Packages changed: apache2 (2.4.23 -> 2.4.25) appstream-glib (0.6.6 -> 0.6.7) babl (0.1.18 -> 0.1.22) cups flatpak (0.6.14 -> 0.8.0) gnome-online-accounts (3.22.3 -> 3.22.4) hxtools (20150304 -> 20170109) icoutils (0.31.0 -> 0.31.1) installation-images (14.288 -> 14.293) kernel-source (4.9.0 -> 4.9.3) libgtop lilv lz4 obs-service-set_version (0.5.3 -> 0.5.4) openslp ostree (2016.14 -> 2016.15) patterns-openSUSE pcsc-lite (1.8.19 -> 1.8.20) perl-DBD-SQLite (1.52 -> 1.54) perl-Net-DNS (1.06_03 -> 1.07) perl-Scalar-List-Utils (1.46 -> 1.47) perl-YAML (1.20 -> 1.21) postfix (3.1.3 -> 3.1.4) procps systemd-presets-branding-openSUSE util-linux (2.28.2 -> 2.29) util-linux-systemd (2.28.2 -> 2.29) vim (8.0.147 -> 8.0.172) wine (2.0~rc4 -> 2.0~rc5) xf86-video-amdgpu yast2-bootloader (3.2.13 -> 3.2.14) yast2-ruby-bindings (3.2.4 -> 3.2.5) yast2-storage (3.2.2 -> 3.2.3) === Details === ==== apache2 ==== Version update (2.4.23 -> 2.4.25) Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils - Added new HTTP2 option to sysconfig to ease enabling http2 - Added new protocols.conf which is included globally - Enable http2 also for Leap 42.2+ and SLE12_SP2+ - update to 2.4.25: fixed several security issues (CVE-2016-8740, CVE-2016-5387, CVE-2016-2161, CVE-2016-0736, CVE-2016-8743), many fixes and improvements of mod_http2 and other modules; see CHANGES for full change log - verify tarball: added httpd*.bz2.asc, apache2.keyring and remove 60C5442D.key ==== appstream-glib ==== Version update (0.6.6 -> 0.6.7) Subpackages: libappstream-builder8 libappstream-glib8 - Update to version 0.6.7: + Scan /usr/share/metainfo as well when building appstream-data. + Resolve relative symlinks when extracting archives. + Add a test for extracting relative symlinks. + Add AsRequire as a way to store runtime requirements. + Support glob and regex matches in requires compare tags. + Update the SPDX licence list to v2.5. + Remove invalid SPDX licenses from content license lookup table. + Revert "Remove invalid SPDX licenses from content license lookup table". + Add support for "+" operator at the end of SPDX license identifiers. + Fix dep extraction when multiple versions are available. + Recursively add subpackage deps into the main package. + Allow loading application XPM icons. + Write log files in a better way. + Fix a crash when using as_release_get_location_default(). + build: Enable C99 support in configure.ac. + Limit recursive deps lookup to the same source package. + Only fail to validate in AppData desktop components. + Release version 0.6.7. ==== babl ==== Version update (0.1.18 -> 0.1.22) - Update to version 0.1.22: + Added cache of profiled conversions, added HCY color model, some precision and performance updated for fast paths. - Changes from version 0.1.20: + Fix run-time errors, leaks, and race conditions. Add conditional fast paths. ==== cups ==== Subpackages: cups-client cups-devel cups-libs cups-libs-32bit - Replace pkgconfig(libsystemd-daemon) BuildRequires with pkgconfig(libsystemd) on openSUSE 13.2 and newer: the various sub-libraries have been merged into libsystemd since version 209. openSUSE 13.1 was the last product to ship systemd 208. ==== flatpak ==== Version update (0.6.14 -> 0.8.0) - Update to version 0.8.0: + This is the first release in a new series of stable releases called 0.8.x. New features will be added to 0.9.x, and only bugfixes will be backported to 0.8.x. The featureset of this release is a good base to target if you're creating flatpaks that should be widely usable. + This release technically requires only OSTree 2016.14, and it build fine with this, but we recommend using OSTree 2016.15, because of the change in how it verifies the checksums of commits in delta files. + Flatpakrepo files now support a RuntimeRepo= key which points to a flatpakrepo file. This means the user don't have to manually configure a remote for the runtime, just reply to the prompt to automatically do this when installing the app. + We now support dependencies when installing bundles. This includes required runtimes, related refs, and the equivalent of RuntimeRepo. + The support for OCI in flatpak has been updated to the latest OCI spec version, and support has been added to directly install flatpak applications from an OCI image. + In flatpak install, the --from and --bundle options are now optional if the argument has the correct suffix (.flatpakref and .flatpak). + Flatpak install now supports -y to let you avoid interactive prompts. + build-finish: - We now export mime type files with the right name. - New --require-version option let you specify a particular version of flatpak, and older version of flatpak will not install or update to the new version. + build-sign: Allow signing all apps by omitting the id. + Fix regression in the document portal when adding named files. + build-import-bundle now signs the commit if you specify a gpg key. + Flatpak now reads configuration from /etc/flatpak/installations.d which lets you support multiple system-level installation paths. These can be accessed with new --installation=... arguments to most of the commands. + flatpak-builder: - Support --jobs=N to limit parallel builds. - Patch source got new options property that lets you pass arguments to patch. - New generic "buildsystem: type" option that replace the (now deprecated) "cmake: true" option. This supports "autotools", "cmake" and "meson". ==== gnome-online-accounts ==== Version update (3.22.3 -> 3.22.4) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-1 typelib-1_0-Goa-1_0 - Update to version 3.22.4: + Bugs fixed: bgo#765121, bgo#776871, bgo#776897. ==== hxtools ==== Version update (20150304 -> 20170109) Subpackages: fd0ssh ofl - Update to new upstream release 20170109 * A new utility "gxxdm" was added which explains libstdc++v3 mangled names in detail. (Not feature-complete.) * New utility "ldif-duplicate-attrs": counts multiple occurrences of an attribute within one DN leaf and reports them. * New utility "ldif-leading-spaces": reports if LDAP attribute values start or end with whitespaces. (Spaces have implications for sorting addressbook entries, for example.) * New utilities: pegrep (a multiline pcregrep), qpdecode (quoted-printable filter), settime.pl (set filetime according to oldest archive member) * move_moov was renamed to aumeta * Removed utilities: git-new-root (git implements this itself easily now) ==== icoutils ==== Version update (0.31.0 -> 0.31.1) - Update to 0.31.1. * Security fixes: CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333 (boo#1018756). ==== installation-images ==== Version update (14.288 -> 14.293) - follow casp -> caasp renaming in driver update directory - adjust module config for kernel 4.10 - 14.293 - casp-release is now caasp-release - 14.292 - additional log files for fate#318971 - 14.291 - zypp.conf is really in initrd, so modify it there - 14.290 - there are *.so files now in /usr/lib/systemd (bsc#1019355) - 14.289 ==== kernel-source ==== Version update (4.9.0 -> 4.9.3) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - drm: Fix broken VT switch with video=1366x768 option (bsc#1018358). - commit 2c7dfab - Linux 4.9.3 (bnc#1012628 bsc#1000433). - Delete patches.drivers/drm-radeon-Always-store-CRTC-relative-radeon_crtc-cu. - commit 7204b59 - Linux 4.9.2 (bnc#1012628 bsc#1000433). - Refresh patches.drivers/drm-radeon-Always-store-CRTC-relative-radeon_crtc-cu. - Delete patches.drivers/drm-radeon-Also-call-cursor_move_locked-when-the-cur. - Delete patches.drivers/drm-radeon-Hide-the-HW-cursor-while-it-s-out-of-boun. - commit 2d3c294 - Linux 4.9.1 (bnc#1012628 bnc#1016101 bsc#1010690). - Delete patches.fixes/ASoC-intel-Fix-crash-at-suspend-resume-without-card. - Delete patches.rpmify/kbuild-provide-include-asm-asm-prototypes.h-for-x86.patch. - commit da02006 - fbcon: Fix vc attr at deinit (bsc#1000619). - commit e989b9d - drm: Use u64 for intermediate dotclock calculations (bnc#1006472). - commit 1af4b0f - x86/kbuild: enable modversions for symbols exported from asm (bnc#1016101). Replace by the upstream version. - commit 772efd7 - rpm/kernel-binary.spec.in: Obsolete ftsteutates KMP (boo#997172) - commit 8519edc - config: Disable GPIO_TS4900 in most kernels The gpio-ts4900 driver is only useful on i.MX6 boards, and only one of our kernels supports them. - commit 92e9ad3 ==== libgtop ==== - Fix build on SLE: pass "po libgtop" to translation-update-upstream: it fails do detect the correct gettext domain. ==== lilv ==== - Add baselibs.conf for gstreamer-plugins-bad-32bit ==== lz4 ==== Subpackages: liblz4-1_7 liblz4-devel - Add baselibs.conf: provide liblz4-1_7 as -32bit compatibility package, required by systemd-32bit. ==== obs-service-set_version ==== Version update (0.5.3 -> 0.5.4) - Update to version 0.5.4: * support obscpio archives * do not strip release number in debian, but setting it back ==== openslp ==== Subpackages: openslp-devel openslp-server - Also update openslp.sd_notify.diff to use the new systemd lib ==== ostree ==== Version update (2016.14 -> 2016.15) - Update to version 2016.15: + This release is mostly bugfixes - for example, it cleans up the vast majority of memory leaks caught by ASAN. We also build without libsoup again, which is preparatory for a potential addition of a libcurl HTTP backend. + Another notable change is that we now always checksum individual objects even when applying static deltas, regardless of whether or not the summary file is signed. This is part of an ongoing thread about supporting OCI as a transport layer. - Add pkgconfig(zlib) BuildRequires: configure explicitly checks for it. ==== patterns-openSUSE ==== Subpackages: patterns-openSUSE-apparmor patterns-openSUSE-apparmor_opt patterns-openSUSE-base patterns-openSUSE-books patterns-openSUSE-console patterns-openSUSE-devel_C_C++ patterns-openSUSE-devel_basis patterns-openSUSE-devel_ide patterns-openSUSE-devel_java patterns-openSUSE-devel_kde patterns-openSUSE-devel_kde_frameworks patterns-openSUSE-devel_kernel patterns-openSUSE-devel_osc_build patterns-openSUSE-devel_perl patterns-openSUSE-devel_python patterns-openSUSE-devel_qt5 patterns-openSUSE-devel_rpm_build patterns-openSUSE-devel_ruby patterns-openSUSE-devel_web patterns-openSUSE-dhcp_dns_server patterns-openSUSE-directory_server patterns-openSUSE-enhanced_base patterns-openSUSE-enhanced_base_opt patterns-openSUSE-file_server patterns-openSUSE-fonts patterns-openSUSE-fonts_opt patterns-openSUSE-games patterns-openSUSE-gateway_server patterns-openSUSE-generic_server patterns-openSUSE-gnome patterns-openSUSE-gnome_admin patterns-openSUSE-gnome_basis patterns-openSUSE-gnome_basis_opt patterns-openSUSE-gnome_games patterns-openSUSE-gnome_ide patterns-openSUSE-gnome_imaging patterns-openSUSE-gnome_imaging_opt patterns-openSUSE-gnome_internet patterns-openSUSE-gnome_laptop patterns-openSUSE-gnome_multimedia patterns-openSUSE-gnome_multimedia_opt patterns-openSUSE-gnome_office patterns-openSUSE-gnome_office_opt patterns-openSUSE-gnome_utilities patterns-openSUSE-gnome_yast patterns-openSUSE-imaging patterns-openSUSE-imaging_opt patterns-openSUSE-kde patterns-openSUSE-kde_edutainment patterns-openSUSE-kde_games patterns-openSUSE-kde_ide patterns-openSUSE-kde_imaging patterns-openSUSE-kde_internet patterns-openSUSE-kde_multimedia patterns-openSUSE-kde_office patterns-openSUSE-kde_plasma patterns-openSUSE-kde_telepathy patterns-openSUSE-kde_utilities patterns-openSUSE-kde_utilities_opt patterns-openSUSE-kde_yast patterns-openSUSE-kvm_server patterns-openSUSE-lamp_server patterns-openSUSE-laptop patterns-openSUSE-lxde patterns-openSUSE-lxde_laptop patterns-openSUSE-lxde_office patterns-openSUSE-mail_server patterns-openSUSE-minimal_base patterns-openSUSE-minimal_base-conflicts patterns-openSUSE-misc_server patterns-openSUSE-multimedia patterns-openSUSE-multimedia_opt patterns-openSUSE-network_admin patterns-openSUSE-non_oss patterns-openSUSE-non_oss_opt patterns-openSUSE-office patterns-openSUSE-office_opt patterns-openSUSE-print_server patterns-openSUSE-remote_desktop patterns-openSUSE-rest_dvd patterns-openSUSE-sw_management patterns-openSUSE-sw_management_gnome patterns-openSUSE-sw_management_kde patterns-openSUSE-tabletpc patterns-openSUSE-technical_writing patterns-openSUSE-x11 patterns-openSUSE-x11_opt patterns-openSUSE-x11_yast patterns-openSUSE-xen_server patterns-openSUSE-xfce patterns-openSUSE-xfce_basis patterns-openSUSE-xfce_laptop patterns-openSUSE-xfce_office patterns-openSUSE-yast2_basis patterns-openSUSE-yast2_install_wf - Drop gnome-nettool Recommends from patterns-openSUSE-gnome and patterns-openSUSE-gnome_internet. Gnome-nettool is deprecated upstream and is no longer a package we want to install by default. - Remove konqueror references from patterns, one browser in the default installation is enough - Remove non_oss from the recommends of GNOME, KDE & MATE patterns ==== pcsc-lite ==== Version update (1.8.19 -> 1.8.20) Subpackages: libpcsclite1 - Updated to version 1.8.20 * Fix a crash and potential security issue in pcscd (bsc#1017902, CVE-2016-10109, CWE-415, CWE-416) ==== perl-DBD-SQLite ==== Version update (1.52 -> 1.54) - updated to 1.54 see /usr/share/doc/packages/perl-DBD-SQLite/Changes 1.54 2016-12-24 - Switched to a production version. - Resolved RT#119219: Trivial documentation bug in DBL::SQLite 1.52 1.53_01 2016-11-26 - Re-enabled perl tokenizer by calling sqlite_db_config if SQLite >= 3.12 ==== perl-Net-DNS ==== Version update (1.06_03 -> 1.07) - updated to 1.07 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== perl-Scalar-List-Utils ==== Version update (1.46 -> 1.47) - updated to 1.47 see /usr/share/doc/packages/perl-Scalar-List-Utils/Changes 1.47 -- 2016/12/22 18:54:45 [CHANGES] * Make XS code ppport.h-free when in core [BUGFIXES] * Fix compliling on C++11 * Perform taint checks using $^X instead of some %ENV key because of the Test::Simple vars (RT119169) ==== perl-YAML ==== Version update (1.20 -> 1.21) - updated to 1.21 see /usr/share/doc/packages/perl-YAML/Changes 1.21 Fri Dec 23 21:19:15 CET 2016 - Apply PR/171 (fixes issue/109) @perlpunk++ - No more "used only once" warnings for $YAML::Indent etc. - Apply PR/170 (fixes issue/131) hiratara@cpan.org++ - Empty mapping value at the end resolves to null (was becoming empty string) - Apply PR/169 (PR/119) patrick.allen.higgins@gmail.com++ - Output key in warning when duplicate key was found - Apply PR/157 and PR/168 (@lameventanas++ @perlpunk++) - Allow reading and writing to IO::Handle ==== postfix ==== Version update (3.1.3 -> 3.1.4) Subpackages: postfix-doc - FATE#322322 Update postfix to version 3.X Merging changes with SLES12-SP2 Removeved patches: add_missed_library.patch bnc#947707.diff dynamic_maps.patch postfix-db6.diff postfix-opensslconfig.patch bnc#947519.diff dynamic_maps_pie.patch postfix-linux45.patch postfix-post-install.patch These are included in the new version of postfix - Remove references to SuSEconfig.postfix from sysconfig docs. (bsc#871575) - bnc#947519 SuSEconfig.postfix should enforce umask 022 - bnc#947707 mail generated by Amavis being prevented from being re-adressed by /etc/postfix/virtual - bnc#972346 /usr/sbin/SuSEconfig.postfix is wrong - update to 3.1.4 * The postscreen daemon did not merge the client test status information for concurrent sessions from the same IP address. * The Postfix SMTP server falsely rejected a sender address when validating a sender address with "smtpd_reject_unlisted_recipient = yes" or with "reject_unlisted_sender". Cause: the address validation code did not query sender_canonical_maps. * The virtual delivery agent did not detect failure to skip to the end of a mailbox file, so that mail would be delivered to the beginning of the file. This could happen when a mailbox file was already larger than the virtual mailbox size limit. * The postsuper logged an incorrect rename operation count after creating a missing directory. * The Postfix SMTP server falsely rejected mail when a sender-dependent "error" transport was configured. Cause: the SMTP server address validation code was not updated when the sender_dependent_default_transport_maps feature was introduced. * The Postfix SMTP server falsely rejected an SMTPUTF8 sender address, when "smtpd_delay_reject = no". * The "postfix tls deploy-server-cert" command used the wrong certificate and key file. This was caused by a cut-and-paste error in the postfix-tls-script file. ==== procps ==== Subpackages: libprocps6 - Only buildrequire pkgconfig(libsystemd) instead of pkgconfig(libsystemd-login): The latter was merged into libsystemd in version 209. ==== systemd-presets-branding-openSUSE ==== - Fix pre/post scripts: + On %pre case, when updating from an old version of the package that did not yet contain %{_prefix}/lib/%{generic_name}/branding-preset-states, we can't start it. Add a check for execute permission on the script. - Import preset macros from systemd-rpm-macro and convert them into scripts. Presets are not supposed to be shipped by other packages as the default policy needs to be reviewed by the secteam. Therefore don't encourage packagers to do that and make those macros private to this package. Also convert them into real scripts so they're much easier to maintain and debug. Also working in %posttrans is unneeded as this package is assumed to be the only one to update the preset. - There's no need to reload the daemon configuration as presets are not part of the dameon config. ==== util-linux ==== Version update (2.28.2 -> 2.29) Subpackages: libblkid-devel libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit - don't install bash-completions for uninstalled binaries (chfn, chsh, newgrp, pg) - for now remove procps dependency which is only needed for tests because it pulls systemd - Replace pkgconfig(libsystemd-*) with pkgconfig(libsystemd) libsystemd-* libs were deprecated and are gone now. - Remove no more supported --enable-libmount-force-mountinfo. There is --enable-libmount-support-mtab, disabled by default, exactly as we need. - Update to version 2.29 * cal: possible to specify month by name (e.g. "cal January 2017") and use relative placeholders (cal "+1 month") * fdisk(8) allows to wipe newly created partitions; the feature is possible to control by new command line option - -wipe-partitions[==auto|never|default]. * findmnt --verify: the command scans /etc/fstab and tries to verify the configuration. * mount(8) now rejects requests to create another device and mount filesystem for the same backing file. The command `losetup --nooverlap` reuses loop device if already exists for the same backing file. All the functionality calculate with offset and sizelimit options of course, so it's fine to have multiple regions (partitions) in the same image file and mount all of them in the same time. The restriction is that the regions should not overlap. * lscpu supports the "drawer" topology for IBM S/390. * More details at: http://karelzak.blogspot.de/2016/10/util-linux-v229-whats-new.html https://www.kernel.org/pub/linux/utils/util-linux/v2.29/v2.29-ReleaseNotes - refresh make-sure-sbin-resp-usr-sbin-are-in-PATH.diff ==== util-linux-systemd ==== Version update (2.28.2 -> 2.29) - don't install bash-completions for uninstalled binaries (chfn, chsh, newgrp, pg) - for now remove procps dependency which is only needed for tests because it pulls systemd - Replace pkgconfig(libsystemd-*) with pkgconfig(libsystemd) libsystemd-* libs were deprecated and are gone now. - Remove no more supported --enable-libmount-force-mountinfo. There is --enable-libmount-support-mtab, disabled by default, exactly as we need. - Update to version 2.29 * cal: possible to specify month by name (e.g. "cal January 2017") and use relative placeholders (cal "+1 month") * fdisk(8) allows to wipe newly created partitions; the feature is possible to control by new command line option - -wipe-partitions[==auto|never|default]. * findmnt --verify: the command scans /etc/fstab and tries to verify the configuration. * mount(8) now rejects requests to create another device and mount filesystem for the same backing file. The command `losetup --nooverlap` reuses loop device if already exists for the same backing file. All the functionality calculate with offset and sizelimit options of course, so it's fine to have multiple regions (partitions) in the same image file and mount all of them in the same time. The restriction is that the regions should not overlap. * lscpu supports the "drawer" topology for IBM S/390. * More details at: http://karelzak.blogspot.de/2016/10/util-linux-v229-whats-new.html https://www.kernel.org/pub/linux/utils/util-linux/v2.29/v2.29-ReleaseNotes - refresh make-sure-sbin-resp-usr-sbin-are-in-PATH.diff ==== vim ==== Version update (8.0.147 -> 8.0.172) Subpackages: gvim vim-data - Updated to revision 172, fixes the following problems * When a C preprocessor statement has two line continuations the following line does not have the right indent. (Ken Takata) * ":earlier" and ":later" do not work after startup or reading the undo file. * When the pattern of :filter does not have a separator then completion of the command fails. * To pass buffer content to system() and systemlist() one has to first create a string or list. * Running the channel test creates channellog. * system() test fails on MS-Windows. * system() test fails on OS/X. * When sorting zero elements a NULL pointer is passed to qsort(), which ubsan warns for. * Several float functions are not covered by tests. * No command line completion for ":syntax spell" and ":syntax sync". * On MS-Windows some float functions return a different value when passed unusual values. strtod() doesn't work for "inf" and "nan". * Using a NULL pointer when using feedkeys() to trigger drawing a tabline. * EMSG() is sometimes used for internal errors. * Build fails when using small features. * Build error on Fedora 23 with small features and gnome2. * Ruby 2.4 no longer supports rb_cFixnum. * Outdated and misplaced comments. * Ubsan warns for integer overflow. * JSON with a duplicate key gives an internal error. (Lcd) * str2nr() and str2float() do not always work with negative values. * Still some float functionality is not covered by tests. * For complicated string json_decode() may run out of stack space. * Channel test fails for using freed memory. * JS style JSON does not support single quotes. * The command selected in the command line window is not executed. (Andrey Starodubtsev) ==== wine ==== Version update (2.0~rc4 -> 2.0~rc5) Subpackages: wine-32bit - Updated to 2.0-rc5 development snapshot - Bug fixes only, we are in code freeze. - updated winetricks ==== xf86-video-amdgpu ==== - introduced hardware supplements (bnc#1020075) ==== yast2-bootloader ==== Version update (3.2.13 -> 3.2.14) - do not crash when switching from no bootloader to grub2 when grub2 package is not installed (bsc#1018280) - 3.2.14 ==== yast2-ruby-bindings ==== Version update (3.2.4 -> 3.2.5) - allow in Yast::SCR and Yast::WFM to have string as first argument where Yast::Path is expected (gh#yast/yast-ruby-bindings#82, bsc#1018876) - make yast specific class shortcuts available via Yast namespace like Yast.path() or Yast.term() - allow path shortcut to get string or path and return always path - raise exception if wrong type is passed to path including nil - 3.2.5 - drop Yast.add_module_dir and Yast.add_include_dir as the only reliable way is to use Y2DIR env (gh#yast/yast-ruby-bindings#72) ==== yast2-storage ==== Version update (3.2.2 -> 3.2.3) - Avoid recurring error pop-up in the expert partitioner when the user has removed all the Btrfs subvolumes (bsc#1008740) - 3.2.3