Packages changed: 389-ds MozillaThunderbird (68.2.2 -> 68.3.0) NetworkManager-applet (1.8.24 -> 1.8.25+20) aaa_base (84.87+git20191120.98f1524 -> 84.87+git20191206.1cb88e3) bcm43xx-firmware bluedevil5 (5.17.3 -> 5.17.4) bluez (5.50 -> 5.52) breeze (5.17.3 -> 5.17.4) breeze-gtk (5.17.3 -> 5.17.4) btrfsprogs (5.3.1 -> 5.4) build (20191114 -> 20191205) colord createrepo_c (0.12.0 -> 0.15.4) cronie dav1d (0.5.1 -> 0.5.2) dbus-1 (1.12.12 -> 1.12.16) dbus-1-x11 (1.12.12 -> 1.12.16) discover (5.17.3 -> 5.17.4) drkonqi5 (5.17.3 -> 5.17.4) expat (2.2.8 -> 2.2.9) gcr gdm gjs gnome-desktop (3.34.1 -> 3.34.2) gnome-session (3.34.1 -> 3.34.2) gnome-settings-daemon (3.34.1+0 -> 3.34.1+3) gnome-shell-extensions gnutls (3.6.10 -> 3.6.11.1) grilo-plugins gstreamer (1.16.1 -> 1.16.2) gstreamer-plugins-bad (1.16.1 -> 1.16.2) gstreamer-plugins-base (1.16.1 -> 1.16.2) gstreamer-plugins-good (1.16.1 -> 1.16.2) gstreamer-plugins-ugly (1.16.1 -> 1.16.2) gtk3 (3.24.12+32 -> 3.24.13+0) inkscape iproute2 (5.3 -> 5.4) kactivitymanagerd (5.17.3 -> 5.17.4) kcm_sddm (5.17.3 -> 5.17.4) kde-cli-tools5 (5.17.3 -> 5.17.4) kde-gtk-config5 (5.17.3 -> 5.17.4) kde-user-manager (5.17.3 -> 5.17.4) kgamma5 (5.17.3 -> 5.17.4) khotkeys5 (5.17.3 -> 5.17.4) kinfocenter5 (5.17.3 -> 5.17.4) kmenuedit5 (5.17.3 -> 5.17.4) kscreen5 (5.17.3 -> 5.17.4) kscreenlocker (5.17.3 -> 5.17.4) ksshaskpass5 (5.17.3 -> 5.17.4) ksysguard5 (5.17.3 -> 5.17.4) kwayland-integration (5.17.3 -> 5.17.4) kwin5 (5.17.3 -> 5.17.4) libgme libkdecoration2 (5.17.3 -> 5.17.4) libkscreen2 (5.17.3 -> 5.17.4) libksysguard5 (5.17.3 -> 5.17.4) libmspub libsoup (2.68.2 -> 2.68.3) libxcrypt (4.4.3 -> 4.4.10) lilv (0.24.4 -> 0.24.6) llvm9 mailutils man-pages mercurial (5.2 -> 5.2.1) milou5 (5.17.3 -> 5.17.4) osc (0.166.2 -> 0.167.1) oxygen5 (5.17.3 -> 5.17.4) perl-Perl-Tidy (20190915 -> 20191203) pesign plasma-browser-integration (5.17.3 -> 5.17.4) plasma-nm5 (5.17.3 -> 5.17.4) plasma5-addons (5.17.3 -> 5.17.4) plasma5-desktop (5.17.3 -> 5.17.4) plasma5-integration (5.17.3 -> 5.17.4) plasma5-openSUSE plasma5-pa (5.17.3 -> 5.17.4) plasma5-workspace (5.17.3 -> 5.17.4) polkit polkit-default-privs (13.2+20191128.c2eb3f7 -> 13.2+20191210.15c9882) polkit-kde-agent-5 (5.17.3 -> 5.17.4) powerdevil5 (5.17.3 -> 5.17.4) pptp (1.8.0 -> 1.10.0) python-Sphinx (2.2.1 -> 2.2.2) python-Sphinx-test (2.2.1 -> 2.2.2) python-Twisted (19.7.0 -> 19.10.0) python-matplotlib (3.1.1 -> 3.1.2) python-qt5 (5.13.1 -> 5.13.2) python-zope.interface (4.6.0 -> 4.7.1) re2 (20191101 -> 20191201) rebootmgr systemd systemsettings5 (5.17.3 -> 5.17.4) tcl (8.6.9 -> 8.6.10) tk (8.6.9 -> 8.6.10) virtualbox vsftpd wireshark (3.0.6 -> 3.0.7) yast2-ruby-bindings (4.2.4 -> 4.2.5) zimg === Details === ==== 389-ds ==== Subpackages: lib389 libsvrcore0 - Resolve incorrect tmpfiles.d location which caused transactional server installs to fail, and may break non-root install. ==== MozillaThunderbird ==== Version update (68.2.2 -> 68.3.0) Subpackages: MozillaThunderbird-translations-common - Mozilla Thunderbird 68.3.0: * Message display toolbar action WebExtension API * Navigation buttons are now available in content tabs, for example those opened via an add-on search * other bugfixes MFSA 2019-38 * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * Various updates to improve performance and stability - updated create-tar.sh to cover buildid and origin repo information - changed locale building procedure * removed obsolete compare-locales.tar.xz and thunderbird-broken-locales-build.patch - add mozilla-bmo849632.patch to fix color issues on big endian ==== NetworkManager-applet ==== Version update (1.8.24 -> 1.8.25+20) Subpackages: NetworkManager-applet-lang NetworkManager-connection-editor nma-data - Update to version 1.8.25+20: + appdata: - add release tag - add OARS rating + applet: scale icons for HiDPI displays + libnma: drop it + gitlab: drag in new enough libnma + Updated translations. - Switch to git checkout via source service. - Drop no longer built sub packages: + libnma0 + typelib-1_0-NMA-1_0 + libnma-devel - Switch to meson build system, add BuildRequires: + pkgconfig(libnma) + pkgconfig(gio-2.0) + pkgconfig(gmodule-export-2.0) - Drop no longer needed BuildRequires: + gtk-doc + intltool + pkgconfig(gobject-introspection-1.0) + pkgconfig(gck-1) + pkgconfig(gcr-3) - Cleanup spec and rebase patches. ==== aaa_base ==== Version update (84.87+git20191120.98f1524 -> 84.87+git20191206.1cb88e3) Subpackages: aaa_base-extras - Update to version 84.87+git20191206.1cb88e3: * Add support for lesskey.bin in /usr/etc * Do last change also for tcsh * Not all XTerm based emulators do have an terminfo entry ==== bcm43xx-firmware ==== - Update boardflags3 value for brcmfmac43455-sdio.raspberrypi,4-model-b.txt to fix WiFi connection on RPi4 - Add brcmfmac43455-sdio.raspberrypi,4-model-b.txt ==== bluedevil5 ==== Version update (5.17.3 -> 5.17.4) Subpackages: bluedevil5-lang - Update to 5.17.4 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.17.4.php - No code changes since 5.17.3 ==== bluez ==== Version update (5.50 -> 5.52) Subpackages: libbluetooth3 - BuildIgnore shared-mime-info, pulled in by libgio-2_0-0, not required for building, but causes a build loop. - Add bcond for mesh, also enable mesh on Leap 15.2/SLE15SP2. - Properly conditionalize all files which are only built with enabled mesh functionality, fixes build on Leap 15.1 and earlier. - fix udev directory from %_libexecdir to %_prefix/lib - update to version 5.52: * Fix issue with AVDTP session disconnect timeout handling. * Mark media endpoint APIs as stable interfaces. - remove obsolete 0001-mesh-Fix-segmentation-fault-on-Join-call.patch - disable one more segfaulting patch - add 0001-mesh-Fix-segmentation-fault-on-Join-call.patch (boo#1152672) - add _service to use github.com/seifes-obs-packages/bluez.git as source for the package - Combine multiple %service_* to reduce generated boilerplate. - disable mesh service due to security concerns, see boo#1151518 - add README-mesh.SUSE to explain the issue - remove no longer necessary temporary-rpmlintrc - update to version 5.51: * Fix issue with first agent not being registered as default. * Fix issue with loading devices without Service Changed CCC. * Fix issue with GATT client and extended property reading. * Fix issue with handling GATT client invalid read behavior. * Fix issue with handling GATT disconnect handler removal. * Fix issue with missing GATT/GAP service records for SDP. * Fix issue with checking SDP continuation state length. * Fix issue with HID device removal on HoG disconnect. * Fix issue with AVDTP and session destroy handling. * Fix issue with AVCTP and output MTU accounting. * Fix issue with AVRCP and creating media items. * Add support for GATT database caching feature. * Add experimental support for Bluetooth Mesh Profile. - removed obsoleted patches: * 0001-obexd-use-AM_LDFLAGS-for-linking.patch * 0001-policy-Add-logic-to-connect-a-Sink.patch * 0001-tools-Fix-build-after-y2038-changes-in-glibc.patch * bluez-5.50-a2dp-backports.patch * bluez-5.50-gcc9.patch * disable_some_obex_tests.patch * bluez-5.45-disable-broken-tests.diff - add bluez-disable-broken-tests.diff - add temporary rpmlintrc until security team approves ==== breeze ==== Version update (5.17.3 -> 5.17.4) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.17.4 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.17.4.php - No code changes since 5.17.3 ==== breeze-gtk ==== Version update (5.17.3 -> 5.17.4) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.17.4 * New bugfix release * For more details please see: * https://www.kde.org/announcements/plasma-5.17.4.php - Changes since 5.17.3: * [GTK3] Fix invalid colour name in treeview (kde#414391) ==== btrfsprogs ==== Version update (5.3.1 -> 5.4) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.4 * support new hash algorithms (kernel 5.5): * mkfs.btrfs and btrfs-convert with --csum, crc32c, xxhash, sha256, blake2 * mkfs: support new raid1c3 and raid1c4 block group profiles (kernel 5.5) * check: * --repair delays start with a warning, can be skipped using --force * enhanced detetion of inode types from partial data, more options for repair * receive: fix quiet option * image: speed up chunk loading * fi usage: * sort devices by id * print ratio of used/total per block group type * rescue zero-log: reset the log pointers directly, avoid reading some other potentially damaged structures * new make target install-static to install only static binaries/libraries * other * docs updates * new tests * cleanups and refactoring ==== build ==== Version update (20191114 -> 20191205) Subpackages: build-mkbaselibs build-mkdrpms - qemu vm_type is running qemu system emulator now. Works for: * aarch64 * armv7l * ppc64/ppc64le * s390/s390x * riscv64 Note: this requires a kernel and initrd in build target via kernel-obs-build mechanic - various --shell improvements - new --shell-cmd to run commands in chroot/KVM/Qemu/... directly - raising minimal required memory in qemu mode to 512MB to be able to run Linux kernel at least - Normalize epoch 0 away when reading the module info - Add systemd-nspawn backend (by Oleg Girko) ==== colord ==== Subpackages: colord-color-profiles colord-lang libcolord2 libcolorhug2 - Add add-spyderx.patch for datacolor SpyderX supprot (will be in version 1.4.5) - Move colord-session.service and tmpfiles config from libcolord-devel to colord package ==== createrepo_c ==== Version update (0.12.0 -> 0.15.4) Subpackages: libcreaterepo_c0 python3-createrepo_c - Update to 0.15.4 + Add reboot_suggested field to UpdateRecord (rh#1772466) + Skip directory matching --exclude right away + Add restart_suggested to updatecollectionpackage - Update to 0.15.3 + Export all changelog entries in compatibility mode + Libmagic to follow symlinks (rh#1776399) + Add shortcut to detect *.yaml files as not compressed - Ensure createrepo_c fully replaces createrepo on Tumbleweed - Remove old and now unused dependency on deltarpm as drpm is used now - Update to 0.15.2 + Fix file mode for cache (rh#1686812) + Honor umask on cache files (rh#1686812) - Enable DeltaRPM support for openSUSE targets on Leap 15.2+ and TW - Add BuildRequires on python3, it won't be pulled in side effect of requiring python3-nose - fix build by adding missing tarball and updating filelist - Update to version 0.15.1: * Release 0.15.1 * Fix null pointer crash in cr_dumper_thread() if it fails to get checksum * Fix search in string with missing terminating zero (rh#1750673) * Depend on DRPM minimum version 0.4.0 * Release 0.15.0 * Revise drpm dependency check and bump the minimum version to 0.3.0 * Release 0.14.4 * Update documentation and regenerate man pages to sync up * Use drpm_make from drpm instead of deltarpm (rh#1687843) * Fix some DEBUG build warnings * Switch off html timestamps on documentation (rh#1731050) * Update documentation for mergerepo_c merge methods (rh#1722803) * Update documentation for --retain-old-md and --compatibility * Fix --read-pkgs-list to only list actually read packages * Release 0.14.3 * Add missing python metadata to python2/3-createrepo_c (rh#1695677) * detect plain tar file as non compressed - Update to 0.14.2 + Fix issue with createrepo_c hanging at the end (rh#1714666) + Don't include packages with forbidden control chars in repodata (boo#1110914) + Correct pkg count in headers if there were invalid pkgs (rh#1596211) + Prevent exiting with 0 if errors occur while finalizing repodata - Update to 0.14.0 + Fix crash when dumping updateinfo and module is omitted (rh#1707981) + Add --pkgorigins mode - Update to 0.13.1 + Fix tests to work properly when modulemd support is not enabled - Enable modulemd support on openSUSE Leap 15.1+ and Tumbleweed - Update to 0.13.0 + Add support for handling modulemd + Add support for Koji simple merge mode + Add support for zchunked modulemd + Fixed --keep-all-metadata to keep all additional metadata - Disable tests if modulemd support is not enabled to prevent wrong failures - Drop patches included in this release + 0001-Find-correct-nosetests-version-even-when-which-comma.patch + 0002-fix-linking-when-Wl-no-undefined-is-set.patch - Use noun phrase in summary. - Added upstream patches * 0001-Find-correct-nosetests-version-even-when-which-comma.patch * 0002-fix-linking-when-Wl-no-undefined-is-set.patch - Drop included patches * 0001-zck_end_chunk-returns-number-of-bytes-written-or-1-f.patch * 0002-Add-missing-sentinal.patch * 0003-Fix-misc-test.patch - Disable drpm support - Update to version 0.12.1: * Release 0.12.1 * For make test, xz and zchunk (not just *-devel) are required. * Make cmake variable PYTHON_EXECUTABLE global * Add zchunk support already to Fedora 29 * [spec] Fix spec to work for epel 7 * Add CMake support for python interpreter path * Add space after if statement * Fix misc test * Add missing sentinal * Add zchunk support to mergerepo_c for extra files ==== cronie ==== Subpackages: cron - change permissions calls in spec file to use slashes for directories [boo#1158130] ==== dav1d ==== Version update (0.5.1 -> 0.5.2) - Update to version 0.5.2 * ARM32 optimizations for loopfilter, ipred_dc|h|v * Add section-5 raw OBU demuxer * Improve the speed by reducing the L2 cache collisions * Fix minor issues ==== dbus-1 ==== Version update (1.12.12 -> 1.12.16) Subpackages: libdbus-1-3 libdbus-1-3-32bit - Verify signatures * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian developer keyring. - Drop dbus_at_console.ck not needed - Clean up sources * Source2 dbus-1.desktop now Source4 * baselib.conf now source 3 - Update to 1.12.16 * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 authentication for identities that differ from the user running the DBusServer. Previously, a local attacker could manipulate symbolic links in their own home directory to bypass authentication and connect to a DBusServer with elevated privileges. The standard system and session dbus-daemons in their default configuration were immune to this attack because they did not allow DBUS_COOKIE_SHA1, but third-party users of DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of Apple Information Security. (bsc#1137832, dbus#269, Simon McVittie) - From 1.12.14 * Raise soft fd limit to match hard limit, even if unprivileged. This makes session buses with many clients, or with clients that make heavy use of fd-passing, less likely to suffer from fd exhaustion. (dbus!103, Simon McVittie) * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't reduce it to 64K, ensuring that we can put back the original fd limits