Packages changed: MozillaThunderbird (68.2.0 -> 68.2.1) NetworkManager PackageKit a2ps abcde awesfx boost-base boost-extra engrampa (1.23.0 -> 1.23.1) gnome-shell (3.34.1+6 -> 3.34.1+7) ipset (7.3 -> 7.4) jack (1.9.12 -> 1.9.13) jasper kdevelop5 (5.4.3 -> 5.4.4) mhvtl ncurses open-iscsi opencv3 (3.4.6 -> 3.4.7) perl-Archive-Zip (1.64 -> 1.67) perl-Mojolicious (8.25 -> 8.26) samba (4.11.0+git.95.c88b5f2c0c6 -> 4.11.2+git.99.f93cc798f2e) soxr sshfs (3.5.2 -> 3.6.0) texlive virtualbox xfce4-screenshooter (1.9.6 -> 1.9.7) xfce4-whiskermenu-plugin (2.3.3 -> 2.3.4) xslide === Details === ==== MozillaThunderbird ==== Version update (68.2.0 -> 68.2.1) Subpackages: MozillaThunderbird-translations-common - Mozilla Thunderbird 68.2.1 * A language for the user interface can now be chosen in the advanced settings (multilingual UI) * Fixed problem with Google authentication (OAuth2) * Selected or unread messages were not shown in the correct color in the thread pane (message list) under some circumstances * When using a language pack, names of standard folders weren't localized (boo#1149126) * Address book default startup directory in preferences panel was not persisted * Chat: Extended context menu on Instant messaging status dialog (Show Accounts) - added mozilla-bmo1504834-part4.patch to fix some visual issues on big endian platforms ==== NetworkManager ==== Subpackages: NetworkManager-lang libnm0 typelib-1_0-NM-1_0 - Drop NetworkNanager-client recommends: this is no longer needed, as NM itself ships a frontend by now (nmtui). If a DE has a better way to manage NM (by means of applets or other way of integration) it is up to the DE to depend on the applets. ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Remove zypp-Switch-to-doUpgrade-solver-when-required-by-distribution.patch, rebase zypp-perform-actions-disallowed-by-update-in-upgrade-mode.patch, add PackageKit-zypp-dont-set-upgrade-mode-on-updating-specific-packages.patch: zypp: Don't set upgrade mode in update-packages (gh#hughsie/PackageKit#345). - Add PackageKit-zypp-get-updates-dup-or-up.patch: Fix get-updates in Tumbleweed(gh#hughsie/PackageKit#343). - Modify PackageKit-systemd-timers.patch: Port the cron configuration variables to the script, and add -sendwait parameter to mail in the script(bsc#1130306). - Refresh patches with quilt. - Drop PackageKit-cron-without-sleep.patch: Not needed for any current version of openSUSE. - Add PackageKit-drop-gtk2.patch: Port away from gtk2 dependency, drop gtk2-devel BuildRequires (gh#/hughsie/PackageKit#333). - Add autoconf-archive BuildRequires and run autogen.sh, needed as above patch touches buildsystem. - Add PackageKit-zypp-fix-what-provides-newest-filter.patch: zypp: Add support for newest filter in what-provides(bsc#984865, gh#hughsie/PackageKit#335). - Rename PackageKit-remove-default-thread-check.patch to PackageKit-add-mutex-lock-to-protect-backend-priv-eulas.patch, and update it with the one accepted upstream. - Add PackageKit-zypp-fix-newest-filter.patch: zypp: Emit installed package for newest filter (bsc#1125434, gh#hughsie/PackageKit#329). - Add zypp-perform-actions-disallowed-by-update-in-upgrade-mode.patch to fix switch to upgrade mode in the backend - Add PackageKit-remove-polkit-rules.patch: Remove polkit rules file (bsc#1125434). - Limit fdupes to the btrfs subvolume. - Combine %service_* calls to reduce generated boilerplate. - Redo summaries without em dashes. - Reduce %systemd_requires to %systemd_ordering; %service_* can deal with the absence of it. - Modify PackageKit-systemd-timers.patch: Fix unit field in packagekit-background.timer (boo#1126943). - Add zypp-Switch-to-doUpgrade-solver-when-required-by-distribution.patch so Tumbleweed can properly update - Add PackageKit-systemd-timers.patch: Migrate from cron to systemd timer (bsc#1115410). - Drop PackageKit-avoid-endless-loop-on-autoupdate.patch: With PackageKit-return-on-transactions-going-backwards.patch and PackageKit-remove-default-thread-check.patch, EULA promt works without any issue (bsc#1038425). - Add PackageKit-remove-default-thread-check.patch: Remove the pk_is_thread_default() check in pk_backend_is_eula_valid() so that we can call it in zypp backend without any issue (gh#hughsie/PackageKit#301, bsc#1038425). - Add PackageKit-return-on-transactions-going-backwards.patch: transaction: Return directly when its state is going backwards (gh#hughsie/PackageKit#301, bsc#1038425). - Update to version 1.1.12: + common: Handle quoted strings in /etc/os-release. + offline update: Fix translations to show up. + Backends: - zypp: Implement GetFilesLocal in zypp backend. - Various changes related to aptcc and dnf. - Changes from version 1.1.11: + New Features: - Add --autoremove option to pkcon. - Shutdown the daemon on idle by default. + Bugfixes: - De-register callbacks on PkClientHelper finalize. - Don't complain if command-not-found get uninstalled while running. - Fix critical on idle shutdown. - Fix issues with debconf helper not working. - Never assert when an interactive TTY is not available. - Schedule offline update service to run after system-update-pre.target. - Shut down services cleanly before rebooting after offline updates. + Backends: - Various changes related to aptcc, dnf and nix. - Drop PackageKit-get-files-local.patch: fixed upstream. - Add files/directories created by tmpfiles.d under /var as ghost entries to the rpm filelist. - Add PackageKit-get-files-local.patch: Implement GetFilesLocal method in zypp backend (bsc#1097581). - Add PackageKit.tmpfiles: Use tmpfile.d to make sure PackageKit doesn't package files in /var (bsc#1098042). - offline updates should be disabled in Leap too, just like SLE - Update to version 1.1.10: + Notes: This release fixes CVE-2018-1106 which is a moderate security issue (boo#1086936). + Backends: - zypp: . Implement GetDetailsLocal in zypp backend. . Improve refresh-cache function in zypp backend. - Various changes related to aptcc and dnf. - Drop PackageKit-zypp-backend-improve-refresh-cache.patch and PackageKit-zypp-backend-get-details-local.patch: Fixed upstream. - Drop NetworkManager-devel BuildRequires: Not used since version 1.1.7. - Disable offline-update when building for SLE. - Remove pkgconfig(npapi-sdk) BuildRequires:, it is no longer needed as browser plugin is not built since 1.1.0. - Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). - Update to version 1.1.9: + Fix missing PK_STATUS_ENUM_RUN_HOOK in pk-enum.c. + Fix Qt annotation on DBus signature. + client: Fix an invalid read when cancelling races with Finish. + engine: Fix a memory leak when handling GetTransactionList. + Fix getting user session ID with D-Bus "user bus" model. + Fix g_object_ref() type cast warnings with glib 2.56. + Rename "Software Sources" to "Software Repositories". + transaction: Don't leak polkit authority. + transaction: Fix a memory leak when authorizing actions. + transaction: Log transaction completed messages on debug, not info level. + Backends: - zypp: remove memory leak from zypp backend. - Various changes related to aptcc, dnf, slack and urpmi. - Modernize spec-file by calling spec-cleaner - Add PackageKit-zypp-backend-get-details-local.patch: Implement GetDetailsLocal method in zypp backend (bsc#1008287). - Update to version 1.1.8: + Notes: The Slackware backend was renamed from "katja" to "slack". + Libraries: - Add getters for PkEulaRequired. - Add new pk_results_set_role() API. + New Features: Save transaction role to the offline update results file. + Bugfixes: - Various fixes to docs. - Bring introspection and vapigen m4 macros into the source. - command-not-found: Be more explicit when ignoring path components. - service: Use ConditionPathExists=!/run/ostree-booted. + Backends: - zypp: Return error if invalid package IDs are detected. - Various changes related to aptcc and slack. - Drop PK-zypp-return-error-invalid-package-ids.patch: fixed upstream. - Drop autoconf-archive and automake BuildRequires and no longer call autoreconf: no patch changes the build system. - Replace --enable/disable-systemd-updates configure parameter with - -enable/disable-offline-update: the relevant systemd-updates parameters have not been valid since PackageKit 1.0.0. - Drop --with-default-backend=zypp configure parameter: this has not been udnerstood since PackageKit 1.0. PK just used the one and only backend installed in the distro. ==== a2ps ==== Subpackages: liba2ps1 - Remove obsolete Groups tag (fate#326485) ==== abcde ==== - Remove obsolete Groups tag (fate#326485) ==== awesfx ==== - Remove obsolete Groups tag (fate#326485) ==== boost-base ==== Subpackages: boost-license1_71_0 boost1_71_0-jam libboost_date_time1_71_0 libboost_filesystem1_71_0 libboost_headers1_71_0-devel libboost_iostreams1_71_0 libboost_locale1_71_0 libboost_program_options1_71_0 libboost_regex1_71_0 libboost_thread1_71_0 - Use new openmpi-macros-devel package ==== boost-extra ==== - Use new openmpi-macros-devel package ==== engrampa ==== Version update (1.23.0 -> 1.23.1) Subpackages: engrampa-lang - Fix build error complaining about conflicting types for g_ptr_array_copy by updating to 1.23.1. - Update to version 1.23.1: * Update translations * glib-utils: Remove unused function - g_ptr_array_copy * Remove some unused/deprecated functions * Various smaller fixes ==== gnome-shell ==== Version update (3.34.1+6 -> 3.34.1+7) Subpackages: gnome-shell-calendar gnome-shell-lang - Rebase patch gnome-shell-domain.patch and gnome-shell-1007468-lock-screen-SUSE-logo-missing.patch. - Update to version 3.34.1+7: * dnd: Skip drag target when its acceptDrop() throws an exception ==== ipset ==== Version update (7.3 -> 7.4) Subpackages: libipset13 - Update to release 7.4 * Wildcard support for the "hash:net,iface" type. ==== jack ==== Version update (1.9.12 -> 1.9.13) - Update to 1.9.13 * Meta-data API implementation. (and a few tools updated with support for it) * Correct GPL licence to LGPL for files needed to build libjack. * Remove FreeBoB backend (superseded by FFADO). * define JACK_LIB_EXPORT, useful for internal clients. * Mark jack_midi_reset_buffer as deprecated. * Add example systemd unit file * Signal to systemd when jackd is ready. * Set "seq" alsa midi driver to maximum resolution possible. * Fix loading internal clients from another internal client. - Delete the following patches, as they were fixed upstream: * 0001-Make-jack_control-python2-3-compatible.patch * fix-mmap-return-value-check.patch * jack-waf2.patch - Add 0001-fix-complation-on-arm.patch ==== jasper ==== - bsc#1117507 CVE-2018-19541: Properly fix heap based overread in jas_image_depalettize. Original fix caused segfaults. Update jasper-CVE-2018-19541.patch ==== kdevelop5 ==== Version update (5.4.3 -> 5.4.4) Subpackages: kdevelop5-lang kdevplatform kdevplatform-lang libkdevplatform54 - Update to 5.4.4 * Fix copyright date display in About KDevelop/KDevPlatform dialogs (kde#413390) * FindClang.cmake: also search LLVM version 9 * Clang: Workaround for empty problem ranges at start of document ==== mhvtl ==== - Change install of systemd generatos to /usr/lib/systemd/... instead of /usr/libexec/systemd/..., which does not yet exist, to fix build issue ==== ncurses ==== Subpackages: libncurses6 ncurses-devel ncurses-utils tack terminfo terminfo-base terminfo-screen - Add tack patch 1.08-20190721 * tack.c, edit.c, tack.h: gcc-8.x-warnings * init.c, edit.c: gcc 4.x warning * charset.c: update copyright * charset.c: rewrite of set_attr resulted in off-by-one loop limit * aclocal.m4: add CF_CURSES_TERM_H to get proper ifdef's for the boolnames arrays * configure.in: add CF_CURSES_TERM_H * aclocal.m4: add CF_TERMIOS_TYPES, from xterm * sysdep.c: use termios types such as tcflag_t * configure.in: use CF_TERMIOS_TYPES * tack.h: update copyright * aclocal.m4: resync with my-autoconf * package/debian/changelog, package/tack.spec, tack.h: bump * config.sub: 2019-06-30 * config.guess: 2019-06-10 - Add ncurses patch 20191026 + add a note in man/curs_add_wch.3x about Unicode terminology for the line-drawing characters (report by Nick Black). + improve comment in lib_tgoto.c regarding the use of \200 where a \0 would be intended by the caller (report by "64 bit", cf: 20000923). + modify linux-16color to accommodate Linux console driver change in early 2018 (report by Dino Petrucci). - Correct offsets of hunks of patch ncurses-6.1.dif for misc/terminfo.src ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Fix issue where CHAP was not working after latest update (bsc#1155510), updating: * open-iscsi-SUSE-latest.diff.bz2 ==== opencv3 ==== Version update (3.4.6 -> 3.4.7) - Update to 3.4.7 Maintenance release, no changelog provided * Security fixes: CVE-2019-14491 (boo#1144352), CVE-2019-14492 (boo#1144348). - Drop fix_processor_detection_for_32bit_on_64bit.patch: fixed upstream. - Add CVE-2019-15939.patch: add input check in HOG detector (boo#1149742 CVE-2019-15939). ==== perl-Archive-Zip ==== Version update (1.64 -> 1.67) - Update to 1.67 see /usr/share/doc/packages/perl-Archive-Zip/Changes 1.67 Sun 06 Oct 2019 - Fixed compatibility issues with zip64 format (defined-or, pack) - Fixed hard-coded version fields introduced in version 1.66 - Fixed merge glitch with tests 26 and 27 - Fixed merge glitch with bzip passthrough - Updated bzip test file to avoid zip bomb detection - updated to 1.66 see /usr/share/doc/packages/perl-Archive-Zip/Changes 1.66 Mon 16 Sep 2019 - Refactored low-level methods for reading and writing zip files in zip64 format. Added new parameters and return values to most of these. Extended constants in Archive::Zip to cover zip64 formats and lengths. - Added public APIs Archive::Zip::Archive::zip64 Archive::Zip::Archive::desiredZip64Mode Archive::Zip::Archive::versionMadeBy Archive::Zip::Archive::versionNeededToExtract Archive::Zip::Member::zip64 Archive::Zip::Member::desiredZip64Mode and constants Archive::Zip::ZIP64_AS_NEEDED Archive::Zip::ZIP64_EOCD Archive::Zip::ZIP64_HEADERS plus POD on these. - Added tests for zip64 format in t/21_zip64.t and more test zip files below t/data. Extended tests in t/02_main.t to perform all existing tests in all possible desired zip64 modes. - Extended methods Archive::Zip::Member::localExtraField Archive::Zip::Member::cdExtraField to perform format checks when called as setters and to reject any zip64 extended information extra fields passed by the user. Extended POD and tests in t/02_main.t accordingly. - Setting {'compressedSize'} after writing central directory header. - Added new optional parameter $noFormatError to method Archive::Zip::_readSignature to silence any format errros when testing for signatures. - Added error handling for potentially failed object conversion after calling method Archive::Zip::Member::_become. Factored in method Archive::Zip::Member::_becomeDirectoryIfNecessary into caller. - Changed methods Archive::Zip::Archive::contents Archive::Zip::Member::contents (and all inheriting from these) to consistently return a pair ($contents, $status) when called in list context and a scalar $contents when called in scalar context. Extended tests in t/02_main.t accordingly. - Changed method Archive::Zip::Member::extractToFileHandle to accept a file name instead of a file handle when extracting symbolic links. Changed lower-level and higher-level methods to use that feature. Cleaned up code related to the handling of symbolic links. Added creation of intermediate directories in method Archive::Zip::Member::extractToFileNamed for symbolic links as well. Reporting errors from symlink call as AZ-error. Added POD and test zip file t/data/symlink.zip and tests in t/26_symlinks.t for these changes. - Cleaned up code and added comment related to that highly dubious (?) {'wasWritten'} logic. - updated to 1.65 see /usr/share/doc/packages/perl-Archive-Zip/Changes 1.65 Sat 7 Sep 2019 - Fix for members using bzip compression [github/pmqs] - NetBSD doesn't mind empty zips [github/pmqs] - Solaris test failure, Add diag to failing test to collect data [github/pmqs] - Test for presence of Test::MockModule [github/pmqs] - Fix skip line for Windows [github/pmqs] - Skip tests that assume /tmp on Windows [github/pmqs] ==== perl-Mojolicious ==== Version update (8.25 -> 8.26) - updated to 8.26 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.26 2019-11-02 - Removed deprecated slice method from Mojo::Collection. - Moved HTML entities from Mojo::Util into a separate file. (rage311) - Changed how the state of the event loop is determined in Mojo::Reactor::EV to be more consistent with Mojo::Reactor::Poll. ==== samba ==== Version update (4.11.0+git.95.c88b5f2c0c6 -> 4.11.2+git.99.f93cc798f2e) Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit - Update to samba 4.11.2 + CVE-2019-10218: Client code can return filenames containing path separators; (bsc#1144902); (bso#14071). + CVE-2019-14833: Samba AD DC check password script does not receive the full password; (bso#12438). + CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync; (bso#14040). - Fixes from 4.11.1 + Overlinking libreplace against librt and pthread against every binary or library causes issues; (bso#14140); + kpasswd fails when built with MIT Kerberos; (bso#14155); + Fix spnego fallback from kerberos to ntlmssp in smbd server; (bso#14106); + Stale file handle error when using mkstemp on a share; (bso#14137); + non-AES schannel broken; (bso#14134); + Joining Active Directory should not use SAMR to set the password; (bso#13884); + smbclient can blunder into the SMB1 specific cli_RNetShareEnum() call on an SMB2 connection; (bso#14152); + Deleted records can be resurrected during recovery; (bso#14147); + getpwnam and getpwuid need to return data for ID_TYPE_BOTH group; (bso#14141); + winbind does not list forest trusts with additional trust attributes; (bso#14130); + fault report points to outdated documentation; (bso#14139); + pam_winbind with krb5_auth or wbinfo -K doesn't work for users of trusted domains/forests; (bso#14124); + classicupgrade results in uncaught exception - a bytes-like object is required, not 'str'; (bso#14136); + pod2man is not longer required, stop checking at build time; (bso#14131); + Exit code of ctdb nodestatus should not be influenced by deleted nodes; (bso#14129); + username/password authentication doesn't work with CUPS and smbspool; (bso#14128); + smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir(); (bso#14094); ==== soxr ==== - Disable LTO (boo#1155011) for ARM targets. ==== sshfs ==== Version update (3.5.2 -> 3.6.0) - Update to version 3.6.0 * Added "-o direct_io" option. This option disables the use of page cache in kernel. This is useful for example if the file size is not known before reading it. For example if you mount /proc dir from a remote host without the direct_io option, the read always will return zero bytes instead of actual data. * Added --verbose option. * Fixed a number of compiler warnings. * Improved performance under OS X. ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - Add patch source-fix-axohelp.patch for bsc#1155411 * CVE-2019-18604: improper use of sprintf - Add 0001-Updated-tests-after-U-C-upgrade-changed-sortinit-hashes.patch from upstream (with context modifications to apply correctly) to update biber tests after the Unicode::Collate upgrade from 1.25 to 1.27 changed sortinit hashes with (at least) perl 5.26, while using perl 5.28 seems to work fine (boo#1152776) ==== virtualbox ==== Subpackages: virtualbox-guest-tools virtualbox-guest-x11 virtualbox-kmp-default - Try to fix unresolvable kernel version in Leap 15.2. - Fix build errors in Leap 42.3 - Update "fixes_for_5.4.patch" for kernel API backport in openSUSE 15.2 ==== xfce4-screenshooter ==== Version update (1.9.6 -> 1.9.7) Subpackages: xfce4-screenshooter-lang xfce4-screenshooter-plugin - Update to version 1.9.7 * Add warning notice to imgur upload option (bxo#15347) * Fix cursor capture when near screen edge (bxo#9262) * Improve wording (bxo#15429) * Allow compilation with panel 4.15 * Restore libxfce4ui 4.12 compatibility * Translation Updates ==== xfce4-whiskermenu-plugin ==== Version update (2.3.3 -> 2.3.4) Subpackages: xfce4-whiskermenu-plugin-lang - Update to 2.3.4 * Fix building against xfce4-panel 4.15.0 * Translation updates ==== xslide ==== - Stop loading xslide automatically because of conflicts with css-mode.el; bsc#1080086.