Changed packages: ==== Mesa ==== Version update (11.0.6 -> 11.0.7) Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2 - Update to version 11.0.7 + bugfixes release for bugs found since 11.0.6 fdo#90348 - Spilling failure of b96 merged value fdo#92363 - [BSW/BDW] ogles1conform Gets test fails fdo#92438 - Segfault in pushbuf_kref when running the android emulator (qemu) on nv50 fdo#93110 - [NVE4] textureSize() and textureQueryLevels() uses a texture bound during the previous draw call fdo#93126> - wrongly claim supporting GL_EXT_texture_rg + plus fixes for r600g,llvmpipe,i955,egl,gles2 - Add Mesa-libOpenCL. ==== aaa_base ==== Version update (13.2+git20151027.ca4b24d -> 13.2+git20151202.f5670c1) Subpackages: aaa_base-extras - Replace UNICODE double dash with simple ASCII single dash (boo#954909) - Use the `+' for find's -exec option as this also respects white spaces in files names but is more like xargs. Respect status of screen sessions. ==== audit-devel ==== Subpackages: libaudit1 libaudit1-32bit libauparse0 - Do not depend on insserv nor fillup; the package provides neither sysconfig nor sysvinit files ==== autofs ==== - add patch autofs-5.1.1-leave_auth_destroy.patch (bnc#958410) do not redefined auth_destroy, the reason for this has long been fixed in libtirpc (version 0.2.1 is already fine) - autofs.service: Use KillMode=mixed so "KillSignal" (SIGTERM) is only sent to the main process and if still does not exit after "TimeoutStopSec" then "SendSIGKILL" is sent to all remaining processes of the unit's control group. This is the desired behaviour for almost all daemons that execute foreign programs. - update to version 5.1.1: * fix compile error in defaults.c * add serialization to sasl init * dont allocate dev_ctl_ops too early * fix incorrect round robin host detection * fix race accessing qdn in get_query_dn() * fix leak in cache_push_mapent() * fix config entry read buffer not checked * fix FILE pointer check in defaults_read_config() * fix memory leak in conf_amd_get_log_options() * fix signed comparison in inet_fill_net() * fix buffer size checks in get_network_proximity() * fix leak in get_network_proximity() * fix buffer size checks in merge_options() * check amd lex buffer len before copy * add return check in ldap check_map_indirect() * check host macro is set before use * check options length before use in parse_amd.c * fix some out of order evaluations in parse_amd.c * fix copy and paste error in dup_defaults_entry() * fix leak in parse_mount() * add mutex call return check in defaults.c * force disable browse mode for amd format maps * fix hosts map options check in lookup_amd_instance() * fix memory leak in create_client() * fix memory leak in get_exports() * fix memory leak in get_defaults_entry() * fix out of order clearing of options buffer * fix reset amd lexer scan buffer * ignore multiple commas in options strings * fix typo in flagdir configure option * clarify multiple mounts description * gaurd against incorrect umount return * update man page autofs(8) for systemd * dont pass sloppy option for other than nfs mounts * make service want network-online * fix fix master map type check * init qdn before use in get_query_dn() * fix typo in update_hosts_mounts() * fix hosts map update on reload * make negative cache update consistent for all lookup modules * ensure negative cache isn't updated on remount * dont add wildcard to negative cache * add a prefix to program map stdvars * add config option to force use of program map stdvars * fix incorrect check in parse_mount() * handle duplicates in multi mounts * revert special case cifs escapes * fix map option parsing for 'strictatime' * fix showmount search in auto.net * remove obsolete comment in auto.net * fix macro usage in lookup_program.c * fix gcc5 complaints * remove unused offset handling code * fix mount as you go offset selection * link daemon with pthread library (Debian patch) * manpage corrections (Debian patch) * fix manpages hyphenation (Debian patch). - ported patches: * autofs-5.1.0-dbus-udisks-monitor.patch -> autofs-5.1.1-dbus-udisks-monitor.patch * autofs-debuginfo-fix.patch -> autofs-5.1.1-debuginfo-fix.patch * autofs-5.0.9-suse-auto_master_default.patch -> autofs-5.1.1-suse-auto_master_default.patch * autofs-5.0.9-task-use-after-free.patch -> autofs-5.1.1-task-use-after-free.patch - remove patches that are now upstream: * autofs-5.1.0-dont-pass-sloppy-option-for-other-than-nfs-mounts.patch * autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch * autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch * autofs-5.1.0-gcc5-fixes.patch - add autofs-5.1.0-gcc5-fixes.patch: Fix build against gcc 5.x - prevent potential privilege escalation via interpreter load path for program-based automount maps, add the following patches: autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch (bnc#917977 CVE-2014-8169) - add autofs-5.1.0-dont-pass-sloppy-option-for-other-than-nfs-mounts.patch (bsc#911720) - Fix autofs.service so that multiple options passed through sysconfig AUTOFS_OPTIONS work correctly (bsc#909472) - Fix configuration handling now that we have /etc/autofs.conf and /etc/sysconfig/autofs. Runtime options are now configured in the former, while settings that affect the daemon start up are still handled in the latter. - Clean-up sysconfig.autofs, leave only init script options: $OPTIONS and $USE_MISC_DEVICE. - Run %fillup also when systemd is enabled. (bsc#906606) - Use udisks2, udisks development has ceased in favor of udisks2. - add autofs-debuginfo-fix.patch to fix building of debuginfo package - Do not depend on insserv if the system use systemd; it's useless - Update to version 5.1.0 + fix mistake in assignment. + add amd map format parser. + check for non existent negative entries in lookup_ghost(). + fix reset flex scan buffer on init. + fix fix negative status being reset on map read. + amd lookup update lookup ldap to handle amd keys. - inadvertantly dropped from initial series. + amd lookup update lookup hesiod to handle amd keys. - inadvertantly dropped from initial series. + fix wildcard key lookup. + fix out of order amd timestamp lookup. + fix ldap default schema config. + fix ldap default master map name config. + fix map format init in lookup_init(). + fix incorrect max key length in defaults get_hash(). + fix xfn sets incorrect lexer state. + fix old style key lookup. + fix expire when server not responding. + fix ldap_uri config update. + fix typo in conf_load_autofs_defaults(). + fix hash on confg option add and delete. + add plus to path match pattern. + fix multi entry ldap option handling. + cleanup options in amd_parse.c + allow empty value for some map options. + allow empty value in macro selectors. - Adapt autofs-5.0.9-dbus-udisks-monitor.patch to upstream changes, rename to autofs-5.1.0-dbus-udisks-monitor.patch - autofs.init: drop when systemd is enabled (bnc#863970) - update to version 5.0.9: * fixes for samples/auto.master * fix variable substitution description * fix incorrect append options description in README.v5-release - rebase, refresh and rename all patches on top of 5.0.9 - switch to .xz compressed tarball instead of bzip2 - autofs-5.0.8-upstream-patches-20140324.bz2: remove - Avoid bad timings and timeouts if a shutdown was done by a remote user via su and with autofs based home directory - autofs-5.0.8-upstream-patches-20140324.bz2: update 5.0.8 upstream patches up to 2014-03-24, fixing the following bugs: * fix fix options compare * use open(2) instead of access(2) to trigger dependent mounts * fix fix map source with type lookup (bnc#869377) - autofs-5.0.8-upstream-patches-20140224.bz2: update 5.0.8 upstream patches up to 2014-02-24, fixing the following bugs: * fix ipv6 link local address handling * fix fix ipv6 libtirpc getport * get_nfs_info() should query portmapper if port is not given * fix rpc_portmap_getport() proto not set * fix protmap not trying proto v2 * fix rpc_getport() when libtirpc is disabled * fix rpc_getrpcbport() when libtirpc is disabled * don't reset errno (former autofs-5.0.8-eaccess.patch) * extend fix for crash due to thread unsafe use of libldap (bnc#853469) * fix deadlock in init_ldap_connection (bnc#859969) * fix options compare * fix negative status being reset on map read * check for existing offset mount before mounting * fix max() declaration * fix symlink fail message in mount_bind.c * fix cache readlock not taken on lookup * pass map_source as function paramter where possible * check for bind onto self in mount_bind.c * fix symlink expire * dont clobber mapent for negative cache * fix macro_addvar() and move init to main thread * change walk_tree() to take ap * add negative cache lookup to hesiod lookup * fix external env configure * make autofs(5) consistent with auto.master(5) * fix map source with type lookup * fix lookup_nss_mount() map lookup * dont ignore null cache entries on multi mount umount * fix inconsistent error returns in handle_packet_missing_direct() * simple coverity fixes - autofs-5.0.8-eaccess.patch: removed (merged upstream) - autofs-5.0.8-dbus-udisks-monitor.patch: refresh - autofs-5.0.8-revert-fix-libtirpc-name-clash.patch: no longer needed after libtirpc was updated to 0.2.4-rc2, remove - autofs-5.0.8-upstream-patches-20131124.bz2: update 5.0.8 upstream patches up to 2013-11-24, fixing the following bugs: * fix undefined authtype_requires_creds err if ldap enabled but without sasl * fix master map type check * fix task manager not getting signaled * allow --with-systemd to take a path arg * fix WITH_LIBTIRPC function name * fix ipv6 libtirpc getport - autofs-5.0.8-dbus-udisks-monitor.patch: rebase on top of 5.0.8 - update to version 5.0.8: no code changes as all patches were already present in autofs-5.0.7-upstream-patches-20131001.bz2 - autofs-5.0.7-upstream-patches-20131001.bz2: removed - autofs-suse-build.patch: removed, no longer needed. - autofs-5.0.7-upstream-patches-20131001.bz2: update 5.0.7 upstream patches up to 2013-10-01, fixing many bugs: * fix add null check in parse_server_string() * check for protocol option * use ulimit max open files if greater than internal maximum * don't override LDFLAGS in make rules * fix a couple of compiler warnings * add after sssd dependency to unit file * dont start readmap unless ready * fix crash due to thread unsafe use of libldap (bnc#820585) * fix compile error with heimdal support enabled * fix typo forced-shutdown should be force-shutdown * fix hesiod check error and use correct $(LIBS) setting * fix dead LDAP symbolic link when LDAP support is disabled * add missing libtirpc lib to mount_nfs.so when TIRPC enabled * use compiler determined by configure instead of hard-coded ones * remove hard-coded STRIP variable * use LIBS for link libraries * unbundle NOTSTRIP from DEBUG so they dont depend on each other * fix occasional build error when enable parallel compiling * fix compilation of lookup_ldap.c without sasl * fix dumpmaps multi output * try and cleanup after dumpmaps * teach dumpmaps to output simple key value pairs * fix syncronize handle_mounts() shutdown * fix fix wildcard multi map regression * improve timeout option description * only probe specific nfs version when requested * fix bad mkdir permission on create * setup program map env from macro table * add short host name standard marco variable * allow use of hosts map in maps * fix get_nfs_info() probe * fix portmap lookup * add std vars to program map invocation * samples/auto.smb: add logic to obtain credentials - autofs-5.0.7-upstream-patches-20130619.bz2: update 5.0.7 upstream patches up to 2013-06-19, fixing some bugs: * make dump maps check for duplicate indirect mounts * document allowed map sources in auto.master * add enable sloppy mount option to configure * fix interface address null check * don't probe rdma mounts * fix master map mount options matching * fix master map bogus keywork match * fix fix map entry duplicate offset detection * probe each nfs version in turn for singleton mounts * fix probe each nfs version in turn for singleton mounts * misc man page fixes - Explicitly specify cyrus-sasl-devel and openssl-devel which were implicit before - autofs-5.0.7-upstream-patches-20130428.bz2: update 5.0.7 upstream patches up to 2013-04-28, fixing some bugs: * fix some automount(8) typos * syncronize handle_mounts() shutdown * fix submount tree not all expiring (bnc#801808) - remove patches that are now upstream: * autofs-5.0.7-fix-submount-tree-not-all-expiring.patch - autofs-5.0.7-fix-submount-tree-not-all-expiring.patch: expire multiple levels of recursive mounts correctly (bnc#801808) - autofs-5.0.7-upstream-patches-20130311.bz2: update 5.0.7 upstream patches to 20130311, fixing some bugs: * dont fail on master map self include (bnc#799873) * fix wildcard multi map regression * fix file descriptor leak when reloading the daemon (bnc#772698) * deprecate nosymlink pseudo option * add symlink pseudo option * document browse option in man page - autofs-5.0.6-invalid-ghost-dirs.patch: delete. the problem's root cause was fixed in the kernel - rpm spec: enable sssd support if available - autofs-5.0.7-upstream-patches-20130121.bz2: update 5.0.7 upstream patches to 20130121, fixing some bugs: * fix nobind man page description * fix submount offset delete * fix init script status return * fix use get_proximity() without libtirpc * don't use dirent d_type to filter out files in scandir() * don't schedule new alarms after readmap * use numeric protocol ids instead of protoent structs * lib/defaults.c: use WITH_LDAP conditional around LDAP types * make yellow pages support optional * modules/replicated.c: use sin6_addr.s6_addr32 * workaround missing GNU versionsort extension - remove patches that are now upstream: * autofs-5.0.7-fix-scandir-filter.patch * autofs-5.0.7-use-protocol-id-instead-of-protoent.patch * autofs-5.0.7-dont-reschedule-alarm-after-signals.patch - fix build on older versions of the distribution, do not install org.freedesktop.AutoMount.conf - autofs-5.0.7-fix-scandir-filter.patch: fix lookup_dir when the included directory is on an XFS file system (bnc#798158) - autofs-5.0.7-upstream-patches-20121120.bz2: update 5.0.7 upstream patches to 20121120, fixing some bugs: * fix map entry duplicate offset detection * allow nsswitch.conf to not contain "automount:" lines - revert systemd initialization type from "simple" to "forking" and drop the patch that partially implemented "new style systemd" daemon (bnc#798162) - autofs-5.0.7-new-style-systemd-daemon.patch: delete - UDisks dbus module support: use private connection, do not refer to a reply if already handled, install dbus AutoMount.conf in direct way - autofs-5.0.7-use-protocol-id-instead-of-protoent.patch: use protocol id directly instead of calling the non-reentrant function getprotobyname() (bnc#787410) - autofs-5.0.7-dont-reschedule-alarm-after-signals.patch: don't schedule new alarms after handling SIGHUP and SIGUSR1 (bnc#783651) - autofs-5.0.7-new-style-systemd-daemon.patch: add new command line parameter --systemd, which instructs automount to skip daemonization completely, leaving the task to systemd - autofs.service: use new --systemd option when starting up - autofs.service: use service type simple with no forking - autofs-5.0.7-upstream-patches-20121018.bz2: update 5.0.7 upstream patches to 20121018, fixing some bugs: * fix recursive mount deadlock * increase file map read buffer size * handle new location of systemd - remove patches that are now upstream: * autofs-5.0.7-handle-new-location-of-systemd.patch - rpm spec: don't try to build with udisks support on old versions of the distribution - autofs-5.0.7-upstream-patches-20121016.bz2: update 5.0.7 upstream patches to 20121016, fixing some bugs: * add timeout option description to man page * fix null map entry order handling * make description of default MOUNT_WAIT setting clear * configure.in: allow cross compilation * README: update mailing list subscription info - autofs-systemd-path.patch: handle new location of systemd - Make it possible to use tmpfs based parents for autofs mount points - autofs-5.0.7-upstream-patches-20120911.bz2: update 5.0.7 upstream patches to 20120911, fixing some bugs: * fix nobind sun escaped map entries * fix use cache entry after free in lookup_prune_one_cache() * fix ipv6 proximity calculation * fix parse buffer initialization * fix typo in automount(8) - remove patches that are now upstream: * autofs-5.0.7-fix-parse-buffer-initialization.patch * autofs-5.0.7-fix-use-devid-after-free.patch - autofs-5.0.7-fix-use-devid-after-free.patch: fix use cache entry after free in lookup_prune_one_cache() (bnc#774241) - autofs-5.0.7-fix-parse-buffer-initialization.patch: fix parse buffer initialization to avoid corruption in the map file name string (bnc#777709) - Udisk: Check for unknown key word `eavesdrop' for dbus matching rules and if not supported retry without - Udisk: Do not crash if map file is not found - First initial udisks support, that is listen over dbus the udisks daemon and the events for USB and optical devices. Also ask at startup the udisks daemon for all devices and its properties as well as manage the removals and plugins of devices. TODO: + With parsing the map configuration file apply the rules to the map entry, like special options for file systems types and/or devices. Also make keys unique, that is compare with existing keys and add an counter or similar. + Also with parsing the map configuration file apply the rules to the key of map entry, like using more than one dict entry for the key. + Security management: who is allowed to access the devices? + How to trigger sync and unmount before any timeout? + What is about UTF-8 and Latin to UTF-8? - adjust the NetworkManager dispatcher script to check if the AutoFS service is enabled in SysV or systemd (bnc#773440) - update to version 5.0.7: * check negative cache much earlier * dont use pthread_rwlock_tryrdlock() * mount_nfs.so to honor explicit NFSv4 requests * mount_nfs.so fix port=0 option behavior v3 * documentation fix some typos and misleading comments - add reload action to systemd service file (bnc#772487) - update 5.0.6 upstream patches to 20120716, fixing some bugs: * fix systemd argument passing * fix get_nfs_info() can incorrectly fail * fix offset directory removal - update 5.0.6 upstream patches to 20120629, fixing some bugs: * check if /etc/mtab is a link to /proc/self/mounts * fix nfs4 contacts portmap * fix sss map age not updated * fix remount deadlock (bnc#733479) * fix umount recovery of busy direct mount (bnc#734924) * fix offset mount point directory removal * remove move mount code and configure option * fix remount of multi mount * fix device ioctl alloc path check * refactor hosts lookup module * remove cache update from parse_mount() * add function to delete offset cache entry * allow update of multi mount offset entries * add hup signal handling to hosts map - remove patches that are now upstream: * autofs-5.0.6-fix-remount-deadlock.patch * autofs-5.0.6-fix-umount-recovery-of-busy-direct-mount.patch - fix umount recovery of busy direct mounts (bnc#734924) - fix remount deadlock that can happen on a restart when there are nested direct mounts busy (bnc#733479) - revert "fix libtirpc name clash": auth_put() is not yet available in our version of tirpc - update 5.0.6 upstream patches to 20120525, fixing some bugs: * fix sss wildcard match * fix dlopen() error handling in sss module * fix configure string length tests * report "map not read" when debug logging * duplicate parent options for included maps (bnc#753693) * update ->timeout() function to not return timeout * move timeout to map_source * fix kernel verion check of version components * dont retry ldap connect if not required * fix initialization in rpc create_client() * fix libtirpc name clash - remove patches that are now upstream: * autofs-5.0.6-duplicate-parent-options-for-included-maps.patch - duplicate parent options for included maps (bnc#753693) - update 5.0.6 upstream patches to 20120402, fixing some bugs: * use strtok_r() in linux_version_code() * improve UDP RPC timeout handling * allow MOUNT_WAIT to override probe * fix rework error return handling in rpc code * fix typo in libtirpc file name * fix function to check mount.nfs version * fix segmentation fault in get_query_dn() (bnc#752044) - remove patches that are now upstream: * autofs-5.0.6-fix-libtirpc-name-typo.patch - update 5.0.6 upstream patches to 20120228, fixing some bugs and implementing new features (bnc#749098): * fix improve mount location error reporting * fix fix wait for master source mutex * add sss lookup module * teach automount about sss source * fix init script usage message * ignore duplicate exports in auto.net * add kernel version check function * add function to check mount.nfs version * reinstate singleton mount probe * rework error return handling in rpc code * catch EHOSTUNREACH and bail out early * systemd support fixes * check scandir() return value (bnc#748588) * allow for kernel packet size change (in kernel 3.3.0+) * fix function to check mount.nfs version - get-upstream-patches: make it work again after kernel.org FTP server reorganization - fix segfault caused by an use after free in st_queue_handler() (bnc#727392) - comment out /etc/auto.master.d from the shipped auto.master file - configure with --disable-mount-move only when systemd is enabled - rpm spec: simplify some commands in the install section and use more rpm macros (from Cristian Rodriguez) - enable systemd support by default on openSUSE 12.2 (bnc#741879): * enable disable-mount-move and with-systemd configure options * install systemd service file - disable "--as-needed" to make sure automount will be linked against libtirpc (bnc#742846) - fix typo in libtirpc file name - rpm spec: use the %configure macro - update 5.0.6 upstream patches to 20111210, fixing some bugs and implementing new features (bnc#741878): * add systemd unit support (not enabled yet) * add disable move mount configure option * implement 'dir' map type * improve mount location error reporting * fix rpc build error * fix ipv6 configure check * fix ipv6 rpc calls * fix ipv6 name lookup check * fix map source check in file lookup * fix submount shutdown race * fix wait for master source mutex * fix not bind mounting local filesystem * fix LDAP result leaks on error paths * fix result null check in read_one_map() * fix dumpmaps not reading maps * fix paged query more results check - add autoconf as buildrequire to avoid implicit dependency - fix initialization of LDAP results (bnc#730245) - init script: remove SUSE-specific actions that systemd doesn't support (force-expire and force-stop) (bnc#725199) - rpm spec: remove redundant tags/sections - rpm spec: use %_smp_mflags for parallel build - fix LDAP result leaks on error paths - fix result null check in read_one_map() (bnc#707715) - fix paged query more results check - update 5.0.6 upstream patches to 20110703, removing one patch that is now upstream: * autofs-5.0.6-fix-ipv6-name-for-lookup-fix.patch - fix an error in the recent ipv6 name for lookup patch - update to version 5.0.6 (bnc#702791): * add nobind option * add base64 password encode * fix ipv6 name for lookup * fix libtirpc ipv6 check * dont bind nfs mount if nobind is set - remove patches that are now upstream: * autofs-5.0.5-fix-null-cache-deadlock.patch - rpm spec: install the rcautofs(8) man page as a symbolic link to autofs(8) - rpm spec: restart the automount daemon after updates - init script: update Free Software Foundation address - fix null cache deadlock (bnc#696596) - update 5.0.5 upstream patches to 20110613 (bnc#699767): * remove master_mutex_unlock() leftover * fix sanity checks for brackets in server name * fix lsb service name in init script * fix map source check in file lookup * fix simple bind without SASL support * fix sasl bind host name selection - build against libtirpc since glibc's rpc code is deprecated - modify the NetworkManager dispatcher script to prevent it from restarting AutoFS when the network goes down (bnc#693402) - init script: remove references to the obsolete autofs.ko (v3) kernel module (bnc#696708) - init script: don't wait one second if the misc device is already available (bnc#696708) - documentation: add the following (commented out) options to the default sysconfig file (bnc#695487, bnc#691617): * DEFAULT_NEGATIVE_TIMEOUT * DEFAULT_MOUNT_WAIT and DEFAULT_UMOUNT_WAIT * MOUNT_NFS_DEFAULT_PROTOCOL * LDAP_URI, LDAP_TIMEOUT, LDAP_NETWORK_TIMEOUT and SEARCH_BASE - update 5.0.5 upstream patches to 20110427 (bnc#692104): * fix paged ldap map read * fix next task list update * fix stale map read * fix null cache clean * automount(8) man page correction * fix out of order locking in readmap * include ip address in debug logging * mount using address for DNS round robin host names * reset negative status on cache prune - remove patches that are now upstream: * autofs-5.0.5-fix-next-task-list-update.patch * autofs-5.0.5-fix-stale-map-read.patch * autofs-5.0.5-fix-out-of-order-locking-in-readmap.patch - init script: use misc device (/dev/autofs) by default, unless it is explicitly disabled in sysconfig (bnc#684997) - fix out of order locking in readmap (bnc#667967) - add upstream fixes for the "non-expiring mounts" problem and put the "fix direct map not updating on reread" patch back in (bnc#677143) - ship init script as a source file and not as a patch against the upstream sample - update 5.0.5 upstream patches to 20110318, fixing one bug: * replace GPLv3 code (bnc#682268) - revert "fix direct map not updating on reread" due to expiration problems (bnc#677143) - update 5.0.5 upstream patches to 20110302 (bnc#676690): * use weight only for server selection * fix isspace() wild card substitution * auto adjust ldap page size * fix prune cache valid check * fix mountd vers retry * fix expire race - init script: remove "gssd" from Should-Start/Stop lists, there is no service with this name (bnc#626516) - when ghosting is enabled, don't create mount points for cached entries that don't have a valid mapent (bnc#658734) - update 5.0.5 upstream patches to 20101021 (bnc#650177): * remove ERR_remove_state() openssl call * always read file maps mount lookup map read fix * fix direct map not updating on reread * fix add simple bind auth * fix submount shutdown wait * add external bind method * add dump maps option - add MAP_HASH_TABLE_SIZE option to sysconfig - update 5.0.5 upstream patches to 20100810 (bnc#630736): * remove extra read master map call * fix "fix cache_init() on source re-read" * fix error handing in do_mount_indirect() * expire thread use pending mutex * link against krb5 library by default * make "verbose" mode a little less verbose (bnc#630719) - merge patches autofs-5.0.2-use_local_cflags.patch and autofs-5.0.5-as_needed.patch into autofs-suse-build.patch - remove autofs-5.0.4-link_kerberos.patch (now upstream) - update 5.0.5 upstream patches to 20100524 (bnc#608284): * add support to LDAP simple bind authentication * fix master map source server unavailable handling * add autofs_ldap_auth.conf man page * fix random selection for host on different network * don't hold lock for simple mounts * fix remount locking * fix wildcard map entry match (bnc#585201) * fix parse_sun() module init * don't check null cache on expire * fix null cache race * fix cache_init() on source re-read * mapent becomes negative during lookup * check each dc server * fix negative cache included map lookup * remove state machine timed wait - init script: improve stop routine to avoid problems on restart (bnc#604497) - update 5.0.5 upstream patches to 20100326: * fix reconnect get base dn * add missing sasl mutex callbacks * fix get query dn failure * fix ampersand escape in auto.smb * add locality as valid ldap master map attribute * add locality as valid ldap master map attribute fix - add "network-remotefs" to Should-Start: and Should-Stop: in the init script (bnc#522224) - remove configure to make sure it will be recreated by autoconf. fixes a build problem that sometimes prevented lookup_ldap.so to be linked against krb5 (bnc#572934, bnc#578655) - update 5.0.5 upstream patches to 20100201: * check for path mount location in generic module * don't fail mount on access fail * fix rpc fail on large export list * fix memory leak on reload * don't connect at ldap lookup module init * fix random selection option * fix disable timeout * fix strdup() return value check - include README file about active restart feature (bnc#565151) - fix build on releases that do not support ext4 - add new sysconfig parameter USE_MISC_DEVICE and enable it by default (bnc#565151) - update initscript bringing it closer to what we have upstream: * remove the deprecated force-stop logic and handle it like a regular stop * remove force-reload from usage and handle it like a regular reload - update to version 5.0.5. lots of bug fixes including: * fix nested submount expire deadlock * fix negative caching for non-existent map keys * make hash table scale to thousands of entries * fix uri list locking (again) * add nfs mount protocol default configuration option * fix bad token declaration in master map parser * fix double free in expire_proc() * fix file map lookup when reading included or nsswitch sources * fix memory leak reading master map * fix st_remove_tasks() locking * dont umount existing direct mount on master re-read * fix incorrect shutdown introduced by library relaod fixes * fix not releasing resources when using submounts * fix double free in sasl_bind() * fix map type info parse error * fix an RPC fd leak * fix pthread push order in expire_proc_direct() * fix libxml2 non-thread-safe calls * fix direct map cache locking * fix dont umount existing direct mount on reread. - update 5.0.5 upstream patches to 20091124: * add mount wait parameter * don't use master_lex_destroy() to clear parse buffer * fix backwards #ifndef INET6 * fix ext4 fsck at mount * fix included map read fail handling * fix libxml2 workaround configure * fix pidof init script usage * fix stale initialization for file map instance * fix timeout in connect_nb() * make documentation for set-log-priority clearer * refactor ldap sasl bind * special case cifs escapes. - fixed build with --as-needed - Add nfsserver to should start/stop in rc script (bnc#467906) - make sure that submounts are not busy anymore (bnc#467906) ==== autogen ==== Version update (5.18.6 -> 5.18.7) - Update to 5.18.7 * {AG,CL,GD}exe environment variables may be set to force bootstrapping with a particular release. * MAN_PAGE_DATE can be used with various man page docs to override the current date default. * project may now be bootstrapped and built in the source directory with no ill effect. * AutoGen as a daemon will never happen. Last vestiges gone. * templates may now obtain the most recent source modification time with "(max-file-time)" ==== dolphin ==== Subpackages: dolphin-part libdolphinvcs5 - Move the installed appdata file to the correct naming to fix bnc#957041 ==== enblend-enfuse ==== Version update (4.1.3 -> 4.1.4) - Update to version 4.1.4 * The introduction of additional blend color spaces in the Development Branch requires a new option to select them. Here, in the Stable Branch, the new option ` * * blend * colorspace' just duplicates the functionality of ` * * ciecam' and ` * * no * ciecam'. The Stable Branch does *not* provide the additional blend colorspaces of the Development Branch. The following equivalences hold * * ciecam <=> * * blend * colorspace=ciecam * * no * ciecam <=> * * blend * colorspace=identity Both options ` * * ciecam' and ` * * no * ciecam' are deprecated in 4.2 and will be withdrawn in 4.3. Thus, users should prefer ` * * blend * colorspace'. * [Enblend and Enfuse] Fix the nesting * depth counter for response files. This bug prohibited to load more than 20 images in a single response file. * [Enblend and Enfuse] Allow grayscale images to bring their own (grayscale) profiles. Previously grayscale images with ICC profiles were rejected. * [Enblend] Fix a possible domain error followed by a division * by * zero in the seam * line optimizer. * [Enblend and Enfuse] Avoid an undeserved warning about incompatible colorspaces if they only disagree on their meta * data (e.g. profile creation date/time). * [Enblend] Fix a bug in the Dijkstra Optimizer which could lead to undefined behavior in the placement of the (optimized) seam line. * [Enblend] Fix a non * dereferencable vector iterator which led to a segfault. * [Enblend] Avoid a division * by * zero in the Annealing Optimizer. * [Enblend] Fix a bug (#1356551) in the seam * line vectorization code that was there since 2004. The fix changes the position of almost any coarse * mask seam line vertex by one pixel. - Update use-default-gcc-inlining.diff - Add libICE-devel and pkg-config build dependencies ==== epiphany ==== Version update (3.18.1 -> 3.18.2) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.18.2: + Allow notification requests in web applications (bgo#759176). + Minor fixes to the about:applications page. + Fix a crasher (bgo#759235). + Updated translations. ==== freetype2-devel ==== Version update (2.6.1 -> 2.6.2) Subpackages: libfreetype6 libfreetype6-32bit - Update to version 2.6.2 * IMPORTANT CHANGES - The auto-hinter now supports stem darkening, to be controlled by the new `no-stem-darkening' and `darkening-parameters' properties. This is an experimental feature contributed by Nikolaus Waxweiler, and the interface might change in a future release. - By default, stem darkening is now switched off (for both the CFF engine and the auto-hinter). The main reason is that you need linear alpha blending and gamma correction to get correct rendering results, and the latter is not yet available in most freely available rendering stacks like X11. Applying stem darkening without proper gamma correction leads to far too dark rendering results. - The meaning of `FT_RENDER_MODE_LIGHT' has been slightly modified. It now essentially means `no hinting along the horizontal axis'; in particular, no change of glyph advance widths. Consequently, the auto-hinter is used for all scalable font formats except for CFF. It is planned that other font-specific rendering engines (TrueType, Type 1) will follow. * MISCELLANEOUS - The default LCD filter has been changed to be normalized and color-balanced. - For better compatibility with FontConfig, function `FT_Library_SetLcdFilter' accepts a new enumeration value `FT_LCD_FILTER_LEGACY1' (which has the same meaning as `FT_LCD_FILTER_LEGACY'). - A large number of bugs have been detected by using the libFuzzer framework, which should further improve handling of invalid fonts. Thanks again to Kostya Serebryany and Bungeman! - `TT_CONFIG_OPTION_MAX_RUNNABLE_OPCODES', a new configuration option, controls the maximum number of executed opcodes within a bytecode program. You don't want to change this except for very special situations (e.g., making a library fuzzer spend less time to handle broken fonts). - The smooth renderer has been made faster. ==== ft2demos ==== Version update (2.6.1 -> 2.6.2) - Update to version 2.6.2 * The ftstring demo program now supports sub-pixel rendering; use key l to cycle through the LCD modes. * The ftstring demo program now supports colour rendering; use the space key to cycle through various colour combinations. * The graphical demo programs now use a default gamma value of 1.8 (instead of 1.2). ==== gettext-runtime ==== Subpackages: gettext-tools - Recommend bison-lang by gettext-tools, as it is used by them. ==== insserv-compat ==== - fix directory argument parsing (bnc#944903) ==== inst-source-utils ==== Version update (2015.10.27 -> 2015.12.9) - update rezip_repo_rsyncable again: fix up filenames if they are checksum prefixed, do not change timestamps of the files recompressed (bnc#958511) - rezip_repo_rsyncable: add "-n" option for gzip ==== iso-codes ==== Version update (3.61 -> 3.63) Subpackages: iso-codes-lang - Update to version 3.63: + Updated translations for ISO 639 and ISO 639-3. - Changes from version 3.62: + Updated translations for ISO 639 and ISO 639-3. ==== krb5 ==== Version update (1.13.2 -> 1.13.3) Subpackages: krb5-32bit krb5-client krb5-devel - Udapte to 1.13.3 - removed patches for security fixes now in upstream source: 0100-Fix-build_principal-memory-bug-CVE-2015-2697.patch 0101-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch 0102-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch 0103-Fix-IAKERB-context-export-import-CVE-2015-2698.patch Major changes in 1.13.3 (2015-12-04) This is a bug fix release. The krb5-1.13 release series is in maintenance, and for new deployments, installers should prefer the krb5-1.14 release series or later. * Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that could cause server crashes. [CVE-2015-2695] [CVE-2015-2696] [CVE-2015-2698] * Fix build_principal memory bug that could cause a KDC crash. [CVE-2015-2697] * Allow an iprop slave to receive full resyncs from KDCs running krb5-1.10 or earlier. ==== libass5 ==== - Update RPM groups ==== libcap-ng-devel ==== Version update (0.7.4 -> 0.7.7) Subpackages: libcap-ng0 - Update to version 0.7.7 * Make sure all types used in _lnode are defined in proc-llist.h * Fix python binding test for old kernels * Fix leaked FD in library init - Changes from version 0.7.6 * Fix python3 support - Changes from version 0.7.5 * Make python3 supported * In python bindings test, clamp CAP_LAST_CAP with /proc/.../cap_last_cap * Update table for 3.16 kernel ==== libdmtx-devel ==== Subpackages: libdmtx0 - Update RPM group and use a source URL - Add few patches to improve funcitonality bnc#881387: * libdmtx-DmtxPropRowPadBytes.patch * libdmtx-explicit-cast.patch * libdmtx-mosaic.patch ==== libevdev-tools ==== Subpackages: libevdev2 - Update RPM groups and trivialize filelist ==== libmicrohttpd12 ==== Version update (0.9.46 -> 0.9.47) - Update to 0.9.47 * Reworked VS project files. Used x64 build tools by efault, many optimizations, fixes. dded project files for VS 2015. -EG * SPDY is dead, killing experimental libmicrospdy. -CG * New logic for controlling socket buffer modes. Eliminated delay before last packet in response and before "100 Continue" response on all platforms. Also response header are pushed to client without waiting for response body. -EG * Remove 200ms delay observable with keep-alive on Darwin and *BSD platfroms. -EG * Fix issue with shutdown if connection was resumed just before shutdown. -FC - Update dependencies ==== libqca2 ==== Version update (2.0.3 -> 2.1.1) Subpackages: libqca2-devel - update to version 2.1.1 (now part of KDE) - use system root certificates - updated to version 2.1.0 (plugins now included) - Ported to Qt5 (Qt4 also supported) - New building system. CMake instead of qmake - Added CTR symetric cipher support to qca core - Added no padding encryption algorithm to qca core - qcatool2 renamed to qcatool - fixed crash in qcatool when only options provided on command line without any commands - Use plugins installation path as hard-coded runtime plugins search path - Added new functiion pluginPaths - Added functions to get runtime QCA version - Fixed 'no watch file' warnings in FileWatch - Added EME_PKCS1v15_SSL Encryption Algorithm - New implementation of SafeTimer to prevent crashes - Updated certificates for unittests - RSA Keys are permutable, can encrypt with private and decrypt with public - Add unloadProvider() function for symmetry with insertProvider() - Overloaded "makeKey" to derive a password depending on a time factor - Remove pointer to deinit() routine from QCoreApplication at deinitialization - Fix a couple of crashes where all plugins might not be available - Fix operating on keys with unrelated expired subkeys - Fixed timers in Synchronizer class - Dropped randomunittest - Fixed many unittests - qca-gnupg: internal refactoring - qca-gnupg: try both gpg and gpg2 to find gnupg executable - qca-gnupg: fixed some encodings problem - qca-ossl: no DSA_* dl groups in FIPS specification - qca-ossl: added missed signatures to CRLContext - qca-ossl: fixed certs time zone - qca-nss: fixed KeyLenght for Cipher - qca-botan: fixed getting result size for ciphers - removed deprecated patches: - fix-qt-check.diff - r928413.diff - disable-insecure-ssl.diff - qca-2.0.3-gcc47.patch - detect_ssl2_available.diff - qca-no-ssl-internals.patch - enabled plugin-nss - spec file cleanup ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-calc-extensions libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-oxygen libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-ru libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreoffice-writer-extensions - bnc#954345 - LO-L3: Insert-->Image-->Insert as Link hangs writer * bnc-954345.diff ==== libzypp ==== Version update (15.19.3 -> 15.19.7) - Update zypp-po.tar.bz2 - Update sle-zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - createPot: Fix plural form detection (bsc#955053) - version 15.19.7 (19) - Update zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Add testcase for uncached repo-variables. - Fixed Japanese translations (bsc#949196) - version 15.19.6 (19) - Update sle-zypp-po.tar.bz2 - Update sle-zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Update sle-zypp-po.tar.bz2 - Update zypp-po.tar.bz2 - Fix broken product: <-> -release package relation (bnc#951782) - version 15.19.5 (19) - Use a uniform translation set for SLE and openSUSE (bnc#948924) - fix Plugin-services not updating repo GPGCheck settings (bnc#951402) - version 15.19.4 (19) ==== libirrecord0 ==== Subpackages: liblirc0 liblirc_client0 liblirc_driver0 lirc-devel - Ensure lirc build against libusb-1.0; replace libusb-devel with pkgconfig(libusb-1.0) ==== liblmdb-0_9_16 ==== Subpackages: lmdb-devel - Use a source URL ==== man-pages ==== Version update (4.02 -> 4.03) - update to 4.03: - newly documented interfaces in existing pages * perf_event_open.2 4.1 adds AUX sample support 4.1 data_offset and data_size fields Document aux_{head,tail,offset,size} support 4.0 update rdpmc documentation 4.1 adds PERF_RECORD_ITRACE_START Document 4.1 clockid support 4.1 PERF_EVENT_IOC_SET_BPF support 4.1 adds AUX_FLAG_OVERWRITE support 4.1 PERF_SAMPLE_BRANCH_CALL_STACK 4.1 adds aux_watermark Add possibility of EBUSY error * prctl.2 Document operations for ambient capabilities Rework PR_CAP_AMBIENT text Note that arg4 and arg5 must be zero for CAP_AMBIENT RETURN VALUE: Add PR_CAP_AMBIENT + PR_CAP_AMBIENT_IS_SET case ERRORS: document PR_CAP_AMBIENT error cases * __ppc_set_ppr_med.3 Document PPC functions providing access to PPR GNU C Library commit 1747fcda4902a3b46183d93fb16ed9b436b2608b extends the priorities that can be set to the Program Priority Register (PPR), with the functions: __ppc_set_ppr_very_low(3) and __ppc_set_ppr_med_high(3). * capabilities.7 Document ambient capabilities Various additions and reworkings for ambient capability text ==== meld ==== Version update (3.14.1 -> 3.14.2) Subpackages: meld-lang - Update to version 3.14.2: + Fix some GTK+ assertions on window close. + Fix commit error with unicode commit messages. + Add manual appdata kudos markers. + Updated translations. ==== mercurial ==== Version update (3.6.1 -> 3.6.2) Subpackages: mercurial-lang - update to 3.6.2 This is a regularly-scheduled bugfix release. + docker: match more version of 'hg docker version' + localrepo.commit: check all files for resolve state + rebase: add returning value from pullrebase function + resolve: restore .orig only after merge is fully complete + share: wrap bmstore._writerepo for transaction sensitivity + tags: create new sortdict for performance reasons ==== mtools ==== - require glibc-locale [bnc#957007] ==== libncurses5 ==== Subpackages: libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base - Add ncurses patch 20151128 + add missing assignment in lib_getch.c to make notimeout() work (Debian #805618). + add 't' toggle for notimeout() function in test/ncurses.c a/A screens + add viewdata terminal description (Alexandre Montaron). + fix a case in tic/infocmp for formatting capabilities where a backslash at the end of a string was mishandled. + fix some typos in curs_inopts.3x (Benno Schulenberg). - Add ncurses patch 20151121 + fix some inconsistencies in the pccon* entries -TD + add bold to pccon+sgr+acs and pccon-base (Tati Chevron). + add keys f12-f124 to pccon+keys (Tati Chevron). + add test/test_sgr.c program to exercise all combinations of sgr. ==== libsnmp30-32bit ==== - Request pkgconfig(libssl) instead of openssl-devel to support using LibreSSL as well. - update to upstream version 5.7.3 - remove patch that is now present in the upstream release: * net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch - rename patches to new version number 5.7.3: delete: * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.2-net-snmp-config-headercheck.patch * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-velocity-mib.patch add: * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.3-net-snmp-config-headercheck.patch * net-snmp-5.7.3-perl-tk-warning.patch * net-snmp-5.7.3-pie.patch * net-snmp-5.7.3-socket-path.patch * net-snmp-5.7.3-testing-empty-arptable.patch * net-snmp-5.7.3-velocity-mib.patch - add build requirement 'procps' to fix a net-snmp-config error (bsc#935863) - enable DTLS and TLS support (FATE#318789) new binary 'snmptls' was added - add support for hostname netgroups (FATE#316305) '@hostgroup' can be specified for multiple hosts * net-snmp-5.7.3-netgroups.patch - suppress network statistics output in snmpstatus (FATE#316289) '-Sn' don't print any info about the network '-Si' don't print the operational status of network interfaces * net-snmp-5.7.3-snmpstatus-suppress-output.patch - also stop snmptrapd on removal - update to upstream version 5.7.3.pre5 - remove patches that are now present in the upstream release: * net-snmp-5.7.2-build-fix-for-strlcat.patch * net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch * net-snmp-5.7.2-fix-perl-trap-handler.patch - net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: refresh and add patch header - added net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: fix remote denial of service problem inside snmptrapd when started with the "-OQ" option (CVE-2014-3565)(bnc#894361) - added net-snmp-5.7.2-fix-perl-trap-handler.patch: fix potential remote denial of service problem inside the snmptrapd Perl trap handler (CVE-2014-2285)(bnc#866942) - merge some old fixes from SLE 11: * init script should provide snmpd. (bnc#466805) * stop all snmp agents when stopping the daemon. (bnc#473328) - recompress .tar.gz - it has trailing garbage, hope we can readd source url on next update - update to upstream version 5.7.2.1, fixing one security issue: * A denial of service attack vector was discovered on the Linux implementation of the ICMP-MIB. (CVE-2014-2284, bnc#866942) - net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch: fix mib representation of timeout values (bnc#833153) - use _rundir macro - remove old workaround for ppc/ppc64 migrations which is no longer needed (bnc#437293) - add support for python bindings - improve snmptrapd init script (avoid to overwrite the logfile on restart) - Disable parallelism during build. The dependencies between the Perl module and libnetsnmp are not defined correctly and might result in broken linkage (bnc#819497, bnc#818907) - Add Source URL, see https://en.opensuse.org/SourceUrls - net-snmp-5.7.2-build-fix-for-strlcat.patch: fix exported strlcat() prototype that could conflict with other packages (bnc#793548) - update to version 5.7.2: several bug fixes in the agent, client utilities and libraries. The CHANGES file shipped with the package contains a comprehensive list of fixes and improvements - rebase patches to apply cleanly: * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-velocity-mib.patch * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch - remove patches that are now present in the upstream release: * net-snmp-5.7.0-recognize-reiserfs.patch * net-snmp-5.7.1-snmplib-zero-timeout.patch * net-snmp-5.7.1-old-api-double-free.patch * net-snmp-5.7.1-use-pclose-to-close-pipes.patch * net-snmp-5.7.1-fix-handling-of-large-filesystems.patch * net-snmp-5.7.1-snmplib-default-retries.patch * net-snmp-5.7.1-fsys-memory-leak.patch * net-snmp-5.7.1-adjust-copyright-in-agent-txt-file.patch * net-snmp-5.7.1-recognize-ocfs2.patch * net-snmp-5.7.1-properly-clean-up-old-requests-in-subagents.patch * net-snmp-5.7.1-reduce-code-duplication-in-agentx.patch * net-snmp-5.7.1-log-agentx-disconnections.patch * net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch * net-snmp-5.7.1-report-problems-with-setundo-processing.patch * net-snmp-5.7.1-fix-array-index-error.patch - Remove redundant sections from specfile - Avoid shipping .la files - fix array index error that could lead to a crash (CVE-2012-2141) (bnc#759352) - fix agent crash when reloading a subagent (AgentX) during a query (bnc#670789) - add OCFS2 to the list of known file systems - update copyright notice of AGENT.txt allowing us to redistribute the file in our package (from Dave Shield) (bnc#750704) - fix license to be in spdx.org format - logrotate: use "reload" instead of "try-restart" to avoid an unnecessary stop/start cycle in the agent (bnc#707636) - net-snmp-5.7.1-fsys-memory-leak.patch: fix a memory leak in agent/mibgroup/hardware/fsys (bnc#725766) - net-snmp-5.7.1-snmplib-default-retries.patch: change default number of retries back from 0 to 5 (bnc#725766) - net-snmp-5.7.1-fix-handling-of-large-filesystems.patch: fix bug in handling large (>8TB) filesystems (bnc#725766) - net-snmp-5.7.1-use-pclose-to-close-pipes.patch: use pclose() instead of fclose() to close a pipe (bnc#725766) - net-snmp-5.7.1-old-api-double-free.patch: agent: avoid double free when netsnmp_register_old_api() fails (bnc#725766) - net-snmp-5.7.1-snmplib-zero-timeout.patch: snmplib: avoid waiting indefinitely if a session has timeout zero (bnc#725766) - update to version 5.7.1: minor release including some bug fixes - enable net-snmp-devel on all baselib architectures - make sure all delegated requests are removed before closing an AgentX session (bnc#670789) - update to version 5.7.1.rc1 but keep package version as 5.7.1 to avoid update problems when the final version is released - small fixes to snmpd and snmptrapd init scripts: - if $SNMPD_LOGLEVEL is not defined, use LOG_NOTICE instead of LOG_DEBUG - improve messages printed and service description - write snmptrapd logs to /var/log/net-snmpd.log - update README.SUSE to reflect some recent changes and drop a bit of outdated information - update baselibs to reflect new library version - spec file cleanup: rename some source files for consistency - add ReiserFS to the list of known file systems (bnc#715199) - install snmptrapd init script by default (bnc#712175) - fix logging option in snmptrapd init script (bnc#712174) - update upstream patches from branch V5-7-patches to 20110714 - update to version 5.7: new features and lots of bug fixes - remove patches that are no longer needed: net-snmp-5.6.0-enable-hrh-filesys.patch net-snmp-5.6.1-recognize-jfs-and-xfs.patch net-snmp-5.6.1-rpm490.patch - refresh and rename patches to apply cleanly after update: net-snmp-5.7.0-pie.patch net-snmp-5.7.0-velocity-mib.patch - switch from rpmdb to rpmts to support rpm-4.9.0 - update upstream patches from branch V5-6-patches to 20110512 - add JFS and XFS to the list of known file systems (bnc#687327) - update upstream patches from branch V5-6-patches to 20110328 - fix libsnmp version in baselibs.conf - update to version 5.6.1: new features and lots of bug fixes - update upstream patches from branch V5-6-patches to 20110104 - remove patches that are no longer needed: net-snmp-5.6.0-ethtool-speed.patch - remove /var/adm/perl-modules/net-snmp from the Perl module - update upstream patches from branch V5-6-patches to 20101129 - spec file cleanup: upstream uses -fno-strict-aliasing by default now - remove patches that are no longer needed: net-snmp-5.5.0-rpmdb-h-detect.patch net-snmp-5.6.0-vendorperl.patch - if-mib: add support for more speeds with ethtool (bnc#650558) - update upstream patches from branch V5-6-patches to 20101101, fixing a segmentation fault on shutdown (bnc#650282) - enable new implementation of hrStorage and hrFilesys to fix persistent indexes in FS and Storage tables (bnc#648364) - update upstream patches from branch V5-6-patches to 20101021 - update to version 5.6: new features and lots of bug fixes - refresh and rename patches to apply cleanly after update: net-snmp-5.6.0-pie.patch net-snmp-5.6.0-vendorperl.patch net-snmp-5.6.0-net-snmp-config-headercheck.patch - update upstream patches from branch V5-5-patches to 20100803 - change default log level from DEBUG to NOTICE (bnc#623497) - spec file cleanup: remove old backward compatibility scripts - update upstream patches from branch V5-5-patches to 20100602: fixed potential buffer overflow in parsing OIDs in config files - update upstream patches from branch V5-5-patches to 20100531 - add net-snmp-5.5.0-rpmdb-h-detect.patch: workaround for autoconf failing to detect rpm/rpmdb.h - remove patches that are no longer needed: net-snmp-5.5.0-use-lmsensors-v3.patch - create /var/run/agentx during startup to support systems that mount /var/run as tmpfs - update libsnmp package name to reflect the library version we are currently shipping - remove patches that are obsolete: net-snmp-5.4.rc2-versinfo.diff net-snmp-5.4.2_snmpconf-selinux.patch - refresh all patches to apply as "-p1" - spec file cleanup: remove conditionals to build on unsupported versions of the distribution - update upstream patches from branch V5-5-patches to 20100428 - add net-snmp-5.5.0_upstream-20100405.patch: merge all patches committed to upstream branch V5-5-patches - remove patches that are now upstream: net-snmp-5.4.2_audit.patch net-snmp-5.5.0_autoconf.patch net-snmp-5.4.2_overflow.patch net-snmp-5.4.2.1-rpm4.7.patch net-snmp-5.5.0_gcc45.patch - Fix strncat properly (from Andreas Jaeger) - Fix code errors found by gcc 4.5 - build for libsensors4 instead of libsensors3 - remove sparcv9-specific baselib exceptions (not needed) - remove net-snmp-5.4.1.2-rmon-mib-revised_3.patch from sources (upstream since 5.5) - refresh net-snmp-5.5.0_autoconf.patch - spec file cleanup: update package description - update to version 5.5: new features and lots of bug fixes, including: - fix hrSWRunPath for processes other than init (bnc#486270) - remove patches that are now upstream: Add-Default-Router-Table-support.patch Add-ICMP-Statistics-Tables-support.patch Add-IPv6-Scope-Zone-Index.patch Add-IPv6-support-on-Internet-Address-Translation-Tab.patch Fix-for-IPv6-Interface-Table.patch Fix-for-Internet-Address-Prefix-Table.patch Fix-for-Internet-Address-Table.patch Fix-for-tcpConnnectionTable-tcpListenerTable-udpEn.patch Improve-IP-Statistics-tables.patch net-snmp-5.3.0.1_trap-agent-addr_v2.patch net-snmp-5.4.1.2-etherlike-mib-revised_4.patch net-snmp-5.4.x_embedded_perl_error_message.patch - add baselibs.conf as a source - add baselib defs for SPARC - Fix build with rpm 4.7 (net-snmp-5.4.2.1-rpm4.7.patch) - make patch0 usage consistent ==== libopenssl-devel ==== Version update (1.0.2d -> 1.0.2e) Subpackages: libopenssl1_0_0 libopenssl1_0_0-32bit openssl - update to 1.0.2e * fixes five security vulnerabilities * Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794) (bsc#957984) * BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) (bsc#957814) * Certificate verify crash with missing PSS parameter (CVE-2015-3194) (bsc#957815) * X509_ATTRIBUTE memory leak (CVE-2015-3195) (bsc#957812) * Race condition handling PSK identify hint (CVE-2015-3196) (bsc#957813) - pulled a refreshed fips patch from Fedora * openssl-1.0.2a-fips.patch was replaced by openssl-1.0.2e-fips.patch - refresh openssl-ocloexec.patch ==== libpci3 ==== Subpackages: pciutils pciutils-devel - Summary update ==== perl ==== Subpackages: perl-32bit perl-base perl-doc - prevent bad RPM provides for Math::BigInt and DB (patch file perl-5.22.0_wrong_rpm_provides.diff) ==== perl-Archive-Zip ==== Version update (1.53 -> 1.55) - updated to 1.55 see /usr/share/doc/packages/perl-Archive-Zip/Changes 1.55 Fri 04 Dec 2015 - rt.cpan.org #110064 - fix empty archive issue with OS X gnu tar 1.54 Wed 02 Dec 2015 - Ensure filehandles created by Archive::Zip::tempFile are closed [github/antoniomonty] ==== perl-Compress-Bzip2 ==== Version update (2.22 -> 2.24) - updated to 2.24 see /usr/share/doc/packages/perl-Compress-Bzip2/Changes 2.23 2015-06-08 rurban - HP-UX lddlflags fix by Merjin Brand (RT #105096) "ld: Unrecognized argument: -Wl,-E" - -Wformat fixes 2.24 2015-12-08 rurban - Silence gcc-5 optimizer warning (RT #105647) with internal BUILD_BZLIB=1 - Improve kwalitee test ==== perl-Net-DNS ==== Version update (1.02 -> 1.04) - updated to 1.04 see /usr/share/doc/packages/perl-Net-DNS/Changes - updated to 1.03 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== perl-XML-LibXML ==== Version update (2.0122 -> 2.0123) - updated to 2.0123 see /usr/share/doc/packages/perl-XML-LibXML/Changes 2.0123 2015-12-06 - Get rid of an undef-warning in XML::LibXML::Reader . - https://rt.cpan.org/Ticket/Display.html?id=106830 - Thanks to Rich for the report and testcase. - Apply patch from Debian for rewording the documentation. - https://rt.cpan.org/Ticket/Display.html?id=110116 - Some extra rewording has been done by SHLOMIF. - Thanks to Gregor Herrman and the Debian Team ==== perl-XML-Simple ==== Version update (2.20 -> 2.22) - updated to 2.22 see /usr/share/doc/packages/perl-XML-Simple/Changes 2.22 2015-12-05 11:08:20+13:00 Pacific/Auckland - POD fix in link to package XML::SAX::ParseFactory (from Mohammad S Anwar) - allow subclass to override attribute escaping (from Christopher Masto) - POD fix adding NAME section to FAQ (RT#110080 from Bart Martens & gregor herrmann of the Debian project) - POD typo fix (RT#110082 from gregor herrmann of the Debian project) - fix reference comparison operator used in checking for circular data structures (RT#89553 from Laurent Dami) - add better diagnostics from file handling code in test suite 2.21 2015-12-04 16:33:49+13:00 Pacific/Auckland - Improved diagnostics - xml_in() will now catch parse exceptions and add caller information via Carp::croak - Switch to use lexical warnings (suppress with either 'no warnings;' or 'no warnings "XML::Simple";', rather than $^W = 0) - POD fixes (from David Steinbrunner) - Regex escaping fixes for Perl 5.22+ (from Kent Fredric) - Add workaround for test failures on RHEL/CentOS 6.5 (RT#102115 from Chris Drake, workaround from Tim Bunce) - Remove some 'eval' calls from test suite which could mask root cause of test failures - Make each test script use unique filenames to allow tests to be run in parallel (RT#101362 from Karen Etheridge & Kent Fredric) - POD update: mention XML::Twig in 'STATUS' section (RT#79228 from Matt Trout) ==== perl-libwww-perl ==== Version update (6.13 -> 6.15) - updated to 6.15 see /usr/share/doc/packages/perl-libwww-perl/Changes Change history for libwww-perl ==== polkit-default-privs ==== - polkit-default-privs: Adding new systemd actions (bsc#955626) - polkit-default-privs: create files with consistent permissions ==== python-cryptography ==== Version update (1.0 -> 1.1) - update to 1.1: * Added support for Elliptic Curve Diffie-Hellman with :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDH`. * Added :class:`~cryptography.hazmat.primitives.kdf.x963kdf.X963KDF`. * Added support for parsing certificate revocation lists (CRLs) using :func:`~cryptography.x509.load_pem_x509_crl` and :func:`~cryptography.x509.load_der_x509_crl`. * Add support for AES key wrapping with :func:`~cryptography.hazmat.primitives.keywrap.aes_key_wrap` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap`. * Added a ``__hash__`` method to :class:`~cryptography.x509.Name`. * Add support for encoding and decoding elliptic curve points to a byte string form using :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers.encode_point` and :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers.from_encoded_point`. * Added :meth:`~cryptography.x509.Extensions.get_extension_for_class`. * :class:`~cryptography.x509.CertificatePolicies` are now supported in the :class:`~cryptography.x509.CertificateBuilder`. * ``countryName`` is now encoded as a ``PrintableString`` when creating subject and issuer distinguished names with the Certificate and CSR builder classes. * **SECURITY ISSUE**: The OpenSSL backend prior to 1.0.2 made extensive use of assertions to check response codes where our tests could not trigger a failure. However, when Python is run with ``-O`` these asserts are optimized away. If a user ran Python with this flag and got an invalid response code this could result in undefined behavior or worse. Accordingly, all response checks from the OpenSSL backend have been converted from ``assert`` to a true function call. Credit **Emilia Käsper (Google Security Team)** for the report. * We now ship OS X wheels that statically link OpenSSL by default. When installing a wheel on OS X 10.10+ (and using a Python compiled against the 10.10 SDK) users will no longer need to compile. See :doc:`/installation` for alternate installation methods if required. * Set the default string mask to UTF-8 in the OpenSSL backend to resolve character encoding issues with older versions of OpenSSL. * Several new OpenSSL bindings have been added to support a future pyOpenSSL release. * Raise an error during install on PyPy < 2.6. 1.0+ requires PyPy 2.6+. - Remove 2293.patch . Applied in a different way upstream. - Add BuildRequires for python-hypothesis and python-pyasn1-modules for running unittests ==== python3-py ==== Version update (1.4.30 -> 1.4.31) - update to version 1.4.31: * fix local().copy(dest, mode=True) to also work with unicode. * pass better error message with svn EEXIST paths ==== scons ==== Version update (2.4.0 -> 2.4.1) - Update to 2.4.1 * Added new configure check, CheckProg, to check for existence of a program. * Fix for issue #2840 - Fix for two environments specifying same target with different actions not throwing hard error. Instead SCons was incorrectly issuing a warning and continuing. * Add support `Microsoft Visual C++ Compiler for Python 2.7' Compiler can be obtained at: https://www.microsoft.com/en-us/download/details.aspx?id=44266 * Fixed tigris issue #3011: Glob() excludes didn't work when used with VariantDir(duplicate=0) * Fix bug 2831 and allow Help() text to be appended to AddOption() help. * Reimplemented versioning for shared libraries, with the following effects * Fixed tigris issues #3001, #3006. * Fixed several other issues not reported to tigris, including: issues with versioned libraries in subdirectories with tricky names, issues with versioned libraries and variant directories, issue with soname not being injected to library when using D linkers, * Switched to direct symlinks instead of daisy-chained ones -- soname and development symlinks point directly to the versioned shared library now), for rationale see: https://www.debian.org/doc/debian-policy/ch-sharedlibs.html https://fedoraproject.org/wiki/Packaging:Guidelines#Devel_Packages https://bitbucket.org/scons/scons/pull-requests/247/new-versioned-libraries-gnulink-cyglink/diff#comment-10063929 * New construction variables to allow override default behavior: SONAME, SHLIBVERSIONFLAGS, _SHLIBVERSIONFLAGS, SHLIBNOVERSIONSYMLINKS, LDMODULEVERSION, LDMODULEVERSIONFLAGS, _LDMODULEVERSIONFLAGS, LDMODULENOVERSIONSYMLINKS. * Changed logic used to configure the versioning machinery from platform-centric to linker-oriented. * The SHLIBVERSION/LDMODULEVERSION variables are no longer validated by SCons (more freedom to users). * InstallVersionedLib() doesn't use SHLIBVERSION anymore. * Enchanced docs for the library versioning stuff. * New tests for versioned libraries. * Library versioning is currently implemented for the following linker tools: 'cyglink', 'gnulink', 'sunlink'. * Fix to swig tool - pick-up 'swig', 'swig3.0' and 'swig2.0' (in order). * Fix to swig tool - respect env['SWIG'] provided by user. ==== libamd-2_4_1 ==== Subpackages: libcamd-2_4_1 libccolamd-2_9_1 libcholmod-3_0_6 libcolamd-2_9_1 libumfpack-5_7_1 - Update to version 4.4.6 * SPQR 2.0.2: changed default tol when A has infs, from inf to realmax (~1e308) ==== systemd-presets-branding-openSUSE ==== - Enable fstrim.timer and disable fstrim.service. TRIM should be performed once a week and not on every boot (FATE#317727). http://www.spinics.net/lists/util-linux-ng/msg09133.html ==== sysvinit-tools ==== - don't install last, we will take it from util-linux ==== libblkid-devel ==== Subpackages: libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit util-linux - enable last binary ==== util-linux-systemd ==== - enable last binary ==== wireshark ==== Subpackages: wireshark-ui-gtk - Enable netlink support, requires libnl3. ==== xdg-utils ==== Version update (20151005 -> 20151112) - update to 20151112 * xdg-utils-common: bump version number * Check for $WAYLAND_DISPLAY as well as $DISPLAY. - Add patch `xdg-terminal-fix-gsettings.patch` to fix upstream bfo#93231 ==== zypper ==== Version update (1.12.22 -> 1.12.27) Subpackages: zypper-aptitude zypper-log - lu/lp: fix different data returned in xml and text output (bsc#793424) - lp: Indicate patches requiring a restart of the package manager itself. Enhance 'lp -a' Status column. - pchk: also report needed but locked patches - download: fixed claiming an error after successful run (bsc#956480) - Fix tab-completion if zypper is defined as an alias (bsc#955615) - version 1.12.27 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update sle-zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - createPot: Fix plural form detection (bsc#955053) - version 1.12.26 - Update zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update sle-zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Fix #83 incomplete bash completion for --type - Fix typo (bsc#953214) - Fix miss aligned output when LANG=C (bsc#951707) - Provide --priority option on addrepo command. - add/modifyrepo: Support '--priority 0' to restore the default repo priority. - Fixed Japanese translations (bsc#949196) - version 1.12.25 - Update sle-zypper-po.tar.bz2 - Update sle-zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Update sle-zypper-po.tar.bz2 - Update zypper-po.tar.bz2 - Add -x shorthand for --match-exact (fixes #64) - version 1.12.24 - Use a uniform translation set for SLE and openSUSE (bnc#948924) - Issue 'volatile change' warning when modifying a plugin service repo (bnc#951339) - Fix missaligned output due to changed mbrtowc return value in glibc-2.22 (bnc#950869) - version 1.12.23 Removed packages: libsuitesparseconfig-4_4_5 Added packages: libsuitesparseconfig-4_4_6