Packages changed: kactivitymanagerd kdeconnect-kde (1.2 -> 1.2.1) kernel-source (4.14.15 -> 4.15.0) libpng16 (1.6.31 -> 1.6.34) multipath-tools (0.7.3+31+suse.6804bb73f72d -> 0.7.3+38+suse.a16beed5280a) nano (2.9.1 -> 2.9.3) plasma5-openSUSE python-base python-pycurl rollback-helper snapper (0.5.3 -> 0.5.4) spice webkit2gtk3 === Details === ==== kactivitymanagerd ==== - Require libQt5Sql5-sqlite, apparently it crashes without it, and even if not it would probably not work properly (boo#1078173) ==== kdeconnect-kde ==== Version update (1.2 -> 1.2.1) Subpackages: kdeconnect-kde-lang - Update to 1.2.1 * Require the latest version of KF5 * Was getting a double-delete, now it won't crash * Get rid of ProcessRunner * Add album art to mpris network packets * Add title, artist and album to MPRIS network packets * Fix information leak via /tmp (kde#383144) * Add support for new Android 2.3 (API 9+) cipher * Fix kdeconnect-cli device list * Fix "error activiting kdeconnectd" for kdeconnect-cli * Delay kdeconnectd autostart phase * Fix Notifications in Plasmoid * Make sure there's not a path within the filename * share plugin: fix path display * Use pactl instead of KMix in PauseMusic Plugin - needs KDE Frameworks 5.42 now ==== kernel-source ==== Version update (4.14.15 -> 4.15.0) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Update to 4.15-final. - Eliminated 5 patches. - Config changes: - Security: - GENERIC_CPU_VULNERABILITIES=y - commit 978c9b0 - Update patches.kernel.org/4.14.14-036-RDS-Heap-OOB-write-in-rds_message_alloc_sgs.patch upstream references (add CVE-2018-5332 bsc#1075621). - commit 510de01 - Update patches.kernel.org/4.14.14-037-RDS-null-pointer-dereference-in-rds_atomic_fr.patch upstream references (add CVE-2018-5333 bsc#1075617). - commit e6cf845 ==== libpng16 ==== Version update (1.6.31 -> 1.6.34) Subpackages: libpng16-16 libpng16-16-32bit libpng16-compat-devel libpng16-devel - check with -j1 - Fix SRPM group and grammar issues. - removed obsoleted Obsoletes - update to 1.6.34: * Removed contrib/pngsuite/i*.png; some of these were incorrect and caused test failures. - includes 1.6.33: * Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added missing parenthesis in contrib/pngminus/pnm2png.c * Fixed off-by-one error in png_do_check_palette_indexes() * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc to fix shortlived oss-fuzz issue 3234. * Compute a larger limit on IDAT because some applications write a deflate buffer for each row * Use current date (DATE) instead of release-date (RDATE) in last changed date of contrib/oss-fuzz files. * Enabled ARM support in CMakeLists.txt * Fixed incorrect typecast of some arguments to png_malloc() and png_calloc() that were png_uint_32 instead of png_alloc_size_t * Use pnglibconf.h.prebuilt when building for ANDROID with cmake * Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2() due to truncated iTXt or zTXt chunk. * Initialize memory allocated by png_read_buffer to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_icc_check_tag_table() due to truncated iCCP chunk. * Removed redundant tests * Added an interlaced version of each file in contrib/pngsuite. * Relocate new memset() call in pngrutil.c * Add support for loading images with associated alpha in the Simplified API * Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32 state * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc * Add end_info structure and png_read_end() to the libpng fuzzer - includes 1.6.32: * Avoid possible NULL dereference in png_handle_eXIf when benign_errors are allowed. Avoid leaking the input buffer "eXIf_buf". * Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif to arguments for png_get_eXIf() and png_set_eXIf(). * Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in pngwrite.c, and made various other fixes to png_write_eXIf(). * Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid breaking API compatibility with libpng-1.6.31. * Updated contrib/libtests/pngunknown.c with eXIf chunk. * Initialized btoa[] in pngstest.c * Stop memory leak when returning from png_handle_eXIf() with an error * Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf(). * Update libpng.3 and libpng-manual.txt about eXIf functions. * Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability. * Removed png_get_eXIf_1() and png_set_eXIf_1(). * Check length of all chunks except IDAT against user limit to fix an OSS-fuzz issue (Fixes CVE-2017-12652) * Check length of IDAT against maximum possible IDAT size, accounting for height, rowbytes, interlacing and zlib/deflate overhead. * Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf) does not work (the eXIf chunk data can contain zeroes). * Revised symlink creation, no longer using deprecated cmake LOCATION feature * Fixed five-byte error in the calculation of IDAT maximum possible size. * Moved chunk-length check into a png_check_chunk_length() private function * Moved bad pngs from tests to contrib/libtests/crashers * Moved testing of bad pngs into a separate tests/pngtest-badpngs script * Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL in the output but PASS for the libpng test. * Require cmake-3.0.2 in CMakeLists.txt * Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the num_exif argument to png_get_eXIf_1() * Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks(). * Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers. * Make pngtest --strict, --relax, --xfail options imply -m (multiple). * Removed unused chunk_name parameter from png_check_chunk_length(). * Relocated setting free_me for eXIf data, to stop an OSS-fuzz' leak. * Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue. * Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR. * Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue. * Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account for the minimum 'deflate' stream, and relocate the test to a point after the keyword has been read. * Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM". * Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers, one for each known chunk type, with length = 2GB-1. * Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706, and 162707). * Renamed chunks in contrib/testpngs/crashers to avoid having files whose names differ only in case; this causes problems with some platforms * Added contrib/oss-fuzz directory which contains files used by the oss-fuzz project - cleanup with spec-cleaner ==== multipath-tools ==== Version update (0.7.3+31+suse.6804bb73f72d -> 0.7.3+38+suse.a16beed5280a) Subpackages: kpartx multipath-tools-rbd - Update to version 0.7.3+38+suse.a16beed5280a: * kpartx: don't delete partitions from partitions (bsc#1078362) * hwtable: add latest updates (bsc#1078363) * multipathd.service: set TasksMax=infinity (bsc#1060616) ==== nano ==== Version update (2.9.1 -> 2.9.3) Subpackages: nano-lang - GNU nano 2.9.3: * fix a segfault with trimblanks that could occur when a typed space caused the word after it to be pushed to the next line * make macros work also when your keyboard still emits escape sequences * add the options -M and --trimblanks for the command line * recognizeskey combos with Shift on a few more terminals * no longer show dots in certain prompt texts when visible witespace is turned on * fix two corner cases when doing replacements in a marked region * allow to open a named pipe again when using --noread * accurately detect a needed color change when a line contains a start match but not a corresponding end match any more - includes changes gom 2.9.2: * correctly display the Modified state when undoing/redoing (also when the file was saved somewhere midway) * improve the undoing of an automatic linefeed at EOF * show the cursor again when compiled with --withslang * rename the option 'justifytrim' to 'trimblanks' because it will now snip trailing whitespace also while you are typing (and hard-wrapping is enabled) * continue pushing words to the next line much longer (when hard-wrapping) * make and indent and unindent a marked region * allow unindenting when not all lines are indented * let a region marked with Shift persist when indenting/ unindenting or commenting/uncommenting it ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Provide the KDE4 branding and plasma5-desktop-branding-openSUSE in version 43 and obsolete (or conflict with) < 43 to prevent upgrade problems from Leap 42 to 15, which has a lower version (boo#1077854) ==== python-base ==== Subpackages: libpython2_7-1_0 libpython2_7-1_0-32bit python-devel python-xml - Add patch python-fix-shebang.patch to fix bsc#1078326 ==== python-pycurl ==== Subpackages: python2-pycurl python3-pycurl - Since version 7.58.0, curl may be compiled with libssh instead of libssh2 which differ in supported functionality (bsc#1078329) * add pycurl-libssh.patch - update license ==== rollback-helper ==== - check if current btrfs snapshot is the production snapshot before re-registering (bsc#1068947) - unified branching versions (Jul 27 2017 vs. May 22 2017) ==== snapper ==== Version update (0.5.3 -> 0.5.4) Subpackages: libsnapper4 snapper-zypp-plugin - create subvolume instead of snapshot for initial system (bsc#1077240) - version 0.5.4 - improved error handling for systemd services (gh#openSUSE/snapper#382) ==== spice ==== - Correct RPM group for shared library. - Split the sle condition again for exact features to allow their override - Enable smartcards on sle15 as the supportlib is available * Condition it using name everywhere instead of suse versions and join together with lz4 - Format with spec-cleaner - Convert dependencies to pkgconfig style - Install documentation and license file - Add configure arguments to most of the options to not rely on autotools automatic behavior * Also enable gstreamer and lz4 options - Drop the not needed python dependencies, they are needed only when building from git snapshot ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - even on recent codestreams there is no binutils gold on s390 only on s390x