Packages changed: accountsservice autoyast2 (3.1.106 -> 3.1.108) git gstreamer-editing-services gtk3 (3.18.2 -> 3.18.6) kernel-firmware (20151109git -> 20151207git) kernel-source (4.3.3 -> 4.4.0) krb5 (1.13.3 -> 1.14) liblouis librevenge (0.0.3 -> 0.0.4) nautilus (3.18.2 -> 3.18.4) net-snmp patterns-openSUSE pin python3-louis ruby2.2 (2.2.3 -> 2.2.4) sane-backends tigervnc (1.5.0 -> 1.6.0) xorg-x11-server yast2 (3.1.162 -> 3.1.163) yast2-installation (3.1.166 -> 3.1.167) yast2-ruby-bindings (3.1.42 -> 3.1.46) === Details === ==== accountsservice ==== Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - Updated Url. ==== autoyast2 ==== Version update (3.1.106 -> 3.1.108) Subpackages: autoyast2-installation - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.109- Downloading init scripts to /mnt during first installation stage. (bnc#960907,bnc#961320) - 3.1.108- Network services can be restarted again, because they do not depend on YaST2-Second-Stage.service anymore. (bnc#954908) - 3.1.107 ==== git ==== Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - package git-new-workdir [boo#961292] ==== gstreamer-editing-services ==== Subpackages: libges-1_0-0 typelib-1_0-GES-1_0 - Move the NLE GStreamer plugin (libgstnle.so) from devel package to libges ==== gtk3 ==== Version update (3.18.2 -> 3.18.6) Subpackages: gtk3-data gtk3-devel gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Add gtk3-qemu-usb-tablet-is-no-real-touchscreen.patch: The QEMU USB Tablet is not really a touchscreen - although it simulates it for VNC based viewers (making mouse-input more reliable). This patch fixes issues where openQA was not able to correctly handle the CTRL-ALT-DEL handler to show the logout dialog.- Add gtk3-gdk_pixbuf_get_from_surface.patch: Restore old behavior.- Update to version 3.18.6: + Bugs fixed: bgo#539944, bgo#732742, bgo#735847, bgo#746745, bgo#747295, bgo#748904, bgo#757358, bgo#758025, bgo#758072, bgo#758175, bgo#758327, bgo#758367, bgo#758407, bgo#758483, bgo#758484, bgo#758660, bgo#758661, bgo#758698, bgo#758790. + Updated translations.- Update to version 3.18.5: + GtkFileChooser: - Make sure external drives show up either in the sidebar or the places view. - Ignore double-click events. + Avoid some crashes in CSS parsing error handling. - Drop gtk3-gtkplacessidebar-improve-heuristics-external-drives.patch: Fixed upstream.- Add gtk3-gtkplacessidebar-improve-heuristics-external-drives.patch: Add missed commit for the sidebar refactor, without this external drives are not shown anywhere (bgo#756589).- Update to version 3.18.4: + Revert a GtkTextBuffer change that broke binding API. + Properly refresh styles when widget names change.- Update to version 3.18.3: + Bugs fixed: bgo#735342, bgo#753992, bgo#755654, bgo#756160, bgo#756385, bgo#756449, bgo#756496, bgo#756505, bgo#756568, bgo#756589, bgo#756625, bgo#756751, bgo#756780, bgo#756886, bgo#757147, bgo#757221, bgo#757298, bgo#757303, bgo#757324, bgo#757358, bgo#757377, bgo#757544. + Updated translations. - Drop gtk3-places-sidebar-no-crash.patch: Fixed upstream. ==== kernel-firmware ==== Version update (20151109git -> 20151207git) Subpackages: ucode-amd - Update to version 20151207git (commit bbe4917) * WHENCE: use https://linuxtv.org for LinuxTV URLs * Add firmware for mt7601u. version 34. * brcm: add initial firmware for bcm4371 11ac wifi device * brcm: update firmware for bcm43602 device * WHENCE: Remove claim that qed and bfa/bna firmware came from kernel source * WHENCE: Correct filename of qed firmware * fix permissions on qed_init_values_zipped-8.4.2.0.bin * qla2xxx: Update firmware version to 8.03.00 * bnx2x: Add FW 7.13.1.0. * Merge tag 'iwlwifi-fw-2015-11-18' * iwlwifi: add new -16 firmware for iwlmvm devices * linux-firmware: Update firmware patch for Intel Bluetooth 7265 (C0/D0) * qed: Add FW 8.4.2.0 * fix WHENCE, which for some reason became executable - Use of spec-cleaner - Fix boo#961416 - Added complete instructions for contributors how to get the tar.xz done ==== kernel-source ==== Version update (4.3.3 -> 4.4.0) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Update to 4.4-final. - commit f1e5f1f ==== krb5 ==== Version update (1.13.3 -> 1.14) Subpackages: krb5-32bit krb5-client krb5-devel - Add two patches from Fedora, fixing two crashes: * krb5-fix_interposer.patch * krb5-mechglue_inqure_attrs.patch- Update to 1.14 - dropped krb5-kvno-230379.patch - added krbdev.mit.edu-8301.patch fixing wrong function call Major changes in 1.14 (2015-11-20) Administrator experience: * Add a new kdb5_util tabdump command to provide reporting-friendly tabular dump formats (tab-separated or CSV) for the KDC database. Unlike the normal dump format, each output table has a fixed number of fields. Some tables include human-readable forms of data that are opaque in ordinary dump files. This format is also suitable for importing into relational databases for complex queries. * Add support to kadmin and kadmin.local for specifying a single command line following any global options, where the command arguments are split by the shell--for example, "kadmin getprinc principalname". Commands issued this way do not prompt for confirmation or display warning messages, and exit with non-zero status if the operation fails. * Accept the same principal flag names in kadmin as we do for the default_principal_flags kdc.conf variable, and vice versa. Also accept flag specifiers in the form that kadmin prints, as well as hexadecimal numbers. * Remove the triple-DES and RC4 encryption types from the default value of supported_enctypes, which determines the default key and salt types for new password-derived keys. By default, keys will only created only for AES128 and AES256. This mitigates some types of password guessing attacks. * Add support for directory names in the KRB5_CONFIG and KRB5_KDC_PROFILE environment variables. * Add support for authentication indicators, which are ticket annotations to indicate the strength of the initial authentication. Add support for the "require_auth" string attribute, which can be set on server principal entries to require an indicator when authenticating to the server. * Add support for key version numbers larger than 255 in keytab files, and for version numbers up to 65535 in KDC databases. * Transmit only one ETYPE-INFO and/or ETYPE-INFO2 entry from the KDC during pre-authentication, corresponding to the client's most preferred encryption type. * Add support for server name identification (SNI) when proxying KDC requests over HTTPS. * Add support for the err_fmt profile parameter, which can be used to generate custom-formatted error messages. Code quality: * Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that could cause server crashes. [CVE-2015-2695] [CVE-2015-2696] [CVE-2015-2698] * Fix build_principal memory bug that could cause a KDC crash. [CVE-2015-2697] Developer experience: * Change gss_acquire_cred_with_password() to acquire credentials into a private memory credential cache. Applications can use gss_store_cred() to make the resulting credentials visible to other processes. * Change gss_acquire_cred() and SPNEGO not to acquire credentials for IAKERB or for non-standard variants of the krb5 mechanism OID unless explicitly requested. (SPNEGO will still accept the Microsoft variant of the krb5 mechanism OID during negotiation.) * Change gss_accept_sec_context() not to accept tokens for IAKERB or for non-standard variants of the krb5 mechanism OID unless an acceptor credential is acquired for those mechanisms. * Change gss_acquire_cred() to immediately resolve credentials if the time_rec parameter is not NULL, so that a correct expiration time can be returned. Normally credential resolution is delayed until the target name is known. * Add krb5_prepend_error_message() and krb5_wrap_error_message() APIs, which can be used by plugin modules or applications to add prefixes to existing detailed error messages. * Add krb5_c_prfplus() and krb5_c_derive_prfplus() APIs, which implement the RFC 6113 PRF+ operation and key derivation using PRF+. * Add support for pre-authentication mechanisms which use multiple round trips, using the the KDC_ERR_MORE_PREAUTH_DATA_REQUIRED error code. Add get_cookie() and set_cookie() callbacks to the kdcpreauth interface; these callbacks can be used to save marshalled state information in an encrypted cookie for the next request. * Add a client_key() callback to the kdcpreauth interface to retrieve the chosen client key, corresponding to the ETYPE-INFO2 entry sent by the KDC. * Add an add_auth_indicator() callback to the kdcpreauth interface, allowing pre-authentication modules to assert authentication indicators. * Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to suppress sending the confidentiality and integrity flags in GSS initiator tokens unless they are requested by the caller. These flags control the negotiated SASL security layer for the Microsoft GSS-SPNEGO SASL mechanism. * Make the FILE credential cache implementation less prone to corruption issues in multi-threaded programs, especially on platforms with support for open file description locks. Performance: * On slave KDCs, poll the master KDC immediately after processing a full resync, and do not require two full resyncs after the master KDC's log file is reset. User experience: * Make gss_accept_sec_context() accept tickets near their expiration but within clock skew tolerances, rather than rejecting them immediately after the server's view of the ticket expiration time. ==== liblouis ==== - Move data from library package to separate subpackage, to ensure library package can be safely upgraded. ==== librevenge ==== Version update (0.0.3 -> 0.0.4) Subpackages: librevenge-0_0-0 librevenge-devel librevenge-generators-0_0-0 librevenge-stream-0_0-0 - Version bump to 0.0.4: * Fix possible crash in raw generators for unbalanced open/close calls. * Fix build in C++11 mode. * Fix gdb pretty printers and make them compatible with Python 3. * Fix RVNGString::Iter::last(), which only worked correctly for strings containing only ASCII characters. * Document the difference between RVNGString::len() and RVNGString::size(). * Considerably improve performance of RVNGString iterator (a crude measurement shows at least 45% improvement). ==== nautilus ==== Version update (3.18.2 -> 3.18.4) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 - Update to version 3.18.4: + Fix crash on copying directory.- Update to version 3.18.3: + Check availability of PackageKit for installing extra apps. + Fix overflow in 32 bits systems. + Fix renaming popover misplaced in the desktop. + Fix blank square in the view after changing view modes or locations. + Fix crash when clicking preferences. + Widespread work on removing leaks, that usually causes crashes. + Operations start visibility improved, showing the popover. + Fix wrong date calculation. + Fix another issue with nautilus opening location in the wrong window. + Fix "move to" action. ==== net-snmp ==== - Request pkgconfig(libssl) instead of openssl-devel to support using LibreSSL as well.- update to upstream version 5.7.3 - remove patch that is now present in the upstream release: * net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch - rename patches to new version number 5.7.3: delete: * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.2-net-snmp-config-headercheck.patch * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-velocity-mib.patch add: * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.3-net-snmp-config-headercheck.patch * net-snmp-5.7.3-perl-tk-warning.patch * net-snmp-5.7.3-pie.patch * net-snmp-5.7.3-socket-path.patch * net-snmp-5.7.3-testing-empty-arptable.patch * net-snmp-5.7.3-velocity-mib.patch - add build requirement 'procps' to fix a net-snmp-config error (bsc#935863) - enable DTLS and TLS support (FATE#318789) new binary 'snmptls' was added - add support for hostname netgroups (FATE#316305) '@hostgroup' can be specified for multiple hosts * net-snmp-5.7.3-netgroups.patch - suppress network statistics output in snmpstatus (FATE#316289) '-Sn' don't print any info about the network '-Si' don't print the operational status of network interfaces * net-snmp-5.7.3-snmpstatus-suppress-output.patch- also stop snmptrapd on removal- update to upstream version 5.7.3.pre5 - remove patches that are now present in the upstream release: * net-snmp-5.7.2-build-fix-for-strlcat.patch * net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch * net-snmp-5.7.2-fix-perl-trap-handler.patch - net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: refresh and add patch header- added net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: fix remote denial of service problem inside snmptrapd when started with the "-OQ" option (CVE-2014-3565)(bnc#894361) - added net-snmp-5.7.2-fix-perl-trap-handler.patch: fix potential remote denial of service problem inside the snmptrapd Perl trap handler (CVE-2014-2285)(bnc#866942)- merge some old fixes from SLE 11: * init script should provide snmpd. (bnc#466805) * stop all snmp agents when stopping the daemon. (bnc#473328)- recompress .tar.gz - it has trailing garbage, hope we can readd source url on next update- update to upstream version 5.7.2.1, fixing one security issue: * A denial of service attack vector was discovered on the Linux implementation of the ICMP-MIB. (CVE-2014-2284, bnc#866942)- net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch: fix mib representation of timeout values (bnc#833153)- use _rundir macro- remove old workaround for ppc/ppc64 migrations which is no longer needed (bnc#437293)- add support for python bindings- improve snmptrapd init script (avoid to overwrite the logfile on restart)- Disable parallelism during build. The dependencies between the Perl module and libnetsnmp are not defined correctly and might result in broken linkage (bnc#819497, bnc#818907)- Add Source URL, see https://en.opensuse.org/SourceUrls- net-snmp-5.7.2-build-fix-for-strlcat.patch: fix exported strlcat() prototype that could conflict with other packages (bnc#793548)- update to version 5.7.2: several bug fixes in the agent, client utilities and libraries. The CHANGES file shipped with the package contains a comprehensive list of fixes and improvements - rebase patches to apply cleanly: * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-velocity-mib.patch * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch - remove patches that are now present in the upstream release: * net-snmp-5.7.0-recognize-reiserfs.patch * net-snmp-5.7.1-snmplib-zero-timeout.patch * net-snmp-5.7.1-old-api-double-free.patch * net-snmp-5.7.1-use-pclose-to-close-pipes.patch * net-snmp-5.7.1-fix-handling-of-large-filesystems.patch * net-snmp-5.7.1-snmplib-default-retries.patch * net-snmp-5.7.1-fsys-memory-leak.patch * net-snmp-5.7.1-adjust-copyright-in-agent-txt-file.patch * net-snmp-5.7.1-recognize-ocfs2.patch * net-snmp-5.7.1-properly-clean-up-old-requests-in-subagents.patch * net-snmp-5.7.1-reduce-code-duplication-in-agentx.patch * net-snmp-5.7.1-log-agentx-disconnections.patch * net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch * net-snmp-5.7.1-report-problems-with-setundo-processing.patch * net-snmp-5.7.1-fix-array-index-error.patch- Remove redundant sections from specfile - Avoid shipping .la files- fix array index error that could lead to a crash (CVE-2012-2141) (bnc#759352)- fix agent crash when reloading a subagent (AgentX) during a query (bnc#670789)- add OCFS2 to the list of known file systems- update copyright notice of AGENT.txt allowing us to redistribute the file in our package (from Dave Shield) (bnc#750704)- fix license to be in spdx.org format- logrotate: use "reload" instead of "try-restart" to avoid an unnecessary stop/start cycle in the agent (bnc#707636)- net-snmp-5.7.1-fsys-memory-leak.patch: fix a memory leak in agent/mibgroup/hardware/fsys (bnc#725766) - net-snmp-5.7.1-snmplib-default-retries.patch: change default number of retries back from 0 to 5 (bnc#725766) - net-snmp-5.7.1-fix-handling-of-large-filesystems.patch: fix bug in handling large (>8TB) filesystems (bnc#725766) - net-snmp-5.7.1-use-pclose-to-close-pipes.patch: use pclose() instead of fclose() to close a pipe (bnc#725766) - net-snmp-5.7.1-old-api-double-free.patch: agent: avoid double free when netsnmp_register_old_api() fails (bnc#725766) - net-snmp-5.7.1-snmplib-zero-timeout.patch: snmplib: avoid waiting indefinitely if a session has timeout zero (bnc#725766)- update to version 5.7.1: minor release including some bug fixes- enable net-snmp-devel on all baselib architectures- make sure all delegated requests are removed before closing an AgentX session (bnc#670789)- update to version 5.7.1.rc1 but keep package version as 5.7.1 to avoid update problems when the final version is released- small fixes to snmpd and snmptrapd init scripts: - if $SNMPD_LOGLEVEL is not defined, use LOG_NOTICE instead of LOG_DEBUG - improve messages printed and service description - write snmptrapd logs to /var/log/net-snmpd.log- update README.SUSE to reflect some recent changes and drop a bit of outdated information - update baselibs to reflect new library version - spec file cleanup: rename some source files for consistency- add ReiserFS to the list of known file systems (bnc#715199)- install snmptrapd init script by default (bnc#712175)- fix logging option in snmptrapd init script (bnc#712174)- update upstream patches from branch V5-7-patches to 20110714- update to version 5.7: new features and lots of bug fixes - remove patches that are no longer needed: net-snmp-5.6.0-enable-hrh-filesys.patch net-snmp-5.6.1-recognize-jfs-and-xfs.patch net-snmp-5.6.1-rpm490.patch - refresh and rename patches to apply cleanly after update: net-snmp-5.7.0-pie.patch net-snmp-5.7.0-velocity-mib.patch- switch from rpmdb to rpmts to support rpm-4.9.0- update upstream patches from branch V5-6-patches to 20110512- add JFS and XFS to the list of known file systems (bnc#687327)- update upstream patches from branch V5-6-patches to 20110328- fix libsnmp version in baselibs.conf- update to version 5.6.1: new features and lots of bug fixes - update upstream patches from branch V5-6-patches to 20110104 - remove patches that are no longer needed: net-snmp-5.6.0-ethtool-speed.patch- remove /var/adm/perl-modules/net-snmp from the Perl module- update upstream patches from branch V5-6-patches to 20101129 - spec file cleanup: upstream uses -fno-strict-aliasing by default now - remove patches that are no longer needed: net-snmp-5.5.0-rpmdb-h-detect.patch net-snmp-5.6.0-vendorperl.patch- if-mib: add support for more speeds with ethtool (bnc#650558)- update upstream patches from branch V5-6-patches to 20101101, fixing a segmentation fault on shutdown (bnc#650282)- enable new implementation of hrStorage and hrFilesys to fix persistent indexes in FS and Storage tables (bnc#648364)- update upstream patches from branch V5-6-patches to 20101021- update to version 5.6: new features and lots of bug fixes - refresh and rename patches to apply cleanly after update: net-snmp-5.6.0-pie.patch net-snmp-5.6.0-vendorperl.patch net-snmp-5.6.0-net-snmp-config-headercheck.patch- update upstream patches from branch V5-5-patches to 20100803- change default log level from DEBUG to NOTICE (bnc#623497)- spec file cleanup: remove old backward compatibility scripts- update upstream patches from branch V5-5-patches to 20100602: fixed potential buffer overflow in parsing OIDs in config files- update upstream patches from branch V5-5-patches to 20100531 - add net-snmp-5.5.0-rpmdb-h-detect.patch: workaround for autoconf failing to detect rpm/rpmdb.h - remove patches that are no longer needed: net-snmp-5.5.0-use-lmsensors-v3.patch- create /var/run/agentx during startup to support systems that mount /var/run as tmpfs- update libsnmp package name to reflect the library version we are currently shipping - remove patches that are obsolete: net-snmp-5.4.rc2-versinfo.diff net-snmp-5.4.2_snmpconf-selinux.patch - refresh all patches to apply as "-p1" - spec file cleanup: remove conditionals to build on unsupported versions of the distribution- update upstream patches from branch V5-5-patches to 20100428- add net-snmp-5.5.0_upstream-20100405.patch: merge all patches committed to upstream branch V5-5-patches - remove patches that are now upstream: net-snmp-5.4.2_audit.patch net-snmp-5.5.0_autoconf.patch net-snmp-5.4.2_overflow.patch net-snmp-5.4.2.1-rpm4.7.patch net-snmp-5.5.0_gcc45.patch- Fix strncat properly (from Andreas Jaeger)- Fix code errors found by gcc 4.5- build for libsensors4 instead of libsensors3- remove sparcv9-specific baselib exceptions (not needed)- remove net-snmp-5.4.1.2-rmon-mib-revised_3.patch from sources (upstream since 5.5) - refresh net-snmp-5.5.0_autoconf.patch - spec file cleanup: update package description- update to version 5.5: new features and lots of bug fixes, including: - fix hrSWRunPath for processes other than init (bnc#486270) - remove patches that are now upstream: Add-Default-Router-Table-support.patch Add-ICMP-Statistics-Tables-support.patch Add-IPv6-Scope-Zone-Index.patch Add-IPv6-support-on-Internet-Address-Translation-Tab.patch Fix-for-IPv6-Interface-Table.patch Fix-for-Internet-Address-Prefix-Table.patch Fix-for-Internet-Address-Table.patch Fix-for-tcpConnnectionTable-tcpListenerTable-udpEn.patch Improve-IP-Statistics-tables.patch net-snmp-5.3.0.1_trap-agent-addr_v2.patch net-snmp-5.4.1.2-etherlike-mib-revised_4.patch net-snmp-5.4.x_embedded_perl_error_message.patch- add baselibs.conf as a source - add baselib defs for SPARC- Fix build with rpm 4.7 (net-snmp-5.4.2.1-rpm4.7.patch)- make patch0 usage consistent ==== patterns-openSUSE ==== Subpackages: patterns-openSUSE-apparmor patterns-openSUSE-apparmor_opt patterns-openSUSE-base patterns-openSUSE-books patterns-openSUSE-console patterns-openSUSE-devel_C_C++ patterns-openSUSE-devel_basis patterns-openSUSE-devel_gnome patterns-openSUSE-devel_ide patterns-openSUSE-devel_java patterns-openSUSE-devel_kde patterns-openSUSE-devel_kde_frameworks patterns-openSUSE-devel_kernel patterns-openSUSE-devel_perl patterns-openSUSE-devel_python patterns-openSUSE-devel_qt4 patterns-openSUSE-devel_qt5 patterns-openSUSE-devel_rpm_build patterns-openSUSE-devel_ruby patterns-openSUSE-devel_web patterns-openSUSE-dhcp_dns_server patterns-openSUSE-directory_server patterns-openSUSE-enhanced_base patterns-openSUSE-enhanced_base_opt patterns-openSUSE-file_server patterns-openSUSE-fonts patterns-openSUSE-fonts_opt patterns-openSUSE-games patterns-openSUSE-gateway_server patterns-openSUSE-gnome patterns-openSUSE-gnome_admin patterns-openSUSE-gnome_basis patterns-openSUSE-gnome_basis_opt patterns-openSUSE-gnome_games patterns-openSUSE-gnome_ide patterns-openSUSE-gnome_imaging patterns-openSUSE-gnome_imaging_opt patterns-openSUSE-gnome_internet patterns-openSUSE-gnome_laptop patterns-openSUSE-gnome_multimedia patterns-openSUSE-gnome_multimedia_opt patterns-openSUSE-gnome_office patterns-openSUSE-gnome_office_opt patterns-openSUSE-gnome_utilities patterns-openSUSE-gnome_yast patterns-openSUSE-imaging patterns-openSUSE-imaging_opt patterns-openSUSE-kde patterns-openSUSE-kde_edutainment patterns-openSUSE-kde_games patterns-openSUSE-kde_ide patterns-openSUSE-kde_imaging patterns-openSUSE-kde_internet patterns-openSUSE-kde_multimedia patterns-openSUSE-kde_office patterns-openSUSE-kde_plasma patterns-openSUSE-kde_telepathy patterns-openSUSE-kde_utilities patterns-openSUSE-kde_utilities_opt patterns-openSUSE-kde_yast patterns-openSUSE-kvm_server patterns-openSUSE-lamp_server patterns-openSUSE-laptop patterns-openSUSE-lxde patterns-openSUSE-lxde_laptop patterns-openSUSE-lxde_office patterns-openSUSE-mail_server patterns-openSUSE-minimal_base patterns-openSUSE-minimal_base-conflicts patterns-openSUSE-misc_server patterns-openSUSE-multimedia patterns-openSUSE-multimedia_opt patterns-openSUSE-network_admin patterns-openSUSE-non_oss patterns-openSUSE-non_oss_opt patterns-openSUSE-office patterns-openSUSE-office_opt patterns-openSUSE-print_server patterns-openSUSE-remote_desktop patterns-openSUSE-rest_dvd patterns-openSUSE-sw_management patterns-openSUSE-sw_management_gnome patterns-openSUSE-sw_management_kde patterns-openSUSE-tabletpc patterns-openSUSE-technical_writing patterns-openSUSE-x11 patterns-openSUSE-x11_opt patterns-openSUSE-x11_yast patterns-openSUSE-xen_server patterns-openSUSE-xfce patterns-openSUSE-xfce_basis patterns-openSUSE-xfce_laptop patterns-openSUSE-xfce_office patterns-openSUSE-yast2_basis patterns-openSUSE-yast2_install_wf - Recommend pinentry-gnome3 from the GNOME pattern (boo#961472). ==== pin ==== - Clean up with spec-cleaner and silence rpmlint warnings ==== python3-louis ==== - Move data from library package to separate subpackage, to ensure library package can be safely upgraded. ==== ruby2.2 ==== Version update (2.2.3 -> 2.2.4) Subpackages: libruby2_2-2_2 ruby2.2-devel ruby2.2-stdlib - update to 2.2.4 (boo# 959495) - ext/fiddle/handle.c: check tainted string arguments. Patch provided by tenderlove and nobu. (CVE-2015-7551) - test/fiddle/test_handle.rb (class TestHandle): add test for above. - io.c (parse_mode_enc): fix buffer overflow. - doc/NEWS-0.2.2: add description about incompatible change in Hash duplicated key overriding policy. [Bug #10315] [Bug [#11501]] - insns.def (opt_case_dispatch): avoid converting Infinity - test/ruby/test_optimization.rb (test_opt_case_dispatch_inf): new [ruby-dev:49423] [Bug #11804]' - configure.in: pthread_getattr_np is broken on AIX. More specifically, the stack address and size returned are not correct. - common.mk (update-gems): use BASERUBY instead of RUNRUBY. - insns.def (opt_case_dispatch): check Float#=== redefinition - test/ruby/test_optimization.rb (test_opt_case_dispatch): new [ruby-core:71920] [Bug #11784] - ruby_atomic.h (ATOMIC_SIZE_CAS): fix the argument order of InterlockedCompareExchange64. new value and then old value is the last. - encoding.c (enc_m_loader): defer finding encoding object not to be infected by marshal source. [ruby-core:71793] [Bug #11760] - marshal.c (r_object0): enable compatible loader on USERDEF class. the loader function is called with the class itself, instead of an allocated object, and the loaded data. - marshal.c (compat_allocator_table): initialize compat_allocator_tbl on demand. - object.c (rb_undefined_alloc): extract from rb_obj_alloc. - ext/-test-/file/fs.c: need to include sys/statvfs.h to use statvfs(). - ext/-test-/file/extconf.rb: check the existence of sys/statvfs.h - sprintf.c (rb_str_format): fix wrong shifting position in Rational conversion when not at the beginning of the result. [ruby-core:71806] [Bug #11766] - range.c (range_to_s): should be infected by the receiver. str2 infects by appending. [ruby-core:71811] [Bug #11767] - ext/readline/extconf.rb: call dir_config("libedit") if - -enable-libedit is spcified. [Bug #11751] patched by John Hein - parse.y (parser_here_document): store dispatched result of on_tstring_content at the last fragment of a here document. - test/ruby/test_gc.rb: merge partially r52391 to get rid of CI error. - io.c (rb_io_each_codepoint): raise an exception at incomplete character before EOF when conversion takes place. [Bug #11444] - io.c (argf_getpartial): should not resize str if the second argument is not given. [ruby-core:71668] [Bug #11738] - vm_eval.c (local_var_list_add): skip internal local variable name by its type but not if it has a name. internal local variable names are just unique per frame, not globally. [ruby-core:71437] [Bug #11674] - io.c (rb_io_each_codepoint): read more data when read partially. [ruby-core:70379] [Bug #11444] - lib/net/http.rb: set hostname before call ossl_ssl_set_session. [Bug #11401][ruby-core:70152][fix GH-964] Patch by @mkarnebeek - transcode.c (rb_econv_open0): rb_econv_t::source_encoding_name and rb_econv_t::destination_encoding_name should refer static strings always or NULL. [ruby-core:70247] [Bug #11416] - iseq.c (iseq_data_to_ary): dump kw_arg as symbol - test/-ext-/iseq_load/test_iseq_load.rb: test kw_arg roundtrip [ruby-core:69891] [Bug #11338] - gc.c (__has_feature): move into internal.h. - internal.h (__has_feature): ditto. - internal.h (__has_extension): new macro. - internal.h (STATIC_ASSERT): use _Static_assert with clang. [ruby-core:69931] [Bug #11343] - parse.y (literal_concat_gen, evstr2dstr_gen): keep literal encoding beginning with an interpolation same as the source file encoding. [ruby-core:70703] [Bug #11519] - ext/openssl/ossl_ssl.c (ssl_npn_select_cb): explicitly raise error in ext/openssl instead of OpenSSL itself because LibreSSL silently truncate the selected protocol name by casting the length from int to unsigned char. [Bug #11369] Patch by Jeremy Evans - vm_eval.c (send_internal): set method_missing_reason before invoking overriding method_missing method so that the default method_missing can achieve it properly. [ruby-core:68515] [Bug [#10969]] - test/ruby/test_symbol.rb (test_symbol_fstr_leak): add a warm-up code and check RSS to avoid false positive on AIX and false negative on Mac OS X. [Bug #10686] - test/ruby/test_symbol.rb: avoid a false positive in AIX. - test/objspace/test_objspace.rb (test_trace_object_allocations_start_stop_clear): clear object allocation table first to get rid of erroneous detection for obj3. [ruby-dev:49095] [Bug #11271] - insns.def (defined): skip respond_to_missing? when a method is available. [Bug #11211] - test/ruby/test_defined.rb: add a test for this fix. - ext/digest/sha1/sha1ossl.c: fix defs.h path to catch up changes in r52739.[Bug #3231] - ext/digest/rmd160/rmd160ossl.c: ditto. - parse.y (kwd_append): fix segv after invalid keyword argument, preceding keyword list is NULL when syntax error is there. [ruby-core:71356] [Bug #11663] - lib/ipaddr.rb, test/test_ipaddr.rb: Reject invalid address contained EOL string. Patch by @kachick [fix GH-942][Bug [#11513]] - compile.c (iseq_build_from_ary_body): register cdhash to the iseq constant body instead of compile time mark array, not to get GCed. [ruby-core:70708] [Feature #8543] - ext/digest/*/*.[ch]: include ruby.h before digest.h to avoid includeing ext/digest/extconf.h. [Bug #3231] https://msdn.microsoft.com/library/36k2cdd4.aspx - ext/digest/*/extconf.rb: remove ext/digest from include search path to avoid confusion of cl.exe. - ext/digest/*/*.[ch]: explicitly specify def.h's path. - Added missing reference of GitHub - lib/net/http.rb: Fixed regression for Net::HTTP::PUT with "Expect-100" header. [fix GH-949] - test/net/http/test_http.rb: added test. - vm_insnhelper.c (vm_invoke_block): we should not expect ci->argc is stable after invoking a block. [Bug #11451] - test/ruby/test_yield.rb: add a test. This test script is given by Alex Dowad. - load.c (rb_load_internal0): stop separating exits at loading from exits from execution. TAG_FATAL is the only case that `errinfo` is a Fixnum, and should continue to exit by JUMP_TAG but not raising as an ordinary exception. [ruby-core:70169] [Bug #11404] - load.c (rb_load_internal0): extra check before returning TAG_RAISE when a non-local transfer of control happens while loading and parsing a Ruby source file. [ruby-core:70169] [Bug [#11404]] - load.c (rb_load_internal0): do not raise any exceptions but return the result tag state. - load.c (rb_load_protect): reduce nested EXEC_TAGs. - enc/euc_jp.c (mbc_case_fold): check given string is valid or not, and if invalid, return 1. [Bug #11486] - ext/openssl/ossl_pkey.c: Merge ruby/openssl@b9ea8ef [Bug [#10735]] - io.c (argf_next_argv): check ARGV element type, and try conversion if necessary. [ruby-core:71140] [Bug #11610] - ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support if the SSL library supports it. Thanks Kurt Roeckx [Bug #11376] - ext/openssl/extconf.rb: check for SSLv3 support in the SSL implementation. - test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 if there is no support. - tool/runruby.rb: rubyspec now requires other FDs not to be closed since 7b6ce1fee. - vm_trace.c (rb_threadptr_exec_event_hooks_orig): maintain trace_running counter on internal events. This patch is made by Takashi Kokubun . [Bug #11603] https://github.com/ruby/ruby/pull/1059 - test/openssl/test_ssl_session.rb: Fix tests so that they take in to account OpenSSL installations that have SSLv3 disabled by default. Thanks Jeremy Evans for the patches. [Bug #11366] [Bug #11367] - test/openssl/test_ssl_session.rb (OpenSSL#test_ctx_client_session_cb): fix test failure with OpenSSL disabled SSLv3 protocol. [ruby-core:63772] [Bug [#10046]] - vm.c (hook_before_rewind): prevent kicking :return event while finishing vm_exec func because invoke_block_from_c() kick a :return event for bmethods. [Bug #11492] - test/ruby/test_settracefunc.rb: add a test. - configure.in: check for libunwind.h, which is not available in very old OS X SDK. [ruby-core:71080] [Bug #11591] - test/drb/test_drb.rb: Run Rinda/DRb tests on localhost. [Fix GH-1027] patch by voxik. - test/rinda/test_rinda.rb: ditto - parse.y (IS_BEG): include labeled argument state, which was EXPR_LABELARG. [ruby-dev:49221] [Bug #11456] - parse.y: fix syntax error at do-block after a conditional operator. separate label-allowed and after-a-label states from others as bit flags. [ruby-dev:48790] [Bug #10653] - enum.c (nmin_filter): Fix limit value. patch by Helder Pereira. [Bug #11471] [ruby-core:70477] - lib/rss/rss.rb (Time#w3cdtf): fix zero-trimmed width of fraction digits. [ruby-core:70667] [Bug #11509] - re.c (rb_memsearch_wchar, rb_memsearch_qchar): test matching till the end of string. [ruby-core:70592] [Bug #11488] - test/ruby/test_m17n.rb (test_include?, test_index): add tests by Tom Stuart. - thread_pthread.c (reserve_stack): ensure the memory is really allocated. [Bug #11457] - insns.def (defineclass): introduce an ad-hoc patch to avoid an issue reported on [Bug #10871]. This patch does not fix completely. For example, method definition in a block (like 1.times{def ...; end}) still causes same issue. To solve all, we need a huge patch and it seems difficult for stable branch. Use Ruby 2.3 and later to solve this issue completely. (See [Bug #10943]) - tool/downloader.rb: support old versions of ruby. - tool/downloader.rb: now can download gems by http if openssl is not available (this may be danger!) ==== sane-backends ==== Subpackages: sane-backends-32bit sane-backends-autoconfig sane-backends-devel - sane-backends.builttime.patch: reduce build-compare noise- remove gphoto2 backend, as is usefulness is highly questionable, but adds many (indirect) build and runtime dependencies ==== tigervnc ==== Version update (1.5.0 -> 1.6.0) Subpackages: xorg-x11-Xvnc - Updated to tigervnc 1.6.0. - Removed patches: * N_tigervnc_revert_fltk_1_3_3_requirements.patch * U_tigervnc-fix-reversed-logic-in-vncIsTCPPortUsed.patch * u_tigervnc-display-SHA-1-fingerprint-of-untrusted-certificate.patch * u_tigervnc-use-default-trust-manager-in-java-viewer-if-custom.patch * u_tigervnc-use_preferred_mode.patch * u_tigervnc-vncserver-clean-pid-files.patch - Updated patches: * n_tigervnc-date-time.patch * u_tigervnc-add-autoaccept-parameter.patch * u_tigervnc_update_default_vncxstartup.patch ==== xorg-x11-server ==== Subpackages: xorg-x11-server-extra xorg-x11-server-sdk - U_modesetting-should-not-reference-gbm-when-it-s-not-d.patch: fix build when gbm is not defined.- u_busfault_sigaction-Only-initialize-pointer-when-matched.patch Only initialize pointer when matched (boo#961439). - u_kdrive-UnregisterFd-Fix-off-by-one.patch -> U_kdrive-UnregisterFd-Fix-off-by-one.patch ==== yast2 ==== Version update (3.1.162 -> 3.1.163) Subpackages: yast2-devel-doc - fixed semantics of SCR call for zKVM detection (bsc#961485) - 3.1.163 ==== yast2-installation ==== Version update (3.1.166 -> 3.1.167) - Removing network dependencies in the service files in order to prevent booting cycles in Tumbleweed. (bnc#954908) - 3.1.167 ==== yast2-ruby-bindings ==== Version update (3.1.42 -> 3.1.46) - Move transdb initialization to C part to keep it together with index initialization (bsc#932014) - 3.1.46- fixed early return from logging method causing failure of old testsuite (bsc#932014) - 3.1.45- Fixed conflict between Yast::Encoding and ::Encoding (another fix for bsc#932014) - 3.1.44- Do not crash when logging an invalid UTF-8 string (bsc#932014) - 3.1.43