Removed rpms ============ Added rpms ========== Package Source Changes ====================== chromium +- Chromium 90.0.4430.93 (boo#1185398): + - CVE-2021-21227: Insufficient data validation in V8. + - CVE-2021-21232: Use after free in Dev Tools. + - CVE-2021-21233: Heap buffer overflow in ANGLE. + - CVE-2021-21228: Insufficient policy enforcement in extensions. + - CVE-2021-21229: Incorrect security UI in downloads. + - CVE-2021-21230: Type Confusion in V8. + - CVE-2021-21231: Insufficient data validation in V8. + - Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html + +- Chromium 90.0.4430.85 (boo#1185047): + * CVE-2021-21222: Heap buffer overflow in V8 + * CVE-2021-21223: Integer overflow in Mojo + * CVE-2021-21224: Type Confusion in V8 + * CVE-2021-21225: Out of bounds memory access in V8 + * CVE-2021-21226: Use after free in navigation +- Chromium 90.0.4430.72 (boo#1184764): + * CVE-2021-21201: Use after free in permissions + * CVE-2021-21202: Use after free in extensions + * CVE-2021-21203: Use after free in Blink + * CVE-2021-21204: Use after free in Blink + * CVE-2021-21205: Insufficient policy enforcement in navigation + * CVE-2021-21221: Insufficient validation of untrusted input in Mojo + * CVE-2021-21207: Use after free in IndexedDB + * CVE-2021-21208: Insufficient data validation in QR scanner + * CVE-2021-21209: Inappropriate implementation in storage + * CVE-2021-21210: Inappropriate implementation in Network + * CVE-2021-21211: Inappropriate implementation in Navigatio + * CVE-2021-21212: Incorrect security UI in Network Config UI + * CVE-2021-21213: Use after free in WebMIDI + * CVE-2021-21214: Use after free in Network API + * CVE-2021-21215: Inappropriate implementation in Autofill + * CVE-2021-21216: Inappropriate implementation in Autofill + * CVE-2021-21217: Uninitialized Use in PDFium + * CVE-2021-21218: Uninitialized Use in PDFium + * CVE-2021-21219: Uninitialized Use in PDFiu + * drop chromium-89-quiche-private.patch + * drop chromium-89-quiche-dcheck.patch + * drop chromium-89-skia-CropRect.patch + * drop chromium-89-dawn-include.patch + * drop chromium-89-webcodecs-deps.patch + * drop chromium-89-AXTreeSerializer-include.patch + * drop libva-2.11.patch + * drop libva-2.11-nolegacy.patch + * drop chromium-84-blink-disable-clang-format.patch +- chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error +- chromium-90-cstdint.patch: some cstd includes added +- chromium-90-fseal.patch: F_SEAL defines added + kernel-default +- Refresh + patches.suse/perf-x86-intel-uncore-remove-uncore-extra-pci-dev-hswep_pci_pcu_3.patch. +- commit dbaac01 + +- rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244) +- commit 58c17cd + +- Revert "scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()" + (bsc#1185038) + This reverts commit 9b829c278737b522a63301c27e6e947c9ed4accf. + Reverted upstream. +- commit 73b3872 + +- perf/x86/intel/uncore: Remove uncore extra PCI dev + HSWEP_PCI_PCU_3 (bsc#1184685). +- commit 91f11e3 + +- rpm/kernel-obs-build.spec.in: Include essiv with dm-crypt (boo#1183063). + Previously essiv was part of dm-crypt but now it is separate. + Include the module in kernel-obs-build when available. + Fixes: 7cf5b9e26d87 ("rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup") +- commit bd99014 + kernel-preempt +- Refresh + patches.suse/perf-x86-intel-uncore-remove-uncore-extra-pci-dev-hswep_pci_pcu_3.patch. +- commit dbaac01 + +- rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244) +- commit 58c17cd + +- Revert "scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()" + (bsc#1185038) + This reverts commit 9b829c278737b522a63301c27e6e947c9ed4accf. + Reverted upstream. +- commit 73b3872 + +- perf/x86/intel/uncore: Remove uncore extra PCI dev + HSWEP_PCI_PCU_3 (bsc#1184685). +- commit 91f11e3 + +- rpm/kernel-obs-build.spec.in: Include essiv with dm-crypt (boo#1183063). + Previously essiv was part of dm-crypt but now it is separate. + Include the module in kernel-obs-build when available. + Fixes: 7cf5b9e26d87 ("rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup") +- commit bd99014 + openSUSE-xfce-icon-theme +- Update to version 4.16.1+git5.e82fd05: + * Remove unused entries (boo#1183828) + +- Update to version 4.16.1+git4.47431fc: + * Add temporary fix for missing file-roller icon + pipewire +- Add %systemd_ordering so systemd is installed before pipewire + on fresh installations. This allows to set the service presets + correctly on new systems since the %systemd_user_* macros don't + do anything if systemd is not installed (boo#1185459). + usbmuxd +- Add usbmuxd-add-socket-option.patch: allow socket to be + specified via the command line. Backported from upstream. +- Add usbmuxd-add-pid-option.patch: allow the pid file to be + specified via the command line. Taken from upstream. +- Add usbmuxd-run-dir.patch: use /run, rather than /var/run, for + the socket and pid file (bsc#1185186). + -- remove _service, too fragile - -- Add 32bit compatibility libraries - -- Create and use "usbmux" user in %pre to fix bno#679159 - -- Update to version 1.0.7 - * Detect iPad 2 and upcoming next generation iPhone devices - * Fix support for ancient devices running iOS 1.x - * Optionally use inotify instead of polling to safe energy - -- Fix -devel package dependencies, libusb is only required at - runtime. -- disable static library creation instead of removing it. - -- ran spec-cleaner - -- Update to version 1.0.6 - * Bump udev rules to 0-9a-f, should last for a few device iterations - * Fix potential issue with USB transactions >=32k multiples of 16k -- remove patch no longer necessary - -- Update to version 1.0.5 - * Protocol version 1 support. Enables libusbmuxd to talk to - Apple's official usbmuxd on Windows and OSX - * Recovery mode support for idevicerestore firmware restores - * Detach kernel USB drivers to avoid USB issues - * Win32 support for libusbmuxd - * FreeBSD support - * Basic C++ support - * Fixes crasher bugs -- Added libplist dependancy -- Remove upstreamed patch - -- Fixed incorrect summary and description see bnc#611595 - -- Update to version 1.0.4 - * Fix aborts due to transmit window overflow - * libusbmuxd: close connection after enumerating devices - * Ignore SIGPIPE, otherwise usbmuxd might shut down - * OSX: add workaround for missing ppoll system call - * Detect the iPad and let usbmuxd talk to it - * libusbmuxd: support shorter device info record messages - -- Update to version 1.0.3 - * Set USBMUX_SUPPORTED in udev rules for user space to be - able to recognize devices supporting the usbmux protocol. - -- Update to version 1.0.2 - * Change documentation to mention libimobiledevice, add a - trademark notice, and make things more consistent - * Security fix: fix a potential buffer overflow that could - be triggered by a rogue device - * Fixed a crash when we get unexpected TCP packets early - (e.g. reconnected device). - * usbmuxd will not 'drop' privileges to root (-U root is - now a no-op) - * Made -U require an argument. The optional argument behavior - was causing some confusion (since -U didn't work, - it had to be -U), so now the argument is required. - Please make sure that you specify an explicit name from now - on ('-U' will not work). - * Removed debugging printfs in libusbmuxd - * Cleaned up and improved CMakeLists. Now it should honor the - CFLAGS environment variable if it is present and nonempty - * Add a missing include to libusbmuxd - -- Update to version 1.0.0 - * Workaround udev bug; fixes not reacting to signals - * Do not try to claim all Apple devices - * Fix libusbmuxd cleanup when usbmuxd shuts down -- Remove upstreamed patches - -- Update to version 1.0.0-rc2 - * Improved documentation - * Fix install target for 64bit architectures - * Fix underlinking of libusbmuxd - -- Update to version 1.0.0-rc1 - * completly new implementation - * uses cmake build system - * improved libusbmuxd API with device hotplug callbacks - * better performance and lower cpu usage - -- Update to version 0.1.4 - * udev operation mode - * better udev rules for non-Debian distributions - * debugging output refined with a mutex to prevent garbled output - * smaller buffer size in usbmuxd_client_handler_thread to fix - connection resets - -- Update to version 0.1.3 - * Proper fix for USB communication issue using wMaxPacketSize - -- Update to version 0.1.1 - * Fix USB communication issue with packet sizes of N*128 or N*512 - -- Update to version 0.1.0 - * First official release - * Adds iPhone 3GS support and exposes new tethering USB interface - * Fix race condition using multiple clients simultaneously - * Fix various usbmux protocol bugs - -- Initial package created - virtualbox +- Version bump to (released April 20 2021 by Oracle) + This is a maintenance release. The following items were fixed and/or added: + VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0) + VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141) + VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175) + VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068) + OCI: Add cloud-init support for export to OCI and for OCI instance creation + GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235) + Audio: Multiple fixes and enhancements + Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171) + Network: Fixed link status reporting for "not attached" adapters + Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148) + Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182) + Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847) + DHCP: Don't crash in the presence of fixed address assignments (bug #20128) + Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854) + Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176) + NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load + VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm" + vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073) + Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12 + Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122) + Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x + Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289) + File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream. + File "vboxautostart.sh" is replaced by "vboxautostart-service.sh" + File "vboxautostart.service" is replaced by "vboxautostart-service.service" + Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM" + Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration" + Fixes CVE-2021-2264 and boo#1184542. The directory for the .start files for + autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart + service is hardened (by Oracle). + virtualbox:kmp +- Version bump to (released April 20 2021 by Oracle) + This is a maintenance release. The following items were fixed and/or added: + VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0) + VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141) + VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175) + VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068) + OCI: Add cloud-init support for export to OCI and for OCI instance creation + GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235) + Audio: Multiple fixes and enhancements + Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171) + Network: Fixed link status reporting for "not attached" adapters + Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148) + Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182) + Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847) + DHCP: Don't crash in the presence of fixed address assignments (bug #20128) + Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854) + Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176) + NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load + VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm" + vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073) + Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12 + Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122) + Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x + Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289) + File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream. + File "vboxautostart.sh" is replaced by "vboxautostart-service.sh" + File "vboxautostart.service" is replaced by "vboxautostart-service.service" + Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM" + Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration" + Fixes CVE-2021-2264 and boo#1184542. The directory for the .start files for + autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart + service is hardened (by Oracle). + yast2-network +- Omit hidden networks from the list of wireless networks to be + selected preventing the dialog to crash (bsc#1185372) +- 4.3.67 + +- Do not crash when the BOOTPROTO or STARTMODE ar missing or + invalid (bsc#1181295). +- 4.3.66 + +- Do not require a MAC address when activating a qeth device + with layer2 support (bsc#1184474). +- 4.3.65 + yast2-pkg-bindings +- Pkg.ProvidePackage() - download the latest package version from + the repository, this ensures that the installer is updated with + the latest packages from the installer updates repository + (bsc#1185240) +- 4.3.11 + yast2-trans +- Update to version 84.87.20210425.616915ed60: + * Translated using Weblate (Portuguese) + * Translated using Weblate (Hindi) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Hindi) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Portuguese) + * Added translation using Weblate (Portuguese) + * Added translation using Weblate (Portuguese) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'packager'. + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * New POT for text domain 'ldap'. + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Hindi) + * Translated using Weblate (Slovak) + * New POT for text domain 'bootloader'. + * Translated using Weblate (Japanese) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * New POT for text domain 'base'. + * Translated using Weblate (Portuguese) +