Changed packages:
==== aaa_base ====
Version update (13.2+git20140723.944f74b -> 13.2+git20140812.2531ded)
Subpackages: aaa_base-extras
- Muffle libGL error message when run under ssh (bnc#890189)
==== autoyast2 ====
Version update (3.1.53 -> 3.1.54)
Subpackages: autoyast2-installation
- Warning that an already existing autoyast configuration file will
be overwritten. (bnc#888546)
- 3.1.54
==== biosdevname ====
- Add mainline commit: 51b8cdb0b60df3baa
With this patch, the info can be showed correctly if there are two or more
PCI root ports in the same Bus ID/Device ID (bnc#890562)
Add: fix_several_PCI_root_ports_in_one_bus.patch
==== clutter-devel ====
Version update (1.18.2 -> 1.18.4)
Subpackages: libclutter-1_0-0 typelib-1_0-Clutter-1_0
- Update to version 1.18.4:
+ Improve touch events handling on X11
+ Fix opacity issues with canvas contents
+ Documentation updates.
+ Bugs fixed: bgo#728521, bgo#729144, bgo#730577, bgo#731268,
bgo#732143, bgo#732235, bgo#732234, bgo#733385, bgo#733560,
bgo#733300, bgo#733062, bgo#732907.
+ Updated translations.
==== cryptsetup ====
Version update (1.6.4 -> 1.6.5)
Subpackages: libcryptsetup4 libcryptsetup4-32bit
- version 1.6.5
* Allow LUKS header operation handling without requiring root privilege.
It means that you can manipulate with keyslots as a regular user, only
write access to device (or image) is required.
* Fix internal PBKDF2 key derivation function implementation for alternative
crypto backends (kernel, NSS) which do not support PBKDF2 directly and have
issues with longer HMAC keys.
* Support for Python3 for simple Python binding.
Python >= 2.6 is now required. You can set Python compiled version by setting
- -with-python_version configure option (together with --enable-python).
* Use internal PBKDF2 in Nettle library for Nettle crypto backend.
Cryptsetup compilation requires Nettle >= 2.6 (if using Nettle crypto backend).
* Allow simple status of crypt device without providing metadata header.
The command "cryptsetup status" will print basic info, even if you
do not provide detached header argument.
* Allow to specify ECB mode in cryptsetup benchmark.
* Add some LUKS images for regression testing.
Note that if image with Whirlpool fails, the most probable cause is that
you have old gcrypt library with flawed whirlpool hash.
Read FAQ section 8.3 for more info.
- Removed e2fsprogs-devel and libtool build requirements (not needed).
- Added libpwquality-devel and libuuid-devel build requirements.
- libcryptsetup4-hmac split off contain the hmac for FIPS certification
==== emacs ====
Subpackages: emacs-info emacs-nox emacs-x11 etags
- Add Utility category to .desktop file.
==== evolution ====
Version update (3.12.4 -> 3.12.5)
- Update to version 3.12.5:
+ Images in contact preview are not shown with webkitgtk3 2.4.x.
+ Add missing chain-up-s to parent's constructed() method.
+ Always use selected color for selected region in EDayView.
+ e_day_view_show_popup_menu: Avoid runtime warning from
tooltip_get_view_event.
+ Calendar View: Use smaller icons in the Search bar.
+ e_mail_folder_uri_build: Encode special characters in folder
names.
+ e_client_cache_get_client: Fix a memory leak.
+ Bugs fixed: bgo#732892, bgo#733295, bgo#733917.
+ Updated translations.
- Drop evolution-nomore-gnome-icon.patch: Fixed upstream.
- Set define need_autogen to 0, as we are not applying any patches
at the moment.
- Update evolution-nomore-gnome-icon.patch to match what upstream
does in git.
- Add pkgconfig(adwaita-icon-theme) BuildRequires: upstream wants
to check for the presence of the theme.
==== evolution-data-server ====
Version update (3.12.4 -> 3.12.5)
Subpackages: evolution-data-server-devel libcamel-1_2-49 libebackend-1_2-7 libebook-1_2-14 libebook-contacts-1_2-0 libecal-1_2-16 libedata-book-1_2-20 libedata-cal-1_2-23 libedataserver-1_2-18 typelib-1_0-EBook-1_2 typelib-1_0-EBookContacts-1_2 typelib-1_0-EDataServer-1_2
- Update to version 3.12.5:
+ Correct the test for g_subprocess_launcher_set_child_setup()
availability.
+ Add missing chain-up-s to parent's constructed() method.
+ Strip remote GDBus errors after talking to GOA.
+ [IMAPx] Add actual error message into 'Select failed' debug
log.
+ Bugs fixed: bgo#733183, bgo#732983, bgo#733081, bgo#732627.
+ Updated translations.
==== evolution-ews ====
Version update (3.12.4 -> 3.12.5)
Subpackages: evolution-ews-lang libeews-1_2-0 libewsutils0
- Update to version 3.12.5:
+ Add missing chain-up to parent's constructed() method.
+ Handle cookies (non-persistently).
+ SOUP_STATUS_IS_SUCCESSFUL(soup_session_send_message())
sends message twice.
+ Clean up enabling/disabling NTLM and Basic auth types.
+ Clean up logging slightly and make it more consistent.
+ Add camel_ews_settings_get_auth_mechanism() helper function.
+ Clean up Negotiate auth implementation to be a SoupAuth
subclass.
+ Bugs fixed: bgo#733274, bgo#703181, bgo#732850, bgo#703181,
bgo#733663, bgo#732850, bgo#732850.
==== gpg2 ====
Version update (2.0.25 -> 2.0.26)
- update to 2.0.26:
* gpg: Fix a regression in 2.0.24 if a subkey id is given
to --recv-keys et al.
* gpg: Cap attribute packets at 16MB.
* gpgsm: Auto-create the ".gnupg" home directory in the same
way gpg does.
* scdaemon: Allow for certificates > 1024 when using PC/SC.
- remove URL from package keyring, upstream file metadata changes
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-xen
- grub2-btrfs-fix-incorrect-address-reference.patch
* Fix incorrect address reference in GRUB_BTRFS_EXTENT_REGULAR
range check (bnc#869748)
- grub2-vbe-blacklist-preferred-1440x900x32.patch
* Blacklist preferred resolution 1440x900x32 which is broken on
many Thinkpads (bnc#888727)
==== libgtkhtml-4_0-0 ====
Version update (4.8.3 -> 4.8.4)
Subpackages: libgtkhtml-editor-4_0-0
- Update to version 4.8.4:
+ Miscellaneous: Add forgotten chain-up-s to parent's
constructed() method.
==== icedtea-web-javadoc ====
- Modified patch:
* icedtea-web-suse-desktop-files.patch
- Change categories for itweb-settings.desktop
==== install-initrd-openSUSE ====
Version update (14.125 -> 14.129)
- xorg-x11-server: libglx.so link changed
- 14.129
- xorg-x11-server uses update-alternatives
- 14.128
- remove libgcrypt20-hmac and libcryptsetup4-hmac dependency for now
- openssh-fips will be renamed to openssh-hmac probably
- add libgcrypt20-hmac and libcryptsetup4-hmac
- 14.127
- fix BuildRequires
- Added SuSEfirewall2 sysconfig configuration (bnc #887406)
- 14.126
==== java-1_7_0-openjdk-plugin ====
- Update alternatives code to match docu.
- Modified patch:
* icedtea-web-suse-desktop-files.patch
- Change categories for itweb-settings.desktop
==== java-1_8_0-openjdk ====
Subpackages: java-1_8_0-openjdk-headless
- Use icedtea-sound-1.0.1 release tarball
==== java-1_8_0-openjdk-plugin ====
- Update alternatives code to match docu.
- Modified patch:
* icedtea-web-suse-desktop-files.patch
- Change categories for itweb-settings.desktop
==== libkactivities6 ====
- Use kde4-macros for filelists: kactivities4 use kdelibs4 buildsystem
==== kiwi ====
Version update (5.06.149 -> 5.06.153)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-pxeboot kiwi-templates kiwi-tools
- v5.06.153 released
- Add RHEL7 JeOS template to kiwi-templates in spec file
- RHEL7 parted cannot set swap flag, skip this flag setup
- Added oemboot description for RHEL7
- Added vmxboot description for RHEL7
- Use lookup function to check for initrd tools pidof/killall5
- Use menu.c32 for live ISO boot menu if not gfxboot theme exists
- fix ovf file generation
+ missing name space qualifiers for
- Description, Info, Network, OperatingSystem, Name
+ tag mismatch on line 38 of .ovf file
+ missing entry in schemaLocation
- v5.06.152 released
- Use group_command=compat in yum.conf
if this is not used I get errors saying:
There is no installed groups file.
- Fixed file logging
log messages were still written to stdout/stderr
channels even if a logfile was set
- Added RHEL7 JeOS template
- Added isoboot description for RHEL7
- v5.06.151 released
==== libModemManagerQt0 ====
- Build with %optflags
- Move away from kde4-macros in filelist: libModemManager doesn't
use kdelibs4 buildsystem
==== libNetworkManagerQt1 ====
- Move away from kde4-macros in filelist: libNetworkManagerQt doesn't
use kdelibs4 buildsystem
==== libgcrypt-devel ====
Subpackages: libgcrypt20 libgcrypt20-32bit
- split off the -hmac package that contains the checksums
==== libkfbapi1 ====
- Use kde4-macros for filelists, libkfbapi uses kdelibs4 buildsystem
==== libpwquality1 ====
- Avoid conflict in installation-images-openSUSE with cryptsetup:
+ Only recommend, insted of Require cracklib-dict-full.
+ Require cracklib-dict.
==== libstorage-ruby ====
Subpackages: libstorage5
- also remove crypt devices during deactivation (bnc#888128)
==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen
- bnc#820399 - virsh blockcopy should refuse identical device
blockcopy-check-dst-identical-device.patch
==== linux-glibc-devel ====
Version update (3.15.1 -> 3.16)
- Update to kernel headers from 3.16
==== libfreebl3 ====
Version update (3.16.3 -> 3.16.4)
Subpackages: libfreebl3-32bit libsoftokn3 libsoftokn3-32bit mozilla-nss mozilla-nss-32bit mozilla-nss-certs mozilla-nss-certs-32bit mozilla-nss-devel mozilla-nss-tools
- update to 3.16.4
* now required for Firefox 32
Notable Changes:
* The following 1024-bit root CA certificate was restored to allow more
time to develop a better transition strategy for affected sites. It was
removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy
forum led to the decision to keep this root included longer in order to
give website administrators more time to update their web servers.
- CN = GTE CyberTrust Global Root
* In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification
Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit
intermediate CA certificate has been included, without explicit trust.
The intention is to mitigate the effects of the previous removal of the
1024-bit Entrust.net root certificate, because many public Internet
sites still use the "USERTrust Legacy Secure Server CA" intermediate
certificate that is signed by the 1024-bit Entrust.net root certificate.
The inclusion of the intermediate certificate is a temporary measure to
allow those sites to function, by allowing them to find a trust path to
another 2048-bit root CA certificate. The temporarily included
intermediate certificate expires November 1, 2015.
==== obs-service-format_spec_file ====
- do not enter empty license line if not found (eg in include file)
- update prepare_spec from git to fix (bnc#891152)
==== obs-service-source_validator ====
- update from git:
- more work on dealing with util-linux
- update from git:
- hack for util-linux specfiles (bnc#891829)
==== libopagent1 ====
Subpackages: oprofile
- Add support for Intel Silvermont processor (bnc#891892)
New patch: oprofile-add-support-for-intel-silvermont-processor.patch
==== pesign-obs-integration ====
- switch gen-hmac to use fipscheck instead of sha256hmac
==== libphonon4 ====
Version update (4.7.2 -> 4.7.80)
Subpackages: phonon-devel
- Update to 4.7.80
* 4.8 beta: PA interaction improvements, documentation fixes and
standard bugfixes
- Move away from kde4-filesystem macros: phonon doesn't use kdelibs4
buildsystem
==== phonon-backend-gstreamer ====
Version update (4.7.2~git20140418 -> 4.7.80)
- Update to 4.7.80
* 4.8 beta: PA interaction improvements, documentation fixes and
standard bugfixes
- Bump phonon (Build)Requires to 4.7.80
==== libpulse-devel ====
Subpackages: libpulse-mainloop-glib0 libpulse0 libpulse0-32bit pulseaudio pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Add pulseaudio-bnc881524-rtp.patch. CVE-2014-3970
Denial of service in module-rtp-recv
==== python-Babel ====
- Removed un-needed BuildRequire for timezone
- Added 0001-disable_timezone_tests.patch
+ Disabling tests so package will build. Tests can be re-enabled
when upstream bug is resolved (gh#mitsuhiko/babel#106)
==== sbl ====
- Get rid of files using the old SUSE spelling (bnc#889007).
==== libsss_idmap0 ====
Version update (1.11.5.1 -> 1.12.0)
Subpackages: sssd sssd-32bit sssd-krb5-common sssd-ldap
- Update to new upstream release 1.12.0
* A new responder, called InfoPipe was added. This responder
provides a public D-Bus interface accessible over the system bus.
In this release, methods for retrieving user attributes and list
of groups were added as well as objects representing SSSD domains
and processes. (The next 1.12.x releases will publish objects
representing users and groups, too.)
* SSSD provides an ID-mapping plugin for cifs-utils so that Windows
SIDs can be mapped onto POSIX IDs and/or names without requiring
Winbind and using the same code as the SSSD uses for identity
information.
* First phase of Group Policy-based access control for the AD
provider was added. At the moment, the gpo-ldap component that
downloads the list of GPOs that apply for the specific client has
been implemented as well as the gpo-smb component that retrieves
the group policy files and determines the access control check
results based on those files. Future improvements will focus on
storing the GPO policies as local files and mapping the Windows
logon rights onto Linux PAM services.
* Added a new library called sss_sifp that provides a simple
synchronous API for communication with our new InfoPipe responder
over the system bus.
- Remove 0001-BUILD-Link-libsss_ldap_common.so-to-libsss_idmap.so.patch
(merged upstream)
- Provide "rcsssd" in systemd environments
- Ensure sssd is always startable by removing /var/lib/sss/db/*.ldb
on package installation so as to avoid potentially cache
format incompatibility which would cause sssd to exit
==== libstreamanalyzer0 ====
- Move away from kde4-filesystem macros: strigi doesn't use kdelibs4
buildsystem
- Add libstreamanalyzer0 to baselibs.conf to make libkde4-32bit
installable, it requires libstreamanalyzer0.so.0()(32bit) which
is not provided by libstrigi0-32bit any more
==== libtelepathy-farstream3 ====
- Add tp-fs-add-mising-break-in-switch-block.patch, call-stream:
add mising 'break' in switch block (fdo#79006). Patch from
upstream git.
==== xorg-x11-server ====
Subpackages: xorg-x11-server-extra xorg-x11-server-sdk
- only add /etc/alternatives/libglx.so as ghost on suse >= 1315
- added /etc/alternatives/libglx.so as ghost
- moved libglx-xorg.so to xorg/xorg-libglx.so to avoid messup in case
anybody runs ldconfig in modules/extensions
- make use of update-alternatives for libglx.so (FATE#317822)
==== yast2-bootloader ====
Version update (3.1.85 -> 3.1.87)
- AutoYaST clone_system: Not using "next" in a ruby "reduce" call.
(bnc#891079)
- 3.1.87
- Fixed adding a crashkernel parameter to xen_append if the latter
is missing. kdump.service would fail then (bnc#886843)
- 3.1.86
Removed packages:
bundle-lang-common-ca
cracklib-dict-small
pulseaudio-esound-compat
Added packages:
esound-daemon
libsss_nss_idmap0