Packages changed: ImageMagick (7.0.10.35 -> 7.0.10.43) Mesa (20.2.2 -> 20.2.3) Mesa-drivers (20.2.2 -> 20.2.3) MozillaThunderbird (78.4.3 -> 78.5.0) adaptec-firmware alsa-firmware atmel-firmware autoyast2 (4.3.62 -> 4.3.63) binutils (2.35 -> 2.35.1) bison (3.7.3 -> 3.7.4) bluez-firmware c-ares (1.16.1 -> 1.17.0) calendarsupport cifs-utils clazy (1.7 -> 1.8) coreutils cpio cryptsetup dbus-1 dconf-editor (3.38.0 -> 3.38.2) devhelp (3.38.0 -> 3.38.1) distribution-logos-openSUSE (20190414 -> 20201117) dosfstools drbd-utils e2fsprogs ed eog (3.38.0 -> 3.38.1) eog-plugins (3.26.5 -> 3.26.6) evolution (3.38.1 -> 3.38.2) evolution-data-server (3.38.1 -> 3.38.2) evolution-ews (3.38.1 -> 3.38.2) filesystem fillup findutils flatpak (1.8.2 -> 1.8.3) fuse fuse3 fwupd gcc gcc10 (10.2.1+git872 -> 10.2.1+git958) gcc7 gedit (3.38.0 -> 3.38.1) gedit-plugins (3.38.0 -> 3.38.1) git glade (3.38.1 -> 3.38.2) glibmm2_4 (2.64.2 -> 2.64.4) gnome-calculator (3.38.1 -> 3.38.2) gnome-control-center (3.38.1 -> 3.38.2) gnome-desktop (3.38.1 -> 3.38.2) gnome-documents gnome-maps (3.38.1.1 -> 3.38.2) gnome-music (3.38.1 -> 3.38.2) gnome-settings-daemon gnome-shell gnome-software gnome-user-docs (3.38.1 -> 3.38.2) gpg2 (2.2.23 -> 2.2.25) gpgme (1.14.0 -> 1.15.0) gpgmeqt (1.14.0 -> 1.15.0) grep (3.5 -> 3.6) gstreamer-editing-services (1.18.0 -> 1.18.1) gtk3 (3.24.23 -> 3.24.23+118) gzip hwinfo (21.70 -> 21.71) initviocons inkscape insserv-compat ipset (7.6 -> 7.9) ipw-firmware java-11-openjdk (11.0.9.0 -> 11.0.9.1) javapackages-tools jhbuild (3.36.0+1 -> 3.38.0+3) kaddressbook kbd kernel-64kb (5.9.8 -> 5.9.10) kernel-firmware (20201023 -> 20201120) kernel-source (5.9.8 -> 5.9.10) keyutils kglobalaccel kompare libX11 (1.6.12 -> 1.7.0) libfido2 libical libical-glib libksba (1.4.0 -> 1.5.0) libostree (2020.3 -> 2020.8) libqt5-qtbase (5.15.1 -> 5.15.2) libqt5-qtconnectivity (5.15.1 -> 5.15.2) libqt5-qtdeclarative (5.15.1 -> 5.15.2) libqt5-qtgraphicaleffects (5.15.1 -> 5.15.2) libqt5-qtimageformats (5.15.1 -> 5.15.2) libqt5-qtlocation (5.15.1 -> 5.15.2) libqt5-qtmultimedia (5.15.1 -> 5.15.2) libqt5-qtnetworkauth (5.15.1 -> 5.15.2) libqt5-qtquickcontrols (5.15.1 -> 5.15.2) libqt5-qtquickcontrols2 (5.15.1 -> 5.15.2) libqt5-qtscript (5.15.1 -> 5.15.2) libqt5-qtsensors (5.15.1 -> 5.15.2) libqt5-qtserialport (5.15.1 -> 5.15.2) libqt5-qtspeech (5.15.1 -> 5.15.2) libqt5-qtsvg (5.15.1 -> 5.15.2) libqt5-qttools (5.15.1 -> 5.15.2) libqt5-qttranslations (5.15.1 -> 5.15.2) libqt5-qtvirtualkeyboard (5.15.1 -> 5.15.2) libqt5-qtwayland (5.15.1 -> 5.15.2) libqt5-qtwebchannel (5.15.1 -> 5.15.2) libqt5-qtwebengine (5.15.1 -> 5.15.2) libqt5-qtwebsockets (5.15.1 -> 5.15.2) libqt5-qtx11extras (5.15.1 -> 5.15.2) libqt5-qtxmlpatterns (5.15.1 -> 5.15.2) librsvg (2.50.1 -> 2.50.2) libselinux libsepol libsigc++2 (2.10.4 -> 2.10.6) libtirpc libuv (1.39.0 -> 1.40.0) libvirt libxkbcommon (1.0.1 -> 1.0.3) libxml2 libyui (3.12.1 -> 3.12.2) libyui-qt (2.56.2 -> 2.56.3) libzip lz4 (1.9.2 -> 1.9.3) malcontent mariadb (10.5.6 -> 10.5.8) mozilla-nss (3.57 -> 3.58) mutt (1.14.7 -> 2.0.2) nautilus (3.38.1 -> 3.38.2) nodejs14 (14.15.0 -> 14.15.1) nvme-cli openssh ovmf pam (1.4.0 -> 1.5.0) pam_mount (2.16 -> 2.17) perl perl-HTTP-Cookies (6.08 -> 6.09) polkit-default-privs (1550+20201103.994a5ed -> 1550+20201119.2c1dce4) protobuf (3.12.3 -> 3.14.0) python-attrs (20.2.0 -> 20.3.0) python-certifi (2020.6.20 -> 2020.11.8) python-h2 (3.2.0 -> 4.0.0) python-libxml2 python-mailman (3.3.1 -> 3.3.2) python-passlib (1.7.2 -> 1.7.4) python-pycups python-qt5 (5.15.1 -> 5.15.2) python-sniffio (1.1.0 -> 1.2.0) python38 python38-core python38-documentation qemu qpdf (10.0.3 -> 10.0.4) raspberrypi-firmware-dt remmina (1.4.8 -> 1.4.9) rsyslog rubygem-rubocop (1.2.0 -> 1.4.2) rubygem-rubocop-ast (1.1.0 -> 1.1.1) salt samba (4.13.0+git.138.ff2d5480c67 -> 4.13.2+git.176.0a5e55b510c) schily scim sudo (1.9.2 -> 1.9.3p1) system-users systemd-default-settings (0.4 -> 0.5) systemd-presets-branding-openSUSE tar tcsh (6.22.02 -> 6.22.03) technisat-usb2-firmware tepl (5.0.0 -> 5.0.1) tigervnc tk tracker tracker-miners u-boot-rpiarm64 usbutils (012 -> 013) vala (0.50.1 -> 0.50.2) vim (8.2.1975 -> 8.2.2039) webkit2gtk3 (2.30.2 -> 2.30.3) wxWidgets-3_2-nostl xfce4-branding-openSUSE xlockmore (5.65 -> 5.66) xprop (1.2.4 -> 1.2.5) xtables-addons (3.11_k5.9.8_2 -> 3.12_k5.9.10_1) yast2 (4.3.41 -> 4.3.44) yast2-alternatives (4.2.3 -> 4.3.0) yast2-bootloader (4.3.15 -> 4.3.16) yast2-firstboot (4.3.7 -> 4.3.8) yast2-journal (4.2.2 -> 4.3.0) yast2-network (4.3.27 -> 4.3.30) yast2-nis-client (4.3.4 -> 4.3.5) yast2-ruby-bindings (4.3.9 -> 4.3.11) yast2-storage-ng (4.3.20 -> 4.3.24) yast2-trans (84.87.20201108.e4c58f8262 -> 84.87.20201122.ac554fbdd6) yast2-ycp-ui-bindings (4.3.6 -> 4.3.7) yelp (3.38.1 -> 3.38.2) yelp-xsl (3.38.1 -> 3.38.2) zbar (0.23 -> 0.23.1) zlib === Details === ==== ImageMagick ==== Version update (7.0.10.35 -> 7.0.10.43) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI4 - version update to 7.0.10.43 * add padding to AcquirePolicyString(). * revert memory patch to avert possible thread lock. * add support for FilmLight FL32 image format. * remove Linux shell artifact from Windows delegate configuration file. * fix shell injection vulnerability via the -authenticate option (reference alex@cure...). * support DPX 4:2:2 sampling. * Release ImageMagick version 7.0.10-38 GIT revision 17815:bf51a3f1f:20201114 * add image settings support to -fx. * better support for TIFF YCbCr photometric. * verify TTF glyph format before dereferencing (reference https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26932). * force single HEIC image per container. * Release ImageMagick version 7.0.10-37 GIT revision 17780:47a8392ef:20201107 * check and report if profile is corrupt. * do not add entropy based on mkstemp() unique filename. ==== Mesa ==== Version update (20.2.2 -> 20.2.3) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - update to 20.2.3 * third bugfix release for the 20.2 branch ==== Mesa-drivers ==== Version update (20.2.2 -> 20.2.3) Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 - update to 20.2.3 * third bugfix release for the 20.2 branch ==== MozillaThunderbird ==== Version update (78.4.3 -> 78.5.0) - Mozilla Thunderbird 78.5.0 MFSA 2020-52 (bsc#1178894) * CVE-2020-26951 (bmo#1667113) Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012 (bmo#1642028) Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953 (bmo#1656741) Fullscreen could be enabled without displaying the security UI * CVE-2020-26956 (bmo#1666300) XSS through paste (manual and clipboard API) * CVE-2020-26958 (bmo#1669355) Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959 (bmo#1669466) Use-after-free in WebRequestService * CVE-2020-26960 (bmo#1670358) Potential use-after-free in uses of nsTArray * CVE-2020-15999 (bmo#1672223) Heap buffer overflow in freetype * CVE-2020-26961 (bmo#1672528) DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965 (bmo#1661617) Software keyboards may have remembered typed passwords * CVE-2020-26966 (bmo#1663571) Single-word search queries were also broadcast to local network * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697, bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479, bmo#1671923) Memory safety bugs fixed in Thunderbird 78.5 - removed obsolete mozilla-rust-1.47.patch ==== adaptec-firmware ==== - Use %_firmwaredir ==== alsa-firmware ==== - Fix build with older distros without %_firmwaredir ==== atmel-firmware ==== - use %_firmwaredir ==== autoyast2 ==== Version update (4.3.62 -> 4.3.63) Subpackages: autoyast2-installation - Rules download: The result will be stored in the target file when the download has failed. This file has to be removed (bsc#1178804) - 4.3.63 ==== binutils ==== Version update (2.35 -> 2.35.1) Subpackages: libctf-nobfd0 libctf0 - Reapply spec file cleanup from format_spec_file - Remove a SLE10 version check - Update to 2.35.1 and rebased branch diff: * This is a point release over the previous 2.35 version, containing bug fixes, and as an exception to the usual rule, one new feature. The new feature is the support for a new directive in the assembler: ".nop". This directive creates a single no-op instruction in whatever encoding is correct for the target architecture. Unlike the .space or .fill this is a real instruction, and it does affect the generation of DWARF line number tables, should they be enabled. ==== bison ==== Version update (3.7.3 -> 3.7.4) Subpackages: bison-lang - GNU bison 3.7.4: * In Yacc mode, YYEMPTY token was missing its macro definiton * Fix lalr1.cc skeleton internal assertions * Make macro YY_ASSERT obey the api.prefix %define variable * Work around C++ limitations for long assertions * The YYBISON macro in generated "regular C parsers" is now defined to the version of Bison as an integer ==== bluez-firmware ==== - use %_firmwaredir ==== c-ares ==== Version update (1.16.1 -> 1.17.0) - add BR for pkg-config to get the provides in the devel package - ares_dns.h, missing_header.patch: re-add missing header in last release - Version update to 1.17.0 Security: * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during fuzzing * Avoid theoretical buffer overflow in RC4 loop comparison * Empty hquery->name could lead to invalid memory access * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was passed in (bsc#1178882, CVE-2020-8277) Changes: * Update help information for adig, acountry, and ahost * Test Suite now uses dynamic system-assigned ports rather than hardcoded ports to prevent failures in containers * Detect remote DNS server does not support EDNS using rules from RFC 6891 * Source tree has been reorganized to use a more modern layout * Allow parsing of CAA Resource Record Bug fixes: * readaddrinfo bad sizeof() * Test cases should honor HAVE_WRITEV flag, not depend on WIN32 * FQDN with trailing period should be queried first * ares_getaddrinfo() was returning members of the struct as garbage values if unset, and was not honoring ai_socktype and ai_protocol hints. * ares_gethostbyname() with AF_UNSPEC and an ip address would fail * Properly document ares_set_local_ip4() uses host byte order For details, see https://c-ares.haxx.se/changelog.html - add missing upstream sources, to be removed for next release - remove unnecessary BuildRequires - fix building on SLE12 systems ==== calendarsupport ==== Subpackages: calendarsupport-lang libKF5CalendarSupport5 - Add upstream patch to fix build with Qt 5.15.2: * 0001-Port-away-from-deprecated-QPrinter-functions.patch ==== cifs-utils ==== - prepare usrmerge (boo#1029961) ==== clazy ==== Version update (1.7 -> 1.8) - Update to 1.8: * New Checks: - qt6-qhash-signature - qt6-qdir-fixes - qt6-header-fixes - qt6-deprecated-api-fixes - use-chrono-in-qtimer - fixit for missing-qobject-macro - Drop patches merged upstream: * 0001-updated-for-compatibility-with-LLVM-10.patch * 0001-updated-for-compatibility-with-LLVM-10-clazy-standal.patch - Make sure the clang executables matching the libraries we link to are installed (mitigates boo#1178637). ==== coreutils ==== Subpackages: coreutils-doc - prepare usrmerge (boo#1029961) ==== cpio ==== Subpackages: cpio-mt - prepare usrmerge (boo#1029961) ==== cryptsetup ==== Subpackages: libcryptsetup12 libcryptsetup12-hmac - prepare usrmerge (boo#1029961) ==== dbus-1 ==== Subpackages: libdbus-1-3 - prepare usrmerge (boo#1029961) ==== dconf-editor ==== Version update (3.38.0 -> 3.38.2) - Update to version 3.38.2: + Updated translations. ==== devhelp ==== Version update (3.38.0 -> 3.38.1) Subpackages: emacs-plugin-devhelp gedit-plugin-devhelp vim-plugin-devhelp - Update to version 3.38.1: + Updated translations. ==== distribution-logos-openSUSE ==== Version update (20190414 -> 20201117) - Add favicon.ico format - Remove obsolete Groups tag (fate#326485) ==== dosfstools ==== - prepare usrmerge (boo#1029961) ==== drbd-utils ==== - prepare usrmerge (boo#1029961) ==== e2fsprogs ==== Subpackages: e2fsprogs-scrub libcom_err2 libext2fs2 - prepare usrmerge (boo#1029961) ==== ed ==== - prepare usrmerge (boo#1029961) ==== eog ==== Version update (3.38.0 -> 3.38.1) - Update to version 3.38.1: + Bugs fixed: glgo#GNOME/eog!77, glgo#GNOME/eog!81, glgo#GNOME/eog#154. + Updated translations. ==== eog-plugins ==== Version update (3.26.5 -> 3.26.6) - Update to version 3.26.6: + Replace projects.gnome.org URLs with gitlab.gnome.org URLs. + Replace Bugzilla URLs with gitlab.gnome.org URLs. + Updated translations. ==== evolution ==== Version update (3.38.1 -> 3.38.2) Subpackages: evolution-plugin-bogofilter evolution-plugin-pst-import evolution-plugin-spamassassin evolution-plugin-text-highlight - Update to version 3.38.2: + Reuse existing mail session when generating import preview + Fix two memory leaks related to data import + e-convert.js: Missing line breaks with nested paragraphs + ECompEditor: Extract plain email address from backend property + Mail: Disable 'Export to PDF' on drag & drop + ECompEditor: Add easy way to open URLs in the Location field + Calendar: Linkify URL and Location in import component preview + Adapt html editor tests after "I#1158 - Composer: Disable spellcheck of quoted text" + html-editor: Update unit tests after change for I#1204 + help: - Fix broken xpointer namespaces - Fix broken xinclude for license in footer + Bugs fixed: glgo#GNOME/evolution#913, glgo#GNOME/evolution#1122, glgo#GNOME/evolution#1133, glgo#GNOME/evolution#1139, glgo#GNOME/evolution#1140, glgo#GNOME/evolution#1148, glgo#GNOME/evolution#1156, glgo#GNOME/evolution#1158, glgo#GNOME/evolution#1160, glgo#GNOME/evolution#1170, glgo#GNOME/evolution#1171, glgo#GNOME/evolution#1175, glgo#GNOME/evolution#1197, glgo#GNOME/evolution#1204, glgo#GNOME/evolution#1206, glgo#GNOME/evolution#1207, glgo#GNOME/evolution#1213, glgo#GNOME/evolution#1214, glgo#GNOME/evolution#1230, glgo#GNOME/evolution!68, glgo#GNOME/evolution!71. + Updated translations. ==== evolution-data-server ==== Version update (3.38.1 -> 3.38.2) Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-25 libedataserverui-1_2-2 - Update to version 3.38.2: + Calendar: Fix a possible leak in e_cal_util_parse_ics_string() + ECalCache: Avoid runtime warning from ecc_update_timezones_table() + EReminderWatcher: Default alarm range should be from the day begin + EBufferTagger: Derive link color from the theme + EBook/CalBackend: Correct free function for the pending_operations queue + Bugs fixed: glgo#GNOME/evolution-data-server#81, glgo#GNOME/evolution-data-server#257, glgo#GNOME/evolution-data-server#260, glgo#GNOME/evolution-data-server#269, glgo#GNOME/evolution-data-server#272, glgo#GNOME/evolution-data-server#273, glgo#GNOME/evolution-data-server!46, glgo#GNOME/evolution-data-server!47, glgo#GNOME/evolution-data-server!50. + Updated translations. ==== evolution-ews ==== Version update (3.38.1 -> 3.38.2) - Update to version 3.38.2: + Listen for change notifications only on user folders + Calendar: Copy 'X-MICROSOFT-SKYPETEAMSMEETINGURL' into 'URL' property + Preset OAuth2 Client ID for Office365 + Bugs fixed: glgo#GNOME/evolution-ews#32 + Updated translations. ==== filesystem ==== - /proc and /sys should be %ghost to allow filesystem package updates in rootless container environments (rh#1548403) ==== fillup ==== - prepare usrmerge (boo#1029961) ==== findutils ==== - prepare usrmerge (boo#1029961) ==== flatpak ==== Version update (1.8.2 -> 1.8.3) Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0 - Update to version 1.8.3: + Fixed progress reporting for OCI and extra-data. + The in-memory summary cache is more efficient. + Fixed authentication getting stuck in a loop in some cases. + Fixed authentication error reporting. + We now extract OCI info for runtimes as well as apps. + Fixed crash if anonymous authentication fails and -y is specified. + flatpak info now only looks at the specified installation if one is specified. + Better error reporting for server HTTP errors during download. + Uninstall now removes applications before the runtime it depends on. + Fixed test-suite to pass with the latest OSTree version. + Fixed dbus environment variables in flatpak enter. + Avoid updating metadata from the remote when uninstalling. + Fixed error message handling in various places. + FlatpakTransaction now verifies all passed in refs to avoid. + potential issues with invalid names. + Updated translations. ==== fuse ==== Subpackages: libfuse2 - prepare usrmerge (boo#1029961) ==== fuse3 ==== Subpackages: libfuse3-3 - Drop /sbin links; they do not seem to be used from anywhere. - Package "permission" is required in %post, not %pre. - Update descriptions. ==== fwupd ==== Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0 - Obsoletes and Provides dbxtool since fwupd 1.5.0+ now embeds dbxtool in the dbxtool plugin ==== gcc ==== Subpackages: cpp gcc-info libstdc++-devel - BuildRequire packages we build symlinks to. [bsc#1178675] ==== gcc10 ==== Version update (10.2.1+git872 -> 10.2.1+git958) Subpackages: cpp10 gcc10-info libasan6 libatomic1 libgcc_s1 libgfortran5 libgomp1 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc10 libstdc++6-locale libstdc++6-pp-gcc10 libtsan0 libubsan1 - Add gcc10-amdgcn-llvm-as.patch to fix build of amdgcn offload compiler with llvm11. - Update to gcc-10 branch head (98ba03ffe0b9f37b4916ce6238), git958. * Includes fix for memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Fix 32bit libgnat.so link. [bsc#1178675] ==== gcc7 ==== - Add gcc7-aarch64-moutline-atomics.patch to backport the aarch64 - moutline-atomics feature and accumulated fixes but not its default enabling. [jsc#SLE-12209] - Order gcc7-pr92692.patch after gcc7-aarch64-moutline-atomics.patch and refresh. - Revert gcc7-pr97774.patch as it causes gdb to crash. - Fix 32bit libgnat.so link. [bsc#1178675] - Quote %{cross_arch} consistently when comparing expansion against string in RPM %if condition. - Add gcc7-pr97535.patch to fix memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Add gcc7-pr97774.patch to fix debug line info for try/catch. [bsc#1178614] ==== gedit ==== Version update (3.38.0 -> 3.38.1) Subpackages: python3-gedit - Update to version 3.38.1: + AppData: change donation URL to Liberapay. + Improvements to the user manual. + Updated translations. ==== gedit-plugins ==== Version update (3.38.0 -> 3.38.1) Subpackages: gedit-plugins-data - Update to version 3.38.1: + Updated translations. ==== git ==== Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk - only pull asciidoctor for the default ruby version ==== glade ==== Version update (3.38.1 -> 3.38.2) Subpackages: libgladeui-2-13 - Update to version 3.38.2: + Fix windows compatibility issues. + Fix build against Python 3.9. + Bugs fixed: glgo#GNOME/glade#355, glgo#GNOME/glade#53, glgo#GNOME/glade#371. ==== glibmm2_4 ==== Version update (2.64.2 -> 2.64.4) Subpackages: libgiomm-2_4-1 libglibmm-2_4-1 - Update to version 2.64.4: + Glib: PropertyProxyConnectionNode::connect_changed(): Fix using without property name. + gmmproc: - Add optional decl_prefix parameter to _WRAP_GERROR and _WRAP_ENUM. Used for adding GLIBMM_API or similar for MS Visual C++. - Allow decorating comparison operators (for Visual Studio builds). - _CLASS_BOXEDTYPE, _CLASS_OPAQUE_COPYABLE: Fix move assignment. - Decorate private generated classes with __declspec when building with Visual Studio. - generate_wrap_init.pl.in: Use g_type_ensure(SomeClass::get_type()) to ensure that get_type() is called. + Build: - Use __declspec(dllexport) consistently when building glibmm with Visual Studio. - Meson build: Set default value of the 'warnings' option to 'min'. - Improve NMake support. - Improve Visual Studio support. - docs/reference/: Update for Doxygen >= 1.8.16. - Meson build: Fix versioning on macOS. + Documentation: - Glib::BalancedTree docs: Recommend std::map or std::unordered_map. - Meson build: Add missing Glib::Value and Variant documentation. - Add meson BuildRequires and macros, following upstreams port. - Add doxygen, graphviz-devel and xsltproc BuildRequires: Needed for building documentation. ==== gnome-calculator ==== Version update (3.38.1 -> 3.38.2) Subpackages: gnome-shell-search-provider-gnome-calculator - Update to version 3.38.2: + Fixed radians and degrees preference swapped. + Updated translations. ==== gnome-control-center ==== Version update (3.38.1 -> 3.38.2) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces - Update to version 3.38.2: + Applications: Fix NULL hash table being unreffed. + Keyboard: Fix gtk_widget_get_can_default assertion error. + Network: Correctly detect when ethernet devices are hotplugged. + Printers: - Make printers panel have a smaller minimum width. - Fix leak of printer name in callbacks. + Sharing: Disable Tracker 3. + Sound: Update libgvc to add support for recent UCM related changes in ALSA and PulseAudio. + Users: Fix free of const string. + Wacom: Fix a critical warning if loading a cursor fails. + Updated translations. ==== gnome-desktop ==== Version update (3.38.1 -> 3.38.2) Subpackages: gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0 - Update to version 3.38.2: + Updated translations. ==== gnome-documents ==== Subpackages: gnome-shell-search-provider-documents - Remove BuildRequires pkgconfig(libgepub-0.6), no longer needed since epub support is in gnome-books now. ==== gnome-maps ==== Version update (3.38.1.1 -> 3.38.2) - Update to version 3.38.2: + Updated translations. ==== gnome-music ==== Version update (3.38.1 -> 3.38.2) - Update to version 3.38.2: + Do not make display an empty view on launch. + Fix new songs retrieval when they are added to the music directory. + Fix artist queries to retrieve art. + Fix playlist sorting crash. + Wrong checkbox style in AlbumWidget. + Updated translations. ==== gnome-settings-daemon ==== - No longer pass - -libexecdir=%{_libexecdir}/gnome-settings-daemon-3.0 to meson, but revert back to the default. The generated files contain use libexecdir for own generated files (correct) but also to identify where to find gnome-session-ctl, which for obvious reasons is not in libexecdir/gnome-settings-daemon-3.0. ==== gnome-shell ==== Subpackages: gnome-shell-calendar - Fix crash which can be triggerd with steam or claws mail: https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/98234acd5b48a58c2d112b5edb3dddb85e04a643.patch ==== gnome-software ==== Subpackages: libgnomesoftware-3_38_0 - Added gnome-packagekit as recommended dependency: gnome-software-launch-gpk-update-viewer-for-updates.patch needs gnome-packagekit to work (SLE only). ==== gnome-user-docs ==== Version update (3.38.1 -> 3.38.2) - Update to version 3.38.2: + Improvements to docs for Contacts. + Improvements to docs for Files. + Updates to docs for background settings. + Updated translations. ==== gpg2 ==== Version update (2.2.23 -> 2.2.25) Subpackages: dirmngr - GnuPG 2.2.25: * scd: Fix regression in 2.2.24 requiring gpg --card-status before signing or decrypting * gpgsm: Using Libksba 1.5.0 signatures with a rarely used combination of attributes can now be verified - GnuPG 2.2.24: * gpg: New command --quick-revoke-sig * gpg: Do not use weak digest algos if selected by recipient preference during sign+encrypt * gpg: Switch to AES256 for symmetric encryption in de-vs mode * gpg: Silence weak digest warnings with --quiet * gpg: Print new status line CANCELED_BY_USER for a cancel during symmetric encryption * gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. This is in particular needed for keys created from existing smartcard based keys * agent: Fix secret key import of GnuPG 2.3 generated Ed25519 keys * agent: Keep some permissions of private-keys-v1.d * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and gnutls builds * dirmngr: Fix the pool keyserver case for a single host in the pool * scd: Fix the use case of verify_chv2 by CHECKPIN * scd: Various improvements to the ccid-driver * scd: Minor fixes for Yubikey * gpgconf: New option --show-versions * i18n: Complete overhaul and completion of the Italian translation ==== gpgme ==== Version update (1.14.0 -> 1.15.0) Subpackages: libgpgme11 libgpgmepp6 python3-gpg - gpgme 1.15.0: * New function gpgme_op_setexpire to make changing the expiration easier * New function gpgme_op_revsig to revoke key signatures * Support exporting secret keys * cpp: Support for set expire operations in the C++ bindings * cpp: Support for revoking key signatures in the C++ bindings * qt: Extended ChangeExpiryJob to support changing the expiry of subkeys * qt: Extended QuickJob to support revoking of key signatures * qt: Added QDebug stream operator for GpgME::Error. * Require libgpg-error 1.36 ==== gpgmeqt ==== Version update (1.14.0 -> 1.15.0) - gpgme 1.15.0: * New function gpgme_op_setexpire to make changing the expiration easier * New function gpgme_op_revsig to revoke key signatures * Support exporting secret keys * cpp: Support for set expire operations in the C++ bindings * cpp: Support for revoking key signatures in the C++ bindings * qt: Extended ChangeExpiryJob to support changing the expiry of subkeys * qt: Extended QuickJob to support revoking of key signatures * qt: Added QDebug stream operator for GpgME::Error. * Require libgpg-error 1.36 ==== grep ==== Version update (3.5 -> 3.6) - Update to grep 3.6 * The GREP_OPTIONS environment variable no longer affects grep's behavior. * grep's DFA matcher performed an invalid regex transformation that would convert an ERE like a+a+a+ to a+a+, which would make grep a+a+a+ mistakenly match "aa". * grep -P now reports the troublesome input filename upon PCRE execution failure. - werror-return-type.patch: work around gcc bug - prepare usrmerge (boo#1029961) ==== gstreamer-editing-services ==== Version update (1.18.0 -> 1.18.1) Subpackages: libges-1_0-0 typelib-1_0-GES-1_0 - Fix minimum version of pkgconfig(gst-validate-1.0) BuildRequires. - Update to 1.18.1: + Highlighted bugfixes in 1.18.1 - important security fixes - bug fixes and memory leak fixes - various stability and reliability improvements + gst-editing-services changes: - ges: Do not recreate auto-transitions when changing clip assets - ges: Fix a copy/paste mistake in meson file ==== gtk3 ==== Version update (3.24.23 -> 3.24.23+118) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Update to version 3.24.23+118: + cssnode: Bail out nicely if there is no settings (#2780). + gdk/wayland: Add support for primary-selection-unstable-v1 (#2591). + wayland: Emit dummy configure event when resizing while fixed. + colorchooser: Backport the new color palette. + gdk: Fix parent relative background crash. + Updated translations. ==== gzip ==== - prepare usrmerge (boo#1029961) ==== hwinfo ==== Version update (21.70 -> 21.71) - merge gh#openSUSE/hwinfo#89 - rework network device detection on aarch64 (bsc#1177600, bsc#1177261) - 21.71 ==== initviocons ==== - prepare usrmerge (boo#1029961) ==== inkscape ==== Subpackages: inkscape-extensions-extra inkscape-extensions-gimp - Switch to ninja; probably fixes intermittent build failure (bsc#1177208). ==== insserv-compat ==== - prepare usrmerge (boo#1029961) - filter legacy init script warnings. The whole point of this package is to have them. So has to pass even when the check is switched to fatal. ==== ipset ==== Version update (7.6 -> 7.9) Subpackages: libipset13 - Update to release 7.9 * Enable memory accounting for ipset allocations * Expose the initval hash parameter to userspace * Add bucketsize parameter to all hash types * Support the -exist flag with the destroy command ==== ipw-firmware ==== - use %_firmwaredir ==== java-11-openjdk ==== Version update (11.0.9.0 -> 11.0.9.1) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.9.1-1 * Fix: + JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) - Removed patch: * JDK-8250861.patch + Integrated upstream ==== javapackages-tools ==== Subpackages: javapackages-filesystem - Fix the python subpackage generation gh#openSUSE/python-rpm-macros#79 - Support python subpackages for each flavor gh#openSUSE/python-rpm-macros#66 - Replace old nose with pytest gh#fedora-java/javapackages#86 ==== jhbuild ==== Version update (3.36.0+1 -> 3.38.0+3) - create_deps.sh: Filter out pkgconfig(libpodofo) Requires for now: in all released versions of podofo, the .pc file is called libpodofo-0, but in git, since April 2019, the .pc file is being installed as libpodofo.pc. There is no information if and when podofo will ever get a release with this change. - Update to version 3.38.0+3: * defaults: Fix multiarch system_libdirs. * Get default branch name from repository. * Compare bytes/str correctly in both python 2 & 3. * defaults.jhbuildrc: fix detection of /usr/lib64 on Fedora. * base: also try for meson on autogenerated modules. * doc: Document shallow_clone option. * Moduleset updates. ==== kaddressbook ==== Subpackages: kaddressbook-doc kaddressbook-lang - Add patch to fix build with Qt 5.15.2: * 0001-Compile-with-recent-Qt-5.15.patch ==== kbd ==== Subpackages: kbd-legacy - prepare usrmerge (boo#1029961) ==== kernel-64kb ==== Version update (5.9.8 -> 5.9.10) - rpm/kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - commit b7c3768 - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - commit d9b4c40 - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - commit f42c89a - Linux 5.9.10 (bsc#1012628). - ACPI: GED: fix -Wformat (bsc#1012628). - KVM: x86: clflushopt should be treated as a no-op by emulation (bsc#1012628). - perf/x86/intel/uncore: Fix Add BW copypasta (bsc#1012628). - powerpc/smp: Call rcu_cpu_starting() earlier (bsc#1012628). - selftests/harness: prettify SKIP message whitespace again (bsc#1012628). - can: proc: can_remove_proc(): silence remove_proc_entry warning (bsc#1012628). - mac80211: always wind down STA state (bsc#1012628). - Input: sunkbd - avoid use-after-free in teardown paths (bsc#1012628). - leds: lm3697: Fix out-of-bound access (bsc#1012628). - selftests/powerpc: entry flush test (bsc#1012628). - powerpc: Only include kup-radix.h for 64-bit Book3S (bsc#1012628). - powerpc/64s: flush L1D after user accesses (bsc#1012628). - powerpc/64s: flush L1D on kernel entry (bsc#1012628). - selftests/powerpc: rfi_flush: disable entry flush if present (bsc#1012628). - commit 18ece1c - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - commit 13bd533 - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger - commit 21f8205 - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - commit 8099b4b - RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (git-fixes). - arm64: kexec_file: Fix sparse warning (git-fixes). - commit f76e598 - Linux 5.9.9 (bsc#1012628). - drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (bsc#1012628). - drm/i915/gem: Flush coherency domains on first set-domain-ioctl (bsc#1012628). - mm: memcg: link page counters to root if use_hierarchy is false (bsc#1012628). - nbd: don't update block size after device is started (bsc#1012628). - KVM: arm64: Force PTE mapping on fault resulting in a device mapping (bsc#1012628). - xfrm: interface: fix the priorities for ipip and ipv6 tunnels (bsc#1012628). - ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (bsc#1012628). - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (bsc#1012628). - hv_balloon: disable warning when floor reached (bsc#1012628). - net: xfrm: fix a race condition during allocing spi (bsc#1012628). - ASoC: codecs: wsa881x: add missing stream rates and format (bsc#1012628). - spi: imx: fix runtime pm support for !CONFIG_PM (bsc#1012628). - irqchip/sifive-plic: Fix broken irq_set_affinity() callback (bsc#1012628). - kunit: Fix kunit.py --raw_output option (bsc#1012628). - kunit: Don't fail test suites if one of them is empty (bsc#1012628). - usb: gadget: fsl: fix null pointer checking (bsc#1012628). - selftests: filter kselftest headers from command in lib.mk (bsc#1012628). - ASoC: codecs: wcd934x: Set digital gain range correctly (bsc#1012628). - ASoC: codecs: wcd9335: Set digital gain range correctly (bsc#1012628). - mtd: spi-nor: Fix address width on flash chips > 16MB (bsc#1012628). - xfs: set xefi_discard when creating a deferred agfl free log intent item (bsc#1012628). - mac80211: don't require VHT elements for HE on 2.4 GHz (bsc#1012628). - netfilter: nftables: fix netlink report logic in flowtable and genid (bsc#1012628). - netfilter: use actual socket sk rather than skb sk when routing harder (bsc#1012628). - netfilter: nf_tables: missing validation from the abort path (bsc#1012628). - netfilter: ipset: Update byte and packet counters regardless of whether they match (bsc#1012628). - irqchip/sifive-plic: Fix chip_data access within a hierarchy (bsc#1012628). - powerpc/eeh_cache: Fix a possible debugfs deadlock (bsc#1012628). - drm/vc4: bo: Add a managed action to cleanup the cache (bsc#1012628). - IB/srpt: Fix memory leak in srpt_add_one (bsc#1012628). - mm: memcontrol: correct the NR_ANON_THPS counter of hierarchical memcg (bsc#1012628). - drm/panfrost: rename error labels in device_init (bsc#1012628). - drm/panfrost: move devfreq_init()/fini() in device (bsc#1012628). - drm/panfrost: Fix module unload (bsc#1012628). - perf trace: Fix segfault when trying to trace events by cgroup (bsc#1012628). - perf tools: Add missing swap for ino_generation (bsc#1012628). - perf tools: Add missing swap for cgroup events (bsc#1012628). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (bsc#1012628). - iommu/vt-d: Fix sid not set issue in intel_svm_bind_gpasid() (bsc#1012628). - iommu/vt-d: Fix a bug for PDP check in prq_event_thread (bsc#1012628). - afs: Fix warning due to unadvanced marshalling pointer (bsc#1012628). - afs: Fix incorrect freeing of the ACL passed to the YFS ACL store op (bsc#1012628). - vfio/pci: Implement ioeventfd thread handler for contended memory lock (bsc#1012628). - can: rx-offload: don't call kfree_skb() from IRQ context (bsc#1012628). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (bsc#1012628). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (bsc#1012628). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (bsc#1012628). - can: j1939: swap addr and pgn in the send example (bsc#1012628). - can: j1939: j1939_sk_bind(): return failure if netdev is down (bsc#1012628). - can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (bsc#1012628). - can: xilinx_can: handle failure cases of pm_runtime_get_sync (bsc#1012628). - can: peak_usb: add range checking in decode operations (bsc#1012628). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (bsc#1012628). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (bsc#1012628). - can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (bsc#1012628). - can: flexcan: flexcan_remove(): disable wakeup completely (bsc#1012628). - xfs: flush new eof page on truncate to avoid post-eof corruption (bsc#1012628). - xfs: fix missing CoW blocks writeback conversion retry (bsc#1012628). - xfs: fix scrub flagging rtinherit even if there is no rt device (bsc#1012628). - io_uring: ensure consistent view of original task ->mm from SQPOLL (bsc#1012628). - spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1012628). - PCI: mvebu: Fix duplicate resource requests (bsc#1012628). - ceph: check session state after bumping session->s_seq (bsc#1012628). - selftests: core: use SKIP instead of XFAIL in close_range_test.c (bsc#1012628). - selftests: clone3: use SKIP instead of XFAIL (bsc#1012628). - selftests: binderfs: use SKIP instead of XFAIL (bsc#1012628). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1012628). - kbuild: explicitly specify the build id style (bsc#1012628). - RISC-V: Fix the VDSO symbol generaton for binutils-2.35+ (bsc#1012628). - USB: apple-mfi-fastcharge: fix reference leak in apple_mfi_fc_set_property (bsc#1012628). - tpm: efi: Don't create binary_bios_measurements file for an empty log (bsc#1012628). - KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED (bsc#1012628). - ath9k_htc: Use appropriate rs_datalen type (bsc#1012628). - scsi: ufs: Fix missing brace warning for old compilers (bsc#1012628). - ASoC: mediatek: mt8183-da7219: fix DAPM paths for rt1015 (bsc#1012628). - ASoC: qcom: sdm845: set driver name correctly (bsc#1012628). - ASoC: cs42l51: manage mclk shutdown delay (bsc#1012628). - ASoC: SOF: loader: handle all SOF_IPC_EXT types (bsc#1012628). - usb: dwc3: pci: add support for the Intel Alder Lake-S (bsc#1012628). - opp: Reduce the size of critical section in _opp_table_kref_release() (bsc#1012628). - usb: gadget: goku_udc: fix potential crashes in probe (bsc#1012628). - usb: raw-gadget: fix memory leak in gadget_setup (bsc#1012628). - selftests/ftrace: check for do_sys_openat2 in user-memory test (bsc#1012628). - selftests: pidfd: fix compilation errors due to wait.h (bsc#1012628). - ALSA: hda: Separate runtime and system suspend (bsc#1012628). - ALSA: hda: Reinstate runtime_allow() for all hda controllers (bsc#1012628). - x86/boot/compressed/64: Introduce sev_status (bsc#1012628). - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (bsc#1012628). - gfs2: Add missing truncate_inode_pages_final for sd_aspace (bsc#1012628). - gfs2: check for live vs. read-only file system in gfs2_fitrim (bsc#1012628). - scsi: hpsa: Fix memory leak in hpsa_init_one() (bsc#1012628). - drm/amdgpu: perform srbm soft reset always on SDMA resume (bsc#1012628). - drm/amd/pm: correct the baco reset sequence for CI ASICs (bsc#1012628). - drm/amd/pm: perform SMC reset on suspend/hibernation (bsc#1012628). - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running (bsc#1012628). - mac80211: fix use of skb payload instead of header (bsc#1012628). - cfg80211: initialize wdev data earlier (bsc#1012628). - cfg80211: regulatory: Fix inconsistent format argument (bsc#1012628). - wireguard: selftests: check that route_me_harder packets use the right sk (bsc#1012628). - tracing: Fix the checking of stackidx in __ftrace_trace_stack (bsc#1012628). - Revert "nvme-pci: remove last_sq_tail" (bsc#1012628). - ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline (bsc#1012628). - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1012628). - scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (bsc#1012628). - nvme: introduce nvme_sync_io_queues (bsc#1012628). - nvme-rdma: avoid race between time out and tear down (bsc#1012628). - nvme-tcp: avoid race between time out and tear down (bsc#1012628). - nvme-rdma: avoid repeated request completion (bsc#1012628). - nvme-tcp: avoid repeated request completion (bsc#1012628). - iommu/amd: Increase interrupt remapping table limit to 512 entries (bsc#1012628). - s390/smp: move rcu_cpu_starting() earlier (bsc#1012628). - vfio: platform: fix reference leak in vfio_platform_open (bsc#1012628). - vfio/pci: Bypass IGD init in case of -ENODEV (bsc#1012628). - i2c: mediatek: move dma reset before i2c reset (bsc#1012628). - amd/amdgpu: Disable VCN DPG mode for Picasso (bsc#1012628). - iomap: clean up writeback state logic on writepage error (bsc#1012628). - selftests: proc: fix warning: _GNU_SOURCE redefined (bsc#1012628). - arm64: kexec_file: try more regions if loading segments fails (bsc#1012628). - riscv: Set text_offset correctly for M-Mode (bsc#1012628). - i2c: sh_mobile: implement atomic transfers (bsc#1012628). - i2c: designware: call i2c_dw_read_clear_intrbits_slave() once (bsc#1012628). - i2c: designware: slave should do WRITE_REQUESTED before WRITE_RECEIVED (bsc#1012628). - tpm_tis: Disable interrupts on ThinkPad T490s (bsc#1012628). - mfd: sprd: Add wakeup capability for PMIC IRQ (bsc#1012628). - pinctrl: intel: Fix 2 kOhm bias which is 833 Ohm (bsc#1012628). - pinctrl: intel: Set default bias in case no particular value given (bsc#1012628). - gpio: aspeed: fix ast2600 bank properties (bsc#1012628). - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template (bsc#1012628). - bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1012628). - libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1012628). - pinctrl: mcp23s08: Use full chunk of memory for regmap configuration (bsc#1012628). - pinctrl: aspeed: Fix GPI only function problem (bsc#1012628). - net/mlx5e: Fix modify header actions memory leak (bsc#1012628). - net/mlx5e: Protect encap route dev from concurrent release (bsc#1012628). - net/mlx5e: Use spin_lock_bh for async_icosq_lock (bsc#1012628). - net/mlx5: Fix deletion of duplicate rules (bsc#1012628). - net/mlx5: E-switch, Avoid extack error log for disabled vport (bsc#1012628). - net/mlx5e: Fix VXLAN synchronization after function reload (bsc#1012628). - net/mlx5e: Fix incorrect access of RCU-protected xdp_prog (bsc#1012628). - SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (bsc#1012628). - NFSD: Fix use-after-free warning when doing inter-server copy (bsc#1012628). - NFSD: fix missing refcount in nfsd4_copy by nfsd4_do_async_copy (bsc#1012628). - tools/bpftool: Fix attaching flow dissector (bsc#1012628). - bpf: Zero-fill re-used per-cpu map element (bsc#1012628). - r8169: fix potential skb double free in an error path (bsc#1012628). - r8169: disable hw csum for short packets on all chip versions (bsc#1012628). - pinctrl: qcom: Move clearing pending IRQ to .irq_request_resources callback (bsc#1012628). - pinctrl: qcom: sm8250: Specify PDC map (bsc#1012628). - nbd: fix a block_device refcount leak in nbd_release (bsc#1012628). - selftest: fix flower terse dump tests (bsc#1012628). - i40e: Fix MAC address setting for a VF via Host/VM (bsc#1012628). - igc: Fix returning wrong statistics (bsc#1012628). - lan743x: correctly handle chips with internal PHY (bsc#1012628). - net: phy: realtek: support paged operations on RTL8201CP (bsc#1012628). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (bsc#1012628). - xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (bsc#1012628). - xfs: fix rmap key and record comparison functions (bsc#1012628). - xfs: fix brainos in the refcount scrubber's rmap fragment processor (bsc#1012628). - lan743x: fix "BUG: invalid wait context" when setting rx mode (bsc#1012628). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (bsc#1012628). - of/address: Fix of_node memory leak in of_dma_is_coherent (bsc#1012628). - ch_ktls: Update cheksum information (bsc#1012628). - ch_ktls: tcb update fails sometimes (bsc#1012628). - cosa: Add missing kfree in error path of cosa_write (bsc#1012628). - hwmon: (applesmc) Re-work SMC comms (bsc#1012628). - NFS: Fix listxattr receive buffer size (bsc#1012628). - vrf: Fix fast path output packet handling with async Netfilter rules (bsc#1012628). - lan743x: fix use of uninitialized variable (bsc#1012628). - arm64/mm: Validate hotplug range before creating linear mapping (bsc#1012628). - kernel/watchdog: fix watchdog_allowed_mask not used warning (bsc#1012628). - mm: memcontrol: fix missing wakeup polling thread (bsc#1012628). - afs: Fix afs_write_end() when called with copied == 0 [ver #3] (bsc#1012628). - perf: Fix get_recursion_context() (bsc#1012628). - nvme: factor out a nvme_configure_metadata helper (bsc#1012628). - nvme: freeze the queue over ->lba_shift updates (bsc#1012628). - nvme: fix incorrect behavior when BLKROSET is called by the user (bsc#1012628). - perf: Simplify group_sched_in() (bsc#1012628). - perf: Fix event multiplexing for exclusive groups (bsc#1012628). - firmware: xilinx: fix out-of-bounds access (bsc#1012628). - erofs: fix setting up pcluster for temporary pages (bsc#1012628). - erofs: derive atime instead of leaving it empty (bsc#1012628). - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1012628). - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1012628). - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch (bsc#1012628). - btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod (bsc#1012628). - btrfs: fix min reserved size calculation in merge_reloc_root (bsc#1012628). - btrfs: dev-replace: fail mount if we don't have replace item with target device (bsc#1012628). - KVM: arm64: Don't hide ID registers from userspace (bsc#1012628). - speakup: Fix var_id_t values and thus keymap (bsc#1012628). - speakup ttyio: Do not schedule() in ttyio_in_nowait (bsc#1012628). - speakup: Fix clearing selection in safe context (bsc#1012628). - thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (bsc#1012628). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (bsc#1012628). - uio: Fix use-after-free in uio_unregister_device() (bsc#1012628). - Revert "usb: musb: convert to devm_platform_ioremap_resource_byname" (bsc#1012628). - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (bsc#1012628). - usb: typec: ucsi: Report power supply changes (bsc#1012628). - xhci: hisilicon: fix refercence leak in xhci_histb_probe (bsc#1012628). - virtio: virtio_console: fix DMA memory allocation for rproc serial (bsc#1012628). - mei: protect mei_cl_mtu from null dereference (bsc#1012628). - futex: Don't enable IRQs unconditionally in put_pi_state() (bsc#1012628). - jbd2: fix up sparse warnings in checkpoint code (bsc#1012628). - bootconfig: Extend the magic check range to the preceding 3 bytes (bsc#1012628). - mm/compaction: count pages and stop correctly during page isolation (bsc#1012628). - mm/compaction: stop isolation if too many pages are isolated and we have pages to migrate (bsc#1012628). - mm/slub: fix panic in slab_alloc_node() (bsc#1012628). - mm/vmscan: fix NR_ISOLATED_FILE corruption on 64-bit (bsc#1012628). - mm/gup: use unpin_user_pages() in __gup_longterm_locked() (bsc#1012628). - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" (bsc#1012628). - reboot: fix overflow parsing reboot cpu number (bsc#1012628). - hugetlbfs: fix anon huge page migration race (bsc#1012628). - ocfs2: initialize ip_next_orphan (bsc#1012628). - hwmon: (amd_energy) modify the visibility of the counters (bsc#1012628). - selinux: Fix error return code in sel_ib_pkey_sid_slow() (bsc#1012628). - io_uring: round-up cq size before comparing with rounded sq size (bsc#1012628). - gpio: sifive: Fix SiFive gpio probe (bsc#1012628). - gpio: pcie-idio-24: Fix irq mask when masking (bsc#1012628). - gpio: pcie-idio-24: Fix IRQ Enable Register value (bsc#1012628). - gpio: pcie-idio-24: Enable PEX8311 interrupts (bsc#1012628). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (bsc#1012628). - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (bsc#1012628). - don't dump the threads that had been already exiting when zapped (bsc#1012628). - drm/amd/display: Add missing pflip irq (bsc#1012628). - drm/i915: Correctly set SFC capability for video engines (bsc#1012628). - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (bsc#1012628). - NFSv4.2: fix failure to unregister shrinker (bsc#1012628). - pinctrl: amd: use higher precision for 512 RtcClk (bsc#1012628). - pinctrl: amd: fix incorrect way to disable debounce filter (bsc#1012628). - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" (bsc#1012628). - cpufreq: Introduce governor flags (bsc#1012628). - cpufreq: Introduce CPUFREQ_GOV_STRICT_TARGET (bsc#1012628). - cpufreq: Add strict_target to struct cpufreq_policy (bsc#1012628). - cpufreq: intel_pstate: Take CPUFREQ_GOV_STRICT_TARGET into account (bsc#1012628). - ethtool: netlink: add missing netdev_features_change() call (bsc#1012628). - IPv6: Set SIT tunnel hard_header_len to zero (bsc#1012628). - net/af_iucv: fix null pointer dereference on shutdown (bsc#1012628). - net: udp: fix IP header access and skb lookup on Fast/frag0 UDP GRO (bsc#1012628). - net: udp: fix UDP header access on Fast/frag0 UDP GRO (bsc#1012628). - net: Update window_clamp if SOCK_RCVBUF is set (bsc#1012628). - net/x25: Fix null-ptr-deref in x25_connect (bsc#1012628). - tipc: fix memory leak in tipc_topsrv_start() (bsc#1012628). - devlink: Avoid overwriting port attributes of registered port (bsc#1012628). - mptcp: provide rmem[0] limit (bsc#1012628). - tunnels: Fix off-by-one in lower MTU bounds for ICMP/ICMPv6 replies (bsc#1012628). - powerpc/603: Always fault when _PAGE_ACCESSED is not set (bsc#1012628). - null_blk: Fix scheduling in atomic with zoned mode (bsc#1012628). - perf scripting python: Avoid declaring function pointers with a visibility attribute (bsc#1012628). - coresight: etm: perf: Sink selection using sysfs is deprecated (bsc#1012628). - coresight: Fix uninitialised pointer bug in etm_setup_aux() (bsc#1012628). - Convert trailing spaces and periods in path components (bsc#1012628). - commit 21e5163 - PCI: Always enable ACS even if no ACS Capability (bsc#1178211). - commit a40af1e - loop: Fix occasional uevent drop (bsc#1177900). - block: add a return value to set_capacity_revalidate_and_notify (bsc#1177900). - commit 98395e1 - btrfs: qgroup: don't commit transaction when we already hold the handle (bsc#1178634). Update upstream status and take the upstream version. - commit 60a737e ==== kernel-firmware ==== Version update (20201023 -> 20201120) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Fix build with older distros due to missing _firmwaredir - Update to version 20201120 (bc9cd0b7b0e9): including AMDGPU update (bsc#1179062) and ath11k addition (bsc#1178274) * linux-firmware: Update AMD SEV firmware * amdgpu: add sienna cichlid firmware for 20.45 * amdgpu: update vega20 firmware for 20.45 * amdgpu: update vega12 firmware for 20.45 * amdgpu: update vega10 firmware for 20.45 * amdgpu: update renoir firmware for 20.45 * amdgpu: update navi14 firmware for 20.45 * amdgpu: update navi12 firmware for 20.45 * amdgpu: update navi10 firmware for 20.45 * amdgpu: update raven2 firmware for 20.45 * amdgpu: update raven firmware for 20.45 * rtlwifi: v88.2 firmware files for RTL8192CU * rtw88: RTL8822C: Update firmware to v9.9.4 * Revert "rtw88: RTL8822C: Update firmware to v9.9.4" * vpdma: Move firmware to ti directory * amdgpu: update picasso VCN firmware * amdgpu: update raven2 VCN firmware * amdgpu: update raven VCN firmware * rtw88: RTL8822C: Update firmware to v9.9.4 * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099A_281A * QCA: Update Bluetooth firmware for QCA6390 * qcom : updated venus firmware files for v5.4 * QCA : Fixed BT SSR due to command timeout / IO fatal error * ath11k: QCA6390 hw2.0: add to WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1 * ath11k: QCA6390 hw2.0: add board-2.bin * ath11k: IPQ8074 hw2.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2 * ath11k: IPQ8074 hw2.0: add board-2.bin * ath11k: IPQ6018 hw1.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2 * ath11k: IPQ6018 hw1.0: add board-2.bin * ath10k: QCA6174 hw3.0: add firmware-sdio-6.bin version WLAN.RMH.4.4.1-00077 * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00131 * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00131 * ath10k: QCA6174 hw3.0: update board-2.bin * ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00157-QCARMSWPZ-1 - ath11k is split into its own subpackage due to its size - Update topics list and aliases accordingly ==== kernel-source ==== Version update (5.9.8 -> 5.9.10) Subpackages: kernel-default kernel-docs - rpm/kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - commit b7c3768 - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - commit d9b4c40 - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - commit f42c89a - Linux 5.9.10 (bsc#1012628). - ACPI: GED: fix -Wformat (bsc#1012628). - KVM: x86: clflushopt should be treated as a no-op by emulation (bsc#1012628). - perf/x86/intel/uncore: Fix Add BW copypasta (bsc#1012628). - powerpc/smp: Call rcu_cpu_starting() earlier (bsc#1012628). - selftests/harness: prettify SKIP message whitespace again (bsc#1012628). - can: proc: can_remove_proc(): silence remove_proc_entry warning (bsc#1012628). - mac80211: always wind down STA state (bsc#1012628). - Input: sunkbd - avoid use-after-free in teardown paths (bsc#1012628). - leds: lm3697: Fix out-of-bound access (bsc#1012628). - selftests/powerpc: entry flush test (bsc#1012628). - powerpc: Only include kup-radix.h for 64-bit Book3S (bsc#1012628). - powerpc/64s: flush L1D after user accesses (bsc#1012628). - powerpc/64s: flush L1D on kernel entry (bsc#1012628). - selftests/powerpc: rfi_flush: disable entry flush if present (bsc#1012628). - commit 18ece1c - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - commit 13bd533 - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger - commit 21f8205 - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - commit 8099b4b - RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (git-fixes). - arm64: kexec_file: Fix sparse warning (git-fixes). - commit f76e598 - Linux 5.9.9 (bsc#1012628). - drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (bsc#1012628). - drm/i915/gem: Flush coherency domains on first set-domain-ioctl (bsc#1012628). - mm: memcg: link page counters to root if use_hierarchy is false (bsc#1012628). - nbd: don't update block size after device is started (bsc#1012628). - KVM: arm64: Force PTE mapping on fault resulting in a device mapping (bsc#1012628). - xfrm: interface: fix the priorities for ipip and ipv6 tunnels (bsc#1012628). - ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (bsc#1012628). - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (bsc#1012628). - hv_balloon: disable warning when floor reached (bsc#1012628). - net: xfrm: fix a race condition during allocing spi (bsc#1012628). - ASoC: codecs: wsa881x: add missing stream rates and format (bsc#1012628). - spi: imx: fix runtime pm support for !CONFIG_PM (bsc#1012628). - irqchip/sifive-plic: Fix broken irq_set_affinity() callback (bsc#1012628). - kunit: Fix kunit.py --raw_output option (bsc#1012628). - kunit: Don't fail test suites if one of them is empty (bsc#1012628). - usb: gadget: fsl: fix null pointer checking (bsc#1012628). - selftests: filter kselftest headers from command in lib.mk (bsc#1012628). - ASoC: codecs: wcd934x: Set digital gain range correctly (bsc#1012628). - ASoC: codecs: wcd9335: Set digital gain range correctly (bsc#1012628). - mtd: spi-nor: Fix address width on flash chips > 16MB (bsc#1012628). - xfs: set xefi_discard when creating a deferred agfl free log intent item (bsc#1012628). - mac80211: don't require VHT elements for HE on 2.4 GHz (bsc#1012628). - netfilter: nftables: fix netlink report logic in flowtable and genid (bsc#1012628). - netfilter: use actual socket sk rather than skb sk when routing harder (bsc#1012628). - netfilter: nf_tables: missing validation from the abort path (bsc#1012628). - netfilter: ipset: Update byte and packet counters regardless of whether they match (bsc#1012628). - irqchip/sifive-plic: Fix chip_data access within a hierarchy (bsc#1012628). - powerpc/eeh_cache: Fix a possible debugfs deadlock (bsc#1012628). - drm/vc4: bo: Add a managed action to cleanup the cache (bsc#1012628). - IB/srpt: Fix memory leak in srpt_add_one (bsc#1012628). - mm: memcontrol: correct the NR_ANON_THPS counter of hierarchical memcg (bsc#1012628). - drm/panfrost: rename error labels in device_init (bsc#1012628). - drm/panfrost: move devfreq_init()/fini() in device (bsc#1012628). - drm/panfrost: Fix module unload (bsc#1012628). - perf trace: Fix segfault when trying to trace events by cgroup (bsc#1012628). - perf tools: Add missing swap for ino_generation (bsc#1012628). - perf tools: Add missing swap for cgroup events (bsc#1012628). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (bsc#1012628). - iommu/vt-d: Fix sid not set issue in intel_svm_bind_gpasid() (bsc#1012628). - iommu/vt-d: Fix a bug for PDP check in prq_event_thread (bsc#1012628). - afs: Fix warning due to unadvanced marshalling pointer (bsc#1012628). - afs: Fix incorrect freeing of the ACL passed to the YFS ACL store op (bsc#1012628). - vfio/pci: Implement ioeventfd thread handler for contended memory lock (bsc#1012628). - can: rx-offload: don't call kfree_skb() from IRQ context (bsc#1012628). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (bsc#1012628). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (bsc#1012628). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (bsc#1012628). - can: j1939: swap addr and pgn in the send example (bsc#1012628). - can: j1939: j1939_sk_bind(): return failure if netdev is down (bsc#1012628). - can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (bsc#1012628). - can: xilinx_can: handle failure cases of pm_runtime_get_sync (bsc#1012628). - can: peak_usb: add range checking in decode operations (bsc#1012628). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (bsc#1012628). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (bsc#1012628). - can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (bsc#1012628). - can: flexcan: flexcan_remove(): disable wakeup completely (bsc#1012628). - xfs: flush new eof page on truncate to avoid post-eof corruption (bsc#1012628). - xfs: fix missing CoW blocks writeback conversion retry (bsc#1012628). - xfs: fix scrub flagging rtinherit even if there is no rt device (bsc#1012628). - io_uring: ensure consistent view of original task ->mm from SQPOLL (bsc#1012628). - spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1012628). - PCI: mvebu: Fix duplicate resource requests (bsc#1012628). - ceph: check session state after bumping session->s_seq (bsc#1012628). - selftests: core: use SKIP instead of XFAIL in close_range_test.c (bsc#1012628). - selftests: clone3: use SKIP instead of XFAIL (bsc#1012628). - selftests: binderfs: use SKIP instead of XFAIL (bsc#1012628). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1012628). - kbuild: explicitly specify the build id style (bsc#1012628). - RISC-V: Fix the VDSO symbol generaton for binutils-2.35+ (bsc#1012628). - USB: apple-mfi-fastcharge: fix reference leak in apple_mfi_fc_set_property (bsc#1012628). - tpm: efi: Don't create binary_bios_measurements file for an empty log (bsc#1012628). - KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED (bsc#1012628). - ath9k_htc: Use appropriate rs_datalen type (bsc#1012628). - scsi: ufs: Fix missing brace warning for old compilers (bsc#1012628). - ASoC: mediatek: mt8183-da7219: fix DAPM paths for rt1015 (bsc#1012628). - ASoC: qcom: sdm845: set driver name correctly (bsc#1012628). - ASoC: cs42l51: manage mclk shutdown delay (bsc#1012628). - ASoC: SOF: loader: handle all SOF_IPC_EXT types (bsc#1012628). - usb: dwc3: pci: add support for the Intel Alder Lake-S (bsc#1012628). - opp: Reduce the size of critical section in _opp_table_kref_release() (bsc#1012628). - usb: gadget: goku_udc: fix potential crashes in probe (bsc#1012628). - usb: raw-gadget: fix memory leak in gadget_setup (bsc#1012628). - selftests/ftrace: check for do_sys_openat2 in user-memory test (bsc#1012628). - selftests: pidfd: fix compilation errors due to wait.h (bsc#1012628). - ALSA: hda: Separate runtime and system suspend (bsc#1012628). - ALSA: hda: Reinstate runtime_allow() for all hda controllers (bsc#1012628). - x86/boot/compressed/64: Introduce sev_status (bsc#1012628). - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (bsc#1012628). - gfs2: Add missing truncate_inode_pages_final for sd_aspace (bsc#1012628). - gfs2: check for live vs. read-only file system in gfs2_fitrim (bsc#1012628). - scsi: hpsa: Fix memory leak in hpsa_init_one() (bsc#1012628). - drm/amdgpu: perform srbm soft reset always on SDMA resume (bsc#1012628). - drm/amd/pm: correct the baco reset sequence for CI ASICs (bsc#1012628). - drm/amd/pm: perform SMC reset on suspend/hibernation (bsc#1012628). - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running (bsc#1012628). - mac80211: fix use of skb payload instead of header (bsc#1012628). - cfg80211: initialize wdev data earlier (bsc#1012628). - cfg80211: regulatory: Fix inconsistent format argument (bsc#1012628). - wireguard: selftests: check that route_me_harder packets use the right sk (bsc#1012628). - tracing: Fix the checking of stackidx in __ftrace_trace_stack (bsc#1012628). - Revert "nvme-pci: remove last_sq_tail" (bsc#1012628). - ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline (bsc#1012628). - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1012628). - scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (bsc#1012628). - nvme: introduce nvme_sync_io_queues (bsc#1012628). - nvme-rdma: avoid race between time out and tear down (bsc#1012628). - nvme-tcp: avoid race between time out and tear down (bsc#1012628). - nvme-rdma: avoid repeated request completion (bsc#1012628). - nvme-tcp: avoid repeated request completion (bsc#1012628). - iommu/amd: Increase interrupt remapping table limit to 512 entries (bsc#1012628). - s390/smp: move rcu_cpu_starting() earlier (bsc#1012628). - vfio: platform: fix reference leak in vfio_platform_open (bsc#1012628). - vfio/pci: Bypass IGD init in case of -ENODEV (bsc#1012628). - i2c: mediatek: move dma reset before i2c reset (bsc#1012628). - amd/amdgpu: Disable VCN DPG mode for Picasso (bsc#1012628). - iomap: clean up writeback state logic on writepage error (bsc#1012628). - selftests: proc: fix warning: _GNU_SOURCE redefined (bsc#1012628). - arm64: kexec_file: try more regions if loading segments fails (bsc#1012628). - riscv: Set text_offset correctly for M-Mode (bsc#1012628). - i2c: sh_mobile: implement atomic transfers (bsc#1012628). - i2c: designware: call i2c_dw_read_clear_intrbits_slave() once (bsc#1012628). - i2c: designware: slave should do WRITE_REQUESTED before WRITE_RECEIVED (bsc#1012628). - tpm_tis: Disable interrupts on ThinkPad T490s (bsc#1012628). - mfd: sprd: Add wakeup capability for PMIC IRQ (bsc#1012628). - pinctrl: intel: Fix 2 kOhm bias which is 833 Ohm (bsc#1012628). - pinctrl: intel: Set default bias in case no particular value given (bsc#1012628). - gpio: aspeed: fix ast2600 bank properties (bsc#1012628). - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template (bsc#1012628). - bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1012628). - libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1012628). - pinctrl: mcp23s08: Use full chunk of memory for regmap configuration (bsc#1012628). - pinctrl: aspeed: Fix GPI only function problem (bsc#1012628). - net/mlx5e: Fix modify header actions memory leak (bsc#1012628). - net/mlx5e: Protect encap route dev from concurrent release (bsc#1012628). - net/mlx5e: Use spin_lock_bh for async_icosq_lock (bsc#1012628). - net/mlx5: Fix deletion of duplicate rules (bsc#1012628). - net/mlx5: E-switch, Avoid extack error log for disabled vport (bsc#1012628). - net/mlx5e: Fix VXLAN synchronization after function reload (bsc#1012628). - net/mlx5e: Fix incorrect access of RCU-protected xdp_prog (bsc#1012628). - SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (bsc#1012628). - NFSD: Fix use-after-free warning when doing inter-server copy (bsc#1012628). - NFSD: fix missing refcount in nfsd4_copy by nfsd4_do_async_copy (bsc#1012628). - tools/bpftool: Fix attaching flow dissector (bsc#1012628). - bpf: Zero-fill re-used per-cpu map element (bsc#1012628). - r8169: fix potential skb double free in an error path (bsc#1012628). - r8169: disable hw csum for short packets on all chip versions (bsc#1012628). - pinctrl: qcom: Move clearing pending IRQ to .irq_request_resources callback (bsc#1012628). - pinctrl: qcom: sm8250: Specify PDC map (bsc#1012628). - nbd: fix a block_device refcount leak in nbd_release (bsc#1012628). - selftest: fix flower terse dump tests (bsc#1012628). - i40e: Fix MAC address setting for a VF via Host/VM (bsc#1012628). - igc: Fix returning wrong statistics (bsc#1012628). - lan743x: correctly handle chips with internal PHY (bsc#1012628). - net: phy: realtek: support paged operations on RTL8201CP (bsc#1012628). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (bsc#1012628). - xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (bsc#1012628). - xfs: fix rmap key and record comparison functions (bsc#1012628). - xfs: fix brainos in the refcount scrubber's rmap fragment processor (bsc#1012628). - lan743x: fix "BUG: invalid wait context" when setting rx mode (bsc#1012628). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (bsc#1012628). - of/address: Fix of_node memory leak in of_dma_is_coherent (bsc#1012628). - ch_ktls: Update cheksum information (bsc#1012628). - ch_ktls: tcb update fails sometimes (bsc#1012628). - cosa: Add missing kfree in error path of cosa_write (bsc#1012628). - hwmon: (applesmc) Re-work SMC comms (bsc#1012628). - NFS: Fix listxattr receive buffer size (bsc#1012628). - vrf: Fix fast path output packet handling with async Netfilter rules (bsc#1012628). - lan743x: fix use of uninitialized variable (bsc#1012628). - arm64/mm: Validate hotplug range before creating linear mapping (bsc#1012628). - kernel/watchdog: fix watchdog_allowed_mask not used warning (bsc#1012628). - mm: memcontrol: fix missing wakeup polling thread (bsc#1012628). - afs: Fix afs_write_end() when called with copied == 0 [ver #3] (bsc#1012628). - perf: Fix get_recursion_context() (bsc#1012628). - nvme: factor out a nvme_configure_metadata helper (bsc#1012628). - nvme: freeze the queue over ->lba_shift updates (bsc#1012628). - nvme: fix incorrect behavior when BLKROSET is called by the user (bsc#1012628). - perf: Simplify group_sched_in() (bsc#1012628). - perf: Fix event multiplexing for exclusive groups (bsc#1012628). - firmware: xilinx: fix out-of-bounds access (bsc#1012628). - erofs: fix setting up pcluster for temporary pages (bsc#1012628). - erofs: derive atime instead of leaving it empty (bsc#1012628). - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1012628). - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1012628). - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch (bsc#1012628). - btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod (bsc#1012628). - btrfs: fix min reserved size calculation in merge_reloc_root (bsc#1012628). - btrfs: dev-replace: fail mount if we don't have replace item with target device (bsc#1012628). - KVM: arm64: Don't hide ID registers from userspace (bsc#1012628). - speakup: Fix var_id_t values and thus keymap (bsc#1012628). - speakup ttyio: Do not schedule() in ttyio_in_nowait (bsc#1012628). - speakup: Fix clearing selection in safe context (bsc#1012628). - thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (bsc#1012628). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (bsc#1012628). - uio: Fix use-after-free in uio_unregister_device() (bsc#1012628). - Revert "usb: musb: convert to devm_platform_ioremap_resource_byname" (bsc#1012628). - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (bsc#1012628). - usb: typec: ucsi: Report power supply changes (bsc#1012628). - xhci: hisilicon: fix refercence leak in xhci_histb_probe (bsc#1012628). - virtio: virtio_console: fix DMA memory allocation for rproc serial (bsc#1012628). - mei: protect mei_cl_mtu from null dereference (bsc#1012628). - futex: Don't enable IRQs unconditionally in put_pi_state() (bsc#1012628). - jbd2: fix up sparse warnings in checkpoint code (bsc#1012628). - bootconfig: Extend the magic check range to the preceding 3 bytes (bsc#1012628). - mm/compaction: count pages and stop correctly during page isolation (bsc#1012628). - mm/compaction: stop isolation if too many pages are isolated and we have pages to migrate (bsc#1012628). - mm/slub: fix panic in slab_alloc_node() (bsc#1012628). - mm/vmscan: fix NR_ISOLATED_FILE corruption on 64-bit (bsc#1012628). - mm/gup: use unpin_user_pages() in __gup_longterm_locked() (bsc#1012628). - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" (bsc#1012628). - reboot: fix overflow parsing reboot cpu number (bsc#1012628). - hugetlbfs: fix anon huge page migration race (bsc#1012628). - ocfs2: initialize ip_next_orphan (bsc#1012628). - hwmon: (amd_energy) modify the visibility of the counters (bsc#1012628). - selinux: Fix error return code in sel_ib_pkey_sid_slow() (bsc#1012628). - io_uring: round-up cq size before comparing with rounded sq size (bsc#1012628). - gpio: sifive: Fix SiFive gpio probe (bsc#1012628). - gpio: pcie-idio-24: Fix irq mask when masking (bsc#1012628). - gpio: pcie-idio-24: Fix IRQ Enable Register value (bsc#1012628). - gpio: pcie-idio-24: Enable PEX8311 interrupts (bsc#1012628). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (bsc#1012628). - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (bsc#1012628). - don't dump the threads that had been already exiting when zapped (bsc#1012628). - drm/amd/display: Add missing pflip irq (bsc#1012628). - drm/i915: Correctly set SFC capability for video engines (bsc#1012628). - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (bsc#1012628). - NFSv4.2: fix failure to unregister shrinker (bsc#1012628). - pinctrl: amd: use higher precision for 512 RtcClk (bsc#1012628). - pinctrl: amd: fix incorrect way to disable debounce filter (bsc#1012628). - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" (bsc#1012628). - cpufreq: Introduce governor flags (bsc#1012628). - cpufreq: Introduce CPUFREQ_GOV_STRICT_TARGET (bsc#1012628). - cpufreq: Add strict_target to struct cpufreq_policy (bsc#1012628). - cpufreq: intel_pstate: Take CPUFREQ_GOV_STRICT_TARGET into account (bsc#1012628). - ethtool: netlink: add missing netdev_features_change() call (bsc#1012628). - IPv6: Set SIT tunnel hard_header_len to zero (bsc#1012628). - net/af_iucv: fix null pointer dereference on shutdown (bsc#1012628). - net: udp: fix IP header access and skb lookup on Fast/frag0 UDP GRO (bsc#1012628). - net: udp: fix UDP header access on Fast/frag0 UDP GRO (bsc#1012628). - net: Update window_clamp if SOCK_RCVBUF is set (bsc#1012628). - net/x25: Fix null-ptr-deref in x25_connect (bsc#1012628). - tipc: fix memory leak in tipc_topsrv_start() (bsc#1012628). - devlink: Avoid overwriting port attributes of registered port (bsc#1012628). - mptcp: provide rmem[0] limit (bsc#1012628). - tunnels: Fix off-by-one in lower MTU bounds for ICMP/ICMPv6 replies (bsc#1012628). - powerpc/603: Always fault when _PAGE_ACCESSED is not set (bsc#1012628). - null_blk: Fix scheduling in atomic with zoned mode (bsc#1012628). - perf scripting python: Avoid declaring function pointers with a visibility attribute (bsc#1012628). - coresight: etm: perf: Sink selection using sysfs is deprecated (bsc#1012628). - coresight: Fix uninitialised pointer bug in etm_setup_aux() (bsc#1012628). - Convert trailing spaces and periods in path components (bsc#1012628). - commit 21e5163 - PCI: Always enable ACS even if no ACS Capability (bsc#1178211). - commit a40af1e - loop: Fix occasional uevent drop (bsc#1177900). - block: add a return value to set_capacity_revalidate_and_notify (bsc#1177900). - commit 98395e1 - btrfs: qgroup: don't commit transaction when we already hold the handle (bsc#1178634). Update upstream status and take the upstream version. - commit 60a737e ==== keyutils ==== Subpackages: libkeyutils1 - prepare usrmerge (boo#1029961) ==== kglobalaccel ==== Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccel5-lang libKF5GlobalAccelPrivate5 - Add patch to workaround kglobalaccel breaking persistently after unclean logout (kde#429415, boo#1179033) * 0001-Revert-systemd-dbus-activation.patch ==== kompare ==== Subpackages: kompare-lang - Add patch to fix build with Qt 5.15.2: * 0001-Portaway-from-Obsolete-methods-of-QPrinter.patch ==== libX11 ==== Version update (1.6.12 -> 1.7.0) Subpackages: libX11-6 libX11-data libX11-devel libX11-xcb1 - Update to version 1.7.0 * libX11 version 1.7.0 includes a new API, hence the change from the 1.6 series to 1.7: XSetIOErrorExitHandler which provides a mechanism for applications to recover from I/O error conditions instead of being forced to exit. Thanks to Carlos Garnacho for this. * This release includes a bunch of bug fixes, some which have been pending for over three years: + A bunch of nls cleanups to remove obsolete entries and clean up formatting of the ist. Thanks to Benno Schulenberg for these. + Warning fixes and other cleanups across a huge swath of the library. Thanks to Alan Coopersmith for these. + Memory allocation bugs, including leaks and use after free in the locale code. Thanks to Krzesimir Nowak, Jacek Caban and Vittorio Zecca for these. + Thread safety fixes in the locale code. Thanks to Jacek Caban for these. + poll_for_response race condition fix. Thanks to Frediano Ziglio for the bulk of this effort, and to Peter Hutterer for careful review and improvements. * Version 1.7.0 includes a couple of new locales: ia and ie locales. Thanks to Carmina16 for these. * There are also numerous compose entries added, including: + |^ or ^| for ?, |v or v| for ?, ~~ for ?. Thanks to Antti Savolainen for this. + Allowing use of 'v' for caron, in addition to 'c', so things like vC for ?, vc for ?. Thanks to Benno Schulenberg for this. + Compose sequences LT, lt for '<', and GT, gt for '>' for keyboards where those are difficult to access. Thanks to Jonathan Belsewir for this. - refreshed patches en-locales.diff, p_khmer-compose.diff and p_xlib_skip_ext_env.diff ==== libfido2 ==== Subpackages: libfido2-1 libfido2-udev - Add Conflicts: to supersede version 1.0.0. This is needed for a clean upgrade path on SLE. ==== libical ==== - Add libical-read-v2-v3-data.patch: correctly read slim timezone data (bsc#1178412). ==== libical-glib ==== - Add libical-read-v2-v3-data.patch: correctly read slim timezone data (bsc#1178412). ==== libksba ==== Version update (1.4.0 -> 1.5.0) - libksba 1.5.0: * ksba_cms_identify now identifies OpenPGP keyblock content * Supports TR-03111 plain format ECDSA signature verification * Fixes a CMS signed data parser bug exhibited by a somewhat strange CMS message - remove deprecated texinfo macros and update signing keyring ==== libostree ==== Version update (2020.3 -> 2020.8) Subpackages: libostree-1-1 - Update to version 2020.8: + This release mostly contains scalability improvements and bugfixes. + Caching-related HTTP headers are now supported on summaries and signatures, so that they do not have to be re-downloaded if not changed in the meanwhile. + Summaries and delta have been reworked to allow more fine-grained fetching. + Finally, this fixes several bugs related to atomic variables, HTTP timeouts, and 32-bit architectures. - Changes from version 2020.7: + Static deltas can now be signed to more easily support offline verification. + There's now support for multiple initramfs images; the idea here is that one can have a "main" initramfs image and a secondary one which represents local configuration. + The documentation is now moved to https://ostreedev.github.io/ostree/ + Lot of preparatory cleanups to the pull code landed for upcoming work on indexing deltas outside of the summary. + On the bugfix side, the biggest one is a fix for an assertion failure when upgrading from systems before ostree supported devicetree. + Also notable is that ostree no longer hardlinks zero sized files to avoid hitting filesystem maximum link counts. - Changes from version 2020.6: + One notable feature: ostree now supports / and /boot being on the same filesystem. + Other than that it's mostly bugfixes; there is one quite important one for anyone using the readonly=true for /sysroot (which is still just Fedora CoreOS I suspect). + There's some improvements to the GObject Introspection metadata, some (cosmetic) static analyzer fixes, a fix for the immutable bit on s390x, dropping a deprecated bit in the systemd unit file, etc. - Changes from version 2020.5: + This release primarily fixes a regression in 2020.4 where the "readonly sysroot" changes incorrectly left the sysroot read-only on systems that started out with a read-only / (most of them, e.g. Fedora Silverblue/IoT at least). + There's some additions to the pull API to aid flatpak. + There were a few fixes to the man pages, and ostree show now displays the parent commit. + The default dracut config now enables reproducibility. + On the "feature" side, there is a new ostree admin unlock - -transient. We expect this to be a foundation for further support for "live" updates. - Changes from version 2020.4: + By far the biggest change in this release is new ed25519 signing support, powered by libsodium. + stree commit gained a new --base argument, which significantly simplifies constructing "derived" commits, particularly for systems using SELinux. + Handling of the read-only sysroot was reimplemented to run in the initramfs and be more reliable. Enabling the readonly=true flag in the repo config is recommended. + Several bugs were fixed in locking for the temporary "staging" directories OSTree creates, particularly on NFS. + lib: Coerce flags enums to GIR bitfields changed some values to be (correctly) flags - this may show up as incompatible for GObject Introspection consumers (but not C). + A new timestamp-check-from-rev option was added for pulls, which makes downgrade protection more reliable and will be used by Fedora CoreOS. + Several fixes and enhancements were made for "collection" pulls including a new --mirror option. + The ostree commit command learned a new --mode-ro-executables which enforces W^R semantics on all executables. + A new commit metadata key (OSTREE_COMMIT_META_KEY_ARCHITECTURE) was added to help standardize the architecture of the OSTree commit. This could be used on the client side for example to sanity-check that the commit matches the architecture of the machine before deploying. ==== libqt5-qtbase ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.15.2/?h=5.15.2 - Drop patches, now upstream: * 0001-Revert-Emit-QScreen-availableG-g-eometryChanged-on-l.patch - Pass -confirm-license option, drop duplicates - BuildRequire xcb-util - Add patch to avoid coredumps with missing display: * 0001-Avoid-SIGABRT-on-platform-plugin-initialization-fail.patch ==== libqt5-qtconnectivity ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5Bluetooth5 libQt5Bluetooth5-imports libQt5Nfc5 libQt5Nfc5-imports libqt5-qtconnectivity-tools - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtconnectivity.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtdeclarative ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtdeclarative.git/plain/dist/changes-5.15.2/?h=5.15.2 - Refresh qtdeclarative-5.15.0-FixMaxXMaxYExtent.patch ==== libqt5-qtgraphicaleffects ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtgraphicaleffects.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtimageformats ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtimageformats.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtlocation ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5Location5 libQt5Positioning5 libQt5PositioningQuick5 - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtlocation.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtmultimedia ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtmultimedia.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtnetworkauth ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtnetworkauth.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtquickcontrols ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtquickcontrols.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtquickcontrols2 ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtquickcontrols2.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtscript ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtscript.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtsensors ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5Sensors5 libQt5Sensors5-imports - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtsensors.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtserialport ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtserialport.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtspeech ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtspeech.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtsvg ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qttools ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5Designer5 libQt5Help5 libqt5-qdbus libqt5-qtpaths - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qttools.git/plain/dist/changes-5.15.2/?h=5.15.2 - Fix the clang requirement for Leap 15.2. The clang headers are also in the libclang package. - Use the %pkg_version macro available since Leap 15 ==== libqt5-qttranslations ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtvirtualkeyboard ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtvirtualkeyboard.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtwayland ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtwayland.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtwebchannel ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtwebchannel.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtwebengine ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtwebsockets ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5WebSockets5 libQt5WebSockets5-imports - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtwebsockets.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtx11extras ==== Version update (5.15.1 -> 5.15.2) - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtx11extras.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== libqt5-qtxmlpatterns ==== Version update (5.15.1 -> 5.15.2) Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports - Update to 5.15.2: * New bugfix release * For more details please see: http://code.qt.io/cgit/qt/qtxmlpatterns.git/plain/dist/changes-5.15.2/?h=5.15.2 ==== librsvg ==== Version update (2.50.1 -> 2.50.2) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.50.2: + Fix dx/dy offsets in nested elements. ==== libselinux ==== Subpackages: libselinux1 selinux-tools - install to /usr (boo#1029961) ==== libsepol ==== - install to /usr (boo#1029961) ==== libsigc++2 ==== Version update (2.10.4 -> 2.10.6) - Update to version 2.10.6: + Build: Meson build: Fix versioning on macOS. + Documentation: - sigc++/sigc++.h: Describe how to use libsigc++ with Meson. - Update links to the web page, now at libsigcplusplus.github.io/libsigcplusplus. ==== libtirpc ==== Subpackages: libtirpc-netconfig libtirpc3 - install libraries to %{_libdir} (boo#1029961) ==== libuv ==== Version update (1.39.0 -> 1.40.0) - update to 1.40.0: * udp: add UV_UDP_MMSG_FREE recv_cb flag * include: re-map UV__EPROTO from 4046 to -4046 * doc: correct UV_UDP_MMSG_FREE version added * doc: add uv_metrics_idle_time() version metadata * src: suppress user_timeout maybe-uninitialized * test: fix compiler warning * build: fix the Haiku cmake build * linux: fix i386 sendmmsg/recvmmsg support * build: add libuv-static pkg-config file * build,unix: add QNX support * include: remove incorrect UV__ERR() for EPROTO ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-libs - spec: Remove creation of libvirt group and add Requires to the libvirt group created with GID 108 by the system-group-libvirt package. jsc#SLE-11629 ==== libxkbcommon ==== Version update (1.0.1 -> 1.0.3) Subpackages: libxkbcommon-x11-0 libxkbcommon0 - Update to release 1.0.3 * Fix (hopefully) a segfault in xkb_x11_keymap_new_from_device() in some unclear situation (bug introduced in 1.0.2). * Fix keymaps created with xkb_x11_keymap_new_from_device() do not have level names (bug introduced in 0.8.0). - Update to release 1.0.2 * Fix a bug where a keysym that cannot be resolved in a keymap gets compiled to a garbage keysym. Now it is set to XKB_KEY_NoSymbol instead. * Improve the speed of xkb_x11_keymap_new_from_device() on repeated calls in the same xkb_context(). ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch ==== libyui ==== Version update (3.12.1 -> 3.12.2) - Higher priority for toplevel menu shortcuts (bsc#1175489) - Dropped support for openSUSE 13.2 (or earlier) builds in .spec file - 3.12.2 ==== libyui-qt ==== Version update (2.56.2 -> 2.56.3) - Honor menu bar toplevel menu enabled/disabled and visibility state (boo#1178394 again) - 2.56.3 ==== libzip ==== - Use full _libdir path in libzip.pc ==== lz4 ==== Version update (1.9.2 -> 1.9.3) - Update to release 1.9.3 * api: LZ4_decompress_safe_partial() now supports unknown compressed size * api: improved LZ4F_compressBound() with automatic flushing * cli: multiple files are compressed now using the legacy format ==== malcontent ==== Subpackages: libmalcontent-0-0 libmalcontent-ui-0-0 typelib-1_0-Malcontent-0 - Don't actually install com.endlessm.ParentalControls.rules: this just grants 'wheel'-group members access without password; as openSUSE does not support 'wheel' by default, we only ship the file as sample file (boo#1177974#c8). ==== mariadb ==== Version update (10.5.6 -> 10.5.8) Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Update to 10.5.8 * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-1058-release-notes https://mariadb.com/kb/en/library/mariadb-1058-changelog * fixes for the following security vulnerabilities: 10.5.7: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 10.5.8: none - tracker bugs: [bsc#1177472] and [bsc#1178428] - refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch - update suse_skipped_tests.list ==== mozilla-nss ==== Version update (3.57 -> 3.58) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.58 Bugs fixed: * bmo#1641480 (CVE-2020-25648) Tighten CCS handling for middlebox compatibility mode. * bmo#1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello (draft-ietf-tls-esni). * bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto extensions. * bmo#1668328 - Handle spaces in the Python path name when using gyp on Windows. * bmo#1667153 - Add PK11_ImportDataKey for data object import. * bmo#1665715 - Pass the embedded SCT list extension (if present) to TrustDomain::CheckRevocation instead of the notBefore value. ==== mutt ==== Version update (1.14.7 -> 2.0.2) Subpackages: mutt-doc mutt-lang - update to 2.0.2: * CVE-2020-28896: Ensure IMAP connection is closed after a connection error to avoid sending credentials over an unencrypted connection boo#1179035 - update to 2.0.0 (2020-11-07): + Domain-literal support for email addresses, e.g user@[IPv6:fcXX:...] ! Buffy completion only occurs for the "change-folder" set of functions. It has been disabled for , , the fcc mailbox prompt, and the autocrypt scan mailbox prompt. ! The "save/copy message to mailbox" set of functions use the "mailbox" history list, instead of the "filename" list. ! Message-ID extraction permits values missing angle brackets and '@' to allow properly threading the garbage sent by some providers. Mutt will add missing angle brackets when sending out replies, however. ! When adding multiple attachments, via in the compose menu, the browser menu can be exiting via after tagging the files. Previously, had to be used. ! ctrl-p/ctrl-n are by default bound to / in the editor menu. + The "cd" command allows changing the current working directory. As part of this, Mutt expands relative paths internally. There may be a change to some "prettified" relative paths because of this. ! Some configuration variable default values are localizable by translators. Currently these are: $attribution, $compose_format, $forward_attribution_intro, $forward_attribution_trailer, $status_format, $ts_icon_format, $ts_status_format. + Mutt will try to automatically reconnect to an IMAP mailbox on error, and will merge unsync'ed changes if possible. ! $crypt_protected_headers_subject defaults to "...", following the protected headers revised specification. ! Date, From, To, Cc, and Reply-To headers are stored as protected headers. + XOAUTH2 support. Please see the manual, contrib script mutt_oauth2.py, and mutt_oauth.py.README for more details. + $tunnel_is_secure, default set, assumes a connection via $tunnel is encrypted. Unsetting this will cause $ssl_starttls and $ssl_force_tls to be respected. + Patterns are tab-completable in the editor menu. ! $reply_to is consulted before $reply_self. + $copy_decode_weed, default unset, controls header weeding for and . + $pipe_decode_weed, default set, enables header weeding for . + $print_decode_weed, default set, enables header weeding for . ! format=flowed attachments are space-unstuffed when viewed, saved, piped, and printed. + The "run" command will execute MuttLisp. $muttlisp_inline_eval, if set, will execute unquoted parenthesized command arguments as MuttLisp. Please see the manual for more details about both. + $cursor_overlay, when set, will overlay the indicator, tree, sidebar_highlight, and sidebar_indicator colors onto the current line. "default" colors will be overridden and attributes will be merged. ! The message-id generation algorithm uses a random number instead of the step counter and PID. ! $ssl_force_tls defaults set. (Trying this again for 2.0). ! $hostname is set *after* muttrc processing. It can be manually set in the muttrc to avoid using DNS calls to obtain the FQDN. + $attach_save_dir specifies a directory to use when saving attachments. - Port the patches to mutt 2.0.0 * aw.listreply.diff * bug-676388-largefile.patch * mutt-1.10.1-imap.patch * mutt-1.13.3.dif * mutt-1.5.15-wrapcolumn.diff * mutt-1.5.20-sendgroupreplyto.diff * mutt-1.5.21-mailcap.diff * mutt-1.5.23-carriage-return.path * mutt-1.6.1-opennfs.dif * mutt-Fix-SIGQUIT-handling.patch * patch-1.5.24.vk.pgp_verbose_mime * widechar.sidebar.dif ==== nautilus ==== Version update (3.38.1 -> 3.38.2) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 - Update to version 3.38.2: + Search for tracker3 in PATH. + Fix batch rename dialog crashes. + Fix double-click row check. + Updated translations. ==== nodejs14 ==== Version update (14.15.0 -> 14.15.1) Subpackages: npm14 - Update Requires: so -devel requires npm - Rely on rpmbuild to define necessary python dependencies - New upstream LTS version 14.15.1: * deps: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses (bsc#1178882, CVE-2020-8277) - Update to LTS version 14.15.0: (jsc#SLE-15774) * no major changes * test: reverts marking test-webcrypto-encrypt-decrypt-aes flaky - Use SLE OpenSSL version with 12-SP4+, and not just 12-SP5+ - Bump mininum ICU version to 65 - Update to version 14.14.0: * fs: add rm method * http: allow passing array of key/val into writeHead * src: expose v8::Isolate setup callbacks - sle12_python3_compat.patch: refreshed - Update to version 14.13.1: * fs: rmdir recursive is no longer considered experimental - fix_ci_tests.patch: add support to SUSE's ECDH backport errors in SLE's openssl - Update to version 14.13.0: * deps: upgrade to libuv 1.40.0 #35333 * module: named exports for CJS via static analysis #35249 * module: exports pattern support #34718 * src: allow N-API addon in AddLinkedBinding() - Update to version 14.12.0: * n-api: + create N-API version 7 + add more property defaults - Changes since version 14.9.0 * deps: + update llhttp to 2.1.2 (bsc#1176605, CVE-2020-8201) + http: add requestTimeout. Fixes Denial of Service by resource exhaustion due to unfinished HTTP/1.1 requests (bsc#1176604, CVE-2020-8251) + buffer: also alias BigUInt methods + crypto: add randomInt function + perf_hooks: add idleTime and event loop util + stream: simpler and faster Readable async iterator + stream: save error in state - old_icu.patch: re-add support for ICU 65 from SLE15 SP2 - fix_ci_tests.patch: move debug symbol strip for testing to the Makefile - Update to version 14.9.0: * build: set --v8-enable-object-print by default (Mary Marchini) #34705 * deps: + upgrade to libuv 1.39.0 (cjihrig) #34915 + upgrade npm to 6.14.8 (Ruy Adorno) #34834 + V8: cherry-pick e06ace6b5cdb (Anna Henningsen) #34673 * n-api: handle weak no-finalizer refs correctly (Gabriel Schulhof) #34839 * tools: add debug entitlements for macOS 10.15+ (Gabriele Greco) #34378 - Changes in version 14.8.0: * async_hooks: add AsyncResource.bind utility (James M Snell) #34574 * deps: update to uvwasi 0.0.10 (Colin Ihrig) #34623 * module: unflag Top-Level Await (Myles Borins) #34558 * n-api: support type-tagging objects (Gabriel Schulhof) #28237 * n-api,src: provide asynchronous cleanup hooks (Anna Henningsen) #34572 - versioned.patch: refreshed - linker_lto_jobs.patch: refreshed - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 (bsc#1172686) - Update to version 14.7.0: * deps: upgrade npm to 6.14.7 * dgram: add IPv6 scope id suffix to received udp6 dgrams * src: + allow preventing SetPromiseRejectCallback #34387 + allow setting a dir for all diagnostic output #33584 * worker: make MessagePort inherit from EventTarget #34057 * zlib: switch to lazy init for zlib streams (Andrey Pechkurov) #34048 - avoid rpmbuild warnings on if/else/endif constructs - Update to version 14.6.0: * deps: + upgrade to libuv 1.38.1 + upgrade npm to 6.14.6 fixing information leak through log files (bsc#1173937, CVE-2020-15095) + update V8 to 8.4.371.19 * module: + doc only deprecation of module.parent + package "imports" field * src: allow embedders to disable esm loader * tls: make 'createSecureContext' honor more options * vm: add run-after-evaluate microtask mode * worker: add option to track unmanaged file descriptors - versioned.patch - refreshed - Update to version 14.5.0: * deps: V8 engine is updated to version 8.3. For details, see https://v8.dev/blog/v8-release-83 * events: experimental implementation of EventTarget For details, see https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14.5.0 - sle12_python3_compat.patch: refreshed - fix_ci_tests.patch: refreshed - Add Require for nodejs14 when intalling npm14. (bsc#1172728) - Update to version 14.4.0: * napi: fix various types of memory corruption in napi_get_value_string_*() (CVE-2020-8174, bsc#1172443) * http2: fix HTTP/2 Large Settings Frame DoS (CVE-2020-11080, bsc#1172442) * TLS session reuse can lead to host certificate verification bypass (CVE-2020-8172, bsc#1172441) - Update to version 14.3.0: * repl: previews improvements with autocompletion * it's now possible to use the await keyword outside of async functions, with the --experimental-top-level-await flag - Changes in version 14.2.0: * console: Support for console constructor groupIndentation options - skip_no_console.patch: refreshed - versioned.patch, fix_ci_tests.patch: refreshed - Update to version 14.1.0: * deps: upgrade openssl sources to 1.1.1g (SLE-12 only) * http: doc deprecate abort and improve docs * module: do not warn when accessing __esModule of unfinished exports * n-api: detect deadlocks in thread-safe function * src: deprecate embedder APIs with replacements * stream: + don't emit end after close + don't wait for close on legacy streams + pipeline should only destroy un-finished streams * vm: add importModuleDynamically option to compileFunction skip_no_console.patch: add more unit tests that fail on dumb terminals - Initial version 14.0.0 Deprecations * crypto: move pbkdf2 without digest to EOL * fs: deprecate closing FileHandle on garbage collection * http: move OutboundMessage.prototype.flush to EOL * lib: move GLOBAL and root aliases to EOL * os: move tmpDir() to EOL * src: remove deprecated wasm type check * stream: move _writableState.buffer to EOL * doc: deprecate process.mainModule * doc: deprecate process.umask() with no arguments For a detailed list of changes, see https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14.0.0 ==== nvme-cli ==== - Drop '-f' option with %service_del_postun This option shouldn't be needed besides very few special cases. But this package doesn't seem to belong to this category. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Fix build breakage caused by missing security key objects: + Modify openssh-7.7p1-cavstest-ctr.patch. + Modify openssh-7.7p1-cavstest-kdf.patch. + Add openssh-link-with-sk.patch. - Add openssh-fips-ensure-approved-moduli.patch (bsc#1177939). This ensures only approved DH parameters are used in FIPS mode. - Add openssh-8.1p1-ed25519-use-openssl-rng.patch (bsc#1173799). This uses OpenSSL's RAND_bytes() directly instead of the internal ChaCha20-based implementation to obtain random bytes for Ed25519 curve computations. This is required for FIPS compliance. ==== ovmf ==== Subpackages: qemu-ovmf-x86_64 qemu-uefi-aarch64 - Add ovmf-jscSLE-16075-SEV-ES-fixes.patch to merge upstream SEV-ES fixes (jsc#SLE-16075) ==== pam ==== Version update (1.4.0 -> 1.5.0) Subpackages: pam-doc - Update to 1.5.0 - obsoletes pam-bsc1178727-initialize-daysleft.patch - Multiple minor bug fixes, portability fixes, and documentation improvements. - Extended libpam API with pam_modutil_check_user_in_passwd function. - pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660. - pam_motd: read motd files with target user credentials skipping unreadable ones. - pam_pwhistory: added a SELinux helper executable. - pam_unix, pam_usertype: implemented avoidance of certain timing attacks. - pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails. - pam_env: Reading of the user environment is deprecated and will be removed at some point in the future. - libpam: pam_modutil_drop_priv() now correctly sets the target user's supplementary groups, allowing pam_motd to filter messages accordingly - Refresh pam-xauth_ownership.patch - pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package - pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package - pam_cracklib: added code to check whether the password contains a substring of of the user's name of at least characters length in some form. This is enabled by the new parameter "usersubstr=" See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch] - pam_xauth.c: do not free() a string which has been (successfully) passed to putenv(). [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch] - Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft" to avoid spurious (and misleading) Warning: your password will expire in ... days. fixed upstream with commit db6b293046a [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch] - Enable pam_faillock [bnc#1171562] - /usr/bin/xauth chokes on the old user's $HOME being on an NFS file system. Run /usr/bin/xauth using the old user's uid/gid Patch courtesy of Dr. Werner Fink. [bsc#1174593, pam-xauth_ownership.patch] - pam-login_defs-check.sh: Fix the regexp to get a real variable list (boo#1164274). - Revert the previous change [SR#815713]. The group is not necessary for PAM functionality but used only during testing. The test system should therefore create this group. [bsc#1171016, pam.spec] - Add requirement for group "wheel" to spec file. [bsc#1171016, pam.spec] ==== pam_mount ==== Version update (2.16 -> 2.17) Subpackages: libcryptmount0 - Restore symlinks while util-linux is pending - Update to release 2.17 * Abandon /sbin as a location - Drop pam_mount-2.16-fix-luks2-mount.patch (merged) ==== perl ==== Subpackages: perl-base perl-doc - Correct perl license According to https://dev.perl.org/licenses/ perl is licensed under the artistic license or the GPL 1.0 or later ==== perl-HTTP-Cookies ==== Version update (6.08 -> 6.09) - updated to 6.09 see /usr/share/doc/packages/perl-HTTP-Cookies/Changes 6.09 2020-11-19 22:20:47Z - Allow HttpOnly cookies to be loaded by HTTP::Cookies::Netscape (GH#63) (Charlie Hothersall-Thomas) ==== polkit-default-privs ==== Version update (1550+20201103.994a5ed -> 1550+20201119.2c1dce4) - Update to version 1550+20201119.2c1dce4: - cleanup of dead and inconsistent polkit actions: * profiles: drop the now rather confusing comment from nwfilter-binding actions * profiles: harmonize and normalize profile syntax and style * profiles: harmonize spice-space.lowlevelusbaccess actions * profiles: remove dead pantheon actions * profiles: remove dead org.gnome.DejaDup.duplicity action * profiles: drop dead com.redhat.tuned.gui.run action * profiles: fix brltty action(s) * profiles: remove dead netvisix action * profiles: realmd.discover-realm action: fix restrictive any setting * profiles: remove dead com.redhat.lvm2.* actions * profiles: group together org.kde.powerdevil actions * profiles: remove dead org.kde.powerdevil.backlighthelper actions * profiles: fix FirewallD1.info action in standard profile * profiles: remove dead org.kde.baloo action * profiles: remove dead kwallet actions and fix kwallet5 restrictive setting * profiles: selinux actions: make restrictive profile no weaker than upstream * profiles: remove dead gufw pkexec action * profiles: adjust mate actions better to upstream defaults * profiles: remove dead org.libvirt.api.newfilter.bind-* actions * profiles: clear dead nepomuk.filewatch.raiselimit action * profiles: remove dead kcmlightdm actions * profiles: adjust gnome.controlcenter actions better to upstream defaults * profiles: remove dead org.kde.recorditnow helper * profiles: remove dead de.berlios.smb4k.mounthelper actions * profiles: adjust user-administration action better to upstream defaults * profiles: cleanup urfkill actions * profiles: adjust ModemManager1 actions better to upstream settings * profiles: cleanup ModemManager actions * profiles: sync hp.driveguard.* actions with upstream settings * profiles: gnome settings, xfce backlight-helper actions: sanitize settings * profiles: cleanup dead and sync existing org.gnome actions * profiles: sync timedate1 actions in restrictive profile with standard profile * profiles: remove dead sytemd1.bus-access action * profiles: remove dead org.kde actions * profiles: make org.kde settings no weaker than upstream settings * profiles: remove leftover dead yast actions * profiles: remove dead yast.modules.yapi actions * profiles: remove dead yast.modules.ysr actions * profiles: remove dead yast.modules actions * profiles: remove dead yast.module-manager and yast.scr actions * profiles: remove dead upower actions * profiles: add missing udisks2 actions in restrictive profile * profiles: remove dead udisks (1) actions * profiles: remove dead policykit.lockdown action, harmonize .exec setting * profiles: adjust RealtimeKit actions to upstream settings * profiles: remove dead SuSEfirewall2 zone switcher action * profiles: remove dead backupmanager action * profiles: remove dead smpppd action * profiles: remove dead consolekit actions * profiles: polkit example action run-frobnicate: adjust to upstream settings * profiles: remove dead org.gnome.policykit.examples.* actions * profiles: remove unused pulseaudio realtime actions * profiles: cleanup PackageKit actions * profiles: cleanup gnome-settings-daemon actions * profiles: cleanup network manager actions * profiles: cleanup outdated PolicyKit actions ==== protobuf ==== Version update (3.12.3 -> 3.14.0) - Updated URL to https://github.com/protocolbuffers/protobuf - Update to v3.14.0 Protocol Compiler * The proto compiler no longer requires a .proto filename when it is not generating code. * Added flag `--deterministic_output` to `protoc --encode=...`. * Fixed deadlock when using google.protobuf.Any embedded in aggregate options. C++ * Arenas are now unconditionally enabled. cc_enable_arenas no longer has any effect. * Removed inlined string support, which is incompatible with arenas. * Fix a memory corruption bug in reflection when mixing optional and non-optional fields. * Make SpaceUsed() calculation more thorough for map fields. * Add stack overflow protection for text format with unknown field values. * FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds error was encountered. * Performance improvements for Map. * Minor formatting fix when dumping a descriptor to .proto format with DebugString. * UBSAN fix in RepeatedField * When running under ASAN, skip a test that makes huge allocations. * Fixed a crash that could happen when creating more than 256 extensions in a single message. * Fix a crash in BuildFile when passing in invalid descriptor proto. * Parser security fix when operating with CodedInputStream. * Warn against the use of AllowUnknownExtension. * Migrated to C++11 for-range loops instead of index-based loops where possible. This fixes a lot of warnings when compiling with -Wsign-compare. * Fix segment fault for proto3 optional * Adds a CMake option to build `libprotoc` separately Java * Bugfix in mergeFrom() when a oneof has multiple message fields. * Fix RopeByteString.RopeInputStream.read() returning -1 when told to read 0 bytes when not at EOF. * Redefine remove(Object) on primitive repeated field Lists to avoid autoboxing. * Support "\u" escapes in textformat string literals. * Trailing empty spaces are no longer ignored for FieldMask. * Fix FieldMaskUtil.subtract to recursively remove mask. * Mark enums with `@java.lang.Deprecated` if the proto enum has option `deprecated = true;`. * Adding forgotten duration.proto to the lite library Python * Print google.protobuf.NullValue as null instead of "NULL_VALUE" when it is used outside WKT Value/Struct. * Fix bug occurring when attempting to deep copy an enum type in python 3. * Add a setuptools extension for generating Python protobufs * Remove uses of pkg_resources in non-namespace packages * [bazel/py] Omit google/__init__.py from the Protobuf runtime * Removed the unnecessary setuptools package dependency for Python package * Fix PyUnknownFields memory leak PHP * Added support for "==" to the PHP C extension * Added `==` operators for Map and Array * Native C well-known types * Optimized away hex2bin() call in generated code * New version of upb, and a new hash function wyhash in third_party * add missing hasOneof method to check presence of oneof fields Go: * Update go_package options to reference google.golang.org/protobuf module. C#: * annotate ByteString.CopyFrom(ReadOnlySpan) as SecuritySafeCritical * Fix C# optional field reflection when there are regular fields too * Fix parsing negative Int32Value that crosses segment boundary Javascript: * JS: parse (un)packed fields conditionally - from version 3.13.0 PHP: * The C extension is completely rewritten. The new C extension has significantly better parsing performance and fixes a handful of conformance issues. It will also make it easier to add support for more features like proto2 and proto3 presence. * The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP. C++: * Removed deprecated unsafe arena string accessors * Enabled heterogeneous lookup for std::string keys in maps. * Removed implicit conversion from StringPiece to std::string * Fix use-after-destroy bug when the Map is allocated in the arena. * Improved the randomness of map ordering * Added stack overflow protection for text format with unknown fields * Use std::hash for proto maps to help with portability. * Added more Windows macros to proto whitelist. * Arena constructors for map entry messages are now marked "explicit" (for regular messages they were already explicit). * Fix subtle aliasing bug in RepeatedField::Add * Fix mismatch between MapEntry ByteSize and Serialize with respect to unset fields. Python: * JSON format conformance fixes: * Reject lowercase t for Timestamp json format. * Print full_name directly for extensions (no camelCase). * Reject boolean values for integer fields. * Reject NaN, Infinity, -Infinity that is not quoted. * Base64 fixes for bytes fields: accept URL-safe base64 and missing padding. * Bugfix for fields/files named "async" or "await". * Improved the error message when AttributeError is returned from __getattr__ in EnumTypeWrapper. Java: * Fixed a bug where setting optional proto3 enums with setFooValue() would not mark the value as present. * Add Subtract function to FieldMaskUtil. C#: * Dropped support for netstandard1.0 (replaced by support for netstandard1.1). This was required to modernize the parsing stack to use the `Span` type internally * Add `ParseFrom(ReadOnlySequence)` method to enable GC friendly parsing with reduced allocations and buffer copies * Add support for serialization directly to a `IBufferWriter` or to a `Span` to enable GC friendly serialization. The new API is available as extension methods on the `IMessage` type * Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make generated code compatible with old C# compilers (pre-roslyn compilers from .NET framework and old versions of mono) that do not support ref structs. Users that are still on a legacy stack that does not support C# 7.2 compiler might need to use the new define in their projects to be able to build the newly generated code * Due to the major overhaul of parsing and serialization internals, it is recommended to regenerate your generated code to achieve the best performance (the legacy generated code will still work, but might incur a slight performance penalty). - Fix the python subpackage generation gh#openSUSE/python-rpm-macros#79 - Support multiple python3 flavors gh#openSUSE/python-rpm-macros#66 ==== python-attrs ==== Version update (20.2.0 -> 20.3.0) - update to 20.3.0: - ``attr.define()``, ``attr.frozen()``, ``attr.mutable()``, and ``attr.field()`` remain **provisional**. ==== python-certifi ==== Version update (2020.6.20 -> 2020.11.8) - update to 2020.11.8: * Python 3.8+ support - Add two-basic-unit-tests.patch which includes two at least simple test patches (gh#certifi/python-certifi#137). ==== python-h2 ==== Version update (3.2.0 -> 4.0.0) - Drop hyperframe.patch no longer needed - Skip flaky tests test_connection_only_empty & test_delegated_eq that hypothesis is failing on s390x - Update to v4.0.0 * Support for Python 2.7-3.5 has been dropped * Support for Python 3.8 has been added. * Receiving DATA before HEADERS now raises a ProtocolError (see https://tools.ietf.org/html/rfc7540#section-8.1) ==== python-libxml2 ==== - Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch ==== python-mailman ==== Version update (3.3.1 -> 3.3.2) - Update to 3.3.2: * Support for inviting users to join mailing lists. * New adddmembers, delmembers and syncmembers command to manage membership from CLI. * Addition of new REST API endpoints that return the count of held messages and subscription requests of much faster page loads in Postorius. * Addition of support for filtering in some API endpoints like Members and Subscription requests. * Support for address= option in email join command to subscribe an address other then sending address. * Addition of who email command to lookup memberships. * Expose emergency field for MailingList resource in REST API. * Several bug fixes to support new major version of libraries like dnspython, flufl.* etc. ==== python-passlib ==== Version update (1.7.2 -> 1.7.4) - Update URL to https://foss.heptapod.net/python-libs/passlib - Add optional dependencies: Django, apache2-utils - Update %check to report skipped tests - Update to v0.7.4 * updated tests to pass for Django 1.8 - 3.1 * CryptContext will now throw UnknownHashError when it can't identify a hash provided to methods such as CryptContext.verify Previously it would throw a generic :exc:`ValueError`. - from v1.7.3 * ldap_salted_sha512 LDAP "salted hash" support added for SHA-256 and SHA-512 * bcrypt: Fixed Python 3 OS native backend detection on BSD platforms * safe_crypt added support for crypt.crypt unexpectedly returning bytes under Python 3 * safe_crypt added support for crypt.crypt throwing OSError which can happen as of Python 3.9 * passlib.ext.django fixed lru_cache import for Django 3 compatibility * bcrypt_sha256 Internal algorithm has been changed to use HMAC-SHA256 instead of plain SHA256 * bcrypt OS native backend ("os_crypt") now raises the new PasswordValueError if password is provided as non-UTF8 bytes * lookup_hash's required=False kwd was modified to report unsupported hashes via the HashInfo.supported attribute; rather than letting ValueErrors through uncaught. * Various Python 3.9 compatibility fixes ==== python-pycups ==== - Let the python-rpm-macros take care of the correct python3 provides for all python3 flavors gh#openSUSE/python-rpm-macros#66 ==== python-qt5 ==== Version update (5.15.1 -> 5.15.2) - Update to version 5.15.2 * Bound signals are now hashable. - Drop patches merged upstream * pyqt5-customaudio-qt511.patch * pyqt5-signals-hashable.patch - Fix boo#1178814: migration of old /usr/share/sip/PyQt5 to update-alternatives needs special treatment - add QtRemoteObjects bindings to nonring build ==== python-sniffio ==== Version update (1.1.0 -> 1.2.0) - update to 1.2.0: * Include type hints ==== python38 ==== Subpackages: python38-curses python38-dbm python38-tk - The Python stdlib >= does not provide importlib_metadata or importlib_resources but importlib.metadata and importlib.resources. If a package specifically asks for importlib_*, they actually require the dedicated package with extended API. ==== python38-core ==== Subpackages: libpython3_8-1_0 python38-base - The Python stdlib >= does not provide importlib_metadata or importlib_resources but importlib.metadata and importlib.resources. If a package specifically asks for importlib_*, they actually require the dedicated package with extended API. ==== python38-documentation ==== - The Python stdlib >= does not provide importlib_metadata or importlib_resources but importlib.metadata and importlib.resources. If a package specifically asks for importlib_*, they actually require the dedicated package with extended API. ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-guest-agent qemu-hw-display-qxl qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86 - A patch has been applied to virt-manager to handle qemu spice related modules not being present, so undo the change from Sep 30, 2020. Once again qemu-hw-display-qxl and qemu-hw-usb-redirect are Recommends and not Required by the qemu package (boo#1157320 boo#1176517, boo#1178141) - For jsc#SLE-11629, change qemu, qemu-tools, and qemu-guest-agent to rely on system-user-qemu and system-group-kvm to provide now static system UIDs and GID's for qemu user and group, and kvm group. This will make guest migration more seamless for new installations since there is no chance of having required ID's differ in value. ==== qpdf ==== Version update (10.0.3 -> 10.0.4) - Update to version 10.0.4 * Fix a handful of integer overflows. ==== raspberrypi-firmware-dt ==== - Introduce upstream-overlay-rpi-poe.patch to adapt the overlay to our driver (jsc#SLE-16543) ==== remmina ==== Version update (1.4.8 -> 1.4.9) Subpackages: remmina-lang remmina-plugin-rdp remmina-plugin-secret remmina-plugin-vnc remmina-plugin-xdmcp - Update to release 1.4.9 * Updated color schemes from iTerm2-Color-Schemes * Use previously defined DATADIR to install Kiosk files * RDP and VNC: Fix smooth scrolling when abs(delta) < 1.0, see issue #2273 * Alexander Kapshuna added to remmina_about.glade * remmina_main_quickconnect: recognize ip when textbox has ip:port in it, and strip whitespaces * Implementing text search in the SSH plugin * Spelling: Plugin manager language reworked * Save screenshot_name and use correct seconds format * Resolve "Autostart checkbox setting not saved" * rdp: document freerdp Performance Flags setted by quality setting * Resolve "Terminal general preferences are not saved" * Resolve "Typo in FindFREERDP3.cmake" * rdp: add freerdp log filters setting * Resolve "Extra underline character in "_Preferences" tooptip text" - Requires pcre2-devel ==== rsyslog ==== - fix location and naming of journald dropin (bsc#1178288) ==== rubygem-rubocop ==== Version update (1.2.0 -> 1.4.2) - New upstream release 1.4.2 [#]## Bug fixes * [#9083](https://github.com/rubocop-hq/rubocop/pull/9083): Fix `Style/RedundantArgument` cop raising offense for more than one argument. ([@tejasbubane][]) * [#9089](https://github.com/rubocop-hq/rubocop/issues/9089): Fix an incorrect auto-correct for `Style/FormatString` when using springf with second argument that uses an operator. ([@koic][]) * [#7670](https://github.com/rubocop-hq/rubocop/issues/7670): Handle offenses inside heredocs for `-a --disable-uncorrectable`. ([@jonas054][]) * [#9070](https://github.com/rubocop-hq/rubocop/issues/9070): Fix `Lint/UnmodifiedReduceAccumulator` error when the block does not have enough arguments. ([@dvandersluis][]) [#]## Changes * [#9091](https://github.com/rubocop-hq/rubocop/pull/9091): Have `Naming/VariableNumber` accept _1, _2, ... ([@marcandre][]) * [#9087](https://github.com/rubocop-hq/rubocop/pull/9087): Deprecate `EnforceSuperclass` module. ([@koic][]) [@tejasbubane]: https://github.com/tejasbubane [@koic]: https://github.com/koic [@jonas054]: https://github.com/jonas054 [@dvandersluis]: https://github.com/dvandersluis [@marcandre]: https://github.com/marcandre - New upstream release 1.4.1 [#]## Bug fixes * [#9082](https://github.com/rubocop-hq/rubocop/pull/9082): Fix gemspec to include assets directory. ([@javierav][]) [@javierav]: https://github.com/javierav - New upstream release 1.4.0 Drop patch: * 0001-Use-usr-bin-bash-instead-of-env-as-the-shebang.patch (file no longer in the gem) [#]## New features * [#7737](https://github.com/rubocop-hq/rubocop/issues/7737): Add new `Style/RedundantArgument` cop. ([@tejasbubane][]) * [#9064](https://github.com/rubocop-hq/rubocop/issues/9064): Add `EmptyLineBetweenMethodDefs`, `EmptyLineBetweenClassDefs` and `EmptyLineBetweenModuleDefs` config options for `Layout/EmptyLineBetweenDefs` cop. ([@tejasbubane][]) * [#9043](https://github.com/rubocop-hq/rubocop/pull/9043): Add `--stderr` to write all output to stderr except for the autocorrected source. ([@knu][]) [#]## Bug fixes * [#9067](https://github.com/rubocop-hq/rubocop/pull/9067): Fix an incorrect auto-correct for `Lint::AmbiguousRegexpLiteral` when passing in a regexp to a method with no receiver. ([@amatsuda][]) * [#9060](https://github.com/rubocop-hq/rubocop/issues/9060): Fix an error for `Layout/SpaceAroundMethodCallOperator` when using `__ENCODING__`. ([@koic][]) * [#7338](https://github.com/rubocop-hq/rubocop/issues/7338): Handle assignment with `[]=` in `MultilineMethodCallIndentation`. ([@jonas054][]) * [#7726](https://github.com/rubocop-hq/rubocop/issues/7726): Fix `MultilineMethodCallIndentation` indentation inside square brackets. ([@jonas054][]) * [#8857](https://github.com/rubocop-hq/rubocop/issues/8857): Improve how `Exclude` properties are generated by `--auto-gen-config`. ([@jonas054][]) [#]## Changes * [#8788](https://github.com/rubocop-hq/rubocop/issues/8788): Change `Style/Documentation` to not trigger offense with only macros. ([@tejasbubane][]) * [#8993](https://github.com/rubocop-hq/rubocop/issues/8993): Allow `ExcludedMethods` config of `Metrics/MethodLength` cop to contain regex. ([@tejasbubane][]) * [#9073](https://github.com/rubocop-hq/rubocop/issues/9073): Enable `Layout/LineLength`'s auto-correct by default. ([@bbatsov][]) * [#9079](https://github.com/rubocop-hq/rubocop/pull/9079): Improve the gemspec to load only the necessary files without the git utility. ([@piotrmurach][]) * [#9059](https://github.com/rubocop-hq/rubocop/pull/9059): Update `Lint/UnmodifiedReduceAccumulator` to accept blocks which return in the form `accumulator[element]`. ([@dvandersluis][]) * [#9072](https://github.com/rubocop-hq/rubocop/pull/9072): `Lint/MissingSuper`: exclude `method_missing` and `respond_to_missing?`. ([@marcandre][]) * [#9074](https://github.com/rubocop-hq/rubocop/pull/9074): Allow specifying a pull request ID when calling `rake changelog:*`. ([@marcandre][]) [@tejasbubane]: https://github.com/tejasbubane [@knu]: https://github.com/knu [@amatsuda]: https://github.com/amatsuda [@koic]: https://github.com/koic [@jonas054]: https://github.com/jonas054 [@bbatsov]: https://github.com/bbatsov [@piotrmurach]: https://github.com/piotrmurach [@dvandersluis]: https://github.com/dvandersluis [@marcandre]: https://github.com/marcandre New upstream release 1.3.1 [#]# 1.3.1 (2020-11-16) [#]## Bug fixes * [#9037](https://github.com/rubocop-hq/rubocop/pull/9037): Fix `required_ruby_version` issue when using `Gem::Requirement`. ([@cetinajero][]) * [#9039](https://github.com/rubocop-hq/rubocop/pull/9039): Fix stack level too deep error if target directory contains `**`. ([@unasuke][]) * [#6962](https://github.com/rubocop-hq/rubocop/issues/6962): Limit `Layout/ClassStructure` constant order autocorrect to literal constants. ([@tejasbubane][]) * [#9032](https://github.com/rubocop-hq/rubocop/issues/9032): Fix an error for `Style/DocumentDynamicEvalDefinition` when using eval-type method with interpolated string that is not heredoc without comment doc. ([@koic][]) * [#9049](https://github.com/rubocop-hq/rubocop/issues/9049): Have `Lint/ToEnumArguments` accept `__callee__`. ([@marcandre][]) * [#9050](https://github.com/rubocop-hq/rubocop/issues/9050): Fix a false positive for `Style/NegatedIfElseCondition` when `if` with `!!` condition. ([@koic][]) * [#9041](https://github.com/rubocop-hq/rubocop/issues/9041): Fix a false positive for `Naming/VariableNumber` when using integer symbols. ([@koic][]) [#]## Changes * [#9045](https://github.com/rubocop-hq/rubocop/pull/9045): Have `cut_release` handle "config/default" and generate cops doc. ([@marcandre][]) * [#9036](https://github.com/rubocop-hq/rubocop/pull/9036): Allow `enums` method by default for `Lint/ConstantDefinitionInBlock`. ([@koic][]) * [#9035](https://github.com/rubocop-hq/rubocop/issues/9035): Only complain about `SafeYAML` if it causes issues. ([@marcandre][]) [#]# 1.3.0 (2020-11-12) [#]## New features * [#8761](https://github.com/rubocop-hq/rubocop/issues/8761): Read `required_ruby_version` from gemspec file if it exists. ([@HeroProtagonist][]) * [#9001](https://github.com/rubocop-hq/rubocop/pull/9001): Add new `Lint/EmptyClass` cop. ([@fatkodima][]) * [#9025](https://github.com/rubocop-hq/rubocop/issues/9025): Add `AllowedMethods` option to `Lint/ConstantDefinitionInBlock`. ([@koic][]) * [#9014](https://github.com/rubocop-hq/rubocop/pull/9014): Support auto-correction for `Style/IfInsideElse`. ([@koic][]) * [#8483](https://github.com/rubocop-hq/rubocop/pull/8483): Add new `Style/StaticClass` cop. ([@fatkodima][]) * [#9020](https://github.com/rubocop-hq/rubocop/pull/9020): Add new `Style/NilLambda` cop to check for lambdas that always return nil. ([@dvandersluis][]) * [#8404](https://github.com/rubocop-hq/rubocop/pull/8404): Add new `Lint/DuplicateBranch` cop. ([@fatkodima][]) [#]## Bug fixes * [#8499](https://github.com/rubocop-hq/rubocop/issues/8499): Fix `Style/IfUnlessModifier` and `Style/WhileUntilModifier` to prevent an offense if there are both first-line comment and code after `end` block. ([@dsavochkin][]) * [#8996](https://github.com/rubocop-hq/rubocop/issues/8996): Fix a false positive for `Style/MultipleComparison` when comparing two sides of the disjunction is unrelated. ([@koic][]) * [#8975](https://github.com/rubocop-hq/rubocop/issues/8975): Fix an infinite loop when autocorrecting `Layout/TrailingWhitespace` + `Lint/LiteralInInterpolation`. ([@fatkodima][]) * [#8998](https://github.com/rubocop-hq/rubocop/issues/8998): Fix an error for `Style/NegatedIfElseCondition` when using negated condition and `if` branch body is empty. ([@koic][]) * [#9008](https://github.com/rubocop-hq/rubocop/pull/9008): Mark `Style/InfiniteLoop` as unsafe. ([@marcandre][]) [#]## Changes * [#8978](https://github.com/rubocop-hq/rubocop/issues/8978): Update `Layout/LineLength` autocorrection to be able to handle method calls with long argument lists. ([@dvandersluis][]) * [#9015](https://github.com/rubocop-hq/rubocop/issues/9015): Update `Lint/EmptyBlock` to allow for empty lambdas. ([@dvandersluis][]) * [#9022](https://github.com/rubocop-hq/rubocop/issues/9022): Add `NOTE` to keywords of `Style/CommentAnnotation`. ([@koic][]) * [#9011](https://github.com/rubocop-hq/rubocop/issues/9011): Mark autocorrection for `Lint/Loop` as unsafe. ([@dvandersluis][]) * [#9026](https://github.com/rubocop-hq/rubocop/issues/9026): Update `Style/DocumentDynamicEvalDefinition` to detect comment blocks that document the evaluation. ([@dvandersluis][]) * [#9004](https://github.com/rubocop-hq/rubocop/pull/9004): Remove obsolete gem `SafeYAML` compatibility. ([@marcandre][]) * [#9023](https://github.com/rubocop-hq/rubocop/issues/9023): Mark unsafe for `Style/CollectionCompact`. ([@koic][]) * [#9012](https://github.com/rubocop-hq/rubocop/issues/9012): Allow `AllowedIdentifiers` to be specified for `Naming/VariableNumber`. ([@dvandersluis][]) ==== rubygem-rubocop-ast ==== Version update (1.1.0 -> 1.1.1) - New upstream release 1.1.1 [#]# 1.1.1 (2020-11-04) [#]## Bug fixes * [#146](https://github.com/rubocop-hq/rubocop-ast/pull/146): Fix `IfNode#branches` to return both branches when called on ternary conditional. ([@fatkodima][]) ==== salt ==== Subpackages: python3-salt salt-master salt-minion - Fix syntax error on pkgrepo state with Python 2.7 - transactional_update: unify with chroot.call - Added: * pkgrepo-support-python-2.7-function-call-295.patch * transactional_update-unify-with-chroot.call.patch - Add "migrated" state and GPG key management functions - Added: * add-migrated-state-and-gpg-key-management-functions-.patch - Master can read grains - Added: * grains-master-can-read-grains.patch - Fix for broken psutil (bsc#1102248) - Added: * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch ==== samba ==== Version update (4.13.0+git.138.ff2d5480c67 -> 4.13.2+git.176.0a5e55b510c) Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libndr1 libnetapi0 libsamba-credentials0 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-policy0-python3 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-doc samba-libs samba-libs-python3 samba-python3 samba-winbind - Update to 4.13.2 + s3: modules: vfs_glusterfs: Fix leak of char **lines onto mem_ctx on return; (bso#14486); + RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special; (bso#14471); + smb.conf.5: Add clarification how configuration changes reflected by Samba; (bso#14538); + daemons: Report status to systemd even when running in foreground; (bso#14552); + DNS Resolver: Support both dnspython before and after 2.0.0; (bso#14553); + s3-vfs_glusterfs: Refuse connection when write-behind xlator is present; (bso#14486); + provision: Add support for BIND 9.16.x; (bso#14487); + ctdb-common: Avoid aliasing errors during code optimization; (bso#14537); + libndr: Avoid assigning duplicate versions to symbols; (bso#14541); + docs: Fix default value of spoolss:architecture; (bso#14522); + winbind: Fix a memleak; (bso#14388); + s4:dsdb:acl_read: Implement "List Object" mode feature; (bso#14531); + docs-xml/manpages: Add warning about write-behind translator for vfs_glusterfs; (bso#14486); + nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h. + vfs_shadow_copy2: Avoid closing snapsdir twice; (bso#14530); + third_party: Update resolv_wrapper to version 1.1.7; (bso#14547); + examples:auth: Do not install example plugin; (bso#14550); + ctdb-recoverd: Drop unnecessary and broken code; (bso#14513); + RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special; (bso#14471); - Adjust smbcacls '--propagate-inheritance' feature to align with upstream; (bsc#1178469). - Update to samba 4.13.1 + CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records; (bsc#1177613); (bso#14472); + CVE-2020-14323: Unprivileged user can crash winbind; (bsc#1173994); (bso#14436); + CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify; (bsc#1173902); (bso#14434); - Adjust systemd tmpfiles.d configuration, use /run/samba instead of /var/run/samba; (bsc#1177355); - Fix vfs_ceph query_directory regression; (bso#14519) - Drop liburing-devel for SLE15-SP2; (bsc#1177245) - Register CTDB recovery lock holder with ceph-mgr - Add liburing-devel dependency ==== schily ==== Subpackages: cdda2wav cdrecord libcdrdeflt1_0 libdeflt1_0 libedc_ecc1_0 libedc_ecc_dec1_0 libfile1_0 libfind4_0 libparanoia1_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs readcd spax star - Update to release 2020.11.25 * libhfs_iso: changed malloc() to calloc() to avoid uninitialized data. * ved: A new colon command (ESC : vhelp) has been added. - Remove fix_junk_in_partition.patch (upstreamed) - fix_junk_in_partition.patch: Initialize memory that created the partition table instead of writing random bytes to it (bsc#1178692) ==== scim ==== Subpackages: scim-gtk scim-gtk3 scim-lang - Move the startup snippet to /usr/etc/X11/xim.d for TW ==== sudo ==== Version update (1.9.2 -> 1.9.3p1) Subpackages: sudo-plugin-python - Update to 1.9.3p1 * Fixed a regression introduced in sudo 1.9.3 where the configure script would not detect the crypt(3) function if it was present in the C library, not an additional library. * Fixed a regression introduced in sudo 1.8.23 with shadow passwd file authentication on OpenBSD. BSD authentication was not affected. * Sudo now logs when a user-specified command-line option is rejected by a sudoers rule. Previously, these conditions were written to the audit log, but the default sudo log file. Affected command line arguments include -C (--close-from), -D (--chdir), - R (--chroot), -g (--group) and -u (--user). - News in 1.9.3 * Fixed building the Python plugin on systems with a compiler that doesn't support symbol hiding. * Sudo now uses a linker script to hide symbols even when the compiler has native symbol hiding support. This should make it easier to detect omissions in the symbol exports file, regardless of the platform. * Fixed the libssl dependency in Debian packages for older releases that use libssl1.0.0. * Sudo and visudo now provide more detailed messages when a syntax error is detected in sudoers. The offending line and token are now displayed. If the parser was generated by GNU bison, additional information about what token was expected is also displayed. Bug #841. * Sudoers rules must now end in either a newline or the end-of-file. Previously, it was possible to have multiple rules on a single line, separated by white space. The use of an end-of-line terminator makes it possible to display accurate error messages. * Sudo no longer refuses to run if a syntax error in the sudoers file is encountered. The entry with the syntax error will be discarded and sudo will continue to parse the file. This makes recovery from a syntax error less painful on systems where sudo is the primary method of superuser access. The historic behavior can be restored by add "error_recovery=false" to the sudoers plugin's optional arguments in sudo.conf. Bug #618. * Fixed the sample_approval plugin's symbol exports file for systems where the compiler doesn't support symbol hiding. * Fixed a regression introduced in sudo 1.9.1 where arguments to the "sudoers_policy" plugin in sudo.conf were not being applied. The sudoers file is now parsed by the "sudoers_audit" plugin, which is loaded implicitly when "sudoers_policy" is listed in sudo.conf. Starting with sudo 1.9.3, if there are plugin arguments for "sudoers_policy" but "sudoers_audit" is not listed, those arguments will be applied to "sudoers_audit" instead. * The user's resource limits are now passed to sudo plugins in the user_info[] list. A plugin cannot determine the limits itself because sudo changes the limits while it runs to prevent resource starvation. * It is now possible to set the working directory or change the root directory on a per-command basis using the CWD and CHROOT options. There are also new Defaults settings, runchroot and runcwd, that can be used to set the working directory or root directory on a more global basis. * New -D (--chdir) and -R (--chroot) command line options can be used to set the working directory or root directory if the sudoers file allows it. This functionality is not enabled by default and must be explicitly enabled in the sudoers file. - add sudo-1.9.3p1-pam_xauth.patch to stay setuid until just before executing the command. Fixes a problem with pam_xauth which checks effective and real uids to get the real identity of the user [bsc#1174593] ==== system-users ==== Subpackages: system-group-hardware system-group-wheel system-user-bin system-user-daemon system-user-ftp system-user-games system-user-lp system-user-mail system-user-man system-user-news system-user-nobody system-user-tftp system-user-upsd system-user-uucp system-user-wwwrun - Add qemu user to kvm group - Add system account and groups for kvm, qemu, and libvirt (jsc#SLE-11629) New files: system-group-kvm.conf, system-group-libvirt.conf, system-user-qemu.conf ==== systemd-default-settings ==== Version update (0.4 -> 0.5) Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Issue a daemon-reload in %post of the main package - Import 0.5 0c5e241 SLE: turn off RemoveIPC by default for logind (fate#320125) cb6914f SLE: restore ProtectHostname=no for udevd (bsc#1178374) 7e332a6 Add a header in all each drop-ins 465e1c7 Makefile: simplify 'archive' target ==== systemd-presets-branding-openSUSE ==== - Fix package description mention of 'systemd-presets-common-SUSE' ==== tar ==== Subpackages: tar-rmt - prepare usrmerge (boo#1029961) ==== tcsh ==== Version update (6.22.02 -> 6.22.03) Subpackages: tcsh-lang - Update to tcsh bug fix version V6.22.03 - 20201118 * Fix $x:q:h and $x:q:t to not crash (alzwded) with strings containing / * Block SIGHUP while writing history/directory stack (Brett Frankenberger) * Fixed reversed test that broke history merging (Brett Frankenberger) * Prevent recursive entry for writing history (Brett Frankenberger) * alxwded@github, keep track of the :g and :a modifiers per modifier they affect. * alzwded@github, fix infinite loop with :gas variable modifier * PR/88: Add a Q: modifier that preserves empty arguments leaving :q alone. - Port the patches to V6.22.03 * tcsh-6.15.00-pipe.dif * tcsh-6.17.06-dspmbyte.dif * tcsh-6.18.03-catalogs.dif * tcsh-6.22.02-local-dotlock.dif - Remove patches now upstream * tcsh-6.22.02-double_tilde.dif * tcsh-6.22.02-history-merge.dif * tcsh-6.22.02-workaround-common.patch - Make test suite work - prepare usrmerge (boo#1029961) ==== technisat-usb2-firmware ==== - use %_firmwaredir ==== tepl ==== Version update (5.0.0 -> 5.0.1) - Update to version 5.0.1: + Updated translations. ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - xvnc@.service: fixed path for %libexecdir (boo#1178601) ==== tk ==== - Fix manpage symlink for wish8.6. ==== tracker ==== Subpackages: libtracker-sparql-3_0-0 typelib-1_0-Tracker-3_0 - split out the datafiles that are required by the tracker-miners ==== tracker-miners ==== Subpackages: tracker-miner-files - require the newly split out tracker-data-files ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc - Added u-boot tools binaries to tools package - Add pinebook-pro-rk3399 support ==== usbutils ==== Version update (012 -> 013) - Update to version 013: * lsusb.8.in: do not mention usb.ids * usb-devices.1: don't mention bash * usbhid-dump: move manpage to main directory out of subdir * usbhid-dump.8: add SPDX header * usbhid-dump.8: autogenerate it with the usbutils version number * usbhid-dump: add SPDX identifiers to all files. * usbhid-dump: remove libusb.h libusb_strerror() implementation * usbhid-dump: remove lib directory * usbhid-dump: move .h files into src/ directory * Makefile.am: add usbhid-dump.8 to distclean list * usbhid-dump: some autoconf cleanup * usbhid-dump: remove some dev_list functions that were never used * dump_audiostreaming_interface(): remove unused variable * usbmisc: initialize string buffer before reading from device. * lsusb.py: drop trailing space on non-hub devices * lsusb.py: strip whitespace from device strings * lsusb(8): fix formatting * lsusb(8): document --tree * lsusb.py: remove private paths for usb.ids * Additional device classes for usb-devices script * usbhid-dump: Do not use rindex * Move read_sysfs_prop() from names.c to its own file * sysfs: Don't return bogus data for devices under a hub * lsusb: Use vendor and product name fallback logic in -D mode too * lsusb: Get manufacturer, product, and serial from sysfs * bootstrap: change /bin/bash to /bin/sh * lsusb: fix two typos in UVC Extension Unit descriptor * usbhid-dump: Put back autoconf check for libusb_set_option() ==== vala ==== Version update (0.50.1 -> 0.50.2) Subpackages: libvala-0_50-0 - Update to version 0.50.2: + Various improvements and bug fixes: - codegen: . More use of delegate_target_type and delegate_target_destroy_type. . Reduce get_delegate_target/ get_delegate_target_destroy_notify calls. . Don't use inferred type for temp-value to access generic property. . Update outdated array _size_ variable of captured local-variable. . Report internal error for unsupported collection type in foreach. - vala: . Issue an error on void initializer for local-variable. . Allow markup-reader to accept spaces around '=' of attribute assignment. . CodeNode.source_reference is optional, so let the API respect that. . Use DataType.compatible() to check for string concatenation. - valadoc: Don't call CodeContext.pop() on empty stack. - libvaladoc: Don't filter-out generic type-parameters of delegates. - libvaladoc/girimporter: Skip "docsection" elements in . - testrunner: Add "-Werror=return-local-addr" flag. + Bindings updates. ==== vim ==== Version update (8.2.1975 -> 8.2.2039) Subpackages: gvim vim-data vim-data-common - Updated to version 8.2.2039, fixes the following problems * Cannot backspace in prompt buffer after using cursor-left. (Maxim Kim) * Vim9: error for using a string in a condition is confusing. * Making a mapping work in all modes is complicated. * "term_opencmd" option of term_start() is truncated. (Sergey Vlasov) * Vim9: some tests are not done at the script level. * MinGW: parallel compilation might fail. * Quickfix window not updated when adding invalid entries. * ml_get error when using to open a terminal. * Cannot use :vimgrep in omni completion, causing C completion to fail. * Crash when closing terminal popup with mapping. * Expression test is flaky on Appveyor. * Still in Insert mode when opening terminal popup with a mapping in Insert mode. * Info popup triggers WinEnter and WinLeave autocommands. * Cursor position wrong in terminal popup with finished job. * Coverity warns for not using the ga_grow() return value. * Build fails with small features. * Occasional failure of the netbeans test. * The popup menu can cause too much redrawing. * Vim9: invalid error for argument of extend(). * Window changes when using bufload() while in a terminal popup. * Terminal Cmd test sometimes fails to close popup. * Terminal popup test sometimes fails. * Vim9: dict.key assignment not implemented yet. * Vim9: :def function does not apply 'maxfuncdepth'. * Vim9: lambda argument shadowed by function name. * Build error with +conceal but without +popupwin. * Compiler warning for uninitialized variable. * Redoing a mapping with doesn't work properly. * .pbtxt files are not recognized. * Test for insert mode in popup is not reliable. * Vim9: compiling fails for unreachable return statement. * "syn sync" reports a very large number. * Vim9: confusing error message when using bool wrongly. * Vim9: not skipping white space after unary minus. * Using CTRL-O in a prompt buffer moves cursor to start of the line. * Vim9: literal dict #{} is not like any other language. * Swap file test is a little flaky. * Missing part of the dict change. * Vim9: script variable not found from lambda. * Swap file test fails on MS-Windows. * Some compilers do not like the "namespace" argument. * Vim9: get E1099 when autocommand resets did_emsg. * Vim9: star command recognized errornously. * Vim: memory leak when :execute fails. * Flicker when redrawing a popup with a title and border. * Amiga: Not all colors are used on OS4. * Coverity warns for possibly using not NUL terminated string. * Coverity warns for uninitialized field. * Coverity warns for using an uninitialized variable. * Coverity warns for not checking return value. * Some tests fail on Mac. * Some tests fail when run under valgrind. * Cabalconfig and cabalproject filetypes not recognized. * Vim9: :def without argument gives compilation error. * Vim9: list unpack in for statement not compiled yet. * Current buffer is messed up if creating a new buffer for the quickfix window fails. * Compiler test depends on list of compiler plugins. * Viminfo is not written when creating a new file. ==== webkit2gtk3 ==== Version update (2.30.2 -> 2.30.3) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.30.3 (boo#1179122): + Add new build option USE(64KB_PAGE_BLOCK). + Fix backdrop filters with rounded borders. + Fix scrolling iframes when async scrolling is enabled. + Allow applications to handle drag and drop on the web view again. + Update Outlook user agent quirk. + Fix the build with video support disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-13584, CVE-2020-9983. - Drop webkit2gtk3-fdo-soname.patch: fixed upstream. - Rebase webkit-process.patch. ==== wxWidgets-3_2-nostl ==== Subpackages: libwx_baseu-suse-nostl4_0_0 libwx_baseu_net-suse-nostl4_0_0 libwx_baseu_xml-suse-nostl4_0_0 libwx_gtk3u_core-suse-nostl4_0_0 libwx_gtk3u_html-suse-nostl4_0_0 libwx_gtk3u_qa-suse-nostl4_0_0 - Fix an rpmlint warning by moving libwx_base symlinks to their own -devel subpackage which is then required by (wxWidgets-devel, wxGTK3-devel). ==== xfce4-branding-openSUSE ==== Subpackages: exo-branding-openSUSE libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE openSUSE-xfce-icon-theme thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE - Make noto-coloremoji-fonts a soft dependency. This avoids having to break the dependency on the Rescue CD. ==== xlockmore ==== Version update (5.65 -> 5.66) - update to 5.66: GL mode atunnels, juggler3d, atlantis, lament, invert, solitaire, text3d, and text3d2 fixed up by EoflaOE ViceCity and myself to build in xscreensaver. bomb, helix, lightning, penrose, petal, scooter fixes for xscreensaver port (clear screen issue). Clock fixed to run by changing a spot from "Clock" to "CLOCK". A few updates from xscreensaver-5.44/hacks/xlockmore.c for xscreensaver port. Duplicate resources and unloadable resources for xscreensaver port fixed by EoflaOE. Double free removed for xscreensaver port fixed by EoflaOE and myself. Removed some warnings in xscreensaver port in fzort, rubik, skewb, and sproingies. Xpm textures added to xscreensaver ports that need them. image, puzzle, decay, bat now work but use xscreensaver bitmap/pixmap in xscreensaver port. Bug fix in qix and toneclock for xscreensaver port, xlock was not affected by negative NRAND input. euler2d synced up with xscreensaver version. Change to fzort to use __asm__ instead of asm as its probably more likely to work. Fixed solitaire so deckPile changes just a little bit as it doles out cards. Updated bomb to use size 18 font when USE_MB is not set as it seems 34 is not widely available anymore. pacman now has different colored ghosts (no green ghost) and also oscillating dress and eyes. See README for a notice for this mode. Fixed some bad drawings in solitaire and pacman noticed on Windows side. Warnings removed for -Wstrict-prototypes -Wmissing-prototypes - Wdeclaration-after-statement ==== xprop ==== Version update (1.2.4 -> 1.2.5) - Update to version 1.2.5 * Add missing `-help` function * Make output with unknown width terminal the same as old code * Free string list returned from XmbTextPropertyToTextList * Correct icon buffer width computation for truecolor terminals * Check return value from ioctl(TIOCGWINSZ) * Don't display icons if they would line-wrap. * Break down memory allocation logic and fix overallocating for UTF8. * Fix aspect ratio for icon display by using two characters per icon pixel. * Support true color output for icons if the terminal advertises it. * Fix formatting of back-to-back not shown icons. ==== xtables-addons ==== Version update (3.11_k5.9.8_2 -> 3.12_k5.9.10_1) - Update to release 3.12 * Support for Linux 5.10 and the API/ABI change in 5.9.9 ==== yast2 ==== Version update (4.3.41 -> 4.3.44) Subpackages: yast2-logs - prepare usrmerge: install legacy symlinks via spec file only (boo#1029961) - CWM ComboBox: an editable ComboBox will not alter the list of items when the current value is not part of the list as it uses the original list which could be already modified (bsc#1177137) - 4.3.43 - CWM ComboBox: reverted the addition of the current_items method (bsc#1177137) - 4.3.42 ==== yast2-alternatives ==== Version update (4.2.3 -> 4.3.0) - Handle properly help command for alternatives client (bsc#1172340) - 4.3.0 ==== yast2-bootloader ==== Version update (4.3.15 -> 4.3.16) - Make wording in summary more consistent (related to jsc#SLE-16033) - 4.3.16 ==== yast2-firstboot ==== Version update (4.3.7 -> 4.3.8) - Removed duplicated lan client from the firstboot control file and modified the firstboot_dhcp_setup client using the installation dhcp setup client directly (bsc#1177797) - 4.3.8 ==== yast2-journal ==== Version update (4.2.2 -> 4.3.0) - print properly help to avoid accidental opening of module by bash completion (bsc#1172340) - 4.3.0 ==== yast2-network ==== Version update (4.3.27 -> 4.3.30) - Do not crash when trying to replace an /etc/hosts alias using the current static hostname and it is not set (bsc#1179178) - 4.3.30 - Do not show a warn message when modifying a bonding configuration and all the slaves are already configured with BOOTPROTO='none' (bsc#1178950) - 4.3.29 - Fixed detection of connection configuration changes (bsc#1178950) - 4.3.28 - bnc#1175360 - more robust AY profile parser. Do not crash with internal error on unknown node in interfaces section - support for static configurations without ip address - bnc#1175206 - support for defined default when missing bootproto in AY ==== yast2-nis-client ==== Version update (4.3.4 -> 4.3.5) - Do not ask for package installation when CLI help is called (bsc#1172340) - 4.3.5 ==== yast2-ruby-bindings ==== Version update (4.3.9 -> 4.3.11) - Removed Requires / BuildRequires to libyui (build failure) (related to bsc#1175489) - 4.3.11 - Added UI test for menu bar shortcut priority (bsc#1175489) - 4.3.10 ==== yast2-storage-ng ==== Version update (4.3.20 -> 4.3.24) - Y2Storage wrapper for the new Tmpfs class from libstorage-ng (related to jsc#SLE-11308) - Partitioner: improve support for Btrfs subvolumes, related to bsc#996598, bsc#1175139, bsc#1161408, bsc#1004783, bsc#1067505. - Partitioner: add support for Btrfs quotas (jsc#SLE-7742). - 4.3.24 - Partitioner: fixed a crash when 'Do not format' is selected for a device that used to be part of a Btrfs (bsc#1179100). - 4.3.23 - print properly help to avoid accidental opening of module by bash completion (bsc#1172340) - 4.3.22 - Improved error handling for mounting /sys/firmware/efi/efivars (bsc#1174029): - Also check in /proc/filesystems if efivarfs is supported - Don't throw exception if a mount fails, just display a warning - 4.3.21 ==== yast2-trans ==== Version update (84.87.20201108.e4c58f8262 -> 84.87.20201122.ac554fbdd6) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20201122.ac554fbdd6: * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Spanish) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * New POT for text domain 'nis'. * New POT for text domain 'journal'. * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * New POT for text domain 'storage'. * New POT for text domain 'alternatives'. * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * Translated using Weblate (Japanese) * New POT for text domain 'bootloader'. * New POT for text domain 'firstboot'. - Update to version 84.87.20201114.32b95e799c: * Translated using Weblate (Italian) * New POT for text domain 'base'. * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * New POT for text domain 'users'. * New POT for text domain 'storage'. * New POT for text domain 'control'. * Translated using Weblate (Portuguese (Brazil)) ==== yast2-ycp-ui-bindings ==== Version update (4.3.6 -> 4.3.7) - Extended MenuBar-shortcut-test example to test shortcut priority (bsc#1175489) - 4.3.7 ==== yelp ==== Version update (3.38.1 -> 3.38.2) Subpackages: libyelp0 - Update to version 3.38.2: + Fix crash when reloading local document. ==== yelp-xsl ==== Version update (3.38.1 -> 3.38.2) - Update to version 3.38.2: + Updated translations. ==== zbar ==== Version update (0.23 -> 0.23.1) - Update to version 0.23.1 * Add i18n translation support and add a pt_BR translation * Change default to autodetect python and gtk versions * Some documentation updates * Add support for binary data extraction * Add support for raw decoding without charset conversions * Add one shot scanning mode * Fix help messages * Fix some makefile issues * Fix error detection in video4linux read * Fix pkgconfig for zbar-qt5 * Fix a double-free condition - Add 0002-get-rid-of-gettext_h.patch ==== zlib ==== Subpackages: libminizip1 libz1 zlib-devel - Fix hw compression on z15 bsc#1176201 - Add zlib-s390x-z15-fix-hw-compression.patch