Packages changed: coreutils geany (1.30.1 -> 1.31) git (2.14.0 -> 2.14.1) gutenprint (5.2.11 -> 5.2.12) ilmbase krb5 libexif libfabric (1.4.2 -> 1.5.0) m17n-lib obs-service-source_validator (0.6+git20170719.d4384e5 -> 0.6+git20170811.369eb25) pam-config (0.91 -> 0.92) perl-HTTP-Cookies (6.03 -> 6.04) wine (2.14 -> 2.15) ypbind === Details === ==== coreutils ==== - Drop coreutils-ocfs2_reflinks.patch OCFS2 file system has supported file clone ioctls like btrfs, then, coreutils doesn't need this patch from the kernel v4.10-rc1 ==== geany ==== Version update (1.30.1 -> 1.31) Subpackages: geany-lang libgeany0 - Update description. - Update to version 1.31 + Bug fixes: - Update statusbar after applying indentation detection. - Fix converting color to hex for insertion in the Color Chooser dialog. + Filetypes: - Add `parfor` to the Matlab keyword list. - C: fix line continuation handling. - Add `require_relative` to the Ruby keyword list. - Update Haxe keywords. - Fix Arduino comment toggling. - Update CMake keywords. - Update C# keywords. - Update HTML keywords. + API: Fix crash when calling plugin_set_key_group() more than once. + Updated translations. - Refresh spec-file, run spec-cleaner. ==== git ==== Version update (2.14.0 -> 2.14.1) Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - git 2.14.1 (bsc#1052481): * Security fix for CVE-2017-1000117: A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability. * A "ssh://..." URL can result in a "ssh" command line with a hostname that begins with a dash "-", which would cause the "ssh" command to instead (mis)treat it as an option. This is now prevented by forbidding such a hostname (which should not impact any real-world usage). * Similarly, when GIT_PROXY_COMMAND is configured, the command is run with host and port that are parsed out from "ssh://..." URL; a poorly written GIT_PROXY_COMMAND could be tricked into treating a string that begins with a dash "-" as an option. This is now prevented by forbidding such a hostname and port number (again, which should not impact any real-world usage). * In the same spirit, a repository name that begins with a dash "-" is also forbidden now. ==== gutenprint ==== Version update (5.2.11 -> 5.2.12) - Drop default configure options that do not need to be overriden - Drop again static libraries that are forbidden by default - Switch check to proper check phase to allow --no-check override - Pass disable-silent-rules to see all the compile options for brp parsers - Switch to full URL for sources to have autodownload/tarball verification working - Make sure the tests are forced on during configure phase - Drop initial rm in install phase as we by default have empty dir courtesy of OBS - Remove libtool archives as they are not supposed to be shipped on today packages - Have libgutenprint.a and libgutenprintui2.a in the gutenprint-devel sub-packege. - Version upgrade to 5.2.12: For major changes in this release (compared to 5.2.11) see the next entry dated "Tue Sep 20 15:09:34 CEST 2016". For details see the NEWS file. - Version upgrade to 5.2.11pre12.2 which is the second pre-release of Gutenprint 5.2.12. Major changes in this release (compared to 5.2.11): * The Ghostscript IJS driver and Foomatic data generator have been removed. CUPS is ubiquitous on Linux/UNIX systems, and the Ghostscript IJS driver and Foomatic data are not needed with CUPS. * Added support for some dye sublimation printers. * Improved support (and bugfixes) for several dye sublimation printers. * Backend now reports media status via standard CUPS marker attributes some particular dye sublimation printers. * Added support for some Epson inkjet printers. * Added support for most Datamax-O'Neil DPL printers. For details see the NEWS file. ==== ilmbase ==== Subpackages: ilmbase-devel libHalf12 libIex-2_2-12 libIexMath-2_2-12 libIlmThread-2_2-12 libImath-2_2-12 - Fix RPM groups. Diversify summaries. - Drop useless --with-pic, this is only for static libs. - simplify check section in specfile and remove hack for gcc45 - add patches from debian to allow testsuite to pass - testBox.patch allow fuzzy comparison of floats, doubles - testBoxAlgo.patch allow fuzzy match of b12 == b2 ==== krb5 ==== Subpackages: krb5-32bit krb5-client krb5-devel - Set "rdns" and "dns_canonicalize_hostname" to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028) - Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543) ==== libexif ==== Subpackages: libexif-devel libexif12 libexif12-32bit - add a libexif-devel-biarch for building with -m32 ==== libfabric ==== Version update (1.4.2 -> 1.5.0) - Update to v1.5.0 * Authorization keys Authorization keys, commonly referred to as job keys, are used to isolate processes from communicating with other processes for security purposes. * Multicast support Datagram endpoints can now support multicast communication. * (Experimental) socket-like endpoint types New FI_SOCK_STREAM and FI_SOCK_DGRAM endpoint types are introduced. These endpoint types target support of cloud and enterprise based middleware and applications. * Tagged atomic support Atomic operations can now target tagged receive buffers, in addition to RMA buffers. * (Experimental) deferred work queues Deferred work queues are enhanced triggerred operations. They target support for collective-based operations. * New mode bits: FI_RESTRICTED_COMP and FI_NOTIFY_FLAGS_ONLY These mode bits support optimized completion processing to minimize software overhead. * Multi-threaded error reporting Reading CQ and EQ errors now allow the application to provide the error buffer, eliminating the need for the application to synchronize between multiple threads when handling errors. * FI_SOURCE_ERR capability This feature allows the provider to validate and report the source address for any received messages. * FI_ADDR_STR string based addressing Applications can now request and use addresses provided using a standardized string format. This makes it easier to pass full addressing data through a command line, or handle address exchange through text files. * Communication scope capabilities: FI_LOCAL_COMM and FI_REMOTE_COMM Used to indicate if an application requires communication with peers on the same node and/or remote nodes. * New memory registration modes The FI_BASIC_MR and FI_SCALABLE_MR memory registration modes have been replaced by more refined registration mode bits. This allows applications to make better use of provider hardware capabilities when dealing with registered memory regions. * New mode bit: FI_CONTEXT2 Some providers need more than the size provided by the FI_CONTEXT mode bit setting. To accomodate such providers, an FI_CONTEXT2 mode bit was added. This mode bit doubles the amount of context space that an application allocates on behalf of the provider. * PSM provider notes * Improve the name server functionality and move to the utility code * Handle updated mr_mode definitions * Add support of 32 and 64 bit atomic values * PSM2 provider notes * Add option to adjust the locking level * Improve the name server functionality and move to the utility code * Add support for string address format * Add an environment vaiable for message inject size * Handle FI_DISCARD in tagged receive functions * Handle updated mr_mode definitions * Add support for scalable endpoint * Add support of 32 and 64 bit atomic values * Add FI_SOURCE_ERR to the supported caps * Improve the method of checking device existence * Sockets provider notes * Updated and enhanced atomic operation support. * Add support for experimental deferred work queue operations. * Fixed counter signaling when used with wait sets. * Improved support on Windows. * Cleaned up event reporting for destroyed endpoints. * Fixed several possible crash scenarios. * Fixed handling socket disconnect events which could hang the provider. * UDP provider notes * Add support for multicast data transfers * Verbs provider notes * Fix an issue where if the user requests higher values for tx, rx context sizes than default it wasn't honored. * Introduce env variables for setting default tx, rx context sizes and iov limits. * Report correct completion ordering supported by MSG endpoints. - Fix rpmbuild warnings - libfabric-devel requires libfabric1, not libfabric - Fix baselibs.conf ==== m17n-lib ==== - Fix RPM groups. - Drop ispell dependency wrt fate#323578 rh dropped the same subpkg in 2011 - Cleanup the dependencies to not pull in full x11 suite and depend only on the required libs - Build with --as-needed - Format with spec-cleaner ==== obs-service-source_validator ==== Version update (0.6+git20170719.d4384e5 -> 0.6+git20170811.369eb25) - Update to version 0.6+git20170811.369eb25: * ignore expand errors with macro scripts - Update to version 0.6+git20170809.6818366: * Ignore not referenced appimage.yml file * Don't use rpmbuild to extract sources, patches etc. from a spec (bnc#938556 CVE-2017-9274) ==== pam-config ==== Version update (0.91 -> 0.92) - Update to version 0.92 - add pam_kwallet5 support - move pam_systemd before pam_krb5 [bsc#1014995] - obsoletes gcc7-Add-break-to-a-case-label.patch ==== perl-HTTP-Cookies ==== Version update (6.03 -> 6.04) - updated to 6.04 see /usr/share/doc/packages/perl-HTTP-Cookies/Changes 6.04 2017-08-03 15:05:22Z - Fix package version numbers ==== wine ==== Version update (2.14 -> 2.15) Subpackages: wine-32bit - Update to 2.15 development snapshot - Support for AES encryption. - Improved Bezier support in Direct2D. - Chunked transfer improvements in WinInet. - Various bug fixes. - updated winetricks ==== ypbind ==== - Adjust list of to be installed docu files