, causing wsdl2h to not be able to locate and read schema files. * Removed empty substitutionGroup and duplicate substitutionGroup elements in wsdl2h-generated `SUBSTITUTIONS` sections. Update to release 2.8.92 * Fixed soapcpp2-generated call to `soap_DELETE` for REST DELETE operations. Update to new upstream release 2.8.91 * Correction to fix soapcpp2 2.8.90 `-z#` flag enforcement problem. Update to new upstream release 2.8.89 * Added wsdl2h option `-X` to do not qualify part names in order to disambiguate document/literal wrapped patterns (as the other choice to disambiguate instead of the default qualification with schema namespaces). * Added wsdl2h option `-z8` for backward compatibility with 2.8.74 and earlier: don't qualify part names to disambiguate doc/lit wrapped patterns and revert to the old wrapper class/struct naming used for `xs:anyType` inheritance. Update to new upstream release 2.8.87 * Added `soap::connect_retry` to specify a number of retries at the client side when connecting to a server fails, with exponential backoff of 2^n seconds between retries. Zero by default, meaning no retries. * Added `soap::client_addr_ipv6` to optionally specify a IPv6 or host address to bind to at the client side, when the destination is a IPv6 server. Otherwise uses `soap::client_addr` to bind. Update to new upstream release 2.8.86 * Added `soap::client_addr` string to specify a IPv4 or IPv6 or a host address to bind to before connecting. This can be used at the client side to bind to an address before connecting to a server endpoint, similar to `soap::client_port`. * Fixed wsdl2h compilation issue with C++17. * Fixed a problem with the `SOAP_SSL_DEFAULT` settings parameter used with `soap_ssl_client_context` and `soap_ssl_server_context` that may lead to a weaker setting than specified. Update to new upstream release 2.8.83 * Added wsdl2h optimization options `-Ow2`, `-Ow3`, and `-Ow4` to optimize the generated source code by schema slicing, while retaining all derived extensions of base types. * Added wsdl2h option `-Q` to make `xsd__anySimpleType` equal to `xsd__anyType` to use as the base type for derived types, so that elements of type `xsd:anySimpleType` can be serialized with a derived type, using inheritance in C++ and by using simulated inheritance in C using wsdl2h option `-F`. * Updated wsdl2h options `-p` and `-F` to generate additional wrappers for primitive types that aren't XSD primitive types, such as `SOAP-ENC:base64`. * Improved wsdl2h output for the infrequently-used `SOAP-ENC:Array` type. * Fixed an issue with soapcpp2 option `-A` that resulted in error 13 `SOAP_NO_METHOD`. Update to new upstream release 2.8.81 * Added the ability to specify `nullptr` web service operation arguments, similar to `nullptr` struct and class members. This enables `xs:nillable="true"` elements corresponding to web service operation arguments. * Updated wsdl2h `import schemaLocation` logic to handle relative paths. * Updated DOM API for embedded serializable data types: `SOAP_DOM_ASIS` removes XML namespace bindings (`xmlns`) from the XML output of the embedded data type, which are normally added to ensure namespace prefixes are always valid. `SOAP_DOM_ASIS` requires the DOM to specify the namespace bindings explicitly. Update to new upstream release 2.8.80 * Updated to remove GCC 8.2 warnings. * Improved wsdl2h handling of relative file paths. Update to new upstream release 2.8.79 * Fixed a bug in wsdl2h option `-c` for C source code output, resulting in a missing `*` pointer for `_XML __any` member declaration when declared after the `$ int __size` array size member. The bug may lead to validation errors in extensible types when extra elements are present in the XML payload received. The fix produces the correct `_XML *__any` member declaration. Update to new upstream release 2.8.78 * wsdl2h: WSDL and schema imports of files on relative paths: file name without path or file name with path stating with ../ are considered relative locations with respect to the current WSDL and schema that is importing, otherwise imported files are considered relative to the directory in which wsdl2h is run (the `-I` option can be used to change that location). * wsdl2h: to display warnings for invalid complexType and simpleType extensions/restrictions but generates valid code in such cases by inference, the update also fixes a valid extension case. * Fixed compilation error for soapcpp2 options `-i` and `-j` caused by special case with empty input arguments to service operations. * Added jsoncpp new option `-k`. Update to new upstream release 2.8.75 * Added wsdl2h option `-F` to add transient pointer members to structs to simulate type derivation with structs in C. * Added wsdl2h option `-L` to generate less documentation in interface header files. * Added `WITH_NOEMPTYNAMESPACES` compile-time flag to disable `xmlns=""`, this is intended for backward compatibility with old XML parsers and old gSOAP versions that do not support `xmlns=""` empty default namespaces. * Updated wsdl2h option `-D` to make attributes with fixed values pointer members in structs and classes, not just attributes with default values. * Updated wsdl2h option `-f` to flatten C++ class hierarchy by removing inheritance. This option removes support for type derivation with `xsi:type` in XML. * Updated soapcpp2 to split up the `soap_call_ns__webmethod` functions into new `soap_send_ns__webmethod` and `soap_recv_ns__webmethod` functions called by `soap_call_ns__webmethod`. The new functions can be used for asynchronous messaging. * Updated soapcpp2 option `-j` to call `destroy()` in destructor to deallocate managed heap data. * Updated call to OpenSSL `ERR_remove_state` (deprecated) by `ERR_remove_thread_state`. * Fixed a bug in HTTP cookie handling by the engine. HTTP cookies are disabled by default, but enabled with the `-DWITH_COOKIES` compile-time flag or when using the C/C++ `libgsoapck`/`libgsoapck++` and `libgsoapssl`/`libgsoapssl++` libraries. Update to new upstream release 2.8.74: * Fixed an issue with MIME/MTOM attachment sending when the HTTP-digest plugin is used or when compression is enabled, returning incorrect `SOAP_EOM` error (i.e. not caused by out-of-memory). The problem had been introduced in 2.8.70. Update to new upstream release 2.8.73 * Improved `soap_ssl_accept()` timeout settings to improve the performance of gSOAP stand-alone HTTPS servers. * Renamed `soap_get_http_body()` to `soap_http_get_body()` to avoid name clashes with soapcpp2-generated `soap_get_T` functions. * Renamed `soap_get_form()` to `soap_http_get_form()` to avoid name clashes with soapcpp2-generated `soap_get_T` functions. * Renamed `soap_get_mime_attachment()` to `soap_recv_mime_attachment()` to avoid name clashes with soapcpp2-generated `soap_get_T` functions. * Renamed `soap_get_stats()` to `soap_http_get_stats()` of the httpget plugin to avoid name clashes with soapcpp2-generated `soap_get_T` functions. * Renamed `soap_get_logging_stats()` to `soap_logging_stats()` of the logging plugin to avoid name clashes with soapcpp2-generated `soap_get_T` functions. * Moved `soap_http_get_form()`, `soap_query()`, `soap_query_key()`, and `soap_query_val()` functions from the httpget and httpform plugin APIs to the stdsoap2.c[pp] library API. No project rebuilds should be necessary when using these plugins with this upgrade. Update to new upstream release 2.8.72 * Improved the HTTP GET `http_get` and HTTP POST `http_post` plugins, handling of a HTTP POST request that has an empty body is now supported. * Updated user guide, corrected `soap_rand_uuid` description: string returned is stored in a temporary buffer, not stored in managed memory. * Fixed spurious constant initialization problem for `enum` types in soapcpp2-generated code, the problem was introduced with soapcpp2 2.8.71 C/C++ grammar expansion. * Fixed a CURL plugin issue that prevented PUT and DELETE methods to work properly. Update to new upstream release 2.8.71 * Added TLSv1.3 support with OpenSSL 1.1.1. * Added HTTP PATCH support. * Updated SSL/TLS options for `soap_ssl_client_context` and `soap_ssl_server_context` to allow combinations of `SOAP_TLSv1_0`, `SOAP_TLSv1_1`, `SOAP_TLSv1_2`, `SOAP_TLSv1_3` protocols (v1.3 only available with OpenSSL 1.1.1 and greater), a change from the single TLS protocol flag. * Fixed soapcpp2 code generation issue for single- and multi-dimensional fixed-size arrays. Update to new upstream release 2.8.70 * Updated `typemap.dat` for ONVIF and upgraded `wsdd10.h` (WS-Discovery 1.0 with WS-Addressing 2004/08) to `wsdd5.h` (WS-Discovery 1.0 with WS-Addressing 2005/08). * Fixed a deserialization issue with Qt `QString` used in a wrapper class (as `__item` member), when the wrapper class is used in a container, such as `std::vector`. Update to new upstream relesae 2.8.69 * Improved `xs:redefine` processing, fixing the remaining "circular group reference" warnings. * Improved XML sample message generation. Update to new upstream release 2.8.67 * Changed `typemap.dat` to disable `xsd__duration` custom serializer by default, meaning that `xsd__duration` is serialized as a string by default. * Fixed an issue where the 64-bit integer types `LONG64` and `ULONG64` and their serializers would be downcast to to 32-bit when compiling C code with newer GCC versions, due to `__STDC_VERSION__` no longer being defined by the compiler. This update was imported from the openSUSE:Leap:15.1:Update update project. gsoap-2.8.102-bp151.4.3.1.src.rpm gsoap-debuginfo-2.8.102-bp151.4.3.1.x86_64.rpm gsoap-debugsource-2.8.102-bp151.4.3.1.x86_64.rpm gsoap-devel-2.8.102-bp151.4.3.1.x86_64.rpm gsoap-devel-debuginfo-2.8.102-bp151.4.3.1.x86_64.rpm gsoap-doc-2.8.102-bp151.4.3.1.noarch.rpm libgsoap-2_8_102-2.8.102-bp151.4.3.1.x86_64.rpm libgsoap-2_8_102-debuginfo-2.8.102-bp151.4.3.1.x86_64.rpm kopano-10.0.5-bp151.4.3.1.src.rpm kopano-archiver-10.0.5-bp151.4.3.1.x86_64.rpm kopano-bash-completion-10.0.5-bp151.4.3.1.noarch.rpm kopano-client-10.0.5-bp151.4.3.1.x86_64.rpm kopano-common-10.0.5-bp151.4.3.1.x86_64.rpm kopano-dagent-10.0.5-bp151.4.3.1.x86_64.rpm kopano-devel-10.0.5-bp151.4.3.1.x86_64.rpm kopano-gateway-10.0.5-bp151.4.3.1.x86_64.rpm kopano-ical-10.0.5-bp151.4.3.1.x86_64.rpm kopano-indexer-10.0.5-bp151.4.3.1.x86_64.rpm kopano-lang-10.0.5-bp151.4.3.1.x86_64.rpm kopano-migration-imap-10.0.5-bp151.4.3.1.noarch.rpm kopano-monitor-10.0.5-bp151.4.3.1.x86_64.rpm kopano-server-10.0.5-bp151.4.3.1.x86_64.rpm kopano-spooler-10.0.5-bp151.4.3.1.x86_64.rpm kopano-statsd-10.0.5-bp151.4.3.1.x86_64.rpm libkcarchiver0-10.0.5-bp151.4.3.1.x86_64.rpm libkcfreebusy0-10.0.5-bp151.4.3.1.x86_64.rpm libkcicalmapi0-10.0.5-bp151.4.3.1.x86_64.rpm libkcindex0-10.0.5-bp151.4.3.1.x86_64.rpm libkcinetmapi0-10.0.5-bp151.4.3.1.x86_64.rpm libkcmapi0-10.0.5-bp151.4.3.1.x86_64.rpm libkcpyplug0-10.0.5-bp151.4.3.1.x86_64.rpm libkcserver0-10.0.5-bp151.4.3.1.x86_64.rpm libkcsoap0-10.0.5-bp151.4.3.1.x86_64.rpm libkcssl0-10.0.5-bp151.4.3.1.x86_64.rpm libkcsync0-10.0.5-bp151.4.3.1.x86_64.rpm libkcutil0-10.0.5-bp151.4.3.1.x86_64.rpm libmapi1-10.0.5-bp151.4.3.1.x86_64.rpm php-mapi-10.0.5-bp151.4.3.1.x86_64.rpm python3-mapi-10.0.5-bp151.4.3.1.x86_64.rpm libvmime-0.9.2.96-bp151.4.3.1.src.rpm libvmime-debugsource-0.9.2.96-bp151.4.3.1.x86_64.rpm libvmime-devel-0.9.2.96-bp151.4.3.1.x86_64.rpm libvmime-kopano3-0.9.2.96-bp151.4.3.1.x86_64.rpm libvmime-kopano3-debuginfo-0.9.2.96-bp151.4.3.1.x86_64.rpm gsoap-debuginfo-2.8.102-bp151.4.3.1.aarch64.rpm gsoap-debugsource-2.8.102-bp151.4.3.1.aarch64.rpm gsoap-devel-2.8.102-bp151.4.3.1.aarch64.rpm gsoap-devel-debuginfo-2.8.102-bp151.4.3.1.aarch64.rpm libgsoap-2_8_102-2.8.102-bp151.4.3.1.aarch64.rpm libgsoap-2_8_102-debuginfo-2.8.102-bp151.4.3.1.aarch64.rpm gsoap-debuginfo-2.8.102-bp151.4.3.1.ppc64le.rpm gsoap-debugsource-2.8.102-bp151.4.3.1.ppc64le.rpm gsoap-devel-2.8.102-bp151.4.3.1.ppc64le.rpm gsoap-devel-debuginfo-2.8.102-bp151.4.3.1.ppc64le.rpm libgsoap-2_8_102-2.8.102-bp151.4.3.1.ppc64le.rpm libgsoap-2_8_102-debuginfo-2.8.102-bp151.4.3.1.ppc64le.rpm gsoap-debuginfo-2.8.102-bp151.4.3.1.s390x.rpm gsoap-debugsource-2.8.102-bp151.4.3.1.s390x.rpm gsoap-devel-2.8.102-bp151.4.3.1.s390x.rpm gsoap-devel-debuginfo-2.8.102-bp151.4.3.1.s390x.rpm libgsoap-2_8_102-2.8.102-bp151.4.3.1.s390x.rpm libgsoap-2_8_102-debuginfo-2.8.102-bp151.4.3.1.s390x.rpm openSUSE-2020-896 moderate openSUSE Backports SLE-15-SP1 Update This update for festival fixes the following issues: - Fixed NULL dereference problem (EST_Item's method may be called even though "this" is NULL); it causes SIGSEGV in text2wave (boo#1173193). - Do not ignore errors from useradd/groupadd. This update was imported from the openSUSE:Leap:15.1:Update update project. festival-2.5.0-bp151.3.3.1.src.rpm festival-2.5.0-bp151.3.3.1.x86_64.rpm festival-devel-2.5.0-bp151.3.3.1.x86_64.rpm festival-2.5.0-bp151.3.3.1.aarch64.rpm festival-devel-2.5.0-bp151.3.3.1.aarch64.rpm festival-2.5.0-bp151.3.3.1.ppc64le.rpm festival-devel-2.5.0-bp151.3.3.1.ppc64le.rpm festival-2.5.0-bp151.3.3.1.s390x.rpm festival-devel-2.5.0-bp151.3.3.1.s390x.rpm openSUSE-2020-919 moderate openSUSE Backports SLE-15-SP1 Update This update for strawberry fixes the following issues: strawberry was updated to version 0.6.12: * Bugfixes: + Fixed height of about dialog. * Enhancements: + Only save settings for pages that actually has been changed. + Replaced use of deprecated Qt functionality as of 5.15. + Made scrobbler show error dialog for all errors when show error dialog option is on. + Dont append disc to album titles for Subsonic and Tidal. + Sort folders added from file view. + Changed default collection grouping to album - disc. This update was imported from the openSUSE:Leap:15.1:Update update project. strawberry-0.6.12-bp151.2.25.1.src.rpm strawberry-0.6.12-bp151.2.25.1.x86_64.rpm openSUSE-2020-902 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 83.0.4103.116 boo#1173251: * CVE-2020-6509: Use after free in extensions - Add patch to work with new ffmpeg (bsc#1173292) - Add multimedia fix for disabled location and also try one additional patch from Debian on the same issue boo#1173107 - Disable wayland integration on openSUSE Leap 15.x (boo#1173187 boo#1173188 boo#1173254) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-83.0.4103.116-bp151.3.91.1.x86_64.rpm chromium-83.0.4103.116-bp151.3.91.1.src.rpm chromium-83.0.4103.116-bp151.3.91.1.x86_64.rpm chromedriver-83.0.4103.116-bp151.3.91.1.aarch64.rpm chromium-83.0.4103.116-bp151.3.91.1.aarch64.rpm openSUSE-2020-923 low openSUSE Backports SLE-15-SP1 Update This update for python-scipy doesn't fix any user visible issues, but improves the package building process. This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-scipy_1_2_0-gnu-hpc-1.2.0-bp151.2.3.1.src.rpm python-scipy-1.2.0-bp151.2.3.1.src.rpm python2-scipy-1.2.0-bp151.2.3.1.x86_64.rpm python3-scipy-1.2.0-bp151.2.3.1.x86_64.rpm python2-scipy-1.2.0-bp151.2.3.1.aarch64.rpm python3-scipy-1.2.0-bp151.2.3.1.aarch64.rpm python2-scipy-gnu-hpc-1.2.0-bp151.2.3.1.ppc64le.rpm python2-scipy_1_2_0-gnu-hpc-1.2.0-bp151.2.3.1.ppc64le.rpm python3-scipy-gnu-hpc-1.2.0-bp151.2.3.1.ppc64le.rpm python3-scipy_1_2_0-gnu-hpc-1.2.0-bp151.2.3.1.ppc64le.rpm python2-scipy-1.2.0-bp151.2.3.1.ppc64le.rpm python3-scipy-1.2.0-bp151.2.3.1.ppc64le.rpm python2-scipy-1.2.0-bp151.2.3.1.s390x.rpm python3-scipy-1.2.0-bp151.2.3.1.s390x.rpm openSUSE-2020-1005 moderate openSUSE Backports SLE-15-SP1 Update This update for pdns-recursor fixes the following issues: - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication (boo#1173302). pdns-recursor-4.1.12-bp151.4.6.1.src.rpm pdns-recursor-4.1.12-bp151.4.6.1.x86_64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.6.1.x86_64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.6.1.x86_64.rpm pdns-recursor-4.1.12-bp151.4.6.1.aarch64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.6.1.aarch64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.6.1.aarch64.rpm pdns-recursor-4.1.12-bp151.4.6.1.ppc64le.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.6.1.ppc64le.rpm pdns-recursor-debugsource-4.1.12-bp151.4.6.1.ppc64le.rpm pdns-recursor-4.1.12-bp151.4.6.1.s390x.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.6.1.s390x.rpm pdns-recursor-debugsource-4.1.12-bp151.4.6.1.s390x.rpm openSUSE-2020-947 important openSUSE Backports SLE-15-SP1 Update This update for chocolate-doom to version 3.0.1 fixes the following issues: - CVE-2020-14983: Fixed a stack-based buffer overflow in the networking code (boo#1173595). This update was imported from the openSUSE:Leap:15.1:Update update project. chocolate-doom-3.0.1-bp151.4.3.1.src.rpm chocolate-doom-3.0.1-bp151.4.3.1.x86_64.rpm chocolate-doom-bash-completion-3.0.1-bp151.4.3.1.noarch.rpm chocolate-doom-3.0.1-bp151.4.3.1.aarch64.rpm chocolate-doom-3.0.1-bp151.4.3.1.ppc64le.rpm chocolate-doom-3.0.1-bp151.4.3.1.s390x.rpm openSUSE-2020-1475 moderate openSUSE Backports SLE-15-SP1 Update Otrs was updated to 5.0.42, fixing lots of bugs and security issues: https://community.otrs.com/otrs-community-edition-5s-patch-level-42/ - CVE-2020-1773 boo#1168029 OSA-2020-10: * Session / Password / Password token leak An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. - CVE-2020-1772 boo#1168029 OSA-2020-09: * Information Disclosure It’s possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. - CVE-2020-1771 boo#1168030 OSA-2020-08: * Possible XSS in Customer user address book Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. - CVE-2020-1770 boo#1168031 OSA-2020-07: * Information disclosure in support bundle files Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. - CVE-2020-1769 boo#1168032 OSA-2020-06: * Autocomplete in the form login screens In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. Update to 5.0.41 https://community.otrs.com/otrs-community-edition-5s-patch-level-41/ * bug#14912 - Installer refers to non-existing documentation - added code to upgrade OTRS from 4 to 5 READ UPGRADING.SUSE * steps 1 to 4 are done by rpm pkg * steps 5 to *END* need to be done manually cause of DB backup Update to 5.0.40 https://community.otrs.com/otrs-community-edition-5s-patch-level-40/ - CVE-2020-1766 boo#1160663 OSA-2020-02: Improper handling of uploaded inline images Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. * CVE-2020-1765, OSA-2020-01: Spoofing of From field in several screens An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound * run bin/otrs.Console.pl Maint::Config::Rebuild after the upgrade - Update 5.0.39 https://community.otrs.com/otrs-community-edition-5s-patch-level-39/ * CVE-2019-18180 boo#1157001 OSA-2019-15: Denial of service OTRS can be put into an endless loop by providing filenames with overly long extensions. This applies to the PostMaster (sending in email) and also upload (attaching files to mails, for example). * CVE-2019-18179 OSA-2019-14: Information Disclosure An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, which are in the queue where attacker doesn’t have permissions. Update to 5.0.38 https://community.otrs.com/release-notes-otrs-5s-patch-level-38/ * CVE-2019-16375, boo#1156431 OSA-2019-13: Stored XXS An attacker who is logged into OTRS as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent compose an answer to the original article. Update to 5.0.37 https://community.otrs.com/release-notes-otrs-5s-patch-level-37/ * CVE-2019-13458, boo#1141432, OSA-2019-12: Information Disclosure An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS tags in templates in order to disclose hashed user passwords. * CVE-2019-13457, boo#1141431, OSA-2019-11: Information Disclosure A customer user can use the search results to disclose information from their “company” tickets (with the same CustomerID), even when CustomerDisableCompanyTicketAccess setting is turned on. * CVE-2019-12746, boo#1141430, OSA-2019-10: Session ID Disclosure A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then potentially abused in order to impersonate the agent user. Update to 5.0.36 https://community.otrs.com/release-notes-otrs-5s-patch-level-36/ * CVE-2019-12497, boo#1137614, OSA-2019-09: Information Disclosure In the customer or external frontend, personal information of agents can be disclosed like Name and mail address in external notes. * CVE-2019-12248, boo#1137615, OSA-2019-08: Loading External Image Resources An attacker could send a malicious email to an OTRS system. If a logged in agent user quotes it, the email could cause the browser to load external image resources. Update to 5.0.35 https://community.otrs.com/release-notes-otrs-5s-patch-level-35/ * CVE-2019-10067, boo#1139406, OSA-2019-05: Reflected and Stored XSS An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS. * CVE-2019-9892, boo#1139406, OSA-2019-04: XXE Processing An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files of OTRS filesystem. - update missing CVE for OSA-2018-10, OSA-2019-01 Update to 5.0.34 * https://community.otrs.com/release-notes-otrs-5s-patch-level-34/ * CVE-2019-9752, boo#1122560, OSA-2019-01: Stored XSS An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. Update to 5.0.33 * https://community.otrs.com/release-notes-otrs-5s-patch-level-33/ Update to 5.0.26 * https://www.otrs.com/release-notes-otrs-5s-patch-level-26 * https://www.otrs.com/release-notes-otrsitsm-module-5s-patch-level-26/ - remove obsolete * otrs-scheduler.service * otrs-scheduler.init This update was imported from the openSUSE:Leap:15.1:Update update project. otrs-6.0.29-bp151.3.6.2.noarch.rpm otrs-6.0.29-bp151.3.6.2.src.rpm otrs-doc-6.0.29-bp151.3.6.2.noarch.rpm otrs-itsm-6.0.29-bp151.3.6.2.noarch.rpm openSUSE-2020-1556 moderate openSUSE Backports SLE-15-SP1 Update This update for pdns fixes the following issues: - Build with libmaxminddb instead of the obsolete GeoIP (boo#1156196) - CVE-2020-17482: Fixed an error that can result in leaking of uninitialised memory through crafted zone records (boo#1176535) - Backported compilation fix vs. latest Boost 1.74 (boo#1176312) pdns-4.1.8-bp151.3.9.2.src.rpm pdns-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-geoip-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-geoip-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-godbc-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-godbc-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-ldap-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-ldap-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-lua-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-lua-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-mydns-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-mydns-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-mysql-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-mysql-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-postgresql-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-postgresql-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-remote-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-remote-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.9.2.x86_64.rpm pdns-backend-sqlite3-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-debuginfo-4.1.8-bp151.3.9.2.x86_64.rpm pdns-debugsource-4.1.8-bp151.3.9.2.x86_64.rpm pdns-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-geoip-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-geoip-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-godbc-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-godbc-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-ldap-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-ldap-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-lua-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-lua-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-mydns-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-mydns-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-mysql-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-mysql-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-postgresql-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-postgresql-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-remote-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-remote-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-sqlite3-4.1.8-bp151.3.9.2.aarch64.rpm pdns-backend-sqlite3-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-debuginfo-4.1.8-bp151.3.9.2.aarch64.rpm pdns-debugsource-4.1.8-bp151.3.9.2.aarch64.rpm pdns-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-geoip-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-geoip-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-godbc-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-godbc-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-ldap-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-ldap-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-lua-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-lua-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-mydns-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-mydns-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-mysql-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-mysql-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-postgresql-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-postgresql-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-remote-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-remote-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-sqlite3-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-backend-sqlite3-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-debuginfo-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-debugsource-4.1.8-bp151.3.9.2.ppc64le.rpm pdns-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-geoip-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-geoip-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-godbc-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-godbc-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-ldap-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-ldap-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-lua-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-lua-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-mydns-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-mydns-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-mysql-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-mysql-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-postgresql-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-postgresql-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-remote-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-remote-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-sqlite3-4.1.8-bp151.3.9.2.s390x.rpm pdns-backend-sqlite3-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-debuginfo-4.1.8-bp151.3.9.2.s390x.rpm pdns-debugsource-4.1.8-bp151.3.9.2.s390x.rpm openSUSE-2020-1008 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: - Update to version 2.6.0: * https://keepassxc.org/blog/2020-07-07-2.6.0-released/ * https://github.com/keepassxreboot/keepassxc/releases/tag/2.6.0 keepassxc-2.6.0-bp151.3.15.1.src.rpm keepassxc-2.6.0-bp151.3.15.1.x86_64.rpm keepassxc-lang-2.6.0-bp151.3.15.1.noarch.rpm keepassxc-2.6.0-bp151.3.15.1.aarch64.rpm keepassxc-2.6.0-bp151.3.15.1.ppc64le.rpm keepassxc-2.6.0-bp151.3.15.1.s390x.rpm openSUSE-2020-963 moderate openSUSE Backports SLE-15-SP1 Update This update for mkdud fixes the following issues: - ensure DUD repos are removed at the end of the installation (boo#1173988) - add --sign-key-id option to allow specifying a gpg signing key by id - updated troubleshooting section in HOWTO - start moving doc to asciidoc; add proper man page - map Kubic to Tumbleweed - fix architecture auto-detection for elf binaries and libraries - Add bash completion - fix reading oscrc (gh#openSUSE/mkdud#19) - add HOWTO describing some typical uses - put 'module.config' files into module directory - look also at ~/.config/osc/oscrc for osc config mkdud-1.50-bp151.4.3.1.noarch.rpm mkdud-1.50-bp151.4.3.1.src.rpm openSUSE-2020-1000 moderate openSUSE Backports SLE-15-SP1 Update This update for armagetron fixes the following issues: Update to 0.2.8.3.5. No changelog. This update was imported from the openSUSE:Leap:15.1:Update update project. armagetron-0.2.8.3.5-bp151.4.3.1.src.rpm armagetron-0.2.8.3.5-bp151.4.3.1.x86_64.rpm armagetron-0.2.8.3.5-bp151.4.3.1.aarch64.rpm armagetron-0.2.8.3.5-bp151.4.3.1.ppc64le.rpm armagetron-0.2.8.3.5-bp151.4.3.1.s390x.rpm openSUSE-2020-1013 moderate openSUSE Backports SLE-15-SP1 Update This update for python-Cerberus fixes the following issues: - Update to version 1.3.2 * includes various features and improvements - please refer to the changelog for a detailed technical list of changes This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-Cerberus-1.3.2-bp151.2.1.src.rpm python2-Cerberus-1.3.2-bp151.2.1.noarch.rpm openSUSE-2020-1031 low openSUSE Backports SLE-15-SP1 Update This update for python-numpy fixes the following issues: - Fixes a file conflict with /usr/bin/f2py (bsc#1166678) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. python-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.9.1.src.rpm python-numpy-1.17.3-bp151.2.9.1.src.rpm python3-numpy-gnu-hpc-1.17.3-bp151.2.9.1.ppc64le.rpm python3-numpy-gnu-hpc-devel-1.17.3-bp151.2.9.1.ppc64le.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.9.1.ppc64le.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.9.1.ppc64le.rpm python3-numpy-gnu-hpc-1.17.3-bp151.2.9.1.s390x.rpm python3-numpy-gnu-hpc-devel-1.17.3-bp151.2.9.1.s390x.rpm python3-numpy_1_17_3-gnu-hpc-1.17.3-bp151.2.9.1.s390x.rpm python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-bp151.2.9.1.s390x.rpm openSUSE-2020-1439 moderate openSUSE Backports SLE-15-SP1 Update This update for mumble fixes the following issues: mumble was updated 1.3.2: * client: Fixed overlay not starting Update to upstream version 1.3.1 - Security * Fixed: Potential exploit in the OCB2 encryption (#4227) boo#1174041 - ICE * Fixed: Added missing UserKDFIterations field to UserInfo => Prevents getRegistration() from failing with enumerator out of range error (#3835) - GRPC * Fixed: Segmentation fault during murmur shutdown (#3938) - Client * Fixed: Crash when using multiple monitors (#3756) * Fixed: Don't send empty message from clipboard via shortcut, if clipboard is empty (#3864) * Fixed: Talking indicator being able to freeze to indicate talking when self-muted (#4006) * Fixed: High CPU usage for update-check if update server not available (#4019) * Fixed: DBus getCurrentUrl returning empty string when not in root-channel (#4029) * Fixed: Small parts of whispering leaking out (#4051) * Fixed: Last audio frame of normal talking is sent to last whisper target (#4050) * Fixed: LAN-icon not found in ConnectDialog (#4058) * Improved: Set maximal vertical size for User Volume Adjustment dialog (#3801) * Improved: Don't send empty data to PulseAudio (#3316) * Improved: Use the SRV resolved port for UDP connections (#3820) * Improved: Manual Plugin UI (#3919) * Improved: Don't start Jack server by default (#3990) * Improved: Overlay doesn't hook into all other processes by default (#4041) * Improved: Wait longer before disconnecting from a server due to unanswered Ping-messages (#4123) - Server * Fixed: Possibility to circumvent max user-count in channel (#3880) * Fixed: Rate-limit implementation susceptible to time-underflow (#4004) * Fixed: OpenSSL error 140E0197 with Qt >= 5.12.2 (#4032) * Fixed: VersionCheck for SQL for when to use the WAL feature (#4163) * Fixed: Wrong database encoding that could lead to server-crash (#4220) * Fixed: DB crash due to primary key violation (now performs "UPSERT" to avoid this) (#4105) * Improved: The fields in the Version ProtoBuf message are now size-restricted (#4101) - use the "profile profilename /path/to/binary" syntax to make "ps aufxZ" more readable This update was imported from the openSUSE:Leap:15.1:Update update project. mumble-1.3.2-bp151.6.12.2.src.rpm mumble-1.3.2-bp151.6.12.2.x86_64.rpm mumble-server-1.3.2-bp151.6.12.2.x86_64.rpm mumble-1.3.2-bp151.6.12.2.aarch64.rpm mumble-64bit-1.3.2-bp151.6.12.2.aarch64_ilp32.rpm mumble-server-1.3.2-bp151.6.12.2.aarch64.rpm mumble-1.3.2-bp151.6.12.2.ppc64le.rpm mumble-server-1.3.2-bp151.6.12.2.ppc64le.rpm mumble-1.3.2-bp151.6.12.2.s390x.rpm mumble-server-1.3.2-bp151.6.12.2.s390x.rpm openSUSE-2020-1687 important openSUSE Backports SLE-15-SP1 Update This update for pdns-recursor fixes the following issues: -pdns-recursorwas updated to 4.1.1 and 4.3.5: - CVE-2020-25829: Fixed a cache pollution related to DNSSEC validation (boo#1177383) - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication (boo#1173302). pdns-recursor-4.1.12-bp151.4.9.1.src.rpm pdns-recursor-4.1.12-bp151.4.9.1.x86_64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.9.1.x86_64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.9.1.x86_64.rpm pdns-recursor-4.1.12-bp151.4.9.1.aarch64.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.9.1.aarch64.rpm pdns-recursor-debugsource-4.1.12-bp151.4.9.1.aarch64.rpm pdns-recursor-4.1.12-bp151.4.9.1.ppc64le.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.9.1.ppc64le.rpm pdns-recursor-debugsource-4.1.12-bp151.4.9.1.ppc64le.rpm pdns-recursor-4.1.12-bp151.4.9.1.s390x.rpm pdns-recursor-debuginfo-4.1.12-bp151.4.9.1.s390x.rpm pdns-recursor-debugsource-4.1.12-bp151.4.9.1.s390x.rpm openSUSE-2020-1061 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 84.0.4147.89 boo#1174189: * Critical CVE-2020-6510: Heap buffer overflow in background fetch. * High CVE-2020-6511: Side-channel information leakage in content security policy. * High CVE-2020-6512: Type Confusion in V8. * High CVE-2020-6513: Heap buffer overflow in PDFium. * High CVE-2020-6514: Inappropriate implementation in WebRTC. * High CVE-2020-6515: Use after free in tab strip. * High CVE-2020-6516: Policy bypass in CORS. * High CVE-2020-6517: Heap buffer overflow in history. * Medium CVE-2020-6518: Use after free in developer tools. * Medium CVE-2020-6519: Policy bypass in CSP. * Medium CVE-2020-6520: Heap buffer overflow in Skia. * Medium CVE-2020-6521: Side-channel information leakage in autofill. * Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. * Medium CVE-2020-6523: Out of bounds write in Skia. * Medium CVE-2020-6524: Heap buffer overflow in WebAudio. * Medium CVE-2020-6525: Heap buffer overflow in Skia. * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. * Low CVE-2020-6527: Insufficient policy enforcement in CSP. * Low CVE-2020-6528: Incorrect security UI in basic auth. * Low CVE-2020-6529: Inappropriate implementation in WebRTC. * Low CVE-2020-6530: Out of bounds memory access in developer tools. * Low CVE-2020-6531: Side-channel information leakage in scroll to text. * Low CVE-2020-6533: Type Confusion in V8. * Low CVE-2020-6534: Heap buffer overflow in WebRTC. * Low CVE-2020-6535: Insufficient data validation in WebUI. * Low CVE-2020-6536: Incorrect security UI in PWAs. - Use bundled xcb-proto as we need to generate py2 bindings - Try to fix non-wayland build for Leap builds This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-84.0.4147.89-bp151.3.94.1.x86_64.rpm chromium-84.0.4147.89-bp151.3.94.1.src.rpm chromium-84.0.4147.89-bp151.3.94.1.x86_64.rpm chromedriver-84.0.4147.89-bp151.3.94.1.aarch64.rpm chromium-84.0.4147.89-bp151.3.94.1.aarch64.rpm openSUSE-2020-1106 moderate openSUSE Backports SLE-15-SP1 Update This update for cacti, cacti-spine fixes the following issues: - cacti 1.2.13: * Query XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023) * Lack of escaping on some pages can lead to XSS exposure * Update PHPMailer to 6.1.6 (CVE-2020-13625) * SQL Injection vulnerability due to input validation failure when editing colors (CVE-2020-14295, boo#1173090) * Lack of escaping on template import can lead to XSS exposure - switch from cron to systemd timers (boo#1115436): + cacti-cron.timer + cacti-cron.service - avoid potential root escalation on systems with fs.protected_hardlinks=0 (boo#1154087): handle directory permissions in file section instead of using chown during post installation - rewrote apache configuration to get rid of .htaccess files and explicitely disable directory permissions per default (only allow a limited, well-known set of directories) This update was imported from the openSUSE:Leap:15.1:Update update project. cacti-spine-1.2.13-bp151.4.12.1.src.rpm cacti-spine-1.2.13-bp151.4.12.1.x86_64.rpm cacti-spine-debuginfo-1.2.13-bp151.4.12.1.x86_64.rpm cacti-spine-debugsource-1.2.13-bp151.4.12.1.x86_64.rpm cacti-1.2.13-bp151.4.12.1.noarch.rpm cacti-1.2.13-bp151.4.12.1.src.rpm cacti-spine-1.2.13-bp151.4.12.1.aarch64.rpm cacti-spine-debuginfo-1.2.13-bp151.4.12.1.aarch64.rpm cacti-spine-debugsource-1.2.13-bp151.4.12.1.aarch64.rpm cacti-spine-1.2.13-bp151.4.12.1.ppc64le.rpm cacti-spine-debuginfo-1.2.13-bp151.4.12.1.ppc64le.rpm cacti-spine-debugsource-1.2.13-bp151.4.12.1.ppc64le.rpm cacti-spine-1.2.13-bp151.4.12.1.s390x.rpm cacti-spine-debuginfo-1.2.13-bp151.4.12.1.s390x.rpm cacti-spine-debugsource-1.2.13-bp151.4.12.1.s390x.rpm openSUSE-2020-1107 moderate openSUSE Backports SLE-15-SP1 Update This update for putty fixes the following issues: putty was updated to release 0.74: * security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent. (boo#1173442) * Added a new configuration option to mitigate a minor information leak in SSH host key policy. This update was imported from the openSUSE:Leap:15.1:Update update project. putty-0.74-bp151.4.9.1.src.rpm putty-0.74-bp151.4.9.1.x86_64.rpm putty-0.74-bp151.4.9.1.aarch64.rpm putty-0.74-bp151.4.9.1.ppc64le.rpm putty-0.74-bp151.4.9.1.s390x.rpm openSUSE-2020-1186 low openSUSE Backports SLE-15-SP1 Update This update for go1.9 fixes the following issues: - Fix for an issue when installing on Raspberry Pi causes illegal instruction due to unproper ARM arch set. (bsc#1169832) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. go1.9-1.9.7-bp151.2.6.1.src.rpm go1.9-1.9.7-bp151.2.6.1.x86_64.rpm go1.9-doc-1.9.7-bp151.2.6.1.x86_64.rpm go1.9-race-1.9.7-bp151.2.6.1.x86_64.rpm openSUSE-2020-1112 moderate openSUSE Backports SLE-15-SP1 Update This update for knot fixes the following issues: - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication (boo#1047841). This update was imported from the openSUSE:Leap:15.1:Update update project. knot-1.6.8-bp151.4.3.1.src.rpm knot-1.6.8-bp151.4.3.1.x86_64.rpm knot-1.6.8-bp151.4.3.1.aarch64.rpm knot-1.6.8-bp151.4.3.1.ppc64le.rpm knot-1.6.8-bp151.4.3.1.s390x.rpm openSUSE-2020-1269 moderate openSUSE Backports SLE-15-SP1 Update This update for claws-mail fixes the following issues: - CVE-2020-15917: Fixed an improper handling of suffix data after STARTTLS is mishandled (boo#1174457). This update was imported from the openSUSE:Leap:15.1:Update update project. claws-mail-3.17.3-bp151.3.3.1.src.rpm claws-mail-3.17.3-bp151.3.3.1.x86_64.rpm claws-mail-devel-3.17.3-bp151.3.3.1.x86_64.rpm claws-mail-lang-3.17.3-bp151.3.3.1.noarch.rpm openSUSE-2020-1187 low openSUSE Backports SLE-15-SP1 Update This update for go1.10 fixes the following issues: - Fix for an issue when installing on Raspberry Pi causes illegal instruction due to unproper ARM arch set. (bsc#1169832) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. go1.10-1.10.8-bp151.2.6.1.src.rpm go1.10-1.10.8-bp151.2.6.1.x86_64.rpm go1.10-doc-1.10.8-bp151.2.6.1.x86_64.rpm go1.10-race-1.10.8-bp151.2.6.1.x86_64.rpm openSUSE-2020-1604 moderate openSUSE Backports SLE-15-SP1 Update This update for zabbix fixes the following issues: Updated to version 3.0.31. + CVE-2020-15803: Fixed an XSS in the URL Widget (boo#1174253). zabbix-3.0.31-bp151.4.6.1.src.rpm zabbix-agent-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-bash-completion-3.0.31-bp151.4.6.1.noarch.rpm zabbix-java-gateway-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-phpfrontend-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-proxy-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-proxy-mysql-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-proxy-postgresql-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-proxy-sqlite-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-server-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-server-mysql-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-server-postgresql-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-server-sqlite-3.0.31-bp151.4.6.1.x86_64.rpm zabbix-agent-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-java-gateway-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-phpfrontend-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-proxy-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-proxy-mysql-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-proxy-postgresql-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-proxy-sqlite-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-server-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-server-mysql-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-server-postgresql-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-server-sqlite-3.0.31-bp151.4.6.1.aarch64.rpm zabbix-agent-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-java-gateway-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-phpfrontend-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-proxy-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-proxy-mysql-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-proxy-postgresql-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-proxy-sqlite-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-server-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-server-mysql-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-server-postgresql-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-server-sqlite-3.0.31-bp151.4.6.1.ppc64le.rpm zabbix-agent-3.0.31-bp151.4.6.1.s390x.rpm zabbix-java-gateway-3.0.31-bp151.4.6.1.s390x.rpm zabbix-phpfrontend-3.0.31-bp151.4.6.1.s390x.rpm zabbix-proxy-3.0.31-bp151.4.6.1.s390x.rpm zabbix-proxy-mysql-3.0.31-bp151.4.6.1.s390x.rpm zabbix-proxy-postgresql-3.0.31-bp151.4.6.1.s390x.rpm zabbix-proxy-sqlite-3.0.31-bp151.4.6.1.s390x.rpm zabbix-server-3.0.31-bp151.4.6.1.s390x.rpm zabbix-server-mysql-3.0.31-bp151.4.6.1.s390x.rpm zabbix-server-postgresql-3.0.31-bp151.4.6.1.s390x.rpm zabbix-server-sqlite-3.0.31-bp151.4.6.1.s390x.rpm openSUSE-2020-1161 low openSUSE Backports SLE-15-SP1 Update Chromium was updated to 84.0.4147.105 (boo#1174582): * CVE-2020-6537: Type Confusion in V8 * CVE-2020-6538: Inappropriate implementation in WebView * CVE-2020-6532: Use after free in SCTP * CVE-2020-6539: Use after free in CSS * CVE-2020-6540: Heap buffer overflow in Skia * CVE-2020-6541: Use after free in WebUSB This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-84.0.4147.105-bp151.3.97.1.x86_64.rpm chromium-84.0.4147.105-bp151.3.97.1.src.rpm chromium-84.0.4147.105-bp151.3.97.1.x86_64.rpm chromedriver-84.0.4147.105-bp151.3.97.1.aarch64.rpm chromium-84.0.4147.105-bp151.3.97.1.aarch64.rpm openSUSE-2020-1183 moderate openSUSE Backports SLE-15-SP1 Update This update for ark fixes the following issues: - Fixed a directory traversal bug (boo#1174773, CVE-2020-16116). ark-18.12.3-bp151.3.3.1.src.rpm ark-18.12.3-bp151.3.3.1.x86_64.rpm ark-lang-18.12.3-bp151.3.3.1.noarch.rpm libkerfuffle18-18.12.3-bp151.3.3.1.x86_64.rpm ark-18.12.3-bp151.3.3.1.aarch64.rpm libkerfuffle18-18.12.3-bp151.3.3.1.aarch64.rpm ark-18.12.3-bp151.3.3.1.ppc64le.rpm libkerfuffle18-18.12.3-bp151.3.3.1.ppc64le.rpm ark-18.12.3-bp151.3.3.1.s390x.rpm libkerfuffle18-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-1176 moderate openSUSE Backports SLE-15-SP1 Update This update for ocfs2-tools fixes the following issue: - Fix debugfs.ocfs2 error on devices with sector size 4096 (bsc#1170530) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. ocfs2-tools-1.8.5-bp151.2.3.1.src.rpm ocfs2-tools-1.8.5-bp151.2.3.1.x86_64.rpm ocfs2-tools-devel-1.8.5-bp151.2.3.1.x86_64.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.3.1.x86_64.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.3.1.x86_64.rpm ocfs2-tools-1.8.5-bp151.2.3.1.aarch64.rpm ocfs2-tools-devel-1.8.5-bp151.2.3.1.aarch64.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.3.1.aarch64.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.3.1.aarch64.rpm ocfs2-tools-1.8.5-bp151.2.3.1.ppc64le.rpm ocfs2-tools-devel-1.8.5-bp151.2.3.1.ppc64le.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.3.1.ppc64le.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.3.1.ppc64le.rpm ocfs2-tools-1.8.5-bp151.2.3.1.s390x.rpm ocfs2-tools-devel-1.8.5-bp151.2.3.1.s390x.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.3.1.s390x.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.3.1.s390x.rpm openSUSE-2020-1180 moderate openSUSE Backports SLE-15-SP1 Update This update for cacti, cacti-spine fixes the following issues: Updated to version 1.2.14 - Fixed an XSS vulnerability due to improper escaping of error message during template import preview (boo#1174850). This update was imported from the openSUSE:Leap:15.1:Update update project. cacti-spine-1.2.14-bp151.4.15.1.src.rpm cacti-spine-1.2.14-bp151.4.15.1.x86_64.rpm cacti-1.2.14-bp151.4.15.1.noarch.rpm cacti-1.2.14-bp151.4.15.1.src.rpm cacti-spine-1.2.14-bp151.4.15.1.aarch64.rpm cacti-spine-1.2.14-bp151.4.15.1.ppc64le.rpm cacti-spine-1.2.14-bp151.4.15.1.s390x.rpm openSUSE-2020-1476 moderate openSUSE Backports SLE-15-SP1 Update This update for monitoring-plugins-zypper fixes the following issues: Update to 1.98.6 (fixes boo#1173872) - Beside other, small updates, this release includes first support for the rolling release named openSUSE Tumbleweed. Per default, a Tumbleweed installation which is older than 30 days will trigger a warning state - and an installation older than 60 days will trigger a critical state. You can fine tune this behavior with the new command line options --tw_outdated_warn and --tw_outdated_crit. Other changes: * use proper Copyright * use Perl modules: POSIX and Time::Local * die, if release-file could not be opened * get rid of get_distribution_from_os_release() function: use get_distribution() for all cases * new test_tumbleweed() and check_returncode() functions (internal) * trim quotation marks in trim() function * added some os-release files for testing Update to 1.98.5 * Adjust support status of SLE, Leap and Tumbleweed releases update to 1.98 + openSUSE 15.0 is running out of service end of November 2019 + add Tumbleweed 2020 into the game update supported_releases: - add openSUSE Leap 15.2 - drop openSUSE Leap 42.3 - add SLE 12-SP5, SLE 15-SP2 - drop SLE 12-SP3 Update AppArmor profile: - adjust paths for usrMerge (related to boo#1132350) - change {,usr/} alternations to {usr/,} which is the prefered syntax - adapt apparmor profile for bash move to /usr - add suggested changes in sudoers file (boo#1103590) - cleanup the help output of the plugin - as newer zypper versions always require root rights to refresh the repositories, add a working sudoers file right from the beginning that allows to execute the needed zypper commands Update to 1.96: + SLE-12-SP2 is deprecated + add SLE-15-SP1 and SLE-12-SP4 as supported monitoring-plugins-zypper-1.98.6-bp151.3.3.1.noarch.rpm monitoring-plugins-zypper-1.98.6-bp151.3.3.1.src.rpm openSUSE-2020-1214 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Chromium updated to 84.0.4147.125 (boo#1175085) * CVE-2020-6542: Use after free in ANGLE * CVE-2020-6543: Use after free in task scheduling * CVE-2020-6544: Use after free in media * CVE-2020-6545: Use after free in audio * CVE-2020-6546: Inappropriate implementation in installer * CVE-2020-6547: Incorrect security UI in media * CVE-2020-6548: Heap buffer overflow in Skia * CVE-2020-6549: Use after free in media * CVE-2020-6550: Use after free in IndexedDB * CVE-2020-6551: Use after free in WebXR * CVE-2020-6552: Use after free in Blink * CVE-2020-6553: Use after free in offline mode * CVE-2020-6554: Use after free in extensions * CVE-2020-6555: Out of bounds read in WebGL * Various fixes from internal audits, fuzzing and other initiatives - Disable wayland everywhere as it breaks headless and middle mouse copy everywhere: boo#1174497 boo#1175044 This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-84.0.4147.125-bp151.3.100.1.x86_64.rpm chromium-84.0.4147.125-bp151.3.100.1.src.rpm chromium-84.0.4147.125-bp151.3.100.1.x86_64.rpm chromedriver-84.0.4147.125-bp151.3.100.1.aarch64.rpm chromium-84.0.4147.125-bp151.3.100.1.aarch64.rpm openSUSE-2020-1230 moderate openSUSE Backports SLE-15-SP1 Update This update for balsa fixes the following issues: - CVE-2020-16118: Fixed a NULL pointer dereference (boo#1174711). This update was imported from the openSUSE:Leap:15.1:Update update project. balsa-2.5.5-bp151.4.3.1.src.rpm balsa-2.5.5-bp151.4.3.1.x86_64.rpm balsa-lang-2.5.5-bp151.4.3.1.noarch.rpm balsa-2.5.5-bp151.4.3.1.aarch64.rpm balsa-2.5.5-bp151.4.3.1.ppc64le.rpm balsa-2.5.5-bp151.4.3.1.s390x.rpm openSUSE-2020-1231 moderate openSUSE Backports SLE-15-SP1 Update This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem (boo#1173521). - CVE-2020-15397: Sourcing of files into binaries from user writeable directories (boo#1173519). Non-security issues fixed: * add UseSSLFax feature in sendfax, sendfax.conf, hyla.conf, and JobControl (31 Jul 2020) * be more resilient in listening for the Phase C carrier (30 Jul 2020) * make sure to return to command mode if HDLC receive times out (29 Jul 2020) * make faxmail ignore boundaries on parts other than multiparts (29 Jul 2020) * don't attempt to write zero bytes of data to a TIFF (29 Jul 2020) * don't ever respond to CRP with CRP (28 Jul 2020) * reset frame counter when a sender retransmits PPS for a previously confirmed ECM block (26 Jul 2020) * scrutinize PPM before concluding that the sender missed our MCF (23 Jul 2020) * fix modem recovery after SSL Fax failure (22, 26 Jul 2020) * ignore echo of PPR, RTN, CRP (10, 13, 21 Jul 2020) * attempt to handle NSF/CSI/DIS in Class 1 sending Phase D (6 Jul 2020) * run scripts directly rather than invoking them via a shell for security hardening (3-5 Jul 2020) * add senderFumblesECM feature (3 Jul 2020) * add support for PIN/PIP/PRI-Q/PPS-PRI-Q signals, add senderConfusesPIN feature, and utilize PIN for rare conditions where it may be helpful (2, 6, 13-14 Jul 2020) * add senderConfusesRTN feature (25-26 Jun 2020) * add MissedPageHandling feature (24 Jun 2020) * use and handle CFR in Phase D to retransmit Phase C (16, 23 Jun 2020) * cope with hearing echo of RR, CTC during Class 1 sending (15-17 Jun 2020) * fix listening for retransmission of MPS/EOP/EOM if it was received corrupt on the first attempt (15 Jun 2020) * don't use CRP when receiving PPS/PPM as some senders think we are sending MCF (12 Jun 2020) * add BR_SSLFAX to show SSL Fax in notify and faxinfo output (1 Jun 2020) * have faxinfo put units on non-standard page dimensions (28 May 2020) * improve error messages for JobHost connection errors (22 May 2020) * fix perpetual blocking of jobs when a job preparation fails, attempt to fix similar blocking problems for bad jobs in batches, and add "unblock" faxconfig feature (21 May 2020) * ignore TCF if we're receiving an SSL Fax (31 Jan 2020) * fixes for build on FreeBSD 12.1 (31 Jan - 3 Feb 2020) This update was imported from the openSUSE:Leap:15.1:Update update project. hylafax+-7.0.3-bp151.6.4.1.src.rpm hylafax+-7.0.3-bp151.6.4.1.x86_64.rpm hylafax+-client-7.0.3-bp151.6.4.1.x86_64.rpm libfaxutil7_0_3-7.0.3-bp151.6.4.1.x86_64.rpm hylafax+-7.0.3-bp151.6.4.1.aarch64.rpm hylafax+-client-7.0.3-bp151.6.4.1.aarch64.rpm libfaxutil7_0_3-7.0.3-bp151.6.4.1.aarch64.rpm hylafax+-7.0.3-bp151.6.4.1.ppc64le.rpm hylafax+-client-7.0.3-bp151.6.4.1.ppc64le.rpm libfaxutil7_0_3-7.0.3-bp151.6.4.1.ppc64le.rpm hylafax+-7.0.3-bp151.6.4.1.s390x.rpm hylafax+-client-7.0.3-bp151.6.4.1.s390x.rpm libfaxutil7_0_3-7.0.3-bp151.6.4.1.s390x.rpm openSUSE-2020-1477 moderate openSUSE Backports SLE-15-SP1 Update This update for ffnvcodec fixes the following issues: Update to 10.0.26.0: * Update headers from Video SDK 10.0 Update to version 9.1.23.1: * Add primary context management functions Update to version 9.1.23.0 * Add cuCtxGetDevice * Use pointer-to-struct typedefs for pointer-to-struct types * Update headers from Video SDK 9.1 release Update to version 9.0.18.1 * Fix CUdeviceptr definition for 64bit CPU Changes from version 9.0.18.0 * Initial release for SDK 9.0 ffnvcodec-10.0.26.0-bp151.2.3.1.src.rpm ffnvcodec-devel-10.0.26.0-bp151.2.3.1.x86_64.rpm ffnvcodec-devel-10.0.26.0-bp151.2.3.1.aarch64.rpm ffnvcodec-devel-10.0.26.0-bp151.2.3.1.ppc64le.rpm ffnvcodec-devel-10.0.26.0-bp151.2.3.1.s390x.rpm openSUSE-2020-1255 moderate openSUSE Backports SLE-15-SP1 Update This update for rt-tests fixes the following issues: Update to version 1.6 (jsc#SLE-12981) * New feature to get a snapshot of a running instance of cyclictest without stopping it by sending SIGUSR2 to the PID and reading a shared memory segment. This is especially useful if running cyclictest over a long period of time * Add SPDX tags V3 * New programs to the rt-tests suite - queuelat: simulates a network queue checking for latency violations in packet processing. - cyclicdeadline: used to test the deadline scheduler (SCHED_DEADLINE) - deadline_test: tests the deadline scheduler in a cyclictest manner - ssdd: a tracer to do a bunch of PTRACE_SINGLESTEPs This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. rt-tests-1.6-bp151.2.3.1.src.rpm rt-tests-1.6-bp151.2.3.1.x86_64.rpm openSUSE-2020-1478 important openSUSE Backports SLE-15-SP1 Update This update for fossil fixes the following issues: - fossil 2.12.1: * CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code [boo#1175760] * Security fix in the "fossil git export" command. New "safety-net" features were added to prevent similar problems in the future. * Enhancements to the graph display for cases when there are many cherry-pick merges into a single check-in. Example * Enhance the fossil open command with the new --workdir option and the ability to accept a URL as the repository name, causing the remote repository to be cloned automatically. Do not allow "fossil open" to open in a non-empty working directory unless the --keep option or the new --force option is used. * Enhance the markdown formatter to more closely follow the CommonMark specification with regard to text highlighting. Underscores in the middle of identifiers (ex: fossil_printf()) no longer need to be escaped. * The markdown-to-html translator can prevent unsafe HTML (for example: <script>) on user-contributed pages like forum and tickets and wiki. The admin can adjust this behavior using the safe-html setting on the Admin/Wiki page. The default is to disallow unsafe HTML everywhere. * Added the "collapse" and "expand" capability for long forum posts. * The "fossil remote" command now has options for specifying multiple persistent remotes with symbolic names. Currently only one remote can be used at a time, but that might change in the future. * Add the "Remember me?" checkbox on the login page. Use a session cookie for the login if it is not checked. * Added the experimental "fossil hook" command for managing "hook scripts" that run before checkin or after a push. * Enhance the fossil revert command so that it is able to revert all files beneath a directory. * Add the fossil bisect skip command. * Add the fossil backup command. * Enhance fossil bisect ui so that it shows all unchecked check-ins in between the innermost "good" and "bad" check-ins. * Added the --reset flag to the "fossil add", "fossil rm", and "fossil addremove" commands. * Added the "--min N" and "--logfile FILENAME" flags to the backoffice command, as well as other enhancements to make the backoffice command a viable replacement for automatic backoffice. Other incremental backoffice improvements. * Added the /fileedit page, which allows editing of text files online. Requires explicit activation by a setup user. * Translate built-in help text into HTML for display on web pages. * On the /timeline webpage, the combination of query parameters "p=CHECKIN" and "bt=ANCESTOR" draws all ancestors of CHECKIN going back to ANCESTOR. * Update the built-in SQLite so that the "fossil sql" command supports new output modes ".mode box" and ".mode json". * Add the "obscure()" SQL function to the "fossil sql" command. * Added virtual tables "helptext" and "builtin" to the "fossil sql" command, providing access to the dispatch table including all help text, and the builtin data files, respectively. * Delta compression is now applied to forum edits. * The wiki editor has been modernized and is now Ajax-based. - Package the fossil.1 manual page. - fossil 2.11.1: * Make the "fossil git export" command more restrictive about characters that it allows in the tag names - Add fossil-2.11-reproducible.patch to override build date (boo#1047218) fossil-2.12.1-bp151.4.6.1.src.rpm fossil-2.12.1-bp151.4.6.1.x86_64.rpm fossil-2.12.1-bp151.4.6.1.aarch64.rpm fossil-2.12.1-bp151.4.6.1.ppc64le.rpm fossil-2.12.1-bp151.4.6.1.s390x.rpm openSUSE-2020-1385 moderate openSUSE Backports SLE-15-SP1 Update This update for gettext-runtime fixes the following issues: - Fix boo941629-unnessary-rpath-on-standard-path.patch (bsc#941629) - Added msgfmt-double-free.patch to fix a double free error (CVE-2018-18751 bsc#1113719) - Add patch msgfmt-reset-msg-length-after-remove.patch which does reset the length of message string after a line has been removed (bsc#1106843) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. gettext-csharp-0.19.8.1-bp151.2.1.src.rpm gettext-csharp-0.19.8.1-bp151.2.1.x86_64.rpm gettext-csharp-0.19.8.1-bp151.2.1.aarch64.rpm gettext-csharp-0.19.8.1-bp151.2.1.ppc64le.rpm openSUSE-2020-1304 moderate openSUSE Backports SLE-15-SP1 Update This update for inn fixes the following issues: - change file owners in /usr/lib/news to root [boo#1172573] [CVE-2020-8026] This update was imported from the openSUSE:Leap:15.1:Update update project. inn-2.5.4-bp151.4.6.1.src.rpm inn-2.5.4-bp151.4.6.1.x86_64.rpm inn-devel-2.5.4-bp151.4.6.1.x86_64.rpm mininews-2.5.4-bp151.4.6.1.x86_64.rpm inn-2.5.4-bp151.4.6.1.aarch64.rpm inn-devel-2.5.4-bp151.4.6.1.aarch64.rpm mininews-2.5.4-bp151.4.6.1.aarch64.rpm inn-2.5.4-bp151.4.6.1.ppc64le.rpm inn-devel-2.5.4-bp151.4.6.1.ppc64le.rpm mininews-2.5.4-bp151.4.6.1.ppc64le.rpm inn-2.5.4-bp151.4.6.1.s390x.rpm inn-devel-2.5.4-bp151.4.6.1.s390x.rpm mininews-2.5.4-bp151.4.6.1.s390x.rpm openSUSE-2020-1310 moderate openSUSE Backports SLE-15-SP1 Update This update for ark fixes the following issues: - CVE-2020-24654: maliciously crafted TAR archive can install files outside the extraction directory (boo#1175857) ark-18.12.3-bp151.3.6.1.src.rpm ark-18.12.3-bp151.3.6.1.x86_64.rpm ark-lang-18.12.3-bp151.3.6.1.noarch.rpm libkerfuffle18-18.12.3-bp151.3.6.1.x86_64.rpm ark-18.12.3-bp151.3.6.1.aarch64.rpm libkerfuffle18-18.12.3-bp151.3.6.1.aarch64.rpm ark-18.12.3-bp151.3.6.1.ppc64le.rpm libkerfuffle18-18.12.3-bp151.3.6.1.ppc64le.rpm ark-18.12.3-bp151.3.6.1.s390x.rpm libkerfuffle18-18.12.3-bp151.3.6.1.s390x.rpm openSUSE-2020-1480 moderate openSUSE Backports SLE-15-SP1 Update This update for editorconfig-core-c fixes the following issues: - Fixed crash when parsing certain files (boo#1175824): editorconfig-0.12.1-bp151.4.3.1.x86_64.rpm editorconfig-core-c-0.12.1-bp151.4.3.1.src.rpm libeditorconfig-devel-0.12.1-bp151.4.3.1.x86_64.rpm libeditorconfig0-0.12.1-bp151.4.3.1.x86_64.rpm editorconfig-0.12.1-bp151.4.3.1.aarch64.rpm libeditorconfig-devel-0.12.1-bp151.4.3.1.aarch64.rpm libeditorconfig-devel-64bit-0.12.1-bp151.4.3.1.aarch64_ilp32.rpm libeditorconfig0-0.12.1-bp151.4.3.1.aarch64.rpm libeditorconfig0-64bit-0.12.1-bp151.4.3.1.aarch64_ilp32.rpm editorconfig-0.12.1-bp151.4.3.1.ppc64le.rpm libeditorconfig-devel-0.12.1-bp151.4.3.1.ppc64le.rpm libeditorconfig0-0.12.1-bp151.4.3.1.ppc64le.rpm editorconfig-0.12.1-bp151.4.3.1.s390x.rpm libeditorconfig-devel-0.12.1-bp151.4.3.1.s390x.rpm libeditorconfig0-0.12.1-bp151.4.3.1.s390x.rpm openSUSE-2020-1328 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill - CVE-2020-6561: Inappropriate implementation in Content Security Policy - CVE-2020-6562: Insufficient policy enforcement in Blink - CVE-2020-6563: Insufficient policy enforcement in intent handling. - CVE-2020-6564: Incorrect security UI in permissions - CVE-2020-6565: Incorrect security UI in Omnibox. - CVE-2020-6566: Insufficient policy enforcement in media. - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. - CVE-2020-6568: Insufficient policy enforcement in intent handling. - CVE-2020-6569: Integer overflow in WebUSB. - CVE-2020-6570: Side-channel information leakage in WebRTC. - CVE-2020-6571: Incorrect security UI in Omnibox. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-85.0.4183.69-bp151.3.104.1.x86_64.rpm chromium-85.0.4183.69-bp151.3.104.1.src.rpm chromium-85.0.4183.69-bp151.3.104.1.x86_64.rpm chromedriver-85.0.4183.69-bp151.3.104.1.aarch64.rpm chromium-85.0.4183.69-bp151.3.104.1.aarch64.rpm openSUSE-2020-1437 moderate openSUSE Backports SLE-15-SP1 Update This update for netcdf fixes the following issues: - Make environment module name conform standards: NetCDF modules should be called 'netcdf' - regardless whether they are 'serial' or use MPI. (bsc#1174291) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.x86_64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.x86_64.rpm netcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.3.1.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.3.1.x86_64.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.aarch64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.3.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.3.1.aarch64.rpm libnetcdf-gnu-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf-gnu-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-hpc-devel-data-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf-gnu-mpich-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf-gnu-mpich-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-mpich-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.3.1.noarch.rpm netcdf-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.3.1.noarch.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.3.1.src.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.3.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-static-4.6.1-bp151.5.3.1.ppc64le.rpm openSUSE-2020-1394 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: keepassxc was updated to version 2.6.1: - Add menu entries for auto-typing only username or only password [#4891] - Browser: Add command for retrieving current TOTP [#5278] - Improve man pages [#5010] - Linux: Support Xfce screen lock signals [#4971] - Linux: Add OARS metadata to AppStream markup [#5031] - SSH Agent: Substitute tilde with %USERPROFILE% on Windows [#5116] - Improve password generator UI and UX [#5129] - Do not prompt to restart if switching the theme back and forth [#5084] - Change actions for F1, F2, and F3 keys [#5082] - Skip referenced passwords in health check report [#5056] - Check system-wide Qt translations directory for downstream - translations packaging [#5064] - macOS: Change password visibility toggle shortcut to Ctrl+H to - avoid conflict with system shortcut [#5114] - Browser: Only display domain name in browser access confirm dialog to avoid overly wide window sizes [#5214] - Fix clipboard not being cleared when database is locked while timeout is still active [#5184] - Fix list of previous databases not being cleared in some cases [#5123] - Fix saving of non-data changes on database lock [#5210] - Fix search results banner theming [#5197] - Don’t enforce theme palette in Classic theme mode and add hover effect for buttons [#5122, #5267] - Fix label clipping in settings on high-DPI screens [#5227] - Fix excessive memory usage by icons on systems with high-DPI screens [#5266] - Fix crash if number of TOTP digits exceeds ten [#5106] - Fix slot detection when first YubiKey is configured on the second slot [#5004] - Prevent crash if focus widget gets deleted during saving [#5005] - Always show buttons for opening or saving attachments [#4956] - Update link to Auto-Type help [#5228] - Fix build errors with Ninja [#5121] - CLI: Fix db-info command wrongly labelled as db-show in usage listing [#5140] - Windows: Use Classic theme by default if high-contrast mode is on [#5191] - Linux: Add workaround for qt5ct bug, causing icons not to show up [#5011] - Linux: Correct high-DPI display by not allowing fractional scaling [#5185] - Browser: Consider subdomain and path when requesting only “best-matching credentials” [#4832] - SSH Agent: Always forget all keys on lock [#5115] keepassxc-2.6.1-bp151.3.18.1.src.rpm keepassxc-2.6.1-bp151.3.18.1.x86_64.rpm keepassxc-lang-2.6.1-bp151.3.18.1.noarch.rpm keepassxc-2.6.1-bp151.3.18.1.aarch64.rpm keepassxc-2.6.1-bp151.3.18.1.ppc64le.rpm keepassxc-2.6.1-bp151.3.18.1.s390x.rpm openSUSE-2020-1412 moderate openSUSE Backports SLE-15-SP1 Update This update for kio fixes the following issues: - Fix reading the "Accept For Session" cookie setting in the kcookiejar daemon (boo#1167985) kio-5.55.0-bp151.4.12.1.src.rpm kio-5.55.0-bp151.4.12.1.x86_64.rpm kio-core-5.55.0-bp151.4.12.1.x86_64.rpm kio-core-debuginfo-5.55.0-bp151.4.12.1.x86_64.rpm kio-debuginfo-5.55.0-bp151.4.12.1.x86_64.rpm kio-debugsource-5.55.0-bp151.4.12.1.x86_64.rpm kio-devel-5.55.0-bp151.4.12.1.x86_64.rpm kio-devel-debuginfo-5.55.0-bp151.4.12.1.x86_64.rpm kio-lang-5.55.0-bp151.4.12.1.noarch.rpm kio-5.55.0-bp151.4.12.1.aarch64.rpm kio-64bit-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-64bit-debuginfo-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-core-5.55.0-bp151.4.12.1.aarch64.rpm kio-core-64bit-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-core-64bit-debuginfo-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-core-debuginfo-5.55.0-bp151.4.12.1.aarch64.rpm kio-debuginfo-5.55.0-bp151.4.12.1.aarch64.rpm kio-debugsource-5.55.0-bp151.4.12.1.aarch64.rpm kio-devel-5.55.0-bp151.4.12.1.aarch64.rpm kio-devel-64bit-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-devel-64bit-debuginfo-5.55.0-bp151.4.12.1.aarch64_ilp32.rpm kio-devel-debuginfo-5.55.0-bp151.4.12.1.aarch64.rpm kio-5.55.0-bp151.4.12.1.ppc64le.rpm kio-core-5.55.0-bp151.4.12.1.ppc64le.rpm kio-core-debuginfo-5.55.0-bp151.4.12.1.ppc64le.rpm kio-debuginfo-5.55.0-bp151.4.12.1.ppc64le.rpm kio-debugsource-5.55.0-bp151.4.12.1.ppc64le.rpm kio-devel-5.55.0-bp151.4.12.1.ppc64le.rpm kio-devel-debuginfo-5.55.0-bp151.4.12.1.ppc64le.rpm kio-5.55.0-bp151.4.12.1.s390x.rpm kio-core-5.55.0-bp151.4.12.1.s390x.rpm kio-core-debuginfo-5.55.0-bp151.4.12.1.s390x.rpm kio-debuginfo-5.55.0-bp151.4.12.1.s390x.rpm kio-debugsource-5.55.0-bp151.4.12.1.s390x.rpm kio-devel-5.55.0-bp151.4.12.1.s390x.rpm kio-devel-debuginfo-5.55.0-bp151.4.12.1.s390x.rpm openSUSE-2020-1415 moderate openSUSE Backports SLE-15-SP1 Update This update for python-Flask-Cors fixes the following issues: - CVE-2020-25032: fix a relative directory traversal vulnerability (bsc#1175986). This update was imported from the openSUSE:Leap:15.1:Update update project. python-Flask-Cors-3.0.7-bp151.2.3.1.src.rpm python2-Flask-Cors-3.0.7-bp151.2.3.1.noarch.rpm python3-Flask-Cors-3.0.7-bp151.2.3.1.noarch.rpm openSUSE-2020-1424 moderate openSUSE Backports SLE-15-SP1 Update This update for choqok fixes the following issues: Add upstream patches to fix problems that still were present in the 1.7.0 release: * Fixed retrieving Twitter conversations (kde#417193) * Link to the original post for retweets * twitter Dont overwrite contents of retweets (kde#370260) Update to 1.7.0: * Port to QtNetworkAuth and drop qoauth dependency * Plugin compability break: MicroBlog::profileUrl returns a QUrl instead * Plugin compability break: MicroBlog::postUrl returns a QUrl instead * Allow to disable accounts * Honour the default font (kde#372291) * Make the sign footer consistent between all microplugins * Unread post count in the application title sums all unread posts' accounts * Twitter: update char limit to 280 * Twitter: support extended tweets (kde#370260) * Twitter: fix list browsing (kde#382392) * Twitter: fix followers list * Twitter: show client source even for private messages * Twitter: show user' real name when no description is set * GNU Social: do not rely over qvitter to get the post url * GNU Social: hide linkback statuses * GNU Social: show user' real name when no description is set * Pump.io: escape the description * Pump.io: show user' real name when no description is set * Drop yFrog support from ImagePreview plugin This update was imported from the openSUSE:Leap:15.1:Update update project. choqok-1.7.0-bp151.4.3.1.src.rpm choqok-1.7.0-bp151.4.3.1.x86_64.rpm choqok-devel-1.7.0-bp151.4.3.1.x86_64.rpm openSUSE-2020-1500 moderate openSUSE Backports SLE-15-SP1 Update This update for libqt4 fixes the following issues: * Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507) * Fix "double free or corruption" in QXmlStreamReader (boo#1118595, CVE-2018-15518) * Fix QBmpHandler segfault on malformed BMP file boo#1118596, CVE-2018-19873) * Fix crash when parsing malformed url reference (boo#1118599, CVE-2018-19869) This update was imported from the openSUSE:Leap:15.1:Update update project. libqt4-devel-doc-4.8.7-bp151.4.3.1.src.rpm libqt4-devel-doc-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-devel-doc-data-4.8.7-bp151.4.3.1.noarch.rpm libqt4-devel-doc-debuginfo-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-devel-doc-debugsource-4.8.7-bp151.4.3.1.x86_64.rpm qt4-x11-tools-4.8.7-bp151.4.3.1.x86_64.rpm qt4-x11-tools-debuginfo-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-plugins-4.8.7-bp151.4.3.1.src.rpm libqt4-sql-plugins-debugsource-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-postgresql-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-postgresql-debuginfo-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-unixODBC-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-unixODBC-debuginfo-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-4.8.7-bp151.4.3.1.src.rpm libqt4-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-devel-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-linguist-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-private-headers-devel-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-qt3support-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-sql-sqlite-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-x11-4.8.7-bp151.4.3.1.x86_64.rpm libqt4-devel-doc-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-devel-doc-debuginfo-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-devel-doc-debugsource-4.8.7-bp151.4.3.1.aarch64.rpm qt4-x11-tools-4.8.7-bp151.4.3.1.aarch64.rpm qt4-x11-tools-debuginfo-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-plugins-debugsource-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-postgresql-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-postgresql-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-postgresql-64bit-debuginfo-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-postgresql-debuginfo-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-unixODBC-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-unixODBC-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-unixODBC-64bit-debuginfo-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-unixODBC-debuginfo-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-devel-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-devel-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-linguist-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-private-headers-devel-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-qt3support-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-qt3support-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-sql-sqlite-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-sql-sqlite-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-x11-4.8.7-bp151.4.3.1.aarch64.rpm libqt4-x11-64bit-4.8.7-bp151.4.3.1.aarch64_ilp32.rpm libqt4-devel-doc-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-devel-doc-debuginfo-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-devel-doc-debugsource-4.8.7-bp151.4.3.1.ppc64le.rpm qt4-x11-tools-4.8.7-bp151.4.3.1.ppc64le.rpm qt4-x11-tools-debuginfo-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-plugins-debugsource-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-postgresql-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-postgresql-debuginfo-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-unixODBC-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-unixODBC-debuginfo-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-devel-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-linguist-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-private-headers-devel-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-qt3support-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-sql-sqlite-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-x11-4.8.7-bp151.4.3.1.ppc64le.rpm libqt4-devel-doc-4.8.7-bp151.4.3.1.s390x.rpm libqt4-devel-doc-debuginfo-4.8.7-bp151.4.3.1.s390x.rpm libqt4-devel-doc-debugsource-4.8.7-bp151.4.3.1.s390x.rpm qt4-x11-tools-4.8.7-bp151.4.3.1.s390x.rpm qt4-x11-tools-debuginfo-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-plugins-debugsource-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-postgresql-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-postgresql-debuginfo-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-unixODBC-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-unixODBC-debuginfo-4.8.7-bp151.4.3.1.s390x.rpm libqt4-4.8.7-bp151.4.3.1.s390x.rpm libqt4-devel-4.8.7-bp151.4.3.1.s390x.rpm libqt4-linguist-4.8.7-bp151.4.3.1.s390x.rpm libqt4-private-headers-devel-4.8.7-bp151.4.3.1.s390x.rpm libqt4-qt3support-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-4.8.7-bp151.4.3.1.s390x.rpm libqt4-sql-sqlite-4.8.7-bp151.4.3.1.s390x.rpm libqt4-x11-4.8.7-bp151.4.3.1.s390x.rpm openSUSE-2020-1512 moderate openSUSE Backports SLE-15-SP1 Update This update for obs-service-kiwi_metainfo_helper fixes the following issues: - Use a boolean dep to avoid use of %{is_opensuse}. The prjconf selects which one to use this way. - Fix grammar, update README and .service. - Also allow working on Chart.yaml. (jsc#CAPS-5) - Add explicit fallback for chroot builds - Refactor into a single sed call - Also allow working on Dockerfile (jsc#CAPS-10) - Strip service prefix from the recipe name to work with enabled services in OBS This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. obs-service-kiwi_metainfo_helper-0.1-bp151.2.3.1.noarch.rpm obs-service-kiwi_metainfo_helper-0.1-bp151.2.3.1.src.rpm openSUSE-2020-1516 moderate openSUSE Backports SLE-15-SP1 Update This update for roundcubemail fixes the following issues: roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. (boo#1175135) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145] * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content From 1.3.14 (boo#1173792 -> CVE-2020-15562) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace From 1.3.13 * Installer: Fix regression in SMTP test section (#7417) From 1.3.12 * Security: Better fix for CVE-2020-12641 (boo#1171148) * Security: Fix XSS issue in template object 'username' (#7406) * Security: Fix couple of XSS issues in Installer (#7406) * Security: Fix cross-site scripting (XSS) via malicious XML attachment From 1.3.11 (boo#1171148 -> CVE-2020-12641 boo#1171040 -> CVE-2020-12625 boo#1171149 -> CVE-2020-12640) * Enigma: Fix compatibility with Mail_Mime >= 1.10.5 * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930) * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980) * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991) * Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003) * Security: Fix XSS issue in handling of CDATA in HTML messages * Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings * Security: Fix local file inclusion (and code execution) via crafted 'plugins' option * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302) From 1.3.10 (boo#1146286) * Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723) * Enigma: Fix bug where revoked users/keys were not greyed out in key info * Enigma: Fix error message when trying to encrypt with a revoked key (#6607) * Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638) * Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785) * Fix bug where bmp images couldn't be displayed on some systems (#6728) * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744) * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758) * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746) * Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793) * Fix bug where selection of columns on messages list wasn't working * Fix bug in converting multi-page Tiff images to Jpeg (#6824) * Fix wrong messages order after returning to a multi-folder search result (#6836) * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866) * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898) * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899) * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897) * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) From 1.3.9 (boo#1115718) * Fix TinyMCE download location (#6694) * Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494) * Fix handling of empty entries in vCard import (#6564) * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577) * Fix PHP 7.2 compatibility in debug_logger plugin (#6586) * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) * Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599) * Fix missing CSRF token on a link to download too-big message part (#6621) * Fix bug when aborting dragging with ESC key didn't stop the move action (#6623) * Fix bug where next row wasn't selected after deleting a collapsed thread (#6655) From 1.3.8 * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374) * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383) * Enigma: Fix deleting keys with authentication subkeys (#6381) * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398) * Fix so Classic skin splitter does not escape out of window (#6397) * Fix XSS issue in handling invalid style tag content (#6410) * Fix compatibility with MySQL 8 - error on 'system' table use * Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422) * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419) * Fix support for "allow-from <uri>" in "x_frame_options" config option (#6449) * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) * Fix multiple VCard field search (#6466) * Fix session issue on long running requests (#6470) From 1.3.7 (boo#1115719) * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) * Fix bug where some parts of quota information could have been ignored (#6280) * Fix bug where some escape sequences in html styles could bypass security checks * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names * Fix bug where only attachments with the same name would be ignored on zip download (#6301) * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) * Fix bug where after "mark all folders as read" action message counters were not reset (#6307) * Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) * Fix bug where some HTML comments could have been malformed by HTML parser (#6333) roundcubemail-1.3.15-bp151.4.3.1.noarch.rpm roundcubemail-1.3.15-bp151.4.3.1.src.rpm openSUSE-2020-1514 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing: - CVE-2020-6573: Use after free in video. - CVE-2020-6574: Insufficient policy enforcement in installer. - CVE-2020-6575: Race in Mojo. - CVE-2020-6576: Use after free in offscreen canvas. - CVE-2020-15959: Insufficient policy enforcement in networking. Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill - CVE-2020-6561: Inappropriate implementation in Content Security Policy - CVE-2020-6562: Insufficient policy enforcement in Blink - CVE-2020-6563: Insufficient policy enforcement in intent handling. - CVE-2020-6564: Incorrect security UI in permissions - CVE-2020-6565: Incorrect security UI in Omnibox. - CVE-2020-6566: Insufficient policy enforcement in media. - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. - CVE-2020-6568: Insufficient policy enforcement in intent handling. - CVE-2020-6569: Integer overflow in WebUSB. - CVE-2020-6570: Side-channel information leakage in WebRTC. - CVE-2020-6571: Incorrect security UI in Omnibox. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-85.0.4183.102-bp151.3.107.1.x86_64.rpm chromium-85.0.4183.102-bp151.3.107.1.src.rpm chromium-85.0.4183.102-bp151.3.107.1.x86_64.rpm chromedriver-85.0.4183.102-bp151.3.107.1.aarch64.rpm chromium-85.0.4183.102-bp151.3.107.1.aarch64.rpm openSUSE-2020-1541 moderate openSUSE Backports SLE-15-SP1 Update This update for restic fixes the following issues: restic was updated to 0.10.0. https://github.com/restic/restic/releases/tag/v0.10.0 See installed /usr/share/doc/packages/restic/CHANGELOG.md. Update to 0.9.6. https://github.com/restic/restic/releases/tag/v0.9.6 See installed /usr/share/doc/packages/restic/CHANGELOG.md. Fixes: * Allow absolute path for filename when backing up from stdin * Save files with invalid timestamps * Read fresh metadata for unmodified files * Add upper bound for t in --read-data-subset=n/t * Check errors when loading index files Enhancements: + Allow multiple retries for interactive password input + Make --group-by accept both singular and plural + Add option to configure S3 region Update to 0.9.5. https://github.com/restic/restic/releases/tag/v0.9.5 See installed /usr/share/doc/packages/restic/CHANGELOG.md. Short-log: Fixes: * Return error when no bytes could be read from stdin * Don't cancel timeout after 30 seconds for self-update * Fix reading passwords from stdin * Don't abort the find command when a tree can't be loaded Enhancements: + Add case insensitive include & exclude options + Support streaming JSON output for backup + Add Openstack application credential auth for Swift + Add --json support to forget command + Add group-by option to snapshots command + Ability to dump folders to tar via stdout + Return error if no bytes could be read for backup --stdin + Add --ignore-inode option to backup cmd + Add config option to set S3 storage class Update to 0.9.4. https://github.com/restic/restic/releases/tag/v0.9.4 See installed /usr/share/doc/packages/restic/CHANGELOG.md restic-0.10.0-bp151.4.3.1.src.rpm restic-0.10.0-bp151.4.3.1.x86_64.rpm restic-bash-completion-0.10.0-bp151.4.3.1.noarch.rpm restic-zsh-completion-0.10.0-bp151.4.3.1.noarch.rpm restic-0.10.0-bp151.4.3.1.aarch64.rpm restic-0.10.0-bp151.4.3.1.ppc64le.rpm restic-0.10.0-bp151.4.3.1.s390x.rpm openSUSE-2020-1542 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 85.0.4183.121 (boo#1176791): - CVE-2020-15960: Out of bounds read in storage - CVE-2020-15961: Insufficient policy enforcement in extensions - CVE-2020-15962: Insufficient policy enforcement in serial - CVE-2020-15963: Insufficient policy enforcement in extensions - CVE-2020-15965: Out of bounds write in V8 - CVE-2020-15966: Insufficient policy enforcement in extensions - CVE-2020-15964: Insufficient data validation in media This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-85.0.4183.121-bp151.3.110.1.x86_64.rpm chromium-85.0.4183.121-bp151.3.110.1.src.rpm chromium-85.0.4183.121-bp151.3.110.1.x86_64.rpm chromedriver-85.0.4183.121-bp151.3.110.1.aarch64.rpm chromium-85.0.4183.121-bp151.3.110.1.aarch64.rpm openSUSE-2020-1575 important openSUSE Backports SLE-15-SP1 Update This update for rubygem-actionpack-5_1 fixes the following issues: - CVE-2020-8164: Possible Strong Parameters Bypass in ActionPack. There is a strong parameters bypass vector in ActionPack. (bsc#1172177) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. ruby2.5-rubygem-actionpack-5_1-5.1.4-bp151.2.3.1.x86_64.rpm ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-bp151.2.3.1.x86_64.rpm rubygem-actionpack-5_1-5.1.4-bp151.2.3.1.src.rpm ruby2.5-rubygem-actionpack-5_1-5.1.4-bp151.2.3.1.aarch64.rpm ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-bp151.2.3.1.aarch64.rpm ruby2.5-rubygem-actionpack-5_1-5.1.4-bp151.2.3.1.ppc64le.rpm ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-bp151.2.3.1.ppc64le.rpm ruby2.5-rubygem-actionpack-5_1-5.1.4-bp151.2.3.1.s390x.rpm ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-bp151.2.3.1.s390x.rpm openSUSE-2020-1594 moderate openSUSE Backports SLE-15-SP1 Update This update for aspell-dictionaries fixes the following issues: aspell-dictionaries was updated rto: - de -> 20161207-7-0 - pt_BR -> 20131030-12-0 - da 1.6.36 - pt_PT 20190329 This update was imported from the openSUSE:Leap:15.1:Update update project. aspell-af-0.50.0-bp151.3.3.1.x86_64.rpm aspell-agal-0.50.0-bp151.3.3.1.x86_64.rpm aspell-am-0.03.1-bp151.3.3.1.x86_64.rpm aspell-ar-1.2.0-bp151.3.3.1.x86_64.rpm aspell-ast-0.01-bp151.3.3.1.x86_64.rpm aspell-az-0.02-bp151.3.3.1.x86_64.rpm aspell-be-0.01-bp151.3.3.1.x86_64.rpm aspell-bg-4.1-bp151.3.3.1.x86_64.rpm aspell-bn-0.01.1-bp151.3.3.1.x86_64.rpm aspell-br-0.50.2-bp151.3.3.1.x86_64.rpm aspell-ca-0.60.1.20090722-bp151.3.3.1.x86_64.rpm aspell-cs-0.60.0.20040614-bp151.3.3.1.x86_64.rpm aspell-csb-0.02.0-bp151.3.3.1.x86_64.rpm aspell-cy-0.50.3-bp151.3.3.1.x86_64.rpm aspell-da-1.6.20-bp151.3.3.1.x86_64.rpm aspell-de-20161207.7.0-bp151.3.3.1.x86_64.rpm aspell-dictionaries-0.50.6-bp151.3.3.1.src.rpm aspell-el-0.50.3+0.08-bp151.3.3.1.x86_64.rpm aspell-eo-2.1.20000225-bp151.3.3.1.x86_64.rpm aspell-es-1.11.2-bp151.3.3.1.x86_64.rpm aspell-et-0.1.21-bp151.3.3.1.x86_64.rpm aspell-fa-0.11.0-bp151.3.3.1.x86_64.rpm aspell-fi-0.7-bp151.3.3.1.x86_64.rpm aspell-fo-0.2.16-bp151.3.3.1.x86_64.rpm aspell-fr-0.50.3-bp151.3.3.1.x86_64.rpm aspell-fy-0.12-bp151.3.3.1.x86_64.rpm aspell-ga-4.5.0-bp151.3.3.1.x86_64.rpm aspell-gd-0.7.1.1.1-bp151.3.3.1.x86_64.rpm aspell-gl-0.50a-bp151.3.3.1.x86_64.rpm aspell-grc-0.02.0-bp151.3.3.1.x86_64.rpm aspell-gu-0.03-bp151.3.3.1.x86_64.rpm aspell-gv-0.50-bp151.3.3.1.x86_64.rpm aspell-he-1.0.0-bp151.3.3.1.x86_64.rpm aspell-hi-0.02-bp151.3.3.1.x86_64.rpm aspell-hil-0.11-bp151.3.3.1.x86_64.rpm aspell-hr-0.51.0-bp151.3.3.1.x86_64.rpm aspell-hsb-0.02.0-bp151.3.3.1.x86_64.rpm aspell-hu-0.99.4.2-bp151.3.3.1.x86_64.rpm aspell-hus-0.03.1-bp151.3.3.1.x86_64.rpm aspell-hy-0.10.0-bp151.3.3.1.x86_64.rpm aspell-ia-0.50-bp151.3.3.1.x86_64.rpm aspell-id-1.2-bp151.3.3.1.x86_64.rpm aspell-is-0.51.10-bp151.3.3.1.x86_64.rpm aspell-it-2.2_20050523-bp151.3.3.1.x86_64.rpm aspell-kn-0.01.1-bp151.3.3.1.x86_64.rpm aspell-ku-0.20.1-bp151.3.3.1.x86_64.rpm aspell-ky-0.01.0-bp151.3.3.1.x86_64.rpm aspell-la-20020503-bp151.3.3.1.x86_64.rpm aspell-lt-1.2.1-bp151.3.3.1.x86_64.rpm aspell-lv-1.2.1-bp151.3.3.1.x86_64.rpm aspell-mg-20040807-bp151.3.3.1.x86_64.rpm aspell-mi-0.50-bp151.3.3.1.x86_64.rpm aspell-mk-0.50-bp151.3.3.1.x86_64.rpm aspell-ml-0.03-bp151.3.3.1.x86_64.rpm aspell-mn-0.06.2-bp151.3.3.1.x86_64.rpm aspell-mr-0.10-bp151.3.3.1.x86_64.rpm aspell-ms-0.50-bp151.3.3.1.x86_64.rpm aspell-mt-0.50-bp151.3.3.1.x86_64.rpm aspell-nb-0.50.10-bp151.3.3.1.x86_64.rpm aspell-nds-0.01-bp151.3.3.1.x86_64.rpm aspell-nl-1.00.7-bp151.3.3.1.x86_64.rpm aspell-nn-0.50.11-bp151.3.3.1.x86_64.rpm aspell-ny-0.01-bp151.3.3.1.x86_64.rpm aspell-or-0.03-bp151.3.3.1.x86_64.rpm aspell-pa-0.01-bp151.3.3.1.x86_64.rpm aspell-pl-0.60.2015.04.28-bp151.3.3.1.x86_64.rpm aspell-pt_BR-20131030.12.0-bp151.3.3.1.x86_64.rpm aspell-pt_PT-20190329-bp151.3.3.1.x86_64.rpm aspell-qu-0.02-bp151.3.3.1.x86_64.rpm aspell-ro-3.3.2-bp151.3.3.1.x86_64.rpm aspell-ru-0.99.f7.1-bp151.3.3.1.x86_64.rpm aspell-rw-0.50-bp151.3.3.1.x86_64.rpm aspell-sc-1.0-bp151.3.3.1.x86_64.rpm aspell-sk-2.01-bp151.3.3.1.x86_64.rpm aspell-sl-0.50-bp151.3.3.1.x86_64.rpm aspell-sr-0.02-bp151.3.3.1.x86_64.rpm aspell-sv-0.51.0-bp151.3.3.1.x86_64.rpm aspell-sw-1.0-bp151.3.3.1.x86_64.rpm aspell-ta-20040424-bp151.3.3.1.x86_64.rpm aspell-te-0.01.2-bp151.3.3.1.x86_64.rpm aspell-tet-0.1.1-bp151.3.3.1.x86_64.rpm aspell-tk-0.01-bp151.3.3.1.x86_64.rpm aspell-tl-0.02-bp151.3.3.1.x86_64.rpm aspell-tn-1.0.1-bp151.3.3.1.x86_64.rpm aspell-tr-0.50-bp151.3.3.1.x86_64.rpm aspell-uk-1.4.0-bp151.3.3.1.x86_64.rpm aspell-uz-0.6.0-bp151.3.3.1.x86_64.rpm aspell-vi-0.01.1-bp151.3.3.1.x86_64.rpm aspell-wa-0.50-bp151.3.3.1.x86_64.rpm aspell-yi-0.01.1-bp151.3.3.1.x86_64.rpm aspell-zu-0.50-bp151.3.3.1.x86_64.rpm aspell-af-0.50.0-bp151.3.3.1.aarch64.rpm aspell-agal-0.50.0-bp151.3.3.1.aarch64.rpm aspell-am-0.03.1-bp151.3.3.1.aarch64.rpm aspell-ar-1.2.0-bp151.3.3.1.aarch64.rpm aspell-ast-0.01-bp151.3.3.1.aarch64.rpm aspell-az-0.02-bp151.3.3.1.aarch64.rpm aspell-be-0.01-bp151.3.3.1.aarch64.rpm aspell-bg-4.1-bp151.3.3.1.aarch64.rpm aspell-bn-0.01.1-bp151.3.3.1.aarch64.rpm aspell-br-0.50.2-bp151.3.3.1.aarch64.rpm aspell-ca-0.60.1.20090722-bp151.3.3.1.aarch64.rpm aspell-cs-0.60.0.20040614-bp151.3.3.1.aarch64.rpm aspell-csb-0.02.0-bp151.3.3.1.aarch64.rpm aspell-cy-0.50.3-bp151.3.3.1.aarch64.rpm aspell-da-1.6.20-bp151.3.3.1.aarch64.rpm aspell-de-20161207.7.0-bp151.3.3.1.aarch64.rpm aspell-el-0.50.3+0.08-bp151.3.3.1.aarch64.rpm aspell-eo-2.1.20000225-bp151.3.3.1.aarch64.rpm aspell-es-1.11.2-bp151.3.3.1.aarch64.rpm aspell-et-0.1.21-bp151.3.3.1.aarch64.rpm aspell-fa-0.11.0-bp151.3.3.1.aarch64.rpm aspell-fi-0.7-bp151.3.3.1.aarch64.rpm aspell-fo-0.2.16-bp151.3.3.1.aarch64.rpm aspell-fr-0.50.3-bp151.3.3.1.aarch64.rpm aspell-fy-0.12-bp151.3.3.1.aarch64.rpm aspell-ga-4.5.0-bp151.3.3.1.aarch64.rpm aspell-gd-0.7.1.1.1-bp151.3.3.1.aarch64.rpm aspell-gl-0.50a-bp151.3.3.1.aarch64.rpm aspell-grc-0.02.0-bp151.3.3.1.aarch64.rpm aspell-gu-0.03-bp151.3.3.1.aarch64.rpm aspell-gv-0.50-bp151.3.3.1.aarch64.rpm aspell-he-1.0.0-bp151.3.3.1.aarch64.rpm aspell-hi-0.02-bp151.3.3.1.aarch64.rpm aspell-hil-0.11-bp151.3.3.1.aarch64.rpm aspell-hr-0.51.0-bp151.3.3.1.aarch64.rpm aspell-hsb-0.02.0-bp151.3.3.1.aarch64.rpm aspell-hu-0.99.4.2-bp151.3.3.1.aarch64.rpm aspell-hus-0.03.1-bp151.3.3.1.aarch64.rpm aspell-hy-0.10.0-bp151.3.3.1.aarch64.rpm aspell-ia-0.50-bp151.3.3.1.aarch64.rpm aspell-id-1.2-bp151.3.3.1.aarch64.rpm aspell-is-0.51.10-bp151.3.3.1.aarch64.rpm aspell-it-2.2_20050523-bp151.3.3.1.aarch64.rpm aspell-kn-0.01.1-bp151.3.3.1.aarch64.rpm aspell-ku-0.20.1-bp151.3.3.1.aarch64.rpm aspell-ky-0.01.0-bp151.3.3.1.aarch64.rpm aspell-la-20020503-bp151.3.3.1.aarch64.rpm aspell-lt-1.2.1-bp151.3.3.1.aarch64.rpm aspell-lv-1.2.1-bp151.3.3.1.aarch64.rpm aspell-mg-20040807-bp151.3.3.1.aarch64.rpm aspell-mi-0.50-bp151.3.3.1.aarch64.rpm aspell-mk-0.50-bp151.3.3.1.aarch64.rpm aspell-ml-0.03-bp151.3.3.1.aarch64.rpm aspell-mn-0.06.2-bp151.3.3.1.aarch64.rpm aspell-mr-0.10-bp151.3.3.1.aarch64.rpm aspell-ms-0.50-bp151.3.3.1.aarch64.rpm aspell-mt-0.50-bp151.3.3.1.aarch64.rpm aspell-nb-0.50.10-bp151.3.3.1.aarch64.rpm aspell-nds-0.01-bp151.3.3.1.aarch64.rpm aspell-nl-1.00.7-bp151.3.3.1.aarch64.rpm aspell-nn-0.50.11-bp151.3.3.1.aarch64.rpm aspell-ny-0.01-bp151.3.3.1.aarch64.rpm aspell-or-0.03-bp151.3.3.1.aarch64.rpm aspell-pa-0.01-bp151.3.3.1.aarch64.rpm aspell-pl-0.60.2015.04.28-bp151.3.3.1.aarch64.rpm aspell-pt_BR-20131030.12.0-bp151.3.3.1.aarch64.rpm aspell-pt_PT-20190329-bp151.3.3.1.aarch64.rpm aspell-qu-0.02-bp151.3.3.1.aarch64.rpm aspell-ro-3.3.2-bp151.3.3.1.aarch64.rpm aspell-ru-0.99.f7.1-bp151.3.3.1.aarch64.rpm aspell-rw-0.50-bp151.3.3.1.aarch64.rpm aspell-sc-1.0-bp151.3.3.1.aarch64.rpm aspell-sk-2.01-bp151.3.3.1.aarch64.rpm aspell-sl-0.50-bp151.3.3.1.aarch64.rpm aspell-sr-0.02-bp151.3.3.1.aarch64.rpm aspell-sv-0.51.0-bp151.3.3.1.aarch64.rpm aspell-sw-1.0-bp151.3.3.1.aarch64.rpm aspell-ta-20040424-bp151.3.3.1.aarch64.rpm aspell-te-0.01.2-bp151.3.3.1.aarch64.rpm aspell-tet-0.1.1-bp151.3.3.1.aarch64.rpm aspell-tk-0.01-bp151.3.3.1.aarch64.rpm aspell-tl-0.02-bp151.3.3.1.aarch64.rpm aspell-tn-1.0.1-bp151.3.3.1.aarch64.rpm aspell-tr-0.50-bp151.3.3.1.aarch64.rpm aspell-uk-1.4.0-bp151.3.3.1.aarch64.rpm aspell-uz-0.6.0-bp151.3.3.1.aarch64.rpm aspell-vi-0.01.1-bp151.3.3.1.aarch64.rpm aspell-wa-0.50-bp151.3.3.1.aarch64.rpm aspell-yi-0.01.1-bp151.3.3.1.aarch64.rpm aspell-zu-0.50-bp151.3.3.1.aarch64.rpm aspell-af-0.50.0-bp151.3.3.1.ppc64le.rpm aspell-agal-0.50.0-bp151.3.3.1.ppc64le.rpm aspell-am-0.03.1-bp151.3.3.1.ppc64le.rpm aspell-ar-1.2.0-bp151.3.3.1.ppc64le.rpm aspell-ast-0.01-bp151.3.3.1.ppc64le.rpm aspell-az-0.02-bp151.3.3.1.ppc64le.rpm aspell-be-0.01-bp151.3.3.1.ppc64le.rpm aspell-bg-4.1-bp151.3.3.1.ppc64le.rpm aspell-bn-0.01.1-bp151.3.3.1.ppc64le.rpm aspell-br-0.50.2-bp151.3.3.1.ppc64le.rpm aspell-ca-0.60.1.20090722-bp151.3.3.1.ppc64le.rpm aspell-cs-0.60.0.20040614-bp151.3.3.1.ppc64le.rpm aspell-csb-0.02.0-bp151.3.3.1.ppc64le.rpm aspell-cy-0.50.3-bp151.3.3.1.ppc64le.rpm aspell-da-1.6.20-bp151.3.3.1.ppc64le.rpm aspell-de-20161207.7.0-bp151.3.3.1.ppc64le.rpm aspell-el-0.50.3+0.08-bp151.3.3.1.ppc64le.rpm aspell-eo-2.1.20000225-bp151.3.3.1.ppc64le.rpm aspell-es-1.11.2-bp151.3.3.1.ppc64le.rpm aspell-et-0.1.21-bp151.3.3.1.ppc64le.rpm aspell-fa-0.11.0-bp151.3.3.1.ppc64le.rpm aspell-fi-0.7-bp151.3.3.1.ppc64le.rpm aspell-fo-0.2.16-bp151.3.3.1.ppc64le.rpm aspell-fr-0.50.3-bp151.3.3.1.ppc64le.rpm aspell-fy-0.12-bp151.3.3.1.ppc64le.rpm aspell-ga-4.5.0-bp151.3.3.1.ppc64le.rpm aspell-gd-0.7.1.1.1-bp151.3.3.1.ppc64le.rpm aspell-gl-0.50a-bp151.3.3.1.ppc64le.rpm aspell-grc-0.02.0-bp151.3.3.1.ppc64le.rpm aspell-gu-0.03-bp151.3.3.1.ppc64le.rpm aspell-gv-0.50-bp151.3.3.1.ppc64le.rpm aspell-he-1.0.0-bp151.3.3.1.ppc64le.rpm aspell-hi-0.02-bp151.3.3.1.ppc64le.rpm aspell-hil-0.11-bp151.3.3.1.ppc64le.rpm aspell-hr-0.51.0-bp151.3.3.1.ppc64le.rpm aspell-hsb-0.02.0-bp151.3.3.1.ppc64le.rpm aspell-hu-0.99.4.2-bp151.3.3.1.ppc64le.rpm aspell-hus-0.03.1-bp151.3.3.1.ppc64le.rpm aspell-hy-0.10.0-bp151.3.3.1.ppc64le.rpm aspell-ia-0.50-bp151.3.3.1.ppc64le.rpm aspell-id-1.2-bp151.3.3.1.ppc64le.rpm aspell-is-0.51.10-bp151.3.3.1.ppc64le.rpm aspell-it-2.2_20050523-bp151.3.3.1.ppc64le.rpm aspell-kn-0.01.1-bp151.3.3.1.ppc64le.rpm aspell-ku-0.20.1-bp151.3.3.1.ppc64le.rpm aspell-ky-0.01.0-bp151.3.3.1.ppc64le.rpm aspell-la-20020503-bp151.3.3.1.ppc64le.rpm aspell-lt-1.2.1-bp151.3.3.1.ppc64le.rpm aspell-lv-1.2.1-bp151.3.3.1.ppc64le.rpm aspell-mg-20040807-bp151.3.3.1.ppc64le.rpm aspell-mi-0.50-bp151.3.3.1.ppc64le.rpm aspell-mk-0.50-bp151.3.3.1.ppc64le.rpm aspell-ml-0.03-bp151.3.3.1.ppc64le.rpm aspell-mn-0.06.2-bp151.3.3.1.ppc64le.rpm aspell-mr-0.10-bp151.3.3.1.ppc64le.rpm aspell-ms-0.50-bp151.3.3.1.ppc64le.rpm aspell-mt-0.50-bp151.3.3.1.ppc64le.rpm aspell-nb-0.50.10-bp151.3.3.1.ppc64le.rpm aspell-nds-0.01-bp151.3.3.1.ppc64le.rpm aspell-nl-1.00.7-bp151.3.3.1.ppc64le.rpm aspell-nn-0.50.11-bp151.3.3.1.ppc64le.rpm aspell-ny-0.01-bp151.3.3.1.ppc64le.rpm aspell-or-0.03-bp151.3.3.1.ppc64le.rpm aspell-pa-0.01-bp151.3.3.1.ppc64le.rpm aspell-pl-0.60.2015.04.28-bp151.3.3.1.ppc64le.rpm aspell-pt_BR-20131030.12.0-bp151.3.3.1.ppc64le.rpm aspell-pt_PT-20190329-bp151.3.3.1.ppc64le.rpm aspell-qu-0.02-bp151.3.3.1.ppc64le.rpm aspell-ro-3.3.2-bp151.3.3.1.ppc64le.rpm aspell-ru-0.99.f7.1-bp151.3.3.1.ppc64le.rpm aspell-rw-0.50-bp151.3.3.1.ppc64le.rpm aspell-sc-1.0-bp151.3.3.1.ppc64le.rpm aspell-sk-2.01-bp151.3.3.1.ppc64le.rpm aspell-sl-0.50-bp151.3.3.1.ppc64le.rpm aspell-sr-0.02-bp151.3.3.1.ppc64le.rpm aspell-sv-0.51.0-bp151.3.3.1.ppc64le.rpm aspell-sw-1.0-bp151.3.3.1.ppc64le.rpm aspell-ta-20040424-bp151.3.3.1.ppc64le.rpm aspell-te-0.01.2-bp151.3.3.1.ppc64le.rpm aspell-tet-0.1.1-bp151.3.3.1.ppc64le.rpm aspell-tk-0.01-bp151.3.3.1.ppc64le.rpm aspell-tl-0.02-bp151.3.3.1.ppc64le.rpm aspell-tn-1.0.1-bp151.3.3.1.ppc64le.rpm aspell-tr-0.50-bp151.3.3.1.ppc64le.rpm aspell-uk-1.4.0-bp151.3.3.1.ppc64le.rpm aspell-uz-0.6.0-bp151.3.3.1.ppc64le.rpm aspell-vi-0.01.1-bp151.3.3.1.ppc64le.rpm aspell-wa-0.50-bp151.3.3.1.ppc64le.rpm aspell-yi-0.01.1-bp151.3.3.1.ppc64le.rpm aspell-zu-0.50-bp151.3.3.1.ppc64le.rpm aspell-af-0.50.0-bp151.3.3.1.s390x.rpm aspell-agal-0.50.0-bp151.3.3.1.s390x.rpm aspell-am-0.03.1-bp151.3.3.1.s390x.rpm aspell-ar-1.2.0-bp151.3.3.1.s390x.rpm aspell-ast-0.01-bp151.3.3.1.s390x.rpm aspell-az-0.02-bp151.3.3.1.s390x.rpm aspell-be-0.01-bp151.3.3.1.s390x.rpm aspell-bg-4.1-bp151.3.3.1.s390x.rpm aspell-bn-0.01.1-bp151.3.3.1.s390x.rpm aspell-br-0.50.2-bp151.3.3.1.s390x.rpm aspell-ca-0.60.1.20090722-bp151.3.3.1.s390x.rpm aspell-cs-0.60.0.20040614-bp151.3.3.1.s390x.rpm aspell-csb-0.02.0-bp151.3.3.1.s390x.rpm aspell-cy-0.50.3-bp151.3.3.1.s390x.rpm aspell-da-1.6.20-bp151.3.3.1.s390x.rpm aspell-de-20161207.7.0-bp151.3.3.1.s390x.rpm aspell-el-0.50.3+0.08-bp151.3.3.1.s390x.rpm aspell-eo-2.1.20000225-bp151.3.3.1.s390x.rpm aspell-es-1.11.2-bp151.3.3.1.s390x.rpm aspell-et-0.1.21-bp151.3.3.1.s390x.rpm aspell-fa-0.11.0-bp151.3.3.1.s390x.rpm aspell-fi-0.7-bp151.3.3.1.s390x.rpm aspell-fo-0.2.16-bp151.3.3.1.s390x.rpm aspell-fr-0.50.3-bp151.3.3.1.s390x.rpm aspell-fy-0.12-bp151.3.3.1.s390x.rpm aspell-ga-4.5.0-bp151.3.3.1.s390x.rpm aspell-gd-0.7.1.1.1-bp151.3.3.1.s390x.rpm aspell-gl-0.50a-bp151.3.3.1.s390x.rpm aspell-grc-0.02.0-bp151.3.3.1.s390x.rpm aspell-gu-0.03-bp151.3.3.1.s390x.rpm aspell-gv-0.50-bp151.3.3.1.s390x.rpm aspell-he-1.0.0-bp151.3.3.1.s390x.rpm aspell-hi-0.02-bp151.3.3.1.s390x.rpm aspell-hil-0.11-bp151.3.3.1.s390x.rpm aspell-hr-0.51.0-bp151.3.3.1.s390x.rpm aspell-hsb-0.02.0-bp151.3.3.1.s390x.rpm aspell-hu-0.99.4.2-bp151.3.3.1.s390x.rpm aspell-hus-0.03.1-bp151.3.3.1.s390x.rpm aspell-hy-0.10.0-bp151.3.3.1.s390x.rpm aspell-ia-0.50-bp151.3.3.1.s390x.rpm aspell-id-1.2-bp151.3.3.1.s390x.rpm aspell-is-0.51.10-bp151.3.3.1.s390x.rpm aspell-it-2.2_20050523-bp151.3.3.1.s390x.rpm aspell-kn-0.01.1-bp151.3.3.1.s390x.rpm aspell-ku-0.20.1-bp151.3.3.1.s390x.rpm aspell-ky-0.01.0-bp151.3.3.1.s390x.rpm aspell-la-20020503-bp151.3.3.1.s390x.rpm aspell-lt-1.2.1-bp151.3.3.1.s390x.rpm aspell-lv-1.2.1-bp151.3.3.1.s390x.rpm aspell-mg-20040807-bp151.3.3.1.s390x.rpm aspell-mi-0.50-bp151.3.3.1.s390x.rpm aspell-mk-0.50-bp151.3.3.1.s390x.rpm aspell-ml-0.03-bp151.3.3.1.s390x.rpm aspell-mn-0.06.2-bp151.3.3.1.s390x.rpm aspell-mr-0.10-bp151.3.3.1.s390x.rpm aspell-ms-0.50-bp151.3.3.1.s390x.rpm aspell-mt-0.50-bp151.3.3.1.s390x.rpm aspell-nb-0.50.10-bp151.3.3.1.s390x.rpm aspell-nds-0.01-bp151.3.3.1.s390x.rpm aspell-nl-1.00.7-bp151.3.3.1.s390x.rpm aspell-nn-0.50.11-bp151.3.3.1.s390x.rpm aspell-ny-0.01-bp151.3.3.1.s390x.rpm aspell-or-0.03-bp151.3.3.1.s390x.rpm aspell-pa-0.01-bp151.3.3.1.s390x.rpm aspell-pl-0.60.2015.04.28-bp151.3.3.1.s390x.rpm aspell-pt_BR-20131030.12.0-bp151.3.3.1.s390x.rpm aspell-pt_PT-20190329-bp151.3.3.1.s390x.rpm aspell-qu-0.02-bp151.3.3.1.s390x.rpm aspell-ro-3.3.2-bp151.3.3.1.s390x.rpm aspell-ru-0.99.f7.1-bp151.3.3.1.s390x.rpm aspell-rw-0.50-bp151.3.3.1.s390x.rpm aspell-sc-1.0-bp151.3.3.1.s390x.rpm aspell-sk-2.01-bp151.3.3.1.s390x.rpm aspell-sl-0.50-bp151.3.3.1.s390x.rpm aspell-sr-0.02-bp151.3.3.1.s390x.rpm aspell-sv-0.51.0-bp151.3.3.1.s390x.rpm aspell-sw-1.0-bp151.3.3.1.s390x.rpm aspell-ta-20040424-bp151.3.3.1.s390x.rpm aspell-te-0.01.2-bp151.3.3.1.s390x.rpm aspell-tet-0.1.1-bp151.3.3.1.s390x.rpm aspell-tk-0.01-bp151.3.3.1.s390x.rpm aspell-tl-0.02-bp151.3.3.1.s390x.rpm aspell-tn-1.0.1-bp151.3.3.1.s390x.rpm aspell-tr-0.50-bp151.3.3.1.s390x.rpm aspell-uk-1.4.0-bp151.3.3.1.s390x.rpm aspell-uz-0.6.0-bp151.3.3.1.s390x.rpm aspell-vi-0.01.1-bp151.3.3.1.s390x.rpm aspell-wa-0.50-bp151.3.3.1.s390x.rpm aspell-yi-0.01.1-bp151.3.3.1.s390x.rpm aspell-zu-0.50-bp151.3.3.1.s390x.rpm openSUSE-2020-1611 moderate openSUSE Backports SLE-15-SP1 Update This update for grafana fixes the following issues: grafana was updated to version 7.1.5: * Features / Enhancements - Stats: Stop counting the same user multiple times. - Field overrides: Filter by field name using regex. - AzureMonitor: map more units. - Explore: Don't run queries on datasource change. - Graph: Support setting field unit & override data source (automatic) unit. - Explore: Unification of logs/metrics/traces user interface - Table: JSON Cell should try to convert strings to JSON - Variables: enables cancel for slow query variables queries. - TimeZone: unify the time zone pickers to one that can rule them all. - Search: support URL query params. - Grafana-UI: Add FileUpload. - TablePanel: Sort numbers correctly. * Bug fixes - Alerting: remove LongToWide call in alerting. - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used. - Variables: Fixes issue with All variable not being resolved. - Templating: Fixes so texts show in picker not the values. - Templating: Templating: Fix undefined result when using raw interpolation format - TextPanel: Fix content overflowing panel boundaries. - StatPanel: Fix stat panel display name not showing when explicitly set. - Query history: Fix search filtering if null value. - Flux: Ensure connections to InfluxDB are closed. - Dashboard: Fix for viewer can enter panel edit mode by modifying url (but cannot not save anything). - Prometheus: Fix prom links in mixed mode. - Sign In Use correct url for the Sign In button. - StatPanel: Fixes issue with name showing for single series / field results - BarGauge: Fix space bug in single series mode. - Auth: Fix POST request failures with anonymous access - Templating: Fix recursive loop of template variable queries when changing ad-hoc-variable - Templating: Fixed recursive queries triggered when switching dashboard settings view - GraphPanel: Fix annotations overflowing panels. - Prometheus: Fix performance issue in processing of histogram labels. - Datasources: Handle URL parsing error. - Security: Use Header.Set and Header.Del for X-Grafana-User header. grafana-7.1.5-bp151.2.1.src.rpm grafana-7.1.5-bp151.2.1.x86_64.rpm grafana-7.1.5-bp151.2.1.aarch64.rpm grafana-7.1.5-bp151.2.1.ppc64le.rpm grafana-7.1.5-bp151.2.1.s390x.rpm openSUSE-2020-1638 moderate openSUSE Backports SLE-15-SP1 Update This update for spec-cleaner fixes the following issues: spec-cleaner was updated to 1.2.1 (boo#1099674): * Use Leap 15.2 as a base for data files * Use %{_prefix}/lib instead of %{_libexecdir}: obs services are explicitly looked for at this location. This update was imported from the openSUSE:Leap:15.1:Update update project. spec-cleaner-1.2.1-bp151.3.24.1.noarch.rpm spec-cleaner-1.2.1-bp151.3.24.1.src.rpm spec-cleaner-format_spec_file-1.2.1-bp151.3.24.1.noarch.rpm openSUSE-2020-1639 moderate openSUSE Backports SLE-15-SP1 Update This update for libdlm fixes the following issues: - Add dependency relationship between 'libdlm' and 'dlm-kmp'. (bsc#1121380) - Add notes in 'dlm.conf' man page. (bsc#1175812) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libdlm-4.0.7-bp151.2.3.1.src.rpm libdlm-4.0.7-bp151.2.3.1.x86_64.rpm libdlm-devel-4.0.7-bp151.2.3.1.x86_64.rpm libdlm3-4.0.7-bp151.2.3.1.x86_64.rpm libdlm-4.0.7-bp151.2.3.1.aarch64.rpm libdlm-devel-4.0.7-bp151.2.3.1.aarch64.rpm libdlm3-4.0.7-bp151.2.3.1.aarch64.rpm libdlm-4.0.7-bp151.2.3.1.ppc64le.rpm libdlm-devel-4.0.7-bp151.2.3.1.ppc64le.rpm libdlm3-4.0.7-bp151.2.3.1.ppc64le.rpm libdlm-4.0.7-bp151.2.3.1.s390x.rpm libdlm-devel-4.0.7-bp151.2.3.1.s390x.rpm libdlm3-4.0.7-bp151.2.3.1.s390x.rpm openSUSE-2020-1647 important openSUSE Backports SLE-15-SP1 Update This update for kdeconnect-kde fixes the following issues: kdeconnect-kde was updated to fix various security issues in its default enabled network service (CVE-2020-26164, boo#1176268): This update was imported from the openSUSE:Leap:15.1:Update update project. kdeconnect-kde-1.3.3-bp151.4.3.1.src.rpm kdeconnect-kde-1.3.3-bp151.4.3.1.x86_64.rpm kdeconnect-kde-lang-1.3.3-bp151.4.3.1.noarch.rpm kdeconnect-kde-1.3.3-bp151.4.3.1.aarch64.rpm kdeconnect-kde-1.3.3-bp151.4.3.1.ppc64le.rpm kdeconnect-kde-1.3.3-bp151.4.3.1.s390x.rpm openSUSE-2020-1652 moderate openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: nextcloud version 20.0.0 fix some security issues: - NC-SA-2020-037 PIN for passwordless WebAuthm is asked for but not verified - NC-SA-2020-033 (CVE-2020-8228) Missing rate limit on signup page - NC-SA-2020-029 (CVE-2020-8233, boo#1177346) Re-Sharing allows increase of privileges - NC-SA-2020-026 Passowrd of share by mail is not hashed when given on the create share call - NC-SA-2020-023 Increase random used for encryption - Update to 19.0.3 - Fix possible leaking scope in Flow (server#22410) - Combine body-login rules in theming and fix twofactor and guest styling on bright colors (server#22427) - Show better quota warning for group folders and external storage (server#22442) - Add php docs build script (server#22448) - Fix clicks on actions menu of non opaque file rows in acceptance tests (server#22503) - Fix writing BLOBs to postgres with recent contacts interaction (server#22515) - Set the mount id before calling storage wrapper (server#22519) - Fix S3 error handling (server#22521) - Only disable zip64 if the size is known (server#22537) - Change free space calculation (server#22553) - Do not keep the part file if the forbidden exception has no retry set (server#22560) - Fix app password updating out of bounds (server#22569) - Use the correct root to determinate the webroot for the resource (server#22579) - Upgrade icewind/smb to 3.2.7 (server#22581) - Bump elliptic from 6.4.1 to 6.5.3 (notifications#732) - Fixes regression that prevented you from toggling the encryption flag (privacy#489) - Match any non-whitespace character in filesystem pattern (serverinfo#229) - Catch StorageNotAvailable exceptions (text#1001) - Harden read only check on public endpoints (text#1017) - Harden check when using token from memcache (text#1020) - Sessionid is an int (text#1029) - Only overwrite Ctrl-f when text is focussed (text#990) - Set the X-Requested-With header on dav requests (viewer#582) - Update to 19.0.2 - [stable19] lower minimum search length to 2 characters (server#21782) - [stable19] Call openssl_pkey_export with $config and log errors. (server#21804) - [stable19] Improve error reporting on sharing errors (server#21806) - [stable19] Do not log RequestedRangeNotSatisfiable exceptions in DAV (server#21840) - [stable19] Fix parsing of language code (server#21857) - [stable19] fix typo in revokeShare() (server#21876) - [stable19] Discourage webauthn user interaction (server#21917) - [stable19] Encryption is ready if master key is enabled (server#21935) - [stable19] Disable fragile comments tests (server#21939) - [stable19] Do not double encode the userid in webauthn login (server#21953) - [stable19] update icewind/smb to 3.2.6 (server#21955) - [stable19] Respect default share permissions (server#21967) - [stable19] allow admin to configure the max trashbin size (server#21975) - [stable19] Fix risky test in twofactor_backupcodes (server#21978) - [stable19] Fix PHPUnit deprecation warnings (server#21981) - [stable19] fix moving files from external storage to object store trashbin (server#21983) - [stable19] Ignore whitespace in sharing by mail (server#21991) - [stable19] Properly fetch translation for remote wipe confirmation dialog (server#22036) - [stable19] parse_url returns null in case a parameter is not found (server#22044) - Bump elliptic from 6.5.2 to 6.5.3 (server#22050) - [stable19] Correctly remove usergroup shares on removing group members (server#22053) - [stable19] Fix height to big for iPhone when using many apps (server#22064) - [stable19] reset the cookie internally in new API when abandoning paged results op (server#22069) - [stable19] Add Guzzle's InvalidArgumentException (server#22070) - [stable19] contactsmanager shall limit number of results early (server#22091) - [stable19] Fix browser freeze on long password input (server#22094) - [stable19] Search also the email and displayname in user mangement for groups (server#22118) - [stable19] Ensured large image is unloaded from memory when generating previews (server#22121) - [stable19] fix display of remote users in incoming share notifications (server#22131) - [stable19] Reuse cache for directory mtime/size if filesystem changes can be ignored (server#22171) - [stable19] Remove unexpected argument (server#22178) - [stable19] Do not exit if available space cannot be determined on file transfer (server#22181) - [stable19] Fix empty 'more' apps navigation after installing an app (server#22183) - [stable19] Fix default log_rotate_size in config.sample.php (server#22192) - [stable19] shortcut in reading nested group members when IN_CHAIN is available (server#22203) - [stable19] Fix chmod on file descriptor (server#22208) - [stable19] Do clearstatcache() on rmdir (server#22209) - [stable19] SSE enhancement of file signature (server#22210) - [stable19] remove logging message carrying no valuable information (server#22215) - [stable19] Add app config option to disable "Email was changed by admin" activity (server#22232) - [stable19] Delete chunks if the move on an upload failed (server#22239) - [stable19] Silence duplicate session warnings (server#22247) - [3rdparty] Doctrine: Fix unquoted stmt fragments backslash escaping (server#22252) - [stable19] Allow to disable share emails (server#22300) - [stable19] Show disabled user count in occ user:report (server#22302) - Bump 3rdparty to last stable19 commit (server#22303) - [stable19] fixing a logged deprecation message (server#22309) - [stable19] CalDAV: Add ability to limit sharing to owner (server#22333) - [stable19] Only copy the link when updating a share or no password was forced (server#22337) - [stable19] Remove encryption option for nextcloud external storage (server#22341) - [stable19] l10n:Correct appid for WebAuthn (server#22348) - [stable19] Properly search for users when limittogroups is enabled (server#22355) - [stable19] SSE: make legacy format opt in (server#22381) - [stable19] Update the CRL (server#22387) - [stable19] Fix missing FN from federated contact (server#22400) - [stable19] fix event icon sizes and text alignment (server#22414) - [stable19] Bump stecman/symfony-console-completion from 0.8.0 to 0.11.0 (3rdparty#457) - [stable19] Add Guzzle's InvalidArgumentException (3rdparty#474) - [stable19] Doctrine: Fix unquoted stmt fragments backslash escaping (3rdparty#486) - [stable19] Fix cypress (viewer#545) - Move to webpack vue global config & bump deps (viewer#558) - Update to 19.0.1 - Security update Fix (CVE-2020-8183, NC-SA-2020-026, CWE-256) A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call. - Update to 19.0.0 * Changes Nextcloud Hub v19, code name “home office”, represents a big step forward for remote collaboration in teams. This release brings document collaboration to video chats, introduces password-less login and improves performance. As this is a major release, the changelog is too long to put here. Users can look at github milestones to find what has been merged. A quick overview of what is new: - password-less authentication and many other security measures - Talk 9 with built-in office document editing courtesy of Collabora, a grid view & more - MUCH improved performance, Deck integration in Calendar, guest account groups and more! nextcloud-20.0.0-bp151.3.12.1.noarch.rpm nextcloud-20.0.0-bp151.3.12.1.src.rpm openSUSE-2020-1668 moderate openSUSE Backports SLE-15-SP1 Update This update for krename fixes the following issues: Changes in krename: - fixed krename not terminating after renaming (boo#1177221, kde#395084) - Add support for exiv2-0.27: This update was imported from the openSUSE:Leap:15.1:Update update project. krename-5.0.0-bp151.4.3.1.src.rpm krename-5.0.0-bp151.4.3.1.x86_64.rpm krename-5.0.0-bp151.4.3.1.aarch64.rpm krename-5.0.0-bp151.4.3.1.ppc64le.rpm krename-5.0.0-bp151.4.3.1.s390x.rpm openSUSE-2020-1674 important openSUSE Backports SLE-15-SP1 Update This update for icingaweb2 fixes the following issues: - icingaweb2 was updated to 2.7.4 * CVE-2020-24368: Fixed a path Traversal which could have allowed an attacker to access arbitrary files which are readable by the process running (boo#1175530). icingacli-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-2.7.4-bp151.5.6.1.src.rpm icingaweb2-common-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-HTMLPurifier-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-JShrink-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-Parsedown-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-dompdf-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-lessphp-2.7.4-bp151.5.6.1.noarch.rpm icingaweb2-vendor-zf1-2.7.4-bp151.5.6.1.noarch.rpm php-Icinga-2.7.4-bp151.5.6.1.noarch.rpm openSUSE-2020-1675 important openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin fixes the following issues: - phpMyAdmin was updated to 4.9.6 * CVE-2020-26934: Fixed an XSS relating to the transformation feature (boo#1177561). * CVE-2020-26935: Fixed an SQL injection in SearchController (boo#1177562). phpMyAdmin-4.9.6-bp151.3.18.1.noarch.rpm phpMyAdmin-4.9.6-bp151.3.18.1.src.rpm openSUSE-2020-1697 moderate openSUSE Backports SLE-15-SP1 Update This update for vlc fixes the following issues: Update to 3.0.11.1: * Fixed HLS playlist update mechanism, unable to start in some cases. * Because of broken HLS servers, adaptive no longer considers Content-Type as authoritative. * Fixed handling of WEBM WebVTT subtitles * Workaround invalid ADTS in TS from Makito encoders * Fixed Opus when using avformat demuxer * Fixed inverted explicit start/end positioning * Fix listing of media on certain Panasonic recorders discovered via UPnP * Updated gnutls to 3.6.14 * Updated libebml to 1.4.0 * Updated libmatroska to 1.6.0 * Updated mpg123 to 1.26.2 Update to version 3.0.11: + Access: rtp descriptor leak on error fix. + Demux: * Fixed regression with some encrypted HLS streams. * Live HLS delay until first update fix. * HLS rendition switch regression fix. * Fix imprecise m4a seek. + Decoder: Fixed missing captions with some capture cards. + Audio filters: soxr resampling fixes. + Contribs: * Updated libfaad to 2.9.2 (Parametric Stereo regression). * Updated libarchive to 3.4.2. + Audio Output: Fix sound not coming back after a pause with CoreAudio (macOS/iOS). + Misc: Update Youtube script. - Package arm neon plugins - Update to version 3.0.10: + Misc: Update Twitch & VLSub scripts. This update was imported from the openSUSE:Leap:15.1:Update update project. libvlc5-3.0.11.1-bp151.5.9.1.x86_64.rpm libvlccore9-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-3.0.11.1-bp151.5.9.1.src.rpm vlc-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-codec-gstreamer-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-devel-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-jack-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-lang-3.0.11.1-bp151.5.9.1.noarch.rpm vlc-noX-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-opencv-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-qt-3.0.11.1-bp151.5.9.1.x86_64.rpm vlc-vdpau-3.0.11.1-bp151.5.9.1.x86_64.rpm openSUSE-2020-1711 moderate openSUSE Backports SLE-15-SP1 Update This update for hylafax+ fixes the following issues: Changes in hylafax+: - CVE-2020-8024: Fixed problematic permissions that allowed escalation from uucp to other users (boo#1172731) This update was imported from the openSUSE:Leap:15.1:Update update project. hylafax+-7.0.3-bp151.6.8.1.src.rpm hylafax+-7.0.3-bp151.6.8.1.x86_64.rpm hylafax+-client-7.0.3-bp151.6.8.1.x86_64.rpm libfaxutil7_0_3-7.0.3-bp151.6.8.1.x86_64.rpm hylafax+-7.0.3-bp151.6.8.1.aarch64.rpm hylafax+-client-7.0.3-bp151.6.8.1.aarch64.rpm libfaxutil7_0_3-7.0.3-bp151.6.8.1.aarch64.rpm hylafax+-7.0.3-bp151.6.8.1.ppc64le.rpm hylafax+-client-7.0.3-bp151.6.8.1.ppc64le.rpm libfaxutil7_0_3-7.0.3-bp151.6.8.1.ppc64le.rpm hylafax+-7.0.3-bp151.6.8.1.s390x.rpm hylafax+-client-7.0.3-bp151.6.8.1.s390x.rpm libfaxutil7_0_3-7.0.3-bp151.6.8.1.s390x.rpm openSUSE-2020-1820 moderate openSUSE Backports SLE-15-SP1 Update This update for icinga2 fixes the following issues: - Info that since version 2.12.0 following security issue is fixed: prepare-dirs script allows for symlink attack in the icinga user context. boo#1172171 (CVE-2020-14004) Update to 2.12.1: * Bugfixes + Core - Fix crashes during config update #8348 #8345 - Fix crash while removing a downtime #8228 - Ensure the daemon doesn't get killed by logrotate #8170 - Fix hangup during shutdown #8211 - Fix a deadlock in Icinga DB #8168 - Clean up zombie processes during reload #8376 - Reduce check latency #8276 + IDO - Prevent unnecessary IDO updates #8327 #8320 - Commit IDO MySQL transactions earlier #8349 - Make sure to insert IDO program status #8330 - Improve IDO queue stats logging #8271 #8328 #8379 + Misc - Ensure API connections are closed properly #8293 - Prevent unnecessary notifications #8299 - Don't skip null values of command arguments #8174 - Fix Windows .exe version #8234 - Reset Icinga check warning after successful config update #8189 Update to 2.12.0: * Breaking changes - Deprecate Windows plugins in favor of our - PowerShell plugins #8071 - Deprecate Livestatus #8051 - Refuse acknowledging an already acknowledged checkable #7695 - Config lexer: complain on EOF in heredocs, i.e. {{{abc<EOF> #7541 * Enhancements + Core - Implement new database backend: Icinga DB #7571 - Re-send notifications previously suppressed by their time periods #7816 + API - Host/Service: Add acknowledgement_last_change and next_update attributes #7881 #7534 - Improve error message for POST queries #7681 - /v1/actions/remove-comment: let users specify themselves #7646 - /v1/actions/remove-downtime: let users specify themselves #7645 - /v1/config/stages: Add 'activate' parameter #7535 + CLI - Add pki verify command for better TLS certificate troubleshooting #7843 - Add OpenSSL version to 'Build' section in --version #7833 - Improve experience with 'Node Setup for Agents/Satellite' #7835 + DSL - Add get_template() and get_templates() #7632 - MacroProcessor::ResolveArguments(): skip null argument values #7567 - Fix crash due to dependency apply rule with ignore_on_error and non-existing parent #7538 - Introduce ternary operator (x ? y : z) #7442 - LegacyTimePeriod: support specifying seconds #7439 - Add support for Lambda Closures (() use(x) => x and () use(x) => { return x }) #7417 + ITL - Add notemp parameter to oracle health #7748 - Add extended checks options to snmp-interface command template #7602 - Add file age check for Windows command definition #7540 + Docs - Development: Update debugging instructions #7867 - Add new API clients #7859 - Clarify CRITICAL vs. UNKNOWN #7665 - Explicitly explain how to disable freshness checks #7664 - Update installation for RHEL/CentOS 8 and SLES 15 #7640 - Add Powershell example to validate the certificate #7603 + Misc - Don't send event::Heartbeat to unauthenticated peers #7747 - OpenTsdbWriter: Add custom tag support #7357 * Bugfixes + Core - Fix JSON-RPC crashes #7532 #7737 - Fix zone definitions in zones #7546 - Fix deadlock during start on OpenBSD #7739 - Consider PENDING not a problem #7685 - Fix zombie processes after reload #7606 - Don't wait for checks to finish during reload #7894 + Cluster - Fix segfault during heartbeat timeout with clients not yet signed #7970 - Make the config update process mutually exclusive (Prevents file system race conditions) #7936 - Fix check_timeout not being forwarded to agent command endpoints #7861 - Config sync: Use a more friendly message when configs are equal and don't need a reload #7811 - Fix open connections when agent waits for CA approval #7686 - Consider a JsonRpcConnection alive on a single byte of TLS payload, not only on a whole message #7836 - Send JsonRpcConnection heartbeat every 20s instead of 10s #8102 - Use JsonRpcConnection heartbeat only to update connection liveness (m_Seen) #8142 - Fix TLS context not being updated on signed certificate messages on agents #7654 + API - Close connections w/o successful TLS handshakes after 10s #7809 - Handle permission exceptions soon enough, returning 404 #7528 + SELinux - Fix safe-reload #7858 - Allow direct SMTP notifications #7749 + Windows - Terminate check processes with UNKNOWN state on timeout #7788 - Ensure that log replay files are properly renamed #7767 + Metrics - Graphite/OpenTSDB: Ensure that reconnect failure is detected #7765 - Always send 0 as value for thresholds #7696 + Scripts - Fix notification scripts to stay compatible with Dash #7706 - Fix bash line continuation in mail-host-notification.sh #7701 - Fix notification scripts string comparison #7647 - Service and host mail-notifications: Add line-breaks to very long output #6822 - Set correct UTF-8 email subject header (RFC1342) #6369 + Misc - DSL: Fix segfault due to passing null as custom function to Array#{sort,map,reduce,filter,any,all}() #8053 - CLI: pki save-cert: allow to specify --key and --cert for backwards compatibility #7995 - Catch exception when trusted cert is not readable during node setup on agent/satellite #7838 - CheckCommand ssl: Fix wrong parameter -N #7741 - Code quality fixes - Small documentation fixes - Update to 2.11.5 Version 2.11.5 fixes file system race conditions in the config update process occurring in large HA environments and improves the cluster connection liveness mechanisms. * Bugfixes + Make the config update process mutually exclusive (Prevents file system race conditions) #8093 + Consider a JsonRpcConnection alive on a single byte of TLS payload, not only on a whole message #8094 + Send JsonRpcConnection heartbeat every 20s instead of 10s #8103 + Use JsonRpcConnection heartbeat only to update connection liveness (m_Seen) #8097 - Update to 2.11.4 Version 2.11.4 fixes a crash during a heartbeat timeout with clients not yet signed. It also resolves an issue with endpoints not reconnecting after a reload/deploy, which caused a lot of UNKNOWN states. * Bugfixes + Cluster - Fix segfault during heartbeat timeout with clients not yet signed #7997 - Fix endpoints not reconnecting after reload (UNKNOWN hosts/services after reload) #8043 + Setup - Fix exception on trusted cert not readable during node setup #8044 - prepare-dirs: Only set permissions during directory creation #8046 + DSL - Fix segfault on missing compare function in Array functions (sort, map, reduce, filter, any, all) #8054 - Update to 2.11.3 * Bugfixes - Cluster Fix JSON-RPC crashes (#7532) in large environments: #7846 #7848 #7849 - Set minimum require boost version to 1.66 - Fix boo#1159869 Permission error when use the icinga cli wizard. - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Aloow OBS to shortcut through the -mini flavors. - Update to 2.11.2 This release fixes a problem where the newly introduced config sync "check-change-then-reload" functionality could cause endless reload loops with agents. The most visible parts are failing command endpoint checks with "not connected" UNKNOWN state. Only applies to HA enabled zones with 2 masters and/or 2 satellites. * Bugfixes - Cluster Config Sync - Config sync checksum change detection may not work within high load HA clusters #7565 - Update to 2.11.1 This release fixes a hidden long lasting bug unveiled with 2.11 and distributed setups. If you are affected by agents/satellites not accepting configuration anymore, or not reloading, please upgrade. * Bugfixes - Cluster Config Sync - Never accept authoritative config markers from other instances #7552 - This affects setups where agent/satellites are newer than the config master, e.g. satellite/agent=2.11.0, master=2.10. - Configuration - Error message for command_endpoint should hint that zone is not set #7514 - Global variable 'ActiveStageOverride' has been set implicitly via 'ActiveStageOverride ... #7521 * Documentation - Docs: Add upgrading/troubleshooting details for repos, config sync, agents #7526 - Explain repository requirements for 2.11: https://icinga.com/docs/icinga2/latest/doc/16-upgrading-icinga-2/#added-boost-166 - command_endpoint objects require a zone: https://icinga.com/docs/icinga2/latest/doc/16-upgrading-icinga-2/#agent-hosts-with-command-endpoint-require-a-zone - Zones declared in zones.d are not loaded anymore: https://icinga.com/docs/icinga2/latest/doc/16-upgrading-icinga-2/#config-sync-zones-in-zones - Update to 2.11.0 * Core - Rewrite Network Stack (cluster, REST API) based on Boost Asio, Beast, Coroutines - Technical concept: #7041 - Requires package updates: Boost >1.66 (either from packages.icinga.com, EPEL or backports). SLES11 & Ubuntu 14 are EOL. - Require TLS 1.2 and harden default cipher list - Improved Reload Handling (umbrella process, now 3 processes at runtime) - Support running Icinga 2 in (Docker) containers natively in foreground - Quality: Use Modern JSON for C++ library instead of YAJL (dead project) - Quality: Improve handling of invalid UTF8 strings * API - Fix crashes on Linux, Unix and Windows from Nessus scans #7431 - Locks and stalled waits are fixed with the core rewrite in #7071 - schedule-downtime action supports all_services for host downtimes - Improve storage handling for runtime created objects in the _api package * Cluster - HA aware features & improvements for failover handling #2941 #7062 - Improve cluster config sync with staging #6716 - Fixed that same downtime/comment objects would be synced again in a cluster loop #7198 * Checks & Notifications - Ensure that notifications during a restart are sent - Immediately notify about a problem after leaving a downtime and still NOT-OK - Improve reload handling and wait for features/metrics - Store notification command results and sync them in HA enabled zones #6722 * DSL/Configuration - Add getenv() function - Fix TimePeriod range support over midnight - concurrent_checks in the Checker feature has no effect, use the global MaxConcurrentChecks constant instead * CLI - Permissions: node wizard/setup, feature, api setup now run in the Icinga user context, not root - ca list shows pending CSRs by default, ca remove/restore allow to delete signing requests * ITL - Add new commands and missing attributes * Windows - Update bundled NSClient++ to 0.5.2.39 - Refine agent setup wizard & update requirements to .NET 4.6 * Documentation - Service Monitoring: How to create plugins by example, check commands and a modern version of the supported plugin API with best practices - Features: Better structure on metrics, and supported features - Technical Concepts: TLS Network IO, Cluster Feature HA, Cluster Config Sync - Development: Rewritten for better debugging and development experience for contributors including a style guide. Add nightly build setup instructions. - Packaging: INSTALL.md was integrated into the Development chapter, being available at https://icinga.com/docs too. - Update to 2.10.6 * Bugfixes - Fix el7 not loading ECDHE cipher suites #7247 - update to 2.10.5 * Core - Fix crashes with logrotate signals #6737 (thanks Elias Ohm) * API - Fix crashes and problems with permission filters from recent Namespace introduction #6785 (thanks Elias Ohm) #6874 (backported from 2.11) - Reduce log spam with locked connections (real fix is the network stack rewrite in 2.11) #6877 * Cluster - Fix problems with replay log rotation and storage #6932 (thanks Peter Eckel) * IDO DB - Fix that reload shutdown deactivates hosts and hostgroups (introduced in 2.9) #7157 * Documentation - Improve the REST API chapter: Unix timestamp handling, filters, unify POST requests with filters in the body - Better layout for the features chapter, specifically metrics and events - Split object types into monitoring, runtime, features - Add technical concepts for cluster messages icinga2-2.12.1-bp151.3.3.4.src.rpm icinga2-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-bin-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-common-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-doc-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-ido-mysql-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-ido-pgsql-2.12.1-bp151.3.3.4.x86_64.rpm nano-icinga2-2.12.1-bp151.3.3.4.x86_64.rpm vim-icinga2-2.12.1-bp151.3.3.4.x86_64.rpm icinga2-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-bin-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-common-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-doc-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-ido-mysql-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-ido-pgsql-2.12.1-bp151.3.3.4.aarch64.rpm nano-icinga2-2.12.1-bp151.3.3.4.aarch64.rpm vim-icinga2-2.12.1-bp151.3.3.4.aarch64.rpm icinga2-2.12.1-bp151.3.3.4.ppc64le.rpm icinga2-bin-2.12.1-bp151.3.3.4.ppc64le.rpm icinga2-common-2.12.1-bp151.3.3.4.ppc64le.rpm icinga2-doc-2.12.1-bp151.3.3.4.ppc64le.rpm icinga2-ido-mysql-2.12.1-bp151.3.3.4.ppc64le.rpm icinga2-ido-pgsql-2.12.1-bp151.3.3.4.ppc64le.rpm nano-icinga2-2.12.1-bp151.3.3.4.ppc64le.rpm vim-icinga2-2.12.1-bp151.3.3.4.ppc64le.rpm openSUSE-2020-1715 critical openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: -chromium was updated to 86.0.4240.75 (boo#1177408): - CVE-2020-15967: Fixed Use after free in payments. - CVE-2020-15968: Fixed Use after free in Blink. - CVE-2020-15969: Fixed Use after free in WebRTC. - CVE-2020-15970: Fixed Use after free in NFC. - CVE-2020-15971: Fixed Use after free in printing. - CVE-2020-15972: Fixed Use after free in audio. - CVE-2020-15990: Fixed Use after free in autofill. - CVE-2020-15991: Fixed Use after free in password manager. - CVE-2020-15973: Fixed Insufficient policy enforcement in extensions. - CVE-2020-15974: Fixed Integer overflow in Blink. - CVE-2020-15975: Fixed Integer overflow in SwiftShader. - CVE-2020-15976: Fixed Use after free in WebXR. - CVE-2020-6557: Fixed Inappropriate implementation in networking. - CVE-2020-15977: Fixed Insufficient data validation in dialogs. - CVE-2020-15978: Fixed Insufficient data validation in navigation. - CVE-2020-15979: Fixed Inappropriate implementation in V8. - CVE-2020-15980: Fixed Insufficient policy enforcement in Intents. - CVE-2020-15981: Fixed Out of bounds read in audio. - CVE-2020-15982: Fixed Side-channel information leakage in cache. - CVE-2020-15983: Fixed Insufficient data validation in webUI. - CVE-2020-15984: Fixed Insufficient policy enforcement in Omnibox. - CVE-2020-15985: Fixed Inappropriate implementation in Blink. - CVE-2020-15986: Fixed Integer overflow in media. - CVE-2020-15987: Fixed Use after free in WebRTC. - CVE-2020-15992: Fixed Insufficient policy enforcement in networking. - CVE-2020-15988: Fixed Insufficient policy enforcement in downloads. - CVE-2020-15989: Fixed Uninitialized Use in PDFium. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-86.0.4240.75-bp151.3.113.1.x86_64.rpm chromium-86.0.4240.75-bp151.3.113.1.src.rpm chromium-86.0.4240.75-bp151.3.113.1.x86_64.rpm gn-0.1807-bp151.3.6.1.src.rpm gn-0.1807-bp151.3.6.1.x86_64.rpm gn-debuginfo-0.1807-bp151.3.6.1.x86_64.rpm gn-debugsource-0.1807-bp151.3.6.1.x86_64.rpm chromedriver-86.0.4240.75-bp151.3.113.1.aarch64.rpm chromium-86.0.4240.75-bp151.3.113.1.aarch64.rpm gn-0.1807-bp151.3.6.1.aarch64.rpm gn-debuginfo-0.1807-bp151.3.6.1.aarch64.rpm gn-debugsource-0.1807-bp151.3.6.1.aarch64.rpm gn-0.1807-bp151.3.6.1.ppc64le.rpm gn-debuginfo-0.1807-bp151.3.6.1.ppc64le.rpm gn-debugsource-0.1807-bp151.3.6.1.ppc64le.rpm gn-0.1807-bp151.3.6.1.s390x.rpm gn-debuginfo-0.1807-bp151.3.6.1.s390x.rpm gn-debugsource-0.1807-bp151.3.6.1.s390x.rpm openSUSE-2020-1738 important openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin fixes the following issues: phpMyAdmin 4.9.7 (boo#1177842): * Fix two factor authentication that was broken in 4.9.6 * Fix incompatibilities with older PHP versions This update was imported from the openSUSE:Leap:15.1:Update update project. phpMyAdmin-4.9.7-bp151.3.21.1.noarch.rpm phpMyAdmin-4.9.7-bp151.3.21.1.src.rpm openSUSE-2020-1731 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 86.0.4240.111 boo#1177936 - CVE-2020-16000: Inappropriate implementation in Blink. - CVE-2020-16001: Use after free in media. - CVE-2020-16002: Use after free in PDFium. - CVE-2020-15999: Heap buffer overflow in Freetype. - CVE-2020-16003: Use after free in printing. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-86.0.4240.111-bp151.3.116.1.x86_64.rpm chromium-86.0.4240.111-bp151.3.116.1.src.rpm chromium-86.0.4240.111-bp151.3.116.1.x86_64.rpm chromedriver-86.0.4240.111-bp151.3.116.1.aarch64.rpm chromium-86.0.4240.111-bp151.3.116.1.aarch64.rpm openSUSE-2020-1754 moderate openSUSE Backports SLE-15-SP1 Update This update for kleopatra fixes the following issues: - CVE-2020-24972: Add upstream patch to prevent potential arbitrary code execution (boo#1177932): This update was imported from the openSUSE:Leap:15.1:Update update project. kleopatra-18.12.3-bp151.3.3.1.src.rpm kleopatra-18.12.3-bp151.3.3.1.x86_64.rpm kleopatra-lang-18.12.3-bp151.3.3.1.noarch.rpm kleopatra-18.12.3-bp151.3.3.1.aarch64.rpm kleopatra-18.12.3-bp151.3.3.1.ppc64le.rpm kleopatra-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2020-1805 moderate openSUSE Backports SLE-15-SP1 Update This update for gettext-runtime fixes the following issues: - Fix for an issue when 'xgettext' crashes during creating a 'POT' file. (bsc#1176142) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. gettext-csharp-0.19.8.1-bp151.5.1.src.rpm gettext-csharp-0.19.8.1-bp151.5.1.x86_64.rpm gettext-csharp-0.19.8.1-bp151.5.1.aarch64.rpm gettext-csharp-0.19.8.1-bp151.5.1.ppc64le.rpm openSUSE-2020-1779 moderate openSUSE Backports SLE-15-SP1 Update This update for netcdf-fortran fixes the following issues: - The convention is to use the module name 'pnetcdf' for Parallel-NetCDF (called PnetCDF now). - Fix ldconfig args for HPC packages: no caching should be done as the libs are made available via LD_LIBRARY_PATH. - Add serial HPC build flavor. (bsc#1174177) - For loading serial module, run 'module load netcdf-fortran' for an MPI variant use 'module load pnetcdf-fortran'. - Gfortran from gcc-10 requires -std=legacy to build the Fortran code in netcdf-fortran. (bsc#1173598) This update for netcdf fixes the following issues: - Make environment module name conform standards: NetCDF modules should be called 'netcdf' - regardless whether they are 'serial' or use MPI. (bsc#1174291) This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.x86_64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.x86_64.rpm netcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.6.1.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.6.1.x86_64.rpm libnetcdf13-4.6.1-bp151.5.6.1.x86_64.rpm netcdf-4.6.1-bp151.5.6.1.src.rpm netcdf-4.6.1-bp151.5.6.1.x86_64.rpm netcdf-devel-4.6.1-bp151.5.6.1.x86_64.rpm netcdf-devel-data-4.6.1-bp151.5.6.1.x86_64.rpm netcdf-devel-static-4.6.1-bp151.5.6.1.x86_64.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.aarch64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.6.1.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.6.1.aarch64.rpm libnetcdf13-4.6.1-bp151.5.6.1.aarch64.rpm libnetcdf13-64bit-4.6.1-bp151.5.6.1.aarch64_ilp32.rpm netcdf-4.6.1-bp151.5.6.1.aarch64.rpm netcdf-devel-4.6.1-bp151.5.6.1.aarch64.rpm netcdf-devel-data-4.6.1-bp151.5.6.1.aarch64.rpm netcdf-devel-static-4.6.1-bp151.5.6.1.aarch64.rpm libnetcdf-gnu-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-gnu-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf-gnu-mpich-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-gnu-mpich-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-mpich-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.6.1.noarch.rpm netcdf-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.6.1.noarch.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.6.1.src.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf13-openmpi-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-openmpi-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-openmpi-4.6.1-bp151.5.6.1.src.rpm netcdf-openmpi-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-openmpi-devel-data-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-openmpi-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm libnetcdf13-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-devel-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-devel-data-4.6.1-bp151.5.6.1.ppc64le.rpm netcdf-devel-static-4.6.1-bp151.5.6.1.ppc64le.rpm openSUSE-2020-1821 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: keepassxc was updated to version 2.6.2 - Added - Add option to keep window always on top to view menu [#5542] - Move show/hide usernames and passwords to view menu [#5542] - Add command line options and environment variables for changing the config locations [#5452] - Include TOTP settings in CSV import/export and add support for ISO datetimes [#5346] - Changed - Mask sensitive information in command execution confirmation prompt [#5542] - SSH Agent: Avoid shortcut conflict on macOS by changing "Add key" to Ctrl+H on all platforms [#5484] - Fixed - Prevent data loss with drag and drop between databases [#5536] - Fix crash when toggling Capslock rapidly [#5545] - Don't mark URL references as invalid URL [#5380] - Reset entry preview after search [#5483] - Set Qt::Dialog flag on database open dialog [#5356] - Fix sorting of database report columns [#5426] - Fix IfDevice matching logic [#5344] - Fix layout issues and a stray scrollbar appearing on top of the entry edit screen [#5424] - Fix tabbing into the notes field [#5424] - Fix password generator ignoring settings on load [#5340] - Restore natural entry sort order on application load [#5438] - Fix paperclip and TOTP columns not saving state [#5327] - Enforce fixed password font in entry preview [#5454] - Add scrollbar when new database wizard exceeds screen size [#5560] - Do not mark database as modified when viewing Auto-Type associations [#5542] - CLI: Fix two heap-use-after-free crashes [#5368, #5470] - Browser: Fix key exchange not working with multiple simultaneous users on Windows [#5485] - Browser: Fix entry retrieval when "only best matching" is enabled [#5316] - Browser: Ignore recycle bin on KeePassHTTP migration [#5481] - KeeShare: Fix import crash [#5542] - macOS: Fix toolbar theming and breadcrumb display issues [#5482] - macOS: Fix file dialog randomly closing [#5479] - macOS: Fix being unable to select OPVault files for import [#5341] keepassxc-2.6.2-bp151.3.21.1.src.rpm keepassxc-2.6.2-bp151.3.21.1.x86_64.rpm keepassxc-lang-2.6.2-bp151.3.21.1.noarch.rpm keepassxc-2.6.2-bp151.3.21.1.aarch64.rpm keepassxc-2.6.2-bp151.3.21.1.ppc64le.rpm keepassxc-2.6.2-bp151.3.21.1.s390x.rpm openSUSE-2020-1806 important openSUSE Backports SLE-15-SP1 Update This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.7 (boo#1177842): * Fix two factor authentication that was broken in 4.9.6 * Fix incompatibilities with older PHP versions Update to 4.9.6: - Fixed XSS relating to the transformation feature (boo#1177561 CVE-2020-26934, PMASA-2020-5) - Fixed SQL injection vulnerability in SearchController (boo#1177562 CVE-2020-26935, PMASA-2020-6) Update to 4.9.5: This is a security release containing several bug fixes. * CVE-2020-10804: SQL injection vulnerability in the user accounts page, particularly when changing a password (boo#1167335, PMASA-2020-2) * CVE-2020-10802: SQL injection vulnerability relating to the search feature (boo#1167336, PMASA-2020-3) * CVE-2020-10803: SQL injection and XSS having to do with displaying results (boo#1167337, PMASA-2020-4) * Removing of the "options" field for the external transformation. phpMyAdmin-4.9.7-bp151.3.24.1.noarch.rpm phpMyAdmin-4.9.7-bp151.3.24.1.src.rpm openSUSE-2020-1822 moderate openSUSE Backports SLE-15-SP1 Update This update for claws-mail fixes the following issues: - Additional cleanup of the template handling claws-mail was updated to 3.17.8 (boo#1177967) * Shielded template's |program{} and |attach_program{} so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands * bug fixes: claws#4376 * updated English, French, and Spanish manuals - Update to 3.17.7 * Image Viewer: Image attachments, when displayed, are now resized to fit the available width rather than the available height. * -d is now an alias to --debug. * Libravatar plugin: New styles supported: Robohash and Pagan. * SpamAssassin plugin: The 'Maximum size' option now matches SpamAssassin's maximum; it can now handle messages up to 256MB. * LiteHTML viewer plugin: The UI is now translatable. Bug fixes: * bug 4313, 'Recursion stack overflow with rebuilding folder tree' * bug 4372, '[pl_PL] Crash after "Send later" without recipient and then "Close"' * bug 4373, 'attach mailto URI double free' * bug 4374, 'insert mailto URI misses checks' * bug 4384, 'U+00AD (soft hyphen) changed to space in Subject' * bug 4386, 'Allow Sieve config without userid without warning' * Add missing SSL settings when cloning accounts. * Parsing of command-line arguments. * PGP Core plugin: fix segv in address completion with a keyring. * Libravatar plugin: fixes to image display. - Disable python-gtk plugin on suse_version > 1500: still relying on python2, which is EOL. - Update to 3.17.6: * It is now possible to 'Inherit Folder properties and processing rules from parent folder' when creating new folders with the move message and copy message dialogues. * A Phishing warning is now shown when copying a phishing URL, (in addition to clicking a phishing URL). * The progress window when importing an mbox file is now more responsive. * A warning dialogue is shown if the selected privacy system is 'None' and automatic signing amd/or encrypting is enabled. * Python plugin: pkgconfig is now used to check for python2. This enables the Python plugin (which uses python2) to be built on newer systems which have both python2 and python3. Bug fixes: * bug 3922, 'minimize to tray on startup not working' * bug 4220, 'generates files in cache without content' * bug 4325, 'Following redirects when retrieving image' * bug 4342, 'Import mbox file command doesn't work twice on a row' * fix STARTTLS protocol violation * fix initial debug line * fix fat-fingered crash when v (hiding msgview) is pressed just before c (check signature) * fix non-translation of some Templates strings - Update to 3.17.5 + Inline Git patches now have colour syntax highlighting The colours of these, and patch attachments, are configurable on the 'Other' tab of the Display/Colors page of the general preferences. + The previously hidden preference, 'summary_from_show', is now configurable within the UI, on the 'Message List' tab of the Display/Summaries page of the general preferences, 'Displayed in From column [ ]'. + 'Re-edit' has been added to the message context menu when in the Drafts folder. + Additional Date header formats are supported: - weekday, month, day, hh, mm, ss, year, zone - weekday, month, day, hh, mm, ss, year + LiteHtml viewer plugin: scrolling with the keyboard has been implemented. + The included tools/scripts have been updated: - eud2gc.py converted to Python 3 - tbird2claws.py converted to Python 3 - tbird2claws.py converted to Python 3 - google_search.pl has been replaced with ddg_search.pl (that is, duckduckgo.com instead of google.com) - fix_date.sh and its documentation have been updated - multiwebsearch.pl 'fm' (freshmeat.net) has been removed; 'google' has been replaced by 'ddg' - the outdated OOo2claws-mail.pl script has been removed + Updated manuals + Updated translations: British English, Catalan, Czech, Danish, Dutch, French, German, Russian, Slovak, Spanish, Swedish, Traditional Chinese, Turkish + bug fixes: claws#2131, claws#4237, claws#4239, claws#4248, claws#4253, claws#4257, claws#4277, claws#4278, claws#4305 + Misc bugs fixed: - Fix crash in litehtml_viewer when tag has no href - removed "The following file has been attached..." dialogue - MBOX import: give a better estimation of the time left and grey out widgets while importing - Fixed "vcard.c:238:2: warning: ‘strncpy’ output truncate before terminating nul copying as many bytes from a string as its length" - RSSyl: Fix handling deleted feed items where modified and published dates do not match - fix bolding of target folder - when creating a new account, don't pre-fill data from the default account - respect 'default selection' settings when moving a msg with manual filtering - Fix printing of empty pages when the selected part is rendered with a plugin not implementing print - Addressbook folder selection dialogs: make sure folder list is sorted and apply global prefs to get stripes in lists. - when user cancels the GPG signing passphrase dialogue, don't bother the user with an "error" dialogue - Fix imap keyword search. Libetpan assumes keyword search is a MUST but RFC states it is a MAY. Fix advanced search on MS Exchange - fix SHIFT+SPACE in msg list, moving in reverse - revert pasting images as attachments - Fix help about command-line arguments that require a parameter. - Printing: only print as plain text if the part is of type text - fix a segfault with default info icon when trying to print a non-text part. - Add a test on build-time libetpan version to require the proper version at run-time (boo#1157594) - Move "Mark all read/unread" menu entries where they belong. remove-MarkAll-from-message-menu.patch (claws#4278) add-MarkAll-to-folder-menu.patch (claws#4278) - Make litehtml plugin build on Tumbleweed. - Update to 3.17.4: * New HTML viewer plugin: Litehtml viewer * Added option 'Enable keyboard shortcuts' to the 'Keyboard shortcuts' frame on /Configuration/Preferences/Other/Miscellaneous * Compose: implemented copying of attached images to clipboard * Compose: images and text/uri-list (files) can now be attached by pasting into the Compose window * Python plugin: window sizes are now remembered for the Python console, the 'Open URLs' and the 'Set mailbox order' windows. * Fancy plugin: the download-link feature now follows redirections * MBOX export: the Enter key in the dialogue now starts the export * The date (ISO format) has been added to log timestamps * Update translations - bug 1920, 'No automatic NNTP filtering' - bug 2045, 'address book blocks focus on email window' - bug 2131, 'Focus stealing after mail check' - bug 2627, 'Filtering does not work on NNTP' - bug 3070, 'misbehaving text wrapping when URL chars are present' - bug 3838, 'Canceled right-click on message list leaves UI in inconsistent state' - bug 3977, 'Fix crashes when some external APIs fail' - bug 3979, 'Hang (with killing needed) during action which extracts attachments' - bug 4029, 'segfault after deleting message in a window' - bug 4031, 'fingerprint in SSL/TLS certificates for ... (regress error)' - bug 4037, 'Fix some small issues' - bug 4142, 'Translation error on Russian' - bug 4145, 'proxy server for sending doesn't work' - bug 4155, 'remember directory of last saving' - bug 4166, 'corrupted double-linked list' - bug 4167, 'Max line length exceeded when forwarding mail' - bug 4188, 'STL file is sent not as an attachment but as its base64 representation in plaintext' - CID 1442278, 'impossible to trigger buffer overflow' - Make key accelerators from menu work in addressbook window - save checkbox choices of display/summaries/defaults prefs - Do not throw an error when cancelling 'Save email as...'. - occasional crash on drag'n'drop of msgs - possible stack overflow in vcalendar's Curl data handler - crash when LDAP address source is defined in index, but - support is disabled - crash in Fancy plugin if one of the MIME parts has no - -ID - a few small memory leaks in scan_mailto_url() - configure script for rare cases where python is not installed - incorrect charset conversion in sc_html_read_line(). - markup in 'key not fully trusted' warning in pgpcore - use after free in rare code path in rssyl_subscribe() - several memory leaks - verify_folderlist_xml() for fresh starts - printf formats for size_t and goffset arguments. - alertpanel API use in win32 part of mimeview.c - pid handling in debug output of kill_children_cb() - incorrect pointer arithmetic in w32_filesel.c claws-mail-3.17.8-bp151.3.6.1.src.rpm claws-mail-3.17.8-bp151.3.6.1.x86_64.rpm claws-mail-devel-3.17.8-bp151.3.6.1.x86_64.rpm claws-mail-lang-3.17.8-bp151.3.6.1.noarch.rpm openSUSE-2020-1810 moderate openSUSE Backports SLE-15-SP1 Update This update for pagure fixes the following issues: - CVE-2019-11556: Fixed XSS via the templates/blame.html blame view (boo#1176987) This update was imported from the openSUSE:Leap:15.1:Update update project. pagure-5.5-bp151.2.3.1.noarch.rpm pagure-5.5-bp151.2.3.1.src.rpm pagure-ci-5.5-bp151.2.3.1.noarch.rpm pagure-ev-5.5-bp151.2.3.1.noarch.rpm pagure-loadjson-5.5-bp151.2.3.1.noarch.rpm pagure-logcom-5.5-bp151.2.3.1.noarch.rpm pagure-milters-5.5-bp151.2.3.1.noarch.rpm pagure-mirror-5.5-bp151.2.3.1.noarch.rpm pagure-theme-chameleon-5.5-bp151.2.3.1.noarch.rpm pagure-theme-default-openSUSE-5.5-bp151.2.3.1.noarch.rpm pagure-theme-default-upstream-5.5-bp151.2.3.1.noarch.rpm pagure-theme-pagureio-5.5-bp151.2.3.1.noarch.rpm pagure-theme-srcfpo-5.5-bp151.2.3.1.noarch.rpm pagure-theme-upstream-5.5-bp151.2.3.1.noarch.rpm pagure-webhook-5.5-bp151.2.3.1.noarch.rpm openSUSE-2020-1812 important openSUSE Backports SLE-15-SP1 Update This update for lout fixes the following issues: - CVE-2019-19918: Fixed buffer overflow in srcnext() (boo#1159713). - CVE-2019-19917: Fixed buffer overflow in StringQuotedWord() (boo#1159714). This update was imported from the openSUSE:Leap:15.1:Update update project. lout-3.40-bp151.2.3.1.src.rpm lout-3.40-bp151.2.3.1.x86_64.rpm lout-3.40-bp151.2.3.1.aarch64.rpm lout-3.40-bp151.2.3.1.ppc64le.rpm lout-3.40-bp151.2.3.1.s390x.rpm openSUSE-2021-120 moderate openSUSE Backports SLE-15-SP1 Update This update for netcdf fixes the following issues: - Make environment module name conform standards: NetCDF modules should be called 'netcdf' - regardless whether they are 'serial' or use MPI. (bsc#1174291) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.x86_64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.x86_64.rpm netcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.noarch.rpm netcdf-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.9.3.noarch.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.src.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.9.3.x86_64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.9.3.x86_64.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.aarch64.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.9.3.aarch64.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.9.3.aarch64.rpm libnetcdf-gnu-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf-gnu-hpc-4.6.1-bp151.5.9.2.noarch.rpm netcdf-gnu-hpc-devel-4.6.1-bp151.5.9.2.noarch.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-hpc-4.6.1-bp151.5.9.2.src.rpm netcdf_4_6_1-gnu-hpc-devel-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-hpc-devel-data-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-hpc-devel-static-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf-gnu-mpich-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf-gnu-mpich-hpc-4.6.1-bp151.5.9.2.noarch.rpm netcdf-gnu-mpich-hpc-devel-4.6.1-bp151.5.9.2.noarch.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-4.6.1-bp151.5.9.2.src.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-mpich-hpc-devel-static-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf-gnu-mvapich2-hpc-4.6.1-bp151.5.9.2.noarch.rpm netcdf-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.9.2.noarch.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-4.6.1-bp151.5.9.2.src.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-mvapich2-hpc-devel-static-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-4.6.1-bp151.5.9.3.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-4.6.1-bp151.5.9.3.ppc64le.rpm netcdf_4_6_1-gnu-openmpi1-hpc-devel-static-4.6.1-bp151.5.9.3.ppc64le.rpm libnetcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf-gnu-openmpi2-hpc-4.6.1-bp151.5.9.2.noarch.rpm netcdf-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.9.2.noarch.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-4.6.1-bp151.5.9.2.src.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-openmpi2-hpc-devel-static-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm libnetcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf-gnu-openmpi3-hpc-4.6.1-bp151.5.9.2.noarch.rpm netcdf-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.9.2.noarch.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-4.6.1-bp151.5.9.2.src.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-4.6.1-bp151.5.9.2.ppc64le.rpm netcdf_4_6_1-gnu-openmpi3-hpc-devel-static-4.6.1-bp151.5.9.2.ppc64le.rpm openSUSE-2020-1834 moderate openSUSE Backports SLE-15-SP1 Update This update for tmux fixes the following issues: - Update to version 3.1c * Fix a stack overflow on colon-separated CSI parsing. boo#1178263 CVE-2020-27347 - tmux 3.1b: * Fix crash when allow-rename ison and an empty name is set - tmux 3.1a: * Do not close stdout prematurely in control mode since it is needed to print exit messages. Prevents hanging when detaching with iTerm2 - includes changes between 3.1-rc1 and 3.1: * Only search the visible part of the history when marking (highlighting) search terms. This is much faster than searching the whole history and solves problems with large histories. The count of matches shown is now the visible matches rather than all matches * Search using regular expressions in copy mode. search-forward and search-backward use regular expressions by default; the incremental versions do not * Turn off mouse mode 1003 as well as the rest when exiting * Add selection_active format for when the selection is present but not moving with the cursor * Fix dragging with modifier keys, so binding keys such as C-MouseDrag1Pane and C-MouseDragEnd1Pane now work * Add -a to list-keys to also list keys without notes with -N * Do not jump to next word end if already on a word end when selecting a word; fixes select-word with single character words and vi(1) keys * Fix top and bottom pane calculation with pane border status enabled - Update to v3.1-rc * Please see the included CHANGES file - Fix tmux completion - Update to v3.0a * A lot of changes since v2.9a, please see the included CHANGES file. - Update to v2.9a - Fix bugs in select-pane and the main-horizontal and main-vertical layouts. - Add trailing newline to tmpfiles.d/tmux.conf. On newer systems (such as Leap 15.1), the lack of a trailing newline appears to cause the directory to not be created. This is only evident on setups where /run is an actual tmpfs (on btrfs-root installs, /run is a btrfs subvolume and thus /run/tmux is persistent across reboots). - Update to version 2.9 * Add format variables for the default formats in the various modes (tree_mode_format and so on) and add a -a flag to display-message to list variables with values. * Add a -v flag to display-message to show verbose messages as the format is parsed, this allows formats to be debugged * Add support for HPA (\033[`). * Add support for origin mode (\033[?6h). * No longer clear history on RIS. * Extend the #[] style syntax and use that together with previous format changes to allow the status line to be entirely configured with a single option. * Add E: and T: format modifiers to expand a format twice (useful to expand the value of an option). * The individual -fg, -bg and -attr options have been removed; they were superseded by -style options in tmux 1.9. * Add -b to display-panes like run-shell. * Handle UTF-8 in word-separators option. * New "terminal" colour allowing options to use the terminal default colour rather than inheriting the default from a parent option. * Do not move the cursor in copy mode when the mouse wheel is used. * Use the same working directory rules for jobs as new windows rather than always starting in the user's home. * Allow panes to be one line or column in size. * Go to last line when goto-line number is out of range in copy mode. * Yank previously cut text if any with C-y in the command prompt, only use the buffer if no text has been cut. * Add q: format modifier to quote shell special characters. * Add -Z to find-window. * Support for windows larger than the client. This adds two new options, window-size and default-size, and a new command, resize-window. The force-width and force-height options and the session_width and session_height formats have been removed. - update to 2.8 - move bash-completion to right place * Make display-panes block the client until a pane is chosen or it times out. * Clear history on RIS like most other terminals do. * Add an "Any" key to run a command if a key is pressed that is not bound in the current key table. * Expand formats in load-buffer and save-buffer. * Add a rectangle_toggle format. * Add set-hook -R to run a hook immediately. * Add pane focus hooks. * Allow any punctuation as separator for s/x/y not only /. * Improve resizing with the mouse (fix resizing the wrong pane in some layouts, and allow resizing multiple panes at the same time). * Allow , and } to be escaped in formats as #, and #}. * Add KRB5CCNAME to update-environment. * Change meaning of -c to display-message so the client is used if it matches the session given to -t. * Fixes to : form of SGR. * Add x and X to choose-tree to kill sessions, windows or panes. - Add bash completion for tmux - Update to 2.7 * Remove EVENT_* variables from environment on platforms where tmux uses them so they do not pass on to panes. * Fixed for hooks at server exit. * Remove SGR 10 (was equivalent to SGR 0 but no other terminal seems to do this). * Expand formats in window and session names. * Add -Z flag to choose-tree, choose-client, choose-buffer to automatically zoom the pane when the mode is entered and unzoom when it exits, assuming the pane is not already zoomed. This is now part of the default key bindings. * Add C-g to exit modes with emacs keys. * Add exit-empty option to exit server if no sessions (default = on) * Show if a filter is present in choose modes. * Add pipe-pane -I to to connect stdin of the child process. * Performance improvements for reflow. * Use RGB terminfo(5) capability to detect RGB colour terminals (the existing Tc extension remains unchanged). * Support for ISO colon-separated SGR sequences. * Add select-layout -E to spread panes out evenly (bound to E key). * Support wide characters properly when reflowing. * Pass PWD to new panes as a hint to shells, as well as calling chdir(). * Performance improvements for the various choose modes. * Only show first member of session groups in tree mode (-G flag to choose-tree to show all). * Support %else in config files to match %if * Fix "kind" terminfo(5) capability to be S-Down not S-Up. * Add a box around the preview label in tree mode. * Show exit status and time in the remain-on-exit pane text * Correctly use pane-base-index in tree mode. * Change the allow-rename option default to off. * Support for xterm(1) title stack escape sequences * Correctly remove padding cells to fix a UTF-8 display problem - build from release tarball instead of source (drops automake dep) - Bash completion is now removed and provided by - cleanup specfile directory with tmpfiles.d functionality in /run/tmux tmux-3.1c-bp151.4.3.1.src.rpm tmux-3.1c-bp151.4.3.1.x86_64.rpm tmux-3.1c-bp151.4.3.1.aarch64.rpm tmux-3.1c-bp151.4.3.1.ppc64le.rpm tmux-3.1c-bp151.4.3.1.s390x.rpm openSUSE-2020-1831 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo#1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data validation in installer. - CVE-2020-16008: Stack buffer overflow in WebRTC. - CVE-2020-16009: Inappropriate implementation in V8. - CVE-2020-16011: Heap buffer overflow in UI on Windows. chromedriver-86.0.4240.183-bp151.3.119.1.x86_64.rpm chromium-86.0.4240.183-bp151.3.119.1.src.rpm chromium-86.0.4240.183-bp151.3.119.1.x86_64.rpm chromedriver-86.0.4240.183-bp151.3.119.1.aarch64.rpm chromium-86.0.4240.183-bp151.3.119.1.aarch64.rpm openSUSE-2020-1888 moderate openSUSE Backports SLE-15-SP1 Update This update for otrs fixes the following issues: - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434) - CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library - jquery OTRS uses jquery version 3.4.1, which is vulnerable to cross-site scripting (XSS). otrs-6.0.30-bp151.3.9.1.noarch.rpm otrs-6.0.30-bp151.3.9.1.src.rpm otrs-doc-6.0.30-bp151.3.9.1.noarch.rpm otrs-itsm-6.0.30-bp151.3.9.1.noarch.rpm openSUSE-2020-1890 moderate openSUSE Backports SLE-15-SP1 Update This update for torbrowser-launcher fixes the following issues: - Add new non-expired signing key: tor-browser-developers.asc - Add torbrowser-launcher-version-check.patch to fix version checking so that torbrowser version 10.0 is not treated as older than version 9.x [boo#1178299]. This update was imported from the openSUSE:Leap:15.1:Update update project. torbrowser-apparmor-profile-0.3.1-bp151.4.3.1.noarch.rpm torbrowser-launcher-0.3.1-bp151.4.3.1.noarch.rpm torbrowser-launcher-0.3.1-bp151.4.3.1.src.rpm torbrowser-launcher-lang-0.3.1-bp151.4.3.1.noarch.rpm openSUSE-2020-1897 moderate openSUSE Backports SLE-15-SP1 Update This update for sddm fixes the following issue: - Fix X not having access control on startup (boo#1177201, CVE-2020-28049). This update was imported from the openSUSE:Leap:15.1:Update update project. sddm-0.18.0-bp151.4.6.1.src.rpm sddm-0.18.0-bp151.4.6.1.x86_64.rpm sddm-branding-SLE-0.18.0-bp151.4.6.1.x86_64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.6.1.x86_64.rpm sddm-branding-upstream-0.18.0-bp151.4.6.1.x86_64.rpm sddm-0.18.0-bp151.4.6.1.aarch64.rpm sddm-branding-SLE-0.18.0-bp151.4.6.1.aarch64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.6.1.aarch64.rpm sddm-branding-upstream-0.18.0-bp151.4.6.1.aarch64.rpm sddm-0.18.0-bp151.4.6.1.ppc64le.rpm sddm-branding-SLE-0.18.0-bp151.4.6.1.ppc64le.rpm sddm-branding-openSUSE-0.18.0-bp151.4.6.1.ppc64le.rpm sddm-branding-upstream-0.18.0-bp151.4.6.1.ppc64le.rpm sddm-0.18.0-bp151.4.6.1.s390x.rpm sddm-branding-SLE-0.18.0-bp151.4.6.1.s390x.rpm sddm-branding-openSUSE-0.18.0-bp151.4.6.1.s390x.rpm sddm-branding-upstream-0.18.0-bp151.4.6.1.s390x.rpm openSUSE-2020-1955 moderate openSUSE Backports SLE-15-SP1 Update This update for seamonkey fixes the following issues: Seamonkey was requested to be included in Leap 15.1 and 15.2: https://bugzilla.opensuse.org/show_bug.cgi?id=1174300 update appdata files (Bug 1174192): * correct metadata licensing information (most of the application descriptions had been taken from https://www.seamonkey-project.org/doc/features which according to the page footer is licensed under CC-BY-SA-3.0) * update the metadata summary and the introduction in the metadata description to more accurately reflect what SeaMonkey is, giving less prominence to the long-discontinued Mozilla Application Suite that many users may no longer be familiar with * update the metadata name to more accurately reflect the name or purpose of the application * update the metadata URL with the current SeaMonkey website update to SeaMonkey 2.53.3 * The LaTex tool TexZilla, used for inserting Math, has been upgraded to 1.0.2. * It is now possible to customize the toolbars in Composer and the formatting toolbar in Mailnews composition. * All folders of an account can now be marked as read. * There is now an option for not advertizing SeaMonkey at all in the user agent. * The preference for hiding the toolbar and menubar grippies can now be changed from "Preferences->Appearance". * The preference "browser.tabs.autoHide" which autohides the tab bar when there is only one tab in a browser window open has been flipped in bug 1634879. SeaMonkey will now show the tab bar as the default. You can change it back by checking "Hide the tab bar when only one tab is open" in "Preferences->Browser->Tabbed Browsing" * Update of help page content and links. * SeaMonkey language packs are now version specific and will be disabled as part of the profile upgrade following the installation of a later version. * Search Engines have been centralized and updated in bug 1300198. * Address book now has updated IM fields, improved layout for card view pane, improved multi-word search, ability to search across multiple address books, more granular prompts when deleting items, print on the context menus and print button on the toolbar. * Multimedia support has been updated in preparation of supporting more audio video formats in the next releases. For enhanced security the Rust multimedia parser is now used for this and the libstagefright package has been removed. * SeaMonkey 2.53.3 uses the same backend as Firefox and contains the relevant Firefox 60.4 security fixes. * SeaMonkey 2.53.3 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. * Additional important security fixes up to Current Firefox 77 and a few enhancements have been backported. This update was imported from the openSUSE:Leap:15.1:Update update project. seamonkey-2.53.3-bp151.5.3.4.src.rpm seamonkey-2.53.3-bp151.5.3.4.x86_64.rpm seamonkey-translations-common-2.53.3-bp151.5.3.4.x86_64.rpm seamonkey-translations-other-2.53.3-bp151.5.3.4.x86_64.rpm openSUSE-2020-1929 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 86.0.4240.198 (boo#1178703) - CVE-2020-16013: Inappropriate implementation in V8 - CVE-2020-16017: Use after free in site isolation Update to 86.0.4240.193 (boo#1178630) - CVE-2020-16016: Inappropriate implementation in base. chromedriver-86.0.4240.198-bp151.3.122.1.x86_64.rpm chromium-86.0.4240.198-bp151.3.122.1.src.rpm chromium-86.0.4240.198-bp151.3.122.1.x86_64.rpm chromedriver-86.0.4240.198-bp151.3.122.1.aarch64.rpm chromium-86.0.4240.198-bp151.3.122.1.aarch64.rpm openSUSE-2020-1937 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo#1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data validation in installer. - CVE-2020-16008: Stack buffer overflow in WebRTC. - CVE-2020-16009: Inappropriate implementation in V8. - CVE-2020-16011: Heap buffer overflow in UI on Windows. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-86.0.4240.183-bp151.3.125.1.x86_64.rpm chromium-86.0.4240.183-bp151.3.125.1.src.rpm chromium-86.0.4240.183-bp151.3.125.1.x86_64.rpm chromedriver-86.0.4240.183-bp151.3.125.1.aarch64.rpm chromium-86.0.4240.183-bp151.3.125.1.aarch64.rpm openSUSE-2020-1963 moderate openSUSE Backports SLE-15-SP1 Update This update for sddm fixes the following issues: Use a consistent hostname for xauth (boo#1178543): * Make DaemonApp::hostName() return a consistent value * Use it for adding the cookie as well * Also set XAUTHLOCALHOSTNAME for the display setup script and xsetcursor This update was imported from the openSUSE:Leap:15.1:Update update project. sddm-0.18.0-bp151.4.9.1.src.rpm sddm-0.18.0-bp151.4.9.1.x86_64.rpm sddm-branding-SLE-0.18.0-bp151.4.9.1.x86_64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.9.1.x86_64.rpm sddm-branding-upstream-0.18.0-bp151.4.9.1.x86_64.rpm sddm-0.18.0-bp151.4.9.1.aarch64.rpm sddm-branding-SLE-0.18.0-bp151.4.9.1.aarch64.rpm sddm-branding-openSUSE-0.18.0-bp151.4.9.1.aarch64.rpm sddm-branding-upstream-0.18.0-bp151.4.9.1.aarch64.rpm sddm-0.18.0-bp151.4.9.1.ppc64le.rpm sddm-branding-SLE-0.18.0-bp151.4.9.1.ppc64le.rpm sddm-branding-openSUSE-0.18.0-bp151.4.9.1.ppc64le.rpm sddm-branding-upstream-0.18.0-bp151.4.9.1.ppc64le.rpm sddm-0.18.0-bp151.4.9.1.s390x.rpm sddm-branding-SLE-0.18.0-bp151.4.9.1.s390x.rpm sddm-branding-openSUSE-0.18.0-bp151.4.9.1.s390x.rpm sddm-branding-upstream-0.18.0-bp151.4.9.1.s390x.rpm openSUSE-2020-1943 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 86.0.4240.198 (boo#1178703) - CVE-2020-16013: Inappropriate implementation in V8 - CVE-2020-16017: Use after free in site isolation Update to 86.0.4240.193 (boo#1178630) - CVE-2020-16016: Inappropriate implementation in base. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-86.0.4240.198-bp151.3.128.1.x86_64.rpm chromium-86.0.4240.198-bp151.3.128.1.src.rpm chromium-86.0.4240.198-bp151.3.128.1.x86_64.rpm chromedriver-86.0.4240.198-bp151.3.128.1.aarch64.rpm chromium-86.0.4240.198-bp151.3.128.1.aarch64.rpm openSUSE-2020-1970 important openSUSE Backports SLE-15-SP1 Update This update for tor fixes the following issues: Updating tor to a newer version in the respective codestream. - tor 0.3.5.12: * Check channels+circuits on relays more thoroughly (TROVE-2020-005, boo#1178741) * Not affected by out-of-bound memory access (CVE-2020-15572, boo#1173979) * Fix DoS defenses on bridges with a pluggable transport * CVE-2020-10592: CPU consumption DoS and timing patterns (boo#1167013) * CVE-2020-10593: circuit padding memory leak (boo#1167014) - tor 0.4.4.6 * Check channels+circuits on relays more thoroughly (TROVE-2020-005, boo#1178741) * Fix a crash due to an out-of-bound memory access (CVE-2020-15572, boo#1173979) * Fix logrotate to not fail when tor is stopped (boo#1164275) tor-0.3.5.12-bp151.3.6.1.src.rpm tor-0.3.5.12-bp151.3.6.1.x86_64.rpm tor-0.3.5.12-bp151.3.6.1.aarch64.rpm tor-0.3.5.12-bp151.3.6.1.ppc64le.rpm tor-0.3.5.12-bp151.3.6.1.s390x.rpm openSUSE-2020-1981 moderate openSUSE Backports SLE-15-SP1 Update This update for ocfs2-tools fixes the following issues: - Fix for pointing out the default value of mount options. (bsc#1178248) This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. ocfs2-tools-1.8.5-bp151.2.6.1.src.rpm ocfs2-tools-1.8.5-bp151.2.6.1.x86_64.rpm ocfs2-tools-devel-1.8.5-bp151.2.6.1.x86_64.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.6.1.x86_64.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.6.1.x86_64.rpm ocfs2-tools-1.8.5-bp151.2.6.1.aarch64.rpm ocfs2-tools-devel-1.8.5-bp151.2.6.1.aarch64.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.6.1.aarch64.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.6.1.aarch64.rpm ocfs2-tools-1.8.5-bp151.2.6.1.ppc64le.rpm ocfs2-tools-devel-1.8.5-bp151.2.6.1.ppc64le.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.6.1.ppc64le.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.6.1.ppc64le.rpm ocfs2-tools-1.8.5-bp151.2.6.1.s390x.rpm ocfs2-tools-devel-1.8.5-bp151.2.6.1.s390x.rpm ocfs2-tools-devel-static-1.8.5-bp151.2.6.1.s390x.rpm ocfs2-tools-o2cb-1.8.5-bp151.2.6.1.s390x.rpm openSUSE-2020-2010 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 87.0.4280.66 (boo#1178923) - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. - CVE-2020-16021: Race in ImageBurner. - CVE-2020-16022: Insufficient policy enforcement in networking. - CVE-2020-16015: Insufficient data validation in WASM. R - CVE-2020-16014: Use after free in PPAPI. - CVE-2020-16023: Use after free in WebCodecs. - CVE-2020-16024: Heap buffer overflow in UI. - CVE-2020-16025: Heap buffer overflow in clipboard. - CVE-2020-16026: Use after free in WebRTC. - CVE-2020-16027: Insufficient policy enforcement in developer tools. R - CVE-2020-16028: Heap buffer overflow in WebRTC. - CVE-2020-16029: Inappropriate implementation in PDFium. - CVE-2020-16030: Insufficient data validation in Blink. - CVE-2019-8075: Insufficient data validation in Flash. - CVE-2020-16031: Incorrect security UI in tab preview. - CVE-2020-16032: Incorrect security UI in sharing. - CVE-2020-16033: Incorrect security UI in WebUSB. - CVE-2020-16034: Inappropriate implementation in WebRTC. - CVE-2020-16035: Insufficient data validation in cros-disks. - CVE-2020-16012: Side-channel information leakage in graphics. - CVE-2020-16036: Inappropriate implementation in cookies. chromedriver-87.0.4280.66-bp151.3.131.1.x86_64.rpm chromium-87.0.4280.66-bp151.3.131.1.src.rpm chromium-87.0.4280.66-bp151.3.131.1.x86_64.rpm chromedriver-87.0.4280.66-bp151.3.131.1.aarch64.rpm chromium-87.0.4280.66-bp151.3.131.1.aarch64.rpm openSUSE-2020-2013 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 86.0.4240.198 (boo#1178703) - CVE-2020-16013: Inappropriate implementation in V8 - CVE-2020-16017: Use after free in site isolation Update to 86.0.4240.193 (boo#1178630) - CVE-2020-16016: Inappropriate implementation in base. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-86.0.4240.198-bp151.3.134.1.x86_64.rpm chromium-86.0.4240.198-bp151.3.134.1.src.rpm chromium-86.0.4240.198-bp151.3.134.1.x86_64.rpm chromedriver-86.0.4240.198-bp151.3.134.1.aarch64.rpm chromium-86.0.4240.198-bp151.3.134.1.aarch64.rpm openSUSE-2020-2055 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 87.0.4280.66 (boo#1178923) - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. - CVE-2020-16021: Race in ImageBurner. - CVE-2020-16022: Insufficient policy enforcement in networking. - CVE-2020-16015: Insufficient data validation in WASM. R - CVE-2020-16014: Use after free in PPAPI. - CVE-2020-16023: Use after free in WebCodecs. - CVE-2020-16024: Heap buffer overflow in UI. - CVE-2020-16025: Heap buffer overflow in clipboard. - CVE-2020-16026: Use after free in WebRTC. - CVE-2020-16027: Insufficient policy enforcement in developer tools. R - CVE-2020-16028: Heap buffer overflow in WebRTC. - CVE-2020-16029: Inappropriate implementation in PDFium. - CVE-2020-16030: Insufficient data validation in Blink. - CVE-2019-8075: Insufficient data validation in Flash. - CVE-2020-16031: Incorrect security UI in tab preview. - CVE-2020-16032: Incorrect security UI in sharing. - CVE-2020-16033: Incorrect security UI in WebUSB. - CVE-2020-16034: Inappropriate implementation in WebRTC. - CVE-2020-16035: Insufficient data validation in cros-disks. - CVE-2020-16012: Side-channel information leakage in graphics. - CVE-2020-16036: Inappropriate implementation in cookies. This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.66-bp151.3.137.1.x86_64.rpm chromium-87.0.4280.66-bp151.3.137.1.src.rpm chromium-87.0.4280.66-bp151.3.137.1.x86_64.rpm chromedriver-87.0.4280.66-bp151.3.137.1.aarch64.rpm chromium-87.0.4280.66-bp151.3.137.1.aarch64.rpm openSUSE-2020-2168 moderate openSUSE Backports SLE-15-SP1 Update This update for rclone fixes the following issues: rclone was updated to version 1.53.3: * Bug Fixes - Fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 boo#1179005 (Nick Craig-Wood) - Check https://github.com/rclone/passwordcheck for a tool check for weak passwords generated by rclone * VFS - Fix vfs/refresh calls with fs= parameter (Nick Craig-Wood) * Sharefile - Fix backend due to API swapping integers for strings (Nick Craig-Wood) Update to 1.53.2: * Bug Fixes - accounting + Fix incorrect speed and transferTime in core/stats (Nick Craig-Wood) + Stabilize display order of transfers on Windows (Nick Craig-Wood) - operations + Fix use of --suffix without --backup-dir (Nick Craig-Wood) + Fix spurious "--checksum is in use but the source and destination have no hashes in common" (Nick Craig-Wood) - build + Work around GitHub actions brew problem (Nick Craig-Wood) + Stop using set-env and set-path in the GitHub actions (Nick Craig-Wood) * Mount - mount2: Fix the swapped UID / GID values (Russell Cattelan) * VFS - Detect and recover from a file being removed externally from the cache (Nick Craig-Wood) - Fix a deadlock vulnerability in downloaders.Close (Leo Luan) - Fix a race condition in retryFailedResets (Leo Luan) - Fix missed concurrency control between some item operations and reset (Leo Luan) - Add exponential backoff during ENOSPC retries (Leo Luan) - Add a missed update of used cache space (Leo Luan) - Fix --no-modtime to not attempt to set modtimes (as documented) (Nick Craig-Wood) * Local - Fix sizes and syncing with --links option on Windows (Nick Craig-Wood) * Chunker - Disable ListR to fix missing files on GDrive (workaround) (Ivan Andreev) - Fix upload over crypt (Ivan Andreev) * Fichier - Increase maximum file size from 100GB to 300GB (gyutw) * Jottacloud - Remove clientSecret from config when upgrading to token based authentication (buengese) - Avoid double url escaping of device/mountpoint (albertony) - Remove DirMove workaround as it's not required anymore - also (buengese) * Mailru - Fix uploads after recent changes on server (Ivan Andreev) - Fix range requests after june changes on server (Ivan Andreev) - Fix invalid timestamp on corrupted files (fixes) (Ivan Andreev) * Onedrive - Fix disk usage for sharepoint (Nick Craig-Wood) * S3 - Add missing regions for AWS (Anagh Kumar Baranwal) * Seafile - Fix accessing libraries > 2GB on 32 bit systems (Muffin King) * SFTP - Always convert the checksum to lower case (buengese) * Union - Create root directories if none exist (Nick Craig-Wood) Update to version 1.53.1: * Bug Fixes - accounting: Remove new line from end of --stats-one-line display * VFS - Fix spurious error "vfs cache: failed to _ensure cache EOF" - Log an ERROR if we fail to set the file to be sparse * Local - Log an ERROR if we fail to set the file to be sparse * Drive - Re-adds special oauth help text * Opendrive - Do not retry 400 errors Update to version 1.53.0 * New Features - The VFS layer was heavily reworked for this release - see below for more details - Interactive mode -i/--interactive for destructive operations (fishbullet) - Add --bwlimit-file flag to limit speeds of individual file transfers (Nick Craig-Wood) - Transfers are sorted by start time in the stats and progress output (Max Sum) - Make sure backends expand ~ and environment vars in file names they use (Nick Craig-Wood) - Add --refresh-times flag to set modtimes on hashless backends (Nick Craig-Wood) - rclone check + Add reporting of filenames for same/missing/changed (Nick Craig-Wood) + Make check command obey --dry-run/-i/--interactive (Nick Craig-Wood) + Make check do --checkers files concurrently (Nick Craig-Wood) + Retry downloads if they fail when using the --download flag (Nick Craig-Wood) + Make it show stats by default (Nick Craig-Wood) - rclone config + Set RCLONE_CONFIG_DIR for use in config files and subprocesses (Nick Craig-Wood) + Reject remote names starting with a dash. (jtagcat) - rclone cryptcheck: Add reporting of filenames for same/missing/changed (Nick Craig-Wood) - rclone dedupe: Make it obey the --size-only flag for duplicate detection (Nick Craig-Wood) - rclone link: Add --expire and --unlink flags (Roman Kredentser) - rclone mkdir: Warn when using mkdir on remotes which can't have empty directories (Nick Craig-Wood) - rclone rc: Allow JSON parameters to simplify command line usage (Nick Craig-Wood) - rclone serve ftp + Don't compile on < go1.13 after dependency update (Nick Craig-Wood) + Add error message if auth proxy fails (Nick Craig-Wood) + Use refactored goftp.io/server library for binary shrink (Nick Craig-Wood) - rclone serve restic: Expose interfaces so that rclone can be used as a library from within restic (Jack) - rclone sync: Add --track-renames-strategy leaf (Nick Craig-Wood) - rclone touch: Add ability to set nanosecond resolution times (Nick Craig-Wood) - rclone tree: Remove -i shorthand for --noindent as it conflicts with -i/--interactive (Nick Craig-Wood) * Bug Fixes * Mount - rc interface + Add call for unmount all (Chaitanya Bankanhal) + Make mount/mount remote control take vfsOpt option (Nick Craig-Wood) + Add mountOpt to mount/mount (Nick Craig-Wood) + Add VFS and Mount options to mount/listmounts (Nick Craig-Wood) - Catch panics in cgofuse initialization and turn into error messages (Nick Craig-Wood) - Always supply stat information in Readdir (Nick Craig-Wood) - Add support for reading unknown length files using direct IO (Windows) (Nick Craig-Wood) - Fix On Windows don't add -o uid/gid=-1 if user supplies -o uid/gid. (Nick Craig-Wood) - Fix volume name broken in recent refactor (Nick Craig-Wood) * VFS - Implement partial reads for --vfs-cache-mode full (Nick Craig-Wood) - Add --vfs-writeback option to delay writes back to cloud storage (Nick Craig-Wood) - Add --vfs-read-ahead parameter for use with --vfs-cache-mode full (Nick Craig-Wood) - Restart pending uploads on restart of the cache (Nick Craig-Wood) - Support synchronous cache space recovery upon ENOSPC (Leo Luan) - Allow ReadAt and WriteAt to run concurrently with themselves (Nick Craig-Wood) - Change modtime of file before upload to current (Rob Calistri) - Recommend --vfs-cache-modes writes on backends which can't stream (Nick Craig-Wood) - Add an optional fs parameter to vfs rc methods (Nick Craig-Wood) - Fix errors when using > 260 char files in the cache in Windows (Nick Craig-Wood) - Fix renaming of items while they are being uploaded (Nick Craig-Wood) - Fix very high load caused by slow directory listings (Nick Craig-Wood) - Fix renamed files not being uploaded with --vfs-cache-mode minimal (Nick Craig-Wood) - Fix directory locking caused by slow directory listings (Nick Craig-Wood) - Fix saving from chrome without --vfs-cache-mode writes (Nick Craig-Wood) * Crypt Add --crypt-server-side-across-configs flag (Nick Craig-Wood) Make any created backends be cached to fix rc problems (Nick Craig-Wood) * Azure Blob Don't compile on < go1.13 after dependency update (Nick Craig-Wood) * B2 Implement server side copy for files > 5GB (Nick Craig-Wood) Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood) Note that b2's encoding now allows \ but rclone's hasn't changed (Nick Craig-Wood) Fix transfers when using download_url (Nick Craig-Wood) * Box - Implement rclone cleanup (buengese) - Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood) - Allow authentication with access token (David) * Chunker - Make any created backends be cached to fix rc problems (Nick Craig-Wood) * Drive - Add rclone backend drives to list shared drives (teamdrives) (Nick Craig-Wood) - Implement rclone backend untrash (Nick Craig-Wood) - Work around drive bug which didn't set modtime of copied docs (Nick Craig-Wood) - Added --drive-starred-only to only show starred files (Jay McEntire) - Deprecate --drive-alternate-export as it is no longer needed (themylogin) - Fix duplication of Google docs on server side copy (Nick Craig-Wood) - Fix "panic: send on closed channel" when recycling dir entries (Nick Craig-Wood) * Dropbox - Add copyright detector info in limitations section in the docs (Alex Guerrero) - Fix rclone link by removing expires parameter (Nick Craig-Wood) * Fichier - Detect Flood detected: IP Locked error and sleep for 30s (Nick Craig-Wood) * FTP - Add explicit TLS support (Heiko Bornholdt) - Add support for --dump bodies and --dump auth for debugging (Nick Craig-Wood) - Fix interoperation with pure-ftpd (Nick Craig-Wood) * Google Cloud Storage - Add support for anonymous access (Kai Lüke) * Jottacloud - Bring back legacy authentification for use with whitelabel versions (buengese) - Switch to new api root - also implement a very ugly workaround for the DirMove failures (buengese) * Onedrive - Rework cancel of multipart uploads on rclone exit (Nick Craig-Wood) - Implement rclone cleanup (Nick Craig-Wood) - Add --onedrive-no-versions flag to remove old versions (Nick Craig-Wood) * Pcloud - Implement rclone link for public link creation (buengese) * Qingstor - Cancel in progress multipart uploads on rclone exit (Nick Craig-Wood) * S3 - Preserve metadata when doing multipart copy (Nick Craig-Wood) - Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood) - Add rclone link for public link sharing (Roman Kredentser) - Add rclone backend restore command to restore objects from GLACIER (Nick Craig-Wood) - Add rclone cleanup and rclone backend cleanup to clean unfinished multipart uploads (Nick Craig-Wood) - Add rclone backend list-multipart-uploads to list unfinished multipart uploads (Nick Craig-Wood) - Add --s3-max-upload-parts support (Kamil Trzciński) - Add --s3-no-check-bucket for minimising rclone transactions and perms (Nick Craig-Wood) - Add --s3-profile and --s3-shared-credentials-file options (Nick Craig-Wood) - Use regional s3 us-east-1 endpoint (David) - Add Scaleway provider (Vincent Feltz) - Update IBM COS endpoints (Egor Margineanu) - Reduce the default --s3-copy-cutoff to < 5GB for Backblaze S3 compatibility (Nick Craig-Wood) - Fix detection of bucket existing (Nick Craig-Wood) * SFTP - Use the absolute path instead of the relative path for listing for improved compatibility (Nick Craig-Wood) - Add --sftp-subsystem and --sftp-server-command options (aus) * Swift - Fix dangling large objects breaking the listing (Nick Craig-Wood) - Fix purge not deleting directory markers (Nick Craig-Wood) - Fix update multipart object removing all of its own parts (Nick Craig-Wood) - Fix missing hash from object returned from upload (Nick Craig-Wood) * Tardigrade - Upgrade to uplink v1.2.0 (Kaloyan Raev) * Union - Fix writing with the all policy (Nick Craig-Wood) * WebDAV - Fix directory creation with 4shared (Nick Craig-Wood) - Update to version 1.52.3 * Bug Fixes - docs + Disable smart typography (eg en-dash) in MANUAL.* and man page (Nick Craig-Wood) + Update install.md to reflect minimum Go version (Evan Harris) + Update install from source instructions (Nick Craig-Wood) + make_manual: Support SOURCE_DATE_EPOCH (Morten Linderud) - log: Fix --use-json-log going to stderr not --log-file on Windows (Nick Craig-Wood) - serve dlna: Fix file list on Samsung Series 6+ TVs (Matteo Pietro Dazzi) - sync: Fix deadlock with --track-renames-strategy modtime (Nick Craig-Wood) * Cache - Fix moveto/copyto remote:file remote:file2 (Nick Craig-Wood) * Drive - Stop using root_folder_id as a cache (Nick Craig-Wood) - Make dangling shortcuts appear in listings (Nick Craig-Wood) - Drop "Disabling ListR" messages down to debug (Nick Craig-Wood) - Workaround and policy for Google Drive API (Dmitry Ustalov) * FTP - Add note to docs about home vs root directory selection (Nick Craig-Wood) * Onedrive - Fix reverting to Copy when Move would have worked (Nick Craig-Wood) - Avoid comma rendered in URL in onedrive.md (Kevin) * Pcloud - Fix oauth on European region "eapi.pcloud.com" (Nick Craig-Wood) * S3 - Fix bucket Region auto detection when Region unset in config (Nick Craig-Wood) - Update to version 1.52.2 * Bug Fixes - build + Fix docker release build action (Nick Craig-Wood) + Fix custom timezone in Docker image (NoLooseEnds) - check: Fix misleading message which printed errors instead of differences (Nick Craig-Wood) - errors: Add WSAECONNREFUSED and more to the list of retriable Windows errors (Nick Craig-Wood) - rcd: Fix incorrect prometheus metrics (Gary Kim) - serve restic: Fix flags so they use environment variables (Nick Craig-Wood) - serve webdav: Fix flags so they use environment variables (Nick Craig-Wood) - sync: Fix --track-renames-strategy modtime (Nick Craig-Wood) * Drive - Fix not being able to delete a directory with a trashed shortcut (Nick Craig-Wood) - Fix creating a directory inside a shortcut (Nick Craig-Wood) - Fix --drive-impersonate with cached root_folder_id (Nick Craig-Wood) * SFTP - Fix SSH key PEM loading (Zac Rubin) * Swift - Speed up deletes by not retrying segment container deletes (Nick Craig-Wood) * Tardigrade - Upgrade to uplink v1.1.1 (Caleb Case) * WebDAV - Fix free/used display for rclone about/df for certain backends (Nick Craig-Wood) - Update to version 1.52.1 * VFS - Fix OS vs Unix path confusion - fixes ChangeNotify on Windows (Nick Craig-Wood) * Drive - Fix missing items when listing using --fast-list / ListR (Nick Craig-Wood) * Putio - Fix panic on Object.Open (Cenk Alti) * S3 - Fix upload of single files into buckets without create permission (Nick Craig-Wood) - Fix --header-upload (Nick Craig-Wood) * Tardigrade - Fix listing bug by upgrading to v1.0.7 - Set UserAgent to rclone (Caleb Case) - Update to version 1.52.0 * New backends - Tardigrade backend for use with storj.io (Caleb Case) - Union re-write to have multiple writable remotes (Max Sum) - Seafile for Seafile server (Fred @creativeprojects) * New commands - backend: command for backend specific commands (see backends) (Nick Craig-Wood) - cachestats: Deprecate in favour of rclone backend stats cache: (Nick Craig-Wood) - dbhashsum: Deprecate in favour of rclone hashsum DropboxHash (Nick Craig-Wood) * New Features - Add --header-download and --header-upload flags for setting HTTP headers when uploading/downloading (Tim Gallant) - Add --header flag to add HTTP headers to every HTTP transaction (Nick Craig-Wood) - Add --check-first to do all checking before starting transfers (Nick Craig-Wood) - Add --track-renames-strategy for configurable matching criteria for --track-renames (Bernd Schoolmann) - Add --cutoff-mode hard,soft,catious (Shing Kit Chan & Franklyn Tackitt) - Filter flags (eg --files-from -) can read from stdin (fishbullet) - Add --error-on-no-transfer option (Jon Fautley) - Implement --order-by xxx,mixed for copying some small and some big files (Nick Craig-Wood) - Allow --max-backlog to be negative meaning as large as possible (Nick Craig-Wood) - Added --no-unicode-normalization flag to allow Unicode filenames to remain unique (Ben Zenker) - Allow --min-age/--max-age to take a date as well as a duration (Nick Craig-Wood) - Add rename statistics for file and directory renames (Nick Craig-Wood) - Add statistics output to JSON log (reddi) - Make stats be printed on non-zero exit code (Nick Craig-Wood) - When running --password-command allow use of stdin (Sébastien Gross) - Stop empty strings being a valid remote path (Nick Craig-Wood) - accounting: support WriterTo for less memory copying (Nick Craig-Wood) - build + Update to use go1.14 for the build (Nick Craig-Wood) + Add -trimpath to release build for reproduceable builds (Nick Craig-Wood) + Remove GOOS and GOARCH from Dockerfile (Brandon Philips) - config + Fsync the config file after writing to save more reliably (Nick Craig-Wood) + Add --obscure and --no-obscure flags to config create/update (Nick Craig-Wood) + Make config show take remote: as well as remote (Nick Craig-Wood) - copyurl: Add --no-clobber flag (Denis) - delete: Added --rmdirs flag to delete directories as well (Kush) - filter: Added --files-from-raw flag (Ankur Gupta) - genautocomplete: Add support for fish shell (Matan Rosenberg) - log: Add support for syslog LOCAL facilities (Patryk Jakuszew) - lsjson: Add --hash-type parameter and use it in lsf to speed up hashing (Nick Craig-Wood) - rc + Add -o/--opt and -a/--arg for more structured input (Nick Craig-Wood) + Implement backend/command for running backend specific commands remotely (Nick Craig-Wood) + Add mount/mount command for starting rclone mount via the API (Chaitanya) - rcd: Add Prometheus metrics support (Gary Kim) - serve http + Added a --template flag for user defined markup (calistri) + Add Last-Modified headers to files and directories (Nick Craig-Wood) - serve sftp: Add support for multiple host keys by repeating --key flag (Maxime Suret) - touch: Add --localtime flag to make --timestamp localtime not UTC (Nick Craig-Wood) * Bug Fixes - accounting + Restore "Max number of stats groups reached" log line (Michał Matczuk) + Correct exitcode on Transfer Limit Exceeded flag. (Anuar Serdaliyev) + Reset bytes read during copy retry (Ankur Gupta) + Fix race clearing stats (Nick Craig-Wood) - copy: Only create empty directories when they don't exist on the remote (Ishuah Kariuki) - dedupe: Stop dedupe deleting files with identical IDs (Nick Craig-Wood) - oauth + Use custom http client so that --no-check-certificate is honored by oauth token fetch (Mark Spieth) + Replace deprecated oauth2.NoContext (Lars Lehtonen) - operations + Fix setting the timestamp on Windows for multithread copy (Nick Craig-Wood) + Make rcat obey --ignore-checksum (Nick Craig-Wood) + Make --max-transfer more accurate (Nick Craig-Wood) - rc + Fix dropped error (Lars Lehtonen) + Fix misplaced http server config (Xiaoxing Ye) + Disable duplicate log (ElonH) - serve dlna + Cds: don't specify childCount at all when unknown (Dan Walters) + Cds: use modification time as date in dlna metadata (Dan Walters) - serve restic: Fix tests after restic project removed vendoring (Nick Craig-Wood) - sync + Fix incorrect "nothing to transfer" message using --delete-before (Nick Craig-Wood) + Only create empty directories when they don't exist on the remote (Ishuah Kariuki) * Mount - Add --async-read flag to disable asynchronous reads (Nick Craig-Wood) - Ignore --allow-root flag with a warning as it has been removed upstream (Nick Craig-Wood) - Warn if --allow-non-empty used on Windows and clarify docs (Nick Craig-Wood) - Constrain to go1.13 or above otherwise bazil.org/fuse fails to compile (Nick Craig-Wood) - Fix fail because of too long volume name (evileye) - Report 1PB free for unknown disk sizes (Nick Craig-Wood) - Map more rclone errors into file systems errors (Nick Craig-Wood) - Fix disappearing cwd problem (Nick Craig-Wood) - Use ReaddirPlus on Windows to improve directory listing performance (Nick Craig-Wood) - Send a hint as to whether the filesystem is case insensitive or not (Nick Craig-Wood) - Add rc command mount/types (Nick Craig-Wood) - Change maximum leaf name length to 1024 bytes (Nick Craig-Wood) * VFS - Add --vfs-read-wait and --vfs-write-wait flags to control time waiting for a sequential read/write (Nick Craig-Wood) - Change default --vfs-read-wait to 20ms (it was 5ms and not configurable) (Nick Craig-Wood) - Make df output more consistent on a rclone mount. (Yves G) - Report 1PB free for unknown disk sizes (Nick Craig-Wood) - Fix race condition caused by unlocked reading of Dir.path (Nick Craig-Wood) - Make File lock and Dir lock not overlap to avoid deadlock (Nick Craig-Wood) - Implement lock ordering between File and Dir to eliminate deadlocks (Nick Craig-Wood) - Factor the vfs cache into its own package (Nick Craig-Wood) - Pin the Fs in use in the Fs cache (Nick Craig-Wood) - Add SetSys() methods to Node to allow caching stuff on a node (Nick Craig-Wood) - Ignore file not found errors from Hash in Read.Release (Nick Craig-Wood) - Fix hang in read wait code (Nick Craig-Wood) * Local - Speed up multi thread downloads by using sparse files on Windows (Nick Craig-Wood) - Implement --local-no-sparse flag for disabling sparse files (Nick Craig-Wood) - Implement rclone backend noop for testing purposes (Nick Craig-Wood) - Fix "file not found" errors on post transfer Hash calculation (Nick Craig-Wood) * Cache - Implement rclone backend stats command (Nick Craig-Wood) - Fix Server Side Copy with Temp Upload (Brandon McNama) - Remove Unused Functions (Lars Lehtonen) - Disable race tests until bbolt is fixed (Nick Craig-Wood) - Move methods used for testing into test file (greatroar) - Add Pin and Unpin and canonicalised lookup (Nick Craig-Wood) - Use proper import path go.etcd.io/bbolt (Robert-André Mauchin) * Crypt - Calculate hashes for uploads from local disk (Nick Craig-Wood) + This allows crypted Jottacloud uploads without using local disk + This means crypted s3/b2 uploads will now have hashes - Added rclone backend decode/encode commands to replicate functionality of cryptdecode (Anagh Kumar Baranwal) - Get rid of the unused Cipher interface as it obfuscated the code (Nick Craig-Wood) * Azure Blob - Implement streaming of unknown sized files so rcat is now supported (Nick Craig-Wood) - Implement memory pooling to control memory use (Nick Craig-Wood) - Add --azureblob-disable-checksum flag (Nick Craig-Wood) - Retry InvalidBlobOrBlock error as it may indicate block concurrency problems (Nick Craig-Wood) - Remove unused Object.parseTimeString() (Lars Lehtonen) - Fix permission error on SAS URL limited to container (Nick Craig-Wood) * B2 - Add support for --header-upload and --header-download (Tim Gallant) - Ignore directory markers at the root also (Nick Craig-Wood) - Force the case of the SHA1 to lowercase (Nick Craig-Wood) - Remove unused largeUpload.clearUploadURL() (Lars Lehtonen) * Box - Add support for --header-upload and --header-download (Tim Gallant) - Implement About to read size used (Nick Craig-Wood) - Add token renew function for jwt auth (David Bramwell) - Added support for interchangeable root folder for Box backend (Sunil Patra) - Remove unnecessary iat from jws claims (David) * Drive - Follow shortcuts by default, skip with --drive-skip-shortcuts (Nick Craig-Wood) - Implement rclone backend shortcut command for creating shortcuts (Nick Craig-Wood) - Added rclone backend command to change service_account_file and chunk_size (Anagh Kumar Baranwal) - Fix missing files when using --fast-list and --drive-shared-with-me (Nick Craig-Wood) - Fix duplicate items when using --drive-shared-with-me (Nick Craig-Wood) - Extend --drive-stop-on-upload-limit to respond to teamDriveFileLimitExceeded. (harry) - Don't delete files with multiple parents to avoid data loss (Nick Craig-Wood) - Server side copy docs use default description if empty (Nick Craig-Wood) * Dropbox - Make error insufficient space to be fatal (harry) - Add info about required redirect url (Elan Ruusamäe) * Fichier - Add support for --header-upload and --header-download (Tim Gallant) - Implement custom pacer to deal with the new rate limiting (buengese) * FTP - Fix lockup when using concurrency limit on failed connections (Nick Craig-Wood) - Fix lockup on failed upload when using concurrency limit (Nick Craig-Wood) - Fix lockup on Close failures when using concurrency limit (Nick Craig-Wood) - Work around pureftp sending spurious 150 messages (Nick Craig-Wood) * Google Cloud Storage - Add support for --header-upload and --header-download (Nick Craig-Wood) - Add ARCHIVE storage class to help (Adam Stroud) - Ignore directory markers at the root (Nick Craig-Wood) * Googlephotos - Make the start year configurable (Daven) - Add support for --header-upload and --header-download (Tim Gallant) - Create feature/favorites directory (Brandon Philips) - Fix "concurrent map write" error (Nick Craig-Wood) - Don't put an image in error message (Nick Craig-Wood) * HTTP - Improved directory listing with new template from Caddy project (calisro) * Jottacloud - Implement --jottacloud-trashed-only (buengese) - Add support for --header-upload and --header-download (Tim Gallant) - Use RawURLEncoding when decoding base64 encoded login token (buengese) - Implement cleanup (buengese) - Update docs regarding cleanup, removed remains from old auth, and added warning about special mountpoints. (albertony) * Mailru - Describe 2FA requirements (valery1707) * Onedrive - Implement --onedrive-server-side-across-configs (Nick Craig-Wood) - Add support for --header-upload and --header-download (Tim Gallant) - Fix occasional 416 errors on multipart uploads (Nick Craig-Wood) - Added maximum chunk size limit warning in the docs (Harry) - Fix missing drive on config (Nick Craig-Wood) - Make error quotaLimitReached to be fatal (harry) * Opendrive - Add support for --header-upload and --header-download (Tim Gallant) * Pcloud - Added support for interchangeable root folder for pCloud backend (Sunil Patra) - Add support for --header-upload and --header-download (Tim Gallant) - Fix initial config "Auth state doesn't match" message (Nick Craig-Wood) * Premiumizeme - Add support for --header-upload and --header-download (Tim Gallant) - Prune unused functions (Lars Lehtonen) * Putio - Add support for --header-upload and --header-download (Nick Craig-Wood) - Make downloading files use the rclone http Client (Nick Craig-Wood) - Fix parsing of remotes with leading and trailing / (Nick Craig-Wood) * Qingstor - Make rclone cleanup remove pending multipart uploads older than 24h (Nick Craig-Wood) - Try harder to cancel failed multipart uploads (Nick Craig-Wood) - Prune multiUploader.list() (Lars Lehtonen) - Lint fix (Lars Lehtonen) * S3 - Add support for --header-upload and --header-download (Tim Gallant) - Use memory pool for buffer allocations (Maciej Zimnoch) - Add SSE-C support for AWS, Ceph, and MinIO (Jack Anderson) - Fail fast multipart upload (Michał Matczuk) - Report errors on bucket creation (mkdir) correctly (Nick Craig-Wood) - Specify that Minio supports URL encoding in listings (Nick Craig-Wood) - Added 500 as retryErrorCode (Michał Matczuk) - Use --low-level-retries as the number of SDK retries (Aleksandar Janković) - Fix multipart abort context (Aleksandar Jankovic) - Replace deprecated session.New() with session.NewSession() (Lars Lehtonen) - Use the provided size parameter when allocating a new memory pool (Joachim Brandon LeBlanc) - Use rclone's low level retries instead of AWS SDK to fix listing retries (Nick Craig-Wood) - Ignore directory markers at the root also (Nick Craig-Wood) - Use single memory pool (Michał Matczuk) - Do not resize buf on put to memBuf (Michał Matczuk) - Improve docs for --s3-disable-checksum (Nick Craig-Wood) - Don't leak memory or tokens in edge cases for multipart upload (Nick Craig-Wood) * Seafile - Implement 2FA (Fred) * SFTP - Added --sftp-pem-key to support inline key files (calisro) - Fix post transfer copies failing with 0 size when using set_modtime=false (Nick Craig-Wood) * Sharefile - Add support for --header-upload and --header-download (Tim Gallant) * Sugarsync - Add support for --header-upload and --header-download (Tim Gallant) * Swift - Add support for --header-upload and --header-download (Nick Craig-Wood) - Fix cosmetic issue in error message (Martin Michlmayr) * Union - Implement multiple writable remotes (Max Sum) - Fix server-side copy (Max Sum) - Implement ListR (Max Sum) - Enable ListR when upstreams contain local (Max Sum) * WebDAV - Add support for --header-upload and --header-download (Tim Gallant) - Fix X-OC-Mtime header for Transip compatibility (Nick Craig-Wood) - Report full and consistent usage with about (Yves G) * Yandex - Add support for --header-upload and --header-download (Tim Gallant) - Update to version 1.51.0 * See https://rclone.org/changelog/#v1-51-0-2020-02-01 for the complete changelog. - Update to version 1.50.2 * Bug Fixes - accounting: Fix memory leak on retries operations (Nick Craig-Wood) * Drive - Fix listing of the root directory with drive.files scope (Nick Craig-Wood) - Fix --drive-root-folder-id with team/shared drives (Nick Craig-Wood) - Update to version 1.50.1 * Bug Fixes - hash: Fix accidentally changed hash names for DropboxHash and CRC-32 (Nick Craig-Wood) - fshttp: Fix error reporting on tpslimit token bucket errors (Nick Craig-Wood) - fshttp: Don’t print token bucket errors on context cancelled (Nick Craig-Wood) * Local - Fix listings of . on Windows (Nick Craig-Wood) * Onedrive - Fix DirMove/Move after Onedrive change (Xiaoxing Ye) - Update to version 1.50.0 * New backends - Citrix Sharefile (Nick Craig-Wood) - Chunker - an overlay backend to split files into smaller parts (Ivan Andreev) - Mail.ru Cloud (Ivan Andreev) * New Features - encodings (Fabian Möller & Nick Craig-Wood) + All backends now use file name encoding to ensure any file name can be written to any backend. + See the restricted file name docs for more info and the local backend docs. + Some file names may look different in rclone if you are using any control characters in names or unicode FULLWIDTH symbols. - build + Update to use go1.13 for the build (Nick Craig-Wood) + Drop support for go1.9 (Nick Craig-Wood) + Build rclone with GitHub actions (Nick Craig-Wood) + Convert python scripts to python3 (Nick Craig-Wood) + Swap Azure/go-ansiterm for mattn/go-colorable (Nick Craig-Wood) + Dockerfile fixes (Matei David) + Add plugin support for backends and commands (Richard Patel) - config + Use alternating Red/Green in config to make more obvious (Nick Craig-Wood) - contrib + Add sample DLNA server Docker Compose manifest. (pataquets) + Add sample WebDAV server Docker Compose manifest. (pataquets) - copyurl + Add --auto-filename flag for using file name from URL in destination path (Denis) - serve dlna: + Many compatability improvements (Dan Walters) + Support for external srt subtitles (Dan Walters) - rc + Added command core/quit (Saksham Khanna) * Bug Fixes - sync + Make --update/-u not transfer files that haven’t changed (Nick Craig-Wood) + Free objects after they come out of the transfer pipe to save memory (Nick Craig-Wood) + Fix --files-from without --no-traverse doing a recursive scan (Nick Craig-Wood) - operations + Fix accounting for server side copies (Nick Craig-Wood) + Display ‘All duplicates removed’ only if dedupe successful (Sezal Agrawal) + Display ‘Deleted X extra copies’ only if dedupe successful (Sezal Agrawal) - accounting + Only allow up to 100 completed transfers in the accounting list to save memory (Nick Craig-Wood) + Cull the old time ranges when possible to save memory (Nick Craig-Wood) + Fix panic due to server-side copy fallback (Ivan Andreev) + Fix memory leak noticeable for transfers of large numbers of objects (Nick Craig-Wood) + Fix total duration calculation (Nick Craig-Wood) - cmd + Fix environment variables not setting command line flags (Nick Craig-Wood) + Make autocomplete compatible with bash’s posix mode for macOS (Danil Semelenov) + Make --progress work in git bash on Windows (Nick Craig-Wood) + Fix ‘compopt: command not found’ on autocomplete on macOS (Danil Semelenov) - config + Fix setting of non top level flags from environment variables (Nick Craig-Wood) + Check config names more carefully and report errors (Nick Craig-Wood) + Remove error: can’t use --size-only and --ignore-size together. (Nick Craig-Wood) + filter: Prevent mixing options when --files-from is in use (Michele Caci) + serve sftp: Fix crash on unsupported operations (eg Readlink) (Nick Craig-Wood) * Mount - Allow files of unkown size to be read properly (Nick Craig-Wood) - Skip tests on <= 2 CPUs to avoid lockup (Nick Craig-Wood) - Fix panic on File.Open (Nick Craig-Wood) - Fix “mount_fusefs: -o timeout=: option not supported” on FreeBSD (Nick Craig-Wood) - Don’t pass huge filenames (>4k) to FUSE as it can’t cope (Nick Craig-Wood) * VFS - Add flag --vfs-case-insensitive for windows/macOS mounts (Ivan Andreev) - Make objects of unknown size readable through the VFS (Nick Craig-Wood) - Move writeback of dirty data out of close() method into its own method (FlushWrites) and remove close() call from Flush() (Brett Dutro) - Stop empty dirs disappearing when renamed on bucket based remotes (Nick Craig-Wood) - Stop change notify polling clearing so much of the directory cache (Nick Craig-Wood) * Azure Blob - Disable logging to the Windows event log (Nick Craig-Wood) * B2 - Remove unverified: prefix on sha1 to improve interop (eg with CyberDuck) (Nick Craig-Wood) * Box - Add options to get access token via JWT auth (David) * Drive - Disable HTTP/2 by default to work around INTERNAL_ERROR problems (Nick Craig-Wood) - Make sure that drive root ID is always canonical (Nick Craig-Wood) - Fix --drive-shared-with-me from the root with lsand --fast-list (Nick Craig-Wood) - Fix ChangeNotify polling for shared drives (Nick Craig-Wood) - Fix change notify polling when using appDataFolder (Nick Craig-Wood) * Dropbox - Make disallowed filenames errors not retry (Nick Craig-Wood) - Fix nil pointer exception on restricted files (Nick Craig-Wood) * Fichier - Fix accessing files > 2GB on 32 bit systems (Nick Craig-Wood) * FTP - Allow disabling EPSV mode (Jon Fautley) * HTTP - HEAD directory entries in parallel to speedup (Nick Craig-Wood) - Add --http-no-head to stop rclone doing HEAD in listings (Nick Craig-Wood) * Putio - Add ability to resume uploads (Cenk Alti) * S3 - Fix signature v2_auth headers (Anthony Rusdi) - Fix encoding for control characters (Nick Craig-Wood) - Only ask for URL encoded directory listings if we need them on Ceph (Nick Craig-Wood) - Add option for multipart failiure behaviour (Aleksandar Jankovic) - Support for multipart copy (庄天翼) - Fix nil pointer reference if no metadata returned for object (Nick Craig-Wood) * SFTP - Fix --sftp-ask-password trying to contact the ssh agent (Nick Craig-Wood) - Fix hashes of files with backslashes (Nick Craig-Wood) - Include more ciphers with --sftp-use-insecure-cipher (Carlos Ferreyra) * WebDAV - Parse and return Sharepoint error response (Henning Surmeier) - Update to version 1.49.4 * Bug Fixes - cmd/rcd: Address ZipSlip vulnerability (Richard Patel) - accounting: Fix file handle leak on errors (Nick Craig-Wood) - oauthutil: Fix security problem when running with two users on the same machine (Nick Craig-Wood) * FTP - Fix listing of an empty root returning: error dir not found (Nick Craig-Wood) * S3 - Fix SetModTime on GLACIER/ARCHIVE objects and implement set/get tier (Nick Craig-Wood) - Update to version 1.49.3 * Bug Fixes - accounting + Fix total duration calculation (Aleksandar Jankovic) + Fix “file already closed” on transfer retries (Nick Craig-Wood) - Update to version 1.49.2 * New Features - build: Add Docker workflow support (Alfonso Montero) * Bug Fixes - accounting: Fix locking in Transfer to avoid deadlock with --progress (Nick Craig-Wood) - docs: Fix template argument for mktemp in install.sh (Cnly) - operations: Fix -u/--update with google photos / files of unknown size (Nick Craig-Wood) - rc: Fix docs for config/create /update /password (Nick Craig-Wood) * Google Cloud Storage - Fix need for elevated permissions on SetModTime (Nick Craig-Wood) - Update to version 1.49.1 * Bug Fixes - config: Fix generated passwords being stored as empty password (Nick Craig-Wood) - rcd: Added missing parameter for web-gui info logs. (Chaitanya) * Googlephotos - Fix crash on error response (Nick Craig-Wood) * Onedrive - Fix crash on error response (Nick Craig-Wood) - Update to version 1.49.0 * New backends - 1fichier (Laura Hausmann) - Google Photos (Nick Craig-Wood) - Putio (Cenk Alti) - premiumize.me (Nick Craig-Wood) * New Features - Experimental web GUI (Chaitanya Bankanhal) - Implement --compare-dest & --copy-dest (yparitcher) - Implement --suffix without --backup-dir for backup to current dir (yparitcher) - config reconnect to re-login (re-run the oauth login) for the backend. (Nick Craig-Wood) - config userinfo to discover which user you are logged in as. (Nick Craig-Wood) - config disconnect to disconnect you (log out) from the backend. (Nick Craig-Wood) - Add --use-json-log for JSON logging (justinalin) - Add context propagation to rclone (Aleksandar Jankovic) - Reworking internal statistics interfaces so they work with rc jobs (Aleksandar Jankovic) - Add Higher units for ETA (AbelThar) - Update rclone logos to new design (Andreas Chlupka) - hash: Add CRC-32 support (Cenk Alti) - help showbackend: Fixed advanced option category when there are no standard options (buengese) - ncdu: Display/Copy to Clipboard Current Path (Gary Kim) - operations: + Run hashing operations in parallel (Nick Craig-Wood) + Don’t calculate checksums when using --ignore-checksum (Nick Craig-Wood) + Check transfer hashes when using --size-only mode (Nick Craig-Wood) + Disable multi thread copy for local to local copies (Nick Craig-Wood) + Debug successful hashes as well as failures (Nick Craig-Wood) - rc + Add ability to stop async jobs (Aleksandar Jankovic) + Return current settings if core/bwlimit called without parameters (Nick Craig-Wood) + Rclone-WebUI integration with rclone (Chaitanya Bankanhal) + Added command line parameter to control the cross origin resource sharing (CORS) in the rcd. (Security Improvement) (Chaitanya Bankanhal) + Add anchor tags to the docs so links are consistent (Nick Craig-Wood) + Remove _async key from input parameters after parsing so later operations won’t get confused (buengese) + Add call to clear stats (Aleksandar Jankovic) - rcd + Auto-login for web-gui (Chaitanya Bankanhal) + Implement --baseurl for rcd and web-gui (Chaitanya Bankanhal) - serve dlna + Only select interfaces which can multicast for SSDP (Nick Craig-Wood) + Add more builtin mime types to cover standard audio/video (Nick Craig-Wood) + Fix missing mime types on Android causing missing videos (Nick Craig-Wood) - serve ftp + Refactor to bring into line with other serve commands (Nick Craig-Wood) + Implement --auth-proxy (Nick Craig-Wood) - serve http: Implement --baseurl (Nick Craig-Wood) - serve restic: Implement --baseurl (Nick Craig-Wood) - serve sftp + Implement auth proxy (Nick Craig-Wood) + Fix detection of whether server is authorized (Nick Craig-Wood) - serve webdav + Implement --baseurl (Nick Craig-Wood) + Support --auth-proxy (Nick Craig-Wood) * Bug Fixes - Make “bad record MAC” a retriable error (Nick Craig-Wood) - copyurl: Fix copying files that return HTTP errors (Nick Craig-Wood) - march: Fix checking sub-directories when using --no-traverse (buengese) - rc + Fix unmarshalable http.AuthFn in options and put in test for marshalability (Nick Craig-Wood) + Move job expire flags to rc to fix initalization problem (Nick Craig-Wood) + Fix --loopback with rc/list and others (Nick Craig-Wood) - rcat: Fix slowdown on systems with multiple hashes (Nick Craig-Wood) - rcd: Fix permissions problems on cache directory with web gui download (Nick Craig-Wood) * Mount - Default --deamon-timout to 15 minutes on macOS and FreeBSD (Nick Craig-Wood) - Update docs to show mounting from root OK for bucket based (Nick Craig-Wood) - Remove nonseekable flag from write files (Nick Craig-Wood) * VFS - Make write without cache more efficient (Nick Craig-Wood) - Fix --vfs-cache-mode minimal and writes ignoring cached files (Nick Craig-Wood) * Local - Add --local-case-sensitive and --local-case-insensitive (Nick Craig-Wood) - Avoid polluting page cache when uploading local files to remote backends (Michał Matczuk) - Don’t calculate any hashes by default (Nick Craig-Wood) - Fadvise run syscall on a dedicated go routine (Michał Matczuk) * Azure Blob - Azure Storage Emulator support (Sandeep) - Updated config help details to remove connection string references (Sandeep) - Make all operations work from the root (Nick Craig-Wood) * B2 - Implement link sharing (yparitcher) - Enable server side copy to copy between buckets (Nick Craig-Wood) - Make all operations work from the root (Nick Craig-Wood) * Drive - Fix server side copy of big files (Nick Craig-Wood) - Update API for teamdrive use (Nick Craig-Wood) - Add error for purge with --drive-trashed-only (ginvine) * Fichier - Make FolderID int and adjust related code (buengese) * Google Cloud Storage - Reduce oauth scope requested as suggested by Google (Nick Craig-Wood) - Make all operations work from the root (Nick Craig-Wood) * HTTP - Add --http-headers flag for setting arbitrary headers (Nick Craig-Wood) * Jottacloud - Use new api for retrieving internal username (buengese) - Refactor configuration and minor cleanup (buengese) * Koofr - Support setting modification times on Koofr backend. (jaKa) * Opendrive - Refactor to use existing lib/rest facilities for uploads (Nick Craig-Wood) * Qingstor - Upgrade to v3 SDK and fix listing loop (Nick Craig-Wood) - Make all operations work from the root (Nick Craig-Wood) * S3 - Add INTELLIGENT_TIERING storage class (Matti Niemenmaa) - Make all operations work from the root (Nick Craig-Wood) * SFTP - Add missing interface check and fix About (Nick Craig-Wood) - Completely ignore all modtime checks if SetModTime=false (Jon Fautley) - Support md5/sha1 with rsync.net (Nick Craig-Wood) - Save the md5/sha1 command in use to the config file for efficiency (Nick Craig-Wood) - Opt-in support for diffie-hellman-group-exchange-sha256 diffie-hellman-group-exchange-sha1 (Yi FU) * Swift - Use FixRangeOption to fix 0 length files via the VFS (Nick Craig-Wood) - Fix upload when using no_chunk to return the correct size (Nick Craig-Wood) - Make all operations work from the root (Nick Craig-Wood) - Fix segments leak during failed large file uploads. (nguyenhuuluan434) * WebDAV - Add --webdav-bearer-token-command (Nick Craig-Wood) - Refresh token when it expires with --webdav-bearer-token-command (Nick Craig-Wood) - Add docs for using bearer_token_command with oidc-agent (Paul Millar) - Fix executable permission - Update to version 1.48.0 * New commands - serve sftp: Serve an rclone remote over SFTP (Nick Craig-Wood) * New Features - Multi threaded downloads to local storage (Nick Craig-Wood) controlled with --multi-thread-cutoff and --multi-thread-streams - Use rclone.conf from rclone executable directory to enable portable use (albertony) - Allow sync of a file and a directory with the same name (forgems) this is common on bucket based remotes, eg s3, gcs - Add --ignore-case-sync for forced case insensitivity (garry415) - Implement --stats-one-line-date and --stats-one-line-date-format (Peter Berbec) - Log an ERROR for all commands which exit with non-zero status (Nick Craig-Wood) - Use go-homedir to read the home directory more reliably (Nick Craig-Wood) - Enable creating encrypted config through external script invocation (Wojciech Smigielski) - build: Drop support for go1.8 (Nick Craig-Wood) - config: Make config create/update encrypt passwords where necessary (Nick Craig-Wood) - copyurl: Honor --no-check-certificate (Stefan Breunig) - install: Linux skip man pages if no mandb (didil) - lsf: Support showing the Tier of the object (Nick Craig-Wood) - lsjson + Added EncryptedPath to output (calisro) + Support showing the Tier of the object (Nick Craig-Wood) + Add IsBucket field for bucket based remote listing of the root (Nick Craig-Wood) - rc + Add --loopback flag to run commands directly without a server (Nick Craig-Wood) + Add operations/fsinfo: Return information about the remote (Nick Craig-Wood) + Skip auth for OPTIONS request (Nick Craig-Wood) + cmd/providers: Add DefaultStr, ValueStr and Type fields (Nick Craig-Wood) + jobs: Make job expiry timeouts configurable (Aleksandar Jankovic) - serve dlna reworked and improved (Dan Walters) - serve ftp: add --ftp-public-ip flag to specify public IP (calistri) - serve restic: Add support for --private-repos in serve restic (Florian Apolloner) - serve webdav: Combine serve webdav and serve http (Gary Kim) - size: Ignore negative sizes when calculating total (Garry McNulty) * Bug Fixes - Make move and copy individual files obey --backup-dir (Nick Craig-Wood) - If --ignore-checksum is in effect, don’t calculate checksum (Nick Craig-Wood) - moveto: Fix case-insensitive same remote move (Gary Kim) - rc: Fix serving bucket based objects with --rc-serve (Nick Craig-Wood) - serve webdav: Fix serveDir not being updated with changes from webdav (Gary Kim) * Mount - Fix poll interval documentation (Animosity022) * VFS - Make WriteAt for non cached files work with non-sequential writes (Nick Craig-Wood) * Local - Only calculate the required hashes for big speedup (Nick Craig-Wood) - Log errors when listing instead of returning an error (Nick Craig-Wood) - Fix preallocate warning on Linux with ZFS (Nick Craig-Wood) * Crypt - Make rclone dedupe work through crypt (Nick Craig-Wood) - Fix wrapping of ChangeNotify to decrypt directories properly (Nick Craig-Wood) - Support PublicLink (rclone link) of underlying backend (Nick Craig-Wood) - Implement Optional methods SetTier, GetTier (Nick Craig-Wood) * B2 - Implement server side copy (Nick Craig-Wood) - Implement SetModTime (Nick Craig-Wood) * Drive - Fix move and copy from TeamDrive to GDrive (Fionera) - Add notes that cleanup works in the background on drive (Nick Craig-Wood) - Add --drive-server-side-across-configs to default back to old server side copy semantics by default (Nick Craig-Wood) - Add --drive-size-as-quota to show storage quota usage for file size (Garry McNulty) * FTP - Add FTP List timeout (Jeff Quinn) - Add FTP over TLS support (Gary Kim) - Add --ftp-no-check-certificate option for FTPS (Gary Kim) * Google Cloud Storage - Fix upload errors when uploading pre 1970 files (Nick Craig-Wood) * Jottacloud - Add support for selecting device and mountpoint. (buengese) * Mega - Add cleanup support (Gary Kim) * Onedrive - More accurately check if root is found (Cnly) * S3 - Suppport S3 Accelerated endpoints with --s3-use-accelerate-endpoint (Nick Craig-Wood) - Add config info for Wasabi’s EU Central endpoint (Robert Marko) - Make SetModTime work for GLACIER while syncing (Philip Harvey) * SFTP - Add About support (Gary Kim) - Fix about parsing of df results so it can cope with -ve results (Nick Craig-Wood) - Send custom client version and debug server version (Nick Craig-Wood) * WebDAV - Retry on 423 Locked errors (Nick Craig-Wood) This update was imported from the openSUSE:Leap:15.1:Update update project. rclone-1.53.3-bp151.4.6.1.src.rpm rclone-1.53.3-bp151.4.6.1.x86_64.rpm rclone-bash-completion-1.53.3-bp151.4.6.1.noarch.rpm rclone-zsh-completion-1.53.3-bp151.4.6.1.noarch.rpm rclone-1.53.3-bp151.4.6.1.ppc64le.rpm rclone-1.53.3-bp151.4.6.1.s390x.rpm openSUSE-2020-2125 moderate openSUSE Backports SLE-15-SP1 Update This update for pcm fixes the following issues: opcm was update to 202007: * no upstream changelog - Build only for %ix86 x86_64 as it targets Intel CPU only pcm-202007-bp151.2.1.src.rpm pcm-202007-bp151.2.1.x86_64.rpm openSUSE-2020-2145 moderate openSUSE Backports SLE-15-SP1 Update This update for seamonkey fixes the following issues: - update to version 2.53.5.1 (boo#1179010). This update was imported from the openSUSE:Leap:15.1:Update update project. seamonkey-2.53.5.1-bp151.5.6.1.src.rpm seamonkey-2.53.5.1-bp151.5.6.1.x86_64.rpm seamonkey-translations-common-2.53.5.1-bp151.5.6.1.x86_64.rpm seamonkey-translations-other-2.53.5.1-bp151.5.6.1.x86_64.rpm openSUSE-2020-2119 moderate openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Remove erroneous call to ldconfig which causes Firefox crashes (boo#1179298) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.66-bp151.3.140.1.x86_64.rpm chromium-87.0.4280.66-bp151.3.140.1.src.rpm chromium-87.0.4280.66-bp151.3.140.1.x86_64.rpm chromedriver-87.0.4280.66-bp151.3.140.1.aarch64.rpm chromium-87.0.4280.66-bp151.3.140.1.aarch64.rpm openSUSE-2020-2157 moderate openSUSE Backports SLE-15-SP1 Update This update for neomutt fixes the following issues: Update neomutt to 20201120. Address boo#1179035, CVE-2020-28896. * Security - imap: close connection on all failures * Features - alias: add function to Alias/Query dialogs - config: add validators for {imap,smtp,pop}_authenticators - config: warn when signature file is missing or not readable - smtp: support for native SMTP LOGIN auth mech - notmuch: show originating folder in index * Bug Fixes - sidebar: prevent the divider colour bleeding out - sidebar: fix <sidebar-{next,prev}-new> - notmuch: fix query for current email - restore shutdown-hook functionality - crash in reply-to - user-after-free in folder-hook - fix some leaks - fix application of limits to modified mailboxes - write Date header when postponing * Translations - 100% Lithuanian - 100% Czech - 70% Turkish * Docs - Document that $sort_alias affects the query menu * Build - improve ASAN flags - add SASL and S/MIME to --everything - fix contrib (un)install * Code - my_hdr compose screen notifications - add contracts to the MXAPI - maildir refactoring - further reduce the use of global variables * Upstream - Add $count_alternatives to count attachments inside alternatives - Changes from 20200925 * Features - Compose: display user-defined headers - Address Book / Query: live sorting - Address Book / Query: patterns for searching - Config: Add '+=' and '-=' operators for String Lists - Config: Add '+=' operator for Strings - Allow postfix query ':setenv NAME?' for env vars * Bug Fixes - Fix crash when searching with invalid regexes - Compose: Prevent infinite loop of send2-hooks - Fix sidebar on new/removed mailboxes - Restore indentation for named mailboxes - Prevent half-parsing an alias - Remove folder creation prompt for POP path - Show error if $message_cachedir doesn't point to a valid directory - Fix tracking LastDir in case of IMAP paths with Unicode characters - Make sure all mail gets applied the index limit - Add warnings to -Q query CLI option - Fix index tracking functionality * Changed Config - Add $compose_show_user_headers (yes) * Translations - 100% Czech - 100% Lithuanian - Split up usage strings * Build - Run shellcheck on hcachever.sh - Add the Address Sanitizer - Move compose files to lib under compose/ - Move address config into libaddress - Update to latest acutest - fixes a memory leak in the unit tests * Code - Implement ARRAY API - Deglobalised the Config Sort functions - Refactor the Sidebar to be Event-Driven - Refactor the Color Event - Refactor the Commands list - Make ctx_update_tables private - Reduce the scope/deps of some Validator functions - Use the Email's IMAP UID instead of an increasing number as index - debug: log window focus - Removed neomutt-sidebar-abbreviate-shorten-what-user-sees.patch. No longer needed. - Update to 20200821: * Bug Fixes - fix maildir flag generation - fix query notmuch if file is missing - notmuch: don't abort sync on error - fix type checking for send config variables * Changed Config - $sidebar_format - Use %D rather than %B for named mailboxes * Translations - 96% Lithuanian - 90% Polish - fix(sidebar): abbreviate/shorten what user sees - Fix sidebar mailbox name display problem. - Update to 20200814: * Notes - Add one-liner docs to config items See: neomutt -O -Q smart_wrap - Remove the built-in editor A large unused and unusable feature * Security - Add mitigation against DoS from thousands of parts boo#1179113 * Features - Allow index-style searching in postpone menu - Open NeoMutt using a mailbox name - Add cd command to change the current working directory - Add tab-completion menu for patterns - Allow renaming existing mailboxes - Check for missing attachments in alternative parts - Add one-liner docs to config items * Bug Fixes - Fix logic in checking an empty From address - Fix Imap crash in cmd_parse_expunge() - Fix setting attributes with S-Lang - Fix: redrawing of $pager_index_lines - Fix progress percentage for syncing large mboxes - Fix sidebar drawing in presence of indentation + named mailboxes - Fix retrieval of drafts when "postponed" is not in the mailboxes list - Do not add comments to address group terminators - Fix alias sorting for degenerate addresses - Fix attaching emails - Create directories for nonexistent file hcache case - Avoid creating mailboxes for failed subscribes - Fix crash if rejecting cert * Changed Config - Add $copy_decode_weed, $pipe_decode_weed, $print_decode_weed - Change default of $crypt_protected_headers_subject to "..." - Add default keybindings to history-up/down * Translations - 100% Czech - 100% Spanish * Build - Allow building against Lua 5.4 - Fix when sqlite3.h is missing * Docs - Add a brief section on stty to the manual - Update section "Terminal Keybindings" in the manual - Clarify PGP Pseudo-header S<id> duration * Code - Clean up String API - Make the Sidebar more independent - De-centralise the Config Variables - Refactor dialogs - Refactor: Help Bar generation - Make more APIs Context-free - Adjust the edata use in Maildir and Notmuch - Window refactoring - Convert libsend to use Config functions - Refactor notifications to reduce noise - Convert Keymaps to use STAILQ - Track currently selected email by msgid - Config: no backing global variable - Add events for key binding * Upstream - Fix imap postponed mailbox use-after-free error - Speed up thread sort when many long threads exist - Fix ~v tagging when switching to non-threaded sorting - Add message/global to the list of known "message" types - Print progress meter when copying/saving tagged messages - Remove ansi formatting from autoview generated quoted replies - Change postpone mode to write Date header too - Unstuff format=flowed - Update to 20200626: * Bug Fixes - Avoid opening the same hcache file twice - Re-open Mailbox after folder-hook - Fix the matching of the spoolfile Mailbox - Fix link-thread to link all tagged emails * Changed Config - Add $tunnel_is_secure config, defaulting to true * Upstream - Don't check IMAP PREAUTH encryption if $tunnel is in use - Add recommendation to use $ssl_force_tls - Changes from 20200501: * Security - Abort GnuTLS certificate check if a cert in the chain is rejected CVE-2020-14154 boo#1172906 - TLS: clear data after a starttls acknowledgement CVE-2020-14954 boo#1173197 - Prevent possible IMAP MITM via PREAUTH response CVE-2020-14093 boo#1172935 * Features - add config operations +=/-= for number,long - Address book has a comment field - Query menu has a comment field * Contrib sample.neomuttrc-starter: Do not echo prompted password * Bug Fixes - make "news://" and "nntp://" schemes interchangeable - Fix CRLF to LF conversion in base64 decoding - Double comma in query - compose: fix redraw after history - Crash inside empty query menu - mmdf: fix creating new mailbox - mh: fix creating new mailbox - mbox: error out when an mbox/mmdf is a pipe - Fix list-reply by correct parsing of List-Post headers - Decode references according to RFC2047 - fix tagged message count - hcache: fix keylen not being considered when building the full key - sidebar: fix path comparison - Don't mess with the original pattern when running IMAP searches - Handle IMAP "NO" resps by issuing a msg instead of failing badly - imap: use the connection delimiter if provided - Memory leaks * Changed Config - $alias_format default changed to include %c comment - $query_format default changed to include %e extra info * Translations - 100% Lithuanian - 84% French - Log the translation in use * Docs - Add missing commands unbind, unmacro to man pages * Build - Check size of long using LONG_MAX instead of __WORDSIZE - Allow ./configure to not record cflags - fix out-of-tree build - Avoid locating gdbm symbols in qdbm library * Code - Refactor unsafe TAILQ returns - add window notifications - flip negative ifs - Update to latest acutest.h - test: add store tests - test: add compression tests - graphviz: email - make more opcode info available - refactor: main_change_folder() - refactor: mutt_mailbox_next() - refactor: generate_body() - compress: add {min,max}_level to ComprOps - emphasise empty loops: "// do nothing" - prex: convert is_from() to use regex - Refactor IMAP's search routines - Update to 20200501: * Bug Fixes - Make sure buffers are initialized on error - fix(sidebar): use abbreviated path if possible * Translations - 100% Lithuanian * Docs - make header cache config more explicit - Changes from 20200424: * Bug Fixes - Fix history corruption - Handle pretty much anything in a URL query part - Correctly parse escaped characters in header phrases - Fix crash reading received header - Fix sidebar indentation - Avoid crashing on failure to parse an IMAP mailbox - Maildir: handle deleted emails correctly - Ensure OP_NULL is always first * Translations - 100% Czech * Build - cirrus: enable pcre2, make pkgconf a special case - Fix finding pcre2 w/o pkgconf - build: tdb.h needs size_t, bring it in with stddef.h - Changes from 20200417: * Features - Fluid layout for Compose Screen, see: vimeo.com/407231157 - Trivial Database (TDB) header cache backend - RocksDB header cache backend - Add <sidebar-first> and <sidebar-last> functions * Bug Fixes - add error for CLI empty emails - Allow spaces and square brackets in paths - browser: fix hidden mailboxes - fix initial email display - notmuch: fix time window search. - fix resize bugs - notmuch: fix entire-thread: update current email pointer - sidebar: support indenting and shortening of names - Handle variables inside backticks in sidebar_whitelist - browser: fix mask regex error reporting * Translations - 100% Lithuanian - 99% Chinese (simplified) * Build - Use regexes for common parsing tasks: urls, dates - Add configure option --pcre2 -- Enable PCRE2 regular expressions - Add configure option --tdb -- Use TDB for the header cache - Add configure option --rocksdb -- Use RocksDB for the header cache - Create libstore (key/value backends) - Update to latest autosetup - Update to latest acutest.h - Rename doc/ directory to docs/ - make: fix location of .Po dependency files - Change libcompress to be more universal - Fix test fails on х32 - fix uidvalidity to unsigned 32-bit int * Code - Increase test coverage - Fix memory leaks - Fix null checks * Upstream - Buffer refactoring - Fix use-after-free in mutt_str_replace() - Clarify PGP Pseudo-header S<id> duration - Try to respect MUTT_QUIET for IMAP contexts too - Limit recurse depth when parsing mime messages - Update to 20200320: * Bug Fixes - Fix COLUMNS env var - Fix sync after delete - Fix crash in notmuch - Fix sidebar indent - Fix emptying trash - Fix command line sending - Fix reading large address lists - Resolve symlinks only when necessary * Translations - lithuania 100% Lithuanian - es 96% Spanish * Docs - Include OpenSSL/LibreSSL/GnuTLS version in neomutt -v output - Fix case of GPGME and SQLite * Build - Create libcompress (lz4, zlib, zstd) - Create libhistory - Create libbcache - Move zstrm to libconn * Code - Add more test coverage - Rename magic to type - Use mutt_file_fopen() on config variables - Change commands to use intptr_t for data - Update to 20200313: * Window layout - Sidebar is only visible when it's usable. * Features - UI: add number of old messages to sidebar_format - UI: support ISO 8601 calendar date - UI: fix commands that don’t need to have a non-empty mailbox to be valid - PGP: inform about successful decryption of inline PGP messages - PGP: try to infer the signing key from the From address - PGP: enable GPGMe by default - Notmuch: use query as name for vfolder-from-query - IMAP: add network traffic compression (COMPRESS=DEFLATE, RFC4978) - Header cache: add support for generic header cache compression * Bug Fixes - Fix uncollapse_jump - Only try to perform entire-thread on maildir/mh mailboxes - Fix crash in pager - Avoid logging single new lines at the end of header fields - Fix listing mailboxes - Do not recurse a non-threaded message - Fix initial window order - Fix leaks on IMAP error paths - Notmuch: compose(attach-message): support notmuch backend - Fix IMAP flag comparison code - Fix $move for IMAP mailboxes - Maildir: maildir_mbox_check_stats should only update mailbox stats if requested - Fix unmailboxes for virtual mailboxes - Maildir: sanitize filename before hashing - OAuth: if 'login' name isn't available use 'user' - Add error message on failed encryption - Fix a bunch of crashes - Force C locale for email date - Abort if run without a terminal * Changed Config - $crypt_use_gpgme - Now defaults to 'yes' (enabled) - $abort_backspace - Hitting backspace against an empty prompt aborts the prompt - $abort_key - String representation of key to abort prompts - $arrow_string - Use an custom string for arrow_cursor - $crypt_opportunistic_encrypt_strong_keys - Enable encryption only when strong a key is available - $header_cache_compress_dictionary - Filepath to dictionary for zstd compression - $header_cache_compress_level - Level of compression for method - $header_cache_compress_method - Enable generic hcache database compression - $imap_deflate - Compress network traffic - $smtp_user - Username for the SMTP server * Translations - 100% Lithuanian - 81% Spanish - 78% Russian * Build - Add libdebug - Rename public headers to lib.h - Create libcompress for compressed folders code * Code - Refactor Windows and Dialogs - Lots of code tidying - Refactor: mutt_addrlist_{search,write} - Lots of improvements to the Config code - Use Buffers more pervasively - Unify API function naming - Rename library shared headers - Refactor libconn gui dependencies - Refactor: init.[ch] - Refactor config to use subsets - Config: add path type - Remove backend deps from the connection code * Upstream - Allow ~b ~B ~h patterns in send2-hook - Rename smime oppenc mode parameter to get_keys_by_addr() - Add $crypt_opportunistic_encrypt_strong_keys config var - Fix crash when polling a closed ssl connection - Turn off auto-clear outside of autocrypt initialization - Add protected-headers="v1" to Content-Type when protecting headers - Fix segv in IMAP postponed menu caused by reopen_allow - Adding ISO 8601 calendar date - Fix $fcc_attach to not prompt in batch mode - Convert remaining mutt_encode_path() call to use struct Buffer - Fix rendering of replacement_char when Charset_is_utf8 - Update to latest acutest.h - Update to 20191207: * Features: - compose: draw status bar with highlights * Bug Fixes: - crash opening notmuch mailbox - crash in mutt_autocrypt_ui_recommendation - Avoid negative allocation - Mbox new mail - Setting of DT_MAILBOX type variables from Lua - imap: empty cmdbuf before connecting - imap: select the mailbox on reconnect - compose: fix attach message * Build: - make files conditional * Code: - enum-ify log levels - fix function prototypes - refactor virtual email lookups - factor out global Context - Changes from 20191129: * Features: - Add raw mailsize expando (%cr) * Bug Fixes: - Avoid double question marks in bounce confirmation msg - Fix bounce confirmation - fix new-mail flags and behaviour - fix: browser <descend-directory> - fix ssl crash - fix move to trash - fix flickering - Do not check hidden mailboxes for new mail - Fix new_mail_command notifications - fix crash in examine_mailboxes() - fix crash in mutt_sort_threads() - fix: crash after sending - Fix crash in tunnel's conn_close - fix fcc for deep dirs - imap: fix crash when new mail arrives - fix colour 'quoted9' - quieten messages on exit - fix: crash after failed mbox_check - browser: default to a file/dir view when attaching a file * Changed Config: - Change $write_bcc to default off * Docs: - Add a bit more documentation about sending - Clarify $write_bcc documentation. - Update documentation for raw size expando - docbook: set generate.consistent.ids to make generated html reproducible * Build: - fix build/tests for 32-bit arches - tests: fix test that would fail soon - tests: fix context for failing idna tests - Update to 20191111: Bug fixes: * browser: fix directory view * fix crash in mutt_extract_token() * force a screen refresh * fix crash sending message from command line * notmuch: use nm_default_uri if no mailbox data * fix forward attachments * fix: vfprintf undefined behaviour in body_handler * Fix relative symlink resolution * fix: trash to non-existent file/dir * fix re-opening of mbox Mailboxes * close logging as late as possible * log unknown mailboxes * fix crash in command line postpone * fix memory leaks * fix icommand parsing * fix new mail interaction with mail_check_recent This update was imported from the openSUSE:Leap:15.1:Update update project. neomutt-20201120-bp151.3.3.1.src.rpm neomutt-20201120-bp151.3.3.1.x86_64.rpm neomutt-doc-20201120-bp151.3.3.1.noarch.rpm neomutt-lang-20201120-bp151.3.3.1.noarch.rpm neomutt-20201120-bp151.3.3.1.aarch64.rpm neomutt-20201120-bp151.3.3.1.ppc64le.rpm neomutt-20201120-bp151.3.3.1.s390x.rpm openSUSE-2020-2175 moderate openSUSE Backports SLE-15-SP1 Update This update for firebird fixes the following issues: firebird was updated to upstream version 3.0.7 * better diagnostic for the 'Missing security context' error (CORE-6362) * disconnect from the security database when missing plugin data structures cause an error (CORE-6339) * multiple important bug fixes update to upstream version 3.0.6 * add better transaction control in isql (CORE-4933) * increase parse speed of long queries (CORE-6274) * improve performance when using SRP plugin (CORE-6237) update to 3.0.5: * Improve the engine providers compatibility across Firebird versions * Make it possible for the AuthClient plugin to access the authentication block from DPB * Implement option to restore compressed .nbk files without explicitly decompressing them update to upstream version 3.0.4 * add support for SRP authentication using SHA-256 * ODS (database file format) version raised to 12.2 on some architectures (including i586, not x86_64); new version will be able to open existing ODS 12.0 created on the same architecture but for database transfer between architectures, backup/restore is always recommended * context variables WIRE_COMPRESSED and WIRE_ENCRYPTED were added to the SYSTEM namespace to report compression and encryption status, respectively, of the current connection (CORE-5913) * enhanced reporting of errors when dynamic library fails to load (CORE-5908) * include funciton name when UDF causes "Arithmetic exception, numeric overflow, or string truncation" error (CORE-5876) * context variables LOCALTIME and LOCALTIMESTAMP (synonyms for CURRENT_TIME and CURRENT_TIMESTAMP) for compatibility with 4.0 (CORE-5853) * read-only restriction for system tables was relaxed to permit CREATE, ALTER and DROP operations on their indexes (CORE-5746) * fix unauthorized BLOB access vulnerability (CORE-5801) * for a full list of bugfixes and improvements see http://www.firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-general.html#rnfb30-general-v304 - search also for "suse%d.%d" soname pattern to fix build after upcoming ICU update (boo#1095425) - move firebitd.xinetd back to firebird-server subpackage on SLE15 - provide /etc/xinetd.d directory on Tumbleweed and Leap 15.0 as xinetd is no longer guaranteed to be present there; this solution (suggested by Dimstar) is less painful than either having firebird-server depend on xinetd or splitting a new subpackage firebird-server-classic. - patch xinetd config file unconditionally; previous change would result in unpatched xinetd config file installed on Tumbleweed so that the service would be enabled by default and firebird binary run as root - Do no ship xinetd file on SLE15 (boo#1084459). update to upstream version 3.0.3 * fix conflicting constants; programs using * fb_info_crypt_state constant must be recompiled * provide crypto key name via fb_info_crypt_key item in Attachment::getInfo() * improve handling of concurrent ALTER DATABASE statements * make sure ORDER BY with equivalent expressions are equivalent and use the same plan * avoid serialization of isc_attach_database calls issued by EXECUTE STATEMENT * show date and time of analysis in gstat output * show database info in sweep error message * provide compression details and encryption status of the connection in Attachment::getInfo() API call * fix RDB$RELATION_TYPE when restoring ODS < 11.1 database * the optimizer can now estimate the actual record compression ratio * various performance improvements * various bug fixes, for a list, see release notes at http://www.firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-bug.html This update was imported from the openSUSE:Leap:15.1:Update update project. firebird-3.0.7.33374-bp151.4.3.1.src.rpm firebird-3.0.7.33374-bp151.4.3.1.x86_64.rpm firebird-doc-3.0.7.33374-bp151.4.3.1.noarch.rpm firebird-examples-3.0.7.33374-bp151.4.3.1.x86_64.rpm firebird-server-3.0.7.33374-bp151.4.3.1.x86_64.rpm firebird-utils-3.0.7.33374-bp151.4.3.1.x86_64.rpm libfbclient-devel-3.0.7.33374-bp151.4.3.1.x86_64.rpm libfbclient2-3.0.7.33374-bp151.4.3.1.x86_64.rpm libib_util-3.0.7.33374-bp151.4.3.1.x86_64.rpm libib_util-devel-3.0.7.33374-bp151.4.3.1.x86_64.rpm firebird-3.0.7.33374-bp151.4.3.1.aarch64.rpm firebird-examples-3.0.7.33374-bp151.4.3.1.aarch64.rpm firebird-server-3.0.7.33374-bp151.4.3.1.aarch64.rpm firebird-utils-3.0.7.33374-bp151.4.3.1.aarch64.rpm libfbclient-devel-3.0.7.33374-bp151.4.3.1.aarch64.rpm libfbclient2-3.0.7.33374-bp151.4.3.1.aarch64.rpm libfbclient2-64bit-3.0.7.33374-bp151.4.3.1.aarch64_ilp32.rpm libib_util-3.0.7.33374-bp151.4.3.1.aarch64.rpm libib_util-64bit-3.0.7.33374-bp151.4.3.1.aarch64_ilp32.rpm libib_util-devel-3.0.7.33374-bp151.4.3.1.aarch64.rpm firebird-3.0.7.33374-bp151.4.3.1.ppc64le.rpm firebird-examples-3.0.7.33374-bp151.4.3.1.ppc64le.rpm firebird-server-3.0.7.33374-bp151.4.3.1.ppc64le.rpm firebird-utils-3.0.7.33374-bp151.4.3.1.ppc64le.rpm libfbclient-devel-3.0.7.33374-bp151.4.3.1.ppc64le.rpm libfbclient2-3.0.7.33374-bp151.4.3.1.ppc64le.rpm libib_util-3.0.7.33374-bp151.4.3.1.ppc64le.rpm libib_util-devel-3.0.7.33374-bp151.4.3.1.ppc64le.rpm firebird-3.0.7.33374-bp151.4.3.1.s390x.rpm firebird-examples-3.0.7.33374-bp151.4.3.1.s390x.rpm firebird-server-3.0.7.33374-bp151.4.3.1.s390x.rpm firebird-utils-3.0.7.33374-bp151.4.3.1.s390x.rpm libfbclient-devel-3.0.7.33374-bp151.4.3.1.s390x.rpm libfbclient2-3.0.7.33374-bp151.4.3.1.s390x.rpm libib_util-3.0.7.33374-bp151.4.3.1.s390x.rpm libib_util-devel-3.0.7.33374-bp151.4.3.1.s390x.rpm openSUSE-2020-2222 moderate openSUSE Backports SLE-15-SP1 Update This update for nsd fixes the following issues: nsd was updated to the new upstream release 4.3.4 FEATURES: - Merge PR #141: ZONEMD RR type. BUG FIXES: - Fix that symlink does not interfere with chown of pidfile (boo#1179191, CVE-2020-28935) - Fix #128: Fix that the invalid port number is logged for sendmmsg failed: Invalid argument. - Fix #133: fix 0-init of local ( stack ) buffer. - Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN. - Fix to add missing closest encloser NSEC3 for wildcard nodata type DS answer. - Fix #138: NSD returns non-EDNS answer when QUESTION is empty. - Fix #142: NODATA answers missin SOA in authority section after CNAME chain. New upstream release 4.3.3: FEATURES: - Follow DNS flag day 2020 advice and set default EDNS message size to 1232. - Merged PR #113 with fixes. Instead of listing an IP-address to listen on, an interface name can be specified in nsd.conf, with ip-address: eth0. The IP-addresses for that interface are then used. - New upstream release 4.3.2 FEATURES: - Fix #96: log-only-syslog: yes sets to only use syslog, fixes that the default configuration and systemd results in duplicate log messages. - Fix #107: nsd -v shows configure line, openssl version and libevent version. - Fix #103 with #110: min-expire-time option. To provide a lower bound for expire period. Expressed in number of seconds or refresh+retry+1. BUG FIXES: - Fix to omit the listen-on lines from log at startup, unless verbose. - Fix #97: EDNS unknown version: query not in response. - Fix #99: Fix copying of socket properties with reuseport enabled. - Document default value for tcp-timeout. - Merge PR#102 from and0x000: add missing default in documentation for drop-updates. - Fix unlink of pidfile warning if not possible due to permissions, nsd can display the message at high verbosity levels. - Removed contrib/nsd.service, example is too complicated and not useful. - Merge #108 from Nomis: Make the max-retry-time description clearer. - Retry when udp send buffer is full to wait until buffer space is available. - Remove errno reset behaviour from sendmmsg and recvmmsg replacement functions. - Fix unit test for different nsd-control-setup -h exit code. - Merge #112 from jaredmauch: log old and new serials when NSD rejects an IXFR due to an old serial number. - Fix #106: Adhere better to xfrd bounds. Refresh and retry times. - Fix #105: Clearing hash_tree means just emptying the tree. New upstream release 4.3.1 BUG FIXES: - Merge PR #91 by gearnode: nsd-control-setup recreate certificates. The '-r' option recreates certificates. Without it it creates them if they do not exist, and does not modify them otherwise. New upstream release 4.3.0 FEATURES: - Fix to use getrandom() for randomness, if available. - Fix #56: Drop sparse TSIG signing support in NSD. Sign every axfr packet with TSIG, according to the latest draft-ietf-dnsop-rfc2845bis-06, Section 5.3.1. - Merge pull request #59 from buddyns: add FreeBSD support for conf key ip-transparent. - Add feature to pin server processes to specific cpus. - Add feature to pin IP addresses to selected server processes. - Set process title to identify individual processes. - Merge PR#22: minimise-any: prefer polular and not large RRset, from Daisuke Higashi. - Add support for SO_BINDTODEVICE on Linux. - Add feature to drop queries with opcode UPDATE. BUG FIXES: - Fix whitespace in nsd.conf.sample.in, patch from Paul Wouters. - use-systemd is ignored in nsd.conf, when NSD is compiled with libsystemd it always signals readiness, if possible. - Note that use-systemd is not necessary and ignored in man page. - Fix responses for IXFR so that the authority section is not echoed in the response. - Fix that the retry wait does not exceed one day for zone transfers. - Update keyring as per https://nlnetlabs.nl/people/ New upstream release 4.2.3: * confine-to-zone configures NSD to not return out-of-zone additional information. * pidfile "" allows to run NSD without a pidfile * adds support for readiness notification with READY_FD * fix excessive logging of ixfr failures, it stops the log when fallback to axfr is possible. log is enabled at high verbosity. * The nsd.conf includes are sorted ascending, for include statements with a '*' from glob. * Fix log address and failure reason with tls handshake errors, squelches (the same as unbound) some unless high verbosity is used. * Number of different UDP handlers has been reduced to one. recvmmsg and sendmmsg implementations are now used on all platforms. * Socket options are now set in designated functions for easy reuse. * Socket setup has been simplified for easy reuse. * Configuration parser is now aware of the context in which an option was specified. * document that remote-control is a top-level nsd.conf attribute. - Remove legacy upgrade of nsd users in %post (boo#1157331) New upstream release 4.2.2: * Fix #20: CVE-2019-13207 Stack-based Buffer Overflow in the dname_concatenate() function. Reported by Frederic Cambus. It causes the zone parser to crash on a malformed zone file, with assertions enabled, an assertion catches it. * Fix #19: Out-of-bounds read caused by improper validation of array index. Reported by Frederic Cambus. The zone parser fails on type SIG because of mismatched definition with RRSIG. * PR #23: Fix typo in nsd.conf man-page. * Fix that NSD warns for wrong length of the hash in SSHFP records. * Fix #25: NSD doesn't refresh zones after extended downtime, it refreshes the old zones. * Set no renegotiation on the SSL context to stop client session renegotiation. * Fix #29: SSHFP check NULL pointer dereference. * Fix #30: SSHFP check failure due to missing domain name. * Fix to timeval_add in minievent for remaining second in microseconds. * PR #31: nsd-control: Add missing stdio header. * PR #32: tsig: Fix compilation without HAVE_SSL. * Cleanup tls context on xfrd exit. * Fix #33: Fix segfault in service of remaining streams on exit. * Fix error message for out of zone data to have more information. New upstream release 4.2.1: * FEATURES: - Added num.tls and num.tls6 stat counters. - PR #12: send-buffer-size, receive-buffer-size, tcp-reject-overflow options for nsd.conf, from Jeroen Koekkoek. - Fix #14, tcp connections have 1/10 to be active and have to work every second, and then they get time to complete during a reload, this is a process that lingers with the old version during a version update. * BUG FIXES: - Fix #13: Stray dot at the end of some log entries, removes dot after updated serial number in log entry. - Fix TLS cipher selection, the previous was redundant, prefers CHACHA20-POLY1305 over AESGCM and was not as readable as it could be. - Fix #15: crash in SSL library, initialize variables for TCP access when TLS is configured. - Fix tls handshake event callback function mistake, reported by Mykhailo Danylenko. - Fix output of nsd-checkconf -h. New upstream release 4.2.0: * Implement TCP fast open * Added DNS over TLS * TLS OCSP stapling support with the tls-service-ocsp option * New option hide-identity can be used in nsd.conf to stop NSD from responding with the hostname for probe queries that elicit the chaos class response, this is conform RFC4892 * Disable TLS1.0, TLS1.1 and weak ciphers, enable CIPHER_SERVER_PREFERENCE Update to upstream release 4.1.27: * FEATURES: - Deny ANY with only one RR in response, by default. Patch from Daisuke Higashi. The deny-any statement in nsd.conf sets ANY queries over UDP to be further moved to TCP as well. Also no additional section processig for type ANY, reducing the response size. - Fix #4215: on-the-fly change of TSIG keys with patch from Igor, adds nsd-control print_tsig, update_tsig, add_tsig, assoc_tsig and del_tsig. These changes are gone after reload, edit the config file (or a file included from it) to make changes that last after restart. * BUG FIXES: Update to upstream release 4.1.26: * FEATURES: - DNSTAP support for NSD, --enable-dnstap and then config in nsd.conf. - Support SO_REUSEPORT_LB in FreeBSD 12 with the reuseport: yes option in nsd.conf. - Added nsd-control changezone. nsd-control changezone name pattern allows the change of a zone pattern option without downtime for the zone, in one operation. * BUG FIXES: - Fix #4194: Zone file parser derailed by non-FQDN names in RHS of DNSSEC RRs. - Fix #4202: nsd-control delzone incorrect exit code on error. - Fix to not set GLOB_NOSORT so the nsd.conf include: files are sorted and in a predictable order. - Fix #3433: document that reconfig does not change per-zone stats. Update to upstream release 4.1.25: * FEATURES: - nsd-control prints neater errors for file failures. * BUG FIXES: - Fix that nsec3 precompile deletion happens before the RRs of the zone are deleted. - Fix printout of accepted remote control connection for unix sockets. - Fix use_systemd typo/leftover in remote.c. - Fix codingstyle in nsd-checkconf.c in patch from Sharp Liu. - append_trailing_slash has one implementation and is not repeated differently. - Fix coding style in nsd.c - Fix to combine the same error function into one, from Xiaobo Liu. - Fix initialisation in remote.c. - please clang analyzer and fix parse of IPSECKEY with bad gateway. - Fix nsd-checkconf fail on bad zone name. - Annotate exit functions with noreturn. - Remove unused if clause during server service startup. - Fix #4156: Fix systemd service manager state change notification When it is compiled, systemd readiness signalling is enabled. The option in nsd.conf is not used, it is ignored when read. Update to upstream release 4.1.24: - Features * #4102: control interface via local socket * configure --enable-systemd (needs pkg-config and libsystemd) can be used to then use-systemd: yes in nsd.conf and have readiness signalling with systemd. * RFC8162 support, for record type SMIMEA. - Bug Fixes * Patch to fix openwrt for mac os build darwin detection in configure. * Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. * #4106: Fix that stats printed from nsd-control are recast from unsigned long to unsigned (remote.c). * Fix that type CAA (and URI) in the zone file can contain dots when not in quotes. * #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM chain, NSD leniently attempts to find a working NSEC3PARAM. Update to upstream release 4.1.23: - Fix NSD time sensitive TSIG compare vulnerability. Update to upstream release 4.1.22: - Features: * refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. * Use accept4 to speed up answer of TCP queries - Bug fixes: * Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. * Fix to use same condition for nsec3 hash allocation and free. - Changes in version 4.1.21: - Features: * --enable-memclean cleans up memory for use with memory checkers, eg. valgrind. * refuse-any nsd.conf option that refuses queries of type ANY. * lower memory usage for tcp connections, so tcp-count can be higher. - Bug fixes: * Fix spelling error in xfr-inspect. * Fix buffer size warnings from compiler on filename lengths. nsd-4.1.27-bp151.3.3.1.src.rpm nsd-4.1.27-bp151.3.3.1.x86_64.rpm nsd-4.1.27-bp151.3.3.1.aarch64.rpm nsd-4.1.27-bp151.3.3.1.ppc64le.rpm nsd-4.1.27-bp151.3.3.1.s390x.rpm openSUSE-2020-2226 moderate openSUSE Backports SLE-15-SP1 Update This update for minidlna fixes the following issues: minidlna was updated to version 1.3.0 (boo#1179447) - Fixed some build warnings when building with musl. - Use $USER instead of $LOGNAME for the default friendly name. - Fixed build with GCC 10 - Fixed some warnings from newer compilers - Disallow negative HTTP chunk lengths. [CVE-2020-28926] - Validate SUBSCRIBE callback URL. [CVE-2020-12695] - Fixed spurious warnings with ogg coverart - Fixed an issue with VLC where browse results would be truncated. - Fixed bookmarks on Samsung Q series - Added DSD file support. - Fixed potential stack smash vulnerability in getsyshwaddr on macOS. - Will now reload the log file on SIGHUP. - Worked around bad SearchCriteria from the Control4 Android app. - Increased max supported network addresses to 8. - Added forced alphasort capability. - Added episode season and number metadata support. - Enabled subtitles by default for unknown DLNA clients, and add enable_subtitles config option. - Fixed discovery when connected to certain WiFi routers. - Added FreeBSD kqueue support. - Added the ability to set the group to run as. This update was imported from the openSUSE:Leap:15.1:Update update project. minidlna-1.3.0-bp151.2.3.1.src.rpm minidlna-1.3.0-bp151.2.3.1.x86_64.rpm minidlna-1.3.0-bp151.2.3.1.aarch64.rpm minidlna-1.3.0-bp151.2.3.1.ppc64le.rpm minidlna-1.3.0-bp151.2.3.1.s390x.rpm openSUSE-2020-2227 moderate openSUSE Backports SLE-15-SP1 Update This update for pngcheck fixes the following issues: - CVE-2020-27818: Fixed a global buffer overflow in check_chunk_name function via crafted pngfile (boo#1179528). This update was imported from the openSUSE:Leap:15.1:Update update project. pngcheck-2.3.0-bp151.4.3.1.src.rpm pngcheck-2.3.0-bp151.4.3.1.x86_64.rpm pngcheck-2.3.0-bp151.4.3.1.aarch64.rpm pngcheck-2.3.0-bp151.4.3.1.ppc64le.rpm pngcheck-2.3.0-bp151.4.3.1.s390x.rpm openSUSE-2020-2261 moderate openSUSE Backports SLE-15-SP1 Update This update for audacity fixes the following issues: - CVE-2020-11867: Avoid saving temporary files to /var/tmp/audacity-$USER by default, which permissions are set to 755. (bsc#1179449) audacity-2.2.2-bp151.4.3.1.src.rpm audacity-2.2.2-bp151.4.3.1.x86_64.rpm audacity-lang-2.2.2-bp151.4.3.1.noarch.rpm audacity-2.2.2-bp151.4.3.1.aarch64.rpm audacity-2.2.2-bp151.4.3.1.ppc64le.rpm audacity-2.2.2-bp151.4.3.1.s390x.rpm openSUSE-2020-2221 moderate openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Remove erroneous call to ldconfig which causes Firefox crashes (boo#1179298) This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.66-bp151.3.143.2.x86_64.rpm chromium-87.0.4280.66-bp151.3.143.2.src.rpm chromium-87.0.4280.66-bp151.3.143.2.x86_64.rpm chromedriver-87.0.4280.66-bp151.3.143.2.aarch64.rpm chromium-87.0.4280.66-bp151.3.143.2.aarch64.rpm openSUSE-2020-2229 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Update to 87.0.4280.88 boo#1179576 - CVE-2020-16037: Use after free in clipboard - CVE-2020-16038: Use after free in media - CVE-2020-16039: Use after free in extensions - CVE-2020-16040: Insufficient data validation in V8 - CVE-2020-16041: Out of bounds read in networking - CVE-2020-16042: Uninitialized Use in V8 This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.88-bp151.3.147.1.x86_64.rpm chromium-87.0.4280.88-bp151.3.147.1.src.rpm chromium-87.0.4280.88-bp151.3.147.1.x86_64.rpm chromedriver-87.0.4280.88-bp151.3.147.1.aarch64.rpm chromium-87.0.4280.88-bp151.3.147.1.aarch64.rpm openSUSE-2020-2337 moderate openSUSE Backports SLE-15-SP1 Update This update for blosc fixes the following issues: Update to version 1.20.1 boo#1179914 CVE-2020-29367: * More saftey checks have been implemented so that potential flaws discovered by new fuzzers in OSS-Fuzzer are fixed now * BloscLZ updated to 2.3.0. Expect better compression ratios for faster codecs. For details, see our new blog post: https://blosc.org/posts/beast-release/ * Fixed the _xgetbv() collision. Thanks to Michał Górny (@mgorny). Update to version 1.19.0: * The length of automatic blocksizes for fast codecs (lz4, blosclz) has been incremented quite a bit (up to 256 KB) for better compression ratios. * The performance in modern CPUs (with at least 256 KB in L2 cache) should be better too (for older CPUs the performance should stay roughly the same). * For small buffers that cannot be compressed (typically < 128 bytes), blosc_compress() returns now a 0 (cannot compress) instead of a negative number (internal error). See #294. * blosclz codec updated to 2.1.0. Expect better compression ratios and performance in a wider variety of scenarios. * blosc_decompress_unsafe(), blosc_decompress_ctx_unsafe() and blosc_getitem_unsafe() have been removed because they are dangerous and after latest improvements, they should not be used in production. Update to version 1.18.1: * Fixed the copy of the leftovers of a chunk when its size is not a multiple of the typesize. Update to version 1.17.1: * BloscLZ codec updated to 2.0.0. Update to version 1.16.3: * Fix for building for clang with -march=haswell. See PR #262. * Fix all the known warnings for GCC/Clang. Still some work to do for MSVC in this front. * Due to some problems with several CI systems, the check for library symbols are deactivated now by default. If you want to enforce this check, use: cmake .. -DDEACTIVATE_SYMBOLS_CHECK=ON to re-activate it. * Correct the check for the compressed size when the buffer is memcpyed. This was a regression introduced in 1.16.0. Fixes #261. * Fixed a regression in 1.16.0 that prevented to compress empty buffers (see #260). * Now the functions that execute Blosc decompressions are safe by default for untrusted/possibly corrupted inputs. * The previous functions (with less safety) checks are still available with a '_unsafe' suffix. The complete list is: * Also, a new API function named blosc_cbuffer_validate(), for validating Blosc compressed data, has been added. * For details, see PR #258. Thanks to Jeremy Maitin-Shepard. * Fixed a bug in blosc_compress() that could lead to thread deadlock under some situations. See #251. Thanks to @wenjuno for the report and the fix. * Fix data race in shuffle.c host_implementation initialization. Fixes #253. Thanks to Jeremy Maitin-Shepard. * Add workaround for Visual Studio 2008's lack of a stdint.h file to blosclz.c. * Replaced //-comments with /**/-comments and other improvements for compatibility with quite old gcc compilers. See PR #243. Thanks to Andreas Martin. * Empty buffers can be compressed again (this was unadvertedly prevented while fixing #234). See #247. Thanks to Valentin Haenel. Update to version 1.14.4: * Added a new DEACTIVATE_SSE2 option for cmake that is useful for disabling SSE2 when doing cross-compilation (see #236). * New check for detecting output buffers smaller than BLOSC_MAX_OVERHEAD. * The complib and version parameters for blosc_get_complib_info() can be safely set to NULL now. This allows to call this function even if the user is not interested in these parameters (so no need to reserve memory for them). * In some situations that a supposedly blosc chunk is passed to blosc_decompress(), one might end with an Arithmetic exception. This is probably due to the chunk not being an actual blosc chunk, and divisions by zero might occur. A protection has been added for this. Update to version 1.14.3: * Fixed a bug that caused C-Blosc to crash on platforms requiring strict alignment. * Fixed a piece of code that was not C89 compliant. blosc-1.20.1-bp151.4.3.1.src.rpm blosc-devel-1.20.1-bp151.4.3.1.x86_64.rpm libblosc1-1.20.1-bp151.4.3.1.x86_64.rpm blosc-devel-1.20.1-bp151.4.3.1.aarch64.rpm libblosc1-1.20.1-bp151.4.3.1.aarch64.rpm blosc-devel-1.20.1-bp151.4.3.1.ppc64le.rpm libblosc1-1.20.1-bp151.4.3.1.ppc64le.rpm blosc-devel-1.20.1-bp151.4.3.1.s390x.rpm libblosc1-1.20.1-bp151.4.3.1.s390x.rpm openSUSE-2020-2361 important openSUSE Backports SLE-15-SP1 Update This update for kdeconnect-kde fixes the following issues: - Add fingerprinting for device verification (boo#1177672). This update was imported from the openSUSE:Leap:15.1:Update update project. kdeconnect-kde-1.3.3-bp151.4.6.1.src.rpm kdeconnect-kde-1.3.3-bp151.4.6.1.x86_64.rpm kdeconnect-kde-lang-1.3.3-bp151.4.6.1.noarch.rpm kdeconnect-kde-1.3.3-bp151.4.6.1.aarch64.rpm kdeconnect-kde-1.3.3-bp151.4.6.1.ppc64le.rpm kdeconnect-kde-1.3.3-bp151.4.6.1.s390x.rpm openSUSE-2020-2365 moderate openSUSE Backports SLE-15-SP1 Update This update for cacti fixes the following issues: - fix httpd startup errors due to mismatched configuration directives (boo#1175314) cacti 1.2.16: * When generating a report, the Cascade to Branches function does not as expected * When viewing graphs, automatic refresh so not always work as expected * Realtime graph pop up counter bug * Undefined variable errors may occur when creating a new datasource * The cli-based installer does not exit with a non-zero exit code when error occurs * When an export is complete, sometimes the progress bar remains * When enabling many devices, a threshold can be reached causing a slowdown in the process * When performing actions against Devices, replicated device information could sometimes be lost * When using API to rename a tree node, backtrace may be incorrectly shown * When searching, valid pages can sometimes be shown as empty by ddb4github * When exporting data from graphs, not all data was properly included * Graph Templates filter is not updated after new graph created by ddb4github * Username and password on the login page is not visible in Classic theme * Improve wording of concurrent process and thread settings * Location filter should remove blank entries by ddb4github * When syncing data collectors, a reindex event may be triggered unnecessarily * Automation Networks allows discovery of invalid IP addresses * When changing permissions of the current user, they don't take effect immediately * When reindexing a device, an incorrect page was sometimes displayed * When repairing database, audit_database.php does not add missing columns * Log page should not be empty if no log info exists * During upgrade, there are times when realms can be duplicated leading to SQL errors * When using ping.php, UDP response times are not interpreted properly by hypnotoad * Improve warning you get when attempting to view a log file you don't have access to * When replicating files, scripts are not marked as executable * When creating plugin tables, collation is not set properly * Update c3.js to version 0.7.20 * Update Chart.js to version 2.9.4 * Update phpseclib to version 2.0.29 * Update PHPMailer to version 6.1.8 * Use LSB shebang notation for cli scripts * Add support for cactid daemon based launcher * Add ability to hide the Graph Drilldown icons by datatecuk * Add hooks for plugins to show custom Graph Source and custom Template URL (List View) cacti 1.2.15, fixing the following bugs: * When editing Maximum OIDs Per Get Request, blank value can cause errors * Boost may run more often than it should * Recache Event Loop can cause Interface Graphs to show gaps * When searching Graph Tree's, non matching devices remain visible * Page validation errors may occur when opening real time graphs * External Links do not always open if they are still open from previous usage * Cultural changes to various word usage * Replicate deleted device status instead of poller sync * Description field allows more characters entered than is stored * When installing or upgrading, LDAP functions may not always be included properly * Unable to remove discovered device * When installing or upgrading, PHP recommendations may not always return a valid value * Graph Templates has duplicate SQL delete statement * When syncing to remote poller, missing function errors may occur * When removing devices from remote pollers, devices may reappear without details * When removing devices, array errors may sometimes be recorded * Variable injection does not always work as expected * Editing Data Queries with multiple data templates can give errors about Suggested values * Progress bar does not provide enough visual information during long page loads * Some themes do not allow for a way to see which user is currently signed in * When viewing tables, allow users to force all columns to be visible * Column sizing is being lost between pages refreshes * When viewing input methods table, no ID is shown to help identify which method is being viewed * Filters do not always respect using keyboard to initiate searching * When exporting a data query, an invalid column name error can sometimes be shown * When checking if a view is allowed, having no session can result in errors * When removing devices via the CLI, undefined variable errors may be seen * Real Time Graphs may cause invalid index errors * On newer versions of MySQL/MariaDB, 'system' keyword can cause issues * Plugin setup can generate errors when reading options via system function * Plugin version numbers can be unexpectedly truncated * When PHP Session is set to autostart, an error can be reported as Cacti attempts to start it * When removing multiple items, selection process does not always work * When exporting colors, the indicator is not always removed upon completion * Unable to pass tree and leaf ID to 'graph_button' hook * When performing maintenance, various errors may sometimes be seen * When Guest User setting is active, current user is not always properly set * When installing Cacti, minor errors in text can be seen * Numbers are not always formatted properly when there are no decimal places * When viewing Real Time Graphs, an undefined index error may be recorded * Minor memory leaks and refresh issues when zooming on graphs * Real Time Graphs may sometimes fail due to folder permissions * Navigation can sometimes occur unexpectedly due to background timers * Trees management screen not reporting correct number of trees * Tree sequences can sometimes skip numbers during resorting * Guest user selection should not allow setting the currently logged in user * Links in Table Headers do not show clearly when in modern theme * Under some cases tree logic leads to undefined index errors * Cacti Data Debug can show errors if the Data Source is damaged or has been removed * When importing a data query, an invalid column name error can sometimes be shown * When using shift functions on graphs, negative values are not allowed * Correct issue when file is unreadable reporting no file was specified * Orphaned Plugins have no option to be removed * Update MySQL recommendations for Character Set and Colation * Correct sorting of IP addresses to be numeric not alpha by JamesTilt * Saving a device should not always repopulate the poller cache This update was imported from the openSUSE:Leap:15.1:Update update project. cacti-1.2.16-bp151.4.18.1.noarch.rpm cacti-1.2.16-bp151.4.18.1.src.rpm openSUSE-2021-16 moderate openSUSE Backports SLE-15-SP1 Update This update for privoxy fixes the following issues: privoxy was updated to 3.0.29: * Fixed memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory. OVE-20201118-0001 * Fixed a memory leak in the show-status CGI handler when no action files are configured OVE-20201118-0002 * Fixed a memory leak in the show-status CGI handler when no filter files are configured OVE-20201118-0003 * Fixes a memory leak when client tags are active OVE-20201118-0004 * Fixed a memory leak if multiple filters are executed and the last one is skipped due to a pcre error OVE-20201118-0005 * Prevent an unlikely dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed. OVE-20201118-0006 * Fixed memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail. OVE-20201118-0007 * Fixed memory leaks in the show-status CGI handler when memory allocations fail OVE-20201118-0008 * Add experimental https inspection support * Use JIT compilation for static filtering for speedup * Add support for Brotli decompression, add 'no-brotli-accepted' filter which prevents the use of Brotli compression * Add feature to gather exended statistics * Use IP_FREEBIND socket option to help with failover * Allow to use extended host patterns and vanilla host patterns at the same time by prefixing extended host patterns with "PCRE-HOST-PATTERN:" * Added "Cross-origin resource sharing" (CORS) support * Add SOCKS5 username/password support * Bump the maximum number of action and filter files to 100 each * Fixed handling of filters with "split-large-forms 1" when using the CGI editor. * Better detect a mismatch of connection details when figuring out whether or not a connection can be reused * Don't send a "Connection failure" message instead of the "DNS failure" message * Let LOG_LEVEL_REQUEST log all requests * Improvements to default Action file License changed to GPLv3. - remove packaging vulnerability boo#1157449 This update was imported from the openSUSE:Leap:15.1:Update update project. privoxy-3.0.29-bp151.3.3.1.src.rpm privoxy-3.0.29-bp151.3.3.1.x86_64.rpm privoxy-doc-3.0.29-bp151.3.3.1.noarch.rpm privoxy-3.0.29-bp151.3.3.1.aarch64.rpm privoxy-3.0.29-bp151.3.3.1.ppc64le.rpm privoxy-3.0.29-bp151.3.3.1.s390x.rpm openSUSE-2021-47 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Update to 87.0.4280.141 (boo#1180645) - CVE-2021-21106: Use after free in autofill - CVE-2021-21107: Use after free in drag and drop - CVE-2021-21108: Use after free in media - CVE-2021-21109: Use after free in payments - CVE-2021-21110: Use after free in safe browsing - CVE-2021-21111: Insufficient policy enforcement in WebUI - CVE-2021-21112: Use after free in Blink - CVE-2021-21113: Heap buffer overflow in Skia - CVE-2020-16043: Insufficient data validation in networking - CVE-2021-21114: Use after free in audio - CVE-2020-15995: Out of bounds write in V8 - CVE-2021-21115: Use after free in safe browsing - CVE-2021-21116: Heap buffer overflow in audio - Use main URLs instead of redirects in master preferences This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.141-bp151.3.150.1.x86_64.rpm chromium-87.0.4280.141-bp151.3.150.1.src.rpm chromium-87.0.4280.141-bp151.3.150.1.x86_64.rpm chromedriver-87.0.4280.141-bp151.3.150.1.aarch64.rpm chromium-87.0.4280.141-bp151.3.150.1.aarch64.rpm openSUSE-2021-98 moderate openSUSE Backports SLE-15-SP1 Update This update for htop fixes the following issues: - Update to version 3.0.5: * InfoScreen: fix uncontrolled format string * Improve white text in the Light Terminal colour scheme * Enable the function bar on the main screen to be hidden (see Setup -> Display options) * Reduce layout issues esp. around printing wide characters (not complete yet) * Make the follow function exit cleanly after followed process died * Update help and man page for improved -t / -s options * Drop usage of formatted error messages from <err.h> * Show arrow indicating order of sorted process column * Lots of plumbing around the internal Hashtable, hardening and code cleanups * LibSensors: add support for Ryzen CPUs * Fix CPU percentage on M1 silicon Macs * LoadMeter: dynamically adjust color and total of bar * Find libsensors.so.4 for Fedora and friends * Enable going back to previous search matches (Shift-F3) * Added keybind 'N' for sorting by PID (drops 'n'/'N' as not used before much) - htop 3.0.4: * Separate tree and list sort orders * PSI Meter: constant width and only print ten-duration as bar * Sort in paused mode after inverting sort order * Handle absence of package CPU temperature * Document dynamic bindings and assumed external configuration * Update key mapping documentation for sorting - Update to version 3.0.3 * Process sorting in 'tree' mode * Improved command display/sort functionality * Add screen for active file locks * Calculate library size (M_LRS column) from maps file * Add a Zram meter * Add Linux cwd process column * Dynamically load libsensors at runtime * Improve PressureStall Meter display strings * Hide process selection on ESC * Fully support non-ascii characters in Meter-Bar * Add support to change numeric options in settings screen * Rename virtual memory column from M_SIZE to M_VIRT * Add process column for normalized CPU usage * Show CPU temperature in CPU meter * Drop hideThreads Setting * Add a systemd meter * Add a network IO meter * Add a SELinux meter * Compress size of default FunctionBar * Updates to the OpenFiles screen * Continue updating header data in paused mode * BUGFIX: Handle data wraparounds in IO meters * BUGFIX: Update InfoScreen content on resize * Add security attribute process column * Add DiskIOMeter for IO read/write usage * Read CPU frequency from sysfs by default * Add Linux process column for context switches * Several FreeBSD and Mac OS X platform updates * Add process environment for FreeBSD * Parse POWER_SUPPLY_CAPACITY for Linux Battery meter * Add octuple-column CPU meters. * BUGFIX: On Linux consider ZFS ARC to be cache * BUGFIX: Limit screen title length to window width * Show selected command wrapped in a separate window * Allow to pass '/' for item search * Document implicit incremental search * Handle 'q' as quit if first character * Avoid expensive build of process tree when not using it * Include documentation for COMM and EXE * Distinguish display of no permissions for reading M_LRS * Only calculate M_LRS size every 2 seconds * Improvements to comm / cmdline display functionality * Merged view for COMM, EXE and cmdline (thanks to Narendran Gopalakrishnan and Benny Baumann) * Consistent kernel thread display for COMM/EXE columns * Central fault handling for all platforms * Handle parsing envID & VPid from process status file * Use threshold for display of guest/steal/irq meters * Enhance highlighting of semi-large and large numbers * Documentation on the repository style guide * Align processor identifier to the right * Document M_PSS, M_PSSWP, M_SWAP in man page * Add Date and DateTime meters * BUGFIX: Fix Solaris 11.4 due to missing ZFS ARC kstats * Code hardening, speedups, fd and memory leak fixes * Number CPUs from zero by default * Remove residual python checks during the build process - Update to version 3.0.2 * BUGFIX: Drop 'vim_mode' - several issues, needs rethink * BUGFIX: fix regression in -u optional-argument handling * Build system rework to remove python, header generation * CI, code quality improvements - Switch to new official bintray tarball to remove automake deps - Update to version 3.0.1 * BUGFIX: Fix early exit with longer sysfs battery paths * BUGFIX: Improve OOM output, fix sorting * Rework check buttons and tree open/closed * Add -U/--no-unicode option to disable unicode * Improvements to the affinity panel - Update to version 3.0.0 * Add simple, optional vim key mapping mode * Support more than 2 smaller CPU meter columns * Support Linux proportional set size metrics * Support Linux pressure stall information metrics * New display option to show CPU frequency in CPU meters * Update Linux sysfs battery discovery for recent kernels * Add hardware topology information in the affinity panel * Add timestamp reporting to the strace screen * Added an option to disable the mouse * Without an argument -u uses $USER value automatically * Support less(1) search navigation shortcuts * Support ZFS ARC statistics * Report values larger than 100 terabytes * Widen ST_UID (UID) column to allow for UIDs > 9999 * BUGFIX: fix makefiles for building with clang * BUGFIX: fix <sys/sysmacros.h> major() usage * BUGFIX: correctly identify other types of zombie process * BUGFIX: improve follow-process handling in some situations * BUGFIX: fix custom meters reverting to unexpected setting * BUGFIX: close pipe after running lsof(1) * BUGFIX: meters honour setting of counting CPUs from 0/1 - Fix building with gcc10 - Fixed boo#1165352 htop-3.0.5-bp151.4.4.1.src.rpm htop-3.0.5-bp151.4.4.1.x86_64.rpm htop-3.0.5-bp151.4.4.1.aarch64.rpm htop-3.0.5-bp151.4.4.1.ppc64le.rpm htop-3.0.5-bp151.4.4.1.s390x.rpm openSUSE-2021-125 moderate openSUSE Backports SLE-15-SP1 Update This update for kdevelop5 fixes the following issues: - Make debugging work with gdb-10.x (kde#428688) kdevelop5-5.3.2-bp151.3.3.1.src.rpm kdevelop5-5.3.2-bp151.3.3.1.x86_64.rpm kdevelop5-lang-5.3.2-bp151.3.3.1.noarch.rpm kdevplatform-5.3.2-bp151.3.3.1.x86_64.rpm kdevplatform-devel-5.3.2-bp151.3.3.1.x86_64.rpm kdevplatform-lang-5.3.2-bp151.3.3.1.noarch.rpm libkdevplatform53-5.3.2-bp151.3.3.1.x86_64.rpm kdevelop5-5.3.2-bp151.3.3.1.aarch64.rpm kdevplatform-5.3.2-bp151.3.3.1.aarch64.rpm kdevplatform-devel-5.3.2-bp151.3.3.1.aarch64.rpm libkdevplatform53-5.3.2-bp151.3.3.1.aarch64.rpm openSUSE-2021-121 important openSUSE Backports SLE-15-SP1 Update This update for vlc fixes the following issues: Update to 3.0.11.1: - CVE-2020-13428: Fixed heap-based buffer overflow in the hxxx_AnnexB_to_xVC () (boo#1172727) - CVE-2020-26664: Fixed heap-based buffer overflow in EbmlTypeDispatcher:send () (boo#1180755) This update was imported from the openSUSE:Leap:15.1:Update update project. libvlc5-3.0.11.1-bp151.5.12.1.x86_64.rpm libvlccore9-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-3.0.11.1-bp151.5.12.1.src.rpm vlc-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-codec-gstreamer-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-devel-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-jack-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-lang-3.0.11.1-bp151.5.12.1.noarch.rpm vlc-noX-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-opencv-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-qt-3.0.11.1-bp151.5.12.1.x86_64.rpm vlc-vdpau-3.0.11.1-bp151.5.12.1.x86_64.rpm openSUSE-2021-117 moderate openSUSE Backports SLE-15-SP1 Update This update for python-jupyter_notebook fixes the following issue: - CVE-2020-26215: Fixed an open redirect vulnerability (boo#1180458). This update was imported from the openSUSE:Leap:15.1:Update update project. python-jupyter_notebook-5.7.7-bp151.3.3.1.src.rpm python-jupyter_notebook-doc-5.7.7-bp151.3.3.1.noarch.rpm python2-jupyter_notebook-5.7.7-bp151.3.3.1.noarch.rpm python2-jupyter_notebook-lang-5.7.7-bp151.3.3.1.noarch.rpm python2-jupyter_notebook-latex-5.7.7-bp151.3.3.1.noarch.rpm python3-jupyter_notebook-5.7.7-bp151.3.3.1.noarch.rpm python3-jupyter_notebook-lang-5.7.7-bp151.3.3.1.noarch.rpm python3-jupyter_notebook-latex-5.7.7-bp151.3.3.1.noarch.rpm openSUSE-2021-118 moderate openSUSE Backports SLE-15-SP1 Update rt-tests was updated to fix the following issues: Update to upstream version 1.10 (SLE-12981): * rt-tests: queuelat: Remove get_cpuinfo_mhz.sh and old Makefile * rt-tests: determine_maximum_mpps.sh: Add a menu to get user settings. * rt-numa: Introduce NUMA helpers * cyclictest: Only report the first incident * Streamline usage and man page Changes from version 1.9: * signaltest: Only print from the first thread stats when quiet * rt-tests: cyclictest: Move ftrace helpers into rt-utils.[ch] * pi_stress: limit the number of inversion groups to the number of online cores * rt-tests: Install new man page get_cyclictest_snapshot.8 * rt-tests: Add a man page for get_cyclictest_snapshot * rt-tests: ptsematest.8: Update the ptsematest man page * rt-tests: improvements to the python style in get_cyclictest_snapshot * cyclictest: Fix setaffinity error on large NUMA machines Changes from version 1.8: * cyclictest: Make the affinity mask apply to the main thread too * Remove support for compiling without NUMA * cyclictest: Only run on runtime affinity and user supplied affinity * cyclictest: Only run on available cpus according to the affinity * cyclictest: Report all errors from pthread_setaffinity_np Changes from version 1.7: * Add get_cyclictest_snapshot to Makefile * Add the get_cyclictest_snapshot.py utility * determine_maximum_mpps.sh: Fix quoting and other shell issue * queuelat: get_cpuinfo_mhz.sh highest value * cyclicdeadline: Add a simple manpage for cyclicdeadline This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the openSUSE:Leap:15.1:Update update project. rt-tests-1.10-bp151.2.6.1.src.rpm rt-tests-1.10-bp151.2.6.1.x86_64.rpm openSUSE-2021-119 moderate openSUSE Backports SLE-15-SP1 Update This update for viewvc fixes the following issues: - update to 1.1.28 (boo#1167974, CVE-2020-5283): * security fix: escape subdir lastmod file name (#211) * fix standalone.py first request failure (#195) * suppress stack traces (with option to show) (#140) * distinguish text/binary/image files by icons (#166, #175) * colorize alternating file content lines (#167) * link to the instance root from the ViewVC logo (#168) * display directory and root counts, too (#169) * fix double fault error in standalone.py (#157) * support timezone offsets with minutes piece (#176) This update was imported from the openSUSE:Leap:15.1:Update update project. viewvc-1.1.28-bp151.4.3.1.noarch.rpm viewvc-1.1.28-bp151.4.3.1.src.rpm openSUSE-2021-137 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Add patch fixing boo#1178442 boo#1177992 Update to version 20.12.00: Update to version 19.09.00: * acpi/boot: skip ACPI BOOT test on UEFI systems. * acpi: s3: fix typo from 6b94bb6a4b13e * opal: add more bounds checking and zero pstates array * fwtstest: boot-0001: sync with boot table check on efi firmware Changes for version 19.08.00: * ACPICA: Update to version 20190816 * auto-packager: mkpackage.sh: remove cosmic * efi_runtime: enable KBUILD_MODPOST_WARN=y to workaround build failures * ACPICA: Update to version 20190816 * fwtstest: syntaxcheck-0001: update to keep in sync with ACPICA features * README: Add package dependency notes for ARM64 Update to version 19.07.00: * cpu/msr: add 3 more CPU IDs for IA32_silvermont_MSRs * cpu/msr: check SGX & LMCE in IA32_FEATURE_CONTROL (3ah) * cpu/msr: move TSC_ADJUST (3bh) to IA32_MSRs * cpu/msr: add SMM_MONITOR_CTL (9bh) to IA32_MSRs * cpu/msr: add MC*_CTL2 MSR registers * cpu/msr: add VMX_VMFUNC MSR register * cpu/msr: add MISC_ENABLE MSR to IA32_atom_MSRs * cpu/msr: add MSR_PMG_IO_CAPTURE_BASE to IA32_silvermont_MSRs * cpu/msr: add MSR_FEATURE_CONFIG to IA32_silvermont_MSRs * cpu/msr: add MSR_TEMPERATURE_TARGET to IA32_silvermont_MSRs * cpu/msr: add MSR_BBL_CR_CTL3 to IA32_silvermont_MSRs * ACPICA: Update to version 20190703 Update to version 19.06.00: * acpi/fadt: update latest FADT revision to 6.3 * uefitime: add checking the EFI_UNSUPPORTED return code * uefirtvariable: add checking the EFI_UNSUPPORTED return code * uefirtmisc: add checking the EFI_UNSUPPORTED return code Update to version 19.05.00: * ACPICA: Update to version 20190509 * Add support for Hygon Dhyana CPU * dmicheck: update supported SMBIOS version * acpi/method: check full and battery power if acpi_video0 exists * dmicheck: checks type length vs. SMBIOS versions * dmicheck: add Type 1's Field 25 & 26 as used by kernel * apic: apicedge: fix typo in error messages * cpufreq: change from abort to skip when cpufreq cannot run * kernel:version: change ACPI version to ACPICA version * pci:crs: fix an indentation error * acpi: s3: check sleep type for output messages * snapcraft: update to core18 * acpica: re-work fwts / iasl interface to work with latest ACPICA * fwts-test: refresh syntaxcheck test output * fwts-test/syntaxcheck: refresh syntaxcheck test output * fwts_acpica: don't add in RSDP or null table entries to XSDT or RSDT (LP: #1829167) - Changes for version 19.03.00: * acpi: madt: Add support for ACPI 6.3 * lib: fwts_acpi_tables: add a new function to check reserved values * lib: fwts_acpi_tables: rename fwts_acpi_subtable_length_check * srat: replace structure length checks by fwts_acpi_structure_length_check * acpi: refactor all table length checks to fwts_acpi_table_length_check * README: update installing fwts by "sudo make install" * acpi/fadt: reject 5.0 tables with ARM specific attributes set * acpi/iort: permit SMMU model values of 4 and 5 * acpi/iort: fix error in SMMU node length check * ACPICA: fix IASL building issues with gcc-9 and --as-needed linker option Update to version 19.02.00: * klog.json: add an "IOAPIC .. not in IVRS" message * utilities: kernelscan: add AMD iommu for IVRS errors * acpi/method: check levels on full power and battery power * acpi: add address space types according to mantis 1965 (ACPI 6.2b) * acpi/pptt: check flags by revision (mantis 1870 for ACPI 6.2b) * acpi: pdtt: update flags defintion according to mantis 1867 (ACPI 6.3) * acpi/nfit: update memory mapping attributes (mantis 1873 for ACPI 6.3) * acpi/hmat: update for hmat revision 2 (mantis 1914 for ACPI 6.3) * acpi/madt: remove two reserved bytes (mantis 1934 for ACPI 6.3) * acpi/madt: update for Local APIC Flags (mantis 1948 for ACPI 6.3) * acpi/hmat: update System Locality Latency (mantis 1959 for ACPI 6.3) * acpi/method: add tests for NVDIMM control methods for ACPI 6.3 * acpiinfo: update ACPI and ACPICA versions * acpi/srat: add test for Generic Initiator (mantis 1904 for ACPI 6.3) * ACPICA: Update to version 20190215 * acpi: fix a typo in comment * fwts: fix up a handful of spelling mistakes * efi_runtime: fix access_ok build issues on 5.0 kernels * Makefiles: workaround address-of-packed-member warnings with gcc-9 * acpica: utdecode: fix missing comma in array declaration AcpiGbl_GenericNotify Update to version 19.01.00: * mtrr: check memory type above 4GB on AMD platforms * ACPICA: Update to version 20190108 * dmi: dmicheck: remove redundant new lines * lib: fwts_ac_adapter: fix readdir(ac_power_dir) failing * lib: fwts_ac_adapter: fix failing to find AC directory * Update copyright year to 2019 * mtrr: fix incorrect mask on amd_sys_conf * sbbr: fadt: clean up major/minor version checking * acpi/madt: clean up indentation issue, remove tab * lib: fw_pm_method: move the sleep t_start time out of logind_on_signal (LP: #1809096) Changes for version 18.12.00: * ACPICA: Update to version 20181213 * mtrr: allow uncached type for PCI prefetchable memory * lib: disable /dev/mem access on aarch64 * dmicheck: drop unaligned memcpy * lib: drop fwts_memcpy_unaligned * dmicheck: use dmi_load_file in preference to fwts_mmap fwts-20.12.00-bp151.4.3.1.src.rpm fwts-20.12.00-bp151.4.3.1.x86_64.rpm fwts-20.12.00-bp151.4.3.1.aarch64.rpm fwts-20.12.00-bp151.4.3.1.ppc64le.rpm fwts-20.12.00-bp151.4.3.1.s390x.rpm openSUSE-2021-135 moderate openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: - Comply with new Google API key rules for Derivatives This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-87.0.4280.141-bp151.3.153.1.x86_64.rpm chromium-87.0.4280.141-bp151.3.153.1.src.rpm chromium-87.0.4280.141-bp151.3.153.1.x86_64.rpm chromedriver-87.0.4280.141-bp151.3.153.1.aarch64.rpm chromium-87.0.4280.141-bp151.3.153.1.aarch64.rpm openSUSE-2021-151 moderate openSUSE Backports SLE-15-SP1 Update This update for dwarves fixes the following issues: Update to release 1.19 * Support for split BTF. * Support cross-compiled ELF binaries with different endianness. * Support for showing typedefs for anonymous types, like structs, unions and enums. Move to 1.18.g19 (863e6f0f) * btf_encoder: Ignore zero-sized ELF symbols update to 1.18_15g040fd7f (boo#1177921): * btf_encoder: Support cross-compiled ELF binaries with different endianness * strings: use BTF's string APIs for strings management * strings: Rename strings.h to avoid clashing with /usr/include/strings.h * dwarf_loader: increase the size of lookup hash map * btf_encoder: revamp how per-CPU variables are encoded * btf_encoder: Discard CUs after BTF encoding * btf_encoder: Fix emitting __ARRAY_SIZE_TYPE__ as index range type * btf_encoder: Use libbpf APIs to encode BTF type info * btf_loader: Use libbpf to load BTF * dwarves: Expose and maintain active debug info loader operations * btf_encoder: detect BTF encoding errors and exit * libbpf: Update to latest libbpf version * dwarf_loader: Conditionally define DW_AT_alignment * pahole: Implement --packed * man-pages: Fix 'coimbine' typo Update to release 1.18 * pahole now should be segfault free when handling gdb test suit DWARF files, including ADA, FORTRAN, rust and dwp compressed files (the latter is refused). * Bail out on partial units for now, avoiding segfaults. * Add forced ELF symvers because of ABI breaks * Backport fixes for segfault when processing dwz-ed kernel [boo#1176095,https://github.com/acmel/dwarves/issues/10]. Update to release 1.17 * Support raw BTF as available in /sys/kernel/btf/vmlinux. * Make --find_pointers_to consider unions. * Make --contains and --find_pointers_to honour --unions. * Add support for finding pointers to void. * Make --contains and --find_pointers_to to work with base types. Update to release 1.16 * btf_loader: Add support for BTF_KIND_FUNC Update to new upstream release 1.15 * Avoid null dereference with NULL configs * Fixup printing "const" early with "const void" * Fix recursively printing named structs in --expand_types version 1.13 * Use of the recently introduced BTF deduplication algorithm * Introduce a 'btfdiff' utility * Add a BTF loader, i.e. 'pahole -F btf' allows pretty printing of structs and unions in the same fashion as with DWARF info * Better union support * Infer __attribute__((__packed__)) when structs have no alignment holes * Support DWARF5's DW_AT_alignment * Add a '--compile' option to 'pfunct' Update to new upstream release 1.12 * Added a BTF (BPF Type Format) encoder * Initial support for DW_TAG_partial_unit * Print cacheline boundaries in multiple union members * Show offsets at union members dwarves-1.19-bp151.4.3.1.src.rpm dwarves-1.19-bp151.4.3.1.x86_64.rpm libdwarves-devel-1.19-bp151.4.3.1.x86_64.rpm libdwarves1-1.19-bp151.4.3.1.x86_64.rpm dwarves-1.19-bp151.4.3.1.aarch64.rpm libdwarves-devel-1.19-bp151.4.3.1.aarch64.rpm libdwarves-devel-64bit-1.19-bp151.4.3.1.aarch64_ilp32.rpm libdwarves1-1.19-bp151.4.3.1.aarch64.rpm libdwarves1-64bit-1.19-bp151.4.3.1.aarch64_ilp32.rpm dwarves-1.19-bp151.4.3.1.ppc64le.rpm libdwarves-devel-1.19-bp151.4.3.1.ppc64le.rpm libdwarves1-1.19-bp151.4.3.1.ppc64le.rpm dwarves-1.19-bp151.4.3.1.s390x.rpm libdwarves-devel-1.19-bp151.4.3.1.s390x.rpm libdwarves1-1.19-bp151.4.3.1.s390x.rpm openSUSE-2021-180 moderate openSUSE Backports SLE-15-SP1 Update This update for python-autobahn fixes the following issue: - CVE-2020-35678: Fixed a redirect header injection (boo#1180570). This update was imported from the openSUSE:Leap:15.1:Update update project. python-autobahn-17.10.1-bp151.4.3.1.src.rpm python2-autobahn-17.10.1-bp151.4.3.1.noarch.rpm python3-autobahn-17.10.1-bp151.4.3.1.noarch.rpm openSUSE-2021-177 important openSUSE Backports SLE-15-SP1 Update This update for chromium fixes the following issues: Chromium was updated to 88.0.4324.96 boo#1181137 - CVE-2021-21117: Insufficient policy enforcement in Cryptohome - CVE-2021-21118: Insufficient data validation in V8 - CVE-2021-21119: Use after free in Media - CVE-2021-21120: Use after free in WebSQL - CVE-2021-21121: Use after free in Omnibox - CVE-2021-21122: Use after free in Blink - CVE-2021-21123: Insufficient data validation in File System API - CVE-2021-21124: Potential user after free in Speech Recognizer - CVE-2021-21125: Insufficient policy enforcement in File System API - CVE-2020-16044: Use after free in WebRTC - CVE-2021-21126: Insufficient policy enforcement in extensions - CVE-2021-21127: Insufficient policy enforcement in extensions - CVE-2021-21128: Heap buffer overflow in Blink - CVE-2021-21129: Insufficient policy enforcement in File System API - CVE-2021-21130: Insufficient policy enforcement in File System API - CVE-2021-21131: Insufficient policy enforcement in File System API - CVE-2021-21132: Inappropriate implementation in DevTools - CVE-2021-21133: Insufficient policy enforcement in Downloads - CVE-2021-21134: Incorrect security UI in Page Info - CVE-2021-21135: Inappropriate implementation in Performance API - CVE-2021-21136: Insufficient policy enforcement in WebView - CVE-2021-21137: Inappropriate implementation in DevTools - CVE-2021-21138: Use after free in DevTools - CVE-2021-21139: Inappropriate implementation in iframe sandbox - CVE-2021-21140: Uninitialized Use in USB - CVE-2021-21141: Insufficient policy enforcement in File System API This update was imported from the openSUSE:Leap:15.1:Update update project. chromedriver-88.0.4324.96-bp151.3.156.1.x86_64.rpm chromium-88.0.4324.96-bp151.3.156.1.src.rpm chromium-88.0.4324.96-bp151.3.156.1.x86_64.rpm chromedriver-88.0.4324.96-bp151.3.156.1.aarch64.rpm chromium-88.0.4324.96-bp151.3.156.1.aarch64.rpm openSUSE-2021-202 moderate openSUSE Backports SLE-15-SP1 Update This update for kaccounts-integration fixes the following issues: - prevent a new account getting an empty name, making it unusable (kde#414219) kaccounts-integration-18.12.3-bp151.3.3.1.src.rpm kaccounts-integration-18.12.3-bp151.3.3.1.x86_64.rpm kaccounts-integration-devel-18.12.3-bp151.3.3.1.x86_64.rpm kaccounts-integration-lang-18.12.3-bp151.3.3.1.noarch.rpm libkaccounts1-18.12.3-bp151.3.3.1.x86_64.rpm kaccounts-integration-18.12.3-bp151.3.3.1.aarch64.rpm kaccounts-integration-64bit-18.12.3-bp151.3.3.1.aarch64_ilp32.rpm kaccounts-integration-devel-18.12.3-bp151.3.3.1.aarch64.rpm kaccounts-integration-devel-64bit-18.12.3-bp151.3.3.1.aarch64_ilp32.rpm libkaccounts1-18.12.3-bp151.3.3.1.aarch64.rpm libkaccounts1-64bit-18.12.3-bp151.3.3.1.aarch64_ilp32.rpm kaccounts-integration-18.12.3-bp151.3.3.1.ppc64le.rpm kaccounts-integration-devel-18.12.3-bp151.3.3.1.ppc64le.rpm libkaccounts1-18.12.3-bp151.3.3.1.ppc64le.rpm kaccounts-integration-18.12.3-bp151.3.3.1.s390x.rpm kaccounts-integration-devel-18.12.3-bp151.3.3.1.s390x.rpm libkaccounts1-18.12.3-bp151.3.3.1.s390x.rpm openSUSE-2021-203 moderate openSUSE Backports SLE-15-SP1 Update This update for kactivitymanagerd, plasma5-desktop fixes the following issues: kactivitymanagerd was fixed: - Fixed switching to a certain activity via a global keyboard shortcut (boo#1172261, kde#374575): plasma5-desktop was fixed: - Properly save keyboard shortcuts for activities (boo#1172261, kde#374575): kactivitymanagerd-5.12.8-bp151.3.3.1.src.rpm kactivitymanagerd-5.12.8-bp151.3.3.1.x86_64.rpm kactivitymanagerd-lang-5.12.8-bp151.3.3.1.x86_64.rpm plasma5-desktop-5.12.8-bp151.3.3.1.src.rpm plasma5-desktop-5.12.8-bp151.3.3.1.x86_64.rpm plasma5-desktop-debuginfo-5.12.8-bp151.3.3.1.x86_64.rpm plasma5-desktop-debugsource-5.12.8-bp151.3.3.1.x86_64.rpm plasma5-desktop-lang-5.12.8-bp151.3.3.1.noarch.rpm kactivitymanagerd-5.12.8-bp151.3.3.1.aarch64.rpm kactivitymanagerd-lang-5.12.8-bp151.3.3.1.aarch64.rpm plasma5-desktop-5.12.8-bp151.3.3.1.aarch64.rpm plasma5-desktop-debuginfo-5.12.8-bp151.3.3.1.aarch64.rpm plasma5-desktop-debugsource-5.12.8-bp151.3.3.1.aarch64.rpm kactivitymanagerd-5.12.8-bp151.3.3.1.ppc64le.rpm kactivitymanagerd-lang-5.12.8-bp151.3.3.1.ppc64le.rpm kactivitymanagerd-5.12.8-bp151.3.3.1.s390x.rpm kactivitymanagerd-lang-5.12.8-bp151.3.3.1.s390x.rpm openSUSE-2021-201 moderate openSUSE Backports SLE-15-SP1 Update This update for plasma5-workspace fixes the following issues: - Fixed systray context menu for wine applications (kde#399234, boo#1149071) plasma5-session-5.12.8-bp151.4.3.1.noarch.rpm plasma5-session-wayland-5.12.8-bp151.4.3.1.noarch.rpm plasma5-workspace-5.12.8-bp151.4.3.1.src.rpm plasma5-workspace-5.12.8-bp151.4.3.1.x86_64.rpm plasma5-workspace-devel-5.12.8-bp151.4.3.1.x86_64.rpm plasma5-workspace-lang-5.12.8-bp151.4.3.1.noarch.rpm plasma5-workspace-libs-5.12.8-bp151.4.3.1.x86_64.rpm plasma5-workspace-5.12.8-bp151.4.3.1.aarch64.rpm plasma5-workspace-devel-5.12.8-bp151.4.3.1.aarch64.rpm plasma5-workspace-libs-5.12.8-bp151.4.3.1.aarch64.rpm plasma5-workspace-libs-64bit-5.12.8-bp151.4.3.1.aarch64_ilp32.rpm openSUSE-2021-200 moderate openSUSE Backports SLE-15-SP1 Update This update for breeze-gtk fixes the following issues: - Make it possible to resize CSD windows (boo#1155387, kde#412080) Update to 5.12.9 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.12.9.php breeze-gtk-5.12.8-bp151.3.3.1.src.rpm gtk2-metatheme-breeze-5.12.8-bp151.3.3.1.noarch.rpm gtk3-metatheme-breeze-5.12.8-bp151.3.3.1.noarch.rpm metatheme-breeze-common-5.12.8-bp151.3.3.1.x86_64.rpm metatheme-breeze-common-5.12.8-bp151.3.3.1.aarch64.rpm metatheme-breeze-common-5.12.8-bp151.3.3.1.ppc64le.rpm metatheme-breeze-common-5.12.8-bp151.3.3.1.s390x.rpm openSUSE-2021-224 moderate openSUSE Backports SLE-15-SP1 Update This update for sparse fixes the following issues: sparse was updated to version 0.6.3: * For full list of changes see: https://sparse.docs.kernel.org/en/latest/release-notes/v0.6.3.html update to 0.6.2: * changelog of 0.6.2 is available here: https://sparse.docs.kernel.org/en/latest/release-notes/v0.6.2.html Update to version 0.6.1+20200606: * pre-process: fix a compiler array subscript type warning * univ-init: set default to -Wno-universal-initializer * univ-init: scalar initializer needs some additional checks * evaluate: mark evaluate_generic_selection() as static * add support for _Generic * testsuite: add testcase for duplicated local definitions * add an option to suppress warning 'no newline at EOF' * univ-init: conditionally accept { 0 } without warnings * bad-label: respect attribute((unused)) * bad-label: mark labels as used when needed * bad-label: check for unused labels * bad-goto: check declaration of label expressions * bad-goto: extract check_label_declaration() * bad-goto: label expression inside a statement expression is UB * bad-goto: jumping inside a statement expression is an error * scope: give a scope for labels & gotos * build: fix LLVM version detection Update to version 0.6.1+20200413: * do not use expr->left for conditionals * add support for GCC's __auto_type * And plenty more Use llvm9 for building as llvm10 is not yet supported - Update to version 0.6.1+20200129: * domtree: domtree_build() creates extraneous bb->doms entries * predefine "i386" if needed * correct sparcv9 defines * pre-define __unix__ and friends * add necessary defined for sunos-derived systems * define __PRAGMA_REDEFINE_EXTNAME * allow to easily test if the OS is UNIX-like * detect OS_UNIX as native OS * add predefine_nostd() * show_parse: avoid null pointer dereference in do_show_type() * ptrlist: fix typos * fix testcase with non-constant initializer * and much more - Update to version 0.6.1+20191101: * .gitignore: alphasort the patterns * Add '__' prefix and suffix to all __attribute__ #defines * options: add support for -mcmodel * options: add support for -fpic, -fPIC, -fpie & -fPIE * Sparse v0.6.1 * doc: fix typo in binops' description * "graph" segfaults on top-level asm * llvm: fix sparsec breakage on recent cygwin version - Update to version 0.6.1rc2+20191007: * expand more builtins like __builtin_ffs() * make 'directive in argument list' clearer * asm: warn on invalid empty constraints * fix sign extension in casting enums * remove useless optimization in cast_enum_list() * add test for enum sign extension * do not linearize invalid expression * asm: arrays & functions in non-memory operand degenerate into pointers * asm: fix missing expansion of asm statements * asm: fix liveness memory operand * asm: linearization of output memory operands is different * asm: missing evaluation of asm statements * asm: use parse_asm_constraint() to verify constraints * asm: parse constraints * asm: keep using struct asm_operand during linearization * asm: use a specific struct for asm operands * asm: check earlier that body & constraints are strings * asm: add test evaluation, expansion & linearization of ASM operands * string: use string_expression() in parse_static_assert() * string: add helper string_expression() * dissect: fix processing of ASM statements * and more... - Update to version 20190404: * fix allowing casts of AS pointers to uintptr_t * man: explain role of uintptr_t & unsigned long in casts from AS pointers * also accept casts of AS pointers to uintptr_t * evaluate: externally_visible functions don't need a declaration * expand: add explanation to 'conservative' * expand: 'conservative' must not bypass valid simplifications * Sparse v0.6.1-rc1 * remove confusing intermediate 'where' in evaluate_assignment() * display extra info for type errors in compare & conditional * cgcc: use strict & warnings * cgcc: add support for x86-x32 * cgcc: favor using 'gcc -dumpmachine' to determine specifics * cgcc: simpler handling of hard-float ARM * cgcc: add pseudo-archs for ppc64be/ppc64le * and a lot more... This update was imported from the openSUSE:Leap:15.1:Update update project. sparse-0.6.3-bp151.4.3.1.src.rpm sparse-0.6.3-bp151.4.3.1.x86_64.rpm sparse-inspect-0.6.3-bp151.4.3.1.x86_64.rpm sparse-llvm-0.6.3-bp151.4.3.1.x86_64.rpm sparse-0.6.3-bp151.4.3.1.aarch64.rpm sparse-inspect-0.6.3-bp151.4.3.1.aarch64.rpm sparse-0.6.3-bp151.4.3.1.ppc64le.rpm sparse-inspect-0.6.3-bp151.4.3.1.ppc64le.rpm sparse-0.6.3-bp151.4.3.1.s390x.rpm sparse-inspect-0.6.3-bp151.4.3.1.s390x.rpm openSUSE-2021-227 moderate openSUSE Backports SLE-15-SP1 Update This update for messagelib fixes the following issues: - CVE-2019-10732: Prevented accidental disclosure of encrypted content when replying (boo#1131885). This update was imported from the openSUSE:Leap:15.1:Update update project. messagelib-18.12.3-bp151.3.3.1.src.rpm messagelib-18.12.3-bp151.3.3.1.x86_64.rpm messagelib-devel-18.12.3-bp151.3.3.1.x86_64.rpm messagelib-lang-18.12.3-bp151.3.3.1.noarch.rpm messagelib-18.12.3-bp151.3.3.1.aarch64.rpm messagelib-devel-18.12.3-bp151.3.3.1.aarch64.rpm openSUSE-2021-229 moderate openSUSE Backports SLE-15-SP1 Update This update for segv_handler fixes the following issues: - Replace by empty package with README explaining the removal for security reasons (boo#1180665). This update was imported from the openSUSE:Leap:15.1:Update update project. segv_handler-0.0.1-bp151.4.3.1.src.rpm segv_handler-0.0.1-bp151.4.3.1.x86_64.rpm segv_handler-0.0.1-bp151.4.3.1.aarch64.rpm segv_handler-0.0.1-bp151.4.3.1.ppc64le.rpm segv_handler-0.0.1-bp151.4.3.1.s390x.rpm openSUSE-2021-235 moderate openSUSE Backports SLE-15-SP1 Update This update for lxc fixes the following issues: lxc was updated to 4.0.5: * Support allocating PTS devices from within the container * Harden more path/mount handling logics * Rework LSM logic to limit initializer use * for full list of changes see: https://discuss.linuxcontainers.org/t/lxc-4-0-5-lts-has-been-released/9269 Update to LXC 4.0.2 * https://discuss.linuxcontainers.org/t/lxc-4-0-2-lts-has-been-released/7449 Update to LXC 4.0.1: * Tweak systemd ordering (start after remote-fs.target) * Fix various issues around attach and cgroups * Fix shutdown timeout not working on pidfd systems * Fix cgroup issue on 4.9 kernel * Fix write issues in /dev/stdout This update was imported from the openSUSE:Leap:15.1:Update update project. liblxc-devel-4.0.5-bp151.5.18.1.x86_64.rpm liblxc1-4.0.5-bp151.5.18.1.x86_64.rpm lxc-4.0.5-bp151.5.18.1.src.rpm lxc-4.0.5-bp151.5.18.1.x86_64.rpm lxc-bash-completion-4.0.5-bp151.5.18.1.noarch.rpm pam_cgfs-4.0.5-bp151.5.18.1.x86_64.rpm liblxc-devel-4.0.5-bp151.5.18.1.aarch64.rpm liblxc1-4.0.5-bp151.5.18.1.aarch64.rpm lxc-4.0.5-bp151.5.18.1.aarch64.rpm pam_cgfs-4.0.5-bp151.5.18.1.aarch64.rpm liblxc-devel-4.0.5-bp151.5.18.1.ppc64le.rpm liblxc1-4.0.5-bp151.5.18.1.ppc64le.rpm lxc-4.0.5-bp151.5.18.1.ppc64le.rpm pam_cgfs-4.0.5-bp151.5.18.1.ppc64le.rpm liblxc-devel-4.0.5-bp151.5.18.1.s390x.rpm liblxc1-4.0.5-bp151.5.18.1.s390x.rpm lxc-4.0.5-bp151.5.18.1.s390x.rpm pam_cgfs-4.0.5-bp151.5.18.1.s390x.rpm openSUSE-2021-308 moderate openSUSE Backports SLE-15-SP1 Update This update for loki, system-user-loki fixes the following issues: loki version v2.0.0 is shipped by this update. Update to version 1.5.0: * Prep 1.5.0 release (#2098) * updates loki config examples (#2097) * Adds backtick for the quoted string token lexer. (#2095) * Fixes unit in stats request log. (#2093) * allow no encoding/compression on chunks (#2088) * Accept suffixes to pod name in instance labels (#2080) * removes yolostring (#2078) * fluentd plugin: support placeholders in tenant field (#2074) * Fixes a panic in dry-run when using external labels. (#2075) * Allows to pass inlined pipeline stages to the docker driver. (#2076) * Loki: Allow configuring query_store_max_look_back_period when running a filesystem store and boltdb-shipper (#2073) * expand the match_all to also optionally allow counting bytes per stream (#2066) * some metrics for measuring performance and failures in boltdb shipper (#2034) * output a debug log if the requested path in the scrape config doesn't match any files (#2069) * Targets not required in promtail config (#2026) * Update loki to cortex master (#2030) * Reverse entry iterator pool (#2064) * Improve protobuf serialization (#2031) * Recover from panic in http and grpc handlers. (#2059) * Docker driver: Allow to provision external pipeline files to plugin (#2054) * Fix a bug in range vector skipping data. (#2058) * Docs: update Loki Helm Chart document to support Helm 3 (#2038) * Fix promtail client default values (#2049) * Fix spelling of per second (#2055) * Update api.md (#2056) * Chore: Correct typo "per seconds" (#2050) * Fix bug in logql parsing that leads to crash. (#2046) * fixes the cpu usage graphs (#2044) * Add extraOutputs variable to support multiple outputs for fluent-bit (#2040) * Swapped to container restarts over terminated reasons (#2043) * Remove generated comment at top of .drone/drone.yaml (#2042) * Dashboard: Loki Operational improvements (#2041) * Support Post request in the frontend queryrange handler. (#2023) * fluent-plugin-loki: Restructuring and CI (#2006) * Revert "Update go from 1.13 to 1.14. (#2013)" (#2028) * Update go from 1.13 to 1.14. (#2013) * Adds :delegated flags to speed up build experience on MacOS. (#2009) * logcli: Query needs to be stored into url.RawQuery, and not url.Path (#2027) * more linter fixes (#2024) * I <3 you Linter (#2022) * Docs: Added labels content (#1999) * Loki: refactor validation and improve error messages (#2021) * Spelling (#2014) * Change image tag from 1.4.1 to 1.4.0 in Helm chart (#2015) * Update lz4 library to latest to ensure deterministic output. (#2010) * make `loki_ingester_memory_streams` Gauge per tenant. (#2019) * Loki: Improve logging and add metrics to streams dropped by stream limit (#2012) * Fix a bad rebase between #1970 and #1965. (#2011) * Adds config to disable HTTP and GRPC server in Promtail. (#2004) * Allow to aggregate binary operations. (#1970) * table client for boltdb shipper to enforce retention (#2001) * Improve URL building in the logcli to strip trailing /. (#2000) * Ensure trace propagation in our logs. (#1977) * Loki: Adds an `interval` paramater to query_range queries allowing a sampling of events to be returned based on the provided interval (#1965) * make boltdb shipper singleton and some other minor refactoring (#1995) * Update cortex to latest. (#1982) * Add a missing method to facade which is called by the metrics storage client in cortex (#1987) * added extraCommandlineArgs in values file (#1981) * Log error message for invalid checksum (#1713) * Log slow query from the frontend by default in ksonnet. (#1980) * incorporate some better defaults into table-manager configs (#1976) * Update cortex vendoring to latest master (#1975) * [Loki]: Cleanup dockerfile (#1949) * Convert Loki modules to services (#1804) * fix available stores for chunk and index in documentation for period config (#1974) * Improve the local config to work locally and inside docker. (#1963) * helm chart: add missing line feed (#1967) * Docs: Update docker.md (#1966) * chunk bounds metric now records 8h range in 1h increments (#1964) * flush boltdb to object store (#1837) * chunk lifespan histogram (#1958) * Workaround for broken etcd gomod import (#1961) * Go mod: explicit golang.org/x/net replace (#1953) * Move build from source instructions to root readme. (#1951) * update cortex to latest master (#1956) * Loki Update the cut block size counter when creating a memchunk from byte slice (#1946) * Fixes case handling in regex simplification. (#1950) * Log docker driver config map. (#1903) * version pin the docker image in docker-compose (#1945) * Reverting helm changes which were included in Cortex 1.0 vendor upgrade because it resulted in us pushing an unstable helm. * delete tag script filters by prefix instead of substring (#1942) * Support stdin target via flag instead of automatic detection. (#1935) * adds config validation, similar to cortex (#1939) * bumps helm to keepalive-master after cortex vendoring (#1937) * Update Cortex to latest master (#1869) * Add no-file and keep-file log option for docker driver. (#1906) * logcli: org-id/tls-skip-verify set via env var (#1922) * Clarified that the api push path needs to be specified. (#1925) * And the loki mixin * Put loki-mixin and promtail-mixin dashboards in a folder. * feat: tms readiness check bypass implementation * this Dockerfile is a remnant from a long time ago, not needed. (#1918) * only fetches one chunk per series in /series (#1914) * Add cap_net_bind_service linux capabilities to Loki. (#1916) * Fix fluent-bit metrics (#1915) * s/dashboards/grafanaDashboards. * fluentd loki plugin README: add note about labels (#1909) * push images for `k` branches * updating typo for end time parameter (#1905) * updating helm and ksonnet to 1.4.1 updating Fluent Bit to correct image * JSON encoding: avoid base64 encoding of []byte inside other slices (#1890) * [helm loki/promtail] make UpdateStrategy configurable (#1898) * Addition of a `/suspend` endpoint to Loki Canary (#1891) * Removes file size check for pipe, not provided by linux. (#1893) * Fixes possible panic in json pipeline stage. (#1894) * Fix flaky promtail test (#1865) * docs: cleaning up the comments for the cache_config, default_validity option (#1888) * Adding a config change in release 1.4 upgrade doc Updating readme with links to new docs * Sign helm package with GPG. (#1864) * Add precision about the range notation for LogQL. (#1881) * updating helm and ksonnet for 1.4.0 release * clear out some changelog entries to fix a merge conflict from the release branch * docs: update promtail docs for backoff (#1879) * Support series API in logcli (#1861) * support `match[]` encoding (#1875) * Keep plugin install command example in one line (#1870) * Add extraMount, extraVolumeMount to promtail helm chart for systemd-journal (#1871) * documents frontend worker (#1873) * clarify logcli commands and output (#1712) * Logcli remote storage. (#1814) * Sharding optimizations I: AST mapping (#1846) * docs: tweak the doc section of the readme a little (#1856) * Support configurable maximum of the limits parameter (#1798) * bump gem version (#1853) * throw exceptions on HTTPTooManyRequests and HTTPServerError so FluentD will retry (#1845) * logcli client: use OrgID in LiveTail (#1850) * remove a few places we recommend the schema version and consolidate in the configuration doc * Pin helm version in circle-ci helm testing workflow. (#1849) * Proposal: Promtail Push API (#1627) * promtail retry 429 rate limit errors, clarifying risks in the docs of configuring multiple client sections in promtail, also increased the backoff and retry settings in promtail. * Docs: Update configuration docs for redis (#1843) * Log error message when source does not exist in extracted values (#1815) * Helm/loki-stack: refresh default grafana.image.tag to 6.7.0 (#1825) * Move default port for Loki to 3100 everywhere. (#1838) * Change local storage directory to /loki/ and fix permissions (#1833) (#1834) * Use 8080 for Loki http port binding in tanka. (#1823) * Adds a counter for total flushed chunks per reason. (#1819) * Prevent prometheus to scrap both services (#1817) * loki can not be started with loki-local-config.yaml (#1816) * Optimize empty filter queries. (#1810) * Improve fluentbit logfmt. (#1791) * Test stats memchunk (#1809) * Error handling: Show data stream at "debug" level, not "warn" (#1811) * loki: update Cortex to master (#1799) * Non-root user docker image for Loki. (#1706) Update to version 1.4.1: * updating changelog and version numbers in docs for 1.4.1 release * JSON encoding: avoid base64 encoding of []byte inside other slices (#1890) * Removes file size check for pipe, not provided by linux. (#1893) * fixing release date * Updating some of the references to v1.3.0 Adding an entry in the changelog to reference image name changes * docs: update promtail docs for backoff (#1879) * bump gem version (#1853) * throw exceptions on HTTPTooManyRequests and HTTPServerError so FluentD will retry (#1845) * promtail retry 429 rate limit errors, clarifying risks in the docs of configuring multiple client sections in promtail, also increased the backoff and retry settings in promtail. * Adding upgrade doc and updating changelog for release loki-2.0.0+git.1603727260.6978ee5d-bp151.2.1.src.rpm loki-2.0.0+git.1603727260.6978ee5d-bp151.2.1.x86_64.rpm system-user-loki-1.0.0-bp151.2.1.noarch.rpm system-user-loki-1.0.0-bp151.2.1.src.rpm loki-2.0.0+git.1603727260.6978ee5d-bp151.2.1.aarch64.rpm loki-2.0.0+git.1603727260.6978ee5d-bp151.2.1.ppc64le.rpm loki-2.0.0+git.1603727260.6978ee5d-bp151.2.1.s390x.rpm openSUSE-2021-371 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Update fwts to version 21.02.00: * See provided changelog for detailed list of changes fwts-21.02.00-bp151.4.6.1.src.rpm fwts-21.02.00-bp151.4.6.1.x86_64.rpm fwts-21.02.00-bp151.4.6.1.aarch64.rpm fwts-21.02.00-bp151.4.6.1.ppc64le.rpm fwts-21.02.00-bp151.4.6.1.s390x.rpm openSUSE-2021-475 moderate openSUSE Backports SLE-15-SP1 Update This update for pcm fixes the following issues: pcm was updated to 202101: * Add Comet Lake support * Add Tiger Lake support * Add support for additional Icelake cpu model * Support Linux resctrl driver for RDT Metrics (see ENVVAR_README.md) * Improve robustness in handling rare core event overflows * A few fixes for c_example * Support using Linux perf API for core PMU for systems with offlined cores * Add -i parameter to more tools * support select metrics in virtual machines with vPMU support (e.g. AWS virtualized instances with arch_perfmon flag). * pcm-memory: make -pmm/-pmem the default option on systems with PMM/PMem support * pcm-tsx: update events for ICL and SKL, allow collection of up to 8 events * pcm-raw: support fixed PMU counters * fix UBOX MSR addresses for Jaketown/Ivytown * support Icelake client CPUs * new pcm-raw utility: to program arbitrary core and uncore events by specifying raw register event ID encoding * pcm-memory: support -all option to show channels event if they do not have any traffic (inactive memory channels) * pcm-memory: csv output for Near Memory hit rate (in PMem Memory Mode) * pcm-memory: show memory channels with PMM but w/o DRAM DIMMs * unfreeze counters using global uncore counter control register during uncore PMU initialization (some other tools freeze using global control before exit) pcm-202101-bp151.5.1.src.rpm pcm-202101-bp151.5.1.x86_64.rpm openSUSE-2021-572 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Update to version 21.03.00: * See provided changelog for detailed list of changes fwts-21.03.00-bp151.4.9.1.src.rpm fwts-21.03.00-bp151.4.9.1.x86_64.rpm fwts-21.03.00-bp151.4.9.1.aarch64.rpm fwts-21.03.00-bp151.4.9.1.ppc64le.rpm fwts-21.03.00-bp151.4.9.1.s390x.rpm openSUSE-2021-689 moderate openSUSE Backports SLE-15-SP1 Update This update for monitoring-plugins-bind fixes the following issues: - check_bind.sh uses a static temporary file, allowing users to break the script by creating the same file with permissions that don't allow the nagios user to write to it (boo#1183201). + added monitoring-plugins-bind_-_use_path_tmp.patch monitoring-plugins-bind-1.3-bp151.4.3.1.noarch.rpm monitoring-plugins-bind-1.3-bp151.4.3.1.src.rpm openSUSE-2021-753 critical openSUSE Backports SLE-15-SP1 Update This update for exim fixes the following issues: exim was updated to 4.94.2: security update (boo#1185631) * CVE-2020-28007: Link attack in Exim's log directory * CVE-2020-28008: Assorted attacks in Exim's spool directory * CVE-2020-28014: Arbitrary PID file creation * CVE-2020-28011: Heap buffer overflow in queue_run() * CVE-2020-28010: Heap out-of-bounds write in main() * CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() * CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() * CVE-2020-28015: New-line injection into spool header file (local) * CVE-2020-28012: Missing close-on-exec flag for privileged pipe * CVE-2020-28009: Integer overflow in get_stdinput() * CVE-2020-28017: Integer overflow in receive_add_recipient() * CVE-2020-28020: Integer overflow in receive_msg() * CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() * CVE-2020-28021: New-line injection into spool header file (remote) * CVE-2020-28022: Heap out-of-bounds read and write in extract_option() * CVE-2020-28026: Line truncation and injection in spool_read_header() * CVE-2020-28019: Failure to reset function pointer after BDAT error * CVE-2020-28024: Heap buffer underflow in smtp_ungetc() * CVE-2020-28018: Use-after-free in tls-openssl.c * CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() update to exim-4.94.1 * Fix security issue in BDAT state confusion. Ensure we reset known-good where we know we need to not be reading BDAT data, as a general case fix, and move the places where we switch to BDAT mode until after various protocol state checks. Fixes CVE-2020-BDATA reported by Qualys. * Fix security issue in SMTP verb option parsing (CVE-2020-EXOPT) * Fix security issue with too many recipients on a message (to remove a known security problem if someone does set recipients_max to unlimited, or if local additions add to the recipient list). Fixes CVE-2020-RCPTL reported by Qualys. * Fix CVE-2020-28016 (PFPZA): Heap out-of-bounds write in parse_fix_phrase() * Fix security issue CVE-2020-PFPSN and guard against cmdline invoker providing a particularly obnoxious sender full name. * Fix Linux security issue CVE-2020-SLCWD and guard against PATH_MAX better. - bring back missing exim_db.8 manual page (fixes boo#1173693) - bring in changes from current +fixes (lots of taint check fixes) * Bug 1329: Fix format of Maildir-format filenames to match other mail- related applications. Previously an "H" was used where available info says that "M" should be, so change to match. * Bug 2587: Fix pam expansion condition. Tainted values are commonly used as arguments, so an implementation trying to copy these into a local buffer was taking a taint-enforcement trap. Fix by using dynamically created buffers. * Bug 2586: Fix listcount expansion operator. Using tainted arguments is reasonable, eg. to count headers. Fix by using dynamically created buffers rather than a local. Do similar fixes for ACL actions "dcc", "log_reject_target", "malware" and "spam"; the arguments are expanded so could be handling tainted values. * Bug 2590: Fix -bi (newaliases). A previous code rearrangement had broken the (no-op) support for this sendmail command. Restore it to doing nothing, silently, and returning good status. update to exim 4.94 * some transports now refuse to use tainted data in constructing their delivery location this WILL BREAK configurations which are not updated accordingly. In particular: any Transport use of $local_user which has been relying upon check_local_user far away in the Router to make it safe, should be updated to replace $local_user with $local_part_data. * Attempting to remove, in router or transport, a header name that ends with an asterisk (which is a standards-legal name) will now result in all headers named starting with the string before the asterisk being removed. - switch pretrans to use lua (fixes boo#1171877) - bring changes from current in +fixes branch (patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94) * fixes CVE-2020-12783 (boo#1171490) * Regard command-line recipients as tainted. * Bug 2489: Fix crash in the "pam" expansion condition. * Use tainted buffers for the transport smtp context. * Bug 2493: Harden ARC verify against Outlook, which has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unset the default for dmarc_tld_file. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. * Fix the variables set by the gsasl authenticator. * Bug 2507: Modules: on handling a dynamic-module (lookups) open failure, only retrieve the errormessage once. * Bug 2501: Fix init call in the heimdal authenticator. Previously it adjusted the size of a major service buffer; this failed because the buffer was in use at the time. Change to a compile-time increase in the buffer size, when this authenticator is compiled into exim. - don't create logfiles during install * fixes CVE-2020-8015 (boo#1154183) - add a spec-file workaround for boo#1160726 - update to exim 4.93.0.4 (+fixes release) * Avoid costly startup code when not strictly needed. This reduces time for some exim process initialisations. It does mean that the logging of TLS configuration problems is only done for the daemon startup. * Early-pipelining support code is now included unless disabled in Makefile. * DKIM verification defaults no long accept sha1 hashes, to conform to RFC 8301. They can still be enabled, using the dkim_verify_hashes main option. * Support CHUNKING from an smtp transport using a transport_filter, when DKIM signing is being done. Previously a transport_filter would always disable CHUNKING, falling back to traditional DATA. * Regard command-line receipients as tainted. * Bug 340: Remove the daemon pid file on exit, whe due to SIGTERM. * Bug 2489: Fix crash in the "pam" expansion condition. It seems that the PAM library frees one of the arguments given to it, despite the documentation. Therefore a plain malloc must be used. * Bug 2491: Use tainted buffers for the transport smtp context. Previously on-stack buffers were used, resulting in a taint trap when DSN information copied from a received message was written into the buffer. * Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive installation would get error messages from DMARC verify, when it hit the nonexistent file indicated by the default. Distros wanting DMARC enabled should both provide the file and set the option. Also enforce no DMARC verification for command-line sourced messages. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. The introduction of taint tracking also did many adjustments to string handling. Since then, eximon frequently terminated with an assert failure. * When PIPELINING, synch after every hundred or so RCPT commands sent and check for 452 responses. This slightly helps the inefficieny of doing a large alias-expansion into a recipient-limited target. The max_rcpt transport option still applies (and at the current default, will override the new feature). The check is done for either cause of synch, and forces a fast-retry of all 452'd recipients using a new MAIL FROM on the same connection. The new facility is not tunable at this time. * Fix the variables set by the gsasl authenticator. Previously a pointer to library live data was being used, so the results became garbage. Make copies while it is still usable. * Logging: when the deliver_time selector ise set, include the DT= field on delivery deferred (==) and failed (**) lines (if a delivery was attemtped). Previously it was only on completion (=>) lines. * Authentication: the gsasl driver not provides the $authN variables in time for the expansion of the server_scram_iter and server_scram_salt options. spec file cleanup to make update work - add docdir to spec - update to exim 4.93 * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC * DISABLE_TLS replaces SUPPORT_TLS * Bump the version for the local_scan API. * smtp transport option hosts_try_fastopen defaults to "*". * DNSSec is requested (not required) for all queries. (This seemes to ask for trouble if your resolver is a systemd-resolved.) * Generic router option retry_use_local_part defaults to "true" under specific pre-conditions. * Introduce a tainting mechanism for values read from untrusted sources. * Use longer file names for temporary spool files (this avoids name conflicts with spool on a shared file system). * Use dsn_from main config option (was ignored previously). - update to exim 4.92.3 * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat, remote code execution seems to be possible - update to exim 4.92.2 * CVE-2019-15846: fix against remote attackers executing arbitrary code as root via a trailing backslash - update to exim 4.92.1 * CVE-2019-13917: Fixed an issue with ${sort} expansion which could allow remote attackers to execute other programs with root privileges (boo#1142207) - spec file cleanup * fix DANE inclusion guard condition * re-enable i18n and remove misleading comment * EXPERIMENTAL_SPF is now SUPPORT_SPF * DANE is now SUPPORT_DANE - update to exim 4.92 * ${l_header:<name>} expansion * ${readsocket} now supports TLS * "utf8_downconvert" option (if built with SUPPORT_I18N) * "pipelining" log_selector * JSON variants for ${extract } expansion * "noutf8" debug option * TCP Fast Open support on MacOS * CVE-2019-10149: Fixed a Remote Command Execution (boo#1136587) - add workaround patch for compile time error on missing printf format annotation (gnu_printf.patch) - update to 4.91 * DEFER rather than ERROR on redis cluster MOVED response. * Catch and remove uninitialized value warning in exiqsumm * Disallow '/' characters in queue names specified for the "queue=" ACL modifier. This matches the restriction on the commandline. * Fix pgsql lookup for multiple result-tuples with a single column. Previously only the last row was returned. * Bug 2217: Tighten up the parsing of DKIM signature headers. * Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL. * Fix issue with continued-connections when the DNS shifts unreliably. * Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL. * The "support for" informational output now, which built with Content Scanning support, has a line for the malware scanner interfaces compiled in. Interface can be individually included or not at build time. * The "aveserver", "kavdaemon" and "mksd" interfaces are now not included by the template makefile "src/EDITME". The "STREAM" support for an older ClamAV interface method is removed. * Bug 2223: Fix mysql lookup returns for the no-data case (when the number of rows affected is given instead). * The runtime Berkeley DB library version is now additionally output by "exim -d -bV". Previously only the compile-time version was shown. * Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating SMTP connection. * Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by routers. * Bug 2174: A timeout on connect for a callout was also erroneously seen as a timeout on read on a GnuTLS initiating connection, resulting in the initiating connection being dropped. * Relax results from ACL control request to enable cutthrough, in unsupported situations, from error to silently (except under debug) ignoring. * Fix Buffer overflow in base64d() (CVE-2018-6789) * Fix bug in DKIM verify: a buffer overflow could corrupt the malloc metadata, resulting in a crash in free(). * Fix broken Heimdal GSSAPI authenticator integration. * Bug 2113: Fix conversation closedown with the Avast malware scanner. * Bug 2239: Enforce non-usability of control=utf8_downconvert in the mail ACL. * Speed up macro lookups during configuration file read, by skipping non- macro text after a replacement (previously it was only once per line) and by skipping builtin macros when searching for an uppercase lead character. * DANE support moved from Experimental to mainline. The Makefile control for the build is renamed. * Fix memory leak during multi-message connections using STARTTLS. * Bug 2236: When a DKIM verification result is overridden by ACL, DMARC reported the original. Fix to report (as far as possible) the ACL result replacing the original. * Fix memory leak during multi-message connections using STARTTLS under OpenSSL * Bug 2242: Fix exim_dbmbuild to permit directoryless filenames. * Fix utf8_downconvert propagation through a redirect router. * Bug 2253: For logging delivery lines under PRDR, append the overall DATA response info to the (existing) per-recipient response info for the "C=" log element. * Bug 2251: Fix ldap lookups that return a single attribute having zero- length value. * Support Avast multiline protocol, this allows passing flags to newer versions of the scanner. * Ensure that variables possibly set during message acceptance are marked dead before release of memory in the daemon loop. * Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such as a multi-recipient message from a mailinglist manager). * The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being replaced by the ${authresults } expansion. * Bug 2257: Fix pipe transport to not use a socket-only syscall. * Set a handler for SIGTERM and call exit(3) if running as PID 1. This allows proper process termination in container environments. * Bug 2258: Fix spool_wireformat in combination with LMTP transport. Previously the "final dot" had a newline after it; ensure it is CR,LF. * SPF: remove support for the "spf" ACL condition outcome values "err_temp" and "err_perm", deprecated since 4.83 when the RFC-defined words " temperror" and "permerror" were introduced. * Re-introduce enforcement of no cutthrough delivery on transports having transport-filters or DKIM-signing. * Cutthrough: for a final-dot response timeout (and nonunderstood responses) in defer=pass mode supply a 450 to the initiator. Previously the message would be spooled. * DANE: add dane_require_tls_ciphers SMTP Transport option; if unset, tls_require_ciphers is used as before. * Malware Avast: Better match the Avast multiline protocol. * Fix reinitialisation of DKIM logging variable between messages. * Bug 2255: Revert the disable of the OpenSSL session caching. * Add util/renew-opendmarc-tlds.sh script for safe renewal of public suffix list. * DKIM: accept Ed25519 pubkeys in SubjectPublicKeyInfo-wrapped form, since the IETF WG has not yet settled on that versus the original "bare" representation. * Fix syslog logging for syslog_timestamp=no and log_selector +millisec. Previously the millisecond value corrupted the output. Fix also for syslog_pid=no and log_selector +pid, for which the pid corrupted the output. - Replace xorg-x11-devel by individual pkgconfig() buildrequires. - update to 4.90.1 * Allow PKG_CONFIG_PATH to be set in Local/Makefile and use it correctly during configuration. Wildcards are allowed and expanded. * Shorten the log line for daemon startup by collapsing adjacent sets of identical IP addresses on different listening ports. Will also affect "exiwhat" output. * Tighten up the checking in isip4 (et al): dotted-quad components larger than 255 are no longer allowed. * Default openssl_options to include +no_ticket, to reduce load on peers. Disable the session-cache too, which might reduce our load. Since we currrectly use a new context for every connection, both as server and client, there is no benefit for these. * Add $SOURCE_DATE_EPOCH support for reproducible builds, per spec at <https://reproducible-builds.org/specs/source-date-epoch/>. * Fix smtp transport use of limited max_rcpt under mua_wrapper. Previously the check for any unsuccessful recipients did not notice the limit, and erroneously found still-pending ones. * Pipeline CHUNKING command and data together, on kernels that support MSG_MORE. Only in-clear (not on TLS connections). * Avoid using a temporary file during transport using dkim. Unless a transport-filter is involved we can buffer the headers in memory for creating the signature, and read the spool data file once for the signature and again for transmission. * Enable use of sendfile in Linux builds as default. It was disabled in 4.77 as the kernel support then wasn't solid, having issues in 64bit mode. Now, it's been long enough. Add support for FreeBSD also. * Add commandline_checks_require_admin option. * Do pipelining under TLS. * For the "sock" variant of the malware scanner interface, accept an empty cmdline element to get the documented default one. Previously it was inaccessible. * Prevent repeated use of -p/-oMr * DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field, if present. * DKIM: when a message has multiple signatures matching an identity given in dkim_verify_signers, run the dkim acl once for each. * Support IDNA2008. * The path option on a pipe transport is now expanded before use * Have the EHLO response advertise VRFY, if there is a vrfy ACL defined. - Several bug fixes - Fix for buffer overflow in base64decode() (boo#1079832 CVE-2018-6789) exim-4.94.2-bp151.2.4.1.src.rpm exim-4.94.2-bp151.2.4.1.x86_64.rpm eximon-4.94.2-bp151.2.4.1.x86_64.rpm eximstats-html-4.94.2-bp151.2.4.1.x86_64.rpm libspf2-1.2.10-bp151.4.1.src.rpm libspf2-2-1.2.10-bp151.4.1.x86_64.rpm libspf2-2-debuginfo-1.2.10-bp151.4.1.x86_64.rpm libspf2-debuginfo-1.2.10-bp151.4.1.x86_64.rpm libspf2-debugsource-1.2.10-bp151.4.1.x86_64.rpm libspf2-devel-1.2.10-bp151.4.1.x86_64.rpm libspf2-tools-1.2.10-bp151.4.1.x86_64.rpm libspf2-tools-debuginfo-1.2.10-bp151.4.1.x86_64.rpm exim-4.94.2-bp151.2.4.1.aarch64.rpm eximon-4.94.2-bp151.2.4.1.aarch64.rpm eximstats-html-4.94.2-bp151.2.4.1.aarch64.rpm libspf2-2-1.2.10-bp151.4.1.aarch64.rpm libspf2-2-debuginfo-1.2.10-bp151.4.1.aarch64.rpm libspf2-debuginfo-1.2.10-bp151.4.1.aarch64.rpm libspf2-debugsource-1.2.10-bp151.4.1.aarch64.rpm libspf2-devel-1.2.10-bp151.4.1.aarch64.rpm libspf2-tools-1.2.10-bp151.4.1.aarch64.rpm libspf2-tools-debuginfo-1.2.10-bp151.4.1.aarch64.rpm exim-4.94.2-bp151.2.4.1.ppc64le.rpm eximon-4.94.2-bp151.2.4.1.ppc64le.rpm eximstats-html-4.94.2-bp151.2.4.1.ppc64le.rpm libspf2-2-1.2.10-bp151.4.1.ppc64le.rpm libspf2-2-debuginfo-1.2.10-bp151.4.1.ppc64le.rpm libspf2-debuginfo-1.2.10-bp151.4.1.ppc64le.rpm libspf2-debugsource-1.2.10-bp151.4.1.ppc64le.rpm libspf2-devel-1.2.10-bp151.4.1.ppc64le.rpm libspf2-tools-1.2.10-bp151.4.1.ppc64le.rpm libspf2-tools-debuginfo-1.2.10-bp151.4.1.ppc64le.rpm exim-4.94.2-bp151.2.4.1.s390x.rpm eximon-4.94.2-bp151.2.4.1.s390x.rpm eximstats-html-4.94.2-bp151.2.4.1.s390x.rpm libspf2-2-1.2.10-bp151.4.1.s390x.rpm libspf2-2-debuginfo-1.2.10-bp151.4.1.s390x.rpm libspf2-debuginfo-1.2.10-bp151.4.1.s390x.rpm libspf2-debugsource-1.2.10-bp151.4.1.s390x.rpm libspf2-devel-1.2.10-bp151.4.1.s390x.rpm libspf2-tools-1.2.10-bp151.4.1.s390x.rpm libspf2-tools-debuginfo-1.2.10-bp151.4.1.s390x.rpm openSUSE-2021-706 important openSUSE Backports SLE-15-SP1 Update This update for monitoring-plugins-smart fixes the following issues: monitoring-plugins-smart was updated to 6.9.1: This is a security-release (boo#1183057) + Fixes the regular expression for pseudo-devices under the /dev/bus/N path. from 6.9.0 + Allows using PCI device paths as device name(s) (#64) + Introduce new optional parameter -l/--ssd-lifetime) which additionally checks SMART attribute "Percent_Lifetime_Remain" (available on some SSD drives). (#66 #67) from 6.8.0 + Allow skip self-assessment check (--skip-self-assessment) + Add Command_Timeout to default raw list from 6.7.1 + Bugfix to make --warn work (issue #54) from 6.7.0 + Added support for NVMe drives from 6.6.1 + Fix 'deprecation warning on regex with curly brackets' (6.6.1) from 6.6.0 + The feature was requested in #30 . This PR adds the possibility to use 3ware,N and cciss,N drives in combination with the global -g parameter. + Furthermore this PR adjusts the output of the plugin when the -g is used in combination with hardware raid controllers. Instead of showing the logical device name (/dev/sda for example), the plugin will now show the controller with drive number from 6.5.0: + Add Reported_Uncorrect and Reallocated_Event_Count to default raw list. + As of 6.5 the following SMART attributes are by default checked and may result in alert when threshold (default 0 is reached): 'Current_Pending_Sector,Reallocated_Sector_Ct,Program_Fail_Cnt_Total, Uncorrectable_Error_Cnt,Offline_Uncorrectable,Runtime_Bad_Block, Reported_Uncorrect,Reallocated_Event_Count' - Update to version 6.4 - Allow detection of more than 26 devices / issue #5 (rev 5.3) - Different ATA vs. SCSI lookup (rev 5.4) - Allow script to run outside of nagios plugins dir / wiki url update (rev 5.5) - Change syntax of -g parameter (regex is now awaited from input) (rev 5.6) - Fix Use of uninitialized value $device (rev 5.7) - Allow multiple devices for interface type megaraid, e.g. "megaraid,[1-5]" (rev 5.8) - allow type "auto" (rev 5.9) - Check selftest log for errors using new parameter -s (rev 5.10) - Add exclude list (-e) to ignore certain attributes (5.11) - Fix 'Use of uninitialized value' warnings (5.11.1) - Add raw check list (-r) and warning thresholds (-w) (6.0) - Allow using pseudo bus device /dev/bus/N (6.1) - Add device model and serial number in output (6.2) - Allow exclusion from perfdata as well (-E) and by attribute number (6.3) - Remove dependency on utils.pm, add quiet parameter (6.4) - Drop not longer needed patch: * enable_auto_interface.patch (obsolete, type auto was added upstream in v5.9). monitoring-plugins-smart-6.9.1-bp151.4.3.1.noarch.rpm monitoring-plugins-smart-6.9.1-bp151.4.3.1.src.rpm openSUSE-2021-707 important openSUSE Backports SLE-15-SP1 Update This update for perl-Image-ExifTool fixes the following issues: Update to version 12.25 fixes (boo#1185547 CVE-2021-22204) * JPEG XL support is now official * Added read support for Medical Research Council (MRC) image files * Added ability to write a number of 3gp tags in video files * Added a new Sony PictureProfile value (thanks Jos Roost) * Added a new Sony LensType (thanks LibRaw) * Added a new Nikon LensID (thanks Niels Kristian Bech Jensen) * Added a new Canon LensType * Decode more GPS information from Blackvue dashcam videos * Decode a couple of new NikonSettings tags (thanks Warren Hatch) * Decode a few new RIFF tags * Improved Validate option to add minor warning if standard XMP is missing xpacket wrapper * Avoid decoding some large arrays in DNG images to improve performance unless the -m option is used * Patched bug that could give runtime warning when trying to write an empty XMP structure * Fixed decoding of ImageWidth/Height for JPEG XL images * Fixed problem were Microsoft Xtra tags couldn't be deleted version 12.24: * Added a new PhaseOne RawFormat value (thanks LibRaw) * Decode a new Sony tag (thanks Jos Roost) * Decode a few new Panasonic and FujiFilm tags (thanks LibRaw and Greybeard) * Patched security vulnerability in DjVu reader * Updated acdsee.config in distribution (thanks StarGeek) * Recognize AutoCAD DXF files * More work on experimental JUMBF read support * More work on experimental JPEG XL read/write support version 12.23: * Added support for Olympus ORI files * Added experimental read/write support for JPEG XL images * Added experimental read support for JUMBF metadata in JPEG and Jpeg2000 images * Added built-in support for parsing GPS track from Denver ACG-8050 videos with the -ee option * Added a some new Sony lenses (thanks Jos Roost and LibRaw) * Changed priority of Samsung trailer tags so the first DepthMapImage takes precedence when -a is not used * Improved identification of M4A audio files * Patched to avoid escaping ',' in "Binary data" message when -struct is used * Removed Unknown flag from MXF VideoCodingSchemeID tag * Fixed -forcewrite=EXIF to apply to EXIF in binary header of EPS files * API Changes: + Added BlockExtract option version 12.22: * Added a few new Sony LensTypes and a new SonyModelID (thanks Jos Roost and LibRaw) * Added Extra BaseName tag * Added a new CanonModelID (thanks LibRaw) * Decode timed GPS from unlisted programs in M2TS videos with the -ee3 option * Decode more Sony rtmd tags * Decode some tags for the Sony ILME-FX3 (thanks Jos Roost) * Allow negative values to be written to XMP-aux:LensID * Recognize HEVC video program in M2TS files * Enhanced -b option so --b suppresses tags with binary data * Improved flexibility when writing GPS coordinates: + Now pulls latitude and longitude from a combined GPSCoordinates string + Recognizes the full word "South" and "West" to write negative coordinates * Improved warning when trying to write an integer QuickTime date/time tag and Time::Local is not available * Convert GPSSpeed from mph to km/h in timed GPS from Garmin MP4 videos version 12.21: * Added a few new iOS QuickTime tags * Decode a couple more Sony rtmd tags * Patch to avoid possible "Use of uninitialized value" warning when attempting to write QuickTime date/time tags with an invalid value * Fixed problem writing Microsoft Xtra tags * Fixed Windows daylight savings time patch for file times that was broken in 12.19 (however directory times will not yet handle DST properly) version 12.20: * Added ability to write some Microsoft Xtra tags in MOV/MP4 videos * Added two new Canon LensType values (thanks Norbert Wasser) * Added a new Nikon LensID * Fixed problem reading FITS comments that start before column 11 version 12.19: * Added -list_dir option * Added the "ls-l" Shortcut tag * Extract Comment and History from FITS files * Enhanced FilePermissions to include device type (similar to "ls -l") * Changed the name of Apple ContentIdentifier tag to MediaGroupUUID (thanks Neal Krawetz) * Fixed a potential "substr outside of string" runtime error when reading corrupted EXIF * Fixed edge case where NikonScanIFD may not be copied properly when copying MakerNotes to another file * API Changes: + Added ability to read/write System tags of directories + Enhanced GetAllGroups() to support family 7 and take optional ExifTool reference + Changed QuickTimeHandler option default to 1 version 12.18: * Added a new SonyModelID * Decode a number of Sony tags for the ILCE-1 (thanks Jos Roost) * Decode a couple of new Canon tags (thanks LibRaw) * Patched to read differently formatted UserData:Keywords as written by iPhone * Patched to tolerate out-of-order Nikon MakerNote IFD entries when obtaining tags necessary for decryption * Fixed a few possible Condition warnings for some NikonSettings tags version 12.17: * Added a new Canon FocusMode value * Added a new FujiFilm FilmMode value * Added a number of new XMP-crs tags (thanks Herb) * Decode a new H264 MDPM tag * Allow non-conforming lower-case XMP boolean "true" and "false" values to be written, but only when print conversion is disabled * Improved Validate option to warn about non-capitalized boolean XMP values * Improved logic for setting GPSLatitude/LongitudeRef values when writing * Changed -json and -php options so the -a option is implied even without the -g option * Avoid extracting audio/video data from AVI videos when -ee -u is used * Patched decoding of Canon ContinuousShootingSpeed for newer firmware versions of the EOS-1DXmkIII * Re-worked LensID patch of version 12.00 (github issue #51) * Fixed a few typos in newly-added NikonSettings tags (thanks Herb) * Fixed problem where group could not be specified for PNG-pHYs tags when writing version 12.16: * Extract another form of video subtitle text * Enhanced -ee option with -ee2 and -ee3 to allow parsing of the H264 video stream in MP4 files * Changed a Nikon FlashMode value * Fixed problem that caused a failed DPX test on Strawberry Perl * API Changes: + Enhanced ExtractEmbedded option version 12.15: * Added a couple of new Sony LensType values (thanks LibRaw and Jos Roost) * Added a new Nikon FlashMode value (thanks Mike) * Decode NikonSettings (thanks Warren Hatch) * Decode thermal information from DJI RJPEG images * Fixed extra newline in -echo3 and -echo4 outputs added in version 12.10 * Fixed out-of-memory problem when writing some very large PNG files under Windows version 12.14: * Added support for 2 more types of timed GPS in video files (that makes 49 different formats now supported) * Added validity check for PDF trailer dictionary Size * Added a new Pentax LensType * Extract metadata from Jpeg2000 Association box * Changed -g:XX:YY and -G:XX:YY options to show empty strings for non-existent groups * Patched to issue warning and avoid writing date/time values with a zero month or day number * Patched to avoid runtime warnings if trying to set FileName to an empty string * Fixed issue that could cause GPS test number 12 to fail on some systems * Fixed problem extracting XML as a block from Jpeg2000 images, and extract XML tags in the XML group instead of XMP - Update URL update to 12.13: * Add time zone automatically to most string-based QuickTime date/time tags when writing unless the PrintConv option is disabled * Added -i HIDDEN option to ignore files with names that start with "." * Added a few new Nikon ShutterMode values (thanks Jan Skoda) * Added ability to write Google GCamera MicroVideo XMP tags * Decode a new Sony tag (thanks LibRaw) * Changed behaviour when writing only pseudo tags to return an error and avoid writing any other tags if writing FileName fails * Print "X image files read" message even if only 1 file is read when at least one other file has failed the -if condition * Added ability to geotag from DJI CSV log files * Added a new CanonModelID * Added a couple of new Sony LensType values (thanks LibRaw) * Enhanced -csvDelim option to allow "\t", "\n", "\r" and "\\" * Unescape "\b" and "\f" in imported JSON values * Fixed bug introduced in 12.10 which generated a "Not an integer" warning when attempting to shift some QuickTime date/time tags * Fixed shared-write permission problem with -@ argfile when using -stay_open and a filename containing special characters on Windows * Added -csvDelim option * Added new Canon and Olympus LensType values (thanks LibRaw) * Added a warning if ICC_Profile is deleted from an image (github issue #63) * EndDir() function for -if option now works when -fileOrder is used * Changed FileSize conversion to use binary prefixes since that is how the conversion is currently done (eg. MiB instead of MB) * Patched -csv option so columns aren't resorted when using -G option and one of the tags is missing from a file * Fixed incompatiblity with Google Photos when writing UserData:GPSCoordinates to MP4 videos * Fixed problem where the tags available in a -p format string were limited to the same as the -if[NUM] option when NUM was specified * Fixed incorrect decoding of SourceFileIndex/SourceDirectoryIndex for Ricoh models Update to 12.10 * Added -validate test for proper TIFF magic number in JPEG EXIF header * Added support for Nikon Z7 LensData version 0801 * Added a new XMP-GPano tag * Decode ColorData for the Canon EOS 1DXmkIII * Decode more tags for the Sony ILCE-7SM3 * Automatically apply QuickTimeUTC option for CR3 files * Improved decoding of XAttrMDLabel from MacOS files * Ignore time zones when writing date/time values and using the -d option * Enhanced -echo3 and -echo4 options to allow exit status to be returned * Changed -execute so the -q option no longer suppresses the "{ready}" message when a synchronization number is used * Added ability to copy CanonMakerNotes from CR3 images to other file types * Added read support for ON1 presets file (.ONP) * Added two new CanonModelID values * Added trailing "/" when writing QuickTime:GPSCoordinates * Added a number of new XMP-crs tags * Added a new Sony LensType (thanks Jos Roost) * Added a new Nikon Z lens (thanks LibRaw) * Added a new Canon LensType * Decode ColorData for Canon EOS R5/R6 * Decode a couple of new HEIF tags * Decode FirmwareVersion for Canon M50 * Improved decoding of Sony CreativeStyle tags * Improved parsing of Radiance files to recognize comments * Renamed GIF AspectRatio tag to PixelAspectRatio * Patched EndDir() feature so subdirectories are always processed when -r is used (previously, EndDir() would end processing of a directory completely) * Avoid loading GoPro module unnecessarily when reading MP4 videos from some other cameras * Fixed problem with an incorrect naming of CodecID tags in some MKV videos * Fixed verbose output to avoid "adding" messages for existing flattened XMP tags * Added a new Sony LensType * Recognize Mac OS X xattr files * Extract ThumbnailImage from MP4 videos of more dashcam models * Improved decoding of a number of Sony tags * Fixed problem where the special -if EndDir() function didn't work properly for directories after the one in which it was initially called * Patched to read DLL files which don't have a .rsrc section * Patched to support new IGC date format when geotagging * Patched to read DLL files with an invalid size in the header * Added support for GoPro .360 videos * Added some new Canon RF and Nikkor Z lenses * Added some new Sony LensType and CreativeStyle values and decode some ILCE-7C tags * Added a number of new Olympus SceneMode values * Added a new Nikon LensID * Decode more timed metadata from Insta360 videos * Decode timed GPS from videos of more Garmin dashcam models * Decode a new GoPro video tag * Reformat time-only EventTime values when writing and prevent arbitrary strings from being written * Patched to accept backslashes in SourceFile entries for -csv option update to 12.06 * Added read support for Lyrics3 metadata (and fixed problem where APE metadata may be ignored if Lyrics3 exists) * Added a new Panasonic VideoBurstMode value * Added a new Olympus MultipleExposureMode value * Added a new Nikon LensID * Added back conversions for XMP-dwc EventTime that were removed in 12.04 with a patch to allow time-only values * Decode GIF AspectRatio * Decode Olympus FocusBracketStepSize * Extract PNG iDOT chunk in Binary format with the name AppleDataOffsets * Process PNG images which do not start with mandatory IHDR chunk * Added a new Panasonic SelfTimer value * Decode a few more DPX tags * Extract AIFF APPL tag as ApplicationData * Fixed bug writing QuickTime ItemList 'gnre' Genre values * Fixed an incorrect value for Panasonic VideoBurstResolution * Fixed problem when applying a time shift to some invalid makernote date/time values update to 12.04: * See /usr/share/doc/packages/perl-Image-ExifTool/Change update to 11.50, see Image-ExifTool-11.50.tar.gz for details Update to version 11.30: * Add a new Sony/Minolta LensType. * Decode streaming metadata from TomTom Bandit Action Cam MP4 videos. * Decode Reconyx HF2 PRO maker notes. * Decode ColorData for some new Canon models. * Enhanced -geotag feature to set AmbientTemperature if available. * Remove non-significant spaces from some DICOM values. * Fix possible "'x' outside of string" error when reading corrupted EXIF. * Fix incorrect write group for GeoTIFF tags. Update to version 11.29 * See /usr/share/doc/packages/perl-Image-ExifTool/Changes Update to version 11.27 * See /usr/share/doc/packages/perl-Image-ExifTool/Changes Update to version 11.24 * See /usr/share/doc/packages/perl-Image-ExifTool/Changes Update to version 11.11 (changes since 11.01): * See /usr/share/doc/packages/perl-Image-ExifTool/Changes Update to 11.01: * Added a new ProfileCMMType * Added a Validate warning about non-standard EXIF or XMP in PNG images * Added a new Canon LensType * Decode a couple more PanasonicRaw tags * Patched to avoid adding tags to QuickTime videos with multiple 'mdat' atoms --> avoids potential corruption of these videos! Update to 11.00: * Added read support for WTV and DVR-MS videos * Added print conversions for some ASF date/time tags * Added a new SonyModelID * Decode a new PanasonicRaw tag * Decode some new Sony RX100 VI tags * Made Padding and OffsetSchema tags "unsafe" so they aren't copied by default exiftool-12.25-bp151.4.3.1.noarch.rpm perl-File-RandomAccess-12.25-bp151.4.3.1.noarch.rpm perl-Image-ExifTool-12.25-bp151.4.3.1.noarch.rpm perl-Image-ExifTool-12.25-bp151.4.3.1.src.rpm openSUSE-2021-765 important openSUSE Backports SLE-15-SP1 Update This update for Botan fixes the following issues: - CVE-2021-24115 In Botan before 2.17.3, or this backport, constant-time computations are not used for certain decoding and encoding operations (boo#1182670) Botan-2.10.0-bp151.3.3.1.src.rpm Botan-2.10.0-bp151.3.3.1.x86_64.rpm Botan-doc-2.10.0-bp151.3.3.1.noarch.rpm libbotan-2-10-2.10.0-bp151.3.3.1.x86_64.rpm libbotan-devel-2.10.0-bp151.3.3.1.x86_64.rpm python3-botan-2.10.0-bp151.3.3.1.x86_64.rpm Botan-2.10.0-bp151.3.3.1.aarch64.rpm libbotan-2-10-2.10.0-bp151.3.3.1.aarch64.rpm libbotan-2-10-64bit-2.10.0-bp151.3.3.1.aarch64_ilp32.rpm libbotan-devel-2.10.0-bp151.3.3.1.aarch64.rpm libbotan-devel-64bit-2.10.0-bp151.3.3.1.aarch64_ilp32.rpm python3-botan-2.10.0-bp151.3.3.1.aarch64.rpm Botan-2.10.0-bp151.3.3.1.ppc64le.rpm libbotan-2-10-2.10.0-bp151.3.3.1.ppc64le.rpm libbotan-devel-2.10.0-bp151.3.3.1.ppc64le.rpm python3-botan-2.10.0-bp151.3.3.1.ppc64le.rpm Botan-2.10.0-bp151.3.3.1.s390x.rpm libbotan-2-10-2.10.0-bp151.3.3.1.s390x.rpm libbotan-devel-2.10.0-bp151.3.3.1.s390x.rpm python3-botan-2.10.0-bp151.3.3.1.s390x.rpm openSUSE-2021-785 low openSUSE Backports SLE-15-SP1 Update Sync from Factory to get the latest version and fix CVE-2020-14929 alpine-2.24-bp151.5.3.1.src.rpm alpine-2.24-bp151.5.3.1.x86_64.rpm pico-5.07-bp151.5.3.1.x86_64.rpm pilot-2.99-bp151.5.3.1.x86_64.rpm alpine-2.24-bp151.5.3.1.aarch64.rpm pico-5.07-bp151.5.3.1.aarch64.rpm pilot-2.99-bp151.5.3.1.aarch64.rpm alpine-2.24-bp151.5.3.1.ppc64le.rpm pico-5.07-bp151.5.3.1.ppc64le.rpm pilot-2.99-bp151.5.3.1.ppc64le.rpm alpine-2.24-bp151.5.3.1.s390x.rpm pico-5.07-bp151.5.3.1.s390x.rpm pilot-2.99-bp151.5.3.1.s390x.rpm openSUSE-2021-786 low openSUSE Backports SLE-15-SP1 Update This Nagios upgrade sums up multiple security fixes and other important changes. Security issues fixed in this upgrade: * bsc#1172794 / CVE-2020-13977: Fixed postauth vulnerabilities in histogram.js, map.js, trends.js * bsc#989759 / CVE-2016-6209 : The "corewindow" parameter has been disabled by default * bsc#1014637 / CVE-2016-9566 : Fixed another root privilege escalation * bsc#1182398 : nagios_upgrade.sh writing to log file in user controlled directory Additional fixes: * bsc#1003362 : new nagios-exec-start-post script * Fixed Map display in Internet Explorer 11 * Fixed duplicate properties appearing in statusjson.cgi * Fixed build process when using GCC 10 * Fixed HARD OK states triggering on the maximum check attempt ~ nagios-4.4.6-bp151.4.6.1.src.rpm nagios-4.4.6-bp151.4.6.1.x86_64.rpm nagios-contrib-4.4.6-bp151.4.6.1.x86_64.rpm nagios-devel-4.4.6-bp151.4.6.1.x86_64.rpm nagios-theme-exfoliation-4.4.6-bp151.4.6.1.noarch.rpm nagios-www-4.4.6-bp151.4.6.1.x86_64.rpm nagios-www-dch-4.4.6-bp151.4.6.1.x86_64.rpm nagios-4.4.6-bp151.4.6.1.aarch64.rpm nagios-contrib-4.4.6-bp151.4.6.1.aarch64.rpm nagios-devel-4.4.6-bp151.4.6.1.aarch64.rpm nagios-www-4.4.6-bp151.4.6.1.aarch64.rpm nagios-www-dch-4.4.6-bp151.4.6.1.aarch64.rpm nagios-4.4.6-bp151.4.6.1.ppc64le.rpm nagios-contrib-4.4.6-bp151.4.6.1.ppc64le.rpm nagios-devel-4.4.6-bp151.4.6.1.ppc64le.rpm nagios-www-4.4.6-bp151.4.6.1.ppc64le.rpm nagios-www-dch-4.4.6-bp151.4.6.1.ppc64le.rpm nagios-4.4.6-bp151.4.6.1.s390x.rpm nagios-contrib-4.4.6-bp151.4.6.1.s390x.rpm nagios-devel-4.4.6-bp151.4.6.1.s390x.rpm nagios-www-4.4.6-bp151.4.6.1.s390x.rpm nagios-www-dch-4.4.6-bp151.4.6.1.s390x.rpm openSUSE-2021-803 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Update to version 21.05.00: * lib: fwts_version.h - update to V21.05.00 * debian: update changelog * auto-packager:mkpackage.sh: add impish * fwts-test: sync up with dbgp changes * acpi: dbgp/spmi: check space ids by fwts_acpi_space_id * acpiinfo: update ACPI 6.4 vs. ACPICA versions * lib: acpi: fix incorrect actual vs. struct length outputs * acpi: shorten helper function names by removing "check" * lib: acpi: unify naming style by removing "ACPI" * fwts-test: sync up with PMTT refactoring changes * acpi: refactor length check by fwts_acpi_structure_length_check * acpi: refactor zero length by fwts_acpi_structure_length_zero_check Update to version 21.03.00: * uefirtvariable: fix memory leak * acpi: refactor by fwts_acpi_reserved_type_check * acpi: refactor by fwts_acpi_structure_range_check * uefirtauthvar: check variable runtime services supported before testing (LP: #1913351) * uefirtvariable: check variable runtime services supported before testing (LP: #1913351) * uefirtmisc: check misc runtime services supported before testing (LP: #1913351) * uefirttime: check time services supported before testing (LP: #1913351) * acpi: spcr: accept baud rate 0x0 as a preconfigured state * fwts-test: sync up with PMTT rev 2 changes * acpi: pmtt: update PMTT to revision 2 (mantis 1975) fwts-21.05.00-bp151.4.12.1.src.rpm fwts-21.05.00-bp151.4.12.1.x86_64.rpm fwts-21.05.00-bp151.4.12.1.aarch64.rpm fwts-21.05.00-bp151.4.12.1.ppc64le.rpm fwts-21.05.00-bp151.4.12.1.s390x.rpm openSUSE-2021-823 moderate openSUSE Backports SLE-15-SP1 Update This update for ca-certificates-cacert fixes the following issues: Changes in ca-certificates-cacert: - Update class3.crt to the new one expiring 2031 again (boo#1186362) - update Class 3 certificate from https://www.cacert.org/class3.crt (the old one expired today) ca-certificates-cacert-1-bp151.4.3.1.noarch.rpm ca-certificates-cacert-1-bp151.4.3.1.src.rpm openSUSE-2021-1020 moderate openSUSE Backports SLE-15-SP1 Update This update for speedtest-cli fixes the following issues: speedtest-cli was updated to version 2.1.3: [boo#1184526] * Handle case where ignoreids is empty or contains empty ids * Ensure we catch HTTP errors on upload/download. Update to version 2.1.2: * Prevent warnings on Python3.8 * Fix proxy support * Fix --single to ensure threads are not started until a position in the queue is available Update to version 2.1.1: * Fix SSL support on Python2.4 and Python2.5 Update to version 2.1.0: * Automatically resolve .best property * Pass Content-Length header with POST requests * Fix install instructions with git clone * Add functionality for single threaded testing * Add debug support to show if a URL request resulted in a redirect * Add the python version to the version output * Switch from platform.system to platform.platform when building the User-Agent header * Don't pass server_hostname to ssl.wrap_socket * ensure ERROR doesn't print an empty string Update to version 2.0.2: * Ensure we are utilizing the context created by HTTPSConnection, or falling back to ssl Changes for version 2.0.1: * Handle malformed XML responses * Ensure --share works with --csv * Fix SSL communication during latency tests on python 2.6 and older * Handle error where latitude and longitude from config are invalid Changes for version 2.0.0: * Redesigned Python API * Add option to exclude servers, and allow --server and --exclude to be specified multiple times * Address Exception issues * Print errors to stderr * Remove deprecated speedtest_cli.py speedtest-cli-2.1.3-bp151.4.3.1.noarch.rpm speedtest-cli-2.1.3-bp151.4.3.1.src.rpm openSUSE-2021-895 important openSUSE Backports SLE-15-SP1 Update This update for htmldoc fixes the following issues: Update to version 1.9.12 * Fixed buffer-overflow CVE-2021-20308 ( boo#1184424 ) * Fixed a crash bug with "data:" URIs and EPUB output * Fixed several other crash bugs * Fixed JPEG error handling * Fixed some minor issues * Removed the bundled libjpeg, libpng, and zlib. update to 1.9.11: - Added high-resolution desktop icons for Linux. - Updated the internal HTTP library to fix truncation of redirection URLs - Fixed a regression in the handling of character entities for UTF-8 input - The `--numbered` option did not work when the table-of-contents was disabled - Updated local zlib to v1.2.11. - Updated local libpng to v1.6.37. - Fixed packaging issues on macOS and Windows - Now ignore sRGB profile errors in PNG files - The GUI would crash when saving - Page comments are now allowed in `pre` text update to 1.9.9: - Added support for a `HTMLDOC.filename` META keyword that controls the filename reported in CGI mode; the default remains "htmldoc.pdf" (Issue #367) - Fixed a paragraph formatting issue with large inline images (Issue #369) - Fixed a buffer underflow issue (Issue #370) - Fixed PDF page numbers (Issue #371) - Added support for a new `L` header/footer format (`$LETTERHEAD`), which inserts a letterhead image at its full size (Issue #372, Issue #373, Issue #375) - Updated the build documentation (Issue #374) - Refactored the PRE rendering code to work around compiler optimization bugs - Added support for links with targets (Issue #351) - Fixed a table rowspan + valign bug (Issue #360) - Added support for data URIs (Issue #340) - HTMLDOC no longer includes a PDF table of contents when converting a single web page (Issue #344) - Updated the markdown support with external links, additional inline markup, and hard line breaks. - Links in markdown text no longer render with a leading space as part of the link (Issue #346) - Fixed a buffer underflow bug discovered by AddressSanitizer. - Fixed a bug in UTF-8 support (Issue #348) - PDF output now includes the base language of the input document(s) - Optimized the loading of font widths (Issue #354) - Optimized PDF page resources (Issue #356) - Optimized the base memory used for font widths (Issue #357) - Added proper `&shy;` support (Issue #361) - Title files can now be markdown. - The GUI did not support EPUB output. - Empty markdown table cells were not rendered in PDF or PostScript output. - The automatically-generated title page now supports both "docnumber" and "version" metadata. - Added support for dc:subject and dc:language metadata in EPUB output from the HTML keywords and lang values. - Added support for the subject and language metadata in markdown input. - Fixed a buffer underflow bug (Issue #338) - `htmldoc --help` now reports whether HTTPS URLs are supported (Issue #339) - Fixed an issue with HTML title pages and EPUB output. - Inline fixed-width text is no longer reduced in size automatically - Optimized initialization of font width data (Issue #334) - Fixed formatting bugs with aligned images (Issue #322, Issue #324) - Fixed support for three digit "#RGB" color values (Issue #323) - Fixed character set support for markdown metadata. - Updated libpng to v1.6.34 (Issue #326) - The makefiles did not use the CPPFLAGS value (Issue #328) - Added Markdown table support. - Fixed parsing of TBODY, TFOOT, and THEAD elements in HTML files. htmldoc-1.9.12-bp151.4.3.1.src.rpm htmldoc-1.9.12-bp151.4.3.1.x86_64.rpm htmldoc-1.9.12-bp151.4.3.1.aarch64.rpm htmldoc-1.9.12-bp151.4.3.1.ppc64le.rpm htmldoc-1.9.12-bp151.4.3.1.s390x.rpm openSUSE-2021-1021 moderate openSUSE Backports SLE-15-SP1 Update This update for criu fixes the following issues: Update to criu 3.15: see details at https://criu.org/Download/criu/3.15 New features: * Introduced criu-image-streamer * Added MIPS support * Allow checkpointing out of existing PID namespace and restoring into existing PID namespace * Added additional file validation mechanisms * Added support to checkpoint and restore BPF hash maps (BPF_MAP_TYPE_HASH) and array maps (BPF_MAP_TYPE_ARRAY) * Initial cgroups v2 support Update to criu 3.14: New features: * C/R of memfd memory mappings and file descriptors * Add time namespace support * Add the read pre-dump mode which uses process_vm_readv * Add --cgroup-yard option * Add support of the cgroup v2 freezer * Add support of opened O_PATH fds Bugfixes: * Fix C/R ia32 processes on AMD #398 * Fix cross-compilation * Many fixes here and there Improvements: * Use clone3() with set_tid to restore processes * Clean up compel headers * Use the new mount API Update to criu 3.13: New features: * VDSO: arm32 support * Add TLS support for page server communications * "Ignore" mode for --manage-cgroups * Restore SO_BROADCAST option for inet sockets Bugfixes: * Auxiliary events were left in inotify queues * Lazy-pages daemon didn't detect stack pages and surrounders properly and marked them as "lazy" * Memory and resource leakage were detected by coverity, cppcheck and clang Improvements: * Use gettimeofday() directly from vdso for restore timings * Reformat all .py code into pep8 style Update to criu 3.12: New features: * build CRIU with Android NDK * C/R of IP RAW sockets * lsm: dump and restore any SELinux process label * support restoring ghost files on readonly mounts Bugfixes: * Do not lock network if running in the host network namespace * Fix RPC configuration file handling * util: don't leak file descriprots to third-party tools * small fixes here and there Improvements: * travis: switch to the Ubuntu Xenial * travis-ci: Enable ia32 tests * Many improvements and bug fixes in the libcriu * Changes in the API and ABI (SONAME increased from 1 to 2) - Updated to libcriu2 subpackage to follow SONAME 2 Update to criu 3.10: New features: * Support Python3 in ZDTM and CRIT * Keep names for UNIX sockets, that are unlinked from the FS * IPVv6 support for page server * Set page server socket fd via CLI * Large pages support for aarch64/ppc64 * C/R of Per-thread seccomp chains Bugfixes: * Failed non-container restore could kill random task on the host * Failure to dump namespaces was erroneously ignored * CRIT didn't show cpuinfo image file * Tasks that got PID-reuse couldn't be dumped iteratively because previous images were missing Update to criu 3.11: New features: * cpuinfo: Detect compact frames and handle noxsaves * Add support for configuration files * Add support for external net namespaces * Punch holes in input files when restoring anonymous non-shared memory ( --auto-dedup ) * C/R of + epoll: Add support for duped targets + tun: Add support for multiple net ns + x86: Support extendable fpu frames Bugfixes: * mount: Better handling of mount points propagation * nmk: Make collect-deps to be more precise about targets * lazy-pages: Don't mark current stack page as lazy * x86: CPU -- Rework feature testing * files: Fix O(n^2) restore in terms of the number of fds * fdstore: Unlimit fdstore queue on start * mount: Fix regression where open_mountpoint failed on readonly fs * page server: Handle partial splicing * ... lots of small fixes here and there Improvements: * Remove all magic of service descriptors when it isn't required update to criu 3.9: New features - C/R of + Tun-Tap devices in sub-netns + File descriptors which were opened with O_TMPFILE Improvements - Restore of inotify watchers - Restore unix sockets in proper mount namespaces - Print CRIU and kernel version also in RPC mode Bugfixes - Random memory corruptions during lazy restore - Workaround the iptables issue - Don't use standard descriptors when tar is running to dump tmpfs mounts - Fail dump if dump_one_file() fails - Fill kerndat with zero-s before reading it from cache criu-3.15-bp151.4.3.1.src.rpm criu-3.15-bp151.4.3.1.x86_64.rpm criu-devel-3.15-bp151.4.3.1.x86_64.rpm libcompel1-3.15-bp151.4.3.1.x86_64.rpm libcriu2-3.15-bp151.4.3.1.x86_64.rpm criu-3.15-bp151.4.3.1.aarch64.rpm criu-devel-3.15-bp151.4.3.1.aarch64.rpm libcompel1-3.15-bp151.4.3.1.aarch64.rpm libcriu2-3.15-bp151.4.3.1.aarch64.rpm criu-3.15-bp151.4.3.1.ppc64le.rpm criu-devel-3.15-bp151.4.3.1.ppc64le.rpm libcompel1-3.15-bp151.4.3.1.ppc64le.rpm libcriu2-3.15-bp151.4.3.1.ppc64le.rpm criu-3.15-bp151.4.3.1.s390x.rpm criu-devel-3.15-bp151.4.3.1.s390x.rpm libcompel1-3.15-bp151.4.3.1.s390x.rpm libcriu2-3.15-bp151.4.3.1.s390x.rpm openSUSE-2021-1133 moderate openSUSE Backports SLE-15-SP1 Update This update for keepassxc fixes the following issues: keepassxc was updated to 2.6.6: - Fixed - Fix focusing search when pressing hotkey #6603 - Trim whitespace from TOTP key input prior to processing #6604 - Fix building on macOS #6598 - Resolve compiler warnings for unused return values #6607 - Changes from 2.6.5 - Added - Show search bar when toolbar is hidden or in overflow #6279 - Show countdown for clipboard clearing in status bar #6333 - Command line option to lock all open databases #6511 - Allow CSV import of bare TOTP secrets #6211 - Retain file creation time when saving database #6576 - Set permissions of saved attachments to be private to the current user #6363 - OPVault: Use Text instead of Name for attribute names #6334 - Changed - Reports: Allow resizing of reports columns #6435 - Reports: Toggle showing expired entries #6534 - Save Always on Top setting #6236 - Password generator can exclude additional lookalike characters (6/G, 8/B) #6196 - Fixed - Allow setting MSI properties in unattended install #6196 - Update MainWindow minimum size to enable smaller verticle space #6196 - Use application font size when setting default or monospace fonts #6332 - Fix notes not clearing in entry preview panel in some cases #6481 - macOS: Correct window activation when restoring from tray #6575 - macOS: Better handling of minimize after unlock when using browser integration #6338 - Linux: Start after the system tray is available on LXQt #6216 - Linux: Allow selection of modal dialogs on X11 in Auto-Type #6204 - KeeShare: prevent crash when file extension is missing #6174 - Update to 2.6.4 - Added - Automatically adapt to light/dark system theme changes (Windows/macOS only) [#6034] - Changed - Show window title as tooltip on system tray [#5948] - Compress Snap release as LZO for faster initial startup [#5877] - Password generator: Set maximum selectable password length to 999 [#5937] - Fixed - Fix crash on app close when using SSH agent [#5935] - Fix KDF selection showing wrong item when using Argon2id [#5923] - Automatically close About dialog on database lock if it is still open [#5947] - Linux: Fix automatic launch at system startup with AppImages [#5901] - Linux: Fix click-to-move on empty area activating when using menus [#5971] - Linux: Try multiple times to show tray icon if tray is not ready yet [#5948] - macOS: Fix KeePassXC blocking clean shutdown [#6002] - Update to version 2.6.3 - Added - Support Argon2id KDF [#5778] - Support XMLv2 key files [#5798] - Changed - Improve CSV Import/Export, include time fields and TOTP [#5346] - Support empty area dragging of the application window [#5860] - Display default Auto-Type sequence in preview pane [#5654] - Remove strict length limit on generated passwords [#5748] - Hide key file path by default when unlocking database [#5779] - Document browser extension use with Edge in managed mode [#5692] - Windows: Prevent clipboard history and cloud sync [#5853] - macOS: Update the application icon to Big Sur styling [#5851] - Fixed - Re-select previously selected entry on database unlock [#5559] - Properly save special character choice in password generator [#5610] - Fix crash in browser integration with multiple similar entries [#5653] - Remove offset on username field in classic theme [#5788] - Ensure entry history is copied when drag/dropping entries and groups [#5817] - Close modal dialogs when database is locked [#5820] - Prevent crash when KeeShare modifies an entry that is currently being edited [#5827] - Improve preview of entry attributes [#5834] - Always activate/focus database open dialog preventing mistype [#5878] - Reports: fix calculation of average password length [#5862] - Linux: Delay startup on login to correct tray icon issues [#5724] keepassxc-2.6.6-bp151.3.24.1.src.rpm keepassxc-2.6.6-bp151.3.24.1.x86_64.rpm keepassxc-lang-2.6.6-bp151.3.24.1.noarch.rpm keepassxc-2.6.6-bp151.3.24.1.aarch64.rpm keepassxc-2.6.6-bp151.3.24.1.ppc64le.rpm openSUSE-2021-943 important openSUSE Backports SLE-15-SP1 Update This update for roundcubemail fixes the following issues: Upgrade to version 1.3.16 This is a security update to the LTS version 1.3. It fixes a recently reported stored cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content. References: - CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707) - CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706) - CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399) roundcubemail-1.3.16-bp151.4.6.1.noarch.rpm roundcubemail-1.3.16-bp151.4.6.1.src.rpm openSUSE-2021-1068 important openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: nextcloud was updated to 20.0.11: - Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied - Fix boo#1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse - Fix boo#1188249 - CVE-2021-32680: share expiration date wasn't properly logged - Fix boo#1188250 - CVE-2021-32688: lacking permission check with application specific tokens - Fix boo#1188251 - CVE-2021-32703: lack of ratelimiting on the shareinfo endpoint - Fix boo#1188252 - CVE-2021-32705: lack of ratelimiting on the public DAV endpoint - Fix boo#1188253 - CVE-2021-32725: default share permissions were not being respected for federated reshares of files and folders - Fix boo#1188254 - CVE-2021-32726: webauthn tokens were not deleted after a user has been deleted - Fix boo#1188255 - CVE-2021-32734: possible full path disclosure on shared files - Fix boo#1188256 - CVE-2021-32741: lack of ratelimiting on the public share link mount endpoint - Bump handlebars from 4.7.6 to 4.7.7 (server#26900) - Bump lodash from 4.17.20 to 4.17.21 (server#26909) - Bump hosted-git-info from 2.8.8 to 2.8.9 (server#26920) - Don't break OCC if an app is breaking in it's Application class (server#26954) - Add bruteforce protection to the shareinfo endpoint (server#26956) - Ignore readonly flag for directories (server#26965) - Throttle MountPublicLinkController when share is not found (server#26971) - Respect default share permissions for federated reshares (server#27001) - Harden apptoken check (server#27014) - Use parent wrapper to properly handle moves on the same source/target storage (server#27016) - Fix error when using CORS with no auth credentials (server#27027) - Fix return value of getStorageInfo when 'quota_include_external_storage' is enabled (server#27108) - Bump patch dependencies (server#27183) - Use noreply@ as email address for share emails (server#27209) - Bump p-queue from 6.6.1 to 6.6.2 (server#27226) - Bump browserslist from 4.14.0 to 4.16.6 (server#27247) - Bump webpack from 4.44.1 to 4.44.2 (server#27297) - Properly use limit and offset for search in Jail wrapper (server#27308) - Make user:report command scale (server#27319) - Properly log expiration date removal in audit log (server#27325) - Propagate throttling on OCS response (server#27337) - Set umask before operations that create local files (server#27349) - Escape filename in Content-Disposition (server#27360) - Don't update statuses to offline again and again (server#27412) - Header must contain a colon (server#27456) - Activate constraint check for oracle / pqsql also for 20 (server#27523) - Only allow removing existing shares that would not be allowed due to reshare restrictions (server#27552) - Bump ws from 7.3.1 to 7.5.0 (server#27570) - Properly cleanup entries of WebAuthn on user deletion (server#27596) - Throttle on public DAV endpoint (server#27617) - Bump vue-loader from 15.9.3 to 15.9.7 (server#27639) - Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (server#27651) - Validate the theming color also on CLI (server#27680) - Downstream encryption:fix-encrypted-version for repairing bad signature errors (server#27728) - Remove encodeURI code (files_pdfviewer#396) - Only ask for permissions on HTTPS (notifications#998) - Fix sorting if one of the file name is only composed with number (photos#785) - Backport 20 fix Photos not shown in large browser windows #630 (#686) (photos#810) - Update File.vue (photos#813) - Update chart.js (serverinfo#309) - Only return workspace property for top node in a propfind request (text#1611) - ViewerComponent: pass on autofocus to EditorWrapper (text#1647) - Use text/plain as content type for fetching the document (text#1692) - Log exceptions that happen on unknown exception and return generic messages (text#1698) - Add fixup (viewer#924) - Fix: fullscreen for Firefox (viewer#929) Update to 20.0.7 - Catch NotFoundException when querying quota (server#25315) - CalDAV] Validate notified emails (server#25324) - Fix/app fetcher php compat comparison (server#25347) - Show the actual error on share requests (server#25352) - Fix parameter provided as string not array (server#25366) - The objectid is a string (server#25374) - 20.0.7 final (server#25387) - Properly handle SMB ACL blocking scanning a directory (server#25421) - Don't break completely when creating the digest fail for one user (activity#556) - Only attempt to use a secure view if hide download is actually set (files_pdfviewer#296) - Fix opening PDF files with special characters in their name (files_pdfviewer#298) - Fix PDF viewer failing on Edge (not based on Chromium) (files_pdfviewer#299) - Cannot unfold plain text notifications (notifications#846) - Remove EPUB mimetype (text#1391) Update to 20.0.6 - Make sure to do priority app upgrades first (server#25077) - Respect DB restrictions on number of arguments in statements and queries (server#25120) - Add a hint about the direction of priority (server#25143) - Do not redirect to logout after login (server#25146) - Fix comparison of PHP versions (server#25152) - Add "composer.lock" for acceptance tests to git (server#25178) - Update CRL due to revoked gravatar.crl (server#25190) - Don't log keys on checkSignature (server#25193) - Update 3rdparty after Archive_Tar (server#25199) - Bump CA bundle (server#25219) - Update handling of user credentials (server#25225) - Fix encoding issue with OC.Notification.show (server#25244) - Also use storage copy when dav copying directories (server#25261) - Silence log message (server#25263) - Extend ILDAPProvider to allow reading arbitrairy ldap attributes for users (server#25276) - Do not obtain userFolder of a federated user (server#25278) - Bump pear/archive_tar from 1.4.11 to 1.4.12 (3rdparty#603) - Add gitignore entry for .github folder of dependencies (3rdparty#604) - Clear event array on getting them (activity#551) Update to 20.0.5 - Don't log params of imagecreatefromstring (server#24546) - Use storage copy implementation when doing dav copy (server#24590) - Use in objectstore copy (server#24592) - Add tel, note, org and title search (server#24697) - Check php compatibility of app store app releases (server#24698) - Fix #24682]: ensure federation cloud id is retruned if FN property not found (server#24709) - Do not include non-required scripts on the upgrade page (server#24714) - LDAP: fix inGroup for memberUid type of group memberships (server#24716) - Cancel user search requests to avoid duplicate results being added (server#24728) - Also unset the other possible unused paramters (server#24751) - Enables the file name check also to match name of mountpoints (server#24760) - Fixes sharing to group ids with characters that are being url encoded (server#24763) - Limit getIncomplete query to one row (server#24791) - Fix Argon2 descriptions (server#24792) - Actually set the TTL on redis set (server#24798) - Allow to force rename a conflicting calendar (server#24806) - Fix IPv6 localhost regex (server#24823) - Catch the error on heartbeat update (server#24826) - Make oc_files_trash.auto_id a bigint (server#24853) - Fix total upload size overwritten by next upload (server#24854) - Avoid huge exception argument logging (server#24876) - Make share results distinguishable if there are more than one with the exact same display name (server#24878) - Add migration for oc_share_external columns (server#24963) - Don't throw a 500 when importing a broken ics reminder file (server#24972) - Fix unreliable ViewTest (server#24976) - Update root.crl due to revocation of transmission.crt (server#24990) - Set the JSCombiner cache if needed (server#24997) - Fix column name to check prior to deleting (server#25009) - Catch throwable instead of exception (server#25013) - Set the user language when adding the footer (server#25019) - Change defaultapp in config.sample.php to dashboard to improve docs and align it to source code (server#25030) - Fix clearing the label of a share (server#25035) - Update psalm-baseline.xml (server#25066) - Don't remove assignable column for now (server#25074) - Add setup check to verify that the used DB version is still supported… (server#25076) - Correctly set the user for activity parsing when preparing a notifica… (activity#542) - Bump vue-virtual-grid from 2.2.1 to 2.3.0 (photos#597) - Catch possible database exceptions when fetching document data (text#1221) - Make sure we have the proper PHP version installed before running composer (text#1234) - Revert removal of transformResponse (text#1235) - Bump prosemirror-view from 1.16.1 to 1.16.5 (text#1255) - Bump @babel/preset-env from 7.12.1 to 7.12.11 (text#1257) - Bump babel-loader from 8.1.0 to 8.2.2 (text#1259) - Bump eslint-plugin-standard from 4.0.2 to 4.1.0 (text#1261) - Bump vue-loader from 15.9.5 to 15.9.6 (text#1263) - Bump prosemirror-model from 1.12.0 to 1.13.1 (text#1265) - Bump core-js from 3.7.0 to 3.8.1 (text#1266) - Bump stylelint from 13.7.2 to 13.8.0 (text#1269) - Bump @babel/plugin-transform-runtime from 7.12.1 to 7.12.10 (text#1271) - Bump sass-loader from 10.0.5 to 10.1.0 (text#1273) - Bump webpack-merge from 5.3.0 to 5.7.2 (text#1274) - Bump @babel/core from 7.12.3 to 7.12.10 (text#1277) - Bump cypress from 5.1.0 to 5.6.0 (text#1278) - Bump @vue/test-utils from 1.1.1 to 1.1.2 (text#1279) - Bump webpack-merge from 5.7.2 to 5.7.3 (text#1303) - The apache subpackage must require the main package, otherwise it will not be uninstalled when the main package is uninstalled. Update to 20.0.4 - Avoid dashboard crash when accessibility app is not installed (server#24636) - Bump ini from 1.3.5 to 1.3.7 (server#24649) - Handle owncloud migration to latest release (server#24653) - Use string for storing a OCM remote id (server#24654) - Fix MySQL database size calculation (serverinfo#262) - Bump cypress-io/github-action@v2 (viewer#722) - Fix] sidebar opening animation (viewer#723) - Fix not.exist cypress and TESTING checks (viewer#725) - Put apache configuration files in separate subpackage. - Use apache-rpm-macros for SUSE. - Change oc_* macros to nc_* macros. - Insert macro apache_serverroot also in cron files. Update to 20.0.3 * Check quota of subdirectories when uploading to them (server#24181) * CircleId too short in some request (server#24196) * Missing level in ScopedPsrLogger (server#24212) * Fix nextcloud logo in email notifications misalignment (server#24228) * Allow selecting multiple columns with SELECT DISTINCT (server#24230) * Use file name instead of path in 'not allowed to share' message (server#24231) * Fix setting images through occ for theming (server#24232) * Use regex when searching on single file shares (server#24239) * Harden EncryptionLegacyCipher a bit (server#24249) * Update ScanLegacyFormat.php (server#24258) * Simple typo in comments (server#24259) * Use correct year for generated birthdays events (server#24263) * Delete files that exceed trashbin size immediately (server#24297) * Update sabre/xml to fix XML parsing errors (server#24311) * Only check path for being accessible when the storage is a object home (server#24325) * Avoid empty null default with value that will be inserted anyways (server#24333) * Fix contacts menu position and show uid as a tooltip (server#24342) * Fix the config key on the sharing expire checkbox (server#24346) * Set the display name of federated sharees from addressbook (server#24353) * Catch storage not available in versions expire command (server#24367) * Use proper bundles for files client and fileinfo (server#24377) * Properly encode path when fetching inherited shares (server#24387) * Formatting remote sharer should take protocol, path into account (server#24391) * Make sure we add new line between vcf groups exports (server#24443) * Fix public calendars shared to circles (server#24446) * Store scss variables under a different prefix for each theming config version (server#24453) * External storages: save group ids not display names in configuration (server#24455) * Use correct l10n source in files_sharing JS code (server#24462) * Set frame-ancestors to none if none are filled (server#24477) * Move the password fiels of chaging passwords to post (server#24478) * Move the global password for files external to post (server#24479) * Only attempt to move to trash if a file is not in appdata (server#24483) * Fix loading mtime of new file in conflict dialog in firefox (server#24491) * Harden setup check for TLS version if host is not reachable (server#24502) * Fix file size computation on 32bit platforms (server#24509) * Allow subscription to indicate that a userlimit is reached (server#24511) * Set mountid for personal external storage mounts (server#24513) * Only execute plain mimetype check for directories and do the fallback… (server#24517) * Fix vsprint parameter (server#24527) * Replace abandoned log normalizer with our fork (server#24530) * Add icon to user limit notification (server#24531) * Also run repair steps when encryption is disabled but a legacy key is present (server#24532) * [3rdparty][security] Archive TAR to 1.4.11 (server#24534) * Generate a new session id if the decrypting the session data fails (server#24553) * Revert "Do not read certificate bundle from data dir by default" (server#24556) * Dont use system composer for autoload checker (server#24557) * Remember me is not an app_password (server#24563) * Do not load nonexisting setup.js (server#24582) * Update sabre/xml to fix XML parsing errors (3rdparty#529) * Use composer v1 on CI (3rdparty#532) * Bump pear/archive_tar from 1.4.9 to 1.4.11 (3rdparty#536) * Replace abandoned log normalizer with our fork (3rdparty#543) * Allow nullable values as subject params (activity#535) * Don't log when unknown array is null (notifications#803) * Feat/virtual grid (photos#550) * Make sure we have a string to localecompare to (photos#583) * Always get recommendations for dashboard if enabled (recommendations#336) * Properly fetch oracle database information (serverinfo#258) * Also register to urlChanged event to update RichWorkspace (text#1181) * Move away from GET (text#1214) Update to 20.0.2 * CVE-2020-8293: Fixed input validation which allowed users to store unlimited data in workflow rules (boo#1181445). * CVE-2020-8294: Fixed a missing link validation (boo#1181803). * Inidicate preview availability in share api responses (server#23419) * CalDavBackend: check if timerange is array before accessing (server#23563) * Some emojis are in CHAR_CATEGORY_GENERAL_OTHER_TYPES (server#23575) * Also expire share type email (server#23583) * Only use index of mount point when it is there (server#23611) * Only retry fetching app store data once every 5 minutes in case it fails (server#23633) * Bring back the restore share button (server#23636) * Fix updates of NULL appconfig values (server#23641) * Fix sharing input placeholder for emails (server#23646) * Use bigint for fileid in filecache_extended (server#23690) * Enable theming background transparency (server#23699) * Fix sharer flag on ldap:show-remnants when user owned more than a single share (server#23702) * Make sure the function signatures of the backgroundjob match (server#23710) * Check if array elements exist before using them (server#23713) * Fix default quota display value in user row (server#23726) * Use lib instead if core as l10n module in OC_Files (server#23727) * Specify accept argument to avatar upload input field (server#23732) * Save email as lower case (server#23733) * Reset avatar cropper before showing (server#23736) * Also run the SabreAuthInitEvent for the main server (server#23745) * Type the \OCP\IUserManager::callForAllUsers closure with Psalm (server#23749) * Type the \OCP\AppFramework\Services\IInitialState::provideLazyInitial… (server#23751) * Don't overwrite the event if we use it later (server#23753) * Inform the user when flow config data exceeds thresholds (server#23759) * Type the \OCP\IUserManager::callForSeenUsers closure with Psalm (server#23763) * Catch errors when closing file conflict dialog (server#23774) * Document the backend registered events of LDAP (server#23779) * Fetch the logger and system config once for all query builder instances (server#23787) * Type the event dispatcher listener callables with Psalm (server#23789) * Only run phpunit when "php" changed (server#23794) * Remove bold font-weight and lower font-size for empty search box (server#23829) * No need to check if there is an avatar available, because it is gener… (server#23846) * Ensure filepicker list is empty before populating (server#23850) * UserStatus: clear status message if message is null (server#23858) * Fix grid view toggle in tags view (server#23874) * Restrict query when searching for versions of trashbin files (server#23884) * Fix potentially passing null to events where IUser is expected (server#23894) * Make user status styles scoped (server#23899) * Move help to separate stylesheet (server#23900) * Add default font size (server#23902) * Do not emit UserCreatedEvent twice (server#23917) * Bearer must be in the start of the auth header (server#23924) * Fix casting of integer and boolean on Oracle (server#23935) * Skip already loaded apps in loadApps (server#23948) * Fix repair mimetype step to not leave stray cursors (server#23950) * Improve query type detection (server#23951) * Fix iLike() falsely turning escaped % and _ into wildcards (server#23954) * Replace some usages of OC_DB in OC\Share\* with query builder (server#23955) * Use query builder instead of OC_DB in trashbin (server#23971) * Fix greatest/least order for oracle (server#23975) * Fix link share label placeholder not showing (server#23992) * Unlock when promoting to exclusive lock fails (server#23995) * Make sure root storage is valid before checking its size (server#23996) * Use query builder instead of OC_DB in OC\Files\* (server#23998) * Shortcut to avoid file system setup when generating the logo URL (server#24001) * Remove old legacy scripts references (server#24004) * Fix js search in undefined ocs response (server#24012) * Don't leave cursors open (server#24033) * Fix sharing tab state not matching resharing admin settings (server#24044) * Run unit tests against oracle (server#24049) * Use png icons in caldav reminder emails (server#24050) * Manually iterate over calendardata when oracle is used (server#24058) * Make is_user_defined nullable so we can store false on oracle (server#24079) * Fix default internal expiration date enforce (server#24081) * Register new command db:add-missing-primary-keys (server#24106) * Convert the card resource to a string if necessary (server#24114) * Don't throw on SHOW VERSION query (server#24147) * Bump dompurify to 2.2.2 (server#24153) * Set up FS before querying storage info in settings (server#24156) * Fix default internal expiration date (server#24159) * CircleId too short in some request (server#24178) * Revert "circleId too short in some request" (server#24183) * Missing level in ScopedPsrLogger (server#24212) * Fix activity spinner on empty activity (activity#523) * Add OCI github action (activity#528) * Disable download button by default (files_pdfviewer#257) * Feat/dependabot ga/stable20 (firstrunwizard#442) * Fix loading notifications without a message on oracle (notifications#796) * Do not setup appdata in constructor to avoid errors causing the whole instance to stop working (text#1105) * Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (text#1125) * Bump sass-loader from 10.0.1 to 10.0.5 (text#1134) * Bump webpack from 4.44.1 to 4.44.2 (text#1140) * Bump dependencies to version in range (text#1164) * Validate link on click (text#1166) * Add migration to fix oracle issues with the database schema (text#1177) * Bump cypress from 4.12.1 to 5.1.0 (text#1179) * Fix URL escaping of shared files (viewer#681) * Fix component click outside and cleanup structure (viewer#684) Update to 20.0.1 No changelog from upstream at this time. Update to 20.0.0 * Changes The three biggest features we introduce with Nextcloud 20 are: - Our new dashboard provides a great starting point for the day with over a dozen widgets ranging from Twitter and Github to Moodle and Zammad already available - Search was unified, bringing search results of Nextcloud apps as well as external services like Gitlab, Jira and Discourse in one place - Talk introduced bridging to other platforms including MS Teams, Slack, IRC, Matrix and a dozen others * Some other improvements we want to highlight include: - Notifications and Activities were brought together, making sure you won’t miss anything important - We added a ‘status’ setting so you can communicate to other users what you are up to - Talk also brings dashboard and search integration, emoji picker, upload view, camera and microphone settings, mute and more - Calendar integrates in dashboard and search, introduced a list view and design improvements - Mail introduces threaded view, mailbox management and more - Deck integrates with dashboard and search, introduces Calendar integration, modal view for card editing and series of smaller improvements - Flow adds push notification and webhooks so other web apps can easily integrate with Nextcloud - Text introduced direct linking to files in Nextcloud - Files lets you add a description to public link shares + Read the full announcement on our blog - NC-SA-2020-037 - CVE-2020-8295: Fixed Denial of service attack when resetting the password for a user(boo#1181804) - Update to 20.0.11 - Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied - Fix boo#1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse - Fix boo#1188249 - CVE-2021-32680: share expiration date wasn't properly logged - Fix boo#1188250 - CVE-2021-32688: lacking permission check with application specific tokens - Fix boo#1188251 - CVE-2021-32703: lack of ratelimiting on the shareinfo endpoint - Fix boo#1188252 - CVE-2021-32705: lack of ratelimiting on the public DAV endpoint - Fix boo#1188253 - CVE-2021-32725: default share permissions were not being respected for federated reshares of files and folders - Fix boo#1188254 - CVE-2021-32726: webauthn tokens were not deleted after a user has been deleted - Fix boo#1188255 - CVE-2021-32734: possible full path disclosure on shared files - Fix boo#1188256 - CVE-2021-32741: lack of ratelimiting on the public share link mount endpoint - Bump handlebars from 4.7.6 to 4.7.7 (server#26900) - Bump lodash from 4.17.20 to 4.17.21 (server#26909) - Bump hosted-git-info from 2.8.8 to 2.8.9 (server#26920) - Don't break OCC if an app is breaking in it's Application class (server#26954) - Add bruteforce protection to the shareinfo endpoint (server#26956) - Ignore readonly flag for directories (server#26965) - Throttle MountPublicLinkController when share is not found (server#26971) - Respect default share permissions for federated reshares (server#27001) - Harden apptoken check (server#27014) - Use parent wrapper to properly handle moves on the same source/target storage (server#27016) - Fix error when using CORS with no auth credentials (server#27027) - Fix return value of getStorageInfo when 'quota_include_external_storage' is enabled (server#27108) - Bump patch dependencies (server#27183) - Use noreply@ as email address for share emails (server#27209) - Bump p-queue from 6.6.1 to 6.6.2 (server#27226) - Bump browserslist from 4.14.0 to 4.16.6 (server#27247) - Bump webpack from 4.44.1 to 4.44.2 (server#27297) - Properly use limit and offset for search in Jail wrapper (server#27308) - Make user:report command scale (server#27319) - Properly log expiration date removal in audit log (server#27325) - Propagate throttling on OCS response (server#27337) - Set umask before operations that create local files (server#27349) - Escape filename in Content-Disposition (server#27360) - Don't update statuses to offline again and again (server#27412) - Header must contain a colon (server#27456) - Activate constraint check for oracle / pqsql also for 20 (server#27523) - Only allow removing existing shares that would not be allowed due to reshare restrictions (server#27552) - Bump ws from 7.3.1 to 7.5.0 (server#27570) - Properly cleanup entries of WebAuthn on user deletion (server#27596) - Throttle on public DAV endpoint (server#27617) - Bump vue-loader from 15.9.3 to 15.9.7 (server#27639) - Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (server#27651) - Validate the theming color also on CLI (server#27680) - Downstream encryption:fix-encrypted-version for repairing bad signature errors (server#27728) - Remove encodeURI code (files_pdfviewer#396) - Only ask for permissions on HTTPS (notifications#998) - Fix sorting if one of the file name is only composed with number (photos#785) - Backport 20 fix Photos not shown in large browser windows #630 (#686) (photos#810) - Update File.vue (photos#813) - Update chart.js (serverinfo#309) - Only return workspace property for top node in a propfind request (text#1611) - ViewerComponent: pass on autofocus to EditorWrapper (text#1647) - Use text/plain as content type for fetching the document (text#1692) - Log exceptions that happen on unknown exception and return generic messages (text#1698) - Add fixup (viewer#924) - Fix: fullscreen for Firefox (viewer#929) Update to 20.0.7 - Catch NotFoundException when querying quota (server#25315) - CalDAV] Validate notified emails (server#25324) - Fix/app fetcher php compat comparison (server#25347) - Show the actual error on share requests (server#25352) - Fix parameter provided as string not array (server#25366) - The objectid is a string (server#25374) - 20.0.7 final (server#25387) - Properly handle SMB ACL blocking scanning a directory (server#25421) - Don't break completely when creating the digest fail for one user (activity#556) - Only attempt to use a secure view if hide download is actually set (files_pdfviewer#296) - Fix opening PDF files with special characters in their name (files_pdfviewer#298) - Fix PDF viewer failing on Edge (not based on Chromium) (files_pdfviewer#299) - Cannot unfold plain text notifications (notifications#846) - Remove EPUB mimetype (text#1391) Update to 20.0.6 - Make sure to do priority app upgrades first (server#25077) - Respect DB restrictions on number of arguments in statements and queries (server#25120) - Add a hint about the direction of priority (server#25143) - Do not redirect to logout after login (server#25146) - Fix comparison of PHP versions (server#25152) - Add "composer.lock" for acceptance tests to git (server#25178) - Update CRL due to revoked gravatar.crl (server#25190) - Don't log keys on checkSignature (server#25193) - Update 3rdparty after Archive_Tar (server#25199) - Bump CA bundle (server#25219) - Update handling of user credentials (server#25225) - Fix encoding issue with OC.Notification.show (server#25244) - Also use storage copy when dav copying directories (server#25261) - Silence log message (server#25263) - Extend ILDAPProvider to allow reading arbitrairy ldap attributes for users (server#25276) - Do not obtain userFolder of a federated user (server#25278) - Bump pear/archive_tar from 1.4.11 to 1.4.12 (3rdparty#603) - Add gitignore entry for .github folder of dependencies (3rdparty#604) - Clear event array on getting them (activity#551) Update to 20.0.5 - Don't log params of imagecreatefromstring (server#24546) - Use storage copy implementation when doing dav copy (server#24590) - Use in objectstore copy (server#24592) - Add tel, note, org and title search (server#24697) - Check php compatibility of app store app releases (server#24698) - Fix #24682]: ensure federation cloud id is retruned if FN property not found (server#24709) - Do not include non-required scripts on the upgrade page (server#24714) - LDAP: fix inGroup for memberUid type of group memberships (server#24716) - Cancel user search requests to avoid duplicate results being added (server#24728) - Also unset the other possible unused paramters (server#24751) - Enables the file name check also to match name of mountpoints (server#24760) - Fixes sharing to group ids with characters that are being url encoded (server#24763) - Limit getIncomplete query to one row (server#24791) - Fix Argon2 descriptions (server#24792) - Actually set the TTL on redis set (server#24798) - Allow to force rename a conflicting calendar (server#24806) - Fix IPv6 localhost regex (server#24823) - Catch the error on heartbeat update (server#24826) - Make oc_files_trash.auto_id a bigint (server#24853) - Fix total upload size overwritten by next upload (server#24854) - Avoid huge exception argument logging (server#24876) - Make share results distinguishable if there are more than one with the exact same display name (server#24878) - Add migration for oc_share_external columns (server#24963) - Don't throw a 500 when importing a broken ics reminder file (server#24972) - Fix unreliable ViewTest (server#24976) - Update root.crl due to revocation of transmission.crt (server#24990) - Set the JSCombiner cache if needed (server#24997) - Fix column name to check prior to deleting (server#25009) - Catch throwable instead of exception (server#25013) - Set the user language when adding the footer (server#25019) - Change defaultapp in config.sample.php to dashboard to improve docs and align it to source code (server#25030) - Fix clearing the label of a share (server#25035) - Update psalm-baseline.xml (server#25066) - Don't remove assignable column for now (server#25074) - Add setup check to verify that the used DB version is still supported… (server#25076) - Correctly set the user for activity parsing when preparing a notifica… (activity#542) - Bump vue-virtual-grid from 2.2.1 to 2.3.0 (photos#597) - Catch possible database exceptions when fetching document data (text#1221) - Make sure we have the proper PHP version installed before running composer (text#1234) - Revert removal of transformResponse (text#1235) - Bump prosemirror-view from 1.16.1 to 1.16.5 (text#1255) - Bump @babel/preset-env from 7.12.1 to 7.12.11 (text#1257) - Bump babel-loader from 8.1.0 to 8.2.2 (text#1259) - Bump eslint-plugin-standard from 4.0.2 to 4.1.0 (text#1261) - Bump vue-loader from 15.9.5 to 15.9.6 (text#1263) - Bump prosemirror-model from 1.12.0 to 1.13.1 (text#1265) - Bump core-js from 3.7.0 to 3.8.1 (text#1266) - Bump stylelint from 13.7.2 to 13.8.0 (text#1269) - Bump @babel/plugin-transform-runtime from 7.12.1 to 7.12.10 (text#1271) - Bump sass-loader from 10.0.5 to 10.1.0 (text#1273) - Bump webpack-merge from 5.3.0 to 5.7.2 (text#1274) - Bump @babel/core from 7.12.3 to 7.12.10 (text#1277) - Bump cypress from 5.1.0 to 5.6.0 (text#1278) - Bump @vue/test-utils from 1.1.1 to 1.1.2 (text#1279) - Bump webpack-merge from 5.7.2 to 5.7.3 (text#1303) - The apache subpackage must require the main package, otherwise it will not be uninstalled when the main package is uninstalled. Update to 20.0.4 - Avoid dashboard crash when accessibility app is not installed (server#24636) - Bump ini from 1.3.5 to 1.3.7 (server#24649) - Handle owncloud migration to latest release (server#24653) - Use string for storing a OCM remote id (server#24654) - Fix MySQL database size calculation (serverinfo#262) - Bump cypress-io/github-action@v2 (viewer#722) - Fix] sidebar opening animation (viewer#723) - Fix not.exist cypress and TESTING checks (viewer#725) - Put apache configuration files in separate subpackage. - Use apache-rpm-macros for SUSE. - Change oc_* macros to nc_* macros. - Insert macro apache_serverroot also in cron files. Update to 20.0.3 * Check quota of subdirectories when uploading to them (server#24181) * CircleId too short in some request (server#24196) * Missing level in ScopedPsrLogger (server#24212) * Fix nextcloud logo in email notifications misalignment (server#24228) * Allow selecting multiple columns with SELECT DISTINCT (server#24230) * Use file name instead of path in 'not allowed to share' message (server#24231) * Fix setting images through occ for theming (server#24232) * Use regex when searching on single file shares (server#24239) * Harden EncryptionLegacyCipher a bit (server#24249) * Update ScanLegacyFormat.php (server#24258) * Simple typo in comments (server#24259) * Use correct year for generated birthdays events (server#24263) * Delete files that exceed trashbin size immediately (server#24297) * Update sabre/xml to fix XML parsing errors (server#24311) * Only check path for being accessible when the storage is a object home (server#24325) * Avoid empty null default with value that will be inserted anyways (server#24333) * Fix contacts menu position and show uid as a tooltip (server#24342) * Fix the config key on the sharing expire checkbox (server#24346) * Set the display name of federated sharees from addressbook (server#24353) * Catch storage not available in versions expire command (server#24367) * Use proper bundles for files client and fileinfo (server#24377) * Properly encode path when fetching inherited shares (server#24387) * Formatting remote sharer should take protocol, path into account (server#24391) * Make sure we add new line between vcf groups exports (server#24443) * Fix public calendars shared to circles (server#24446) * Store scss variables under a different prefix for each theming config version (server#24453) * External storages: save group ids not display names in configuration (server#24455) * Use correct l10n source in files_sharing JS code (server#24462) * Set frame-ancestors to none if none are filled (server#24477) * Move the password fiels of chaging passwords to post (server#24478) * Move the global password for files external to post (server#24479) * Only attempt to move to trash if a file is not in appdata (server#24483) * Fix loading mtime of new file in conflict dialog in firefox (server#24491) * Harden setup check for TLS version if host is not reachable (server#24502) * Fix file size computation on 32bit platforms (server#24509) * Allow subscription to indicate that a userlimit is reached (server#24511) * Set mountid for personal external storage mounts (server#24513) * Only execute plain mimetype check for directories and do the fallback… (server#24517) * Fix vsprint parameter (server#24527) * Replace abandoned log normalizer with our fork (server#24530) * Add icon to user limit notification (server#24531) * Also run repair steps when encryption is disabled but a legacy key is present (server#24532) * [3rdparty][security] Archive TAR to 1.4.11 (server#24534) * Generate a new session id if the decrypting the session data fails (server#24553) * Revert "Do not read certificate bundle from data dir by default" (server#24556) * Dont use system composer for autoload checker (server#24557) * Remember me is not an app_password (server#24563) * Do not load nonexisting setup.js (server#24582) * Update sabre/xml to fix XML parsing errors (3rdparty#529) * Use composer v1 on CI (3rdparty#532) * Bump pear/archive_tar from 1.4.9 to 1.4.11 (3rdparty#536) * Replace abandoned log normalizer with our fork (3rdparty#543) * Allow nullable values as subject params (activity#535) * Don't log when unknown array is null (notifications#803) * Feat/virtual grid (photos#550) * Make sure we have a string to localecompare to (photos#583) * Always get recommendations for dashboard if enabled (recommendations#336) * Properly fetch oracle database information (serverinfo#258) * Also register to urlChanged event to update RichWorkspace (text#1181) * Move away from GET (text#1214) Update to 20.0.2 * CVE-2020-8293: Fixed input validation which allowed users to store unlimited data in workflow rules (boo#1181445). * CVE-2020-8294: Fixed a missing link validation (boo#1181803). * Inidicate preview availability in share api responses (server#23419) * CalDavBackend: check if timerange is array before accessing (server#23563) * Some emojis are in CHAR_CATEGORY_GENERAL_OTHER_TYPES (server#23575) * Also expire share type email (server#23583) * Only use index of mount point when it is there (server#23611) * Only retry fetching app store data once every 5 minutes in case it fails (server#23633) * Bring back the restore share button (server#23636) * Fix updates of NULL appconfig values (server#23641) * Fix sharing input placeholder for emails (server#23646) * Use bigint for fileid in filecache_extended (server#23690) * Enable theming background transparency (server#23699) * Fix sharer flag on ldap:show-remnants when user owned more than a single share (server#23702) * Make sure the function signatures of the backgroundjob match (server#23710) * Check if array elements exist before using them (server#23713) * Fix default quota display value in user row (server#23726) * Use lib instead if core as l10n module in OC_Files (server#23727) * Specify accept argument to avatar upload input field (server#23732) * Save email as lower case (server#23733) * Reset avatar cropper before showing (server#23736) * Also run the SabreAuthInitEvent for the main server (server#23745) * Type the \OCP\IUserManager::callForAllUsers closure with Psalm (server#23749) * Type the \OCP\AppFramework\Services\IInitialState::provideLazyInitial… (server#23751) * Don't overwrite the event if we use it later (server#23753) * Inform the user when flow config data exceeds thresholds (server#23759) * Type the \OCP\IUserManager::callForSeenUsers closure with Psalm (server#23763) * Catch errors when closing file conflict dialog (server#23774) * Document the backend registered events of LDAP (server#23779) * Fetch the logger and system config once for all query builder instances (server#23787) * Type the event dispatcher listener callables with Psalm (server#23789) * Only run phpunit when "php" changed (server#23794) * Remove bold font-weight and lower font-size for empty search box (server#23829) * No need to check if there is an avatar available, because it is gener… (server#23846) * Ensure filepicker list is empty before populating (server#23850) * UserStatus: clear status message if message is null (server#23858) * Fix grid view toggle in tags view (server#23874) * Restrict query when searching for versions of trashbin files (server#23884) * Fix potentially passing null to events where IUser is expected (server#23894) * Make user status styles scoped (server#23899) * Move help to separate stylesheet (server#23900) * Add default font size (server#23902) * Do not emit UserCreatedEvent twice (server#23917) * Bearer must be in the start of the auth header (server#23924) * Fix casting of integer and boolean on Oracle (server#23935) * Skip already loaded apps in loadApps (server#23948) * Fix repair mimetype step to not leave stray cursors (server#23950) * Improve query type detection (server#23951) * Fix iLike() falsely turning escaped % and _ into wildcards (server#23954) * Replace some usages of OC_DB in OC\Share\* with query builder (server#23955) * Use query builder instead of OC_DB in trashbin (server#23971) * Fix greatest/least order for oracle (server#23975) * Fix link share label placeholder not showing (server#23992) * Unlock when promoting to exclusive lock fails (server#23995) * Make sure root storage is valid before checking its size (server#23996) * Use query builder instead of OC_DB in OC\Files\* (server#23998) * Shortcut to avoid file system setup when generating the logo URL (server#24001) * Remove old legacy scripts references (server#24004) * Fix js search in undefined ocs response (server#24012) * Don't leave cursors open (server#24033) * Fix sharing tab state not matching resharing admin settings (server#24044) * Run unit tests against oracle (server#24049) * Use png icons in caldav reminder emails (server#24050) * Manually iterate over calendardata when oracle is used (server#24058) * Make is_user_defined nullable so we can store false on oracle (server#24079) * Fix default internal expiration date enforce (server#24081) * Register new command db:add-missing-primary-keys (server#24106) * Convert the card resource to a string if necessary (server#24114) * Don't throw on SHOW VERSION query (server#24147) * Bump dompurify to 2.2.2 (server#24153) * Set up FS before querying storage info in settings (server#24156) * Fix default internal expiration date (server#24159) * CircleId too short in some request (server#24178) * Revert "circleId too short in some request" (server#24183) * Missing level in ScopedPsrLogger (server#24212) * Fix activity spinner on empty activity (activity#523) * Add OCI github action (activity#528) * Disable download button by default (files_pdfviewer#257) * Feat/dependabot ga/stable20 (firstrunwizard#442) * Fix loading notifications without a message on oracle (notifications#796) * Do not setup appdata in constructor to avoid errors causing the whole instance to stop working (text#1105) * Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (text#1125) * Bump sass-loader from 10.0.1 to 10.0.5 (text#1134) * Bump webpack from 4.44.1 to 4.44.2 (text#1140) * Bump dependencies to version in range (text#1164) * Validate link on click (text#1166) * Add migration to fix oracle issues with the database schema (text#1177) * Bump cypress from 4.12.1 to 5.1.0 (text#1179) * Fix URL escaping of shared files (viewer#681) * Fix component click outside and cleanup structure (viewer#684) Update to 20.0.1 No changelog from upstream at this time. Update to 20.0.0 * Changes The three biggest features we introduce with Nextcloud 20 are: - Our new dashboard provides a great starting point for the day with over a dozen widgets ranging from Twitter and Github to Moodle and Zammad already available - Search was unified, bringing search results of Nextcloud apps as well as external services like Gitlab, Jira and Discourse in one place - Talk introduced bridging to other platforms including MS Teams, Slack, IRC, Matrix and a dozen others * Some other improvements we want to highlight include: - Notifications and Activities were brought together, making sure you won’t miss anything important - We added a ‘status’ setting so you can communicate to other users what you are up to - Talk also brings dashboard and search integration, emoji picker, upload view, camera and microphone settings, mute and more - Calendar integrates in dashboard and search, introduced a list view and design improvements - Mail introduces threaded view, mailbox management and more - Deck integrates with dashboard and search, introduces Calendar integration, modal view for card editing and series of smaller improvements - Flow adds push notification and webhooks so other web apps can easily integrate with Nextcloud - Text introduced direct linking to files in Nextcloud - Files lets you add a description to public link shares + Read the full announcement on our blog - NC-SA-2020-037 - CVE-2020-8295: Fixed Denial of service attack when resetting the password for a user(boo#1181804) - Update to 20.0.11 - Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied - Fix boo#1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse - Fix boo#1188249 - CVE-2021-32680: share expiration date wasn't properly logged - Fix boo#1188250 - CVE-2021-32688: lacking permission check with application specific tokens - Fix boo#1188251 - CVE-2021-32703: lack of ratelimiting on the shareinfo endpoint - Fix boo#1188252 - CVE-2021-32705: lack of ratelimiting on the public DAV endpoint - Fix boo#1188253 - CVE-2021-32725: default share permissions were not being respected for federated reshares of files and folders - Fix boo#1188254 - CVE-2021-32726: webauthn tokens were not deleted after a user has been deleted - Fix boo#1188255 - CVE-2021-32734: possible full path disclosure on shared files - Fix boo#1188256 - CVE-2021-32741: lack of ratelimiting on the public share link mount endpoint - Bump handlebars from 4.7.6 to 4.7.7 (server#26900) - Bump lodash from 4.17.20 to 4.17.21 (server#26909) - Bump hosted-git-info from 2.8.8 to 2.8.9 (server#26920) - Don't break OCC if an app is breaking in it's Application class (server#26954) - Add bruteforce protection to the shareinfo endpoint (server#26956) - Ignore readonly flag for directories (server#26965) - Throttle MountPublicLinkController when share is not found (server#26971) - Respect default share permissions for federated reshares (server#27001) - Harden apptoken check (server#27014) - Use parent wrapper to properly handle moves on the same source/target storage (server#27016) - Fix error when using CORS with no auth credentials (server#27027) - Fix return value of getStorageInfo when 'quota_include_external_storage' is enabled (server#27108) - Bump patch dependencies (server#27183) - Use noreply@ as email address for share emails (server#27209) - Bump p-queue from 6.6.1 to 6.6.2 (server#27226) - Bump browserslist from 4.14.0 to 4.16.6 (server#27247) - Bump webpack from 4.44.1 to 4.44.2 (server#27297) - Properly use limit and offset for search in Jail wrapper (server#27308) - Make user:report command scale (server#27319) - Properly log expiration date removal in audit log (server#27325) - Propagate throttling on OCS response (server#27337) - Set umask before operations that create local files (server#27349) - Escape filename in Content-Disposition (server#27360) - Don't update statuses to offline again and again (server#27412) - Header must contain a colon (server#27456) - Activate constraint check for oracle / pqsql also for 20 (server#27523) - Only allow removing existing shares that would not be allowed due to reshare restrictions (server#27552) - Bump ws from 7.3.1 to 7.5.0 (server#27570) - Properly cleanup entries of WebAuthn on user deletion (server#27596) - Throttle on public DAV endpoint (server#27617) - Bump vue-loader from 15.9.3 to 15.9.7 (server#27639) - Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (server#27651) - Validate the theming color also on CLI (server#27680) - Downstream encryption:fix-encrypted-version for repairing bad signature errors (server#27728) - Remove encodeURI code (files_pdfviewer#396) - Only ask for permissions on HTTPS (notifications#998) - Fix sorting if one of the file name is only composed with number (photos#785) - Backport 20 fix Photos not shown in large browser windows #630 (#686) (photos#810) - Update File.vue (photos#813) - Update chart.js (serverinfo#309) - Only return workspace property for top node in a propfind request (text#1611) - ViewerComponent: pass on autofocus to EditorWrapper (text#1647) - Use text/plain as content type for fetching the document (text#1692) - Log exceptions that happen on unknown exception and return generic messages (text#1698) - Add fixup (viewer#924) - Fix: fullscreen for Firefox (viewer#929) nextcloud-20.0.11-bp151.3.15.1.noarch.rpm nextcloud-20.0.11-bp151.3.15.1.src.rpm nextcloud-apache-20.0.11-bp151.3.15.1.noarch.rpm openSUSE-2021-1052 moderate openSUSE Backports SLE-15-SP1 Update This update for fossil fixes the following issues: fossil 2.16: * Add the fossil patch command * Improve the fossil ui command to work on check-out directories and remote machines * web UI improvements * Add fossil bisect run command for improved automation of bisects * Improve fossil merge handling of renames * wiki now defaults to markdown * email alerts can now be set to expire to prevent sending mail to abandoned accounts forever fossil 2.15.2: * Fix the client-side TLS so that it verifies that the server hostname matches its certificate (boo#1187988) fossil 2.15.1: * fix access to tables starting "fx_" in ticket report fossil 2.15: * Relax default Content Security policy to allow images to be loaded from any URL * Updates to skins and their configuration options * Built-in skin can now be selected via the skin= request parameter and the /skins page. * /cookies page can now now delete individual cookies * Various extensions to diff displaz and operations * Add the --list option to the tarball, zip, and sqlar commands. * New TH1 commands: "builtin_request_js", "capexpr", "foreach", "lappend", and "string match" * The leaves command now shows the branch point of each leaf. * The fossil add command refuses to add files whose names are reserved by Windows (ex: "aux") unless the --allow-reserved option is included. fossil 2.14 * add fossil chat * enhanced fossil clone * performance optimization * enhanced documents * Pikchr improvements * Schema Update Notice #1: This release drops a trigger from the database schema * Schema Update Notice #2: This release changes how the descriptions of wiki edits are stored in the EVENT table, for improved display on timelines fossil 2.13: * wiki improvements: interwiki links, markup features * support for rendering pikchr markup scriptions * line number modes support interactive selection of range of lines to hyperlink to * Enhance finfo page to track a file across renames - minimum/bundled version of sqlite increased to 3.34.0 fossil-2.16-bp151.4.9.1.src.rpm fossil-2.16-bp151.4.9.1.x86_64.rpm fossil-2.16-bp151.4.9.1.aarch64.rpm fossil-2.16-bp151.4.9.1.ppc64le.rpm fossil-2.16-bp151.4.9.1.s390x.rpm openSUSE-2021-1053 moderate openSUSE Backports SLE-15-SP1 Update This update for icinga2 fixes the following issues: icinga2 was updated to 2.12.4 * Bugfixes - Fix a crash when notification objects are deleted using the API #8782 - Fix crashes that might occur during downtime scheduling if host or downtime objects are deleted using the API #8785 - Fix an issue where notifications may incorrectly be skipped after a downtime ends #8775 - Don't send reminder notification if the notification is still suppressed by a time period #8808 - Fix an issue where attempting to create a duplicate object using the API might result in the original object being deleted #8787 - IDO: prioritize program status updates #8809 - Improve exceptions handling, including a fix for an uncaught exception on Windows #8777 - Retry file rename operations on Windows to avoid intermittent locking issues #8771 Update to 2.12.3 * Security - Fix that revoked certificates due for renewal will automatically be renewed ignoring the CRL (Advisory / CVE-2020-29663 - fixes boo#1180147 ) * Bugfixes - Improve config sync locking - resolves high load issues on Windows #8511 - Fix runtime config updates being ignored for objects without zone #8549 - Use proper buffer size for OpenSSL error messages #8542 * Enhancements - On checkable recovery: re-check children that have a problem #8506 Update to 2.12.2 * Bugfixes - Fix a connection leak with misconfigured agents #8483 - Properly sync changes of config objects in global zones done via the API #8474 #8470 - Prevent other clients from being disconnected when replaying the cluster log takes very long #8496 - Avoid duplicate connections between endpoints #8465 - Ignore incoming config object updates for unknown zones #8461 - Check timestamps before removing files in config sync #8495 * Enhancements - Include HTTP status codes in log #8467 icinga2-2.12.4-bp151.3.6.1.src.rpm icinga2-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-bin-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-common-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-doc-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-ido-mysql-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-ido-pgsql-2.12.4-bp151.3.6.1.x86_64.rpm nano-icinga2-2.12.4-bp151.3.6.1.x86_64.rpm vim-icinga2-2.12.4-bp151.3.6.1.x86_64.rpm icinga2-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-bin-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-common-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-doc-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-ido-mysql-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-ido-pgsql-2.12.4-bp151.3.6.1.aarch64.rpm nano-icinga2-2.12.4-bp151.3.6.1.aarch64.rpm vim-icinga2-2.12.4-bp151.3.6.1.aarch64.rpm icinga2-2.12.4-bp151.3.6.1.ppc64le.rpm icinga2-bin-2.12.4-bp151.3.6.1.ppc64le.rpm icinga2-common-2.12.4-bp151.3.6.1.ppc64le.rpm icinga2-doc-2.12.4-bp151.3.6.1.ppc64le.rpm icinga2-ido-mysql-2.12.4-bp151.3.6.1.ppc64le.rpm icinga2-ido-pgsql-2.12.4-bp151.3.6.1.ppc64le.rpm nano-icinga2-2.12.4-bp151.3.6.1.ppc64le.rpm vim-icinga2-2.12.4-bp151.3.6.1.ppc64le.rpm openSUSE-2021-1089 moderate openSUSE Backports SLE-15-SP1 Update This update for icinga2 fixes the following issues: icinga2 was updated to 2.12.5: Version 2.12.5 fixes two security vulnerabilities that may lead to privilege escalation for authenticated API users. Other improvements include several bugfixes related to downtimes, downtime notifications, and more reliable connection handling. * Security - Don't expose the PKI ticket salt via the API. This may lead to privilege escalation for authenticated API users by them being able to request certificates for other identities (CVE-2021-32739) - Don't expose IdoMysqlConnection, IdoPgsqlConnection, and ElasticsearchWriter passwords via the API (CVE-2021-32743) Depending on your setup, manual intervention beyond installing the new versions may be required, so please read the more detailed information in the release blog post carefully. * Bugfixes - Don't send downtime end notification if downtime hasn't started #8878 - Don't let a failed downtime creation block the others #8871 - Support downtimes and comments for checkables with long names #8870 - Trigger fixed downtimes immediately if the current time matches (instead of waiting for the timer) #8891 - Add configurable timeout for full connection handshake #8872 * Enhancements - Replace existing downtimes on ScheduledDowntime change #8880 - Improve crashlog #8869 icinga2-2.12.5-bp151.3.9.1.src.rpm icinga2-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-bin-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-common-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-doc-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-ido-mysql-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-ido-pgsql-2.12.5-bp151.3.9.1.x86_64.rpm nano-icinga2-2.12.5-bp151.3.9.1.x86_64.rpm vim-icinga2-2.12.5-bp151.3.9.1.x86_64.rpm icinga2-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-bin-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-common-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-doc-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-ido-mysql-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-ido-pgsql-2.12.5-bp151.3.9.1.aarch64.rpm nano-icinga2-2.12.5-bp151.3.9.1.aarch64.rpm vim-icinga2-2.12.5-bp151.3.9.1.aarch64.rpm icinga2-2.12.5-bp151.3.9.1.ppc64le.rpm icinga2-bin-2.12.5-bp151.3.9.1.ppc64le.rpm icinga2-common-2.12.5-bp151.3.9.1.ppc64le.rpm icinga2-doc-2.12.5-bp151.3.9.1.ppc64le.rpm icinga2-ido-mysql-2.12.5-bp151.3.9.1.ppc64le.rpm icinga2-ido-pgsql-2.12.5-bp151.3.9.1.ppc64le.rpm nano-icinga2-2.12.5-bp151.3.9.1.ppc64le.rpm vim-icinga2-2.12.5-bp151.3.9.1.ppc64le.rpm openSUSE-2021-1124 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Update to version 21.07.00: * ACPICA: Update to version 20210730 * uefirttime: Fix incorrect error messages for invalid time test * fwts-test: sync up with updates in fwts_wmi_known_guids * acpi/wmi: update WMI known GUIDs from Linux kernel 5.14-rc1 * sbbr: remove pm_file test (not required in BBR 1.0) * lib: fwts_version.h - update to V21.07.00 * debian: update changelog * auto-packager: mkpackage.sh: remove groovy * uefirttime: add advice for the timezone 2047 failure (LP: #1933503) * fwts-test: sync up with DBG2 changes from BSA updates * fwts_acpi_tables: skip FACS warning for reduced hardware * acpi: method: Make _AEI test optional for SBBR * acpi: dbg2: Allow 16550 compatible serial port in DBG2 * acpi: method: Make method_test_ADR() optional * sbbr: adjust signature name for MADT * sbbr: remove SSDT from mandatory list * sbbr: acpitables: add new recommended tables * acpi: acpitables: add advices for table revision tests Update to version 21.06.00: * lib: fwts_version.h - update to V21.06.00 * debian: update changelog * fwts_acpi_tables: memcpy 4 char ACPI table name * Remove complex disabling of ACPI for non-ACPI targets * Debian: move source lintian overrides file to source * Add lintian overrides for ldconfig trigger warning * Debian: control: update Standards-Version to 4.1.0 * Debian: update compat level to 9 * Debian: add Rules-Requires-Root field to control file * Debian: add project Homepage field to control file * debian/copyright: use secure https url specifier * Debian: remove spaces at end of lines of control file * Debian: remove spaces at end of lines of changelong * auto-packager: mkpackage.sh: remove xenial * live-image: add "TPM tests" to root menu * live-image: add utils tests to "Selected" menu * tpmevlog: add to batch tests * klog.json: check IRQ requests on irqchip fwts-21.07.00-bp151.4.15.1.src.rpm fwts-21.07.00-bp151.4.15.1.x86_64.rpm fwts-21.07.00-bp151.4.15.1.aarch64.rpm openSUSE-2021-1125 moderate openSUSE Backports SLE-15-SP1 Update This update for aria2 fixes the following issues: Update to version 1.35.0: * Drop SSLv3.0 and TLSv1.0 and add TLSv1.3 * TLSv1.3 support is added for GNUTLS and OpenSSL. * Platform: Fix compilation without deprecated OpenSSL APIs * Remove linux getrandom and use C++ stdlib instead * Don't send Accept Metalink header if Metalink is disabled - Move bash completion to better location Update to version 1.34.0: * UnknownLengthPieceStorage: return piece length show something in console status when downloading items with unknown content length * Fix bug that signal handler does not work with libaria2 when aria2::RUN_ONCE is passed to aria2::run(). * Retry on HTTP 502 aria2-1.35.0-bp151.5.3.1.src.rpm aria2-1.35.0-bp151.5.3.1.x86_64.rpm aria2-devel-1.35.0-bp151.5.3.1.x86_64.rpm aria2-lang-1.35.0-bp151.5.3.1.noarch.rpm libaria2-0-1.35.0-bp151.5.3.1.x86_64.rpm aria2-1.35.0-bp151.5.3.1.aarch64.rpm aria2-devel-1.35.0-bp151.5.3.1.aarch64.rpm libaria2-0-1.35.0-bp151.5.3.1.aarch64.rpm aria2-1.35.0-bp151.5.3.1.ppc64le.rpm aria2-devel-1.35.0-bp151.5.3.1.ppc64le.rpm libaria2-0-1.35.0-bp151.5.3.1.ppc64le.rpm aria2-1.35.0-bp151.5.3.1.s390x.rpm aria2-devel-1.35.0-bp151.5.3.1.s390x.rpm libaria2-0-1.35.0-bp151.5.3.1.s390x.rpm openSUSE-2021-1187 critical openSUSE Backports SLE-15-SP1 Update This update for libspf2 fixes the following issue: - CVE-2021-20314: A remote overflow in SPF parsing could lead to remote code execution (bsc#1189104) libspf2-1.2.10-bp151.7.1.src.rpm libspf2-2-1.2.10-bp151.7.1.x86_64.rpm libspf2-2-debuginfo-1.2.10-bp151.7.1.x86_64.rpm libspf2-debuginfo-1.2.10-bp151.7.1.x86_64.rpm libspf2-debugsource-1.2.10-bp151.7.1.x86_64.rpm libspf2-devel-1.2.10-bp151.7.1.x86_64.rpm libspf2-tools-1.2.10-bp151.7.1.x86_64.rpm libspf2-tools-debuginfo-1.2.10-bp151.7.1.x86_64.rpm libspf2-2-1.2.10-bp151.7.1.aarch64.rpm libspf2-2-debuginfo-1.2.10-bp151.7.1.aarch64.rpm libspf2-debuginfo-1.2.10-bp151.7.1.aarch64.rpm libspf2-debugsource-1.2.10-bp151.7.1.aarch64.rpm libspf2-devel-1.2.10-bp151.7.1.aarch64.rpm libspf2-tools-1.2.10-bp151.7.1.aarch64.rpm libspf2-tools-debuginfo-1.2.10-bp151.7.1.aarch64.rpm libspf2-2-1.2.10-bp151.7.1.ppc64le.rpm libspf2-2-debuginfo-1.2.10-bp151.7.1.ppc64le.rpm libspf2-debuginfo-1.2.10-bp151.7.1.ppc64le.rpm libspf2-debugsource-1.2.10-bp151.7.1.ppc64le.rpm libspf2-devel-1.2.10-bp151.7.1.ppc64le.rpm libspf2-tools-1.2.10-bp151.7.1.ppc64le.rpm libspf2-tools-debuginfo-1.2.10-bp151.7.1.ppc64le.rpm libspf2-2-1.2.10-bp151.7.1.s390x.rpm libspf2-2-debuginfo-1.2.10-bp151.7.1.s390x.rpm libspf2-debuginfo-1.2.10-bp151.7.1.s390x.rpm libspf2-debugsource-1.2.10-bp151.7.1.s390x.rpm libspf2-devel-1.2.10-bp151.7.1.s390x.rpm libspf2-tools-1.2.10-bp151.7.1.s390x.rpm libspf2-tools-debuginfo-1.2.10-bp151.7.1.s390x.rpm openSUSE-2021-1274 important openSUSE Backports SLE-15-SP1 Update This update for fail2ban fixes the following issues: - CVE-2021-32749: prevent a command injection via mail command (boo#1188610) - Integrate change to resolve boo#1146856 and boo#1180738 Update to 0.11.2 - increased stability, filter and action updates New Features and Enhancements * fail2ban-regex: - speedup formatted output (bypass unneeded stats creation) - extended with prefregex statistic - more informative output for `datepattern` (e. g. set from filter) - pattern : description * parsing of action in jail-configs considers space between action-names as separator also (previously only new-line was allowed), for example `action = a b` would specify 2 actions `a` and `b` * new filter and jail for GitLab recognizing failed application logins (gh#fail2ban/fail2ban#2689) * new filter and jail for Grafana recognizing failed application logins (gh#fail2ban/fail2ban#2855) * new filter and jail for SoftEtherVPN recognizing failed application logins (gh#fail2ban/fail2ban#2723) * `filter.d/guacamole.conf` extended with `logging` parameter to follow webapp-logging if it's configured (gh#fail2ban/fail2ban#2631) * `filter.d/bitwarden.conf` enhanced to support syslog (gh#fail2ban/fail2ban#2778) * introduced new prefix `{UNB}` for `datepattern` to disable word boundaries in regex; * datetemplate: improved anchor detection for capturing groups `(^...)`; * datepattern: improved handling with wrong recognized timestamps (timezones, no datepattern, etc) as well as some warnings signaling user about invalid pattern or zone (gh#fail2ban/fail2ban#2814): - filter gets mode in-operation, which gets activated if filter starts processing of new messages; in this mode a timestamp read from log-line that appeared recently (not an old line), deviating too much from now (up too 24h), will be considered as now (assuming a timezone issue), so could avoid unexpected bypass of failure (previously exceeding `findtime`); - better interaction with non-matching optional datepattern or invalid timestamps; - implements special datepattern `{NONE}` - allow to find failures totally without date-time in log messages, whereas filter will use now as timestamp (gh#fail2ban/fail2ban#2802) * performance optimization of `datepattern` (better search algorithm in datedetector, especially for single template); * fail2ban-client: extended to unban IP range(s) by subnet (CIDR/mask) or hostname (DNS), gh#fail2ban/fail2ban#2791; * extended capturing of alternate tags in filter, allowing combine of multiple groups to single tuple token with new tag prefix `<F-TUPLE_`, that would combine value of `<F-V>` with all value of `<F-TUPLE_V?_n?>` tags (gh#fail2ban/fail2ban#2755) - Fixes * [stability] prevent race condition - no ban if filter (backend) is continuously busy if too many messages will be found in log, e. g. initial scan of large log-file or journal (gh#fail2ban/fail2ban#2660) * pyinotify-backend sporadically avoided initial scanning of log-file by start * python 3.9 compatibility (and Travis CI support) * restoring a large number (500+ depending on files ulimit) of current bans when using PyPy fixed * manual ban is written to database, so can be restored by restart (gh#fail2ban/fail2ban#2647) * `jail.conf`: don't specify `action` directly in jails (use `action_` or `banaction` instead) * no mails-action added per default anymore (e. g. to allow that `action = %(action_mw)s` should be specified per jail or in default section in jail.local), closes gh#fail2ban/fail2ban#2357 * ensure we've unique action name per jail (also if parameter `actname` is not set but name deviates from standard name, gh#fail2ban/fail2ban#2686) * don't use `%(banaction)s` interpolation because it can be complex value (containing `[...]` and/or quotes), so would bother the action interpolation * fixed type conversion in config readers (take place after all interpolations get ready), that allows to specify typed parameters variable (as substitutions) as well as to supply it in other sections or as init parameters. * `action.d/*-ipset*.conf`: several ipset actions fixed (no timeout per default anymore), so no discrepancy between ipset and fail2ban (removal from ipset will be managed by fail2ban only, gh#fail2ban/fail2ban#2703) * `action.d/cloudflare.conf`: fixed `actionunban` (considering new-line chars and optionally real json-parsing with `jq`, gh#fail2ban/fail2ban#2140, gh#fail2ban/fail2ban#2656) * `action.d/nftables.conf` (type=multiport only): fixed port range selector, replacing `:` with `-` (gh#fail2ban/fail2ban#2763) * `action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-` (gh#fail2ban/fail2ban#2821) * `action.d/bsd-ipfw.conf`: fixed selection of rule-no by large list or initial `lowest_rule_num` (gh#fail2ban/fail2ban#2836) * `filter.d/common.conf`: avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (inside the filter-config, gh#fail2ban/fail2ban#2650) * `filter.d/dovecot.conf`: - add managesieve and submission support (gh#fail2ban/fail2ban#2795); - accept messages with more verbose logging (gh#fail2ban/fail2ban#2573); * `filter.d/courier-smtp.conf`: prefregex extended to consider port in log-message (gh#fail2ban/fail2ban#2697) * `filter.d/traefik-auth.conf`: filter extended with parameter mode (`normal`, `ddos`, `aggressive`) to handle the match of username differently (gh#fail2ban/fail2ban#2693): - `normal`: matches 401 with supplied username only - `ddos`: matches 401 without supplied username only - `aggressive`: matches 401 and any variant (with and without username) * `filter.d/sshd.conf`: normalizing of user pattern in all RE's, allowing empty user (gh#fail2ban/fail2ban#2749) Update to 0.11.1: * Increment ban time (+ observer) functionality introduced. * Database functionality extended with bad ips. * New tags (usable in actions): - `<bancount>` - ban count of this offender if known as bad (started by 1 for unknown) - `<bantime>` - current ban-time of the ticket (prolongation can be retarded up to 10 sec.) * Introduced new action command `actionprolong` to prolong ban-time (e. g. set new timeout if expected); * algorithm of restore current bans after restart changed: update the restored ban-time (and therefore end of ban) of the ticket with ban-time of jail (as maximum), for all tickets with ban-time greater (or persistent) * added new setup-option `--without-tests` to skip building and installing of tests files (gh-2287). * added new command `fail2ban-client get <JAIL> banip ?sep-char|--with-time?` to get the banned ip addresses (gh-1916). * purge database will be executed now (within observer). restoring currently banned ip after service restart fixed (now < timeofban + bantime), ignore old log failures (already banned) * upgrade database: update new created table `bips` with entries from table `bans` (allows restore current bans after upgrade from version <= 0.10) - removal of SuSEfirewall2-fail2ban for factory versions since SuSEfirewall2 will be removed from Factory (see sr#713247): * removed references to SuSEfirewall2 service * use references to SuSEfirewall2 only for older distributions * Removed installation recommendation of the fail2ban-SuSEfirewall2 package for all distributions as it is deprecated. - changed fail2ban unit file location (boo#1145181, gh#fail2ban/fail2ban#2474) fail2ban-0.11.2-bp151.3.3.1.noarch.rpm fail2ban-0.11.2-bp151.3.3.1.src.rpm monitoring-plugins-fail2ban-0.11.2-bp151.3.3.1.noarch.rpm openSUSE-2021-1287 moderate openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issues: Update to version 21.08.00: * lib: fwts_version.h - update to V21.08.00 * debian: update changelog * ARM64 SMCCC firmware API tests * bios: smm: fix indentation * acpi: sbbr: refactor by fwts_get_fadt_version * lib: fwts_acpi_tables: add a function to get FADT versions * acpi: fadt: remove hard-coded FADT version * acpi: fadt: clarify comments of FACS and HW-reduced mode * acpi: dmar: add a warning when PCI device is not found fwts-21.08.00-bp151.4.18.1.src.rpm fwts-21.08.00-bp151.4.18.1.x86_64.rpm fwts-21.08.00-bp151.4.18.1.aarch64.rpm openSUSE-2021-1249 moderate openSUSE Backports SLE-15-SP1 Update This update for gifsicle fixes the following issues: Update to version 1.93: * Fix security bug on certain resize operations with `--resize-method=box` * Fix problems with colormapless GIFs. Update to version 1.92 * Add `--lossy` option from Kornel Lipiński. * Remove an assertion failure possible with `--conserve-memory` + `--colors` + `--careful`. gifsicle-1.93-bp151.4.3.1.src.rpm gifsicle-1.93-bp151.4.3.1.x86_64.rpm gifsicle-1.93-bp151.4.3.1.aarch64.rpm gifsicle-1.93-bp151.4.3.1.ppc64le.rpm gifsicle-1.93-bp151.4.3.1.s390x.rpm openSUSE-2021-1250 important openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo#1190291: - CVE-2021-32766 (CWE-209): Generation of Error Message Containing Sensitive Information - CVE-2021-32800 (CWE-306): Missing Authentication for Critical Function - CVE-2021-32801 (CWE-532): Insertion of Sensitive Information into Log File - CVE-2021-32802 (CWE-829): Inclusion of Functionality from Untrusted Control Sphere Changes - Bump vue-router from 3.4.3 to 3.4.9 (server#27224) - Bump v-click-outside from 3.1.1 to 3.1.2 (server#27232) - Bump url-search-params-polyfill from 8.1.0 to 8.1.1 (server#27236) - Bump debounce from 1.2.0 to 1.2.1 (server#27646) - Bump vue and vue-template-compiler (server#27701) - Design fixes to app-settings button (server#27745) - Reset checksum when writing files to object store (server#27754) - Run s3 tests again (server#27804) - Fix in locking cache check (server#27829) - Bump dompurify from 2.2.8 to 2.2.9 (server#27836) - Make search popup usable on mobile, too (server#27858) - Cache images on browser (server#27863) - Fix dark theme on public link shares (server#27895) - Make user status usable on mobile (server#27897) - Do not escape display name in dashboard welcome text (server#27913) - Bump moment-timezone from 0.5.31 to 0.5.33 (server#27924) - Fix newfileMenu on public page (server#27941) - Fix svg icons disapearing in app navigation when text overflows (server#27955) - Bump bootstrap from 4.5.2 to 4.5.3 (server#27965) - Show registered breadcrumb detail views in breadcrumb menu (server#27970) - Fix regression in file sidebar (server#27976) - Bump exports-loader from 1.1.0 to 1.1.1 (server#27984) - Bump @nextcloud/capabilities from 1.0.2 to 1.0.4 (server#27985) - Bump @nextcloud/vue-dashboard from 1.0.0 to 1.0.1 (server#27988) - Improve notcreatable permissions hint (server#28006) - Update CRL due to revoked twofactor_nextcloud_notification.crt (server#28018) - Bump sass-loader from 10.0.2 to 10.0.5 (server#28032) - Increase footer height for longer menus (server#28045) - Mask password for Redis and RedisCluster on connection failure (server#28054) - Fix missing theming for login button (server#28065) - Fix overlapping of elements in certain views (server#28072) - Disable HEIC image preview provider for performance concerns (server#28081) - Improve provider check (server#28087) - Sanitize more functions from the encryption app (server#28091) - Hide download button for public preview of audio files (server#28096) - L10n: HTTP in capital letters (server#28107) - Fix dark theme in file exists dialog (server#28111) - Let memory limit set in tests fit the used amount (server#28125) - User management - Add icon to user groups (server#28172) - Bump marked from 1.1.1 to 1.1.2 (server#28187) - Fix variable override in file view (server#28191) - Bump regenerator-runtime from 0.13.7 to 0.13.9 (server#28207) - Bump url-loader from 4.1.0 to 4.1.1 (server#28208) - Fix Files breadcrumbs being hidden even if there is enough space (server#28224) - Dont apply jail search filter is on the root (server#28241) - Check that php was compiled with argon2 support or that the php-sodium extensions is installed (server#28289) - Fix preference name when generating notifications (activity#603) - Fix monochrome icon detection for correct dark mode invert (activity#607) - Fix "Enable notification emails" (activity#613) - Show add, del and restored files within by and self filter (activity#616) - Link from app-navigation-settings to personal settings (activity#625) - Fix pdfviewer design (files_pdfviewer#446) - Include version number in firstrunwizard (firstrunwizard#570) - Use notification main link if no parameter has a link (notifications#1040) - Bump sass-loader from 10.1.0 to 10.1.1 (text#1360) - Bump @babel/plugin-transform-runtime from 7.13.9 to 7.13.15 (text#1548) - Bump @babel/preset-env from 7.13.9 to 7.13.15 (text#1550) - Bump vue-loader from 15.9.6 to 15.9.7 (text#1592) - Unify error responses and add logging where appropriate (text#1719) - Disable header timeout on mobile (viewer#978) nextcloud-20.0.12-bp151.3.18.1.noarch.rpm nextcloud-20.0.12-bp151.3.18.1.src.rpm nextcloud-apache-20.0.12-bp151.3.18.1.noarch.rpm openSUSE-2021-1279 moderate openSUSE Backports SLE-15-SP1 Update This update for haserl fixes the following issues: Update to version 0.9.36: * Fixed: Its possible to issue a PUT request without a CONTENT-TYPE. Assume an octet-stream in that case. This is CVE-2021-29133 and boo#1187671 * Change the Prefix for variables to be the REQUEST_METHOD (PUT/DELETE/GET/POST) THIS IS A BREAKING CHANGE * Mitigations vs running haserl to get access to files not available to the user. haserl-0.9.36-bp151.4.3.1.src.rpm haserl-0.9.36-bp151.4.3.1.x86_64.rpm haserl-0.9.36-bp151.4.3.1.aarch64.rpm haserl-0.9.36-bp151.4.3.1.ppc64le.rpm haserl-0.9.36-bp151.4.3.1.s390x.rpm openSUSE-2021-1282 moderate openSUSE Backports SLE-15-SP1 Update This update for aria2 fixes the following issues: Update to version 1.36.0 * Update wslay * Fix segfault when time_t is 64bit on 32bit arch * Updates the make_bash_completion script to Python3 * Prevent corrupt downloads after app and/or system crash * Reset sessionDownloadLength and sessionUploadLength on download start aria2-1.36.0-bp151.5.6.1.src.rpm aria2-1.36.0-bp151.5.6.1.x86_64.rpm aria2-devel-1.36.0-bp151.5.6.1.x86_64.rpm aria2-lang-1.36.0-bp151.5.6.1.noarch.rpm libaria2-0-1.36.0-bp151.5.6.1.x86_64.rpm aria2-1.36.0-bp151.5.6.1.aarch64.rpm aria2-devel-1.36.0-bp151.5.6.1.aarch64.rpm libaria2-0-1.36.0-bp151.5.6.1.aarch64.rpm aria2-1.36.0-bp151.5.6.1.ppc64le.rpm aria2-devel-1.36.0-bp151.5.6.1.ppc64le.rpm libaria2-0-1.36.0-bp151.5.6.1.ppc64le.rpm aria2-1.36.0-bp151.5.6.1.s390x.rpm aria2-devel-1.36.0-bp151.5.6.1.s390x.rpm libaria2-0-1.36.0-bp151.5.6.1.s390x.rpm openSUSE-2021-1283 moderate openSUSE Backports SLE-15-SP1 Update This update for glmark2 fixes the following issues: glmark2 was updated to version 20210830: * GLStateEGL: Support EGL versions < 1.4 * Fix model loading on big endian. * Fix -Wunreachable-code-aggressive. Update to version 20210521: * glad: Update for GL 2.1 + GL_EXT_framebuffer_object * Gracefully handle missing GL features * NativeStateWayland: Improve surface configuration handling Update to version 20210224: * SceneRefract: Fix incorrect generation of mipmap * NativeStateWayland: Don't assume order of globals * GLStateEGL: Avoid creating two EGLDisplay instances * Build,Doc: Update files for 2021.02 release * Build: Remove invalid build flavors for meson * NativeStateWayland: Support quitting with ESC or Q key * NativeStateWayland: Add basic pointer support * CanvasGeneric: avoid undefined behavior constructing a std::string with NULL * libmatrix: declare Shader::Shader(Shader&&) as noexcept * libmatrix: add move constructor to class Shader for v.push_back opt * build: glmark2 does not really require libpng version 16 * SceneBump: Fix precision bug in height rendering * SceneDesktop: Draw to correct FBO in off-screen mode * SceneShadow: Draw to correct FBO in off-screen mode * SceneRefract: Draw to correct FBO in off-screen mode * SceneTerrain: Draw to correct FBO in off-screen mode * CanvasGeneric: End the frame with glFinish when validating * Build: Use the build system wayland-scanner on meson * Build: Fix drm-only and wayland-only builds on meson * loop,function,conditionals: Fix mediump overflow * terrain: Fix precision handling in noise shader * terrain: Fix precision bug in light rendering * Doc: Document that the -b flag can pass common opts * Doc: Update files for meson build system * ci: Add build github workflow * Build: Meson build system support * Build: Use python3 in waf * NativeStateWayland: Fix no response to wayland server ping event. * Check for proper initialization of native_window and MVC matrix * egl: Ensure eglReleaseThread is valid before calling it * drm: Don't prefer RGBA component widths larger than 8 Update to version 20200503: * Build: Fix Python 3 incompatibility * Build,Doc: Update files for 2020.04 release * doc: Update --data-path documentation entry * Build: Improve configure error message when no flavors are selected * Android: Add fastlane metadata for F-Droid release * Android: Add unofficial adaptive icon for the android 8+ release * Android: Add unofficial icon for the android release * Android: Remove old drawables with non standard names * Android: Add different resolution of drawable and use sdk name for it * Fix UTF-8 in copyright headers * Allow version string suffix * Port Wayland to xdg-shell window management * Allow flavours to generate their own source files * Add support for Wayland display-scale events * glad: Update to latest upstream version * glad: Add README glmark2-20210830-bp151.4.3.1.src.rpm glmark2-20210830-bp151.4.3.1.x86_64.rpm glmark2-20210830-bp151.4.3.1.aarch64.rpm glmark2-20210830-bp151.4.3.1.ppc64le.rpm glmark2-20210830-bp151.4.3.1.s390x.rpm openSUSE-2021-1289 important openSUSE Backports SLE-15-SP1 Update This update for php-composer fixes the following issues: - Require php-mbstring as requested in boo#1187416 - Version 1.10.22 * Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx / CVE-2021-29472), boo#1185376 - Version 1.10.21 * Fixed support for new GitHub OAuth token format * Fixed processes silently ignoring the CWD when it does not exist - Version 1.10.20 * Fixed exclude-from-classmap causing regex issues when having too many paths * Fixed compatibility issue with Symfony 4/5 - Version 1.10.17 * Fixed Bitbucket API authentication issue * Fixed parsing of Composer 2 lock files breaking in some rare conditions - Version 1.10.16 * Added warning to validate command for cases where packages provide/ replace a package that they also require * Fixed JSON schema validation issue with PHPStorm * Fixed symlink handling in archive command - Version 1.10.15 * Fixed path repo version guessing issue - Version 1.10.14 * Fixed version guesser to look at remote branches as well as local ones * Fixed path repositories version guessing to handle edge cases where version is different from the VCS-guessed version * Fixed COMPOSER env var causing issues when combined with the global command * Fixed a few issues dealing with PHP without openssl extension (not recommended at all but sometimes needed for testing) - Version 1.10.13 * Fixed regressions with old version validation * Fixed invalid root aliases not being reported - Version 1.10.12 * Fixed regressions with old version validation - Version 1.10.11 * Fixed more PHP 8 compatibility issues * Fixed regression in handling of CTRL-C when xdebug is loaded * Fixed status handling of broken symlinks - Version 1.10.10 * Fixed create-project not triggering events while installing the root package * Fixed PHP 8 compatibility issue * Fixed self-update to avoid automatically upgrading to the next major version once it becomes stable - Version 1.10.9 * Fixed Bitbucket redirect loop when credentials are outdated * Fixed GitLab auth prompt wording * Fixed self-update handling of files requiring admin permissions to write to on Windows (it now does a UAC prompt) * Fixed parsing issues in funding.yml files - Version 1.10.8 * Fixed compatibility issue with git being configured to show signatures by default * Fixed discarding of local changes when updating packages to include untracked files * Several minor fixes - Version 1.10.7 * Fixed PHP 8 deprecations * Fixed detection of pcntl_signal being in disabled_functions when pcntl_async_signal is allowed - Version 1.10.6 * Fixed version guessing to take composer-runtime-api and composer-plugin-api requirements into account to avoid selecting packages which require Composer 2 * Fixed package name validation to allow several dashes following each other * Fixed post-status-cmd script not firing when there were no changes to be displayed * Fixed composer-runtime-api support on Composer 1.x, the package is now present as 1.0.0 * Fixed support for composer show --name-only --self * Fixed detection of GitLab URLs when handling authentication in some cases - Version 1.10.5 * Fixed self-update on PHP <5.6, seriously please upgrade * Fixed 1.10.2 regression with PATH resolution in scripts - Version 1.10.4 * Fixed 1.10.2 regression in path symlinking with absolute path repos - Version 1.10.3 * Fixed invalid --2 flag warning in self-update when no channel is requested - Version 1.10.2 * Added --1 flag to self-update command which can be added to automated self-update runs to make sure it won't automatically jump to 2.0 once that is released * Fixed path repository symlinks being made relative when the repo url is defined as absolute paths * Fixed potential issues when using "composer ..." in scripts and composer/composer was also required in the project * Fixed 1.10.0 regression when downloading GitHub archives from non-API URLs * Fixed handling of malformed info in fund command * Fixed Symfony5 compatibility issues in a few commands - Version 1.10.1 * Fixed path repository warning on empty path when using wildcards * Fixed superfluous warnings when generating optimized autoloaders - Version 1.10.0 * Breaking: composer global exec ... now executes the process in the current working directory instead of executing it in the global directory. * Warning: Added a warning when class names are being loaded by a PSR-4 or PSR-0 rule only due to classmap optimization, but would not otherwise be autoloadable. Composer 2.0 will stop autoloading these classes so make sure you fix your autoload configs. * Added new funding key to composer.json to describe ways your package's maintenance can be funded. This reads info from GitHub's FUNDING.yml by default so better configure it there so it shows on GitHub and Composer/Packagist * Added composer fund command to show funding info of your dependencies * Added bearer auth config to authenticate using Authorization: Bearer <token> headers * Added plugin-api-version in composer.lock so third-party tools can know which Composer version was used to generate a lock file * Added support for --format=json output for show command when showing a single package * Added support for configuring suggestions using config command, e.g. composer config suggest.foo/bar some text * Added support for configuring fine-grained preferred-install using config command, e.g. composer config preferred-install.foo/* dist * Added @putenv script handler to set environment variables from composer.json for following scripts * Added lock option that can be set to false, in which case no composer.lock file will be generated * Added --add-repository flag to create-project command which will persist the repo given in --repository into the composer.json of the package being installed * Fixed issue where --no-dev autoload generation was excluding some packages which should not have been excluded * Added support for IPv6 addresses in NO_PROXY * Added package homepage display in the show command * Added debug info about HTTP authentications * Added Symfony 5 compatibility * Added --fixed flag to require command to make it use a fixed constraint instead of a ^x.y constraint when adding the requirement * Fixed exclude-from-classmap matching subsets of directories e.g. foo/ was excluding foobar/ * Fixed archive command to persist file permissions inside the zip files * Fixed init/require command to avoid suggesting packages which are already selected in the search results * Fixed create-project UX issues * Fixed filemtime for vendor/composer/* files is now only changing when the files actually change * Fixed issues detecting docker environment with an active open_basedir - Version 1.9.3 * Fixed GitHub deprecation of access_token query parameter, now using Authorization header - Version 1.9.2 * Fixed minor git driver bugs * Fixed schema validation for version field to allow dev-* versions too * Fixed external processes' output being formatted even though it should not * Fixed issue with path repositories when trying to install feature branches - Version 1.9.1 * Fixed various credential handling issues with gitlab and github * Fixed credentials being present in git remotes in Composer cache and vendor directory when not using SSH keys * Fixed composer why not listing replacers as a reason something is present * Fixed various PHP 7.4 compatibility issues * Fixed root warnings always present in Docker containers, setting COMPOSER_ALLOW_SUPERUSER is not necessary anymore * Fixed GitHub access tokens leaking into debug-verbosity output * Fixed several edge case issues detecting GitHub, Bitbucket and GitLab repository types * Fixed Composer asking if you want to use a composer.json in a parent directory when ran in non-interactive mode * Fixed classmap autoloading issue finding classes located within a few non-PHP context blocks (?>...<?php) - Version 1.9.0 * Added a --no-cache flag available on all commands to run with the cache disabled * Added PHP_BINARY as env var pointing to the PHP process when executing Composer scripts as shell scripts * Added a use-github-api config option which can set the no-api flag on all GitHub VCS repositories declared * Added a static helper you can preprend to a script to avoid process timeouts, "Composer\\Config::disableProcessTimeout" * Added Event::getOriginatingEvent to retrieve an event's original event when a script handler forwards to another one * Added support for autoloading directly from a phar file * Fixed loading order of plugins to always initialize them in order of dependencies * Fixed various network-mount related issues * Fixed --ignore-platform-reqs not ignoring conflict rules against platform packages - Version 1.8.6 * Fixed handling of backslash-escapes handling in compoesr.json when using the require command * Fixed create-project not following classmap-authoritative and apcu-autoloader config values * Fixed HHVM version warning showing up in some cases when it was not in use php-composer-1.10.22-bp151.3.3.1.noarch.rpm php-composer-1.10.22-bp151.3.3.1.src.rpm openSUSE-2021-1341 important openSUSE Backports SLE-15-SP1 Update This update for mupdf fixes the following issues: - CVE-2020-19609: Fixed heap-based buffer overflow in tiff_expand_colormap() when parsing TIFF files (boo#1190176) - CVE-2020-16600: Fixed use-after-free when a valid page was followed by a page with invalid pixmap dimensions (boo#1190175) mupdf-1.12.0-bp151.4.3.1.src.rpm mupdf-1.12.0-bp151.4.3.1.x86_64.rpm mupdf-devel-static-1.12.0-bp151.4.3.1.x86_64.rpm mupdf-1.12.0-bp151.4.3.1.aarch64.rpm mupdf-devel-static-1.12.0-bp151.4.3.1.aarch64.rpm mupdf-1.12.0-bp151.4.3.1.ppc64le.rpm mupdf-devel-static-1.12.0-bp151.4.3.1.ppc64le.rpm mupdf-1.12.0-bp151.4.3.1.s390x.rpm mupdf-devel-static-1.12.0-bp151.4.3.1.s390x.rpm openSUSE-2021-1412 low openSUSE Backports SLE-15-SP1 Update This update for fwts fixes the following issue: Update to version 21.09.00: * snapcraft: Fix incorrect core20 library path * snapcraft: fix path to fwts * lib: fwts_version.h - update to V21.09.00 * debian: update changelog * acpi: replace fwts_firmware_detect() by fw->firmware_type * lib: fwts_firmware: fix incorrect comments for fwts_firmware_detect * uefi: uefirtmisc: reduce scope of some variables * uefi: securebootcert: make some function arguments const * src/pci/smccc: reduce scope of variable ret * bios: smm: remove redundant variable n * acpi: iort: constify some function arguments * acpi: dmar: constify a pointer argument in acpi_parse_dev_scope * acpi: cstates: remove redundant null check on entry * smccc_test: fix missing ) in pr_info call * opal: clean up some coding style issues * opal: Fix a few memory leaks on asprint allocated buffers * acpi: s3power: clean up pedantic static analysis warnings * uefirtvariable: clean up pedantic static analysis warnings * opal: mem_info: clean up pedantic static analysis warnings * fwts_devicetree: clean up static analysis warning * fwts_acpi_tables: NULLify table pointers * snapcraft: update to use core20 * lib: use <poll.h> rather than <sys/poll.h> Update to version 21.08.00: * Manual: update number of tests, date and remove double spaces * debian/control: Add device-tree-compiler as dependency for armel/armhf/arm64 * fwts_firmware: Rework Devicetree firmware detection * Enable dt_sysinfo test for Power only fwts-21.09.00-bp151.4.21.1.src.rpm fwts-21.09.00-bp151.4.21.1.x86_64.rpm fwts-21.09.00-bp151.4.21.1.aarch64.rpm openSUSE-2021-1466 moderate openSUSE Backports SLE-15-SP1 Update This update for fxload to v2013_01_03 fixes the following issues: * Switch to a more updated codebase, since the previous one has been unmaintained for years and do not support newer devices. This codebase is the same as the old fxload but with some small changes made by Steven J. Magnani that add support for Cypress FX3 USB 3.0 devices. This package is needed, for example, by most of the recent astronomical cameras (e.g QHY, ZWO, etc), otherwise the OS will not be able to recognize them. fxload-2013_01_03-bp151.2.3.1.src.rpm fxload-2013_01_03-bp151.2.3.1.x86_64.rpm fxload-2013_01_03-bp151.2.3.1.aarch64.rpm fxload-2013_01_03-bp151.2.3.1.ppc64le.rpm fxload-2013_01_03-bp151.2.3.1.s390x.rpm openSUSE-2021-1472 low openSUSE Backports SLE-15-SP1 Update subtitlecomposer was updated to fix the following issues: - fixed empty lines crash (fixes boo#1192342 boo#1171768) Update to version 0.7.1 * Fixed theme/icons/look outside KDE environment * Fixed various bugs and rare crashes * Fixed Undo stack and improved text editing undo * Improved/replaced Video player(s) (performance, Wayland support, OpenGL/FFmpeg) * Improved Waveform performance * Improved LinesWidget/Model performance * Improved Wayland support * Improved open/save file dialogs to use native dialogs * Improved text charsets/encodings/end-of-line selection, detection and handling * Improved VobSub support * Improved inline editor to support text styles * Improved subtitle style rendering * Improved character/sec support and added coloring * Improvide command line - ability to open all subtitle/media files * Added Pause/Duration columns to list view * Removed invalid subpicture/x-pgs mime * Updated/added many translations - thanks to KDE community subtitlecomposer-0.7.1-bp151.4.3.1.src.rpm subtitlecomposer-0.7.1-bp151.4.3.1.x86_64.rpm subtitlecomposer-lang-0.7.1-bp151.4.3.1.noarch.rpm subtitlecomposer-0.7.1-bp151.4.3.1.ppc64le.rpm subtitlecomposer-0.7.1-bp151.4.3.1.s390x.rpm openSUSE-2021-1511 moderate openSUSE Backports SLE-15-SP1 Update This update for plib fixes the following issue: - Disable libssg and libssgaux build to fix (boo#1189887) libplib0-1.8.5+svn.2173-bp151.4.3.1.x86_64.rpm plib-1.8.5+svn.2173-bp151.4.3.1.src.rpm plib-devel-1.8.5+svn.2173-bp151.4.3.1.x86_64.rpm libplib0-1.8.5+svn.2173-bp151.4.3.1.aarch64.rpm plib-devel-1.8.5+svn.2173-bp151.4.3.1.aarch64.rpm libplib0-1.8.5+svn.2173-bp151.4.3.1.ppc64le.rpm plib-devel-1.8.5+svn.2173-bp151.4.3.1.ppc64le.rpm libplib0-1.8.5+svn.2173-bp151.4.3.1.s390x.rpm plib-devel-1.8.5+svn.2173-bp151.4.3.1.s390x.rpm openSUSE-2021-1602 important openSUSE Backports SLE-15-SP1 Update This update for nextcloud fixes the following issues: Update to 20.0.14 Security issues fixed: * CVE-2021-41179: Fix boo#1192028 - (CWE-304): Two-Factor Authentication not enforced for pages marked as public * CVE-2021-41178: Fix boo#1192030 - (CWE-434): File Traversal affecting SVG files on Nextcloud Server * CVE-2021-41177: Fix boo#1192031 - (CWE-799): Rate-limits not working on instances without configured memory cache backend Changes: - Add command to repair broken filesystem trees (server#26630) - Ensure that user and group IDs in LDAP's tables are also max 64chars (server#28971) - Change output format of Psalm to Github (server#29048) - File-upload: Correctly handle error responses for HTTP2 (server#29069) - Allow "TwoFactor Nextcloud Notifications" to pull the state of the 2F… (server#29072) - Add a few sensitive config keys (server#29085) - Fix path of file_get_contents (server#29095) - Update the certificate bundle (server#29098) - Keep pw based auth tokens valid when pw-less login happens (server#29131) - Properly handle folder deletion on external s3 storage (server#29158) - Tokens without password should not trigger changed password invalidation (server#29166) - Don't further setup disabled users when logging in with apache (server#29167) - Add 'supported'-label to all supported apps (server#29181) - 21] generate a better optimized query for path prefix search filters (server#29192) - Keep group restrictions when reenabling apps after an update (server#29198) - Add proper message to created share not found (server#29205) - Add documentation for files_no_background_scan (server#29219) - Don't setup the filesystem to check for a favicon we don't use anyway (server#29223) - Fix background scan doc in config (server#29253) - Get `filesize()` if `file_exists()` (server#29290) - Fix unable to login errors due to file system not being initialized (server#29291) - Update 3rdparty ref (server#29297) - Bump icewind/streams from 0.7.3 to 0.7.5 in files_external (server#29298) - Fix app upgrade (server#29303) - Avoid PHP errors when the LDAP attribute is not found (server#29314) - Fix security issues when copying groupfolder with advanced ACL (server#29366) - Scheduling plugin not updating responding attendee status (server#29387) - Make calendar schedule options translatable (server#29388) - Add whitelist for apps inside of the server repo (server#29396) - Handle files with `is_file` instead of `file_exists` (server#29417) - Fixes an undefined index when getAccessList returns an empty array (server#29421) - Extra fixes needed for icewind/streams update to 0.7.2 (server#29426) - Backport #29260: Respect user enumeration settings in user status lists (server#29429) - Implement local filtering in file list (server#29441) - Detect mimetype by content only with content (server#29457) - Update CRL (server#29505) - Update update-psalm-baseline workflow (server#29548) - Bump icewind/streams from 0.7.1 to 0.7.5 (3rdparty#855) - Bump version (files_pdfviewer#512) - Fix deleting notifications with numeric user ID (notifications#1090) - Add integration tests for push registration (notifications#1097) - Restore old device signature so the proxy works again (notifications#1105) - Bump vue and vue-template-compiler (photos#864) - Bump prosemirror-schema-list from 1.1.5 to 1.1.6 (text#1868) - Additional checks for workspace controller (text#1887) nextcloud-20.0.14-bp151.3.21.1.noarch.rpm nextcloud-20.0.14-bp151.3.21.1.src.rpm nextcloud-apache-20.0.14-bp151.3.21.1.noarch.rpm openSUSE-2021-1644 moderate openSUSE Backports SLE-15-SP1 Update kopete was updated to fix a possible crash on exit (kde#436513). kopete-18.12.3-bp151.3.3.1.src.rpm kopete-18.12.3-bp151.3.3.1.x86_64.rpm kopete-devel-18.12.3-bp151.3.3.1.x86_64.rpm kopete-lang-18.12.3-bp151.3.3.1.noarch.rpm openSUSE-2022-4 moderate openSUSE Backports SLE-15-SP1 Update ktorrent was updated to fix an error message on start (boo#1136292, kde#403054) ktorrent-5.1.1-bp151.3.3.1.src.rpm ktorrent-5.1.1-bp151.3.3.1.x86_64.rpm ktorrent-debuginfo-5.1.1-bp151.3.3.1.x86_64.rpm ktorrent-debugsource-5.1.1-bp151.3.3.1.x86_64.rpm ktorrent-lang-5.1.1-bp151.3.3.1.noarch.rpm ktorrent-5.1.1-bp151.3.3.1.aarch64.rpm ktorrent-debuginfo-5.1.1-bp151.3.3.1.aarch64.rpm ktorrent-debugsource-5.1.1-bp151.3.3.1.aarch64.rpm openSUSE-2021-1640 moderate openSUSE Backports SLE-15-SP1 Update c-toxcore was updated fo fix a securiy issue: - CVE-2021-44847: Fixed a buffer overflow in handle_request in DHT.c which could lead to remote DoS and potential code execution (boo#1193667) c-toxcore-0.2.13-bp151.3.3.1.src.rpm c-toxcore-0.2.13-bp151.3.3.1.x86_64.rpm c-toxcore-daemon-0.2.13-bp151.3.3.1.x86_64.rpm c-toxcore-devel-0.2.13-bp151.3.3.1.x86_64.rpm libtoxcore2-0.2.13-bp151.3.3.1.x86_64.rpm c-toxcore-0.2.13-bp151.3.3.1.aarch64.rpm c-toxcore-daemon-0.2.13-bp151.3.3.1.aarch64.rpm c-toxcore-devel-0.2.13-bp151.3.3.1.aarch64.rpm libtoxcore2-0.2.13-bp151.3.3.1.aarch64.rpm c-toxcore-0.2.13-bp151.3.3.1.ppc64le.rpm c-toxcore-daemon-0.2.13-bp151.3.3.1.ppc64le.rpm c-toxcore-devel-0.2.13-bp151.3.3.1.ppc64le.rpm libtoxcore2-0.2.13-bp151.3.3.1.ppc64le.rpm c-toxcore-0.2.13-bp151.3.3.1.s390x.rpm c-toxcore-daemon-0.2.13-bp151.3.3.1.s390x.rpm c-toxcore-devel-0.2.13-bp151.3.3.1.s390x.rpm libtoxcore2-0.2.13-bp151.3.3.1.s390x.rpm openSUSE-2022-23 moderate openSUSE Backports SLE-15-SP1 Update fwts was updated to fix: Update to version 21.12.00: * lib: fwts_version.h - update to V21.12.00 * dmicheck: skip scanning smbios in /dev/mem on aarch64 * s3: increase s2idle_residency to u64 to avoid overflows * s3: fix incorrect error messages for s2idle_residency * acpi: uniqueid: clean up pedantic static analysis warnings * s4: clean up pedantic static analysis warnings Update to version 21.11.00: * lib: fwts_version.h - update to V21.11.00 * fwts-test: sync up the adding sleep type for s2idle testing * s3: add sleep type setting for testing with s3 or s2idle * acpi: madt: De-initialise ACPICA core engine in case of error. * lib: fwts_smbios: fix loading SMBIOS table from uefi * acpi: uniqueid: skip comparison of _HID and _CID of the same device * ACPICA: Update to version 20210930 fwts-21.12.00-bp151.4.24.1.src.rpm fwts-21.12.00-bp151.4.24.1.x86_64.rpm fwts-21.12.00-bp151.4.24.1.aarch64.rpm openSUSE-2022-32 low openSUSE Backports SLE-15-SP1 Update phpMyAdmin was updated to fix: * CVE-2022-23807: Fixed Two factor authentication bypass (boo#1195017, PMASA-2022-1, CWE-661) * Add a new configuration directive $cfg['URLQueryEncryption'] to allow encrypting sensitive information in the URL to prevent disclosure. Thanks to Rich Grimes for suggesting this improvement * Add a new configuration directive $cfg['Servers'][$i]['hide_connection_errors'] to allow hiding the full error message when a log on attempt fails, which can leak hostnames or IP addresses of the target database server. phpMyAdmin-4.9.8-bp151.3.27.1.noarch.rpm phpMyAdmin-4.9.8-bp151.3.27.1.src.rpm openSUSE-2022-39 moderate openSUSE Backports SLE-15-SP1 Update fwts was updated to version 22.01.00: * fwts-test: sync up the adding option for get next high monotonic count * uefirtmisc: add option to specify iterations get next high monitonic count * uefirtmisc: add checking the resources for testing * lib: fwts_version.h - update to V22.01.00 * debian: update changelog * fwts_acpica: skip unneccessary null check * s3: use system suspend default if --s3-sleep-type is not used * tpmevlogdump: add supporting several new types for event log dumping * auto-packager: mkpackage.sh: remove hirsute * tpmevlog: add supporting several new types for event log checking * lib: fwts_tpm.h: add new type definition fwts-22.01.00-bp151.4.27.1.src.rpm fwts-22.01.00-bp151.4.27.1.x86_64.rpm fwts-22.01.00-bp151.4.27.1.aarch64.rpm