Removed rpms ============ - OpenIPMI - alsa-oss-32bit - appres - bdftopcf - bea-stax-api - beforelight - bitmap - cyrus-sasl-32bit - dbus-1-glib-32bit - editres - expect - fonttosfnt - fslsfonts - fstobdf - hardlink - hunspell - hunspell-tools - icedtea-web - ico - alsa-plugins-pulse-32bit - cyrus-sasl-plain-32bit - gnome-keyring-32bit - libXau6-32bit - libavahi-client3-32bit - libblkid1-32bit - libbz2-1-32bit - libcom_err2-32bit - libcrack2-32bit - libdw1-32bit - libgcrypt20-32bit - libgio-2_0-0-32bit - libgmodule-2_0-0-32bit - libjansson4-32bit - liblua5_3-5-32bit - libndr-standard0-32bit - libnetapi0-32bit - libnsl2-32bit - libopenssl1_1-32bit - libpcrecpp0-32bit - libsamba-errors0-32bit - libsmbconf0-32bit - libtasn1-6-32bit - libtextstyle0-32bit - libunistring2-32bit - libverto1-32bit - libvorbis0-32bit - libvorbisenc2-32bit - libxml2-2-32bit - libz1-32bit - pam-32bit - perl-base-32bit - samba-client-32bit - sysfsutils-32bit - systemd-32bit - ipmitool - jline1 - kdeconnect-kde - kdeconnect-kde-lang - kpeoplevcard - krb5-32bit - lbxproxy - libFLAC8-32bit - libFS6 - libKF5PulseAudioQt2 - libXTrap6 - libXiterm1 - libXp6 - libXprintUtil1 - libXxf86dga1 - libasound2-32bit - libaudit1-32bit - libavahi-common3-32bit - libcrypt1-32bit - libcups2-32bit - libdigikamcore6 - libfakekey0 - libfam0-gamin-32bit - libglib-2_0-0-32bit - libgpg-error0-32bit - libidn2-0-32bit - liblbxutil1 - liblz4-1-32bit - liblzma5-32bit - libnettle6-32bit - libnghttp2-14-32bit - libp11-kit0-32bit - libparted0-32bit - libpci3-32bit - librecode3 - libsamba-hostconfig0-32bit - libsamba-passdb0-32bit - libsamba-util0-32bit - libsamdb0-32bit - libselinux1-32bit - libspeex1-32bit - libsystemd0-32bit - libtevent-util0-32bit - libtirpc3-32bit - libwbclient0-32bit - libyui-ncurses-pkg14 - libyui-ncurses14 - libyui-qt-graph14 - libyui-qt-pkg14 - libyui-qt14 - libyui14 - listres - m4 - man-pages-fr - mkcomposecache - mksh - mutt - mutt-doc - mutt-lang - nss-mdns-32bit - oclock - patterns-base-apparmor_opt - patterns-base-enhanced_base_opt - patterns-base-x11_opt - patterns-desktop-imaging_opt - patterns-desktop-laptop - patterns-desktop-multimedia_opt - perl-Expect - proxymngr - python3-urwid - raleway-fonts - recode - release-notes-openSUSE - rendercheck - rhino - rstart - rxvt-unicode - samba-libs-32bit - showfont - smproxy - sshfs - supportutils - sysfsutils - tagsoup - twm - urlscan - urlview - viewres - x11-japanese-bitmap-fonts - x11perf - xbacklight - xbiff - xcalc - xclipboard - xcmsdb - xcompmgr - xcursor-themes - xcursorgen - xdbedizzy - xditview - xdpyinfo - xedit - xev - xeyes - xf86dga - xfce4-statusnotifier-plugin - xfce4-statusnotifier-plugin-lang - xfd - xfindproxy - xfontsel - xfs - xfsinfo - xfwp - xgamma - xgc - xinput - xiterm - xkbevd - xkbprint - xkbutils - xkill - xload - xlogo - xlsatoms - xlsclients - xlsfonts - xmag - xman - xmanja - xmlbeans - xmore - xorg-scripts - xorg-x11 - xplsprinters - xpr - xprehashprinterlist - xrefresh - xrestop - xrx - xscope - xsetmode - xsetpointer - xsm - xstdcmap - xtrap - xvidtune - xvinfo - xwd - xwininfo - xwud - yast2-support Added rpms ========== - SUSEConnect - WindowMaker - alsa-plugins-pulse-32bit - cyrus-sasl-plain-32bit - dracut-transactional-update - gnome-keyring-32bit - google-poppins-fonts - alsa-oss-32bit - cyrus-sasl-32bit - dbus-1-glib-32bit - krb5-32bit - libFLAC8-32bit - libasound2-32bit - libaudit1-32bit - libavahi-common3-32bit - libcrypt1-32bit - libcups2-32bit - libfam0-gamin-32bit - libglib-2_0-0-32bit - libgpg-error0-32bit - libidn2-0-32bit - liblz4-1-32bit - liblzma5-32bit - libnettle6-32bit - libnghttp2-14-32bit - libp11-kit0-32bit - libparted0-32bit - libpci3-32bit - libpwquality1-32bit - libsamba-hostconfig0-32bit - libsamba-passdb0-32bit - libsamba-util0-32bit - libsamdb0-32bit - libselinux1-32bit - libspeex1-32bit - libsystemd0-32bit - libtevent-util0-32bit - libtirpc3-32bit - libwbclient0-32bit - nss-mdns-32bit - samba-libs-32bit - inotify-tools - kernel-preempt-extra - kernel-preempt-optional - libXau6-32bit - libavahi-client3-32bit - libblkid1-32bit - libbz2-1-32bit - libcom_err2-32bit - libcrack2-32bit - libdigikamcore7 - libdw1-32bit - libeconf0 - libgcrypt20-32bit - libgio-2_0-0-32bit - libgmodule-2_0-0-32bit - libinotifytools0 - libjansson4-32bit - liblua5_3-5-32bit - libndr-standard0-32bit - libnetapi0-32bit - libnsl2-32bit - libnss_usrfiles2 - libnss_usrfiles2-32bit - libopenssl1_1-32bit - libsamba-errors0-32bit - libsmbconf0-32bit - libtasn1-6-32bit - libtextstyle0-32bit - libtukit0 - libunistring2-32bit - libverto1-32bit - libvorbis0-32bit - libvorbisenc2-32bit - libxml2-2-32bit - libyui-ncurses-pkg15 - libyui-ncurses15 - libyui-qt-graph15 - libyui-qt-pkg15 - libyui-qt15 - libyui15 - libz1-32bit - login_defs - metamail - mpt-status - pam-32bit - pam-doc - pam_pwquality - pam_pwquality-32bit - patterns-base-basic_desktop - patterns-base-documentation - patterns-desktop-mobile - patterns-yast-yast2_desktop - patterns-yast-yast2_server - perl-TermReadLine-Gnu - perl-base-32bit - procinfo - procmail - rollback-helper - samba-client-32bit - setserial - sharutils - sharutils-lang - spax - star - star-rmt - systemd-32bit - systemd-doc - tukit - update-test-trivial - vlan - zypper-migration-plugin - zypper-search-packages-plugin Package Source Changes ====================== MozillaFirefox +- Firefox Extended Support Release 78.7.1 ESR + * Fixed: Prevent access to NTFS special paths that could lead + to filesystem corruption. (bmo#1689598) + * Fixed: Security fix + MFSA 2021-06 (bsc#1181848) + * MOZ-2021-0001 (bmo#1676636) + Buffer overflow in depth pitch calculations for compressed + textures + +- Firefox Extended Support Release 78.7.0 ESR + * Fixed: Various stability, functionality, and security fixes + MFSA 2021-04 (bsc#1181414) + * CVE-2021-23953 (bmo#1683940) + Cross-origin information leakage via redirected PDF requests + * CVE-2021-23954 (bmo#1684020) + Type confusion when using logical assignment operators in + JavaScript switch statements + * CVE-2020-26976 (bmo#1674343) + HTTPS pages could have been intercepted by a registered + service worker when they should not have been + * CVE-2021-23960 (bmo#1675755) + Use-after-poison for incorrectly redeclared JavaScript + variables during GC + * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, + bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844, + bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410, + bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736, + bmo#1685260, bmo#1685925) + Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 + MozillaThunderbird +- Mozilla Thunderbird 78.7.1 (bsc#1181848) + * changed: Building OpenPGP shared library linked to system + libraries now supported (bmo#1634963) + * changed: MailExtension errors now shown in Developer Tools + console by default (bmo#1650149) + * changed: MailExtensions: Dynamic registration of calendar + providers now supported (bmo#1652885) + * fixed: OpenPGP improvements (bmo#1655210) + * fixed: Message preview was sometimes blank after upgrading + from Thunderbird 68 (bmo#1653168) + * fixed: Email addresses whitelisted for remote content not + displayed in preferences (bmo#1652575) + * fixed: Importing data from Seamonkey did not work + (bmo#272292) + * fixed: Renaming a mail list did not update the side bar + (bmo#1632331) + * fixed: MailExtensions: messenger.* namespace was undefined + (bmo#1641573) + +- Mozilla Thunderbird 78.7 + * changed: MailExtensions: browserAction, composeAction, and + messageDisplayAction toolbar buttons now support label and + default_label properties (bmo#1583478) + * fixed: Running a quicksearch that returned no results did not + offer to re-run as a global search (bmo#1663153) + * fixed: Message search toolbar fixes (bmo#1681010) + * fixed: Very long subject lines distorted the message compose + and display windows, making them unusable (bmo#77806) + * fixed: Compose window: Recipient addresses that had not yet + been autocompleted were lost when clicking Send button + (bmo#1674054) + * fixed: Compose window: New message is no longer marked as + "changed" just from tabbing out of the recipient field + without editing anything (bmo#1681389) + * fixed: Account autodiscover fixes when using MS Exchange + servers (bmo#1679759) + * fixed: LDAP address book stability fix (bmo#1680914) + * fixed: Messages with invalid vcard attachments were not + marked as read when viewed in the preview window + (bmo#1680468) + * fixed: Chat: Could not add TLS certificate exceptions for + XMPP connections (bmo#1590471) + * fixed: Calendar: System timezone was not always properly + detected (bmo#1678839) + * fixed: Calendar: Descriptions were sometimes blank when + editing a single occurrence of a repeating event + (bmo#1664731) + * fixed: Various printing bugfixes (bmo#1676166) + * fixed: Visual consistency and theme improvements + (bmo#1682808) + * fixed: Various security fixes + MFSA 2021-05 (bsc#1181414) + * CVE-2021-23953 (bmo#1683940) + Cross-origin information leakage via redirected PDF requests + * CVE-2021-23954 (bmo#1684020) + Type confusion when using logical assignment operators in + JavaScript switch statements + * CVE-2020-15685 (bmo#1622640) + IMAP Response Injection when using STARTTLS + * CVE-2020-26976 (bmo#1674343) + HTTPS pages could have been intercepted by a registered + service worker when they should not have been + * CVE-2021-23960 (bmo#1675755) + Use-after-poison for incorrectly redeclared JavaScript + variables during GC + * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, + bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844, + bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410, + bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736, + bmo#1685260, bmo#1685925) + Memory safety bugs fixed in Thunderbird 78.7 + PackageKit +- Add PackageKit-zypp-reset-update-mode-after-get-updates.patch: + zypp: Reset update mode after getting updates + (gh#hughsie/PackageKit/commit#b208f551, bsc#1180150). + attica-qt5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Remove not implemented method + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Compile without deprecated method against qt5.15 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + autoyast2 +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.68 + baloo5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Split CJK terms at punctuation characters, optimize code + * Refactor the code in preparation for ICU integration. + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Remove not implemented method + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes to list here. + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Use common UDS creation code also for tags (kde#419429) + * Don't index .ytdl files (kde#424925) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * [Indexers] Ignore name-based mimetype for initial indexing decisions + bcm43xx-firmware -- use %_firmwaredir - bluez-qt +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Add rfkill property to manager + * Add status property to rfkill + * Register Rfkill for QML + * Export Rfkill + * d-pointerify rfkill + * Support providing service data values for LE advertisements + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Expose the service advertisement data of a device + breeze5-icons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes since 5.75.0, only listing bugfixes: + * Add task-complete icons (kde#397996) + * Add task-recurring and appointment-recurring icons (kde#418920) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Add new generic "behavior" icon + * Make icon validation depend on icon generation only if enabled + * Only run Test24x24Icons if icon generation is enabled + * Replace 24px icon bash script with python script + * Use flag style iconography for view-calendar-holiday + * Add Plasma Nano logo + * Add application-x-kmymoney + * Lengthen the horizontal lines in the KMyMoney icon + * Add KMyMoney icon + +- Drop patch to no longer inherit from oxygen, it's not been + necessary for a long time now: + * oxygen.diff + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Add another alias for keepass icon (kde#425928) + * Run application-x-bzip-compressed-tar through `scour` (kde#425089) + * Add aliases for MP3 icons (kde#425059) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes since 5.72.0, only listing bugfixes: + * Add SMART status icon (kde#423997) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fixed three 16px icons for application-x-... to be more pixel-perfet (kde#423727) + * Add support for >200% scale for icons which should stay monochrome + * Cut out center of window-close-symbolic + * Fix cervisia icon + * cervisia app and action icon update + * Add README section about the webfont + * Use grunt-webfonts instead of grunt-webfont and disable generation for symbolic linked icons. + * add kup icon from kup repo + bzip2 +- update bzip2-1.0.6-CVE-2019-12900.patch to accept as many + selectors as the file format allows. This relaxes the previous + fix for CVE-2019-12900 so that bzip2 allows decompression of bz2 + files that use (too) many selectors again. It fixes a bzip2 and + lbzip2 incompatibility caused by previous patch [bsc#1139083] + [CVE-2019-12900] + +- add bzip2-1.0.6-CVE-2019-12900.patch to fix an out-of-bounds + write in decompress.c when there are many nSelectors used in a + loop to access selectorMtf [bsc#1139083] [CVE-2019-12900] + +- add bzip2-1.0.6-CVE-2016-3189.patch to fix a heap use after + free vulnerability that was reported in bzip2recover [bsc#985657] + [CVE-2016-3189] + +- Update autotools patchset: + D bzip2-1.0.6-autoconfiscated.patch + A bzip2-1.0.6.2-autoconfiscated.patch + +- Use %license (boo#1082318) + +- Fix build on Fedora and Mageia + +- Update bzip2-1.0.6-autoconfiscated.patch: + * Bump version to 1.0.6. + * Fix script symlinks on platforms with EXEEXT. + +- Drop implicit pie building +- Try profiled build +- Move autoreconf to build section + +- cleanup with spec-cleaner + +- add bzip2-1.0.6-bzgrep_return_value.patch to fix bzgrep wrapper + that always returns 0 as an exit code when grepping multiple + archives [bsc#970260] + +- Remove bzip2-faster.patch, it causes a crash with libarchive and + valgrind points out uninitialized memory. See + https://github.com/libarchive/libarchive/issues/637#issuecomment-170612576 + +- Avoid noarch sub package in SLE_11 + +- Cleanup a bit. +- Remove the profiling stuff as it should not be used nowdays. + At least even factory builds without it. +- Provide libbz2.so.1.0 as other distros do, so we can run tiny + things like steam. +- Respect cflags again, borked by previous commit. + +- build with PIE + +- fix basisms in bzgrep and bznew +- add patches: + * bzip2-1.0.6-fix-bashisms.patch + chromium +- Update to 88.0.4324.150 bsc#1181827 + - CVE-2021-21148: Heap buffer overflow in V8 + +- Update to 88.0.4324.146 bsc#1181772 + - CVE-2021-21142: Use after free in Payments + - CVE-2021-21143: Heap buffer overflow in Extensions + - CVE-2021-21144: Heap buffer overflow in Tab Groups. + - CVE-2021-21145: Use after free in Fonts + - CVE-2021-21146: Use after free in Navigation. + - CVE-2021-21147: Inappropriate implementation in Skia + colord +- allow access to /usr/local/share/color in AppArmor profile (boo#1180898) + cracklib +- Update to version 2.9.7: + + fix a buffer overflow processing long words. +- Drop 0003-overflow-processing-gecos.patch and + 0004-overflow-processing-long-words.patch: fixed upstream. +- Update source URI. +- Remove use of translation-update-upstream. It cannot be added to + ring 0 on leap, and 2.9.7 has some translation fixes + (bsc#1172396). + +- Enable translation-update-upstream on leap, to remove the use of + is_opensuse (jsc#SLE-12096). + +- use /usr/lib instead of %{_libexecdir}, %{_libexecdir} should + contain internal binaries, not data + +- Use %license (boo#1082318) + +- Update to 2.9.6 + * fix issue with sort and locale + * some particularly bad cases to the cracklib small dictionary + * updates to cracklib-words (adds a bunch of other dictionary lists) + * migration to github +- run spec-cleaner + +- Only buildrequire and call translation-update-upstream on SLE: + the package in openSUSE is a dummy and is empty. + +- Add patch 0004-overflow-processing-long-words.patch + to fix a new buffer overflow identified together with bsc#992966. + +- Relabel patches: + cracklib-magic.diff -> 0001-cracklib-magic.diff + cracklib-2.9.2-visibility.patch -> 0002-cracklib-2.9.2-visibility.patch +- Add patch 0003-overflow-processing-gecos.patch + to fix a buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318) + +- Update to 2.9.5 + * fix matching against first password in dictionary (Anton Dobkin) +- Changes for 2.9.4 + * remove doubled prototype +- Changes for 2.9.3 + * expose additional functions externally + +- Cleanup spec file with spec-cleaner +- Remove old ppc provides/obsoletes + +- Update to version 2.9.2 + + support build of python support outside of source tree + + fix bug in Python string distance calculation + + fix bug #16 / debian bug 724570 - broken optimization with packlib + prevblock +- Adapt patch to upstream changes + + cracklib-visibility.patch > cracklib-2.9.2-visibility.patch + cups +- cups-2.2.7-CVE-2020-10001.patch fixes CVE-2020-10001 + access to uninitialized buffer in ipp.c (bsc#1180520) +- cups-2.2.7-CVE-2019-8842.patch fixes CVE-2019-8842 (bsc#1170671) + the ippReadIO function may under-read an extension field + digikam +- Use cmake() style BuildRequires when possible. + +- Remove several unused build dependencies (doxygen, graphviz, + all of boost but libboost_graph). +- Remove __DATE_/__TIME__ mangling, handled by SOURCE_DATE_EPOCH. +- Bump disk constraints, TW needs 9.3 GB currently. + +- Update to 7.1.0 + * https://www.digikam.org/news/2020-09-06-7.1.0_release_announcement/ +- New features (from NEWS): + QueueManager: Add new tool to fix hot pixels from images. + QueueManager: Add new tool to apply texture over images. + Metadata: Better Exif and XMP metadata support with CR3 file + using libraw info parser. + Metadata: Add support of IPTC strings encoded as UTF-8 imported + to the database. +- 318 bugs fixed + +- Update to 7.0.0 + * https://www.digikam.org/news/2020-07-19-7.0.0_release_announcement/ +- New features (from NEWS): + FaceManagement: New Neural Network engine based on OpenCV Deep + Learning module to detect and recognize faces. + FaceManagement: Face Scan dialog contents is now simplified and + embeded into left side-bar tab. + SlideShow : Add new shuffle mode. + HTMLGallery : Add new theme "Html5Responsive". + General : Code compile with Qt5.15 framework. + General : All bundles have switched to last Qt 5.14.2 LTS. + Linux and MacOS use QtWebEngine instead QtWebKit. + General : All bundles have switched to last KF5 5.70.0. + Fix support for Gimp XCF files >= 2.10. + General : New FlatPak bundle processed by the KDE continuous + integration stream. + General : New Plugin ImageMosaicWall to create an image based + on a bunch of other photos. + General : Add Microsoft Visual C++ support and a Continuous + Integration workflow to check code with this + compiler. + General : Table-view is now able to show digiKam Tag-Paths + properties. + Metadata : Add option to write geolocation information in file + metadata. + Metadata : Add color label support for advanced metadata + settings. + Metadata : Add Exif, Iptc, and Xmp read support for HEIF + images. + General : Improved support for UNC network paths under + Windows. + General : Improved support for Unicode paths under Windows. + General : Internal libheif updated to last stable 1.6.2 and + internal libde265 updated to last stable 1.0.5. + General : Internal libraw updated to 0.20-RC2 + (https://www.libraw.org/news/libraw-0-20-rc2 ). + New camera supported: + Canon CR3, PowerShot G5 X Mark II, + G7 X Mark III, SX70 HS, EOS R, EOS RP, EOS 90D, + EOS 250D, EOS M6 Mark II, EOS M50, EOS M200, + EOS 1DX Mark III (lossless files only) + DJI Mavic Air, Air2, Osmo Action, + FujiFilm Fujifilm compressed/16bit, GFX 100, + X-A7, X-Pro3, X100V, X-T4, X-T200, + GoPro Fusion, HERO5, HERO6, HERO7, HERO8, + Hasselblad L1D-20c, X1D II 50C, + Leica D-LUX7, Q-P, Q2, V-LUX5, C-Lux / CAM-DC25, + SL2, M10 Monochrom, + Nikon D780, Z50, P950, + Olympus TG-6, E-M5 Mark III, E-PL10, E-M1 Mark III, + Panasonic Panasonic 14-bit, DC-FZ1000 II, DC-G90, + DC-S1, DC-S1R, DC-S1H, DC-TZ95, + PhaseOne IQ4 150MP, + Rapsberry Pi RAW+JPEG format, + Ricoh GR III, + Sony A7R IV, A9 II, ILCE-6100, ILCE-6600, RX0 II, + RX100 VII, + Zenit M, + also multiple modern smartphones. +- 761 bugs fixed +- Drop patches merged upstream: + * fix-build-with-opencv-4.2.patch + * dlib-update-to-work-with-latest-version-of-OpenCV.patch + * Fix-build-with-Qt-5.15.patch +- Drop 0001-Disable-detection-of-OpenGL-for-GLES-platforms.patch, + no longer necessary +- Refresh patch: + * 0001-Revert-Exiv2-is-now-released-with-exported-targets-u.patch +- Re-enable Faces engine DNN on ppc64le, it builds fine now +- Switch back to old face detection engine when building with + opencv 3.3 (Leap 15.1/15.2), as the compilation fails otherwise +- Drop conditionals for no longer supported openSUSE versions + +- Update _constraints with latest disk value for all archs + +- increase min disk space for PowerPC from 6 to 8GB + +- Add Fix-build-with-Qt-5.15.patch to fix build with Qt 5.15 + (kde#421817) + dracut +- Update to version 049.1+suse.183.g7282fe92: + * As of v246 of systemd "syslog" and "syslog-console" switches have been deprecated + (multiple backported commits, bsc#1180119) + +- Update to version 049.1+suse.174.g150b9981: + * make collect optional (bsc#1177870) + * Inclusion of dracut modifications to enable nvme-fc boot support (bsc#1142248) + * suse.spec: add nvmf module + * 95nvmf: Implement 'fc,auto' commandline syntax + * 95nvmf: add nvmf-autoconnect script + * 95nvmf: Fixup FC connections + * 95nvmf: rework parameter handling + * 95nvmf: fix typo in the example documentation + * 95nvmf: add NVMe over TCP support + * 95nvmf: add module for NVMe-oF + Adds new module 95nvmf, see jsc#ECO-3063. + editorconfig-core-c +- editorconfig-core-c 0.12.4: + * fix various stability issues caused by memory handling +- drop upstream patch now included: + * 0001-fix-prevent-buffer-overflow-74.patch + flac -- Fix memory leak (CVE-2020-0487 bsc#1180112): - stream_decoder.c-Fix-a-memory-leak.patch - -- Fix out-of-bounds access (CVE-2020-0499 bsc#1180099): - libFLAC-bitreader.c-Fix-out-of-bounds-read.patch - -- Fix memory leak in read_metadata_vorbiscomment_() function - (CVE-2017-6888, bsc#1091045): - flac-CVE-2017-6888.patch - -- Update to version 1.3.2 - * Fix undefined behaviour using GCC/Clang UBSAN (erikd). - * General hardening via fuzz testing with AFL (erikd and - others). - * General code improvements (lvqcl, erikd and others). - * Add FLAC in MP4 specification docs (Ralph Giles). - * Fix some cppcheck warnings (erikd). - * Assume all currently used OSes support SSE2. - flac: - * Fix potential infinite loop on flac-to-flac conversion - (erikd). - * Add WAVEFORMATEXTENSIBLE to WAV (as needed) when - decoding (lvqcl). - * Only write vorbis-comments if they are non-empty. - * Error out if decoding RAW with bits != (8|16|24). - metaflac: - * Add --scan-replay-gain option. - libraries: - * CPU detection cleanup and fixes (Julian Calaby, erikd - and lvqcl). - * Fix two stream decoder bugs (Max Kellermann). - * Fix a NULL dereference bug (on a malformed file). - * Changed the LPC order guess for a slight compression - improvement, particularly for classical music - (Martijn van Beurden). - * Improved encoding speed on older Intel CPUs. - * Fixed a seeking bug when decoding certain files - (Miroslav Lichvar). - * Put an upper bound (32768) on the number of seek - points. - * Fix potential memory leaks. - * Support 64bit brword/bwword allowing - FLAC__BYTES_PER_WORD to be set to 8 (disabled by - default). - * Fix an out-of-bounds heap read. -- Refreshed flac-cflags.patch - -- Drop patch that should be upstreamed first, otherwise we will - have to keep it ofrever: - * flac-ocloexec.patch -- Drop wrong patch: - * flac-fix-pkgconfig.patch - + If using this change you get assert.h include overriden in your - project by the one from FLAC/ which is not what upstream desired - If packages fail to build they should fix their include - -- Build documentation as noarch - -- Cleanup spec file with spec-cleaner -- Update url -- Remove no longer needed patches - * flac-fix-CVE-2014-8962.patch - * flac-fix-CVE-2014-9028.patch - * 0001-getopt_long-not-broken-here.patch -- Remove following as benefit of using openssl is small - * 0001-Allow-use-of-openSSL.patch -- Add flac-cflags.patch -- Use doxygen to build documentation -- Split documentation to separate package -- Update to 1.3.1 - * Improved decoding efficiency of all bit depths but especially - so for 24 bits for IA32 architecture (lvqcl and Miroslav Lichvar). - * Faster encoding using SSE and AVX (lvqcl). - * Fixed bartlett, bartlett_hann and triangle functions. - * New apodization functions partial_tukey and punchout_tukey for - improved compression (Martijn van Beurden). - * Retuned compression presets to incorporate new apodization - functions (Martijn van Beurden). - * Fix -Wcast-align warnings on armhf architecture (Erik de - Castro Lopo). - * Help output documentation improvements. - * I/O buffering improvements on Windows to reduce disk - fragmentation when writing files. - * Only write vorbis-comments if they are non-empty. - * Fix symbol visibility in XMMS plugin. - * Many fixes and improvements across all the build systems. - * Fix CVE-2014-9028 (heap write overflow) and CVE-2014-8962 - (heap read overflow) - -- A couple of security fixes: - * flac-fix-CVE-2014-8962.patch: - arbitrary code execution by a stack overflow (CVE-2014-8962, - bnc#906831) - * flac-fix-CVE-2014-9028.patch: - Heap overflow via specially crafted .flac files (CVE-2014-9028, - bnc#907016) - -- Update to final upstream release 1.3.0 - * No user-visible changes -- More robust make install call - -- Update to flac 1.3.0pre4 (packaged as 1.2.99_git* to avoid - messing with RPM versioning) - * Mostly non-linux related bugfixes plus autotools fixes - - flac-openssl.patch --> 0001-Allow-use-of-openSSL.patch - - remove flac-1.2.1-automake1_13.patch, fixed in upstream. - - add 0001-getopt_long-not-broken-here.patch, FLAC bundles - GNU-compatible getopt_long for broken OS, but we do have - a functional version in libc already. - frameworkintegration +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Clarify license statement according to KDElibs History + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + gamin-devel -- Both library packages must require gamin-server sub-package. - -- split lib* packages into own spec file to avoid a build cycle - (avoiding glib2) - gdm +- Add gdm-fix-crash-when-using-Xvfb.patch: For some reason gdm + fails to get display and does not set it to NULL when using + with Xvfb, and it leads into a crash, this patch sets display + to NULL by default. (bsc#1178292, glgo#GNOME/gdm!118) + gmp +- adjusted to be the same license as in factory (bsc#1180603) + +- correct license statement (library itself is no GPL-3.0) + gnome-packagekit +- Add gnome-packagekit-define-HAVE_SYSTEMD.patch: define + HAVE_SYSTEMD macro if systemd if found + (glgo#GNOME/gnome-packagekit!3, bsc#1134544). + grub2 +- Fix build error in binutils 2.36 (bsc#1181741) + * 0001-Fix-build-error-in-binutils-2.36.patch +- Fix executable stack in grub-emu (bsc#1181696) + * 0001-emu-fix-executable-stack-marking.patch + +- Restore compatibilty sym-links + * grub2.spec +- Use rpmlintrc to filter out rpmlint 2.0 error (bsc#1179044) + * grub2.rpmlintrc + gstreamer-plugins-bad +- Disable the kate/libtiger plugin. Kate streams for karaoke are not + used anymore, and the source tarball for libtiger is no longer + available upstream. (jsc#SLE-13843) + hwdata +- Add merge-pciids.pl to fully duplicate behavior of pciutils-ids + * Resolves SLE issue bsc#1180422 bsc#1180482 + +- Update to version 0.343: + + Updated pci, usb and vendor ids. + +- Update to version 0.342: + + Updated pci, usb and vendor ids. + +- Update to version 0.341: + + Updated pci, usb and vendor ids. + +- Update to version 0.340: + + Updated pci, usb and vendor ids. + +- Update to version 0.339: + + Updated pci, usb and vendor ids. + +- Update to version 0.338: + + Updated pci, usb and vendor ids. + +- Update to version 0.337: + + Updated pci, usb and vendor ids. + +- Update to version 0.336: + + Updated pci, usb and vendor ids. + +- Update to version 0.335: + * Updated pci, usb and vendor ids. + jasper +- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls + Add jasper-CVE-2020-27828.patch +- bsc#1181483 CVE-2021-3272: Fix heap overflow by ensuring number + of channels matches image components + Add jasper-CVE-2021-3272.patch + java-11-openjdk +- Update to upstream tag jdk-11.0.10-9 (January 2021 CPU, + bsc#1181239) + * Security fixes + + JDK-8247619: Improve Direct Buffering of Characters + * Other changes + + JDK-6722928: Support SSPI as a native GSS-API provider + + JDK-7185258: [macosx] Deadlock in SunToolKit.realSync() + + JDK-8152332: [macosx] JFileChooser cannot be serialized on + Mac OS X + + JDK-8161684: [testconf] Add VerifyOops' testing into compiler + tiers + + JDK-8171279: Support X25519 and X448 in TLS + + JDK-8173361: various crashes in + JvmtiExport::post_compiled_method_load + + JDK-8173658: JvmtiExport::post_class_unload() is broken for + non-JavaThread initiators + + JDK-8191006: hsdis disassembler plugin does not compile with + binutils 2.29+ + + JDK-8197981: Missing return statement in + __sync_val_compare_and_swap_8 + + JDK-8198334: java/awt/FileDialog/8003399/bug8003399.java + fails in headless mode + + JDK-8200151: Add 8 JNDI tests to com/sun/jndi/dns/ConfigTests/ + + JDK-8208279: Add 8 JNDI tests to com/sun/jndi/dns/EnvTests/ + + JDK-8208483: Add 5 JNDI tests to + com/sun/jndi/dns/FactoryTests/ + + JDK-8208542: Add 4 JNDI tests to com/sun/jndi/dns/ListTests/ + + JDK-8208665: Amend cross-compilation docs with + qemu-debootstrap recipe + + JDK-8210088: ProblemList gc/epsilon/TestMemoryMXBeans.java + + JDK-8210339: Add 10 JNDI tests to com/sun/jndi/dns/FedTests/ + + JDK-8211450: UndetVar::dup is not copying the kind field to + the duplicated instance + + JDK-8212160: JVMTI agent crashes with "assert(_value != 0LL) + failed: resolving NULL _value" + + JDK-8212226: SurfaceManager throws "Invalid Image variant" + for MultiResolutionImage (Windows) + + JDK-8213400: Support choosing group name in keytool keypair + generation + + JDK-8213535: Windows HiDPI html lightweight tooltips are + truncated + + JDK-8213698: Improve devkit creation and add support for + linux/ppc64/ppc64le/s390x + + JDK-8214025: assert(t->singleton()) failed: must be a + constant when ScavengeRootsInCode < 2 + + JDK-8214242: compiler/arguments/TestScavengeRootsInCode.java + fails because of missing UnlockDiagnosticVMOptions + + JDK-8214787: Zero builds fail with "undefined + JavaThread::thread_state()" + + JDK-8215583: Exclude + runtime/handshake/HandshakeWalkSuspendExitTest.java + + JDK-8216012: Infinite loop in RSA KeyPairGenerator + + JDK-8216324: GetClassMethods is confused by the presence of + default methods in super interfaces + + JDK-8217429: WebSocket over authenticating proxy fails to + send Upgrade headers + + JDK-8217976: test/jdk/java/net/httpclient/websocket/ + /WebSocketProxyTest.java fails intermittently + + JDK-8218021: Have jarsigner preserve posix permission + attributes + + JDK-8218287: jshell tool: input behavior unstable after + 12-ea+24 on Windows + + JDK-8218851: JVM crash in custom classloader stress test, JDK + 12 & 13 + + JDK-8220420: Cleanup c1_LinearScan + + JDK-8222072: JVMTI GenerateEvents() sends CompiledMethodLoad + events to wrong jvmtiEnv + + JDK-8222286: Fix for JDK-8213419 is broken on s390 + + JDK-8222527: HttpClient doesn't send HOST header when + tunelling HTTP/1.1 through http proxy + + JDK-8222533: jtreg test jdk/internal/platform/cgroup/ + /TestCgroupMetrics.java fails on SLES12.3 linux ppc64le + machine + + JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails + with exitValue = 137 + + JDK-8224555: vmTestbase/nsk/jvmti/scenarios/contention/TC02/ + /tc02t001/TestDescription.java failed + + JDK-8224650: Add tests to support X25519 and X448 in TLS + + JDK-8225072: Add LuxTrust certificate that is expiring in + March 2021 to list of allowed but expired certs + + JDK-8225329: -XX:+PrintBiasedLockingStatistics causes crash + during initialization on Windows platforms + + JDK-8225687: Newly added sspi.cpp in JDK-6722928 still + contains some small errors + + JDK-8227006: [linux] Runtime.availableProcessors execution + time increased by factor of 100 + + JDK-8227275: Within native OOM error handling, assertions may + hang the process + + JDK-8227647: [Graal] Test8009761.java fails due to + "RuntimeException: static java.lang.Object + compiler.uncommontrap.Test8009761.m3(boolean,boolean) not + compiled" + + JDK-8229495: SIGILL in C2 generated OSR compilation + + JDK-8230910: libsspi_bridge does not build on Windows 32bit + + JDK-8232114: JVM crashed at imjpapi.dll in native code + + JDK-8234147: Avoid looking up standard charsets in core + libraries + + JDK-8234393: [macos] printing ignores printer tray + + JDK-8234863: Increase default value of MaxInlineLevel + + JDK-8235218: Minimal VM is broken after JDK-8173361 + + JDK-8235456: Minimal VM is broken after JDK-8212160 + + JDK-8235829: graal crashes with Zombie.java test + + JDK-8236124: Minimal VM slowdebug build failed after + JDK-8212160 + + JDK-8236512: PKCS11 Connection closed after Cipher.doFinal + and NoPadding + + JDK-8236944: The legVecZ operand should be limited to + zmm0-zmm15 registers + + JDK-8237186: Fix typo in copyright header of + java/io/Reader/TransferTo.java + + JDK-8237499: JFR: Include stack trace in the ThreadStart event + + JDK-8237512: AArch64: aarch64TestHook leaks a BufferBlob + + JDK-8237524: AArch64: String.compareTo() may return incorrect + result + + JDK-8237950: C2 compilation fails with "Live Node limit + exceeded limit" during ConvI2L::Ideal optimization + + JDK-8238579: HttpsURLConnection drops the timeout and hangs + forever in read + + JDK-8239105: Add exception for expiring Digicert root + certificates to VerifyCACerts test + + JDK-8239477: jdk/jfr/jcmd/TestJcmdStartStopDefault.java fails + - XX:+VerifyOops with "verify_oop: rsi: broken oop" + + JDK-8239497: SEGV in EdgeUtils::field_name_symbol(Edge const&) + + JDK-8239886: Minimal VM build fails after JDK-8237499 + + JDK-8240633: Memory leaks in the implementations of + FileChooserUI + + JDK-8240690: Race condition between EDT and + BasicDirectoryModel.FilesLoader.run0() + + JDK-8241234: Unify monitor enter/exit runtime entries. + + JDK-8241311: Move some charset mapping tests from closed to + open + + JDK-8241797: Add some tests to the problem list + + JDK-8242029: AArch64: skip G1 array copy pre-barrier if + marking not active + + JDK-8242335: Additional Tests for RSASSA-PSS + + JDK-8242480: Negative value may be returned by + getFreeSwapSpaceSize() in the docker + + JDK-8242614: cleanup duplicated test ldap server in some + com/sun/jndi/ldap/ tests + + JDK-8242846: Bring back test/jdk/tools/jlink/plugins/ + /OrderResourcesPluginTest.java + + JDK-8243114: Implement montgomery{Multiply,Square}intrinsics + on Windows + + JDK-8243290: Improve diagnostic messages for class + verification and redefinition failures + + JDK-8243488: Add tests for set/get SendBufferSize and + getReceiveBufferSize in DatagramSocket + + JDK-8243549: sun/security/ssl/CipherSuite/ + /NamedGroupsWithCipherSuite.java failed with Unsupported + signature algorithm: DSA + + JDK-8243617: compiler/onSpinWait/TestOnSpinWaitC1.java test + uses wrong class + + JDK-8243619: compiler/codecache/CheckSegmentedCodeCache.java + test misses -version + + JDK-8244142: some hotspot/runtime tests don't check exit code + of forked JVM + + JDK-8244278: Excessive code cache flushes and sweeps + + JDK-8244282: test/hotspot/jtreg/compiler/intrinsics/ + /Test8237524.java fails with --illegal-access=deny + + JDK-8244621: [macos10.15] Garbled FX printing plus CoreText + warnings on Catalina when building with Xcode 11 + + JDK-8244819: hsdis does not compile with binutils 2.34+ + + JDK-8245051: c1 is broken if it is compiled by gcc without + - fno-lifetime-dse + + JDK-8245168: jlink should not be treated as a "small" tool + + JDK-8245400: Upgrade to LittleCMS 2.11 + + JDK-8246381: VM crashes with "Current BasicObjectLock* below + than low_mark" + + JDK-8246434: Threads::print_on_error assumes that the heap + has been set up + + JDK-8246648: issue with OperatingSystemImpl + getFreeSwapSpaceSize in docker after 8242480 + + JDK-8247201: Print potential pointer value of readable stack + memory in hs_err file + + JDK-8247763: assert(outer->outcnt() == 2) failed: 'only phis' + failure in LoopNode::verify_strip_mined() + + JDK-8247867: Upgrade to freetype 2.10.2 + + JDK-8248190: Enable Power10 system and implement new + byte-reverse instructions + + JDK-8248226: TestCloneAccessStressGCM fails with + - XX:-ReduceBulkZeroing + + JDK-8248347: windows build broken by JDK-8243114 + + JDK-8248532: Every time I change keyboard language at my + MacBook, Java crashes + + JDK-8248552: C2 crashes with SIGFPE due to division by zero + + JDK-8248596: [TESTBUG] compiler/loopopts/ + /PartialPeelingUnswitch.java times out with Graal enabled + + JDK-8248745: Add jarsigner and keytool tests for restricted + algorithms + + JDK-8248791: sun/util/resources/cldr/TimeZoneNamesTest.java + fails with -XX:-ReduceInitialCardMarks -XX:-ReduceBulkZeroing + + JDK-8248845: AArch64: stack corruption after spilling vector + register + + JDK-8249176: Update GlobalSignR6CA test certificates + + JDK-8249183: JVM crash in "AwtFrame::WmSize" method + + JDK-8249192: MonitorInfo stores raw oops across safepoints + + JDK-8249602: C2: assert(cnt == _outcnt) failed: no insertions + allowed + + JDK-8249603: C1: assert(has_error == false) failed: register + allocation invalid + + JDK-8249605: C2: assert(no_dead_loop) failed: dead loop + detected + + JDK-8249607: C2: assert(!had_error) failed: bad dominance + + JDK-8249608: Vector register used by C2 compiled method + corrupted at safepoint + + JDK-8249672: Include microcode revision in features_string on + x86 + + JDK-8249748: gtest silently ignores bad jvm arguments + + JDK-8249821: Separate libharfbuzz from libfontmanager + + JDK-8250598: Hyper-V is detected in spite of running on host + OS + + JDK-8250605: Linux x86_32 builds fail after JDK-8249821 + + JDK-8250636: iso8601_time returns incorrect offset part on + MacOS + + JDK-8250665: Wrong translation for the month name of May in + ar_JO,LB,SY + + JDK-8250772: Test com/sun/jndi/ldap/ + /NamingExceptionMessageTest.java fails intermittently with + javax.naming.ServiceUnavailableException + + JDK-8250825: C2 crashes with assert(field != __null) failed: + missing field + + JDK-8250894: Provide a configure option to build and run + against the platform libharfbuzz + + JDK-8250928: JFR: Improve hash algorithm for stack traces + + JDK-8250968: Symlinks attributes not preserved when using + jarsigner on zip files + + JDK-8250984: Memory Docker tests fail on some Linux kernels + w/o cgroupv1 swap limit capabilities + + JDK-8251118: BiasedLocking::preserve_marks should not have a + HandleMark + + JDK-8251189: com/sun/jndi/ldap/LdapDnsProviderTest.java + failed due to timeout + + JDK-8251257: NMT: jcmd VM.native_memory scale=1 crashes + target VM + + JDK-8251365: Build failure on AIX after 8250636 + + JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray + + JDK-8251456: [TESTBUG] compiler/vectorization/ + /TestVectorsNotSavedAtSafepoint.java failed OutOfMemoryError + + JDK-8251458: Parse::do_lookupswitch fails with "assert(_cnt + >= 0) failed" + + JDK-8251535: Partial peeling at unsigned test adds incorrect + loop exit check + + JDK-8251949: ZGC: Set explicit heap size for + compiler/gcbarriers tests + + JDK-8252090: JFR: StreamWriterHost::write_unbuffered() stucks + in an infinite loop OpenJDK (build 13.0.1+9) + + JDK-8252415: Bump update version for OpenJDK: jdk-11.0.10 + + JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/ + /DisposeFrameOnDragTest.java fails on Windows + + JDK-8252497: Incorrect numeric currency code for ROL + + JDK-8252660: Shenandoah: support manageable SoftMaxHeapSize + option + + JDK-8252679: Two windows specific FileDIalog tests may fail + on some Windows_Server_2016_Standard + + JDK-8252696: Loop unswitching may cause out of bound array + load to be executed + + JDK-8252754: Hash code calculation of JfrStackTrace is + inconsistent + + JDK-8253219: Epsilon: clean up unnecessary includes + + JDK-8253224: Shenandoah: ShenandoahStrDedupQueue destructor + calls virtual num_queues() + + JDK-8253226: Shenandoah: remove unimplemented + ShenandoahStrDedupQueue::verify + + JDK-8253269: The CheckCommonColors test should provide more + info on failure + + JDK-8253284: Zero OrderAccess barrier mappings are incorrect + + JDK-8253375: OSX build fails with Xcode 12.0 (12A7209) + + JDK-8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint + should not access VMThread state from other threads + + JDK-8253791: Issue with useAppleColor check in CSystemColors.m + + JDK-8254016: Test8237524 fails with -XX:-CompactStrings option + + JDK-8254081: java/security/cert/PolicyNode/ + /GetPolicyQualifiers.java fails due to an expired certificate + + JDK-8254144: Non-x86 Zero builds fail with return-type + warning in os_linux_zero.cpp + + JDK-8254166: Zero: return-type warning in + zeroInterpreter_zero.cpp + + JDK-8254177: (tz) Upgrade time-zone data to tzdata2020b + + JDK-8254185: Fix Code cache sweeper heuristics for JDK 11 + + JDK-8254190: [s390] interpreter misses exception check after + calling monitorenter + + JDK-8254790: SIGSEGV in string_indexof_char and + stringL_indexof_char intrinsics + + JDK-8254854: [cgroups v1] Metric limits not properly detected + on some join controller combinations + + JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c + + JDK-8255050: Add pkcs11/KeyStore/ClientAuth.sh to Problem list + + JDK-8255065: Zero: accessor_entry misses the IRIW case + + JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d + + JDK-8255269: Unsigned overflow in g1Policy.cpp + + JDK-8255365: Problem list failing client manual tests + + JDK-8255457: Shenandoah: cleanup ShenandoahMarkTask + + JDK-8255466: C2 crashes at ciObject::get_oop() const+0x0 + + JDK-8255550: x86: Assembler::cmpq(Address dst, Register src) + encoding is incorrect + + JDK-8255603: Memory/Performance regression after JDK-8210985 + + JDK-8255760: Shenandoah: match constants style in + ShenandoahMarkTask fallback + + JDK-8255781: Bump patch update version for OpenJDK: + jdk-11.0.9.1 + + JDK-8255937: Better cleanup for + test/jdk/javax/imageio/stream/StreamFlush.java + + JDK-8256427: Test com/sun/jndi/dns/ConfigTests/ + /PortUnreachable.java does not work on AIX + + JDK-8256452: Integrate missing part of JDK-8232370 to 11u + + JDK-8256483: [TESTBUG] serviceability/jvmti/GetClassMethods/ + /libOverpassMethods.c fails to compile on gcc 4.4.x + + JDK-8256557: libharfbuzz fails to link on gcc 4.4.x due to + - Wl,-z,defs + + JDK-8256618: Zero: Linux x86_32 build still fails + + JDK-8256736: Zero: GTest tests fail with "unsuppported vm + variant" + + JDK-8256809: Annotation processing causes NPE during flow + analysis + + JDK-8257181: s390x builds are very noisy with gc-sections + messages + + JDK-8257242: [macOS] Java app crashes while switching input + methods + + JDK-8257545: SunJSSE FIPS regression in key exchange after + JDK-8171279 11u backport + + JDK-8257641: Shenandoah: Query is_at_shenandoah_safepoint() + from control thread should return false + + JDK-8257701: Shenandoah: objArrayKlass metadata is not marked + with chunked arrays + + JDK-8258630: Add expiry exception for QuoVadis root + certificate +- New upstream dependency on libharfbuzz +- Regenerated patches: missing-return.patch system-pcsclite.patch + +- Update to upstream tag jdk-11.0.9.1-1 + * Fix: + + JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) +- Removed patch: + * JDK-8250861.patch + + Integrated upstream + +- Enable Sheandoah GC for x86_64 (jsc#ECO-3171) + kactivities-stats +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Replace old ModelTest copy by QAbstractItemModelTester + * Remove obsolete COPYING files + * Add license texts according to REUSE specification + * Convert license headers to SPDX expressions + * Use Boost::boost for older CMake versions. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Also add the boost headers for tests + * Ignore BoostConfig.cmake if present (kde#424799) + * Use KF-standardized Qt logging categories + * Use Boost::boost for older CMake versions. + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kactivities5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Drop empty X-KDE-PluginInfo-Depends + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * KActivities: Converte license statements to SPDX + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kactivitymanagerd +- Add upstream patch to fix switching to a certain activity via a + global keyboard shortcut (boo#1172261, kde#374575): + * Use-correct-way-to-register-for-a-shortcut.patch + karchive +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Relicense file to LGPL-2.0-or-later + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Relicense karchive.* to "LGPL 2.0 or 3.0" with permission from authors (relicensecheck.pl) + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kauth +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * CMake: Fix the backend documentation and warnings + * Convert the backend name to uppercase sooner + * add helper to obtain the caller's uid + * Simplify helper event loop code + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * use new install var (kde#415938) + * Fix kauth test failure on windows. + * Mark David Edmundson as maintainer for KAuth. + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * KAuth: Convert license headers to SPDX expressions + kbookmarks +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Const'ify pointer/variable when it's possible + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove unused includes + * Clean forward declaration + * Remove obsolete COPYING files + * API dox: document CamelCase includes + * KBookmarkManager: clear memory tree when the file is deleted + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Add license texts according to REUSE specification + * Converte license statements to SPDX expressions + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kcalendarcore +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Raise ambiguity in ICalFormat::toString() in tests + * Make MemoryCalendar::rawEvents(QDate, QDate) works for open bounds + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Remove obsolete license text + * Relicense file to LGPL-2.0-or-later + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Always store X-KDE-VOLATILE-XXX properties as volatile. + * Document the expected TZ transitions in Prague + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Fix unittests on FreeBSD. + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Correct documentation for Recurrence::setStartDateTime() + * Check for write error in save() if the disk is full (kde#370708) + * Correct icon names for recurring to-dos + * Fix serialization of recurring to-do's start date (kde#345498) + * Add more tests for Recurrence::getNextDayTime(QDateTime) + kcmutils +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes to list here. + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Remove handling for inside events from tab hack (kde#423080) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * KCModuleData: Fix headers, improve api doc and rename method + * Convert header to SPDX + * Fix KCModuleData revertToDefaults signature bool -> void + * Extend KCModuleData with revertToDefaults and matchQuery functionnality + * Fix typo + * Try to avoid horizontal scrollbar in KCMultiDialog + * Remove obsolete COPYING files + * Add KCModuleData as base class for plugin + * Allow extra button to be added to KPluginSelector + * KCM-Utils: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Support highlight indicator for QWidget and QtQuick based module + * Add method to clear plugin selector + * Use Qt's categorized logging, install kcmutils.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix changed signal for plugin selector + kcodecs +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix pendantic + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Minor optimisation + * Fix another "Using QCharRef with an index pointing outside the valid + * Minor optimization + * Fix warning about "Using QCharRef with an index pointing outside the + * Add some \n otherwise text can be very big in messagebox + kcompletion +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Relicense files to LGPL-2.0-or-later + * Remove obsolete LGPL-2.0-only file + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Using no deprecated enum Qt::MiddleButton + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use Qt's categorized logging, install kcompletion.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Add license files according to REUSE specification + * Convert license statements to SPDX expressions + kconfig +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Find missing Qt5DBus dependency + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * kconf_update: Allow repeated tests in --testmode by ignoring kconf_updaterc + * Port QRegExp to QRegularExpression + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * CMake: Also set SKIP_AUTOUIC on generated files + * Use reverse order in KDesktopFile::locateLocal to iterate over generic config paths. + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Make KWindowConfig::allConnectedScreens() static and internal (kde#425953) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Update sGlobalFileName when QStandardPaths TestMode is toggled + * API dox: state explicitly expected encoding for KConfig key & group names + * Fix test when build with EXCLUDE_DEPRECATED_BEFORE_AND_AT=CURRENT + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Also pass locationType to KConfigSkeleton when construction from group + * Make "Switch Application Language..." text more consistent + kconfigwidgets +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Change http: to https: + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix isDefault that cause the KCModule to not properly update its default state + * initialize variable in header + * [kcolorscheme]: Add isColorSetSupported to check if a colour scheme has a given color set + * [kcolorscheme] Properly read custom Inactive colors for the backgrounds + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * KCModule: Indicate when a setting has been changed from the default value + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + * When resetting to system default do not use the standard palette of the style + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Make "Switch Application Language..." text more consistent + kcontacts +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix Bug 428276 - KContacts cannot be used in qmake project (kde#428276) + * Remove unused implemented method + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Compile without deprecated method against qt5.15. + * Remove obsolete license file for LGPL-2.0-only + * Relicense file to LGPL-2.0-or-later + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Addressee::parseEmailAddress(): Check length of full name before trimming + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Add license texts as required by REUSE specification + * Convert license statements to SPDX expressions + kcoreaddons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * KJob: add setProgressUnit(), to choose how percent is calculated + * Fix potential memory leak in KAboutData::registerPluginData + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Split suggestName(); the split method doesn't check if file exists + * KAboutData: deprecate pluginData() & registerPluginData() + * Avoid copying objects + * Fix compiler warning when some KDirWatch backends aren't available + * Don't quit the event loop in KJobTest::slotResult() + * Use functor-based singleShot() overload in TestJob::start() + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * harden message-based tests against environment (kde#387006) + * refcount and delete KDirWatchPrivate instances (kde#423928) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Add *.kcrash glob pattern to KCrash Report MIME type + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * do not wait for fam events indefinitely (kde#423818) + * Remove obsolete COPYING files + * [KFormat] Allow formatting values to arbitrary binary units + * Make it possible to KPluginMetadata from QML + * [KFormat] Fix binary example + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use "standard" name for pot files for mimetypes + * Introduce KRandom::shuffle(container) + * Use KF-standardized Qt logging categories + * Apply FreeBSD test hacks only for "fast" (inotify) backends. + * Add a band-aid in kdirwatch unit test for FreeBSD OS. This makes all tests pass. + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * autotests: try harder making kdirwatch_unittest more robust + * Tweak KRandom::random deprecation notice + * KRandom::random -> QRandomGenerator::global() + * Deprecate KRandom::random + kcrash +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Don't use execvpe + * Fix undefined reference to environ by a small hack + * Add missing declaration of environ, otherwise available only on GNU + * State copyright information correctly according to FLA + * Add license texts as required by REUSE specification + * Convert license statements to SPDX + kdav +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Clean unused includes + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * metainfo.yaml: Add tier key and tweak description + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * inqlude expects an "## Introduction" section + +- Update to 5.72.0. kdav is now a KDE Framework. + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 20.04.3: + * Add full namespace to external class references + * Option to build & install QCH file with the public API dox + * Make KDAV a KDE Framework + +- Update to 20.04.3 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/releases/2020-07-apps-update +- No code change since 20.04.2 + kdbusaddons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Relicense files to LGPL-2.0-or-later + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kdeclarative +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * [abstractkcm] Set explicit padding + * [abstractkcm] Don't remove padding on mobile + * [simplekcm] Remove custom padding handling + * [kcmcontrols] Remove duplicated code + * Add source to KDeclarativeMouseEvent + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * reparent overlaysheets to the root + * Make GridViewKCM and ScrollVieKCM inherit from AbstractKCM + * Use consistent margins + * Add getter method for subPages + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * QML for I18n are added in KF 5.17 + * Relicense files to LGPL-2.0-or-later + * Block shortcuts when recording key sequences (kde#425979) + * Fix typo, qdebug-- + * Add SettingHighlighter as a manual version of the highlighting done by SettingStateBinding + * [autotests] Fix unstable BSD test + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * [KKeySequenceItem] Make Meta+Shift+num shortcuts work + * Expose checkForConflictsAgainst property + * Add a new AbstractKCM class + * Using no deprecated enum Qt::MiddleButton + * typo-- + * Remove obsolete COPYING files + * Port KRunProxy away from KRun + * Fix warning: zero as null pointer constant + * KDeclarative: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * SettingStateBinding : expose whether non default highlight is enabled + * Make sure KF5CoreAddons is installed before using KF5Declarative + * Add KF5::CoreAddons to public interface for KF5::QuickAddons + * Introduce SettingState* elements to ease KCM writing. + * fix version in new api + * support config notifications in configpropertymap + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Port to CommandLauncherJob + kded +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Various fixes + * Documentation fixes: Use more entities, change http: to https: + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Compile without deprecated method against qt5.15 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * org.kde.kded5.desktop: Add missing required key "Name" (kde#408802) + * Remove obsolete COPYING files + * Kded: Convert license statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kdelibs4support +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Port from QStandardPaths::DataLocation to QStandardPaths::AppDataLocation + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Various fixes + * Documentation fixes + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * FreeBSD: skip the last test that fails when /home contains a symlink. + * KStandardDirs: fix unit test + * KStandardDirs: always resolve symlinks for config files + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kdesu +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * autotests: use portable syntax for python3 + * KDESU: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt's categorized logging, install ksu.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kdiagram +- Update to 2.8.0 + * KGantt: + + Fix Bug 430452 - Printing with row labels on multiple pages + does not work well (kde#430452) + + Add support for single page printout + + Add support for printing on multiple pages, both horizontally + and vertical + + Make it possible to use a printer friendly palette to allow + for printing on white paper when using a dark theme + (kde#426240) + + Add 'zoom' of datetime header using mouse + kdnssd-framework +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kdoctools +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix xml formatting in contributor.entities. + * Update contributor.entities for KMail documentation Chapter 4. + * Korean update: fix typo on entity + * Various fixes + * Documentation fixes + * Korean update + * Korean update: reformat HTML files of GPL, FDL and add LGPL + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix an entity + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Update general.entities -- add locally defined entities in old KMail documentation to global list. + * Update contributor.entities + * Use placeholder markers + * Add license texts according to REUSE specification + * Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Use consistent style for FDL notice (kde#423211) + kemoticons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Recover EmojiOne license information + * Remove obsolete COPYING files + * KEmoticons: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kernel-default +- Rename duplicate patches to their SLE15-SP2 equivalents. + This is to prepare for the next SLE15-SP2 -> SLE15-SP3 merge. +- commit a7157b9 + +- platform/x86: pmt: Fix a potential Oops on error in probe + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- commit e21ef02 + +- platform/x86: Intel PMT Crashlog capability driver + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT Crashlog capability driver. +- supported.conf: Add the PMT Crashlog capability driver. +- commit 0f2da12 + +- platform/x86: Intel PMT Telemetry capability driver + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT Telemetry capability driver. +- supported.conf: Add the PMT Telemetry capability driver. +- commit e0ffba9 + +- platform/x86: Intel PMT class driver (jsc#SLE-13352, + jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT class driver. +- supported.conf: Add the PMT class driver. +- commit 22095e8 + +- mfd: Intel Platform Monitoring Technology support + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT driver on x86_64. +- supported.conf: Add the PMT driver. +- commit be0482a + +- PCI: Add defines for Designated Vendor-Specific Extended + Capability (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, + jsc#SLE-13391). +- commit 8eb1abf + +- series.conf: cleanup +- update upstream references of unsortable patches and sort them properly: + patches.suse/perf-x86-intel-uncore-Store-the-logical-die-id-inste.patch + patches.suse/perf-x86-intel-uncore-With-8-nodes-get-pci-bus-die-i.patch +- commit b4f0fcb + +- fix patch metadata and move it to correct section +- fix upstream reference of a non-mainline patch and move to correct section: + patches.suse/net-sctp-filter-remap-copy_from_user-failure-error.patch +- commit fda606d + +- usb: xhci-mtk: break loop when find the endpoint to drop + (git-fixes). +- commit bd7c89a + +- usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints + (git-fixes). +- commit 1a31126 + +- usb: xhci-mtk: fix unreleased bandwidth data (git-fixes). +- commit 6da0a12 + +- usb: dwc2: Fix endpoint direction check in ep_from_windex + (git-fixes). +- usb: dwc3: fix clock issue during resume in OTG mode + (git-fixes). +- xhci: fix bounce buffer usage for non-sg list case (git-fixes). +- usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() + (git-fixes). +- USB: gadget: legacy: fix an error code in eth_bind() + (git-fixes). +- Input: i8042 - unbreak Pegatron C15B (git-fixes). +- commit bcaeec1 + +- net: qca_spi: Move reset_count to struct qcaspi (git-fixes). +- commit 45b7fef + +- net: qca_spi: fix receive buffer size check (git-fixes). +- commit 5cd7e42 + +- net: stmmac: fix disabling flexible PPS output (git-fixes). +- commit 20dce33 + +- net: stmmac: fix length of PTP clock's name string (git-fixes). +- commit 9f89a73 + +- net: phy: at803x: use operating parameters from PHY-specific + status (git-fixes). +- commit e91964f + +- net: phy: extract pause mode (git-fixes). +- commit c81698a + +- net: phy: extract link partner advertisement reading + (git-fixes). +- commit 18dc97f + +- net: phy: read MII_CTRL1000 in genphy_read_status only if needed + (git-fixes). +- commit d5eb04d + +- net: stmmac: selftests: Flow Control test can also run with + ASYM Pause (git-fixes). +- commit 26dfc56 + +- cirrus: cs89x0: remove set but not used variable 'lp' + (git-fixes). +- commit 0385a3f + +- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify + code (git-fixes). +- commit f75aac5 + +- blacklist.conf: update blacklist +- commit ca67b2c + +- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from + NUMA info (bsc#1180989). +- perf/x86/intel/uncore: Store the logical die id instead of + the physical die id (bsc#1180989). +- perf/x86/intel/uncore: Generic support for the PCI sub driver + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_pmu_unregister() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_pmu_register() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_find_dev_pmu() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_get_dev_die_info() + (bsc#1180989). +- commit 6e81128 + +- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from + NUMA info (bsc#1180989). +- perf/x86/intel/uncore: Store the logical die id instead of + the physical die id (bsc#1180989). +- commit 67d84dd + +- gpiolib: fix gpio_do_set_config() (bsc#1180682). +- Refresh + patches.suse/gpiolib-Extract-gpio_set_config_with_argument-for-fu.patch. +- Refresh + patches.suse/gpiolib-Introduce-gpio_set_debounce_timeout-for-inte.patch. +- Refresh + patches.suse/gpiolib-use-proper-API-to-pack-pin-configuration-par.patch. +- commit 11e6d6f + +- gpiolib: acpi: Fix fall-through warnings for Clang + (bsc#1180682). +- gpiolib: split error path in gpiod_request_commit() + (bsc#1180682). +- gpiolib: Unify expectations about ->request() returned value + (bsc#1180682). +- gpiolib: Extract gpiod_not_found() helper (bsc#1180682). +- gpio: just plain warning when nonexisting gpio requested + (bsc#1180682). +- gpiolib: acpi: Use BIT() macro to increase readability + (bsc#1180682). +- gpiolib: acpi: Convert pin_index to be u16 (bsc#1180682). +- gpiolib: acpi: Extract acpi_request_own_gpiod() helper + (bsc#1180682). +- gpiolib: acpi: Make acpi_gpio_to_gpiod_flags() usable for + GpioInt() (bsc#1180682). +- gpiolib: acpi: Set initial value for output pin based on bias + and polarity (bsc#1180682). +- gpiolib: acpi: Move acpi_gpio_to_gpiod_flags() upper in the code + (bsc#1180682). +- gpiolib: acpi: Move non-critical code outside of critical + section (bsc#1180682). +- gpiolib: acpi: Take into account debounce settings + (bsc#1180682). +- gpiolib: acpi: Use named item for enum gpiod_flags variable + (bsc#1180682). +- gpiolib: acpi: Respect bias settings for GpioInt() resource + (bsc#1180682). +- gpiolib: Introduce gpio_set_debounce_timeout() for internal use + (bsc#1180682). +- gpiolib: Extract gpio_set_config_with_argument_optional() + helper (bsc#1180682). +- gpiolib: Extract gpio_set_config_with_argument() for future use + (bsc#1180682). +- gpiolib: use proper API to pack pin configuration parameters + (bsc#1180682). +- gpiolib: add missed break statement (bsc#1180682). +- gpiolib: have a single place of calling set_config() + (bsc#1180682). +- gpiolib: use 'unsigned int' instead of 'unsigned' in + gpio_set_config() (bsc#1180682). +- commit da451fd + +- bus: fsl-mc: add autorescan sysfs (jsc#SLE-12251). +- bus: fsl-mc: add bus rescan attribute (jsc#SLE-12251). +- bus: fsl-mc: add fsl-mc userspace support (jsc#SLE-12251). +- bus: fsl-mc: export mc_cmd_hdr_read_cmdid() to the fsl-mc bus + (jsc#SLE-12251). +- bus: fsl-mc: move fsl_mc_command struct in a uapi header + (jsc#SLE-12251). +- bus: fsl-mc: return -EPROBE_DEFER when a device is not yet + discovered (jsc#SLE-12251). +- bus: fsl-mc: add missing __iomem attribute (jsc#SLE-12251). +- commit 21968ee + +- bonding: wait for sysfs kobject destruction before freeing + struct slave (git-fixes). +- net/mlx5: E-Switch, Use vport metadata matching by default + (git-fixes). +- cxgb4: fix all-mask IP address comparison (git-fixes). +- cxgb4: fix set but unused variable when DCB is disabled + (git-fixes). +- commit 8f53029 + +- Refresh + patches.suse/coresight-etm4x-Skip-setting-LPOVERRIDE-bit-for-qcom.patch. +- commit 6434185 + +- Refresh + patches.suse/spi-fsl-dspi-fix-wrong-pointer-in-suspend-resume.patch. +- commit 78ee3ab + +- bpf, cgroup: Fix problematic bounds check (bsc#1155518). +- bpf, cgroup: Fix optlen WARN_ON_ONCE toctou (bsc#1155518). +- commit 3ab5222 + +- net, sctp, filter: remap copy_from_user failure error + (bsc#1181637). +- commit 32551e1 + +- i40e: Revert "i40e: don't report link up for a VF who hasn't + enabled queues" (jsc#SLE-8025). +- igc: Fix returning wrong statistics (git-fixes). +- i40e: Fix MAC address setting for a VF via Host/VM (git-fixes). +- mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() + (git-fixes). +- mlxsw: core: Fix memory leak on module removal (git-fixes). +- net/mlx5: Don't call timecounter cyc2time directly from 1PPS + flow (git-fixes). +- net: ethernet: mlx4: Avoid assigning a value to ring_cons but + not used it anymore in mlx4_en_xmit() (git-fixes). +- net: team: fix memory leak in __team_options_register + (git-fixes). +- net/mlx5e: Fix VLAN create flow (git-fixes). +- net/mlx5e: Fix VLAN cleanup flow (git-fixes). +- net/mlx5: Fix request_irqs error flow (git-fixes). +- mlxsw: spectrum_acl: Fix mlxsw_sp_acl_tcam_group_add()'s error + path (git-fixes). +- team: set dev->needed_headroom in team_setup_by_port() + (git-fixes). +- bonding: set dev->needed_headroom in bond_setup_by_slave() + (git-fixes). +- net: qed: RDMA personality shouldn't fail VF load (git-fixes). +- net: thunderx: initialize VF's mailbox mutex before first usage + (git-fixes). +- net: mvpp2: fix memory leak in mvpp2_rx (git-fixes). +- iavf: Fix updating statistics (git-fixes). +- iavf: fix error return code in iavf_init_get_resources() + (git-fixes). +- net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes). +- vxlan: fix memleak of fdb (git-fixes). +- net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq + (git-fixes). +- mlxsw: core: Free EMAD transactions using kfree_rcu() + (git-fixes). +- mlxsw: core: Increase scope of RCU read-side critical section + (git-fixes). +- net/mlx5: Query PPS pin operational status before registering it + (git-fixes). +- net/mlx5: Verify Hardware supports requested ptp function on + a given pin (git-fixes). +- net/mlx5: Fix a bug of using ptp channel index as pin index + (git-fixes). +- net/mlx5e: Fix error path of device attach (git-fixes). +- net/mlx5: E-switch, Destroy TSAR after reload interface + (git-fixes). +- net: hns3: fix aRFS FD rules leftover after add a user FD rule + (git-fixes). +- net: hns3: fix a TX timeout issue (git-fixes). +- net: hns3: fix desc filling bug when skb is expanded or lineared + (git-fixes). +- qed: Populate nvm-file attributes while reading nvm config + partition (git-fixes). +- net: hns3: fix use-after-free when doing self test (git-fixes). +- net: hns3: add a missing uninit debugfs when unload driver + (git-fixes). +- net: cxgb4: fix return error value in t4_prep_fw (git-fixes). +- cxgb4vf: update kernel-doc line comments (git-fixes). +- cxgb4: update kernel-doc line comments (git-fixes). +- cxgb4: move DCB version extern to header file (git-fixes). +- cxgb4: remove cast when saving IPv4 partial checksum + (git-fixes). +- cxgb4: fix SGE queue dump destination buffer context + (git-fixes). +- cxgb4: use correct type for all-mask IP address comparison + (git-fixes). +- cxgb4: fix endian conversions for L4 ports in filters + (git-fixes). +- cxgb4: parse TC-U32 key values and masks natively (git-fixes). +- cxgb4: use unaligned conversion for fetching timestamp + (git-fixes). +- cxgb4: move PTP lock and unlock to caller in Tx path + (git-fixes). +- cxgb4: move handling L2T ARP failures to caller (git-fixes). +- net: qed: fix "maybe uninitialized" warning (git-fixes). +- net: qede: fix use-after-free on recovery and AER handling + (git-fixes). +- net: qede: fix PTP initialization on recovery (git-fixes). +- net: qed: fix excessive QM ILT lines consumption (git-fixes). +- net: qed: fix NVMe login fails over VFs (git-fixes). +- net: qede: stop adding events on an already destroyed workqueue + (git-fixes). +- net: qed: fix async event callbacks unregistering (git-fixes). +- iavf: fix speed reporting over virtchnl (git-fixes). +- net/mlx5e: IPoIB, Drop multicast packets that this interface + sent (git-fixes). +- ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K + (git-fixes). +- veth: Adjust hard_start offset on redirect XDP frames + (git-fixes). +- net/mlx5e: Set of completion request bit should not clear + other adjacent bits (git-fixes). +- net/mlx5e: en_accel, Add missing net/geneve.h include + (git-fixes). +- bonding: Fix reference count leak in bond_sysfs_slave_add + (git-fixes). +- bnxt_en: Fix accumulation of bp->net_stats_prev (git-fixes). +- net/mlx5: Annotate mutex destroy for root ns (git-fixes). +- net/mlx5: Don't maintain a case of del_sw_func being null + (git-fixes). +- net/mlx4_core: fix a memory leak bug (git-fixes). +- mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set + in case reload fails (git-fixes). +- net/mlx5e: Get the latest values from counters in switchdev mode + (git-fixes). +- net/mlx5e: Don't trigger IRQ multiple times on XSK wakeup to + avoid WQ overruns (git-fixes). +- net/mlx5: Fix failing fw tracer allocation on s390 (git-fixes). +- net/cxgb4: Check the return from t4_query_params properly + (git-fixes). +- net: hns3: fix set and get link ksettings issue (git-fixes). +- net: hns3: fix RSS config lost after VF reset (git-fixes). +- qed: Fix race condition between scheduling and destroying the + slowpath workqueue (git-fixes). +- net/mlx5: E-Switch, Hold mutex when querying drop counter in + legacy mode (git-fixes). +- net/mlx5: E-Switch, Use vport metadata matching only when + mandatory (git-fixes). +- net/liquidio: Delete non-working LIQUIDIO_PACKAGE check + (git-fixes). +- virtio_net: Keep vnet header zeroed if XDP is loaded for small + buffer (git-fixes). +- net/mlx5: Clear LAG notifier pointer after unregister + (git-fixes). +- net/mlx5e: Fix endianness handling in pedit mask (git-fixes). +- net/mlx5e: kTLS, Fix wrong value in record tracker enum + (git-fixes). +- net: hns3: clear port base VLAN when unload PF (git-fixes). +- net: hns3: fix VF VLAN table entries inconsistent issue + (git-fixes). +- net: hns3: fix "tc qdisc del" failed issue (git-fixes). +- cxgb4: fix checks for max queues to allocate (git-fixes). +- commit a805d8f + +- Update config files. Switch on DWC3 on x86_64 + (jsc#SLE-14042) +- commit 1a0a5a5 + +- Another fix of the missing merge commit hunk in idxd dma driver (bsc#1181795) +- commit 4b7e5ed + +- Fix the missing change via the upstream merge commit for idxd dma driver (bsc#1181795) +- commit e5ace2b + +- dmaengine: idxd: add missing invalid flags field to completion + (bsc#1181795). +- dmaengine: idxd: fix hw descriptor fields for delta record + (bsc#1181795). +- commit fb2caf6 + +- blacklist.conf: Blacklist two 32-bit only fixes + 50fe7ebb6475 bpf, x86_32: Fix clobbering of dst for BPF_JSET + 5ca1ca01fae1 bpf, x86_32: Fix logic error in BPF_LDX zero-extension +- commit 55cadfc + +- nvme-multipath: Early exit if no path is available + (bsc#1180964). +- commit 1c96465 + +- kABI: Fix kABI after AMD SEV PCID fixes (bsc#1178995). +- commit bf72ec9 + +- ahci: Add Intel Emmitsburg PCH RAID PCI IDs (jsc#SLE-14457). +- commit a78ee51 + +- iwlwifi: pcie: remove obsolete pre-release support code + (git-fixes). +- iwlwifi: pcie: add some missing entries for AX210 (git-fixes). +- iwlwifi: support an additional Qu subsystem id (git-fixes). +- iwlwifi: add new card for MA family (git-fixes). +- iwlwifi: iwl-trans: move all txcmd init to trans alloc + (git-fixes). +- commit 133d60e + +- iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit + (git-fixes). +- iwlwifi: pcie: add rules to match Qu with Hr2 (git-fixes). +- iwlwifi: Add a new card for MA family (git-fixes). +- iwlwifi: follow the new inclusive terminology (git-fixes). +- iwlwifi: pcie: fix xtal latency for 9560 devices (git-fixes). +- iwlwifi: pcie: fix 0x271B and 0x271C trans cfg struct + (git-fixes). +- iwlwifi: add new cards for MA family (git-fixes). +- iwlwifi: add new cards for AX201 family (git-fixes). +- commit 050b58f + +- gpio: gpiolib: remove shadowed variable (git-fixes). +- drm/i915/gt: Always try to reserve GGTT address 0x0 (git-fixes). +- iwlwifi: pcie: set LTR on more devices (git-fixes). +- commit d7ad942 + +- mac80211: pause TX while changing interface type (git-fixes). +- wext: fix NULL-ptr-dereference with cfg80211's lack of commit() + (git-fixes). +- iwlwifi: pcie: reschedule in long-running memory reads + (git-fixes). +- iwlwifi: pcie: use jiffies for memory read spin time limit + (git-fixes). +- net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 + modem family (git-fixes). +- drivers: soc: atmel: add null entry at the end of + at91_soc_allowed_list[] (git-fixes). +- drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 + SoCs (git-fixes). +- commit 023b5c2 + +- perf: Make struct ring_buffer less ambiguous (bsc#1177028). + Refresh patches.suse/0001-perf-core-Fix-race-in-the-perf_mmap_close-function.patch. +- commit 5dfb979 + +- powerpc/mm/pkeys: Make pkey access check work on execute_only_key + (bsc#1181544 ltc#191080 git-fixes). +- Refresh patches.suse/powerpc-book3s64-pkeys-Fix-pkey_access_permitted-for.patch. +- commit 7508356 + +- rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796) + The product string was changed from openSUSE to Leap. +- commit 4127a14 + +- powerpc/pkeys: Check vma before returning key fault error to + the user (bsc#1181544 ltc#191080). +- powerpc/pkeys: Avoid using lockless page table walk (bsc#1181544 + ltc#191080). +- commit 8cb9fab + +- net/mlx5: Fix function calculation for page trees (git-fixes). +- commit 22c3016 + +- net: fec: put child node on error path (git-fixes). +- commit cbac658 + +- ARM: imx: fix imx8m dependencies (git-fixes). +- soc: imx: select ARM_GIC_V3 for i.MX8M (git-fixes). +- commit adb9b1b + +- Add no-fix tag to drm cherry-picks + Add a no-fix tag to drm patches that are cherry-picks and are not + already blacklisted. +- Refresh + patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch. +- Refresh + patches.suse/0001-drm-i915-Update-drm-i915-bug-filing-URL.patch. +- Refresh + patches.suse/0001-drm-i915-execlists-Always-force-a-context-reload-whe.patch. +- Refresh + patches.suse/0001-drm-i915-icl-Fix-hotplug-interrupt-disabling-after-s.patch. +- Refresh + patches.suse/0003-drm-i915-Correctly-set-SFC-capability-for-video-engi.patch. +- Refresh + patches.suse/0029-drm-i915-gem-Avoid-implicit-vmap-for-highmem-on-x86-.patch. +- Refresh + patches.suse/drm-i915-Perform-GGTT-restore-much-earlier-during-re.patch. +- Refresh + patches.suse/drm-i915-Whitelist-COMMON_SLICE_CHICKEN2.patch. +- Refresh + patches.suse/drm-i915-pmu-Frequency-is-reported-as-accumulated-cy.patch. +- Refresh + patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. +- Refresh + patches.suse/drm-i915-update-rawclk-also-on-resume.patch. +- Refresh + patches.suse/drm-i915-userptr-Never-allow-userptr-into-the-mappab.patch. +- commit 46ba73b + +- KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests + (bsc#1178995). +- KVM: x86: Introduce cr3_lm_rsvd_bits in kvm_vcpu_arch + (bsc#1178995). +- commit 49749c4 + +- r8169: work around RTL8125 UDP hw bug (git-fixes). +- commit db42a5b + +- r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set + (git-fixes). +- commit ab82b36 + +- exfat: Avoid allocating upcase table using kcalloc() + (git-fixes). +- exec: Always set cap_ambient in cap_bprm_set_creds (git-fixes). +- commit eb2e605 + +- s390/dasd: Fix inconsistent kobject removal (jsc#SLE-13767 + bsc#1178420 LTC#185092). +- commit e13d81a + +- blacklist.conf: no change to /sys/firmware/uv/query/max_cpus +- commit 737a803 + +- s390/vfio-ap: No need to disable IRQ after queue reset + (git-fixes). +- s390/vfio-ap: clean up vfio_ap resources when KVM pointer + invalidated (git-fixes). +- commit d91ae22 + +- Refresh patches.suse/edac-amd64-set-grain-per-dimm.patch. + Readd the second hunk which wasn't needed during the original git-fixes + backport. +- commit 9c3639f + +- Update patches.suse/bpf-Fix-modifier-skipping-logic.patch (bsc#1177028). + Restore the patch to match the upstream commit +- commit a490625 + +- mlxsw: spectrum_span: Do not overwrite policer configuration + (bsc#1176774). +- net/mlx5: CT: Fix incorrect removal of tuple_nat_node from + nat rhashtable (jsc#SLE-15172). +- net/mlx5e: Revert parameters on errors when changing trust + state without reset (jsc#SLE-15172). +- net/mlx5e: Correctly handle changing the number of queues when + the interface is down (jsc#SLE-15172). +- net/mlx5e: Fix CT rule + encap slow path offload and deletion + (jsc#SLE-15172). +- net/mlx5e: Disable hw-tc-offload when MLX5_CLS_ACT config is + disabled (jsc#SLE-15172). +- net/mlx5: Maintain separate page trees for ECPF and PF functions + (jsc#SLE-15172). +- net/mlx5e: Fix IPSEC stats (jsc#SLE-15172). +- net/mlx5e: free page before return (jsc#SLE-15172). +- ice: Fix MSI-X vector fallback logic (bsc#1180945). +- ice: Don't allow more channels than LAN MSI-X available + (bsc#1180945). +- ice: update dev_addr in ice_set_mac_address even if HW filter + exists (jsc#SLE-12878). +- ice: Implement flow for IPv6 next header (extension header) + (jsc#SLE-12878). +- ice: fix FDir IPv6 flexbyte (jsc#SLE-12878). +- uapi: fix big endian definition of ipv6_rpl_sr_hdr + (bsc#1176447). +- commit a3c4fad + +- rxrpc: Fix memory leak in rxrpc_lookup_local (bsc#1154353 + bnc#1151927 5.3.9). +- net/mlx5e: E-switch, Fix rate calculation for overflow + (jsc#SLE-8464). +- i40e: acquire VSI pointer only after VF is initialized + (jsc#SLE-8025). +- ice: Fix MSI-X vector fallback logic (jsc#SLE-7926). +- ice: Don't allow more channels than LAN MSI-X available + (jsc#SLE-7926). +- Revert "RDMA/mlx5: Fix devlink deadlock on net namespace + deletion" (jsc#SLE-8464). +- commit 76b9a3a + +- Refresh patches.suse/bpf-Introduce-bpf_sk_-ancestor_-cgroup_id-helpers.patch. + The diff for cg_skb_func_proto was wrongly applied to + tc_cls_act_func_proto. +- commit 6cbb315 + +- selftests/bpf: Fix "dubious pointer arithmetic" test + (bsc#1177028). +- commit eb710d9 + kernel-firmware +- Correct the RPi4 brcm config to recover the WiFi breakage + (bsc#1182320): + Revert-brcm-rpi4-boardflags3-bit.patch + +- Update to version 20210208 (commit b79d2396bc63): + * Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304 + * linux-firmware: add firmware for MT7921 + * rtw88: RTL8821C: Update firmware to v24.8 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * i915: Add DMC v2.01 for ADL-S + * i915: Add HuC v7.7.1 for DG1 + * i915: Add GuC v49.0.1 for DG1 + * qcom: Add venus firmware files for VPU-1.0 + * qcom: Add SM8250 Compute DSP firmware + * qcom: Add SM8250 Audio DSP firmware + * qcom: add firmware files for Adreno a650 + +- Update to version 20210119 (git commit 05789708b79b): + * brcm: Link RPi4's WiFi firmware with DMI machine name. + * brcm: Add NVRAM for Vamrs 96boards Rock960 + * brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes + * cypress: Fix link direction + * cypress: Link the new cypress firmware to the old brcm files + * brcm: remove old brcm firmwares that have newer cypress variants + * rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB + * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253 + * rtl_bt: Add firmware and config files for RTL8852A BT USB chip + * rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644 +- Fix install-split.sh to deal with the quoted spaces +- Update aliases + kernel-firmware:compressed +- Correct the RPi4 brcm config to recover the WiFi breakage + (bsc#1182320): + Revert-brcm-rpi4-boardflags3-bit.patch + +- Update to version 20210208 (commit b79d2396bc63): + * Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304 + * linux-firmware: add firmware for MT7921 + * rtw88: RTL8821C: Update firmware to v24.8 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * i915: Add DMC v2.01 for ADL-S + * i915: Add HuC v7.7.1 for DG1 + * i915: Add GuC v49.0.1 for DG1 + * qcom: Add venus firmware files for VPU-1.0 + * qcom: Add SM8250 Compute DSP firmware + * qcom: Add SM8250 Audio DSP firmware + * qcom: add firmware files for Adreno a650 + +- Update to version 20210119 (git commit 05789708b79b): + * brcm: Link RPi4's WiFi firmware with DMI machine name. + * brcm: Add NVRAM for Vamrs 96boards Rock960 + * brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes + * cypress: Fix link direction + * cypress: Link the new cypress firmware to the old brcm files + * brcm: remove old brcm firmwares that have newer cypress variants + * rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB + * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253 + * rtl_bt: Add firmware and config files for RTL8852A BT USB chip + * rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644 +- Fix install-split.sh to deal with the quoted spaces +- Update aliases + kernel-preempt +- Rename duplicate patches to their SLE15-SP2 equivalents. + This is to prepare for the next SLE15-SP2 -> SLE15-SP3 merge. +- commit a7157b9 + +- platform/x86: pmt: Fix a potential Oops on error in probe + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- commit e21ef02 + +- platform/x86: Intel PMT Crashlog capability driver + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT Crashlog capability driver. +- supported.conf: Add the PMT Crashlog capability driver. +- commit 0f2da12 + +- platform/x86: Intel PMT Telemetry capability driver + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT Telemetry capability driver. +- supported.conf: Add the PMT Telemetry capability driver. +- commit e0ffba9 + +- platform/x86: Intel PMT class driver (jsc#SLE-13352, + jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT class driver. +- supported.conf: Add the PMT class driver. +- commit 22095e8 + +- mfd: Intel Platform Monitoring Technology support + (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, jsc#SLE-13391). +- Update config files: Build PMT driver on x86_64. +- supported.conf: Add the PMT driver. +- commit be0482a + +- PCI: Add defines for Designated Vendor-Specific Extended + Capability (jsc#SLE-13352, jsc#SLE-13343, jsc#SLE-13363, + jsc#SLE-13391). +- commit 8eb1abf + +- series.conf: cleanup +- update upstream references of unsortable patches and sort them properly: + patches.suse/perf-x86-intel-uncore-Store-the-logical-die-id-inste.patch + patches.suse/perf-x86-intel-uncore-With-8-nodes-get-pci-bus-die-i.patch +- commit b4f0fcb + +- fix patch metadata and move it to correct section +- fix upstream reference of a non-mainline patch and move to correct section: + patches.suse/net-sctp-filter-remap-copy_from_user-failure-error.patch +- commit fda606d + +- usb: xhci-mtk: break loop when find the endpoint to drop + (git-fixes). +- commit bd7c89a + +- usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints + (git-fixes). +- commit 1a31126 + +- usb: xhci-mtk: fix unreleased bandwidth data (git-fixes). +- commit 6da0a12 + +- usb: dwc2: Fix endpoint direction check in ep_from_windex + (git-fixes). +- usb: dwc3: fix clock issue during resume in OTG mode + (git-fixes). +- xhci: fix bounce buffer usage for non-sg list case (git-fixes). +- usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() + (git-fixes). +- USB: gadget: legacy: fix an error code in eth_bind() + (git-fixes). +- Input: i8042 - unbreak Pegatron C15B (git-fixes). +- commit bcaeec1 + +- net: qca_spi: Move reset_count to struct qcaspi (git-fixes). +- commit 45b7fef + +- net: qca_spi: fix receive buffer size check (git-fixes). +- commit 5cd7e42 + +- net: stmmac: fix disabling flexible PPS output (git-fixes). +- commit 20dce33 + +- net: stmmac: fix length of PTP clock's name string (git-fixes). +- commit 9f89a73 + +- net: phy: at803x: use operating parameters from PHY-specific + status (git-fixes). +- commit e91964f + +- net: phy: extract pause mode (git-fixes). +- commit c81698a + +- net: phy: extract link partner advertisement reading + (git-fixes). +- commit 18dc97f + +- net: phy: read MII_CTRL1000 in genphy_read_status only if needed + (git-fixes). +- commit d5eb04d + +- net: stmmac: selftests: Flow Control test can also run with + ASYM Pause (git-fixes). +- commit 26dfc56 + +- cirrus: cs89x0: remove set but not used variable 'lp' + (git-fixes). +- commit 0385a3f + +- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify + code (git-fixes). +- commit f75aac5 + +- blacklist.conf: update blacklist +- commit ca67b2c + +- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from + NUMA info (bsc#1180989). +- perf/x86/intel/uncore: Store the logical die id instead of + the physical die id (bsc#1180989). +- perf/x86/intel/uncore: Generic support for the PCI sub driver + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_pmu_unregister() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_pmu_register() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_find_dev_pmu() + (bsc#1180989). +- perf/x86/intel/uncore: Factor out uncore_pci_get_dev_die_info() + (bsc#1180989). +- commit 6e81128 + +- perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from + NUMA info (bsc#1180989). +- perf/x86/intel/uncore: Store the logical die id instead of + the physical die id (bsc#1180989). +- commit 67d84dd + +- gpiolib: fix gpio_do_set_config() (bsc#1180682). +- Refresh + patches.suse/gpiolib-Extract-gpio_set_config_with_argument-for-fu.patch. +- Refresh + patches.suse/gpiolib-Introduce-gpio_set_debounce_timeout-for-inte.patch. +- Refresh + patches.suse/gpiolib-use-proper-API-to-pack-pin-configuration-par.patch. +- commit 11e6d6f + +- gpiolib: acpi: Fix fall-through warnings for Clang + (bsc#1180682). +- gpiolib: split error path in gpiod_request_commit() + (bsc#1180682). +- gpiolib: Unify expectations about ->request() returned value + (bsc#1180682). +- gpiolib: Extract gpiod_not_found() helper (bsc#1180682). +- gpio: just plain warning when nonexisting gpio requested + (bsc#1180682). +- gpiolib: acpi: Use BIT() macro to increase readability + (bsc#1180682). +- gpiolib: acpi: Convert pin_index to be u16 (bsc#1180682). +- gpiolib: acpi: Extract acpi_request_own_gpiod() helper + (bsc#1180682). +- gpiolib: acpi: Make acpi_gpio_to_gpiod_flags() usable for + GpioInt() (bsc#1180682). +- gpiolib: acpi: Set initial value for output pin based on bias + and polarity (bsc#1180682). +- gpiolib: acpi: Move acpi_gpio_to_gpiod_flags() upper in the code + (bsc#1180682). +- gpiolib: acpi: Move non-critical code outside of critical + section (bsc#1180682). +- gpiolib: acpi: Take into account debounce settings + (bsc#1180682). +- gpiolib: acpi: Use named item for enum gpiod_flags variable + (bsc#1180682). +- gpiolib: acpi: Respect bias settings for GpioInt() resource + (bsc#1180682). +- gpiolib: Introduce gpio_set_debounce_timeout() for internal use + (bsc#1180682). +- gpiolib: Extract gpio_set_config_with_argument_optional() + helper (bsc#1180682). +- gpiolib: Extract gpio_set_config_with_argument() for future use + (bsc#1180682). +- gpiolib: use proper API to pack pin configuration parameters + (bsc#1180682). +- gpiolib: add missed break statement (bsc#1180682). +- gpiolib: have a single place of calling set_config() + (bsc#1180682). +- gpiolib: use 'unsigned int' instead of 'unsigned' in + gpio_set_config() (bsc#1180682). +- commit da451fd + +- bus: fsl-mc: add autorescan sysfs (jsc#SLE-12251). +- bus: fsl-mc: add bus rescan attribute (jsc#SLE-12251). +- bus: fsl-mc: add fsl-mc userspace support (jsc#SLE-12251). +- bus: fsl-mc: export mc_cmd_hdr_read_cmdid() to the fsl-mc bus + (jsc#SLE-12251). +- bus: fsl-mc: move fsl_mc_command struct in a uapi header + (jsc#SLE-12251). +- bus: fsl-mc: return -EPROBE_DEFER when a device is not yet + discovered (jsc#SLE-12251). +- bus: fsl-mc: add missing __iomem attribute (jsc#SLE-12251). +- commit 21968ee + +- bonding: wait for sysfs kobject destruction before freeing + struct slave (git-fixes). +- net/mlx5: E-Switch, Use vport metadata matching by default + (git-fixes). +- cxgb4: fix all-mask IP address comparison (git-fixes). +- cxgb4: fix set but unused variable when DCB is disabled + (git-fixes). +- commit 8f53029 + +- Refresh + patches.suse/coresight-etm4x-Skip-setting-LPOVERRIDE-bit-for-qcom.patch. +- commit 6434185 + +- Refresh + patches.suse/spi-fsl-dspi-fix-wrong-pointer-in-suspend-resume.patch. +- commit 78ee3ab + +- bpf, cgroup: Fix problematic bounds check (bsc#1155518). +- bpf, cgroup: Fix optlen WARN_ON_ONCE toctou (bsc#1155518). +- commit 3ab5222 + +- net, sctp, filter: remap copy_from_user failure error + (bsc#1181637). +- commit 32551e1 + +- i40e: Revert "i40e: don't report link up for a VF who hasn't + enabled queues" (jsc#SLE-8025). +- igc: Fix returning wrong statistics (git-fixes). +- i40e: Fix MAC address setting for a VF via Host/VM (git-fixes). +- mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() + (git-fixes). +- mlxsw: core: Fix memory leak on module removal (git-fixes). +- net/mlx5: Don't call timecounter cyc2time directly from 1PPS + flow (git-fixes). +- net: ethernet: mlx4: Avoid assigning a value to ring_cons but + not used it anymore in mlx4_en_xmit() (git-fixes). +- net: team: fix memory leak in __team_options_register + (git-fixes). +- net/mlx5e: Fix VLAN create flow (git-fixes). +- net/mlx5e: Fix VLAN cleanup flow (git-fixes). +- net/mlx5: Fix request_irqs error flow (git-fixes). +- mlxsw: spectrum_acl: Fix mlxsw_sp_acl_tcam_group_add()'s error + path (git-fixes). +- team: set dev->needed_headroom in team_setup_by_port() + (git-fixes). +- bonding: set dev->needed_headroom in bond_setup_by_slave() + (git-fixes). +- net: qed: RDMA personality shouldn't fail VF load (git-fixes). +- net: thunderx: initialize VF's mailbox mutex before first usage + (git-fixes). +- net: mvpp2: fix memory leak in mvpp2_rx (git-fixes). +- iavf: Fix updating statistics (git-fixes). +- iavf: fix error return code in iavf_init_get_resources() + (git-fixes). +- net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes). +- vxlan: fix memleak of fdb (git-fixes). +- net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq + (git-fixes). +- mlxsw: core: Free EMAD transactions using kfree_rcu() + (git-fixes). +- mlxsw: core: Increase scope of RCU read-side critical section + (git-fixes). +- net/mlx5: Query PPS pin operational status before registering it + (git-fixes). +- net/mlx5: Verify Hardware supports requested ptp function on + a given pin (git-fixes). +- net/mlx5: Fix a bug of using ptp channel index as pin index + (git-fixes). +- net/mlx5e: Fix error path of device attach (git-fixes). +- net/mlx5: E-switch, Destroy TSAR after reload interface + (git-fixes). +- net: hns3: fix aRFS FD rules leftover after add a user FD rule + (git-fixes). +- net: hns3: fix a TX timeout issue (git-fixes). +- net: hns3: fix desc filling bug when skb is expanded or lineared + (git-fixes). +- qed: Populate nvm-file attributes while reading nvm config + partition (git-fixes). +- net: hns3: fix use-after-free when doing self test (git-fixes). +- net: hns3: add a missing uninit debugfs when unload driver + (git-fixes). +- net: cxgb4: fix return error value in t4_prep_fw (git-fixes). +- cxgb4vf: update kernel-doc line comments (git-fixes). +- cxgb4: update kernel-doc line comments (git-fixes). +- cxgb4: move DCB version extern to header file (git-fixes). +- cxgb4: remove cast when saving IPv4 partial checksum + (git-fixes). +- cxgb4: fix SGE queue dump destination buffer context + (git-fixes). +- cxgb4: use correct type for all-mask IP address comparison + (git-fixes). +- cxgb4: fix endian conversions for L4 ports in filters + (git-fixes). +- cxgb4: parse TC-U32 key values and masks natively (git-fixes). +- cxgb4: use unaligned conversion for fetching timestamp + (git-fixes). +- cxgb4: move PTP lock and unlock to caller in Tx path + (git-fixes). +- cxgb4: move handling L2T ARP failures to caller (git-fixes). +- net: qed: fix "maybe uninitialized" warning (git-fixes). +- net: qede: fix use-after-free on recovery and AER handling + (git-fixes). +- net: qede: fix PTP initialization on recovery (git-fixes). +- net: qed: fix excessive QM ILT lines consumption (git-fixes). +- net: qed: fix NVMe login fails over VFs (git-fixes). +- net: qede: stop adding events on an already destroyed workqueue + (git-fixes). +- net: qed: fix async event callbacks unregistering (git-fixes). +- iavf: fix speed reporting over virtchnl (git-fixes). +- net/mlx5e: IPoIB, Drop multicast packets that this interface + sent (git-fixes). +- ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K + (git-fixes). +- veth: Adjust hard_start offset on redirect XDP frames + (git-fixes). +- net/mlx5e: Set of completion request bit should not clear + other adjacent bits (git-fixes). +- net/mlx5e: en_accel, Add missing net/geneve.h include + (git-fixes). +- bonding: Fix reference count leak in bond_sysfs_slave_add + (git-fixes). +- bnxt_en: Fix accumulation of bp->net_stats_prev (git-fixes). +- net/mlx5: Annotate mutex destroy for root ns (git-fixes). +- net/mlx5: Don't maintain a case of del_sw_func being null + (git-fixes). +- net/mlx4_core: fix a memory leak bug (git-fixes). +- mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set + in case reload fails (git-fixes). +- net/mlx5e: Get the latest values from counters in switchdev mode + (git-fixes). +- net/mlx5e: Don't trigger IRQ multiple times on XSK wakeup to + avoid WQ overruns (git-fixes). +- net/mlx5: Fix failing fw tracer allocation on s390 (git-fixes). +- net/cxgb4: Check the return from t4_query_params properly + (git-fixes). +- net: hns3: fix set and get link ksettings issue (git-fixes). +- net: hns3: fix RSS config lost after VF reset (git-fixes). +- qed: Fix race condition between scheduling and destroying the + slowpath workqueue (git-fixes). +- net/mlx5: E-Switch, Hold mutex when querying drop counter in + legacy mode (git-fixes). +- net/mlx5: E-Switch, Use vport metadata matching only when + mandatory (git-fixes). +- net/liquidio: Delete non-working LIQUIDIO_PACKAGE check + (git-fixes). +- virtio_net: Keep vnet header zeroed if XDP is loaded for small + buffer (git-fixes). +- net/mlx5: Clear LAG notifier pointer after unregister + (git-fixes). +- net/mlx5e: Fix endianness handling in pedit mask (git-fixes). +- net/mlx5e: kTLS, Fix wrong value in record tracker enum + (git-fixes). +- net: hns3: clear port base VLAN when unload PF (git-fixes). +- net: hns3: fix VF VLAN table entries inconsistent issue + (git-fixes). +- net: hns3: fix "tc qdisc del" failed issue (git-fixes). +- cxgb4: fix checks for max queues to allocate (git-fixes). +- commit a805d8f + +- Update config files. Switch on DWC3 on x86_64 + (jsc#SLE-14042) +- commit 1a0a5a5 + +- Another fix of the missing merge commit hunk in idxd dma driver (bsc#1181795) +- commit 4b7e5ed + +- Fix the missing change via the upstream merge commit for idxd dma driver (bsc#1181795) +- commit e5ace2b + +- dmaengine: idxd: add missing invalid flags field to completion + (bsc#1181795). +- dmaengine: idxd: fix hw descriptor fields for delta record + (bsc#1181795). +- commit fb2caf6 + +- blacklist.conf: Blacklist two 32-bit only fixes + 50fe7ebb6475 bpf, x86_32: Fix clobbering of dst for BPF_JSET + 5ca1ca01fae1 bpf, x86_32: Fix logic error in BPF_LDX zero-extension +- commit 55cadfc + +- nvme-multipath: Early exit if no path is available + (bsc#1180964). +- commit 1c96465 + +- kABI: Fix kABI after AMD SEV PCID fixes (bsc#1178995). +- commit bf72ec9 + +- ahci: Add Intel Emmitsburg PCH RAID PCI IDs (jsc#SLE-14457). +- commit a78ee51 + +- iwlwifi: pcie: remove obsolete pre-release support code + (git-fixes). +- iwlwifi: pcie: add some missing entries for AX210 (git-fixes). +- iwlwifi: support an additional Qu subsystem id (git-fixes). +- iwlwifi: add new card for MA family (git-fixes). +- iwlwifi: iwl-trans: move all txcmd init to trans alloc + (git-fixes). +- commit 133d60e + +- iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit + (git-fixes). +- iwlwifi: pcie: add rules to match Qu with Hr2 (git-fixes). +- iwlwifi: Add a new card for MA family (git-fixes). +- iwlwifi: follow the new inclusive terminology (git-fixes). +- iwlwifi: pcie: fix xtal latency for 9560 devices (git-fixes). +- iwlwifi: pcie: fix 0x271B and 0x271C trans cfg struct + (git-fixes). +- iwlwifi: add new cards for MA family (git-fixes). +- iwlwifi: add new cards for AX201 family (git-fixes). +- commit 050b58f + +- gpio: gpiolib: remove shadowed variable (git-fixes). +- drm/i915/gt: Always try to reserve GGTT address 0x0 (git-fixes). +- iwlwifi: pcie: set LTR on more devices (git-fixes). +- commit d7ad942 + +- mac80211: pause TX while changing interface type (git-fixes). +- wext: fix NULL-ptr-dereference with cfg80211's lack of commit() + (git-fixes). +- iwlwifi: pcie: reschedule in long-running memory reads + (git-fixes). +- iwlwifi: pcie: use jiffies for memory read spin time limit + (git-fixes). +- net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 + modem family (git-fixes). +- drivers: soc: atmel: add null entry at the end of + at91_soc_allowed_list[] (git-fixes). +- drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 + SoCs (git-fixes). +- commit 023b5c2 + +- perf: Make struct ring_buffer less ambiguous (bsc#1177028). + Refresh patches.suse/0001-perf-core-Fix-race-in-the-perf_mmap_close-function.patch. +- commit 5dfb979 + +- powerpc/mm/pkeys: Make pkey access check work on execute_only_key + (bsc#1181544 ltc#191080 git-fixes). +- Refresh patches.suse/powerpc-book3s64-pkeys-Fix-pkey_access_permitted-for.patch. +- commit 7508356 + +- rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796) + The product string was changed from openSUSE to Leap. +- commit 4127a14 + +- powerpc/pkeys: Check vma before returning key fault error to + the user (bsc#1181544 ltc#191080). +- powerpc/pkeys: Avoid using lockless page table walk (bsc#1181544 + ltc#191080). +- commit 8cb9fab + +- net/mlx5: Fix function calculation for page trees (git-fixes). +- commit 22c3016 + +- net: fec: put child node on error path (git-fixes). +- commit cbac658 + +- ARM: imx: fix imx8m dependencies (git-fixes). +- soc: imx: select ARM_GIC_V3 for i.MX8M (git-fixes). +- commit adb9b1b + +- Add no-fix tag to drm cherry-picks + Add a no-fix tag to drm patches that are cherry-picks and are not + already blacklisted. +- Refresh + patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch. +- Refresh + patches.suse/0001-drm-i915-Update-drm-i915-bug-filing-URL.patch. +- Refresh + patches.suse/0001-drm-i915-execlists-Always-force-a-context-reload-whe.patch. +- Refresh + patches.suse/0001-drm-i915-icl-Fix-hotplug-interrupt-disabling-after-s.patch. +- Refresh + patches.suse/0003-drm-i915-Correctly-set-SFC-capability-for-video-engi.patch. +- Refresh + patches.suse/0029-drm-i915-gem-Avoid-implicit-vmap-for-highmem-on-x86-.patch. +- Refresh + patches.suse/drm-i915-Perform-GGTT-restore-much-earlier-during-re.patch. +- Refresh + patches.suse/drm-i915-Whitelist-COMMON_SLICE_CHICKEN2.patch. +- Refresh + patches.suse/drm-i915-pmu-Frequency-is-reported-as-accumulated-cy.patch. +- Refresh + patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. +- Refresh + patches.suse/drm-i915-update-rawclk-also-on-resume.patch. +- Refresh + patches.suse/drm-i915-userptr-Never-allow-userptr-into-the-mappab.patch. +- commit 46ba73b + +- KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests + (bsc#1178995). +- KVM: x86: Introduce cr3_lm_rsvd_bits in kvm_vcpu_arch + (bsc#1178995). +- commit 49749c4 + +- r8169: work around RTL8125 UDP hw bug (git-fixes). +- commit db42a5b + +- r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set + (git-fixes). +- commit ab82b36 + +- exfat: Avoid allocating upcase table using kcalloc() + (git-fixes). +- exec: Always set cap_ambient in cap_bprm_set_creds (git-fixes). +- commit eb2e605 + +- s390/dasd: Fix inconsistent kobject removal (jsc#SLE-13767 + bsc#1178420 LTC#185092). +- commit e13d81a + +- blacklist.conf: no change to /sys/firmware/uv/query/max_cpus +- commit 737a803 + +- s390/vfio-ap: No need to disable IRQ after queue reset + (git-fixes). +- s390/vfio-ap: clean up vfio_ap resources when KVM pointer + invalidated (git-fixes). +- commit d91ae22 + +- Refresh patches.suse/edac-amd64-set-grain-per-dimm.patch. + Readd the second hunk which wasn't needed during the original git-fixes + backport. +- commit 9c3639f + +- Update patches.suse/bpf-Fix-modifier-skipping-logic.patch (bsc#1177028). + Restore the patch to match the upstream commit +- commit a490625 + +- mlxsw: spectrum_span: Do not overwrite policer configuration + (bsc#1176774). +- net/mlx5: CT: Fix incorrect removal of tuple_nat_node from + nat rhashtable (jsc#SLE-15172). +- net/mlx5e: Revert parameters on errors when changing trust + state without reset (jsc#SLE-15172). +- net/mlx5e: Correctly handle changing the number of queues when + the interface is down (jsc#SLE-15172). +- net/mlx5e: Fix CT rule + encap slow path offload and deletion + (jsc#SLE-15172). +- net/mlx5e: Disable hw-tc-offload when MLX5_CLS_ACT config is + disabled (jsc#SLE-15172). +- net/mlx5: Maintain separate page trees for ECPF and PF functions + (jsc#SLE-15172). +- net/mlx5e: Fix IPSEC stats (jsc#SLE-15172). +- net/mlx5e: free page before return (jsc#SLE-15172). +- ice: Fix MSI-X vector fallback logic (bsc#1180945). +- ice: Don't allow more channels than LAN MSI-X available + (bsc#1180945). +- ice: update dev_addr in ice_set_mac_address even if HW filter + exists (jsc#SLE-12878). +- ice: Implement flow for IPv6 next header (extension header) + (jsc#SLE-12878). +- ice: fix FDir IPv6 flexbyte (jsc#SLE-12878). +- uapi: fix big endian definition of ipv6_rpl_sr_hdr + (bsc#1176447). +- commit a3c4fad + +- rxrpc: Fix memory leak in rxrpc_lookup_local (bsc#1154353 + bnc#1151927 5.3.9). +- net/mlx5e: E-switch, Fix rate calculation for overflow + (jsc#SLE-8464). +- i40e: acquire VSI pointer only after VF is initialized + (jsc#SLE-8025). +- ice: Fix MSI-X vector fallback logic (jsc#SLE-7926). +- ice: Don't allow more channels than LAN MSI-X available + (jsc#SLE-7926). +- Revert "RDMA/mlx5: Fix devlink deadlock on net namespace + deletion" (jsc#SLE-8464). +- commit 76b9a3a + +- Refresh patches.suse/bpf-Introduce-bpf_sk_-ancestor_-cgroup_id-helpers.patch. + The diff for cg_skb_func_proto was wrongly applied to + tc_cls_act_func_proto. +- commit 6cbb315 + +- selftests/bpf: Fix "dubious pointer arithmetic" test + (bsc#1177028). +- commit eb710d9 + kexec-tools +- Remove kexec-tools-xen-balloon-up.patch (bsc#1176606, + bsc#1174508) + This patch was introduced to address bsc#694863; it enabled kexec + for HVM at that time. Meanwhile Xen 4.7 introduced "soft-reset" + for HVM domUs. This host feature removes the requirement to + un-ballon the domU prior kexec. + With Xen 4.13 cpuid faulting became the default, which affects + the approach used in this patch to detect the domU type. As a + result, invoking kexec in dom0 failed. + kfilemetadata5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes to list here. + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Add missing include for OpenBSD + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Convert old Mac line endings in lyrics tags (kde#425563) + * Remove obsolete COPYING files + * Port to ECM new FindTaglib module + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * autotests: fix for shared-mime-info >= 2.0 + * Adapt kfilemetadata to "audio/x-speex+ogg" as + recently changed in shared-mime-info + * Add license files as required by REUSE specification + * Convert license statements to SPDX expressions + kglobalaccel +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * systemd dbus activation + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Load service files for shortcuts for applications data dir as fallback (kde#421329) + * Remove obsolete COPYING files + * Correct typos in kglobalaccel.h + * KGlobalAccel:: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kguiaddons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * typo-- + * Const'ify pointer + initialize variable in header + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Using no deprecated enum Qt::MiddleButton + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes to list here. + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kholidays +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Uncommented description fields for mt_* holiday files + * Add national holidays for Malta in both English (en-gb) and Maltese (mt) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use Qt's categorized logging, install kholidays.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + khtml +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + ki18n +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Remove obsolete LGPL-2.0-only license file + * Relicense file to LGPL-2.0-or-later + * Update macOS platform name according to KApiDox warning + * Update documentation + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Fix typo + * Fix possible preprocessor race condition with i18n defines + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * dox: fix comment marker + * autotests: repair after recent commit introducing + single quotes around filenames + * Also add quotes around rich text tagged text + kiconthemes -- Added kiconthemes-suppress-warning-for-adwaita.patch: Prevent - warning about some legacy icons in Adwaita, those icons are used - for backward compatibility. (bsc#1179545) +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Keep aspect ration when upscaling + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Use qDebug and categorized logging + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * KIconThemes: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Move forward declaration where it's necessary + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Drop assignment in resetPalette + * Return QPalette() if we have no custom palette + * Respect QIcon::fallbackSearchpaths() (kde#405522) kidletime +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Deprecate single-arg signal KIdleTime::timeoutReached(int identifier) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Remove unused cmake variable + * Port away from QtWidgets + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kimageformats +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Add test case for RLE compressed 16 bpc PSD files. + * Add support for RLE-compressed, 16 bits per channel PSD files. + * Return unsupported when reading 16bit RLE compressed PSD files + * feat: add psd color depth == 16 format support + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Adapt license to LGPL-2.0-or-later + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kinit +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * KInit: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kio -- Add patch to fix reading the "Accept For Session" cookie setting - in the kcookiejar daemon (boo#1167985) - * kcookiejar-Fix-reading-Accept-For-Session-cookie-setting.patch +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes since 5.75.0, only listing bugfixes: + * CopyJob: don't count skipped files in the notification (kde#417034) + * FileWidget: Show Selected file preview on mouse leave (kde#418655) + * Add bookmarks for pictures, music and videos (kde#427876) + * kfilewidget: keep the text in the Name box when navigating (kde#418711) + * KFilePlacesModel: ignore hidden places when computing closestItem (kde#426690) + * kio_trash: fix the logic when no size limit is set (kde#426704) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * kio_trash: remove unnecessarily strict permission check (kde#76380) + * OpenUrlJob: handle all text scripts consistently (kde#425829) + * KDirOperator: don't call setCurrentItem on an empty url (kde#425163) + * KNewFileMenu: fix creating new dir with name starting with ':' (kde#425396) + * Allow double quotes in filenames in KFileWidget (kde#185433) + * StatJob: cancel job if url is invalid (kde#426367) +- Drop upstream patches: + * 0001-Remove-old-kio_fonts-hack-in-KCoreDirLister-hostname.patch + * 0002-KUrlCompletion-accommodate-local-protocols-that-use-.patch + +- Add patches to fix browsing kdeconnect://: + * 0001-Remove-old-kio_fonts-hack-in-KCoreDirLister-hostname.patch + * 0002-KUrlCompletion-accommodate-local-protocols-that-use-.patch + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Revert "[KUrlCompletion] Don't append / to completed folders" (kde#425387) + * Update help text for editing the app command in a .desktop entry to comply with current spec. (kde#425145) + * [filewidgets] Fix KUrlNavigatorButton padding on breadcrumb (kde#425570) + * KFileWidget: reparse config to grab dirs added by other instances of the app (kde#403524) + * Avoid systemd launched applications from closing forked children (kde#425201) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes since 5.72.0, only listing bugfixes: + * RenameDialog: Show if files are identical (kde#412662) + * [rename dialog] Port Overwrite button to KStandardGuiItem::Overwrite (kde#424414) + * Show up to three file item actions inline, not just one (kde#424281) + * [Properties] Add SHA512 algorithm to checksums widget (kde#423739) + * [WebDav] Fix copies that include overwrites for the webdav slave (kde#422238) -- Add patch to fix running files with spaces in the path +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Includes patch to fix running files with spaces in the path - -- Add patch to fix copying to protocols which don't always report +- Includes patch to fix copying to protocols which don't always report +- Too many changes to list here. kio-extras5 +- Add patch from upstream to link correctly to taglib: + * 0001-copy-FindTaglib-from-ECM.patch + kirigami2 +- Add patch from upstream to not use ?? which requires Qt 5.15 + * 0001-dont-use-__-yet.patch + +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes since 5.75.0, only listing bugfixes: + * Also set a maximumWidth for icons in global drawer (kde#428658) + * Don't alter Item in code called from Item's destructor (kde#428481) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * Hide breadcrumbs separator line if buttons layout is visible but 0 width (kde#426738) + * Remove actions and delegates from ToolBarLayout when they get destroyed (kde#425670) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Add a property to ToolBarLayout to control how to deal with item height (kde#425675) + * new logic to remove acceleration marks (kde#420409) + * Do not override Heading pixel size in BreadCrumbControl (kde#404396) + * [passivenotification] Set explicit padding (kde#419391) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes to list here. + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Too many changes since 5.71.0, only listing bugfixes: + * [overlaysheet] Avoid fractional height for contentLayout (kde#422965) + * Fix OverlaySheet closing when clicking inside layout (kde#421848) + kitemmodels +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * fix KDescendantProxyModel smoketest + * KRearrangeColumnsProxyModel: fix crash with no source model + * KRearrangeColumnsProxyModel: only column 0 has children + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Fix autotest + * just proxy sourceModel's headerData + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * add reference to Qt bug + * ignore sourceDataChanged on invalid indexes + * Support for KDescendantProxyModel "collapsing" nodes + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * KSelectionProxyModel: allow using the model with new-style connect + * KRearrangeColumnsProxyModel: fix hasChildren() when no columns are set up yet + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix sort order enum values referenced in the API docs + kitemviews +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Const'ify pointer + initialize variable in header + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use Qt's categorized logging, install kitemviews.categories file + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kjobwidgets +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Remove not implmemented method + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Add comments to the plurals + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * KJobWidgets: Convert license headers to SPDX + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Integrate the KJob::Unit::Items + kjs +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix crash when using KJSContext::interpreter + knewstuff +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix erroneous logic introduced in e1917b6a + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Fix double-delete crash in kpackagejob (kde#427910) + * Deprecate Button::setButtonText() and fix API docs, nothing is prepended + * Postpone all on-disk cache writes until we've had a quiet second + * Fix crash when list of installed files is empty + * Remove entry from cache before inserting new entry (kde#424919) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * Update versions for "fake" kpackage updates (kde#427201) + * Fix crash when installing kpackages (kde#426732) + * Fix updating of entry if version number is empty (kde#417510) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Fix cache sync issues with QtQuick dialog (kde#417985) + * Remove entries if they do not match filter anymore (kde#425135) + * Make the internal kpackage job task less fragile (kde#425811) + * Handle /* notation for RemoveDeadEntries (kde#425704) + * Remove slashes from entry name when interpreting it as path (kde#417216) + * Fix a sometimes-crash with the KPackageJob task (kde#425245) + * Use same spinner for loading and initializing (kde#418031) + * Remove details button (kde#418034) + * Hide load more spinner while updating/installing (kde#422047) + * Do not focus first element in icon view mode (kde#424894) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes since 5.72.0, only listing bugfixes: + * [QtQuick dialog] use update icon that exists (kde#424892) + * Allow to delete updatable entries (kde#260836) + * Do not focus first element automatically (kde#417843) + * Fix display of Details and Uninstall button in Tiles view mode (kde#418034) + * Fix moving buttons when seach text is inserted (kde#406993) + * Fix details install dropdown in QWidgets dialog (kde#369561) + * Set entry to uninstalled if installation fails (kde#422864) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix minor typos + * Move explanatory text from sheet header to list header + * Fix typo + * Fix paths for install script and uncompression + * Hide the ShadowRectangle for non-loaded previews (kde#422048) + * Don't allow content to overflow in the grid delegates (kde#422476) + knotifications +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Mark KNotification::activated() as deprecated + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Apply some sanity checking to action keys (kde#427717) + * Use FindGradle from ECM + * Fix condition to use dbus + * Fix: enable legacy tray on platforms without dbus + * rewrite notifybysnore to provide more reliable support for + Windows Stuff not supported in this version of backend + * Add comments to describe DesktopEntry field in notifyrc file + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Lower Android plugin until new Gradle is available + * Use Android SDK versions from ECM + * const'ify pointer + initialize variable + * Deprecate KNotification constructor taking widget parameter + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * refine knotification docs + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * KNotifications: Convert license statements to SPDX + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Don't use notifybysnore.h on MSYS2 + knotifyconfig +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * KNotifyConfig: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use Qt's categorized logging, install knotifyconfig.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kpackage +- Add patch from upstream to fix build for applications that + require kpackage but have no direct dependency on ECM + (kde#424483): + * 0001-Revert-Fix-build-errors-if-PREFIX-is-different-from-ECMs-PREFIX.patch + +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix build errors if PREFIX is different from ECM's PREFIX. + * Make "no metadata" warning a debug-only thing + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Documentation fixes: Use more entities and some punctuation + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix DBus notifications when installed/updated + * Remove obsolete license text + * Relicense file to LGPL-2.0-or-later + * initialize pointer, constify pointer + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Do not delete package root if package was deleted (kde#410682) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Convert license to GPL-2.0-or-later +- Fix the license tag. the kpackagetool executable is GPL-2.0-or-later + kparts +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Install krop & krwp servicetype definition files by file name matching type + * const'ify pointer + initialize variable + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Using no deprecated enum Qt::MiddleButton + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + * Almost port away from KMimeTypeTrader + * KParts: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Fix compile without deprecated method (see kontactinterface) + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix KParts::ReadOnlyPart API documentation + * Deprecate PartSelectEvent and co. + * Fix compile without deprecated method (see kontactinterface) + kpeople5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Const'ify pointer/variable + initialize values in headers + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * KPeople: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kplotting +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kpty +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Some more IRIX/Solaris cleanup + * Rip out AIX, Tru64, Solaris, Irix support + * Make it compile without deprecated method + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use Qt's categorized logging, install kpty.categories file + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Add license texts as required by REUSE specification + * Convert license headers to SPDX statements + kquickcharts +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Avoid binding loop inside Legend + * Remove check for GLES3 in SDFShader (kde#426458) + * Delete all child nodes when resetting the segments in line chart node + * Manually delete chart nodes that are being removed + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Also take model properties into account when using ModelHistorySource + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Elide value Label of LegendDelegate when there isn't enough width + * Fix for error "C1059: non constant expression ..." + * Account for line width when bounds checking + * Don't use fwidth when rendering line chart lines + * Rewrite removeValueSource so it doesn't use destroyed QObjects + * Use insertValueSource in Chart::appendSource + * Improve documentation of Model and Value history sources + * Properly initialise ModelHistorySource::{m_row,m_maximumHistory} + krb5 -- Add recursion limit for ASN.1 indefinite lengths; (CVE-2020-28196); - (bsc#1178512); -- Added patches: - * 0010-Add-recursion-limit-for-ASN.1-indefinite-lengths.patch - -- Fix prefix reported by krb5-config, libraries and headers are not - installed under /usr/lib/mit prefix. (bsc#1174079) - -- Update logrotate script, call systemd to reload the services - instead of init-scripts. (boo#1169357) - -- Integrate pam_keyinit pam module, ksu-pam.d; (bsc#1081947); - (bsc#1144047); - -- Move LDAP schema files from /usr/share/doc/packages/krb5 to - /usr/share/kerberos/ldap; (bsc#1134217); - -- Upgrade to 1.16.3 - * Fix a regression in the MEMORY credential cache type which could cause - client programs to crash. - * MEMORY credential caches will not be listed in the global collection, - with the exception of the default credential cache if it is of type MEMORY. - * Remove an incorrect assertion in the KDC which could be used to cause - a crash [CVE-2018-20217]. - * Fix bugs with concurrent use of MEMORY ccache handles. - * Fix a KDC crash when falling back between multiple OTP tokens configured - for a principal entry. - * Fix memory bugs when gss_add_cred() is used to create a new credential, - and fix a bug where it ignores the desired_name. - * Fix the behavior of gss_inquire_cred_by_mech() when the credential does - not contain an element of the requested mechanism. - * Make cross-realm S4U2Self requests work on the client when no - default_realm is configured. - * Add a kerberos(7) man page containing documentation of the environment - variables that affect Kerberos programs. -- Use systemd-tmpfiles to create files under /var/lib/kerberos, required - by transactional updates; (bsc#1100126); -- Rename patches: - * krb5-1.12-pam.patch => 0001-krb5-1.12-pam.patch - * krb5-1.9-manpaths.dif => 0002-krb5-1.9-manpaths.patch - * krb5-1.12-buildconf.patch => 0003-krb5-1.12-buildconf.patch - * krb5-1.6.3-gssapi_improve_errormessages.dif to - 0004-krb5-1.6.3-gssapi_improve_errormessages.patch - * krb5-1.6.3-ktutil-manpage.dif => 0005-krb5-1.6.3-ktutil-manpage.patch - * krb5-1.12-api.patch => 0006-krb5-1.12-api.patch - * krb5-1.12-ksu-path.patch => 0007-krb5-1.12-ksu-path.patch - * krb5-1.12-selinux-label.patch => 0008-krb5-1.12-selinux-label.patch - * krb5-1.9-debuginfo.patch => 0009-krb5-1.9-debuginfo.patch - -- Upgrade to 1.16.1 - * kdc client cert matching on client principal entry - * Allow ktutil addent command to ignore key version and use - non-default salt string. - * add kpropd pidfile support - * enable "encrypted_challenge_indicator" realm option on tickets - obtained using FAST encrypted challenge pre-authentication. - * dates through 2106 accepted - * KDC support for trivially renewable tickets - * stop caching referral and alternate cross-realm TGTs to prevent - duplicate credential cache entries - -- BSC#1021402 move %{_libdir}/krb5/plugins/tls/k5tls.so to krb5 package - so it is avaiable for krb5-client as well. - -- Upgrade to 1.15.3 - * Fix flaws in LDAP DN checking, including a null dereference KDC - crash which could be triggered by kadmin clients with administrative - privileges [CVE-2018-5729, CVE-2018-5730]. - * Fix a KDC PKINIT memory leak. - * Fix a small KDC memory leak on transited or authdata errors when - processing TGS requests. - * Fix a null dereference when the KDC sends a large TGS reply. - * Fix "kdestroy -A" with the KCM credential cache type. - * Fix the handling of capaths "." values. - * Fix handling of repeated subsection specifications in profile files - (such as when multiple included files specify relations in the same - subsection). - -- Added support for /etc/krb5.conf.d/ for configuration snippets - -- Replace references to /var/adm/fillup-templates with new - %_fillupdir macro (boo#1069468) - -- Remove build dependency doxygen, python-Cheetah, python-Sphinx, - python-libxml2, python-lxml, most of which are python 2 programs. - Consequently remove -doc subpackage. Users are encouraged to use - online documentation. (bsc#1066461) - -- Update package descriptions. - -- Upgrade to 1.15.2 - * Fix a KDC denial of service vulnerability caused by unset status - strings [CVE-2017-11368] - * Preserve GSS contexts on init/accept failure [CVE-2017-11462] - * Fix kadm5 setkey operation with LDAP KDB module - * Use a ten-second timeout after successful connection for HTTPS KDC - requests, as we do for TCP requests - * Fix client null dereference when KDC offers encrypted challenge - without FAST - * Ignore dotfiles when processing profile includedir directive - * Improve documentation - -- Set "rdns" and "dns_canonicalize_hostname" to false in krb5.conf - in order to improve client security in handling service principle - names. (bsc#1054028) - -- Prevent kadmind.service startup failure caused by absence of - LDAP service. (bsc#903543) - -- There is no change made about the package itself, this is only - copying over some changelog texts from SLE package: -- bug#918595 owned by varkoly@suse.com: VUL-0: CVE-2014-5355 - krb5: denial of service in krb5_read_message -- bug#912002 owned by varkoly@suse.com: VUL-0 - CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423: - krb5: Vulnerabilities in kadmind, libgssrpc, gss_process_context_token -- bug#910458 owned by varkoly@suse.com: VUL-1 - CVE-2014-5354: krb5: NULL pointer dereference when using keyless entries -- bug#928978 owned by varkoly@suse.com: VUL-0 - CVE-2015-2694: krb5: issues in OTP and PKINIT kdcpreauth modules leading - to requires_preauth bypass -- bug#910457 owned by varkoly@suse.com: VUL-1 - CVE-2014-5353: krb5: NULL pointer dereference when using a ticket policy - name as a password policy name -- bug#991088 owned by hguo@suse.com: VUL-1 - CVE-2016-3120: krb5: S4U2Self KDC crash when anon is restricted -- bug#992853 owned by hguo@suse.com: krb5: bogus prerequires -- [fate#320326](https://fate.suse.com/320326) -- bug#982313 owned by pgajdos@suse.com: Doxygen unable to resolve reference - from \cite - -- Remove wrong PreRequires from krb5 - -- use HTTPS project and source URLs - -- use source urls. -- krb5.keyring: Added Greg Hudson - -- removed obsolete krb5-1.15-fix_kdb_free_principal_e_data.patch -- Upgrade to 1.15.1 - * Allow KDB modules to determine how the e_data field of principal - fields is freed - * Fix udp_preference_limit when the KDC location is configured with - SRV records - * Fix KDC and kadmind startup on some IPv4-only systems - * Fix the processing of PKINIT certificate matching rules which have - two components and no explicit relation - * Improve documentation - -- remove useless environment.pickle to make build-compare happy - -- Introduce patch - krb5-1.15-fix_kdb_free_principal_e_data.patch - to fix freeing of e_data in the kdb principal - -- Upgrade to 1.15 -- obsoleted Patch7 (krb5-1.7-doublelog.patch) fixed in 1.12.2 -- obsoleted patch to src/util/gss-kernel-lib/Makefile.in since - file is not available in upstream source anymore -- obsoleted Patch15 (krb5-fix_interposer.patch) fixed in 1.15 -- Upgrade from 1.14.4 to 1.15 - major changes: - Administrator experience: - * Add support to kadmin for remote extraction of current keys without - changing them (requires a special kadmin permission that is excluded - from the wildcard permission), with the exception of highly - protected keys. - * Add a lockdown_keys principal attribute to prevent retrieval of the - principal's keys (old or new) via the kadmin protocol. In newly - created databases, this attribute is set on the krbtgt and kadmin - principals. - * Restore recursive dump capability for DB2 back end, so sites can - more easily recover from database corruption resulting from power - failure events. - * Add DNS auto-discovery of KDC and kpasswd servers from URI records, - in addition to SRV records. URI records can convey TCP and UDP - servers and master KDC status in a single DNS lookup, and can also - point to HTTPS proxy servers. - * Add support for password history to the LDAP back end. - * Add support for principal renaming to the LDAP back end. - * Use the getrandom system call on supported Linux kernels to avoid - blocking problems when getting entropy from the operating system. - * In the PKINIT client, use the correct DigestInfo encoding for PKCS - [#1] signatures, so that some especially strict smart cards will work. - Code quality: - * Clean up numerous compilation warnings. - * Remove various infrequently built modules, including some preauth - modules that were not built by default. - Developer experience: - * Add support for building with OpenSSL 1.1. - * Use SHA-256 instead of MD5 for (non-cryptographic) hashing of - authenticators in the replay cache. This helps sites that must - build with FIPS 140 conformant libraries that lack MD5. - Protocol evolution: - * Add support for the AES-SHA2 enctypes, which allows sites to conform - to Suite B crypto requirements. -- Upgrade from 1.14.3 to 1.14.4 - major changes: - * Fix some rare btree data corruption bugs - * Fix numerous minor memory leaks - * Improve portability (Linux-ppc64el, FreeBSD) - * Improve some error messages - * Improve documentation - -- add pam configuration file required for ksu - just use a copy of "su" one from Tumbleweed - -- Upgrade from 1.14.2 to 1.14.3: - * Improve some error messages - * Improve documentation - * Allow a principal with nonexistent policy to bypass the minimum - password lifetime check, consistent with other aspects of - nonexistent policies - * Fix a rare KDC denial of service vulnerability when anonymous client - principals are restricted to obtaining TGTs only [CVE-2016-3120] - -- Remove comments breaking post scripts. - -- Do no use systemd_requires macros in main package, it adds - unneeded dependencies which pulls systemd into minimal chroot. -- Only call %insserv_prereq when building for pre-systemd - distributions. -- Optimise some %post/%postun when only /sbin/ldconfig is called. - -- Remove source file ccapi/common/win/OldCC/autolock.hxx - that is not needed and does not carry an acceptable license. - (bsc#968111) - -- removed obsolete patches: - * 0107-Fix-LDAP-null-deref-on-empty-arg-CVE-2016-3119.patch - * krb5-mechglue_inqure_attrs.patch -- Upgrade from 1.14.1 to 1.14.2: - * Fix a moderate-severity vulnerability in the LDAP KDC back end that - could be exploited by a privileged kadmin user [CVE-2016-3119] - * Improve documentation - * Fix some interactions with GSSAPI interposer mechanisms - -- Upgrade from 1.14 to 1.14.1: - * Remove expired patches: - 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch - 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch - 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch - krbdev.mit.edu-8301.patch - * Replace source archives: - krb5-1.14.tar.gz -> - krb5-1.14.1.tar.gz - krb5-1.14.tar.gz.asc -> - krb5-1.14.1.tar.gz.asc - * Adjust line numbers in: - krb5-fix_interposer.patch - -- Introduce patch - 0107-Fix-LDAP-null-deref-on-empty-arg-CVE-2016-3119.patch - to fix CVE-2016-3119 (bsc#971942) - -- Remove krb5-mini pieces from spec file. - Hence remove pre_checkin.sh -- Remove expired macros and other minor clean-ups in spec file. - -- Fix CVE-2015-8629: krb5: xdr_nullstring() doesn't check for terminating null character - with patch 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch - (bsc#963968) -- Fix CVE-2015-8631: krb5: Memory leak caused by supplying a null principal name in request - with patch 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch - (bsc#963975) -- Fix CVE-2015-8630: krb5: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask - with patch 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch - (bsc#963964) - -- Add two patches from Fedora, fixing two crashes: - * krb5-fix_interposer.patch - * krb5-mechglue_inqure_attrs.patch - -- Update to 1.14 -- dropped krb5-kvno-230379.patch -- added krbdev.mit.edu-8301.patch fixing wrong function call - Major changes in 1.14 (2015-11-20) - Administrator experience: - * Add a new kdb5_util tabdump command to provide reporting-friendly - tabular dump formats (tab-separated or CSV) for the KDC database. - Unlike the normal dump format, each output table has a fixed number - of fields. Some tables include human-readable forms of data that - are opaque in ordinary dump files. This format is also suitable for - importing into relational databases for complex queries. - * Add support to kadmin and kadmin.local for specifying a single - command line following any global options, where the command - arguments are split by the shell--for example, "kadmin getprinc - principalname". Commands issued this way do not prompt for - confirmation or display warning messages, and exit with non-zero - status if the operation fails. - * Accept the same principal flag names in kadmin as we do for the - default_principal_flags kdc.conf variable, and vice versa. Also - accept flag specifiers in the form that kadmin prints, as well as - hexadecimal numbers. - * Remove the triple-DES and RC4 encryption types from the default - value of supported_enctypes, which determines the default key and - salt types for new password-derived keys. By default, keys will - only created only for AES128 and AES256. This mitigates some types - of password guessing attacks. - * Add support for directory names in the KRB5_CONFIG and - KRB5_KDC_PROFILE environment variables. - * Add support for authentication indicators, which are ticket - annotations to indicate the strength of the initial authentication. - Add support for the "require_auth" string attribute, which can be - set on server principal entries to require an indicator when - authenticating to the server. - * Add support for key version numbers larger than 255 in keytab files, - and for version numbers up to 65535 in KDC databases. - * Transmit only one ETYPE-INFO and/or ETYPE-INFO2 entry from the KDC - during pre-authentication, corresponding to the client's most - preferred encryption type. - * Add support for server name identification (SNI) when proxying KDC - requests over HTTPS. - * Add support for the err_fmt profile parameter, which can be used to - generate custom-formatted error messages. - Code quality: - * Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that - could cause server crashes. [CVE-2015-2695] [CVE-2015-2696] - [CVE-2015-2698] - * Fix build_principal memory bug that could cause a KDC - crash. [CVE-2015-2697] - Developer experience: - * Change gss_acquire_cred_with_password() to acquire credentials into - a private memory credential cache. Applications can use - gss_store_cred() to make the resulting credentials visible to other - processes. - * Change gss_acquire_cred() and SPNEGO not to acquire credentials for - IAKERB or for non-standard variants of the krb5 mechanism OID unless - explicitly requested. (SPNEGO will still accept the Microsoft - variant of the krb5 mechanism OID during negotiation.) - * Change gss_accept_sec_context() not to accept tokens for IAKERB or - for non-standard variants of the krb5 mechanism OID unless an - acceptor credential is acquired for those mechanisms. - * Change gss_acquire_cred() to immediately resolve credentials if the - time_rec parameter is not NULL, so that a correct expiration time - can be returned. Normally credential resolution is delayed until - the target name is known. - * Add krb5_prepend_error_message() and krb5_wrap_error_message() APIs, - which can be used by plugin modules or applications to add prefixes - to existing detailed error messages. - * Add krb5_c_prfplus() and krb5_c_derive_prfplus() APIs, which - implement the RFC 6113 PRF+ operation and key derivation using PRF+. - * Add support for pre-authentication mechanisms which use multiple - round trips, using the the KDC_ERR_MORE_PREAUTH_DATA_REQUIRED error - code. Add get_cookie() and set_cookie() callbacks to the kdcpreauth - interface; these callbacks can be used to save marshalled state - information in an encrypted cookie for the next request. - * Add a client_key() callback to the kdcpreauth interface to retrieve - the chosen client key, corresponding to the ETYPE-INFO2 entry sent - by the KDC. - * Add an add_auth_indicator() callback to the kdcpreauth interface, - allowing pre-authentication modules to assert authentication - indicators. - * Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to - suppress sending the confidentiality and integrity flags in GSS - initiator tokens unless they are requested by the caller. These - flags control the negotiated SASL security layer for the Microsoft - GSS-SPNEGO SASL mechanism. - * Make the FILE credential cache implementation less prone to - corruption issues in multi-threaded programs, especially on - platforms with support for open file description locks. - Performance: - * On slave KDCs, poll the master KDC immediately after processing a - full resync, and do not require two full resyncs after the master - KDC's log file is reset. - User experience: - * Make gss_accept_sec_context() accept tickets near their expiration - but within clock skew tolerances, rather than rejecting them - immediately after the server's view of the ticket expiration time. - -- Update to 1.13.3 -- removed patches for security fixes now in upstream source: - 0100-Fix-build_principal-memory-bug-CVE-2015-2697.patch - 0101-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch - 0102-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch - 0103-Fix-IAKERB-context-export-import-CVE-2015-2698.patch - Major changes in 1.13.3 (2015-12-04) - This is a bug fix release. The krb5-1.13 release series is in - maintenance, and for new deployments, installers should prefer the - krb5-1.14 release series or later. - * Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that - could cause server crashes. [CVE-2015-2695] [CVE-2015-2696] - [CVE-2015-2698] - * Fix build_principal memory bug that could cause a KDC - crash. [CVE-2015-2697] - * Allow an iprop slave to receive full resyncs from KDCs running - krb5-1.10 or earlier. - -- Apply patch 0103-Fix-IAKERB-context-export-import-CVE-2015-2698.patch - to fix a memory corruption regression introduced by resolution of - CVE-2015-2698. bsc#954204 - -- Make kadmin.local man page available without having to install krb5-client. bsc#948011 -- Apply patch 0100-Fix-build_principal-memory-bug-CVE-2015-2697.patch - to fix build_principal memory bug [CVE-2015-2697] bsc#952190 -- Apply patch 0101-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch - to fix IAKERB context aliasing bugs [CVE-2015-2696] bsc#952189 -- Apply patch 0102-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch - to fix SPNEGO context aliasing bugs [CVE-2015-2695] bsc#952188 - -- Let server depend on libev (module of libverto). This was the - preferred implementation before the seperation of libverto from krb. - -- Drop libverto and libverto-libev Requires from the -server - package: those package names don't exist and the shared libs - are pulled in automatically. - -- Unconditionally buildrequire libverto-devel: krb5-mini also - depends on it. - -- pre_checkin.sh aligned changes between krb5/krb5-mini -- added krb5.keyring - -- update to krb5 1.13.2 -- DES transition - ============== - The Data Encryption Standard (DES) is widely recognized as weak. The - krb5-1.7 release contains measures to encourage sites to migrate away -- From using single-DES cryptosystems. Among these is a configuration - variable that enables "weak" enctypes, which defaults to "false" - beginning with krb5-1.8. - Major changes in 1.13.2 (2015-05-08) - This is a bug fix release. - * Fix a minor vulnerability in krb5_read_message, which is primarily - used in the BSD-derived kcmd suite of applications. [CVE-2014-5355] - * Fix a bypass of requires_preauth in KDCs that have PKINIT enabled. - [CVE-2015-2694] - * Fix some issues with the LDAP KDC database back end. - * Fix an iteration-related memory leak in the DB2 KDC database back - end. - * Fix issues with some less-used kadm5.acl functionality. - * Improve documentation. - -- Use externally built libverto - -- update to krb5 1.13.1 - Major changes in 1.13.1 (2015-02-11) - This is a bug fix release. - * Fix multiple vulnerabilities in the LDAP KDC back end. - [CVE-2014-5354] [CVE-2014-5353] - * Fix multiple kadmind vulnerabilities, some of which are based in the - gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 - CVE-2014-9422 CVE-2014-9423] - -- Update to krb5 1.13 - * Add support for accessing KDCs via an HTTPS proxy server using the - MS-KKDCP protocol. - * Add support for hierarchical incremental propagation, where slaves - can act as intermediates between an upstream master and other downstream - slaves. - * Add support for configuring GSS mechanisms using /etc/gss/mech.d/*.conf - files in addition to /etc/gss/mech. - * Add support to the LDAP KDB module for binding to the LDAP server using - SASL. - * The KDC listens for TCP connections by default. - * Fix a minor key disclosure vulnerability where using the "keepold" option - to the kadmin randkey operation could return the old keys. [CVE-2014-5351] - * Add client support for the Kerberos Cache Manager protocol. If the host - is running a Heimdal kcm daemon, caches served by the daemon can be - accessed with the KCM: cache type. - * When built on OS X 10.7 and higher, use "KCM:" as the default cache type, - unless overridden by command-line options or krb5-config values. - * Add support for doing unlocked database dumps for the DB2 KDC back end, - which would allow the KDC and kadmind to continue accessing the database - during lengthy database dumps. -- Removed patches, useless or upstreamed - * krb5-1.9-kprop-mktemp.patch - * krb5-1.10-ksu-access.patch - * krb5-1.12-doxygen.patch - * bnc#897874-CVE-2014-5351.diff - * krb5-1.13-work-around-replay-cache-creation-race.patch - * krb5-1.10-kpasswd_tcp.patch -- Refreshed patches - * krb5-1.12-pam.patch - * krb5-1.12-selinux-label.patch - * krb5-1.7-doublelog.patch - kross +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Documentation fixes + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Port deprecated QString::SkipEmptyParts + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + krunner -- Add patch to fix ABI mismatch (kde#423003, boo#1175563): +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes to list here. + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes to list here. + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Add template for python runner + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Update template for KDE Store compatibility and improve README + * Remove obsolete COPYING files + * Add support for runner syntaxes to dbus runners + * KRunner: Convert copyright statements to SPDX expressions + * Fix some clazy warnings + * Save RunnerContext after each match session + * Remove dead debug code + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Remove unused forward declaration + * Implement KConfig watcher for enabled plugins and runner KCMs + * Do not remove virtual method from build (kde#423003) + * Deprecate AbstractRunner::dataEngine(...) + * Fix disabled runners and runner config for plasmoid + * Use KF-standardized Qt logging categories + * Delay emitting metadata porting warnings until KF 5.75 +- Drop krunner/0001-Do-not-remove-virtual-method-from-build.patch + * Merged upstream. + +- Add patch to fix ABI mismatch (kde#423003): +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix RunnerContextTest to not assume presence of .bashrc + * Use embedded JSON metadata for binary plugins & custom for D-Bus plugins + * Emit queryFinished when all jobs for current query have finished (kde#422579) + kservice +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix two recent regressions + * Allow NotShowIn=KDE apps, listed in mimeapps.list, to be used (kde#427469) + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * autotests: port kmimeassociationstest to KApplicationTrader + * Write fallback value for KCM Exec lines with appropriate executable + * Various fixes + * Documentation fixes + * Remove a bit of dead code + * Solve some minor clazy warnings + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix shadow variable. Reported by cppcheck + * bring back disableAutoRebuild from the brink (kde#423931) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Implement invokeTerminal on Windows with workdir, command and envs + * Clean forward declaration + * Fix application preference ordering for mimetypes with multiple inheritance. + * Remove obsolete COPYING files + * Bundle the Application servicetype into a qrc file. + * Fix KApplicationTrader API docs being incompletely generated + * Expand tilde character when reading working directory (kde#424974) + * KService: Convert copyright statements to SPDX expressions + * Cleanup overload + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Add overload to invoke terminal with ENV variables + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + ktexteditor +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes to list here. + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes to list here. + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * add icons to all buttons of file modified message (kde#423061) + * Revert changes in autotests. It seems that camelcase changes breaks them + * Use camelcase include. (scripted) + * Use the canonical docs.kde.org URLs + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Make "goto line" work backwards (kde#411165) + * fix crash on view deletion if ranges are still alive (kde#422546) + +- Update to 5.71.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.71.0 +- Changes since 5.70.0: + * Add .diff to the file-changed-diff to enable mime detection on windows. + * scrollbar minimap: performance: delay update for inactive documents + * Make text always align with font base line + * Port from KRun::runUrl to OpenUrlJob + * Fix modified line marker in kate minimap + * Port to KIO::statDetails. We only need StatBasic since we only need the permissions + ktextwidgets +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Add missing explicit (cppcheck warning) + * Constify pointer when it's possible + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Add license texts according to REUSE specification + * Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kunitconversion +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Change platofrm name according to KApiDox warning + * Reduce documentation warnings + * Remove since 4.4 statements + * Remove license statements to API documentation + * Use uppercase for Fuel Efficiency + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kwallet +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Various fixes + * Documentation fixes: Use more entities and some punctuation + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Initialize variable in header + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Avoid clash with a macro in ctype.h from OpenBSD + * Remove obsolete COPYING files + * KWallet: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * use better Name and follow HIG + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + * Mark API as deprecated also in D-Bus interface description + * Add copy of org.kde.KWallet.xml without deprecated API + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Introduce three new methods that return all "entries" in a folder + kwayland +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Provide convenience methods around wl_data_offet_accept() + * Mark enums in a Q_OBJECT, Q_ENUM + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * fix compile, last() is no iterator + * Don't cache QList::end() iterator if erase() is used + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * [autotests] Skip failing unit test + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * plasma-window-management: Adapt to changes in the protocol + * PlasmaWindowManagement: adopt changes in the protocol + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + kwidgetsaddons +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * new setUsernameContextHelp on KPasswordDialog + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * kpassworddialog documentation typos-- + * KFontRequester: remove, the now redundant, nearestExistingFont helper + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * kviewstateserializer.cpp - crash guards in restoreScrollBarState() + * const'ify pointer + initialize variable in headers + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Qt::MiddleButton is deprecated in qt5.15 branch + * Use Q_DECLARE_OPERATORS_FOR_FLAGS in same namespace as flags definition + * Add KRecentFilesMenu to replace KRecentFileAction + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * KMultiTabBar: paint tab icons active on mouseover + * Fix KMultiTabBar to paint the icon shifted on down/checked by style design + * Use new overwrite icon for Overwrite GUI Item (kde#406563) + * Install kwidgetsaddons.categories file + * KWidgetsAddons: Convert copyright headers to SPDX expressions + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix KTimeComboBox for locales with unusual characters in formats (kde#405857) + * KPageView: remove invisible pixmap on right side of header + * KTitleWidget: move from QPixmap property to QIcon property + * Deprecate some KMultiTabBarButton/KMultiTabBarTab API using QPixmap + * KMultiTabBarTab: make styleoption state logic follow QToolButton even more + * KMultiTabBar: do not display checked buttons in QStyle::State_Sunken + * Fix mem leak found by ASAN + * [KCharSelect] Initially give focus to the search lineedit + kwindowsystem +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * xcb: Fix detection of screen sizes for High-DPI + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Remove obsolete license texts + * Relicense the file to LGPL-2.1-or-later + * Relicense files to be compatible with LGPL-2.1 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Install platform plugins in a directory with no dots in file name (kde#425652) + * [xcb] Scaled icon geometry correctly everywhere + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * [xcb] Send correctly scaled icon geometry (kde#407458) + kxmlgui +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Add a KF6 TODO for KMainWindow::canBeRestored() + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * [kmainwindow] Don't delete entries from an invalid kconfiggroup (kde#427236) + * Don't overlap main windows when opening additional instances (kde#426725) + * [kmainwindow] Don't create native windows for non-toplevel windows (kde#424024) + * Handle double close in main window (kde#416728) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Using no deprecated enum Qt::MiddleButton + * Allow opting out of remembering window positions on X11 + * Save and restore position of main window (kde#415150) + * Remove obsolete COPYING files + * KXMLGUI: Convert copyright statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Make KXmlGuiVersionHandler::findVersionNumber public in KXMLGUIClient + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Use kcm_users instead of user_manager + * Use new KTitleWidget::icon/iconSize API + * autotests: use ui_standards.rc from qrc from unittests + * autotests: repair after previous commit, now the settings menu is always there + * Move "Switch Application Language" to Settings menu (kde#177856) + libKF5ModemManagerQt +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + libKF5NetworkManagerQt +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Add enum and declarations to allow passing capabilities + in the registration process to NetworkManager + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Remove secrets logging + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + libgcrypt +- FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872] + * Print the debug messages in test_keys() only in debug mode. +- Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch + libgcrypt-PCT-ECC.patch + +- FIPS: libgcrypt: Double free in test_keys() on failed signature + verification [bsc#1169944] + * Use safer gcry_mpi_release() instead of mpi_free() +- Update patches: + * libgcrypt-PCT-DSA.patch + * libgcrypt-PCT-RSA.patch + * libgcrypt-PCT-ECC.patch + +- Ship the FIPS checksum file in the shared library package and + create a separate trigger file for the FIPS selftests (bsc#1169569) + * add libgcrypt-fips_selftest_trigger_file.patch + * refresh libgcrypt-global_init-constructor.patch +- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted + by libgcrypt-global_init-constructor.patch + +- FIPS: Verify that the generated signature and the original input + differ in test_keys function for RSA, DSA and ECC: [bsc#1165539] +- Add zero-padding when qx and qy have different lengths when + assembling the Q point from affine coordinates. +- Refreshed patches: + * libgcrypt-PCT-DSA.patch + * libgcrypt-PCT-RSA.patch + * libgcrypt-PCT-ECC.patch + +- FIPS: Switch the PCT to use the new signature operation [bsc#1165539] + * Patches for DSA, RSA and ECDSA test_keys functions: + - libgcrypt-PCT-DSA.patch + - libgcrypt-PCT-RSA.patch + - libgcrypt-PCT-ECC.patch +- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch + +- FIPS: Fix drbg to be threadsafe [bsc#1167674] + * Detect fork and re-open devices in_gcry_rndlinux_gather_random + * libgcrypt-check-re-open-dev_random-after-fork.patch + +- FIPS: Run self-tests from constructor during power-on [bsc#1166748] + * Set up global_init as the constructor function: + - libgcrypt-global_init-constructor.patch + * Relax the entropy requirements on selftest. This is especially + important for virtual machines to boot properly before the RNG + is available: + - libgcrypt-random_selftests-testentropy.patch + - libgcrypt-rsa-no-blinding.patch + - libgcrypt-ecc-ecdsa-no-blinding.patch + * Fix benchmark regression test in FIPS mode: + - libgcrypt-FIPS-GMAC_AES-benckmark.patch + +- Remove check not needed in _gcry_global_constructor [bsc#1164950] + * Update libgcrypt-Restore-self-tests-from-constructor.patch + +- FIPS: Run the self-tests from the constructor [bsc#1164950] + * Add libgcrypt-invoke-global_init-from-constructor.patch + +- ECDSA: Check range of coordinates (bsc#1161216) + * add libgcrypt-ECDSA_check_coordinates_range.patch + +- FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219] +- FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215] +- FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220] + * Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch + +- FIPS: keywrap gives incorrect results [bsc#1161218] + * Add libgcrypt-AES-KW-fix-in-place-encryption.patch + +- FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337] + * Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch + +- Fix tests in FIPS mode: + * Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem + * Add patch libgcrypt-fix-tests-fipsmode.patch + +- Fix test dsa-rfc6979 in FIPS mode: + * Disable tests in elliptic curves with 192 bits which are not + recommended in FIPS mode + * Add patch libgcrypt-dsa-rfc6979-test-fix.patch + +- CMAC AES and TDES FIPS self-tests: + * CMAC AES self test missing [bsc#1155339] + * CMAC TDES self test missing [bsc#1155338] +- Add libgcrypt-CMAC-AES-TDES-selftest.patch + +- Security fix: [bsc#1148987,CVE-2019-13627] + * Mitigation against an ECDSA timing attack + * Added libgcrypt-CVE-2019-13627.patch + +- Fixed an issue created by incomplete implementation of previous change - [bsc#1097073] + * Removed section of libgcrypt-binary_integrity_in_non-FIPS.patch + that caused some tests to be executed more than once. + +- Fixed a race condition in initialization. + * Added libgcrypt-1.8.4-allow_FSM_same_state.patch +- Security fix: [bsc#1138939, CVE-2019-12904] + * The C implementation of AES is vulnerable to a flush-and-reload + side-channel attack because physical addresses are available to + other processes. (The C implementation is used on platforms where + an assembly-language implementation is unavailable.) + * Added patches: + - libgcrypt-CVE-2019-12904-GCM-Prefetch.patch + - libgcrypt-CVE-2019-12904-GCM.patch + - libgcrypt-CVE-2019-12904-AES.patch +- Fixed env-script-interpreter in cavs_driver.pl + +- Fixed redundant fips tests in some situations causing sudo to stop + working when pam-kwallet is installed. bsc#1133808 + * Added libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch + * Removed libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch + because it was obsoleted by libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch + +- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests + are invoked as well as the state transition, adjust the code so + a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) + * update libgcrypt-binary_integrity_in_non-FIPS.patch + +- Enforce the minimal RSA keygen size in fips mode (bsc#1125740) + * add libgcrypt-fips_rsa_no_enforced_mode.patch + +- Don't run full self-tests from constructor (bsc#1097073) + * Don't call global_init() from the constructor, _gcry_global_constructor() + from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary + integrity check instead. + * Only the binary checksum will be verified, the remaining + self-tests will be run upon the library initialization +- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch +- Drop libgcrypt-init-at-elf-load-fips.patch and + libgcrypt-fips_run_selftest_at_constructor.patch + +- Skip all the self-tests except for binary integrity when called + from the constructor (bsc#1097073) + * Added libgcrypt-1.8.3-fips-ctor.patch + +- Fail selftests when checksum file is missing in FIPS mode only + (bsc#1117355) + * add libgcrypt-binary_integrity_in_non-FIPS.patch + +- Apply "CVE-2018-0495.patch" from upstream to enable blinding for + ECDSA signing. This change mitigates a novel side-channel attack. + [CVE-2018-0495, bsc#1097410] + +- Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they + are installed in the right order. [bsc#1090766] + +- Extended the fipsdrv dsa-sign and dsa-verify commands with the + - -algo parameter for the FIPS testing of DSA SigVer and SigGen + (bsc#1064455). + * Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch + * Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch + +- Use %license (boo#1082318) + +- libgcrypt 1.8.2: + * Fix fatal out of secure memory status in the s-expression + parser on heavy loaded systems. + * Add auto expand secmem feature or use by GnuPG 2.2.4 + +- libgcrypt 1.8.1: + * Mitigate a local side-channel attack on Curve25519 dubbed "May + the Fourth be With You" CVE-2017-0379 bsc#1055837 + * Add more extra bytes to the pool after reading a seed file + * Add the OID SHA384WithECDSA from RFC-7427 to SHA-384 + * Fix build problems with the Jitter RNG + * Fix assembler code build problems on Rasbian (ARMv8/AArch32-CE) + +- RPM group fixes. + +- libgcrypt 1.8.0: + * New cipher mode XTS + * New hash function Blake-2 + * New function gcry_mpi_point_copy. + * New function gcry_get_config. + * GCRYCTL_REINIT_SYSCALL_CLAMP allows to init nPth after Libgcrypt. + * New gobal configuration file /etc/gcrypt/random.conf. + * GCRYCTL_PRINT_CONFIG does now also print build information for + libgpg-error and the used compiler version. + * GCRY_CIPHER_MODE_CFB8 is now supported. + * A jitter based entropy collector is now used in addition to the + other entropy collectors. + * Optimized gcry_md_hash_buffers for SHA-256 and SHA-512. + random pool lock). + * Interface changes relative to the 1.7.0 release: + gcry_get_config NEW function. + gcry_mpi_point_copy NEW function. + GCRYCTL_REINIT_SYSCALL_CLAMP NEW macro. + GCRY_MD_BLAKE2B_512 NEW constant. + GCRY_MD_BLAKE2B_384 NEW constant. + GCRY_MD_BLAKE2B_256 NEW constant. + GCRY_MD_BLAKE2B_160 NEW constant. + GCRY_MD_BLAKE2S_256 NEW constant. + GCRY_MD_BLAKE2S_224 NEW constant. + GCRY_MD_BLAKE2S_160 NEW constant. + GCRY_MD_BLAKE2S_128 NEW constant. + GCRY_CIPHER_MODE_XTS NEW constant. + gcry_md_info DEPRECATED. +- Refresh patch libgcrypt-1.6.3-aliasing.patch + +- libgcrypt 1.7.8: + * CVE-2017-7526: Mitigate a flush+reload side-channel attack on + RSA secret keys (bsc#1046607) + +- libgcrypt 1.7.7: + * Fix possible timing attack on EdDSA session key (previously + patched, drop libgcrypt-secure-EdDSA-session-key.patch) + * Fix long standing bug in secure memory implementation which + could lead to a segv on free + +- Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326] + * Store the session key in secure memory to ensure that constant + time point operations are used in the MPI library. + +- libgcrypt 1.7.6: + * Fix counter operand from read-only to read/write + * Fix too large jump alignment in mpih-rshift + +- libgcrypt 1.7.5: + * Fix regression in mlock detection introduced with 1.7.4 + +- libgcrypt 1.7.4: + * ARMv8/AArch32 performance improvements for AES, GCM, SHA-256, + and SHA-1. + * Add ARMv8/AArch32 assembly implementation for Twofish and + Camellia. + * Add bulk processing implementation for ARMv8/AArch32. + * Add Stribog OIDs. + * Improve the DRBG performance and sync the code with the Linux + version. + * When secure memory is requested by the MPI functions or by + gcry_xmalloc_secure, they do not anymore lead to a fatal error + if the secure memory pool is used up. Instead new pools are + allocated as needed. These new pools are not protected against + being swapped out (mlock can't be used). Mitigation for + minor confidentiality issues is encryption swap space. + * Fix GOST 28147 CryptoPro-B S-box. + * Fix error code handling of mlock calls. + +- libgcrypt 1.7.3: + * security issue already fixes with 1.6.6 + * Fix building of some asm modules with older compilers and CPUs. + * ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1. +- includes changes from libgcrypt 1.7.2: + * Bug fixes: + - Fix setting of the ECC cofactor if parameters are specified. + - Fix memory leak in the ECC code. + - Remove debug message about unsupported getrandom syscall. + - Fix build problems related to AVX use. + - Fix bus errors on ARM for Poly1305, ChaCha20, AES, and SHA-512. + * Internal changes: + - Improved fatal error message for wrong use of gcry_md_read. + - Disallow symmetric encryption/decryption if key is not set. +- includes changes from 1.7.1: + * Bug fixes: + - Fix ecc_verify for cofactor support. + - Fix portability bug when using gcc with Solaris 9 SPARC. + - Build fix for OpenBSD/amd64 + - Add OIDs to the Serpent ciphers. + * Internal changes: + - Use getrandom system call on Linux if available. + - Blinding is now also used for RSA signature creation. + - Changed names of debug envvars +- includes changes from 1.7.0: + * New algorithms and modes: + - SHA3-224, SHA3-256, SHA3-384, SHA3-512, and MD2 hash algorithms. + - SHAKE128 and SHAKE256 extendable-output hash algorithms. + - ChaCha20 stream cipher. + - Poly1305 message authentication algorithm + - ChaCha20-Poly1305 Authenticated Encryption with Associated Data + mode. + - OCB mode. + - HMAC-MD2 for use by legacy applications. + * New curves for ECC: + - Curve25519. + - sec256k1. + - GOST R 34.10-2001 and GOST R 34.10-2012. + * Performance: + - Improved performance of KDF functions. + - Assembler optimized implementations of Blowfish and Serpent on + ARM. + - Assembler optimized implementation of 3DES on x86. + - Improved AES using the SSSE3 based vector permutation method by + Mike Hamburg. + - AVX/BMI is used for SHA-1 and SHA-256 on x86. This is for SHA-1 + about 20% faster than SSSE3 and more than 100% faster than the + generic C implementation. + - 40% speedup for SHA-512 and 72% for SHA-1 on ARM Cortex-A8. + - 60-90% speedup for Whirlpool on x86. + - 300% speedup for RIPE MD-160. + - Up to 11 times speedup for CRC functions on x86. + * Other features: + - Improved ECDSA and FIPS 186-4 compliance. + - Support for Montgomery curves. + - gcry_cipher_set_sbox to tweak S-boxes of the gost28147 cipher + algorithm. + - gcry_mpi_ec_sub to subtract two points on a curve. + - gcry_mpi_ec_decode_point to decode an MPI into a point object. + - Emulation for broken Whirlpool code prior to 1.6.0. [from 1.6.1] + - Flag "pkcs1-raw" to enable PCKS#1 padding with a user supplied + hash part. + - Parameter "saltlen" to set a non-default salt length for RSA PSS. + - A SP800-90A conforming DRNG replaces the former X9.31 alternative + random number generator. + - Map deprecated RSA algo number to the RSA algo number for better + backward compatibility. [from 1.6.2] + - Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. + See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. + [from 1.6.3] + - Fixed data-dependent timing variations in modular exponentiation + [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks + are Practical]. [from 1.6.3] + - Flag "no-keytest" for ECC key generation. Due to a bug in + the parser that flag will also be accepted but ignored by older + version of Libgcrypt. [from 1.6.4] + - Speed up the random number generator by requiring less extra + seeding. [from 1.6.4] + - Always verify a created RSA signature to avoid private key leaks + due to hardware failures. [from 1.6.4] + - Mitigate side-channel attack on ECDH with Weierstrass curves + [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for + details. [from 1.6.5] + * Internal changes: + - Moved locking out to libgpg-error. + - Support of the SYSROOT envvar in the build system. + - Refactor some code. + - The availability of a 64 bit integer type is now mandatory. + * Bug fixes: + - Fixed message digest lookup by OID (regression in 1.6.0). + - Fixed a build problem on NetBSD + - Fixed some asm build problems and feature detection bugs. + * Interface changes relative to the 1.6.0 release: + gcry_cipher_final NEW macro. + GCRY_CIPHER_MODE_CFB8 NEW constant. + GCRY_CIPHER_MODE_OCB NEW. + GCRY_CIPHER_MODE_POLY1305 NEW. + gcry_cipher_set_sbox NEW macro. + gcry_mac_get_algo NEW. + GCRY_MAC_HMAC_MD2 NEW. + GCRY_MAC_HMAC_SHA3_224 NEW. + GCRY_MAC_HMAC_SHA3_256 NEW. + GCRY_MAC_HMAC_SHA3_384 NEW. + GCRY_MAC_HMAC_SHA3_512 NEW. + GCRY_MAC_POLY1305 NEW. + GCRY_MAC_POLY1305_AES NEW. + GCRY_MAC_POLY1305_CAMELLIA NEW. + GCRY_MAC_POLY1305_SEED NEW. + GCRY_MAC_POLY1305_SERPENT NEW. + GCRY_MAC_POLY1305_TWOFISH NEW. + gcry_md_extract NEW. + GCRY_MD_FLAG_BUGEMU1 NEW [from 1.6.1]. + GCRY_MD_GOSTR3411_CP NEW. + GCRY_MD_SHA3_224 NEW. + GCRY_MD_SHA3_256 NEW. + GCRY_MD_SHA3_384 NEW. + GCRY_MD_SHA3_512 NEW. + GCRY_MD_SHAKE128 NEW. + GCRY_MD_SHAKE256 NEW. + gcry_mpi_ec_decode_point NEW. + gcry_mpi_ec_sub NEW. + GCRY_PK_EDDSA NEW constant. + GCRYCTL_GET_TAGLEN NEW. + GCRYCTL_SET_SBOX NEW. + GCRYCTL_SET_TAGLEN NEW. +- Apply libgcrypt-1.6.3-aliasing.patch only on big-endian + architectures +- update drbg_test.patch and install cavs testing directory again +- As DRBG is upstream, drop pateches: + v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch + 0002-Compile-DRBG.patch + 0003-Function-definitions-of-interfaces-for-random.c.patch + 0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch + 0005-Function-definitions-for-gcry_control-callbacks.patch + 0006-DRBG-specific-gcry_control-requests.patch + v9-0007-User-interface-to-DRBG.patch + libgcrypt-fix-rng.patch +- drop obsolete: + libgcrypt-fips-dsa.patch + libgcrypt-fips_ecdsa.patch + +- libgcrypt 1.6.6: + * fix CVE-2016-6313: Issue in the mixing functions of the random + number generators allowed an attacker who obtained a number of + bytes from the standard RNG to predict some of the next ouput. + (bsc#994157) + +- remove conditionals for unsupported distributions (before 13.2), + it would not build anyway because of new dependencies + +- make the -hmac package depend on the same version of the library, + fixing bsc#979629 FIPS: system fails to reboot after installing + fips pattern + +- update to 1.6.5: + * CVE-2015-7511: Mitigate side-channel attack on ECDH with + Weierstrass curves (boo#965902) + +- follow-up to libgcrypt 1.6.4 update: sosuffix is 20.0.4 + +- update to 1.6.4 +- fixes libgcrypt equivalent of CVE-2015-5738 (bsc#944456) + * Speed up the random number generator by requiring less extra + seeding. + * New flag "no-keytest" for ECC key generation. Due to a bug in the + parser that flag will also be accepted but ignored by older version + of Libgcrypt. + * Always verify a created RSA signature to avoid private key leaks + due to hardware failures. + * Other minor bug fixes. + +- Fix gpg2 tests on BigEndian architectures: s390x ppc64 + libgcrypt-1.6.3-aliasing.patch + +- fix sosuffix for 1.6.3 (20.0.3) + +- libgcrypt 1.6.3 [bnc#920057]: + * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. + * Fixed data-dependent timing variations in modular exponentiation + [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks + are Practical]. +- update upstream signing keyring + +- making the build reproducible - see + http://lists.gnupg.org/pipermail/gnupg-commits/2014-September/010683.html + for a very similiar problem + +- Move %install_info_delete calls from postun to preun: the files + must still be present to be parsed. +- Fix the names passed to install_info for gcrypt.info-[12].gz + instead of gcrypt-[12].info.gz. + +- fix filename for info pages in %post scripts + +- libgcrypt 1.6.2: + * Map deprecated RSA algo number to the RSA algo number for better + backward compatibility. + * Support a 0x40 compression prefix for EdDSA. + * Improve ARM hardware feature detection and building. + * Fix building for the x32 ABI platform. + * Fix some possible NULL deref bugs. +- remove libgcrypt-1.6.0-use-intenal-functions.patch, upstream + via xtrymalloc macro +- remove libgcrypt-fixed-sizet.patch, upstream +- adjust libgcrypt-1.6.1-use-fipscheck.patch for xtrymalloc change + libidn2 -- The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later, - match factory licenses (bsc#1180138) - -- Update to version 2.2.0 CVE-2019-12290 bsc#1154884: - * Perform A-Label roundtrip for lookup functions by default - * Stricter check of input to punycode decoder - * Fix punycode decoding with no ASCII chars but given delimiter - * Fix 'idn2 --no-tr64' (was a no-op) - * Allow _ as a basic code point in domain labels - * Fail building documentation if 'ronn' isn't installed - * git tag changed to reflect https://semver.org/ - -- update to 2.1.1 CVE-2019-18224 bsc#1154887: - * Revert SONAME bump from release 2.1.0 - * Fix NULL dereference in idn2_register_u8() and - idn2_register_ul() - * Fix free of random value in idn2_to_ascii_4i() - * Improved fuzzer (which found the above issues) - * Check for valid unicode input in punycode encoder - * Avoid excessive CPU usage in punycode encoding with - large inputs - * Deprecate idn2_to_ascii_4i() in favor of idn2_to_ascii_4i2() - * Restrict output length of idn2_to_ascii_4i() to 63 bytes - -- update to 2.1.0: - * Two internal functions are no longer exposed, soname bump - * Fix label length check for idn2_register_u8() - * Add missing error messages to idn2_strerror_name() - -- update to 2.0.5: - * Switch the default library behavior to IDNA2008 as amended by - TR#46 (non-transitional). That default behavior is enabled when - no flags are specified to function calls. Applications can - utilize the %IDN2_NO_TR46 flag to switch to the unamended - IDNA2008. This is done in the interest of interoperability - based on the fact that this is what application writers care - about rather than strict compliance with a particular protocol - * Fixed memory leak in idn2_to_unicode_8zlz() - * Return error (IDN2_ICONV_FAIL) on charset conversion errors - * Fixed issue with STD3 rules applying in non-transitional TR46 - mode - * idn2: added option --usestd3asciirules -- put translations into libidn2-lang -- correct location of install_info_prereq macro to be on tools - -- update to 2.0.4: - * Fix integer overflow in bidi.c/_isBidi() bsc#1056451 - * Fix integer overflow in puny_decode.c/decode_digit() - bsc#1056450 - * Fix idna_free() to idn_free() -- enable documentation again - -- update to 2.0.3: - * %IDN2_USE_STD3_ASCII_RULES disabled by default. - Previously libidn2 was eliminating non-STD3 characters from - domain strings such as _443._tcp.example.com, or IPs such as - 1.2.3.4/24 provided to libidn2 functions. That was an - unexpected regression for applications switching from libidn - and thus it is no longer applied by default. - Use %IDN2_USE_STD3_ASCII_RULES to enable that behavior again. -- disable documentation, does not build correctly - -- update to 2.0.2: - * Fix TR46 transitional mode - * Fix several documentation issues - -- Sources updated from http://alpha.gnu.org to https://ftp.gnu.org - -- Update to version 2.0.1 -- Version 2.0.1 (released 2017-04-22) - * idn2 utility now using IDNA2008 + TR46 by default -- Version 2.0.0 (released 2017-03-29) [alpha] - * Version numbering scheme changed - * Added to ASCII conversion functions corresponding to libidn1 - functions: - - idn2_to_ascii_4i - idn2_to_ascii_4z - - idn2_to_ascii_8z - idn2_to_ascii_lz - * Added to unicode conversion functions corresponding to libidn1 - functions: - - idn2_to_unicode_8z4z - idn2_to_unicode_4z4z - - idn2_to_unicode_44i - idn2_to_unicode_8z8z - - idn2_to_unicode_8zlz - idn2_to_unicode_lzlz - * Including idn2.h will provide libidn1 compatibility functions - unless IDN2_SKIP_LIBIDN_COMPAT is defined. That allows converting - applications from libidn1 (which offers IDNA2003) to libidn2 (which - offers IDNA2008) by replacing idna.h to idn2.h in the applications' - source. -- Dropped patch not needed after revision - * libidn2-no-examples-build.patch - -- Update to version 0.16 - * build: Fix idn2_cmd.h build rule. - * API and ABI is backwards compatible with the previous version. -- Update to version 0.15 (released 2017-01-14) - * Fix out-of-bounds read. - * Fix NFC input conversion (regression). - * Shrink TR46 static mapping data. - * API and ABI is backwards compatible with the previous version. -- Update to version 0.14 (released 2016-12-30) - * build: Fix gentr46map build. - * API and ABI is backwards compatible with the previous version. -- Update to version 0.13: - * build: Doesn't download external files during build. - * doc: Clarify license. - * build: Generate ChangeLog file properly. - * doc: API documentation related to TR46 flags. - * API and ABI is backwards compatible with the previous version. -- Update to version 0.12: - * Builds/links with libunistring. - * Fix two possible crashes with unchecked NULL pointers. - * Memleak fix. - * Binary search for codepoints in tables. - * Do not taint output variable on error in idn2_register_u8(). - * Do not taint output variable on error in idn2_lookup_u8(). - * Update to Unicode 6.3.0 IDNA tables. - * Add TR46 / UTS#46 support to API and idn2 utility. - * Add NFC quick check. - * Add make target 'check-coverage' for test coverage report. - * Add tests to increase test code coverage. - * API and ABI is backwards compatible with the previous version. - -- update to 0.11: - * Fix stack underflow in 'idn2' command line tool. [boo#1014473] - * Fix gdoc script to fix texinfo syntax error. - * API and ABI is backwards compatible with the previous version. - -- Convert to libidn2 package started to being used, namely by curl -- Alternative implementation based on new specification from 2008 - + completely different codebase with no ties to libidn - -- libidn 1.33: - * bnc#990189 CVE-2015-8948 CVE-2016-6262 - * bnc#990190 CVE-2016-6261 - * bnc#990191 CVE-2016-6263 - * libidn: Fix out-of-bounds stack read in idna_to_ascii_4i. - * idn: Solve out-of-bounds-read when reading one zero byte as input. - * libidn: stringprep_utf8_nfkc_normalize reject invalid UTF-8. - -- Update to 1.32 - * libidn: Fix crash in idna_to_unicode_8z8z and - idna_to_unicode_8zlz. This problem was introduced in 1.31. - * API and ABI is backwards compatible with the previous version. -- Update gpg keyring - -- Add Apache-2.0 license to the license line. Under this is the - java code, but we don't build it -> just the sources license - -- Version bump to 1.31: - * Fixes bnc#923241 CVE-2015-2059 out-of-bounds read with stringprep on - invalid UTF-8 - * Few other triv changes - -- Version bump to 1.30: - * punycode.{c,h} files were reimported -- Cleanup with spec-cleaner - -- update version 1.29: - * libidn: Mark internal variable "g_utf8_skip" as static. - * idn: Flush stdout to simplify for tools that buffer too heavily. - * i18n: Added Brazilian Portuguese translation. - * Update gnulib files. - * API and ABI is backwards compatible with the previous version. - libmodulemd +- Update to 2.10.0 + + Add modulemd-obsoletes + + Add modulemd v3 format +- Fix build for 32-bit architectures with patch from upstream + + Patch: 0001-Fix-integer-size-issue-on-32-bit-platforms.patch + +- Rebase to 2.9.4 + + Deprecate reset methods in favor of clear methods + + Add modulemd-validator man page + + Add Module.search_streams_by_glob() + + Add ModuleIndex.search_streams() method + + Add Modulemd.Module.search_streams_by_nsvca_glob() + + Add ModuleIndex.search_streams_by_nsvca_glob() + + Add ModuleIndex.search_rpms() + + Add ModuleStreamV2.search_profiles() + + Add framework for handling modulemd-packager YAML documents + + Return appropriate error when parsing a ModulemdStream doc fails + + Rework ModulemdError and ModulemdYamlError + + Improve Modulemd*ErrorEnum deprecations + + Use the new error enums everywhere + + Fix inconsistent error setting + + Make SKIP_UNKNOWN return UNKNOWN_ATTR in strict mode + + modulemd-packager: Check for extraneous attributes + + Fix bug printing negative buildorder values + + Handle NULL nsvca_patterns for globs + + Relax handling of differing content for the same NSVCA + libmwaw +- update to 0.3.17: + - add a parser for Jazz(Lotus) writer and spreasheet files + + the writer parser can only be called if the file still + contains its resource fork + - add a parser for Canvas 3 and 3.5 files + - AppleWorks parser: try to retrieve more Windows presentation + - add a parser for Drawing Table files + - add a parser for Canvas 2 files + - configure.ac: add an enable-asan option + - API: add new reserved enums in MWAWDocument.hxx + MWAW_T_RESERVED10..MWAW_T_RESERVED29 + and add a new define in libmwaw.hxx + MWAW_INTERFACE_VERSION + to check if these enums are defined + +- Update to 0.3.16: + - remove the QuarkXPress parser (must be in libqxp) + - retrieve the annotation in MsWord 5 document + - try to better understand RagTime 5-6 document + - add a parser for QuarkXPress v1-2 files + libnettle -- Install checksums for binary integrity verification which are - required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) - -- Update to 3.4.1 - FATE#327114 (bsc#1129598) - * Fix CVE-2018-16869 (bsc#1118086) - libnettle-CVE-2018-16869-3.4.patch (removed) - All functions using RSA private keys are now side-channel - silent, meaning that they try hard to avoid any branches or - memory accesses depending on secret data. This applies both to - the bignum calculations, which now use GMP's mpn_sec_* family - of functions, and the processing of PKCS#1 padding needed for - RSA decryption. - * Changes in behavior: - The functions rsa_decrypt and rsa_decrypt_tr may now clobber - all of the provided message buffer, independent of the - actual message length. They are side-channel silent, in that - branches and memory accesses don't depend on the validity or - length of the message. Side-channel leakage from the - caller's use of length and return value may still provide an - oracle useable for a Bleichenbacher-style chosen ciphertext - attack. Which is why the new function rsa_sec_decrypt is - recommended. - * New features: - A new function rsa_sec_decrypt. - * Bug fixes: - - Fix bug in pkcs1-conv, missing break statements in the - parsing of PEM input files. - - Fix link error on the pss-mgf1-test test, affecting builds - without public key support. - -- Security fix: [bsc#1118086, CVE-2018-16869] - * Leaky data conversion exposing a manager oracle - * Added libnettle-CVE-2018-16869-3.4.patch - -- Use %license (boo#1082318) - -- libnettle 3.4: - * Fixed an improper use of GMP mpn_mul, breaking curve2559 and - eddsa on certain platforms - * Fixed memory leak when handling invalid signatures in - ecdsa_verify. Fix contributed by Nikos Mavrogiannopoulos. - * Reorganized the way certain data items are made available: - Nettle header files now define the symbols - nettle_hashes, nettle_ciphers, and nettle_aeads, as - preprocessor macros invoking a corresponding accessor - function. For backwards ABI compatibility, the symbols are - still present in the compiled libraries, and with the same - sizes as in nettle-3.3. - * Support for RSA-PSS signatures - * Support for the HKDF key derivation function, defined by RFC - 5869 - * Support for the Cipher Feedback Mode (CFB) - * New accessor functions: nettle_get_hashes, - nettle_get_ciphers, nettle_get_aeads, nettle_get_secp_192r1, - nettle_get_secp_224r1, nettle_get_secp_256r1, - nettle_get_secp_384r1, nettle_get_secp_521r1. - Direct access to data items is deprecated going forward. - * The base16 and base64 functions now use the type char * for - ascii data, rather than uint8_t *. This eliminates the last - pointer-signedness warnings when building Nettle - * The contents of the header file nettle/version.h is now - architecture independent, except in --enable-mini-gmp - * Prevent data sizes from leaking into the ABI -- Fixes previously carried as patches: - * Fix compilation error with --enable-fat om ARM - Drop nettle-3.3-fix-fat-arm.patch - -- Add patch to fix build of fat-arm: - * nettle-3.3-fix-fat-arm.patch - -- Build nettle with AES-NI support (bsc#1056980) - -- Explicitly BuildRequire m4 - -- libnettle 3.3: - * Invalid private RSA keys, with an even modulo, are now - rejected by rsa_private_key_prepare. (Earlier versions - allowed such keys, even if results of using them were bogus). - Nettle applications are required to call - rsa_private_key_prepare and check the return value, before - using any other RSA private key functions; failing to do so - may result in crashes for invalid private keys. - * Ignore bit 255 of the x coordinate of the input point to - curve25519_mul, as required by RFC 7748. To differentiate at - compile time, curve25519.h defines the constant - NETTLE_CURVE25519_RFC7748. - * RSA and DSA now use side-channel silent modular - exponentiation, to defend against attacks on the private key - from evil processes sharing the same processor cache. This - attack scenario is of particular relevance when running an - HTTPS server on a virtual machine, where you don't know who - you share the cache hardware with. - bsc#991464 CVE-2016-6489 - * Fix sexp-conv crashes on invalid input - * Fix out-of-bounds read in des_weak_p - * Fix a couple of formally undefined shift operations - * Fix compilation with c89 - * New function memeql_sec, for side-channel silent comparison - of two memory areas. - * Building the public key support of nettle now requires GMP - version 5.0 or later (unless --enable-mini-gmp is used). - -- Fix postun->preun on info packages regenerating - -- Version update to 3.2 release bnc#964849 CVE-2015-8805 bnc#964847 - CVE-2015-8804 bnc#964845 CVE-2015-8803: - * New functions for RSA private key operations, identified by - the "_tr" suffix, with better resistance to side channel - attacks and to hardware or software failures which could - break the CRT optimization - * SHA3 implementation is updated according to the FIPS 202 standard - * New ARM Neon implementation of the chacha stream cipher - * Should be compatible binary with 3.1 series -- Add patch to fix build with cflags: - * nettle-respect-cflags.patch - -- Remove off-by-one-test-suite.patch as it was fixed by upstream - differently - -- nettle 3.1.1 - Non-critical bugfix release, binary compatible to 3.1 - * By accident, nettle-3.1 disabled the assembly code for the - secp_224r1 and secp_521r1 elliptic curves on all x86_64 - configurations, making signature operations on those curves - 10%-30% slower. This code is now re-enabled. - * The x86_64 assembly implementation of gcm hashing has been - fixed to work with the Sun/Oracle assembler. - -added patch: off-by-one-test-suite.patch -- Address Sanitizer, found a off-by-one error in the test suite (bnc#928328) - -- nettle 3.1 (libnettle6, libhogweed4) -- bug fixes in 3.1: - * Fixed a missing include of , which made the camellia - implementation fail on all 64-bit non-x86 platforms. - * Eliminate out-of-bounds reads in the C implementation of memxor - (related to valgrind's --partial-loads-ok flag). [bso#926745) -- interface changes in 3.1: - * Declarations of many internal functions are moved from ecc.h to - ecc-internal.h. -- interface changes in 3.0: - * contains developer relevant incompatible interface changes -- Removed features: - * nettle_next_prime, use GMP's mpz_nextprime - * Deleted the RSAREF compatibility -- New features in 3.1: - * Support for curve25519 and for EdDSA25519 signatures. - * Support for "fat builds" on x86_64 and arm (not enabled) - * Support for building the hogweed library (public key support) - using "mini-gmp" (not enabled) - * The shared libraries are now built with versioned symbols. - * Support for "URL-safe" base64 encoding and decoding -- New features in 3.0: - * new DSA, AES, Camellia interfaces - * Support for Poly1305-AES MAC. - * Support for the ChaCha stream cipher and EXPERIMENTAL - support for the ChaCha-Poly1305 AEAD mode. - * Support for EAX mode. - * Support for CCM mode. - * Additional variants of SHA512 with output size of 224 and 256 bits - * New interface, struct nettle_aead, for mechanisms providing - authenticated encryption with associated data (AEAD). - * DSA: Support a wider range for the size of q and a wider - range for the digest size. - * New command line tool nettle-pbkdf2. -- Optimizations in 3.1: - * New x86_64 implementation of AES, using the "aesni" instructions -- Optimizations in 3.0: - * New x86_64 assembly for GCM and MD5. Modest speedups on the - order of 10%-20%. - -- Add url to the spec - -- Revert back to 2.7 - libnumbertext +- Update to 1.0.6: + * minor fixes and fuzzer fixes + libsolv +- repo_write: fix handling of nested flexarray +- improve choicerule generation a bit more to cover more cases +- harden testcase parser against repos being added too late +- support python-3.10 +- check %_dbpath macro in rpmdb code +- handle default/visible/langonly attributes in comps parser +- support multiple collections in updateinfo parser +- add '-D' option in rpmdb2solv to set the dbpath +- bump version to 0.7.17 + libstaroffice +- Update to 0.0.7: + * fix various compilation's warnings + * fix text:sender-lastname when creating meta-data + libstorage-ng +- merge gh#openSUSE/libstorage-ng#798 +- handle logical partitions in Pool::create_partitions +- 4.3.88 + +- merge gh#openSUSE/libstorage-ng#797 +- added function to calculate size of underlying devices of MD RAID +- added unit tests +- updated documentation +- 4.3.87 + libvirt +- qemu: Add virtio related options to vsock + 8a4b8996-conf-move-virDomainCheckVirtioOptions.patch, + c05f0066-conf-drop-empty-virDomainNetDefPostParse.patch, + 19d4e467-conf-improve-virDomainVirtioOptionsCheckABIStability.patch, + bd112c9e-qemu-virtio-options-vsock.patch + bsc#1182365 + +- qemu: Fix swtpm device with aarch64 + 7cf60006-qemu-swtpm-aarch64.patch, + afb823fc-qemu-validate-swtpm.patch + bsc#1181893 + +- build: Fix generation of virtproxyd socket files + e3d60f76-fix-socket-file-gen.patch + boo#1181838 + libwps +- Update to 0.4.11: + - XYWrite: add a parser to .fil v2,v4 files + - wks,wk1: try to correct some problems when + retrieving cell's reference. + libxcrypt +- add compatibility provides for Step 15 as well (bsc#1181571) + libzypp +- Try to provide a mounted /proc in --root installs (bsc#1181328) + Some systemd tools require /proc to be mounted and fail if it's + not there. +- Enable release packages to request a releaxed suse/opensuse + vendorcheck in dup when migrating. (bsc#1182629) +- version 17.25.8 (22) + +- Patch: Identify well-known category names (bsc#117984) + This allows to use the RH and SUSE patch categrory names + synonymously: + (recommendedi = bugfix) and (optional = feature = enhancement). +- Add missing includes for GCC 11 compatibility. +- Fix %posttrans script execution (fixes #265) + The scripts are execuable. No need to call them through 'sh -c'. +- Commit: Fix rpmdb compat symlink in case rpm got removed. +- Repo: Allow multiple baseurls specified on one line (fixes #285) +- Regex: Fix memory leak and undefined behavior. +- Add rpm buildrequires for test suite (fixes #279) +- Use rpmdb2solv new -D switch to tell the location ob the + rpmdatabase to use. +- BuildRequires: libsolv-devel >= 0.7.17. +- version 17.25.7 (22) + lightdm +- Add lightdm-glibc-2.33-fix.patch that fixes issue with glibc 2.33 + (boo#1181778). The patch was suggested as gh#168. + lilv +- update to 0.24.10: + * Fix memory leaks in lv2bench + * Fix various minor warnings and other code quality issues + * Make lilv_world_get() use translations + * Split and clean up test suite + * Allow passing strings for URIs in Python API when unambiguous + * Fix cases where incorrect translation is used + * Fix deleting state bundles loaded from the model + * Fix memory leak when dyn-manifest has no plugins (thanks Michael Fisher) + * Implement state:freePath feature + +- Add specific version requirement for libserd see boo#1158728 + +- Update to release 0.24.6 fixes boo#1158296 +- Upstream changes: + * Add more strict error detection when storing plugin state + properties + * Add option to override LV2_PATH in applications + * Don't print errors when saving state if correct links already + exist + * Fix GCC8 warnings + * Fix creating directories across drives on Windows + * Fix issues with loading state with saved files from the model + * Fix memory errors and Python 3.4+ compatibility in Python bindings + * Fix unit tests on Windows + * Make Python bindings more Pythonic + +- Version update to 0.24.4: + * Fix saving state when broken links are encountered + * Don't attempt to load remote or non-Turtle files + * lv2apply: Activate plugin before running + * lv2apply: Use default values when they are not nan + * lv2bench: Improve support for plugins with sequence ports + * lv2bench: Support running a single plugin given on the command line + * Gracefully handle plugins with missing binary URIs + * Remove use of deprecated readdir_r + * Install Python bindings when configured without tests + (thanks Clement Skau) + -- Update to 0.18.0 - * Allow lilv_state_restore() to be used without passing an instance, - for restoring port values via a callback only - * Fix unlikely memory leak in lilv_plugin_instantiate() - * Support denoting latency ports with lv2:designation lv2:latency - * Allow passing NULL port_class to lilv_plugin_get_port_by_designation - * Call GetProcAddress with correct calling convention on Windows - * Add support for running plugins from Python by Kaspar Emanuel - * Clean up after test suite so multiple runs are successful - * Add lilv_port_get_node() for using world query functions with ports - * lv2info: Don't display invalid control maxes and defaults - (patch from Robin Gareus) - * lilvmm.hpp: Add wrappers for UI API -- lilv-0.16.0-python_bindings.patch removed - -- Update to 0.16.0 - * Add lilv_world_ask() for easily checking if a statement exists - * Add lilv_world_get() and lilv_port_get() for easily getting one value - * Add lilv_nodes_merge() - * Make lilv_plugin_get_port_by_designation() return a const pointer - * Require a URI for lilv_state_to_string() and fail gracefully otherwise - * Fail gracefully when lilv_state_new_from_string() is called on NULL - * Make state loading functions fall back to lv2:default for port values, - so a plugin description can be loaded as default state - * Ignore state ports with no value instead of printing an error - * Support atom:supports in lilv_port_supports_event() - * Add va_list variant of lilv_plugin_get_num_ports_of_class() - * Fix several plugin functions that failed to load data if called first - * Correctly depend on serd at build time (fix compilation in odd cases) - * Disable timestamps in HTML documentation for reproducible build - * lilvmm.hpp: Support varargs for Plugin::get_num_ports_of_class() - * lilvmm.hpp: Add several missing methods - * Update to waf 1.7.8 and autowaf r90 (install docs to versioned directory) -- Remove lilv-0.14.4-build_compare.patch, applied upstream -- Add lilv-0.16.0-python_bindings.patch -- The minimum sord version is now 0.12.0 -- The documentation directory is now versioned - -- Update to 0.14.4 - * Deprecate old flawed Lilv::Instance constructors - * Fix documentation for ui_type parameter of lilv_ui_is_supported() - * Fix crash when lv2info is run with an invalid URI argument - * Gracefully handle failure to save plugin state and print error message - * Reduce memory usage (per node) - * Simpler node implementation always backed by a SordNode - * Make all 'zix' symbols private to avoid symbol clashes in static builds - * Add lv2bench utility - * Fix various hyper-strict warnings - * Do not require a C++ compiler to build - * Add option to build utilities as static binaries - * Upgrade to waf 1.7.2 - * lilvmm.hpp: Make Lilv::Instance handle features and failed instantiations - * lilvmm.hpp: Add Lilv::Instance::get_handle() - * lilvmm.hpp: Add Lilv::Instance::get_extension_data() -- Add lilv-0.14.4-build_compare.patch to make build reproducible - -- Update to 0.14.2 - * Fix dynmanifest support - * Add lilv_plugin_get_extension_data - * Use path variables in pkgconfig files - * Install man page to DATADIR (e.g. PREFIX/share/man, not PREFIX/man) - * Make Lilv::uri_to_path static inline (fix linking errors) - * Use correct URI for dcterms:replaces (for hiding old plugins): - "http://purl.org/dc/terms/replaces" - * Fix compilation on BSD - * Only load dynmanifest libraries once per bundle, not once per plugin - * Fix lilv_world_find_nodes to work with wildcard subjects - * Add lilv_plugin_get_related to get resources related to plugins that - are not directly rdfs:seeAlso linked (e.g. presets) - * Add lilv_world_load_resource for related resources (e.g. presets) - * Print presets in lv2info - * Remove locale smashing kludges and use new serd functions for converting - nodes to/from numbers. - * Add LilvState API for handling plugin state. This makes it simple to - save and restore plugin state both in memory and on disk, as well as - save presets in a host-sharable way since the disk format is identical - to the LV2 presets format. - * Update old references to lv2_list (now lv2ls) - * Support compilation as C++ under MSVC++. - * Remove use of wordexp. - * Add lilv_plugin_get_port_by_designation() and lilv_port_get_index() as an - improved generic alternative to lilv_plugin_get_latency_port_index(). - * Add lilv_plugin_get_project() and get author information from project if - it is not given directly on the plugin. - * Remove glib dependency - * Add lv2core as a pkg-config dependency (for lv2.h header include) - * Obey prefix when installing bash completion script - * Support integer minimum, maximum, and default port values in - lilv_plugin_get_port_ranges_float - * Add ability to build static library - * Fix building python bindings - * Make free methods tolerate being called on NULL - * Remove lv2jack (replaced by jalv) - * Fix parsing extra plugin data files in other bundles - * Fix lilv_ui_is_supported when Lilv is built independently -- Split serd and sord to different packages -- Package python bindings -- Remove patches changing the soname - -- Created package lilv the successor to slv2 - lvm2 +- revert commit which caused a regression: + lvm2 should use 'external_device_info_source="udev"' by default (bsc#1179691) + - change lvm.conf item external_device_info_source from none to udev + +- back port lvmlockd adopt orphan locks feature into sles15sp2 (bsc#1181319) + + bug-1181319_01-Revert-lvmlockd-use-commonly-used-define-NOTIFYDBUS_.patch + + bug-1181319_02-lvmlockctl-ensure-result-value-is-always-defined.patch + + bug-1181319_03-lvmlockctl-use-inline-initilizers.patch + + bug-1181319_04-lvmlockd-replace-lock-adopt-info-source.patch + + bug-1181319_05-cov-check-sscanf-result.patch + mariadb -- Update to 10.4.17 [bsc#1177472] and [bsc#1178428] +- update the list of the skipped tests + +- exclude galera files if we build without this feature. +- switch from 664 to 644 for my.cnf configuration file (probably + a typo) + +- added fix-lock-rollback-assert-abort.patch + fix an abort when a transaction is rolled back +- track all patches in a series so we can easily set up a quilt + tree without requiring all the devel packages + +- switch to bcond_with to make it easier to enable galera support + via the prjconfig +- fix non galera case for building + +- Update to 10.5.8 - https://mariadb.com/kb/en/library/mariadb-10417-release-notes - https://mariadb.com/kb/en/library/mariadb-10417-changelog - https://mariadb.com/kb/en/library/mariadb-10416-release-notes - https://mariadb.com/kb/en/library/mariadb-10416-changelog - https://mariadb.com/kb/en/library/mariadb-10415-release-notes - https://mariadb.com/kb/en/library/mariadb-10415-changelog + https://mariadb.com/kb/en/library/mariadb-1058-release-notes + https://mariadb.com/kb/en/library/mariadb-1058-changelog - 10.4.17: none - 10.4.16: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, + 10.5.7: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, - 10.4.15: CVE-2020-15180 + 10.5.8: none +- tracker bugs: [bsc#1177472] and [bsc#1178428] +- update to 10.5.6 + * release notes and changelog + https://mariadb.com/kb/en/mariadb-1056-release-notes + https://mariadb.com/kb/en/mariadb-1056-changelog + * fixes for the following security vulnerabilities: + 10.5.6: CVE-2020-15180 + < 10.5.6: none +- refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch +- drop mariadb-10.5-fix-prevent-optimizing-out-buf-argument-in-ch.patch +- mariadb now builds against pcre2 +- added binaries aria_s3_copy and mariadb-conv to tools subpackage +- added type_test.type_test_double to list of skipped tests + +- Using basic.target dependencies is not needed with any systemd + release unless DefaultDependencies is disabled, remove from + unit files + +- Mariadb uses hrtimers with absolute CLOCK_REALTIME values, this + won't work correctly if the clock isn't set and will do funny things + if it goes backward after starting the server as POSIX says that the new + clock value shall influence them, start the service after time-sync.target + to workaround the problem. + -- tune the testsuite to avoid randomly failing tests +- run spec-cleaner +- build galera for openSUSE only +- tune the testsuite to avoid randomly failing tests + +- Fix installed .service files to follow the /usr/lib -> + /usr/libexec move (boo#1174811). + +- Update _constraints to make it more readable and request + more memory for aarch64 to avoid occasionnal OOM errors on %check + +- rpm macros: $TEST_USER identified by $TEST_PASS is actually user + of the database for which client conf should be made for +- rpm macros: database name or names can be specified as a + %mysql_testserver_start and %mysql_testserver_cconf parameter +- modified sources + % macros.mariadb-test -- update the list of the skipped tests +- Add oqgraph.social to the suse_skipped_tests.list (reported + upstream as MDEV-22280) [bsc#1169369] + +- Add -Wl,-Bsymbolic -Wl,-Bsymbolic-functions to linker flags so + that symbols are resolved locally if possible, this will avoid + https://bugs.kde.org/show_bug.cgi?id=391362 + +- Add mariadb-10.5-fix-prevent-optimizing-out-buf-argument-in-ch.patch + in order to fix boo#1158405 (MDEV-21248). + +- Cleanup mysql user creation/handling and use sysusers.d + +- Bump disk constraint to 18Gb +- remove @VERSION@ from mariadb.service and mariadb@.service + -- remove @VERSION@ from mariadb.service and mariadb@.service + +- update suse_skipped_tests.list for ppc + +- rename mariadb.rpmlintrc to mariadb-rpmlintrc +- for ppc install pam_user_map.so in /lib/security + +- rename mariadb-10.2.12-harden_setuid.patch to + mariadb-10.4.12-harden_setuid.patch to match the correct version number. +- add mariadb-10.4.12-fix-install-db.patch to improve default behaviour of + mysql_install_db. This prevents performing security sensitive actions to + be performed but instead only warns the caller (bsc#1160868). - * Changes & Improvements - https://mariadb.com/kb/en/changes-improvements-in-mariadb-104/ - https://mariadb.com/kb/en/changes-improvements-in-mariadb-103/ - * Fixes for the following security vulnerabilities: + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10412-release-notes + https://mariadb.com/kb/en/library/mariadb-10412-changelog + https://mariadb.com/kb/en/library/mariadb-10411-release-notes + https://mariadb.com/kb/en/library/mariadb-10411-changelog + * fixes for the following security vulnerabilities: +- add mariadb-10.2.12-harden_setuid.patch to harden auth_pam_tool + setuid-root binary [bsc#1160285] + + +- update to 10.4.10 + * changes and improvements for 10.4 + https://mariadb.com/kb/en/changes-improvements-in-mariadb-104/ + * fixes for the following security vulnerabilities: none +- refresh mariadb-10.2.4-fortify-and-O.patch -- add mariadb-rpmlintrc file +- add mariadb.rpmlintrc file + + +- update the list of the skipped tests + +- update to 10.3.20 + * notable changes for 10.3.20 + * MDEV-20987: InnoDB fails to start when FTS table has FK relation + * notable changes for 10.3.19 + * MDEV-20864: Debug-only option innodb_change_buffer_dump for + dumping the contents of the InnoDB change buffer to the + server error log at startup. + * MariaBackup: + * MDEV-18438: mbstream recreates xtrabackup_info on same + directory as backup file + * MDEV-20703: mariabackup creates binlog files in serve + binlog directory on --prepare --export step + * FULLTEXT INDEX: + * MDEV-19647: Server hangs after dropping full text indexes + and restart + * MDEV-19529: InnoDB hang on DROP FULLTEXT INDEX + * MDEV-19073: FTS row mismatch after crash recovery + * MDEV-20621: FULLTEXT INDEX activity causes InnoDB hang + * MDEV-20927: Duplicate key with auto increment + * ALTER TABLE: + * MDEV-20799: DROP Virtual Column crash + * MDEV-20852: BtrBulk is unnecessarily holding dict_index_t::lock + * System-Versioned Tables: + * MDEV-16210: FK constraints on versioned tables use historical + rows, which may cause constraint violation + * MDEV-20812: Unexpected ER_ROW_IS_REFERENCED_2 or server + crash in row_ins_foreign_report_err upon DELETE from + versioned table with FK + * Galera wsrep library updated to 25.3.28 + * Fixes for the following security vulnerabilities: + CVE-2019-2974, CVE-2019-2938 + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10320-release-notes + https://mariadb.com/kb/en/library/mariadb-10320-changelog + https://mariadb.com/kb/en/library/mariadb-10319-release-notes + https://mariadb.com/kb/en/library/mariadb-10319-changelog +- remove mariadb-10.3.17-fix_ppc_build.patch (applied upstream) +- refresh + * mariadb-10.2.4-logrotate.patch + * mariadb-10.0.15-logrotate-su.patch + +- update to 10.3.18 + * notable changes + * Connect updated to Connect 1.06.0010 + * MDEV-20066: This bug could cause a table to become corrupt if + a column was added instantly + * MDEV-15326: A race condition in InnoDB transaction commit that + affects record locking was fixed + * MDEV-17187: Table doesn't exist in engine after ALTER of + FOREIGN KEY + * MDEV-20301: InnoDB's MVCC has O(N^2) behaviors + * MDEV-18128: Simplify .ibd file creation + * MDEV-20060: Failing assertion: srv_log_file_size <= 512ULL + << 30 while preparing backup + * MDEV-20247: Replication hangs with "preparing" and never starts + * MDEV-17614: Remove unnecessary locking for INSERT...ON + DUPLICATE KEY UPDATE + * MDEV-20311: row_ins_step accesses uninitialized memory + * MDEV-19947: Repositories for RHEL 8 ppc64le added + * fixes for the following security vulnerabilities: none + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10318-release-notes + https://mariadb.com/kb/en/library/mariadb-10318-changelog + +- Use instead of for _constraints, increasing + the worker pool on x86_64 from 6 to >700. + + +- add mariadb-10.3.17-fix_ppc_build.patch to fix a compilation + failure for ppc if ${CRC32_LIBRARY} target has no COMPILE_FLAGS + yet. Then GET_TARGET_PROPERTY returns COMPILE_FLAGS-NOTFOUND, + which doesn't work very well when it's later fed back into + COMPILE_FLAGS. +- _constraints: increase the memory because of the ppc build +- adjust mysql-systemd-helper ("shutdown protected MySQL" section) + so it checks both ping response and the pid in a process list + as it can take some time till the process is terminated. + Otherwise it can lead to "found left-over process" situation + when regular mariadb is started [bsc#1143215] + +- update to 10.3.17 [bsc#1141798] + * notable changes: + * MDEV-19795: Merge upstream MyRocks. + * MDEV-17228: Encrypted temporary tables are not encrypted. + * MDEV-18328: Disks Plugin is now stable and requires the FILE + privilege. + * Merge relevant InnoDB changes from MySQL 5.7.27 + * Adjust spin loops to the x86 PAUSE instruction latency + * CREATE TABLE: MDEV-19292, MDEV-20102 + * ALTER TABLE: MDEV-15641, MDEV-19630, MDEV-19916, MDEV-19974 + * Indexed virtual columns: MDEV-16222, MDEV-17005, MDEV-19870 + * FULLTEXT INDEX: MDEV-14154 + * Encryption: MDEV-17228, MDEV-19914 + * Galera + FOREIGN KEY: MDEV-19660 + * Recovery & Mariabackup: MDEV-19978 + * MDEV-19781: Add page id matching check in innochecksum tool + * MDEV-20091: DROP TEMPORARY table is logged despite no CREATE + was logged + * MDEV-19427: mysql_upgrade_service throws exception upgrading + from 10.0 to 10.3 + * MDEV-19814: Server crash in row_upd_del_mark_clust_rec or + Assertion + * MDEV-17363: Compressed columns cannot be restored from dump + * fixes for the following security vulnerabilities: + CVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737, + CVE-2019-2758 + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10317-release-notes + https://mariadb.com/kb/en/library/mariadb-10317-changelog -- add "Requires: python3-mysqlclient" that is needed by - myrocks_hotbackup script +- remove mariadb-10.2.9-galera_cnf.patch as it's not clear what the + correct path to galera wsrep provider is while users can use + galera 3, galera 4 or galera compiled on their own +- add "Requires: python3-mysqlclient" that is needed by + myrocks_hotbackup script + + +- remove client_ed25519.so plugin because it's shipped in + mariadb-connector-c package (libmariadb_plugins) + +- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by + firewalld, see [1]. + [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html + +- update to 10.3.16 [bsc#1108088] + * notable changes: + * MDEV-19490: show tables fails when selecting the + information_schema database + * MDEV-19491: multi-update with triggers and stored routines + * MDEV-19541: InnoDB crashes when trying to recover + a corrupted page + * MDEV-19725: Incorrect error handling in ALTER TABLE + * MDEV-19445: FULLTEXT INDEX fix + * MDEV-19486: System Versioning fix + * MDEV-19509: InnoDB skips the tablespace in rotation list + * MDEV-19614: SET GLOBAL innodb_ deadlock due to + LOCK_global_system_variables + * MDEV-17458: Unable to start galera node + * MDEV-17456: Malicious SUPER user can possibly change audit + log configuration without leaving traces + * MDEV-19588: Wrong results from query, using left join + * MDEV-19258: RIGHT JOIN hangs in MariaDB + * Virtual columns fixes: MDEV-19027, MDEV-19602 + * Crash recovery fixes: MDEV-13080, MDEV-19587, MDEV-19435 + * MDEV-11094: Fixed row-based event applying with an error anymore + when the events aim at the blackhole engine and row annotation + is enabled + * MDEV-19076: Fixed slave_parallel_mode=optimistic did not always + properly order replication events on temporary tables in some + case to attempt execution before a parent event has been already + processed + * MDEV-19158: Fixed duplicated entries in binlog occurred in + combination of LOCK TABLES and binlog_format=MIXED when a being + locked table was under replication unsafe operation + * fixes for the following security vulnerabilities: none + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10316-release-notes + https://mariadb.com/kb/en/library/mariadb-10316-changelog +- fix reading options for multiple instances if my${INSTANCE}.cnf + is used. Also remove "umask 077" from mysql-systemd-helper that + causes that new datadirs are created with wrong permissions. Set + correct permissions for files created by us (mysql_upgrade_info, + .run-mysql_upgrade) [bsc#1132666] +- remove mariadb-5.5.28-install_db-quiet.patch and add "--rpm" + option to the mysql_install_db script that does basically the same + [bsc#1080891] +- remove mariadb-10.1.12-deharcode-libdir.patch because it's not + needed - we don't build libmariadb library in mariadb package + anymore so we don't need to take care about LIBDIR and PLUGINDIR + here. Moreover we shouldn't (and we don't) touch *_RPM + variables as they are internal) [bsc#1080891] +- update suse_skipped_tests.list + +- update to 10.3.15 + * see changes in 10.3 series + https://mariadb.com/kb/en/library/changes-improvements-in-mariadb-103/ + * fixes for the following security vulnerabilities: + [CVE-2019-2503] (the rest was already applied for 10.2) +- remove mysql-community-server-5.1.45-multi-configuration.patch as + we have the same configuration in /etc/my.cnf and it doesn't make + any sense to keep it twice. Moreover the patched file + support-files/my-medium.cnf.sh was removed in upstream +- remove mariadb-5.2.3-cnf.patch as all patched files were removed + upstream +- refresh mariadb-10.2.4-fortify-and-O.patch +- refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch and + use a simplified version from Debian +- remove caching_sha2_password.so as it's shipped in mariadb-connector-c + package (libmariadb_plugins) -- add the following patches - * add mariadb-10.2.19-link-and-enable-c++11-atomics.patch to link - against libatomic where necessary and use C++11 atomics instead - of gcc built-in atomics - * mariadb-10.4.12-harden_setuid.patch to harden auth_pam_tool - setuid-root binary [bsc#1160285] - * mariadb-10.4.12-fix-install-db.patch to improve default behaviour - of mysql_install_db. This prevents performing security sensitive - actions to be performed but instead only warns the caller - (bsc#1160868) -- refresh mariadb-10.2.4-fortify-and-O.patch -- remove the following patches: - * mysql-community-server-5.1.45-multi-configuration.patch as - we have the same configuration in /etc/my.cnf and it doesn't make - any sense to keep it twice. Moreover the patched file - support-files/my-medium.cnf.sh was removed in upstream - * mariadb-5.5.28-install_db-quiet.patch and add "--rpm" - option to the mysql_install_db script that does basically the same - [bsc#1080891] - * mariadb-5.2.3-cnf.patch as all patched files were removed - upstream - * remove mariadb-10.1.12-deharcode-libdir.patch because it's not - needed - we don't build libmariadb library in mariadb package - anymore so we don't need to take care about LIBDIR and PLUGINDIR - here. Moreover we shouldn't (and we don't) touch *_RPM - variables as they are internal) [bsc#1080891] - * mariadb-10.2.9-galera_cnf.patch as it's not clear what the - correct path to galera wsrep provider is while users can use - galera 3, galera 4 or galera compiled on their own +- remove xtrabackup scripts as we already removed xtrabackup requires + and it doesn't work for MariaDB 10.3 anyway +- run spec-cleaner +- tracker bugs for version updates in between: + * 10.2.25 tracker bug [bsc#1136035] + * 10.2.29 tracker bug [bsc#1156669] -- update to 10.2.29 GA - * Fixes for the following security vulnerabilities: - * 10.2.29: none - * 10.2.28: CVE-2019-2974, CVE-2019-2938 - * 10.2.27: none - * 10.2.26: CVE-2019-2805, CVE-2019-2740, CVE-2019-2739, - CVE-2019-2737, CVE-2019-2758 - * release notes and changelog: - https://mariadb.com/kb/en/library/mariadb-10229-release-notes - https://mariadb.com/kb/en/library/mariadb-10229-changelog - https://mariadb.com/kb/en/library/mariadb-10228-release-notes - https://mariadb.com/kb/en/library/mariadb-10228-changelog - https://mariadb.com/kb/en/library/mariadb-10227-release-notes - https://mariadb.com/kb/en/library/mariadb-10227-changelog - https://mariadb.com/kb/en/library/mariadb-10226-release-notes - https://mariadb.com/kb/en/library/mariadb-10226-changelog -- refresh - mariadb-10.0.15-logrotate-su.patch - mariadb-10.2.4-logrotate.patch -- tracker bug [bsc#1156669] -- update the list of the skipped tests - * add main.gis_notembedded to the skipped tests (fails when - latin1 is not set) - * add unit.conc_connection - -- adjust mysql-systemd-helper ("shutdown protected MySQL" section) - so it checks both ping response and the pid in a process list - as it can take some time till the process is terminated. - Otherwise it can lead to "found left-over process" situation - when regular mariadb is started [bsc#1143215] +- update to 10.2.24 GA [bsc#1122198] + * notable changes: + * MDEV-18968 - Both (WHERE 0.1) and (WHERE NOT 0.1) return empty set + * MDEV-18466 - Unsafe to log updates on tables referenced by + foreign keys with triggers in statement format + * MDEV-18899 - Server crashes in Field::set_warning_truncated_wrong_value + * MDEV-18298 - Crashes server with segfault during role grants + * MDEV-17610 - Unexpected connection abort after certain operations + from within stored procedure + * MDEV-19112 - WITH clause does not work with information_schema + as default database + * MDEV-17830 - Server crashes in Item_null_result::field_type upon + SELECT with CHARSET(date) and ROLLUP + * MDEV-14041 - Server crashes in String::length on queries with + functions and ROLLUP + * MDEV-18920 - Prepared statements with st_convexhull hang and + eat 100% cpu. + * MDEV-15837 - Assertion item1->type() == Item::FIELD_ITEM && + item2->type() == Item::FIELD_ITEM + * MDEV-9531 - GROUP_CONCAT with ORDER BY inside takes a lot of + memory while it's executed + * MDEV-17036 - BULK with replace doesn't take the first parameter + in account + * Bug#28986737 - RENAMING AND REPLACING MYSQL.USER TABLE CAN + LEAD TO A SERVER CRASH + * MDEV-19350 - Server crashes in delete_tree_element / ... / + Item_func_group_concat::repack_tree + * MDEV-19188 - Server Crash When Using a Trigger With A Number + of Virtual Columns on INSERT/UPDATE + * MDEV-19352 - Server crash in alloc_histograms_for_table_share + upon query from information schema InnoDB + * InnoDB persistent corruption fixes: MDEV-19426, MDEV-19022, + MDEV-19241, MDEV-13942 + * InnoDB recovery fixes and speedup: MDEV-18733, MDEV-12699, + MDEV-19356, MDEV-19426 + * MDEV-14398 - innodb_encrypt_tables will work even with + innodb_encryption_rotate_key_age=0 + * MDEV-17036 - BULK with replace doesn't take the first + parameter in account + * MDEV-14784 - Slave crashes in show_status_array upon running + a trigger with select from I_S + * MDEV-19060 - mariabackup continues, despite failing to open + a tablespace + * MDEV-18686 - Add option to PAM authentication plugin to allow + case insensitive username matching + * bugfix - multi-update checked privileges on views incorrectly + * MDEV-19276 - during connect, write error log warning for + ER_DBACCESS_DENIED_ERROR, if log_warnings > 1 + * MDEV-17456 - Malicious SUPER user can possibly change audit + log configuration without leaving traces. + * fixes for the following security vulnerabilities: + [CVE-2019-2614], [CVE-2019-2627], [CVE-2019-2628] + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10224-release-notes + https://mariadb.com/kb/en/library/mariadb-10224-changelog +- refresh mariadb-10.2.19-link-and-enable-c++11-atomics.patch -- remove client_ed25519.so plugin because it's shipped in - mariadb-connector-c package (libmariadb_plugins) +- remove %{extra_provides} definition and Provides/Obsoletes where + it was used. It's just a remnant and it's no longer needed. -- update to 10.2.25 GA - * Fixes for the following security vulnerabilities: - * 10.2.23: none - * 10.2.24: CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 - * 10.2.25: none +- update to 10.2.23 GA + * notable changes: + * InnoDB ALTER TABLE fixes: MDEV-18016, MDEV-18630, MDEV-18775, + MDEV-18732, MDEV-18749, MDEV-18637, MDEV-13818, MDEV-17595 + * MDEV-18878: InnoDB Purge: Optimize away futile table lookups + * MDEV-14984: Regression in connect performance + * MDEV-18936: Purge thread fails to exit on shutdown + * MDEV-18272: InnoDB fails to rollback after exceeding FOREIGN + KEY recursion depth + * MDEV-9519: Data corruption on Galera cluster size change + * MDEV-18204: fix incremental MyRocks backup + * MDEV-18611: mariabackup terminated while copying InnoDB + redo log + * MDEV-18669: mariabackup writes timestamp in version line + * MDEV-18855: Mariabackup should fetch innodb_compression_level + from running server + * fixes for the following security vulnerabilities: none - https://mariadb.com/kb/en/library/mariadb-10224-release-notes - https://mariadb.com/kb/en/library/mariadb-10224-changelog - https://mariadb.com/kb/en/library/mariadb-10225-release-notes - https://mariadb.com/kb/en/library/mariadb-10225-changelog -- remove mariadb-10.2.22-fix_path.patch that was applied upstream - in mariadb 10.2.23 -- remove caching_sha2_password.so because it's shipped in - mariadb-connector-c package (libmariadb_plugins) -- remove xtrabackup scripts as it was replaced by mariabackup (we - already removed xtrabackup requires in the first phase) -- fix reading options for multiple instances if my${INSTANCE}.cnf - is used. Also remove "umask 077" from mysql-systemd-helper that - causes that new datadirs are created with wrong permissions. Set - correct permissions for files created by us (mysql_upgrade_info, - .run-mysql_upgrade) [bsc#1132666] -- fix build comment to not refer to openSUSE -- tracker bug [bsc#1136035] +- remove mariadb-10.2.22-fix_path.patch that is no longer needed + (applied upstream) +- my.cnf/my.ini: move slow_query_log example to the error log so + it's logically together + +- fix references path below legacy directory /var/run -> /run + +- remove xtrabackup requirement as MariaDB ships a build in + mariabackup so xtrabackup is not needed unless a user specificaly + wants to use xtrabackup as sst method (also solves [bsc#1122475] + +- add slow_query_log example to my.cnf and adjust the logrotate + configuration to rotate all /var/log/mysql/*.log files . + This is useful when the slow query log is enabled. In that case, + this log file should also be rotated (bsc#1112767) + -- add slow_query_log example to my.cnf (my.ini) and adjust the - logrotate configuration to rotate all /var/log/mysql/*.log files. - This is useful when the slow query log is enabled. In that case, - this log file should also be rotated (bsc#1112767) - * refresh the following patches: - mariadb-10.0.15-logrotate-su.patch - mariadb-10.2.4-logrotate.patch - mariadb-10.2.9-galera_cnf.patch -- fix references path below legacy directory /var/run -> /run -- remove xtrabackup requirement as MariaDB ships a build in - mariabackup so xtrabackup is not needed unless a user specificaly - wants to use xtrabackup as sst method (also solves [bsc#1122475]) -- tracker bug [bsc#1122198] +- use a new syntax for cmake variables that specify which plugin + will be built + +- Add patch to link against libatomic where necessary and + use C++11 atomics instead of gcc built-in atomics + * mariadb-10.2.19-link-and-enable-c++11-atomics.patch +- Add two tests to suse_skipped_tests.list for ppc + * encryption.innodb-bad-key-change2 + * encryption.innodb-bad-key-change4 -- update to MariaDB 10.2.18 - * notable changes in 10.2.18 +- add "Requires: libmariadb_plugins" to the mariadb-test subpackage + in order to be able to test client plugins successfuly + [bsc#1111859] +- don't remove debug_key_management.so anymore [bsc#1111858] + +- update to 10.2.18 GA + * notable changes: - * it fixes the following security vulnerabilities: - CVE-2018-3066 [bsc#1101678], CVE-2018-3064 [bsc#1103342] - CVE-2018-3063 [bsc#1101677], CVE-2018-3060 (no bsc) - CVE-2018-3058 [bsc#1101676] + * fixes for the following security vulnerabilities: none -- refresh mariadb-5.5.28-install_db-quiet.patch -- refresh mariadb-10.2.9-galera_cnf.patch -- pack wsrep_sst_rsync_wan file to galera subpackage (not shipped) -- add "Requires: libmariadb_plugins" to the mariadb-test subpackage - in order to be able to test client plugins successfuly - [bsc#1111859] -- don't remove debug_key_management.so anymore [bsc#1111858] + +- add ssl tests that are failing with OpenSSL 1.1.1 to + suse_skipped_tests.list [MDEV-17184] + +- update to 10.2.17 GA + * notable changes: + * New variable innodb_log_optimize_ddl for avoiding delay due + to page flushing and allowing concurrent backup + * InnoDB updated to 5.7.23 + * MDEV-14637 - Fix hang due to DDL with FOREIGN KEY or + persistent statistics + * MDEV-15953 - Alter InnoDB Partitioned Table Moves Files + (which were originally not in the datadir) to the datadir + * MDEV-16515 - InnoDB: Failing assertion: ++retries < 10000 in + file dict0dict.cc line 2737 + * MDEV-16809 - Allow full redo logging for ALTER TABLE + * Temporary tables: MDEV-16713 - InnoDB hang with repeating + log entry + * indexed virtual columns: MDEV-15855 - Deadlock between purge + thread and DDL statement + * MDEV-16664 - Change the default to + innodb_lock_schedule_algorithm=fcfs + * Galera: MDEV-15822 - WSREP: BF lock wait long for trx + * fixes for the following security vulnerabilities: + CVE-2018-3064 [bsc#1103342], CVE-2018-3063 [bsc#1101677], + CVE-2018-3058 [bsc#1101676], CVE-2018-3066 [bsc#1101678], + CVE-2018-3060 + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10217-release-notes + https://mariadb.com/kb/en/library/mariadb-10217-changelog +- update to 10.2.16 GA + * notable changes: + * MDEV-13122: mariabackup now supports MyRocks + * MDEV-13779 - InnoDB fails to shut down purge workers, causing + hang + * MDEV-16267 - Wrong INFORMATION_SCHEMA.INNODB_BUFFER_PAGE.\ + TABLE_NAME + * MDEV-13834 - Upgrade failure from 10.1 innodb_encrypt_log + * MDEV-16283 - ALTER TABLE...DISCARD TABLESPACE still takes long + on a large buffer pool + * MDEV-16376 - ASAN: heap-use-after-free in + gcol.innodb_virtual_debug + * MDEV-15824 - innodb_defragment=ON trumps + innodb_optimize_fulltext_only=ON in OPTIMIZE TABLE + * MDEV-16124 - fil_rename_tablespace() times out and crashes + server during table-rebuilding ALTER TABLE + * MDEV-16416 - Crash on IMPORT TABLESPACE of a + ROW_FORMAT=COMPRESSED table + * MDEV-16456 - InnoDB error "returned OS error 71" complains + about wrong path + * MDEV-13103 - Deal with page_compressed page corruption + * MDEV-16496 - Mariabackup: Implement --verbose option to + instrument InnoDB log apply + * MDEV-16087 - Inconsistent SELECT results when query cache + is enabled + * MDEV-15114 - ASAN heap-use-after-free in mem_heap_dup or + dfield_data_is_binary_equal (fix for indexed virtual columns) + * fixes for the following security vulnerabilities: + none + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-10216-release-notes + https://mariadb.com/kb/en/library/mariadb-10216-changelog +- refresh mariadb-5.5.28-install_db-quiet.patch +- refresh mariadb-10.2.9-galera_cnf.patch +- pack wsrep_sst_rsync_wan file to galera subpackage +- update suse_skipped_tests.list + +- Don't require systemd explicit, spec file can handle both cases + correct and in containers we don't have systemd. + mousepad +- Update to version 0.5.2 + * Add a "Viewer Mode" toggle + (gxo#apps/mousepad#50, gxo#apps/mousepad!72) + * Improve `--quit` option: close all windows interactively + (gxo#apps/mousepad!71) + * Improve encoding management + (gxo#apps/mousepad#42, gxo#apps/mousepad!69) + - Display the current encoding in the status bar + - Make the default encoding configurable via GSettings + - Allow to choose encoding in the "Open" and "Save As" dialogs + (gxo#apps/mousepad#42) + - Add a command line option to choose encoding + * Add a "Delete Line" action + (gxo#apps/mousepad#13, gxo#apps/mousepad!66) + * Make automatic addition of the last EOL character configurable + (gxo#apps/mousepad#53, gxo#apps/mousepad!65) + * Switch to GFile for I/O operations (gxo#apps/mousepad#4, + gxo#apps/mousepad#27, gxo#apps/mousepad#75, gxo#apps/mousepad!64) + * - Add file monitoring (gxo#apps/mousepad#75) + * - Add a setting to create a tilde-backup file when saving + (gxo#apps/mousepad#27) + * - Make saving atomic (gxo#apps/mousepad#4) + * Filter files on mime type in the "Open" and "Save As" dialogs + (gxo#apps/mousepad#2, gxo#apps/mousepad#35, gxo#apps/mousepad!67) + * Improve encoding management + (gxo#apps/mousepad#42, gxo#apps/mousepad!69) + - Make encoding dialog more generic and self-contained + - Encodings definition review + - Clarify encoding management when opening files + - Improve unicode BOM management + * Switch to GFile for I/O operations (gxo#apps/mousepad#4, + gxo#apps/mousepad#27, gxo#apps/mousepad#75, gxo#apps/mousepad!64) + - Set the save action sensitivity more precisely + - Let GFile APIs check for file existence when reading + - Let GFile APIs check for external modifications when saving + - Basic switch to GFile for I/O operations + * Make "replace" and "replace all" behaviors consistent + * (gxo#apps/mousepad#94) + * Ensure that the page setup is properly applied when printing + * (gxo#apps/mousepad#90) + * Avoid character escape issues in menu item action names + (gxo#apps/mousepad#91) + * Properly initialize document search properties + * Avoid illegal memory access when searching with tab changes + (gxo#apps/mousepad!73) + * Revert to "Wrap Around" always true for the search bar + (gxo#apps/mousepad#83) + * Prevent too late accesses to the buffer in selection mode + * Direct call to keybinding signals for "Delete" and "Select All" + (gxo#apps/mousepad#83) + * Improve editing keybindings consistency (gxo#apps/mousepad#83) + * Translation Updates + oxygen5-icon-theme +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- No code change since 5.75.0 + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + pam +- Create macros.pam with definition of %_pamdir so packages which + are commonly shared between Factory and SLE can use this macro + [pam.spec] + +- pam_cracklib: added code to check whether the password contains + a substring of of the user's name of at least characters length + in some form. + This is enabled by the new parameter "usersubstr=" + See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 + [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch] + +- pam_xauth.c: do not free() a string which has been (successfully) + passed to putenv(). + [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch] + +- Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft" + to avoid spurious (and misleading) + Warning: your password will expire in ... days. + fixed upstream with commit db6b293046a + [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch] + +- /usr/bin/xauth chokes on the old user's $HOME being on an NFS + file system. Run /usr/bin/xauth using the old user's uid/gid + Patch courtesy of Dr. Werner Fink. + [bsc#1174593, pam-xauth_ownership.patch] + +- Moved pam_userdb to a separate package pam-extra. + [bsc#1166510, pam.spec] + +- disable libdb usage and pam_userdb again, as this causes some license + conflicts. (bsc#1166510) + +- Add libdb as build-time dependency to enable pam_userdb module. + Enable pam_userdb.so + [jsc#sle-7258, bsc#1164562, pam.spec] + +- When comparing an incoming IP address with an entry in + access.conf that only specified a single host (ie no netmask), + the incoming IP address was used rather than the IP address from + access.conf, effectively comparing the incoming address with + itself. (Also fixed a small typo while I was at it) + [bsc#1115640, use-correct-IP-address.patch, CVE-2018-17953] + +- Remove limits for nproc from /etc/security/limits.conf + ie remove pam-limit-nproc.patch + [bsc#1110700, pam-limit-nproc.patch] + +- pam_umask.8 needed to be patched as well. + [bsc#1089884, pam-fix-config-order-in-manpage.patch] + +- Changed order of configuration files to reflect actual code. + [bsc#1089884, pam-fix-config-order-in-manpage.patch] + +- Use %license (boo#1082318) + +- Prerequire group(shadow), user(root) + +- Allow symbolic hostnames in access.conf file. + [pam-hostnames-in-access_conf.patch, boo#1019866] + +- Increased nproc limits for non-privileged users to 4069/16384. + Removed limits for "root". + [pam-limit-nproc.patch, bsc#1012494, bsc#1013706] + +- pam-limit-nproc.patch: increased process limit to help + Chrome/Chromuim users with really lots of tabs. New limit gets + closer to UserTasksMax parameter in logind.conf + +- Add doc directory to filelist. + +- Remove obsolete README.pam_tally [bsc#977973] + +- Update Linux-PAM to version 1.3.0 +- Rediff encryption_method_nis.diff +- Link pam_unix against libtirpc and external libnsl to enable + IPv6 support. + +- Add /sbin/unix2_chkpwd (moved from pam-modules) + +- Remove (since accepted upstream): + - 0001-Remove-YP-dependencies-from-pam_access-they-were-nev.patch + - 0002-Remove-enable-static-modules-option-and-support-from.patch + - 0003-fix-nis-checks.patch + - 0004-PAM_EXTERN-isn-t-needed-anymore-but-don-t-remove-it-.patch + - 0005-Use-TI-RPC-functions-if-we-compile-and-link-against-.patch + +- Add 0005-Use-TI-RPC-functions-if-we-compile-and-link-against-.patch + - Replace IPv4 only functions + +- Fix typo in common-account.pamd [bnc#959439] + +- Add 0004-PAM_EXTERN-isn-t-needed-anymore-but-don-t-remove-it-.patch + - readd PAM_EXTERN for external PAM modules + +- Add 0001-Remove-YP-dependencies-from-pam_access-they-were-nev.patch +- Add 0002-Remove-enable-static-modules-option-and-support-from.patch +- Add 0003-fix-nis-checks.patch + +- Add folder /etc/security/limits.d as mentioned in 'man pam_limits' + +- Update to version 1.2.1 + - security update for CVE-2015-3238 + +- Update to version 1.2.0 + - obsoletes Linux-PAM-git-20150109.diff + +- Re-add lost patch encryption_method_nis.diff [bnc#906660] + +- Update to current git: + - Linux-PAM-git-20150109.diff replaces Linux-PAM-git-20140127.diff + - obsoletes pam_loginuid-log_write_errors.diff + - obsoletes pam_xauth-sigpipe.diff + - obsoletes bug-870433_pam_timestamp-fix-directory-traversal.patch + +- increase process limit to 1200 to help chromium users with many tabs + patterns-base -- Support multiversion(kernel) with purge-kernels.service separated - from dracut (jsc#SLE-10162). +- bootloader pattern should not require a base pattern + +- Remove yast2-qt requires on x11 pattern, there is already + an equivalent recommends in the pattern. + +- Add selinux pattern + +- Have pattern enhanced_base recommend documentation: + patterns-base-documentation in turn recommends man-pages (man cp) + and pam-doc (boo#1177828). + +- Handle the yast pattern split into basis, desktop and server (boo#1159875) + +- Don't recommend lightdm directly, also allow other DMs + +- Move pam_pwquality to Recommends section, as it is not required + and user should be able to de-install the full pwquality stack. + +- Stop trying to install grub2-branding on ppc64/ppc64le [boo#1171146] + +- Suggest postfix from the basesystem pattern: suggested packages + are not flagged for installation, but give the solver a hint. So + in case something wants an MTA (smtp_daemon), openSUSE installs + will all default to postfix (as the base pattern is generally + installed). Users are still free to switch as they wish + (boo#1136078). + +- re-add ppc64-diag on ppc64le (bsc#1098849). + +- Suggest xz in base, as it is now required by aaa_base and we don't + want that zypper uses busybox instead [bsc#1172209] + +- Re-add purge-kernels-service dependency (boo#1168727). + Support multiversion(kernel) with purge-kernels.service separated from dracut + (jsc#SLE-10162). +- Call perl directly in pre_checkin.sh. create_32bit-patterns_file.pl is not + executable when checked out from OBS. +- Skip bootloader in pre_checkin.sh +- Re-generate 32bit patterns. + +- Require pam_pwquality in base as it's the replacement for + pam_cracklib, previously part of the required pam package + +- Use requires in update-test pattern so it also works when + installing with recommends disabled. +- Require update-test pattern from sw_management pattern instead of + subtle supplements for same reason. + +- basic_desktop: Fix icon + +- Recommend bash-completion in enhanced_base as it got lost in the + base pattern cleanup + +- bootloader: pull in grub2-snapper plugin if snapper is installed + +- base pattern cleanup: + * make minimal_base really minimal by moving packages to base instead. Only + pull in the release package and branding. So this is really what + can be used for application containers, portable services etc. + In it's current form it also pulls in bash, glibc, coreutils + etc, so no need to specify explicitly. + * strip down base so it forms a minimal booting system that can install + packages. + * don't pull in man into transactional system + +- Add bootloader pattern. Useful for appliances to not repeat the logic + in kiwi files. + +- drop telnet from enhanced_base recommendations + +- Fix basic_desktop upgrade path for SLE-15 SP2 and later +- Put transactional_base in alphabetical order +- Fix SLE bug in generation of txt files for basic_desktop + +- Re-enable purge-kernels-service dependency: dracut dropped the service. + (boo#1161620,boo#1161780) + +- Disable purge-kernels-service dependency for now: dracut has not + yet been updated to no longer ship the service file. + +- Support multiversion(kernel) with purge-kernels.service separated from dracut + (jsc#SLE-10162, jsc#SLE-10465). + +- Drop Obsoletes: pattern() = readonly_root_tools: RPM only honors + obsoletes against package names, so this obsoletes is in fact + useless. WithRPM 4.15, there is a syntax check which even + disallows Obsoletes against non-valid names. + +- Remove tcpdump from enhanced_base + +- transactional_base require man by default (boo#1127539) -- recomment issue-generator in the minimal_base pattern rather than - the release package (boo#1133636) +- Added snapper back to base pattern as recommended package, the + workaround for boo#1151148 -- Move haveged from enhanced_base to minimal_base (bsc#1131369). +- minimal_base: add libnss_usrfiles2, required to read /usr/etc -- Remove btrfsmaintenance from patterns-base (boo#1063638) +- minimal_base: remove dracut. Only useful when there is also a + kernel and the kernel requires it anyways. +- base: + * remove bootloader packages. They are only required on real + hardware or VMs. YaST will add them. + * remove btrfsprogs. Has supplemements on btrfs so will be auto + installed when on btrfs. Also yast installs it. + * remove snapper (supplements btrfsprogs) + * move openssh to enhanced_base +- enhanced_base: + * iproute2 already in minimal_base + * remove explicit grub and plymouth branding. They are pulled + via supplements +- documentation: + * remove info2html, old tool not useful today. + * susehelp and sled manuals no longer exist + * Use minimal_base as Basesystem is just an alias +- sw_management: + * require zypper also on TW + +- use obsolete_legacy_pattern macro for readability +- drop _opt patterns and integrate them into main patterns to reduce complexity + +- use journal by default (boo#1143144) + +- Add openSUSE Welcome to be included in the x11_enhanced pattern. + +- Drop google-roboto-fonts recommends: nothing really depends on + it and roboto is not used as default font in any openSUSE setup + (boo#1144135). + +- Add %files section for basic_desktop, or the package won't be + generated. +- Provide pattern() = basic_desktop + +- Create basic_desktop pattern containing the desktop packages like + icewm that are wanted on a basic sles desktop but not in every + openSUSE install (boo#1124865) +- .Remove some duplicated packages in x11_enhanced +- Regenerate 32bit patterns + +- move haveged to base instead of minimal_base as the comment indicates that + minimal_base should not have recommended packages. +- recomment issue-generator in the base pattern rather than the release package + (boo#1133636) + +- Move haveged from enhanced_base to minimal_base (bsc#1131369). -- Do not require openssh-askpass-gnome on openSUSE it doesn't make - sense for most desktops (boo#1124865) -- enhanced_base does not need to recommend sw_management or yast - these are pulled in from enough other more sensible places. +- Suggest openSUSE-release to guide zypper away from picking + openSUSE-Tumbleweed-Kubic-release automatically +- Re-run pre_checkin.sh, updating -32bit patterns + Extended to openSUSE on request by fcrozat. +- Insert comments to keep format_spec_file from reordering too much -- Don't hard-require busybox-static in minimal_base (bsc#1126436) -- Run pre_checkin.sh +- Strip down minimal_base pattern: + * Drop elfutils Requires: all tools from elfutils exist in + binutils, without the eu- prefix. + * Drop openssh requires: forcing a user to have openssh present no + matter what, without a possibility to uninstall it, is not + wanted. + * Drop sysvinit requires: this is a dependency to systemd after + all. +- Move systemd-coredump and busybox-static from requires in + minimal_base to recommends in base (users are free to uninstall + those tools and their use in e.g. containers is questionable). -- Add busybox-static to Minimal system so people can recover really - broken systems - +- Pull in below changes made to SLE / openSUSE 15.1 patterns by + kukuk@suse.de +- Version: 20190206 +- Remove minimal_base_conflicts, its not in SLE or Leap anymore + (boo#1103325) +- Change all the Recommends in minimal_base to Requires, + minimal_base is always installed and can't be installed with + - -no-recommends (boo#1103326) +- Hardware specific packages should be in base pattern not + minimal_base (boo#1106405) +- busybox should be in minimal_base to allow recovery from a big + system failure +- Remove some duplicate entries between base and minimal_base +- Suggest rather then recommend man-pages (boo#1116987) +- Require xorg-x11-essentials rather then recommending xorg-x11 + (boo#1121730) +- Recommend Web-web_browser and suggest Firefox to make it possible + to install chromium instead +- Recommend rather then require multipath-tools, it is only in + enhanced_base so requiring it doesn't make sense, if it Should + be required it likely should be in base +- general cleanup, fix meta info spec-cleaner re arranged remove + commented out packages + +- update version number to current date + +- recommend grub2-*arm*efi variants for arm/arm64 (bsc#1120804) +- recommend shim for aarch64 + +- Recommend grub2-x86_64-efi by base pattern on x86_64: since we use + the shim RPMs from Leap, there is currently no dependency on + grub2-x86_64-efi defined. Once shim changes that, we can drop the + recommends here. + +- Drop recommends to net-tools (no more tools of general + usefulnes), popt and pcre (both are just libraries nowadays, + which are pulled in by normal dependencies) + -- transactional_base now requires base, recommends enhanced_base - (bsc#1111311) - -- Remove libnss_usrfiles2 from transactional server pattern - -- Make transactional_base pattern available for SLE (fate#326327) -- Sync transactional_base pattern with Factory/patterns-base +- Recommend new package system-tuning-common-SUSE in + enhanced_base -- moved xfsprogs from enhanced_base pattern to - minimal base pattern, changed 'suggests:' to 'recommends:' while - doing so. [bsc#1095916] +- transactional_base now requires base, recommends enhanced_base + (boo#1111426) +- nfs-doc is now installed with supplements +- remove the list of openSUSE only packages that was rejected for + inclusion in SLE. +- Add bug numbers for TODO's + +- Merge back in Leap 15 / SLE changes, important items from that + packages changlog can be found below + lnussel@suse.de - - -- Rework x11 pattern bsc#1086663 -- Recommend terminfo in minimal_base bsc#1081747 -- rpm doesn't need to be in base and minimal_base_conflicts -- dont create transactional_base-32bit pattern. -- Regenerate 32bit patterns - - - - -- Rename readonly_root_tools to transactional_base (boo#1089095) -- Correct transactional server role pattern to use enhanced_base - (boo#1088884) - -- Do not recommends on SLE patterns which aren't shipped on SLE. -- Ensure recommends on ntfs-3g and ntfsprogs are enabled on SLE - (bsc#1087242). - -- drop patterns-base-32bit pattern for s390 and s390x [bsc#1088669] -- re-run create_32bit-patterns_file.pl - -- Don't install systemd-coredump by default on Leap (bsc#1083849) - -- Add systemd-coredump to the list of recommended packages of miminal_base - Latest systemd package splitted off its coredump management facility - into a sub-package. Recommend this package so this functionnality is - still available by default on SLE (but will be disabled on Leap, see - bsc#1083849). - Also give the possibility to block it by using a soft dep - (Recommends:). This might be needed on live images for example where - space is rather low. - +- Don't generate 32bit patterns for readonly_root_tools +- Add create_32bit-patterns_file.pl as source +- guard some sle specifics with %is_opensuse + sflees@suse.de +- Rework x11 pattern bsc#1086663 +- Recommend terminfo in minimal_base bsc#1081747 +- rpm doesn't need to be in base and minimal_base_conflicts +- dont create transactional_base-32bit pattern. - -- added timezone as recommended to minimal_base pattern - [bsc#1085075] - -- ethtool is available on SLE 15, moving out of "opensuse only" - section [bsc#1087354] - - -- regenerate 32bit patterns -- Don't generate 32bit patterns for readonly_root_tools - -- Introduce readonly_root_tools pattern for Read-Only Root - Filesystem (boo#1084149) - -- put cron in base system (bsc#1072602) - - - -- Don't require apparmor-docs, only recommend it -- Require xorg-x11-fonts-core instead of xorg-x11-fonts -- Don't require xorg-x11, only recommend it - - -- Regenerate 32bit patterns - -- Ensure xorg-x11-driver-input is required for x11 pattern, except - on s390/390x where it doesn't exist. - -- Version: 20171206 -- Fix the formatting mess spec cleaner reintroduced (again) - -- Recommends plymouth on SLE (bsc#1067481). - -- Add create_32bit-patterns_file.pl as source -- guard some sle specifics with %is_opensuse - -- Ensure openSUSE patterns aren't provided / obsoletes when - building for SLE. -- Add Recommend to enhanced_base: OpenIPMI bash-completion cpp - cryptconfig expect ipmitool lvm2 m4 make mksh mutt quota - supportutils sysfsutils tcsh w3m lsof psmisc sudo. -- Add grub2-branding-SLE recommends on enhanced_base on SLE. -- Fix description of minimal_base on SLE. - -- Remove salt-minion from base [bsc#1064266] - -- Regenerate 32bit patterns - -- Move tar to minimal pattern, too many low level tools assume - tar is installed by default - -- Recommend glibc-locale from minimal_base not enhanced_base, - we install in en_US, so we need a locale one way or the other. - Requiring it from enhanced_base now to make sure it's part of - regular installations (but can be disabled for e.g. chroots - with C locale - bsc#1057377) - - -- Do not provide x11 in x11_enhanced but require it -- Move basic X11 apps to x11 pattern and Firefox to x11_enhanced -- Remove tcl and tk from default installation - -- Rename xterm-bin back to xterm, we still have xterm.rpm - -- Remove libnss_compat2 (dropped, still part of glibc) and - libnss_nis2 (needs to be together with ypbind) - -- Remove again added pam-modules, this package deprecated since - many years. - - + fcrozat@suse.com +- Do not recommends on SLE patterns which aren't shipped on SLE. +- Ensure recommends on ntfs-3g and ntfsprogs are enabled on SLE + (bsc#1087242). +- Ensure xorg-x11-driver-input is required for x11 pattern, except + on s390/390x where it doesn't exist. +- Recommends plymouth on SLE (bsc#1067481). +- Ensure openSUSE patterns aren't provided / obsoletes when + building for SLE. +- Add Recommend to enhanced_base: OpenIPMI bash-completion cpp + cryptconfig expect ipmitool lvm2 m4 make mksh mutt quota + supportutils sysfsutils tcsh w3m lsof psmisc sudo. +- Add grub2-branding-SLE recommends on enhanced_base on SLE. +- Fix description of minimal_base on SLE. + behlert@suse.de +- drop patterns-base-32bit pattern for s390 and s390x [bsc#1088669] +- added timezone as recommended to minimal_base pattern + [bsc#1085075] +- ethtool is available on SLE 15, moving out of "opensuse only" + section [bsc#1087354] + okurz@suse.com +- put cron in base system (bsc#1072602) + fvogt@suse.com +- Don't require apparmor-docs, only recommend it +- Require xorg-x11-fonts-core instead of xorg-x11-fonts +- Don't require xorg-x11, only recommend it + kukuk@suse.de +- Remove salt-minion from base [bsc#1064266] +- Move tar to minimal pattern, too many low level tools assume + tar is installed by default +- Rename xterm-bin back to xterm, we still have xterm.rpm +- Remove libnss_compat2 (dropped, still part of glibc) and + libnss_nis2 (needs to be together with ypbind) +- Remove again added pam-modules, this package deprecated since + many years. + coolo@suse.com +- Recommend glibc-locale from minimal_base not enhanced_base, + we install in en_US, so we need a locale one way or the other. + Requiring it from enhanced_base now to make sure it's part of + regular installations (but can be disabled for e.g. chroots + with C locale - bsc#1057377) +- Do not provide x11 in x11_enhanced but require it +- Move basic X11 apps to x11 pattern and Firefox to x11_enhanced +- Remove tcl and tk from default installation + fbui@suse.com +- Don't install systemd-coredump by default on Leap (bsc#1083849) +- Add systemd-coredump to the list of recommended packages of miminal_base + Latest systemd package splitted off its coredump management facility + into a sub-package. Recommend this package so this functionnality is + still available by default on SLE (but will be disabled on Leap, see + bsc#1083849). + Also give the possibility to block it by using a soft dep + (Recommends:). This might be needed on live images for example where + space is rather low. + +- No longer recommend missing packages (boo#1104264): + * genisoimage + * ksymoops + * system-group-trusted + +- Remove libnss_usrfiles from transactional_base, not needed + anymore. + +- add lightdm as a recommends to x11 pattern boo#1081760 + +- Drop recode from recommends as it was droped from distro + bsc#1104264 +- Drop cryptconfig from suggest as it was removed from distro + +- Remove btrfsmaintenance from patterns-base (boo#1063638) + +- Make transactional_base pattern available for SLE (fate#326327) + +- Only recommend rollback-helper if sle_version is defined: The + helper makes sense on Leap and SLE, where one can register with + SCC, but not for Tumbleweed. + +- Add busybox to base patterns in case your system explodes, in + past we had sash doing the same + +- Rename readonly_root_tools to transactional_base (boo#1089095) + +- Correct transactional server role pattern to use enhanced_base + (boo#1088884) + +- Recommend bash-completion by the base system (not minimal_base): + most users will expect it to be present and until recently, it + was in a recommended chain of systemd (boo#1087710). + +- Add systemd-coredump to the list of recommended of miminal_base + Latest systemd package split off its coredump management facility + into a sub-package. Recommend this package so this functionnality is + still available by default on Factory but give the possibility to + block it by using a soft dep (Recommends:). This might be needed on + live images for example where space is rather low. + +- Introduce readonly_root_tools pattern for Read-Only Root + Filesystem (boo#1084149) + +- Remove finger from enahnced_base_opt as functionality already + provided by pinky in coreutils. + +- Replace SuSEfirewall2 with firewalld in enhanced_base + (fate#323460). + +- Switch ntp-client from ntp to chrony: replace corresponding + recommends in console and enhanced_base pattern (FATE#323432). + +- move plymouth from base to X11. No need to have a fancy boot splash that + pulls in extra deps for a text console (boo#1066510) + +- Swap back to SuSEfirewall2, its not fully intergrated everywhere patterns-desktop +- Rename laptop pattern to mobile (jsc#SLE-11520). +- Remove from laptop/mobile pattern, pcmciautils (obsolete), + wireless-regdb (required by crda), laptop-mode-tools (tlp does + the same and is recommended). + +- merge _opt patterns into main patterns + +- Use much more fitting pattern-laptop icon for laptop pattern. + patterns-kde +- Remove kdeconnect-kde recommends, as asked by the security team + (boo#1177628) + patterns-xfce +- Clean up weak dependencies + +- Fix incorrect obsolete. +- Fix duplicated recommend on avahi. +- Removed IcedTea-Web + patterns-yast +- Do not recomment yast2-fonts (bsc#1179866). +- 20201210 + +- Split basis pattern into basis, desktop and server (boo#1159875) +- 20191229 + perl-Bootloader +- merge gh#openSUSE/perl-bootloader#133 +- use shim on aarch64 (jsc#SLE-15823, jsc#SLE-15020) +- 0.933 + php7 + fix CVE-2021-21702 [bsc#1182049], NULL pointer dereference in SoapClient + + php7-CVE-2021-21702.patch + +- security update +- added patches plasma-framework +- Add patch from upstream to fix build for applications that have no + dependency on ECM like ikona (kde#424483): + * 0001-Revert-Fix-build-errors-if-PREFIX-is-different-from-ECMs-prefix.patch + +- Add patch to fix non-integer Label sizes: + * fix-noninteger-Label-height.patch + +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes since 5.75.0, only listing bugfixes: + * Always show ExpandableListitem buttons, not just on hover (kde#428624) + * Lock the header colours of Breeze Dark and Breeze Light (kde#427864) + * [ExpandableListItem] Make colored text 100% opaque (kde#427171) + * ComboBox3.contentItem must be a QQuickTextInput to fix autocomplete (kde#424076) + * Toggle plasmoids when shortcut is activated (kde#400278) +- Drop upstream patches: + * 0001-BusyIndicator-Do-not-rotate-when-invisible.patch + * 0001-Fix-BusyIndicator-rotating-even-when-invisible-again.patch + +- Add patch to avoid 100% CPU usage by plasmashell: + * 0001-Fix-BusyIndicator-rotating-even-when-invisible-again.patch + +- Add patch to improve krunner responsiveness on wayland (kde#426746): + * 0001-BusyIndicator-Do-not-rotate-when-invisible.patch + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * Fix plasmoidheading.svgz being installed to the wrong place (kde#426537) + * Make PlasmaComponents3 Tooltips use the typical tooltip style (kde#424506) + * Fix PC3 Button/ToolButton icons not always having the right color set (kde#426556) + * Ensure FrameSvg uses lastModified timestamp when using cache (kde#426674) +- Drop upstream patch: + * 0001-Fix-PC3-Button-ToolButton-icons-not-always-having-th.patch + +- Add patch to fix PC3 Button icon colors (kde#426556): + * 0001-Fix-PC3-Button-ToolButton-icons-not-always-having-th.patch + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes since 5.73.0, only listing bugfixes: + * Fix incorrect default for PlasmaExtras.ListItem (kde#425769) + * Don't let the background become smaller than the svg (kde#424448) + * Make PC3 BusyIndicator visuals keep a 1:1 aspect ratio (kde#425504) + * Unify the flat/normal behavior of PC3 Buttons/ToolButtons (kde#425174) + * Fix toolbutton-hover margins in button.svg (kde#425255) + * Fix PC2 ToolButtonStyle margins (kde#425255) + * Only draw the focus indicator when we got focus via the keyboard (kde#424446) + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes since 5.72.0, only listing bugfixes: + * Don't show Plasma dialogs in task switchers (kde#419239) + * Copy DataEngine relays before itterating (kde#422973) + * Make signal strength in network icons more visible (kde#423843) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Too many changes since 5.71.0, only listing bugfixes: + * [spinbox] Don't use QQC2 items when we should use PlasmaComponents (kde#423445) + * Use fully qualified identifiers for metaobject types (kde#423643) +- Drop upstream patches: + * 0001-Add-property-to-access-the-ExpandableListItem-loader.patch + * 0001-Introduce-PlaceholderMessage.patch + +- Add new component needed to fix label appearance (kde#422684): + * 0001-Introduce-PlaceholderMessage.patch + +- Add new API needed by fix for plasma-nm5 (kde#423093): + * 0001-Add-property-to-access-the-ExpandableListItem-loader.patch + plasma5-desktop +- Add upstream patch to properly save keyboard shortcuts for + activities (boo#1172261, kde#374575): + * kcms_activities-Use-correct-method-to-set-active-global-shortcut.patch + plasma5-workspace +- Add (rebased) patch from upstream to fix the size of the login + button in the lockscreen with KF5 >= 5.74: + * 0001-sddm-theme-lockscreen-Fix-login-button-size.patch + postfix +- (bsc#1180473) [Build 20201230] postfix has invalid default config + (bsc#1181381) [Build 130.3] openQA test fails in mta, mutt - + postfix broken: "queue file write error" and "error: unsupported + dictionary type: hash" + Export DEF_DB_TYPE before starting the perl script. + +- bsc#1180473 - [Build 20201230] postfix has invalid default config + Fixing config.postfix and sysconfig.postfix + +- Update to 3.5.9 + * improves the reporting of DNSSEC problems that may affect + DANE security + +- Only do the conversion from the hash/btree databases to lmdb when + the default database type changes from hash to lmdb and do not + stop and start the service (the old compiled databases can live + together with the new ones) + - convert-bdb-to-lmdb.sh +- Clean up the specfile + * Remove < 1330 conditional builds + * Use generated postfix-files instead of the obsolete one from + postfix-SUSE.tar.gz + * Use dynamicmaps.cf.d instead of modifying dynamicmaps.cf upon + (de)installation of optional mysql, pgsql and ldap subpackages + * Use default location for post-install, postfix-tls-script, + postfix-wrapper and postmulti-script + +- Set lmdb to be the default db. +- Convert btree tables to lmdb too. Stop postfix before converting from + bdb to lmdb +- This package is without bdb support. That's why convert must be done + without any suse release condition. + o remove patch postfix-no-btree.patch + o add set-default-db-type.patch + +- Set database type for address_verify_map and postscreen_cache_map + to lmdb (btree requires Berkeley DB) + o add postfix-no-btree.patch + +- Set default database type to lmdb and fix update_postmaps script + +- Use variable substition instead of sed to remove .db suffix and + substitute hash: for lmdb: in /etc/postfix/master.cf as well. + Check before substitution if there is something to do (to keep + rpmcheck happy). + +- Remove Berkeley DB dependency (JIRA#SLE-12191) + The pacakges postfix is build without Berkely DB support. + lmdb will be used instead of BDB. + The pacakges postfix-bdb is build with Berkely DB support. + o add patch for main.cf for postfix-bdb package + postfix-bdb-main.cf.patch + +- Update to 3.5.8 + * The Postfix SMTP client inserted into message headers longer + than $line_length_limit (default: 2048), causing all subsequent header + content to become message body content. + * The postscreen daemon did not save a copy of the + postscreen_dnsbl_reply_map lookup result. This has no effect when the + recommended texthash: look table is used, but it could result in stale + data with other lookup tables. + * After deleting a recipient with a Milter, the Postfix recipient + duplicate filter was not updated; the filter suppressed requests + to add the recipient back. + * Memory leak: the static: maps did not free their casefolding buffer. + * With "smtpd_tls_wrappermode = yes", the smtps service was waiting for a + TLS handshake, after processing an XCLIENT command. + * The smtp_sasl_mechanism_filter implementation ignored table lookup + errors, treating them as 'not found'. + * The code that looks for Delivered-To: headers ignored headers longer + than $line_length_limit (default: 2048). + +- Update to 3.5.7 + * Fixed random certificate verification failures with + "smtp_tls_connection_reuse = yes", because tlsproxy(8) was using + the wrong global TLS context for connections that use DANE or + non-DANE trust anchors. + +- Move ldap into an own sub-package like all other databases +- Move manual pages to correct sub-package + +- Use sysusers.d to create system accounts +- Remove wrong %config for systemd directory content + +- Use the correct signature file for source verification +- Rename postfix-3.5.6.tar.gz.sig to postfix-3.5.6.tar.gz.asc (to + prevent confusion, as the signature file from upstream with .sig + extension is incompatible with the build service) + +- Update to 3.5.6 with following fixes: + * Workaround for unexpected TLS interoperability problems when Postfix + runs on OS distributions with system-wide OpenSSL configurations. + * Memory leaks in the Postfix TLS library, the largest one + involving multiple kBytes per peer certificate. + +- Add source verification (add postfix.keyring) + +- Use systemd_ordering instead of systemd_require. +- Move /etc/postfix/system to /usr/lib/postfix/systemd [bsc#1173688] +- Drop /var/adm/SuSEconfig from %post, it does nothing. +- Rename postfix-SuSE to postfix-SUSE +- Delete postfix-SUSE/README.SuSE, company name spelled wrong, + completly outdated and not used. +- Delete postfix-SUSE/SPAMASSASSIN+POSTFIX.SuSE, company name + spelled wrong, outdated and not used. +- sysconfig.mail-postfix: Fix description of MAIL_CREATE_CONFIG, + SuSEconfig is gone since ages. +- update_chroot.systemd: Remove advice to run SuSEconfig. +- Remove rc.postfix, not used, outdated. +- mkpostfixcert: Remove advice to run SuSEconfig. + +- Update to 3.5.4: + * The connection_reuse attribute in smtp_tls_policy_maps always + resulted in an "invalid attribute name" error. + * SMTP over TLS connection reuse always failed for Postfix SMTP + client configurations that specify explicit trust anchors (remote + SMTP server certificates or public keys). + * The Postfix SMTP client's DANE implementation would always send + an SNI option with the name in a destination's MX record, even + if the MX record pointed to a CNAME record. MX records that + point to CNAME records are not conformant with RFC5321, and so + are rare. + Based on the DANE survey of ~2 million hosts it was found that + with the corrected SMTP client behavior, sending SNI with the + CNAME-expanded name, the SMTP server would not send a different + certificate. This fix should therefore be safe. + +- Update to 3.5.3: + * TLS handshake failure in the Postfix SMTP server during SNI + processing, after the server-side TLS engine sent a TLSv1.3 + HelloRetryRequest (HRR) to a remote SMTP client. + * The command "postfix tls deploy-server-cert" did not handle a + missing optional argument. This bug was introduced in Postfix + 3.1. + +- Update to 3.5.2: + * A TLS error for a database client caused a false 'lost connection' + error for an SMTP over TLS session in the same Postfix process. + This bug was introduced with Postfix 2.2. + * The same bug existed in the tlsproxy(8) daemon, where a TLS + error for one TLS session could cause a false 'lost connection' + error for a concurrent TLS session in the same process. This + bug was introduced with Postfix 2.8. + * The Postfix build now disables DANE support on Linux systems + with libc-musl such as Alpine, because libc-musl provides no + indication whether DNS responses are authentic. This broke DANE + support without a clear explanation. + * Due to implementation changes in the ICU library, some Postfix + daemons reported file access errrors (U_FILE_ACCESS_ERROR) after + chroot(). This was fixed by initializing the ICU library before + making the chroot() call. + * Minor code changes to silence a compiler that special-cases + string literals. + * Segfault (null pointer) in the tlsproxy(8) client role when the + server role was disabled. This typically happened on systems + that do not receive mail, after configuring connection reuse + for outbound SMTP over TLS. + * The date portion of the maillog_file_rotate_suffix default value + used the minute (%M) instead of the month (%m). + +- boo#1106004 fix incorrect locations for files in postfix-files + +- Dropped deprecated-RES_INSECURE1.patch to make DNSSEC-secured + lookups and DANE mail transport work again +- Update to 3.5.1: + * Support for the haproxy v2 protocol. The Postfix implementation + supports TCP over IPv4 and IPv6, as well as non-proxied + connections; the latter are typically used for heartbeat tests. + * Support to force-expire email messages. This introduces new + postsuper(1) command-line options to request expiration, and + additional information in mailq(1) or postqueue(1) output. + * The Postfix SMTP and LMTP client support a list of nexthop + destinations separated by comma or whitespace. These destinations + will be tried in the specified order. + * Incompatible changes: + * Logging: Postfix daemon processes now log the from= and to= + addresses in external (quoted) form in non-debug logging (info, + warning, etc.). This means that when an address localpart + contains spaces or other special characters, the localpart will + be quoted, for example: + from=<"name with spaces"@example.com> + Specify "info_log_address_format = internal" for backwards compatibility. + * Postfix now normalizes IP addresses received with XCLIENT, + XFORWARD, or with the HaProxy protocol, for consistency with + direct connections to Postfix. This may change the appearance + of logging, and the way that check_client_access will match + subnets of an IPv6 address. + +- Update to 3.4.10: + * Bug (introduced: Postfix 2.3): Postfix Milter client state + was not properly reset after one Milter in a multi-Milter + configuration failed during MAIL FROM, resulting in a Postfix + Milter client panic during the next MAIL FROM command in the + same SMTP session. + +- bsc#1162891 server:mail/postfix: cond_slp bug on TW after + moving /etc/services to /usr/etc/services + +- bsc#1160413 postfix fails with -fno-common + +- Update to 3.4.9: + * Bug (introduced: Postfix 3.1): smtp_dns_resolver_options were + broken while adding support for negative DNS response caching + in postscreen. Postfix was inadvertently changed to call + res_query() instead of res_search(). + * Bug (introduced: Postfix 2.5): Postfix ignored the CONNECT macro + overrides from a Milter application. Postfix now evaluates the + Milter macros for an SMTP CONNECT event after the Postfix-to-Milter + connection is negotiated. + * Bug (introduced: Postfix 3.0): sanitize (remote) server responses + before storing them in the verify database, to avoid Postfix + warnings about malformed UTF8. Found during code maintenance. + +- Update to 3.4.8: + * Fix for an Exim interoperability problem when postscreen after-220 + checks are enabled. Bug introduced in Postfix 3.4: the code + that detected "PIPELINING after BDAT" looked at the wrong + variable. The warning now says "BDAT without valid RCPT", and + the error is no longer treated as a command PIPELINING error, + thus allowing mail to be delivered. Meanwhile, Exim has been + fixed to stop sending BDAT commands when postscreen rejects all + RCPT commands. + * Usability bug, introduced in Postfix 3.4: the parser for + key/certificate chain files rejected inputs that contain an EC + PARAMETERS object. While this is technically correct (the + documentation says what types are allowed) this is surprising + behavior because the legacy cert/key parameters will accept + such inputs. For now, the parser skips object types that it + does not know about for usability, and logs a warning because + ignoring inputs is not kosher. + * Bug introduced in Postfix 2.8: don't gratuitously enable all + after-220 tests when only one such test is enabled. This made + selective tests impossible with 'good' clients. This will be + fixed in older Postfix versions at some later time. + prison-qt5 +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Fix Qt warning + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Deprecate AbstractBarcode::minimumSize() also for the compiler + pulseaudio +- Drop the bad patch: pulseaudio-wrong-memset.patch + the patch has been wrongly refreshed, mutated into a harmful form. + The original bug has been already fixed in the upstream commit 764eabd10. + +- Supplement pulseaudio-bash-completion against bash-completion, + not bash. + purpose +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Add description to kaccounts youtube provider + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Port to ecm_generate_qmltypes + * autotests: fix path separator on Windows + +- Require accounts-qml-module + +- Add patch to fix build with Qt 5.15.1: + * 0001-Revert-Port-some-qt5.15-deprecated-method.patch + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * autotests: append to $QML2_IMPORT_PATH rather than replacing it + * Apply initial configuration data when loading config UI + * Restore behaviour of AlternativesView + * [jobcontroller] Disable separate process + * Rework job view handling (kde#419170) + * Remove obsolete COPYING files + * Remove obsolete KDevelop information + * Add license texts according to REUSE specification + * Convert license statements to SPDX expressions +- Drop a patch which will have been added in the future: + * 0001-Revert-Port-some-qt5.15-deprecated-method.patch + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Explicitly use Kirigami units instead of implicitly using Plasma units + * Port job dialogs to Kirigami.PlaceholderMessage + * Fix mem leak. Configuration was never deleted + python +- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing + bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in + _ctypes/callproc.c, which may lead to remote code execution. + +- Provide the newest setuptools wheel (bsc#1176262, + CVE-2019-20916) in their correct form (bsc#1180686). + python-base +- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing + bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in + _ctypes/callproc.c, which may lead to remote code execution. + +- Provide the newest setuptools wheel (bsc#1176262, + CVE-2019-20916) in their correct form (bsc#1180686). + python-psutil +- Do not install tests (and change the way they're run since they + were run from %{buildroot}) + +- Add patch to skip tests related to rlimit and zombie processes + that fail when building for python2 on i586: + * skip_rlimit_tests_on_python2.patch + +- update to 5.8.0: + * Enhancements: + - 1863: disk_partitions() exposes 2 extra fields: maxfile and + maxpath, which are the maximum file name and path name + length. + - 1872: [Windows] added support for PyPy 2.7. + - 1879: provide pre-compiled wheels for Linux and macOS. + - 1880: get rid of Travis and Cirrus CI services (they are no + longer free). CI testing is now done by GitHub Actions on + Linux, macOS and FreeBSD (yes). AppVeyor is still being used + for Windows CI. + * Bug fixes: + - 1708: [Linux] get rid of sensors_temperatures() duplicates. + (patch by Tim Schlueter). + - 1839: [Windows] always raise AccessDenied when failing to + query 64 processes from 32 bit ones (NtWoW64 APIs). + - 1866: [Windows] process exe(), cmdline(), environ() may raise + "invalid access to memory location" on Python 3.9. + - 1874: [Solaris] wrong swap output given when encrypted column + is present. + - 1875: [Windows] process username() may raise + ERROR_NONE_MAPPED if the SID has no corresponding account + name. In this case AccessDenied is now raised. + - 1877: [Windows] OpenProcess may fail with ERROR_SUCCESS. + Turn it into AccessDenied or NoSuchProcess depending on + whether the PID is alive. + - 1886: [macOS] EIO error may be raised on cmdline() and + environment(). Now it gets translated into AccessDenied. + - 1891: [macOS] get rid of deprecated getpagesize(). +- Rebase patch and skip three other tests that fail on obs + * skip-obs.patch + +- Only require unittest2 for Leap. + +- Add missing BR for unittest2 + +- update to 5.7.3: + - 809_: [FreeBSD] add support for `Process.rlimit()`. + - 893_: [BSD] add support for `Process.environ()` (patch by Armin Gruner) + - 1830_: [UNIX] `net_if_stats()`'s `isup` also checks whether the NIC is + running (meaning Wi-Fi or ethernet cable is connected). + - 1837_: [Linux] improved battery detection and charge "secsleft" calculation + - 1620_: [Linux] physical cpu_count() result is incorrect on systems with more + than one CPU socket. + - 1738_: [macOS] Process.exe() may raise FileNotFoundError if process is still + alive but the exe file which launched it got deleted. + - 1791_: [macOS] fix missing include for getpagesize(). + - 1823_: [Windows] Process.open_files() may cause a segfault due to a NULL + pointer. + - 1838_: [Linux] sensors_battery(): if `percent` can be determined but not + the remaining values, still return a result instead of None. +- skip-obs.patch, skip_failing_tests.patch: rediff + +- Fix shebang replacement for multiple python flavors + +- update to 5.7.2: + * parallel tests on UNIX (make test-parallel). They're twice as fast! + * 1741: "make build/install" is now run in parallel and it's about 15% faster on UNIX. + * 1747: Process.wait() on POSIX returns an enum, showing the negative signal which was used to terminate the process + * 1747: Process.wait() return value is cached so that the exit code can be retrieved on then next call. + * 1747: Process provides more info about the process on str() and repr() (status and exit code): + * 1757: memory leak tests are now stable. + * 1768: [Windows] added support for Windows Nano Server. (contributed by Julien Lebot) + * 1726: [Linux] cpu_freq() parsing should use spaces instead of tabs on ia64. (patch by Michał Górny) + * 1760: [Linux] Process.rlimit() does not handle long long type properly. + * 1766: [macOS] NoSuchProcess may be raised instead of ZombieProcess. + * 1781: fix signature of callback function for getloadavg(). (patch by Ammar Askar) + - remove skip-flaky-i586.patch (obsolete) + +- Add skip_failing_tests.patch to skip tests failing because of + incomplete emulation of the environment in osc build + environment (gh#giampaolo/psutil#1635). + +- Update to 5.7.0: + * Various fixes to build with updated kernel/etc. +- Remove merged patch pr_1665.patch and pr_1364.patch +- Update patch skip-obs.patch +- Remove skip-test-missing-warnings.patch as it can be fixed by + properly calling the tests + +- Add pr_1665.patch: Future-proof disk_io_counters on Linux. Fixes + tests with Linux 5.5. + +- update to version 5.6.7: + * Bug fixes + + 1630: [Windows] can't compile source distribution due to C + syntax error. +- changes from version 5.6.6: + * Bug fixes + + 1179: [Linux] Process cmdline() now takes into account + misbehaving processes renaming the command line and using + inappropriate chars to separate args. + + 1616: use of Py_DECREF instead of Py_CLEAR will result in double + free and segfault (CVE). (patch by Riccardo Schirone) + + 1619: [OpenBSD] compilation fails due to C syntax error. (patch + by Nathan Houghton) + +- update to version 5.6.5: + * Bug fixes + + 1615: remove pyproject.toml as it was causing installation + issues. +- changes from version 5.6.4: + * Enhancements + + 1527: [Linux] added Process.cpu_times().iowait counter, which is + the time spent waiting for blocking I/O to complete. + + 1565: add PEP 517/8 build backend and requirements specification + for better pip integration. (patch by Bernát Gábor) + * Bug fixes + + 875: [Windows] Process' cmdline(), environ() or cwd() may + occasionally fail with ERROR_PARTIAL_COPY which now gets + translated to AccessDenied. + + 1126: [Linux] cpu_affinity() segfaults on CentOS 5 / + manylinux. cpu_affinity() support for CentOS 5 was removed. + + 1528: [AIX] compilation error on AIX 7.2 due to 32 vs 64 bit + differences. (patch by Arnon Yaari) + + 1535: 'type' and 'family' fields returned by net_connections() + are not always turned into enums. + + 1536: [NetBSD] process cmdline() erroneously raise ZombieProcess + error if cmdline has non encodable chars. + + 1546: usage percent may be rounded to 0 on Python 2. + + 1552: [Windows] getloadavg() math for calculating 5 and 15 mins + values is incorrect. + + 1568: [Linux] use CC compiler env var if defined. + + 1570: [Windows] NtWow64* syscalls fail to raise the proper error + code + + 1585: [OSX] calling close() (in C) on possible negative + integers. (patch by Athos Ribeiro) + + 1606: [SunOS] compilation fails on SunOS 5.10. (patch by vser1) + +- Add patch to skip more tests that won't work in OBS: + * skip-obs.patch + +- Update to 5.6.3: + * 1494: [AIX] added support for Process.environ(). (patch by Arnon Yaari) + * 1276: [AIX] can't get whole cmdline(). (patch by Arnon Yaari) + * 1501_: [Windows] Process cmdline() and exe() raise unhandled "WinError 1168 element not found" exceptions for "Registry" and "Memory Compression" psuedo processes on Windows 10. + * 1526_: [NetBSD] process cmdline() could raise MemoryError. (patch by Kamil Rytarowski) + +- Update to 5.6.2: + * 1404: [Linux] cpu_count(logical=False) uses a second method (read from /sys/devices/system/cpu/cpu[0-9]/topology/core_id) in order to determine the number of physical CPUs in case /proc/cpuinfo does not provide this info. + * 1458: provide coloured test output. Also show failures on KeyboardInterrupt. + * 1464: various docfixes (always point to python3 doc, fix links, etc.). + * 1478: add make command to re-run tests failed on last run. + * 1456: [Linux] cpu_freq() returns None instead of 0.0 when min/max not available (patch by Alex Manuskin) + * 1462: [Linux] (tests) make tests invariant to LANG setting (patch by Benjamin Drung) + * 1463: cpu_distribution.py script was broken. + * 1470: [Linux] disk_partitions(): fix corner case when /etc/mtab doesn't exist. (patch by Cedric Lamoriniere) + * 1472: [Linux] cpu_freq() does not return all CPUs on Rasbperry-pi 3. + * 1493: [Linux] cpu_freq(): handle the case where /sys/devices/system/cpu/cpufreq/ exists but is empty. + +- Active test suite, using skip-test-missing-warnings.patch to + explicitly skip 2 tests regarding warnings, skip-flaky-i586.patch + to skip a flaky i586 test, and setting TRAVIS to skip tests which + upstream doesnt run in their CI +- Add upstream pr_1364.patch to fix reading /sys/blocks on Linux 4.18+ +- Remove tests from installed package +- Use URL https://github.com/giampaolo/psutil +- Use LANG=en_US.UTF-8 in %check to avoid failure in test_pmap +- update to version 5.6.1 + * No changes effecting Linux + * Many checks added to tests to skip tests for missing features + +- update to version 5.6.0: + * Enhancements + + 1379: [Windows] Process suspend() and resume() now use + NtSuspendProcess and NtResumeProcess instead of + stopping/resuming all threads of a process. This is faster and + more reliable (aka this is what ProcessHacker does). + + 1420: [Windows] in case of exception disk_usage() now also shows + the path name. + + 1422: [Windows] Windows APIs requiring to be dynamically loaded + from DLL libraries are now loaded only once on startup (instead + of on per function call) significantly speeding up different + functions and methods. + + 1426: [Windows] PAGESIZE and number of processors is now + calculated on startup. + + 1428: in case of error, the traceback message now shows the + underlying C function called which failed. + + 1433: new Process.parents() method. (idea by Ghislain Le Meur) + + 1437: pids() are returned in sorted order. + + 1442: python3 is now the default interpreter used by Makefile. + * Bug fixes + + 1353: process_iter() is now thread safe (it rarely raised + TypeError). + + 1394: [Windows] Process name() and exe() may erroneously return + "Registry". QueryFullProcessImageNameW is now used instead of + GetProcessImageFileNameW in order to prevent that. + + 1411: [BSD] lack of Py_DECREF could cause segmentation fault on + process instantiation. + + 1419: [Windows] Process.environ() raises NotImplementedError + when querying a 64-bit process in 32-bit-WoW mode. Now it raises + AccessDenied. + + 1427: [OSX] Process cmdline() and environ() may erroneously + raise OSError on failed malloc(). + + 1429: [Windows] SE DEBUG was not properly set for current + process. It is now, and it should result in less AccessDenied + exceptions for low-pid processes. + + 1432: [Windows] Process.memory_info_ex()'s USS memory is + miscalculated because we're not using the actual system + PAGESIZE. + + 1439: [NetBSD] Process.connections() may return incomplete + results if using oneshot(). + + 1447: original exception wasn't turned into NSP/AD exceptions + when using Process.oneshot() ctx manager. + * Incompatible API changes + + 1291: [OSX] Process.memory_maps() was removed because inherently + broken (segfault) for years. + +- update to version 5.5.1: + * Enhancements + + 1348: [Windows] on Windows >= 8.1 if Process.cmdline() fails due + to ERROR_ACCESS_DENIED attempt using NtQueryInformationProcess + + ProcessCommandLineInformation. (patch by EccoTheFlintstone) + * Bug fixes + + 1394: [Windows] Process.exe() returns "[Error 0] The operation + completed successfully" when Python process runs in "Virtual + Secure Mode". + + 1402: psutil exceptions' repr() show the internal private module + path. + + 1408: [AIX] psutil won't compile on AIX 7.1 due to missing + header. (patch by Arnon Yaari) + +- specfile: + * update copyright year +- update to version 5.5.0: + * Enhancements + + 1350: [FreeBSD] added support for sensors_temperatures(). (patch + by Alex Manuskin) + + 1352: [FreeBSD] added support for CPU frequency. (patch by Alex + Manuskin) + * Bug fixes + + 1111: Process.oneshot() is now thread safe. + + 1354: [Linux] disk_io_counters() fails on Linux kernel 4.18+. + + 1357: [Linux] Process' memory_maps() and io_counters() method + are no longer exposed if not supported by the kernel. + + 1368: [Windows] fix psutil.Process().ionice(...) + mismatch. (patch by EccoTheFlintstone) + + 1370: [Windows] improper usage of CloseHandle() may lead to + override the original error code when raising an exception. + + 1373: incorrect handling of cache in Process.oneshot() context + causes Process instances to return incorrect results. + + 1376: [Windows] OpenProcess() now uses + PROCESS_QUERY_LIMITED_INFORMATION access rights wherever + possible, resulting in less AccessDenied exceptions being thrown + for system processes. + + 1376: [Windows] check if variable is NULL before free()ing + it. (patch by EccoTheFlintstone) + qemu +- Fix uninitialized variable in ipxe driver code (boo#1181922) + ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch +- Add a few improvements to the git-based package workflow scripts + +- Include additional upstream patches designated as stable material + and reviewed for applicability to include here + blockjob-Fix-crash-with-IOthread-when-bl.patch + monitor-Fix-assertion-failure-on-shutdow.patch + qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch + qemu-storage-daemon-Enable-object-add.patch + +- Switch the modules qemu-ui-display-gpu and qemu-ui-display-gpu-pci + from being an x86 only Recommends, to a Recommends for all arch's + except s390x (boo#1181350) +- Fix qemu-hw-usb-smartcard to not be a Recommends for s390x +- Minor spec file tweaks for compatibility with upcoming spec file + formatter + +- Make note that this patch takes care of an OOB access in ARM + interrupt handling (CVE-2021-20221 bsc#1181933) + hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch + +- Include upstream patches designated as stable material and + reviewed for applicability to include here + block-Separate-blk_is_writable-and-blk_s.patch + hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch + hw-net-lan9118-Fix-RX-Status-FIFO-PEEK-v.patch + hw-timer-slavio_timer-Allow-64-bit-acces.patch + net-Fix-handling-of-id-in-netdev_add-and.patch + target-arm-Don-t-decode-insns-in-the-XSc.patch + target-arm-Fix-MTE0_ACTIVE.patch + target-arm-Introduce-PREDDESC-field-defi.patch + target-arm-Update-PFIRST-PNEXT-for-pred_.patch + target-arm-Update-REV-PUNPK-for-pred_des.patch + target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch + tcg-Use-memset-for-large-vector-byte-rep.patch + ui-vnc-Add-missing-lock-for-send_color_m.patch + virtio-move-use-disabled-flag-property-t.patch + +- binutils v2.36 has changed the handling of the assembler's + - mx86-used-note, resulting in a build failure. To compensate, we + now explicitly specify -mx86-used-note=no in the seabios Makefile + (boo#1181775) + build-be-explicit-about-mx86-used-note-n.patch + qqc2-desktop-style -- Add patch to fix ToolSeparator sizing (boo#1179004, kde#425949): - * 0001-Don-t-use-parent-height-width-for-implicit-ToolSepar.patch +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Fix ToolBar contentWidth binding loop + * Reference shortcut label directly by id instead of implicitly + * ComboBox.contentItem must be a QQuickTextInput to fix autocomplete (kde#425865) + * Simplify conditional clauses in Connections + * Fix Connections warning on ComboBox + * Add support for qrc icons to StyleItem (kde#427449) + * Properly indicate focus state of ToolButton + * Add TextFieldContextMenu for right click context menus on TextField and TextArea + * Set background color to ComboBox's ScrollView + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Also use highlight text color when checkDelegate is highlighted (kde#427022) + * Respect scrollbar click to jump to position setting (kde#412685) + * Don't inherit colors in desktop toolbar style by default + * Remove obsolete license text for LGPL-2.0-only + * Relicense file to LGPL-2.0-or-later + * Use header colors only for header toolbars + * Move color set declaration to a place where it can be overridden + * Use Header colors for Desktop style ToolBar + * add the missing isItem property necessary for trees + * move the dbus connection in the singleton + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Fix StandardKey shortcut sequences in MenuItem showing as numbers + * Don't use parent height/width for implicit ToolSeparator sizing (kde#425949) + * Only use "focus" style for non-flat toolbuttons on press + * Add top and bottom padding to ToolSeparator + * Make ToolSeparator respect topPadding and bottomPadding values + * Make MenuSeparator use background's calculated height not implicitheight + * Fix width of ToolSeparator + * Fix toolbuttons with menus using newer Breeze + * Remove obsolete COPYING files + * Draw the entire CheckBox control via the QStyle + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use "raised" style for non-flat toolbuttons + * Only reserve space for the icon in toolbutton if we actually have an icon + * Support showing a menu arrow on tool buttons + * Use camelcase include. (scripted) + * Really fix menu separator height on high DPI + * Update Mainpage.dox + * Set height of MenuSeparator properly (kde#423653) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Set selectByMouse to true for SpinBox + * Fix menu icons becoming blurry with some font sizes (kde#423236) + * Prevent delegates and scrollbar overlapping in combobox popups + * Fix Slider vertical implicitWidth and a binding loop + * Make ToolTips more consistent with Breeze widget style tooltips + * Set editable to true by default for SpinBox + * Fix Connections warnings in Menu.qml re2 +- Update to version 2021-02-02: + * Address `-Wnull-dereference' warnings from GCC 10.x. + screen +- Fix double width combining char handling that could lead + to a segfault [bnc#1182092] [CVE-2021-26937] + new patch: combchar.diff + -- GNU screen 4.2.1: - * allow for terminal with long $TERM (up to 32 characters) - (already patched in this package previously) - * allow to use long logins - * documentation fixes - * runtime fixes -- packaging changes: - * use source URLs - * verify source signatures - * drop screen-man-loginshell.diff, equivalent change upstream - * drop term_too_long.diff, equivalent change upstream - * drop use_locale.diff, applied upstream - * drop msg_version_3.patch, obsolete after upstream changes - -- Update to 4.2.0 as released on screen-devel@gnu.org yesterday. - Thank you Amadeusz! - * keep libtinfo.diff (from coolo 2011, why exactly?) - * keep global_screenrc.patch (renamed from screen-4.0.2.dif) - * keep screen-man-loginshell.diff (to be upstreamed) - * dropped screen-__P.diff (not needed) - * keep term_too_long.diff (savannah#30880, to be upstreamed) - * keep use_locale.diff (from lnt-sysadmin@lists.lrz.de 2012, check?) - * keep screen-4.0.3-ipv6.patch (builtin telnet, to be upstreamed) - * keep screen_enhance_windows_list.patch (to be upstreamed) - * keep screen-poll-zombies.patch (to be upstreamed) - * keep xX_string_escape.patch (renamed from show_all_active.patch, to be upstreamed) - * keep sort_command.patch (from trenn 2011, to be upstreamed) - * added msg_version_3.patch (ouch, incompatible protocol, to be upstreamed) -- added %rundir with /var/run for 1310 and before; but /run afterwards. - aj advocates /run for Factory; for 1310 it was banned by - suse-filelist-forbidden-fhs23 - -- Fix comment. - -- Use /run instead of /var/run. - -- update to current 4.0.4 git to get support for non-bmp unicode - * remove no longer needed mappedcmd.diff - * remove no longer needed styroptcrash.diff -- fix potential buffer overrun in show_all_active.patch -- redo combine screen_enhance_windows_list_1_3.patch, - screen_enhance_windows_list_2_3.patch, - screen_fix_wW_string_escapes_to_nearly_old_behavior.patch - into screen_enhance_windows_list.patch. - Do not mess with the old %w behaviour, just add support for the - windows command argument. Fixes bnc#808565. - -- Patch screen_enhance_windows_list_1_3.patch changed wW string escapes - in an unintended way. - Fix this by ignoring longflg and behave the way wW string esacpes - behaved with adding addtional L escape. (So %w is now what %Lw was before - all these changes. This should be a minor, acceptable change as it was - undocumented and it buys quite some code cleanup with it.). Patch is: - screen_fix_wW_string_escapes_to_nearly_old_behavior.patch - -- Introduce Xx string escape showing the executed command of a window - patch: show_all_active.patch - -- Add zombie and enhance windows commands - screen-poll-zombies.patch: Dead windows will be restarted after - a specified timeout (if enabled) - screen_enhance_windows_list_1_3.patch: - Cleanup window flags processing. This leads to a slight - output change in "Ww" string escapes (window list), but these - should be rather seldom used and flags are still shown. - screen_enhance_windows_list_2_3.patch: - Enhance windows command with an optional string escape based - parameter which also removes the output size (1024 bytes) - restriction (only if param is passed) of the windows command. - If you used captions with "%w" before, you can simulate the old - behaviour with "%-w%n* %t%+w". -- Only Require makeinfo for openSUSE versions 11.4 and above. - This requirement did not exist in earlier versions, now the package - builds again for example against SLES 11 (11.4 based). - -- Fix sort command to not stop at window gaps. - That can happen if windows got deleted and the window numbers do not - increment sequentially anymore. - -- add use_locale.diff to fix --enable-use-locale configure option - -- add prereq coreutils so that mkdir works [bnc#780033] - -- Add build dependency on makeinfo - -- fix crash when doing 'screen -d -r' inside of screen - -- add mappedcmd.diff to make ^A DEL work again - -- update to screen-4.0.4devel - * support for multiple layouts - * no more stuck screen sessions - -- fix build with latest ncurses (split tinfo) - -- mkdir /var/run/*screen both immediatly and via systemd. - -- Add sort command -- convert maxwin99bug.patch into a patch format quilt understands - -- Use /usr/lib/tmpfiles.d instead of /etc/tmpfiles.d. - -- bugfix bnc#668306, a buffer overflow with '%d'. - Added maxwin99bug.patch - This is already upstream, but was never released. - -- term_too_long.patch added. - corresponds to savannah#30880 - -- Add /etc/tmpfiles.d/screen.conf for /var/run on tmpfs. - -- BuildRequire utempter-devel - -- /var/run directories are created by /etc/tmpdirs.d/01_aaa_base. - -- Update to version 4.0.3 -- Dropped screen-4.0.2-comb.diff, upstream merged. - -- enable parallel building - -- add fedora patch for IPv6 support, this removes usage - of gethostbyname(3) - -- re-add lost maxwin definition [fate#301190] - shadow +- Do not require libeconf-devel on products without /usr/etc. + +- Split login.defs configuration file into own sub-package, which + allows to install util-linux or pam on small embedded/edge + systems or container without the need to pull in the full shadow + suite. + +- Amend patches/useradd-userkeleton.patch to also write into + existing directories and prefer files from /etc + +- Add patch useradd-userkeleton.patch to extend original C code + of useradd to handle /usr/etc/skel (boo#1173321) +- Remove /usr/etc/skel support in useradd.local script + +- Change again useradd.local script to let it work even for system + accounts and work together with SELinux (bsc#1178296) +- Change patch useradd-script.patch to support the four arguments + used by the useradd.local script (bsc#1178296) + +- Add support for /usr/etc/skel to useradd.local script (boo#1173321) + +- shadow-login_defs-check.sh: Fix the regexp to get a real variable + list (boo#1164274). + +- login.defs: Add support for new util-linux-2.36 login variable + MOTD_FIRSTONLY (shadow-util-linux.patch). +- shadow-login_defs-comments.patch: Remove duplicated + LASTLOG_UID_MAX. +- shadow-login_defs-check.sh: Update for new build system. +- shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is + not used in SUSE Linux. +- Refresh shadow-login_defs-suse.patch and + shadow-login_defs-comments.patch. + +- Use pure #!/bin/sh in: + * useradd.local + * userdel-post.local + * userdel-pre.local + +- Update to 4.8.1: + * selinux: include stdio + * man: don't suggest making groupmems user-writeable + * Makefile: bail out on error in for loops + * Adding logging of SSH_ORIGINAL_COMMAND to nologin + * add new HOME_MODE login.defs option + * Add tty logging to useradd + * Useradd: make non-executable shell check only a warning + * Update Dutch translation + * user_busy: Do not mistake a regular user process for a namespaced one + * Revert "Honor --sbindir and --bindir for binary installation" +- Remove shadow-4.8-shell-check.patch: included +- Remove shadow-4.8-selinux-include.patch: upstreamed + +- Set 0755 for chpasswd, groupadd, groupdel, groupmod, newusers, + useradd, userdel, usermod explicitly. + +- bsc#1160729: Make valid shell check only a warning + * Add shadow-4.8-shell-check.patch + +- Update to 4.8: + * Initial optional bcrypt support. + * Make build/install of 'su' optional. + * Fix for vipw not resuming correctly when suspended + * Sync password field descriptions in manpages + * Check for valid shell argument in useradd + * Allow translation of new strings through POTFILES.in + * Migrate to itstool for translations + * Migrate to new SELinux api + * Support --enable-vendordir + * pwck: Only check homedir if set and not a system user + * Support nonstandard usernames + * sget{pw,gr}ent: check for data at EOL + * Add YYY-MM-DD support in chage + * Fix failing chmod calls for suidubins + * Fix --sbindir and --bindir for binary installations + * Fix LASTLOG_UID_MAX in login.defs + * Fix configure error with dash +- Remove because upstreamed: + * libeconf.patch + * shadow-usermod-variable.patch +- Rebase: + * shadow-login_defs-unused-by-pam.patch + * chkname-regex.patch + * shadow-util-linux.patch + * shadow-login_defs-comments.patch +- Add shadow-4.8-selinux-include.patch + See https://github.com/shadow-maint/shadow/pull/200 + +- libeconf.patch: Add support for libeconf and /usr/etc for + login.defs. +- Move first configuration files and pam config files to /usr/etc + +- bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files + to support kernel keyring feature +- Update pamd.tar.bz2 with pam configuration files accordingly + +- encryption_method_nis.patch: drop, DES should really not be used + anymore anywhere, even with NIS +- shadow-login_defs-suse.patch: remove encryption NIS entry + +- Fix incorrect variable name in usermod + (shadow-usermod-variable.patch). +- shadow-login_defs-comments.patch: + * Drop SHA_CRYPT_*_ROUNDS that are in the upstream login.defs. + * Add missing LASTLOG_UID_MAX. + * Refresh shadow-login_defs-suse.patch. +- Port shadow-login_defs-check.sh to match the current spec file + and login.defs. + +- Provide "useradd_or_adduser_dep" for sysuser-shadow + -- bsc#1141113: Fix segfault in useradd - * Add shadow-4.6-bsc1141113-useradd-segfault.patch +- Fix comment about patch in spec file + +- Update to 4.7: + * Spawn: don't loop forever on ECHILD + * Do not fail locking if there is a stale lockfile (Tomas Mraz) + * Use lckpwdf if prefix not set (Tomas Mraz) + * Build: check correct DocBook version (Jan Tojnar) + * Usermod: Print 'no changes' to stdout, not stderr (Serge Hallyn) + * Add support for btrfs subvolumes for home (Adam Majer) + * Fix chpasswd long line handling (Nathan Ruiz) + * Use secure_getenv for gettime (Chris Lamb) + * Make sp_lstchg reproducible (Chris Lamb) + * Do not crash commonio_close if db file is not open (Tomas Mraz) + * Don't flush nscd and sssd cache in read-only mode (Charlie Vuillemez) + * French manpage update (Alban VIDAL) + * Fix manpage defaults for SUB_UID/GID_COUNT (Tomas Mraz) + * Sync po files from shadow.pot (Alban VIDAL) + * Usermod: guard against unsafe chown of homedir contents (Tomas Mraz) + * Add LASTLOG_UID_MAX to login.defs (Tomas Mraz) + * new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner) + * Fix segfault in useradd (Tomas Mraz) + * Coverity issues (Tomas Mraz) + * Flush sssd caches (Jakub Hrozek) + * Log UID in nologin (Vladimir Ivanov) + * run pam_getenvlist after setup_env in su.c (Michael Vogt) + * Support systems with only utmpx (A. Wilcox) + * Fix unguarded ENABLE_SUBIDS code (Jan Chren (rindeal)) + * Update po/zh_CN translation (Lion Yang) + * Create parent dirs for useradd -m (Michael Vetter) + * Prevent usermod segv + * Fix usermod crash (fariouche) +- Remove btrfs-subvolumes.patch (fate#316134): + upstreamed: https://github.com/shadow-maint/shadow/pull/149 +- Remove useradd-mkdirs.patch (bsc#865563): + upstreamed https://github.com/shadow-maint/shadow/pull/112 +- Remove shadow-4.6.0-fix-usermod-prefix-crash.patch + upstreamed https://github.com/shadow-maint/shadow/issues/110 +- Rebase userdel-script.patch +- Rebase useradd-script.patch +- Rebase shadow-util-linux.patch + +- Make building more verbose +- Use spec-cleaner + +- don't specify MOTD_FILE in login.defs but fall back to built in + defaults of login (boo#1133929) +- Add shadow-login_defs-unused-check.sh to allow verification of + login.defs variable usage (bsc#1121197). +- Add virtual symbols for login.defs compatibility (bsc#1121197). signon +- Add patch to fix crash (boo#1172904): + * 0001-Don-t-use-fno-rtti.patch + +- Update to 8.60. No changelog available (boo#1157142) + +- Use FAT LTO objects in order to provide proper static library. + skanlite +- Spec cleanup + +- Update to version 2.2.0: + * Saving is moved to a thread to not freeze the interface while + saving + * D-Bus interface for hotkeys and controlling scanning + * Bug fixes +- Add Fix-compilation-with-Qt-before-5.14.patch to fix build on + Leap 15.2 +- Switch Qt5/KF5 BuildRequires to cmake() notation +- Run spec-cleaner + -- Update to version 0.8: - * Save scanner options on exit and restore them on next start. - * Add option to disable automatic selection of scan area(s). -- Spec file updates: - * Use libkde4-devel instead of libkdepimlibs4-devel (not needed) in - BuildRequires:. - * Recommend instead of Suggest the doc and lang subpackages. - * Removed /sbin/ldconfig %post/%postun sections (not needed). - -- Moved all documentation to the documentation package - (fix for RPMLINT warning) -- Cleaned up spec file formatting - solid +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * Add support for sshfs to the fstab backend + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * CMake: Use pkg_search_module when looking for plist + * Fix imobiledevice backend: Check API version for DEVICE_PAIRED + * Fix imobiledevice backend build + * Add Solid backend using libimobiledevice for finding iOS devices + * Use QHash for mapping where order is not needed + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Clear m_deviceCache before introspecting again (kde#416495) + * Use KF-standardized Qt logging categories + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Enable UDisks2 backend on FreeBSD unconditionally. + sonnet +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + * Remove not implement method + * Use modern signal-slot connection syntax + * Minor code cleanup + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Changes since 5.74.0: + * Fix cppcheck warning + * Compile without deprecated method against qt5.15. + * downgrade trigrams output + * Prevent unnecessary temporary container creations + * const'ify pointer + initialize variable + * Use QMultiMap in createOrderedModel + * Fix test_highlighter to not fail if dict not found + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Clean forward declaration + * Remove obsolete COPYING files + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix "Using QCharRef with an index pointing outside the valid range of a QString" + * Restore default auto-detect behavior + * Fix default language (kde#398245) + sudo +- Update to 1.9.5.p2 + * When invoked as sudoedit, the same set of command line + options are now accepted as for sudo -e. The -H and -P + options are now rejected for sudoedit and sudo -e which + matches the sudo 1.7 behavior. This is part of the fix for + CVE-2021-3156. + * Fixed a potential buffer overflow when unescaping backslashes + in the command's arguments. Normally, sudo escapes special + characters when running a command via a shell (sudo -s or + sudo -i). However, it was also possible to run sudoedit with + the -s or -i flags in which case no escaping had actually + been done, making a buffer overflow possible. + This fixes CVE-2021-3156. (bsc#1181090) + * Fixed sudo's setprogname(3) emulation on systems that don't + provide it. + * Fixed a problem with the sudoers log server client where a + partial write to the server could result the sudo process + consuming large amounts of CPU time due to a cycle in the + buffer queue. Bug #954. + * Added a missing dependency on libsudo_util in libsudo_eventlog. + Fixes a link error when building sudo statically. + * The user's KRB5CCNAME environment variable is now preserved + when performing PAM authentication. This fixes GSSAPI + authentication when the user has a non-default ccache. + +- Update to 1.9.5.p1 + * Fixed a regression introduced in sudo 1.9.5 where the editor run + by sudoedit was set-user-ID root unless SELinux RBAC was in use. + The editor is now run with the user's real and effective user-IDs. +- News in 1.9.5 + * Fixed a crash introduced in 1.9.4 when running "sudo -i" as an + unknown user. This is related to but distinct from Bug #948. + * If the "lecture_file" setting is enabled in sudoers, it must now + refer to a regular file or a symbolic link to a regular file. + * Fixed a potential use-after-free bug in sudo_logsrvd when the + server shuts down if there are existing connections from clients + that are only logging events and not session I/O data. + * Fixed a buffer size mismatch when serializing the list of IP + addresses for configured network interfaces. This bug is not + actually exploitable since the allocated buffer is large enough + to hold the list of addresses. + * If sudo is executed with a name other than "sudo" or "sudoedit", + it will now fall back to "sudo" as the program name. This affects + warning, help and usage messages as well as the matching of Debug + lines in the /etc/sudo.conf file. Previously, it was possible + for the invoking user to manipulate the program name by setting + argv[0] to an arbitrary value when executing sudo. (bsc#1180687) + * Sudo now checks for failure when setting the close-on-exec flag + on open file descriptors. This should never fail but, if it + were to, there is the possibility of a file descriptor leak to + a child process (such as the command sudo runs). + * Fixed CVE-2021-23239, a potential information leak in sudoedit + that could be used to test for the existence of directories not + normally accessible to the user in certain circumstances. When + creating a new file, sudoedit checks to make sure the parent + directory of the new file exists before running the editor. + However, a race condition exists if the invoking user can replace + (or create) the parent directory. If a symbolic link is created + in place of the parent directory, sudoedit will run the editor + as long as the target of the link exists. If the target of the + link does not exist, an error message will be displayed. The + race condition can be used to test for the existence of an + arbitrary directory. However, it _cannot_ be used to write to + an arbitrary location. (bsc#1180684) + * Fixed CVE-2021-23240, a flaw in the temporary file handling of + sudoedit's SELinux RBAC support. On systems where SELinux is + enabled, a user with sudoedit permissions may be able to set the + owner of an arbitrary file to the user-ID of the target user. + On Linux kernels that support "protected symlinks", setting + /proc/sys/fs/protected_symlinks to 1 will prevent the bug from + being exploited. For more information see + https://www.sudo.ws/alerts/sudoedit_selinux.html. (bsc#1180685) + * Added writability checks for sudoedit when SELinux RBAC is in use. + This makes sudoedit behavior consistent regardless of whether + or not SELinux RBAC is in use. Previously, the "sudoedit_checkdir" + setting had no effect for RBAC entries. + * A new sudoers option "selinux" can be used to disable sudo's + SELinux RBAC support. + * Quieted warnings from PVS Studio, clang analyzer, and cppcheck. + Added suppression annotations for PVS Studio false positives. + +- Update to 1.9.4p2 + * Fixed a bug introduced in sudo 1.9.4p1 which could lead to a crash + if the sudoers file contains a runas user-specific Defaults entry. + Bug #951. +- News in 1.9.4p1 + * Fixed a regression introduced in version 1.9.4 where sudo would + not build when configured using the --without-sendmail option. + Bug #947. + * Fixed a problem where if I/O logging was disabled and sudo was + unable to connect to sudo_logsrvd, the command would still be + allowed to run even when the "ignore_logfile_errors" sudoers + option was enabled. + * Fixed a crash introduced in version 1.9.4 when attempting to run + a command as a non-existent user. Bug #948. + * The installed sudo.conf file now has the default sudoers Plugin + lines commented out. This fixes a potential conflict when there + is both a system-installed version of sudo and a user-installed + version. GitHub issue #75. + * Fixed a regression introduced in sudo 1.9.4 where sudo would run + the command as a child process even when a pseudo-terminal was + not in use and the "pam_session" and "pam_setcred" options were + disabled. GitHub issue #76. + * Fixed a regression introduced in sudo 1.8.9 where the "closefrom" + sudoers option could not be set to a value of 3. Bug #950. + +- Update to 1.9.4 + * The sudoers parser will now detect when an upper-case reserved + word is used when declaring an alias. Now instead of "syntax + error, unexpected CHROOT, expecting ALIAS" the message will be + "syntax error, reserved word CHROOT used as an alias name". + Bug #941. + * Better handling of sudoers files without a final newline. + The parser now adds a newline at end-of-file automatically which + removes the need for special cases in the parser. + * Fixed a regression introduced in sudo 1.9.1 in the sssd back-end + where an uninitialized pointer could be freed on an error path. + GitHub issue #67. + * The core logging code is now shared between sudo_logsrvd and + the sudoers plugin. + * JSON log entries sent to syslog now use "minimal" JSON which + skips all non-essential whitespace. + * The sudoers plugin can now produce JSON-formatted logs. The + "log_format" sudoers option can be used to select sudo or json + format logs. The default is sudo format logs. + * The sudoers plugin and visudo now display the column number in + syntax error messages in addition to the line number. Bug #841. + * If I/O logging is not enabled but "log_servers" is set, the + sudoers plugin will now log accept events to sudo_logsrvd. + Previously, the accept event was only sent when I/O logging was + enabled. The sudoers plugin now sends reject and alert events too. + * The sudo logsrv protocol has been extended to allow an AlertMessage + to contain an optional array of InfoMessage, as AcceptMessage + and RejectMessage already do. + * Fixed a bug in sudo_logsrvd where receipt of SIGHUP would result + in duplicate entries in the debug log when debugging was enabled. + * The visudo utility now supports EDITOR environment variables + that use single or double quotes in the command arguments. + Bug #942. + * The PAM session modules now run when sudo is set-user-ID root, + which allows a module to determine the original user-ID. + Bug #944. + * Fixed a regression introduced in sudo 1.8.24 in the LDAP back-end + where sudoNotBefore and sudoNotAfter were applied even when the + SUDOERS_TIMED setting was not present in ldap.conf. Bug #945. + * Sudo packages for macOS 11 now contain universal binaries that + support both Intel and Apple Silicon CPUs. + * For sudo_logsrvd, an empty value for the "pid_file" setting in + sudo_logsrvd.conf will now disable the process ID file. +- Remove sudo-1.9.3p1-pam_xauth.patch (upstreamed) + supermin +- add patch supermin-kernel_version_compressed.patch + find kernel module path even for compressed kernels + like on aarch64 and s390x (bsc#1182112, bsc#1138258) + +- update to 5.2.0: + * rpm: extend the Multiple_matches exception + * Use external command mv to rename old output directory (RHBZ#1670191). + * rpm: do not unpack parameters + * rpm: fix version comparison + * rpm: provide a dummy supermin_rpm_get_arch implementation + * ext2: Build symbolic links correctly (RHBZ#1770304). + * Update gnulib to latest. +- switch to release tarball, use keyring for gpg validation +- run tests + +- Update to version 5.1.20, via _service file + No changelog provided by upstream + +- Adding sysconfig-netconfig to list of required dependencie + (BSC#136878) + +- Added tar as software dependency. + (BSC#1134334) + -- Update to version 5.1.8 - -- Update to version 4.1.3 - -- zypp: Only compile zypper support if OCaml inifiles module is found. -- zypp: Trailing whitespace. -- Handle --packager-config in zypp_rpm -- helper: Add a note that cpio might not be able to read -f cpio files. -- helper: Add megaraid drivers to the initrd. - -- add changes to support zypper - -- initial package version 4.1.1 - syndication +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Changes since 5.73.0: + * Remove obsolete COPYING files + * Correct license exception + * Add license texts according to REUSE specification + * Convert license statements to SPDX expressions + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Changes since 5.72.0: + * Use KF-standardized Qt logging categories + * Use camelcase include. (scripted) + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * Fix a couple BSD-2-Clause license headers + syntax-highlighting +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Too many changes to list here. + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- Too many changes since 5.74.0, only listing bugfixes: + * Fix doxygen latex formulas (kde#426466) + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- Too many changes to list here. + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- Too many changes to list here. + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- Changes since 5.71.0: + * CMake: Updates for CMake 3.18 + * Add Snort/Suricata language highlighting + * Add YARA language + * fix compiler warning + * remove deprecated binary json in favor of cbor + * JavaScript/TypeScript: highlight tags in templates + systemd +- Add 0001-rules-don-t-ignore-Xen-interfaces-anymore.patch (bsc#1178561) + +- Import commit f366438ca2d66c287ea836174e73dd03a98914bf (merge of v246.10) + 25f220eafb sysusers: flush nscd's caches whenever /etc/{passwd,group} are modified (bsc#1181121) + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/64dfb99ca3c9cbc75f6abe7aa6aa60f66ae4210d...f366438ca2d66c287ea836174e73dd03a98914bf + +- systemd-sysv-convert: handle the case when services are migrated + from SysV scripts to systemd units and are renamed at the same + time (bsc#1181788) + The list of such services is hard coded and contains only the + 'ntp->ntpd' translation. + threadweaver +- Update to 5.76.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.76.0 +- Changes since 5.75.0: + * If include is define in .h remove it if it's defined in .cpp too (scripted) + +- Update to 5.75.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.75.0 +- No code change since 5.74.0 + +- Update to 5.74.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.74.0 +- No code change since 5.73.0 + +- Update to 5.73.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.73.0 +- No code change since 5.72.0 + +- Update to 5.72.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/kde-frameworks-5.72.0 +- No code change since 5.71.0 + thunar +- Update to version 4.16.3 + * By default show all available volumes + * Regression: Skip app info updates on sendto actions + (bxo#xfce/thunar#502) + * Regression: Toggle menu visibility on F10 if menu hidden + (bxo#xfce/thunar#498) + * Regression: "Shift" + "Select Trash in menu" has to trigger delete + * Dont select previous file after delete/trash (bxo#xfce/thunar#477) + * Increase min. size of "text" field in bulk renamer + (bxo#xfce/thunar#474) + * Translation Updates + timezone +- timezone update 2021a (bsc#1177460) + * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00. + timezone-java +- timezone update 2021a (bsc#1177460) + * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00. + tk +- bsc#1179615: TK_LIBS in tkConfig.sh possibly breaks build on + newer service packs and is not needed for linking to a dynamic + libtk anyway, so make it empty. + -- Final 8.6.1 release: - * Fix several crashes. - -- New patchlevel release 8.6.1rc0: - * (enhancement) better build support for Debian arch - * (bug fix)[3603077] treeview update on tag add/remove - * (bug fix)[3599312] First Alt key event is lost - * (platform support) FreeBSD updates - -- New version: 8.6.0. - * Built-in PNG Image Support: Photo images now support - read/write in the PNG format, with the ability to set the - alpha channel. - * Busy Windows: New command tk busy is a variant of blt::busy - that lets the interactivity of windows be suspended and - restored as required by the needs of the program. - * New Font Selection Dialog Interface: New command tk - fontchooser provides a portable interface to the standard font - selector of the platform, whether that is modal or not. - * Angled Text: New option -angle $degrees to $canvas create text - for rotating displayed text. - * Moving Things on a Canvas: New commands $canvas moveto, - $canvas imove and $canvas rchars for moving and manipulating - canvas items. - * Additional New Features: Text widget cursor control, more - window manager hints, and a collection of modernizations in - appearance and function. -- Integrate tkcon. - -- Add Source URL, see https://en.opensuse.org/SourceUrls - -- Fix configure xft detection (add patch tk-8.5.12-fix-xft.patch). -- Replace build requires of xorg-x11-devel with those that are really - needed. - -- New patchlevel release 8.5.12: - * [3437816] return code of [canvas lower] - * [3021557] cursor freeze in elided text - * [3476698] hang in [text mark prev/next] - * [3475627] Stop text-31.11 failure - * [1630271] hang/crash on mark before -startline - * [1754043,2321450] -blockcursor appearance - * [3480471] crash in [tk_getOpenFile] - * [3480634] PNG image in menus - * [2925561] disabled combobox don't take focus - * [3486474] Correct color scaling - * [1630262,1615425] [text] crash tags & -*line - * [3497848] consistent pixel rounding - * [3503317] XParseColor speedup - * [3176239] control-Mousewheel crash - * [3520202] %k,%K,%N for Python - * [533519] multiscreen window placement - * [2768586] multiscreen menu posting - * [1630254] text peer update on -startline reset - * [3294450] ttk text element clipping - * Make sure all index tables are static - * [3546073] DisplayString() -> DefaultDisplay() - -- patch license to follow spdx.org standard - -- New patchlevel release 8.5.11: - * [3341056] new crash in unset traces - * [3314770] restore file dialog resizeability - * [3404541] -takefocus option - * [TIP 382] -confirmoverwrite on save dialog - * [3410609] AltGr keysyms on Swiss keyboard - * [3431491] improved "pixels" shimmer logic -- Add a manpage for wish8.5 by symlinking to the wish manpage. -- Remove unneeded %clean section and norootforbuild comment. -- Add tk-upstream-fixes.patch with fixes for manpage bugs and - a missing x-bit in the demo section. - -- New patchlevel release 8.5.10: - * (bug fix)[3057573] specify combobox text fg color - * (bug fix)[2829363] [$tv see] open item -> sched display - * (bug fix)[3085489] crash in [tag add/remove] - * (enhancement) Updated German messages. - * (platform) VS 2005 SP1 MSVC compiler - * (bug fix)[3071836] crash in tk_getSaveFile - * (bug fix)[3154705] tk_messageBox close button disabled - * (enhancement) add [ttk::entry validate] - * (bug fix)[3205260] crash in [wm manage] - * (bug fix)[3181181] tearoff submenu fix - * (bug fix)[3205464] [wm forget] loses window - * (bug fix)[3223850] ttk button state disabled during click - * (bug fix)[3000002] ttk scrollbar size Appearance - * (bug fix)[3239768] Win menu font support - * (bug fix)[3129527] stop buffer overflows - * (feature change)[2997657] No -container for [labelframe] - * (bug fix)[723765] [grid remove] lost -in value - * (bug fix)[3291543] mem corrupt when [$canvas dchars] removes - all coords of a polygon - * (bug fix)[2949774] cascade menu unpost - * (bug fix)[2546087] [console] treatment of '\0' - * (bug fix)[2358545] Restore "08" in spinbox configured with - - from and -to (porter) - * (bug fix)[2484771] modal dialog settings - * (bug fix)[3175610] incomplete line item refresh - * (bug fix)[3062331] crash in unset traces -- tk-xft.patch has been integrated upstream. - -- Fix libXft detection in configure. - -- Bugfix release: 8.5.9: - * [sf#2899949] crash on widget destroy - * [sf#2902814] fix [wm iconphoto] on LP64 systems - * [sf#2548661] crash in GetFontFamilyName - * [sf#2864685] Compiz menu item animation - * [sf#2902573] Update Safe Tk to new Safe Base - * [sf#2912473] accept :: in DISPLAY name - * [sf#2496162] crash calling Tk_DeleteOptionTable() - * [sf#2917663] [send] accept SI:* on auth list - * [sf#2919205] syntax bug in [tk_messageBox] - * [sf#2912356] [ttk::sizegrip] accommodate Compiz - * [sf#2879927] Win: cascade menu highlight - * [sf#1924761] stop [event generate] / XIM conflict - * [sf#2848897] ODS_NOACCEL flag support - * [sf#220950] [$menu delete] bounds check - * [sf#2898255] unlimited multi-file select - * [sf#1163496] X: [wm transient] fix - * [TIP 360] Modernize X11 Menus - * [sf#2932808] canvas update on state change - * [sf#2931374] overflow in complex tag search - * [TIP 359] Extended Window Manager Hint Support - * [sf#2952745] crash in menu deletion - * [sf#2968379] crash in peer text dump - * [sf#3006842] crash on empty bind scripts - * entry validation compat with Itcl scope - * [sf#2585265] text , note selection - * [sf#3053320] update Ttk to tile 0.8.6 feature set - -- Bugfix-Release 8.5.8: - * [sf#2080533] panedwindow sash draw crash - * [sf#2504402] iconphoto on non-32-bit displays - * [sf#2785744] broken flag twiddling - * [sf#2791352] XLFD parsing error - * [sf#1923684] confused checkbutton state - * [sf#2799589] crash on delayed window activation - * [sf#220935] canvas dash update problem - * [sf#2821962] photo image copy/paste - * [sf#2496114] focus in dead window crash - * [sf#2830420] X iconphoto for big endian - * Fix word-wrap of non-breaking space in [text] - * Fix tk::MessageBox bindings for ttk::buttons - * [sf#1909931] [send] update for Fedora 8 - * Fix font allocation crash - * Fix grayscale from images - * [sf#2088597] min scrollbar slider size - * [sf#2787164] combobox/menubutton arrow size - * [sf#2870648] file dialog cursor - * [sf#1961455] underline, overstrike Xft fonts - * [sf#2794032] permit [load] into Tcl 8.6+ interps - * [sf#2168768] file dialog -typevariable scope - * [sf#1469210] [text] modified error - * [sf#1530276] X checkbutton -selectcolor - * [sf#1854913] [.t delete] before -startindex - * [sf#2809525] prevent X crash on overlong color name - * [sf#2891541] fix grab behaviour for main window - -- Install binaries unstripped to fix debuginfo packages - -- New version: 8.5.7 - * Improve keyboard bindings for ttk::scale. - * Permit [text] names containing "-". - * Limit [wm manage] to Frames. - * Fix Tk_Create*ImageType() thread safety. - * Eliminate unnecessary units conversion in screen distances, - reducing precision loss. - * Fix crash on XCreateIC failure. - * Fax crash in Tk_MakeWindowExist(). - * More bug fixes and improvements. - transactional-update -- Added 0001-Fix-EFI-grub2.patch: - Backport of upstream fix for [boo#1162320] (grub2-arm64-efi - upgrade 2.02-lp151.21.6.1 -> 2.02-lp151.21.9.1 causes system to - fail reboot with "error: symbol `grub_efi_allocate_any_pages' not - found.") +- Version 3.1.4 + - SELinux: Fix syncing of SELinux attributes when using overlays + - SELinux: Tag the overlay directory itself (again) + +- Version 3.1.3 + - Fix overlay syncing on SELinux systems + - Fix resuming transactions where the parent does not exist any more + +- Version 3.1.2 + - libtukit: Report when application was terminated due to a signal, and + return the signal number as a return value. This will cause the + transaction to be aborted when called via `execute`. + - libtukit: Set PATH variable for internal commands to fixed value to + find the helper applications, as in some environments such as PolicyKit + PATH wouldn't be set. + - Fix compiler warnings + +- Version 3.1.1 + - Fix hang in tukit on aarch64 [bsc#1181844] + - Prevent deletion of snapshots when resuming a snapshot where no + transaction is open + - Make tukit work in non-dbus environments [boo#1181934] + +- Version 3.1.0 + - t-u: Support installing RPMs from the user's directory again + - Adapt selfupdate to new packaging + - Implement signal handling + - Remove empty text files + +- Add libselinux build time dependency +- Remove RPM version check + +- Fix libstdc++ filesystem ABI incompatibility by using newer gcc + version on old distributions. [boo#1181582] + +- Rework packaging based on Fedora packaging to separate all the + components to remove the intrinsic requirement for Zypper + +- Version 3.0.0 + - This release changes the internal structure, but should be + identical to the previous release feature wise. + - Major parts of the previous Bash only application have been + rewritten in C++ with the goal to provide an API around + transactions; the transactional-update script is using that + new interface internally already, however the API should + be considered experimental for now - if you are interested to + use it, please notify us in + https://github.com/openSUSE/transactional-update/issues/52 + - A new tool called "tukit" provides a C++ tool that can be + wrapped by scripts to leverage the functionality. Please + consider it experimental for now, the commands may still change. + - Bugfixes: + - Implement support for system offline update [boo#1180808] + - Add statistics files to update environment [boo#1173282] + +- Version 2.38.3 + - SELinux: Make synchronisation work for both pre-SELinux + snapshots and later snapshots; SELinux support should be ready + for most tasks now. + +- Version 2.28.2 + - SELinux: Exclude security.selinux attribute from rsyncing (again) + +- Version 2.28.1 + - SELinux: Fixed changing the wrong grub configuration file + - SELinux: Move /.autorelabel file to writeable location + +- Version 2.28 + - Add 'setup-selinux' command for easy setup of a SELinux system + - Allow complex commands for the 'run' command + - SELinux: Fix /etc / overlay labeling + +- Version 2.27 + - Add support for network systemd-resolvd network connections in t-u + environment + - Mount /var/lib/ca-certificates read-write to prevent SELinux error + - Prevent calling transactional-update from within transactional-update + +- Version 2.26 + - Fix broken sync for second snapshot [boo#1176989] + - Add new options to allow separate cleanup of snapshots and overlays + - Check for existence of inotifywait before using it + - Check that mount options don't exceed maximum length + +- Version 2.25.1 + - Fix inotify watcher setup + - Use log_{info,error} for more messages to avoid messing up Salt logs + +- Version 2.25 + - Reduce number of overlays: + Instead of using transparent overlays for all previous layers only add the + previous snapshot's overlay; this will greatly reduce the number of + overlays while still making sure that /etc changes in the running system + will be visible in the next snapshot + - When using --drop-if-no-change synchronize potential /etc changes with + running system + - Exclude all non-root-fs mounts from inotify watcher + +- Version 2.24.1 + - SELinux: adjust labels for etc, fstab and grub.cfg + +- Version 2.24 + - Add partial SELinux support + +- Version 2.23 + - Add "run" command to be able to execute a single command in a new snapshot + - Add "--drop-if-no-change" option to discard snapshots if no changes were + perfomed (BETA, required for Salt integration) + - Removed previous CaaSP Salt support (gh#openSUSE/transactional-update#33) + - Avoid "file not found" message on systems without /var subvol + +- Remove unused attr requires +- Change bc to file requires + +- Version 2.22 + - Use pkgconf to determine installation paths + - Enable SSL connections in update shell + [boo#1149131] & [boo#1133891] + +- Version 2.21.1 + - Rework error messages on failing umount [boo#1168389] + +- Update to version 2.21 + - Use slave mounts for /proc, /sys & /dev + +- Update to version 2.20.4 + - Mount efivarfs on EFI systems to make sure the bootloader will be installed + correctly [boo#1162320] + - Fix removal of existing overlay directories + +- Add dependencies to btrfsprogs, zypper and snapper - most of the + functionality is not usable if those applications are not + installed. [boo#1166502] ucode-intel +- Updated Intel CPU Microcode to 20210216 official release. (bsc#1178971 bsc#1179224) + | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products + |:---------------|:---------|:------------|:---------|:---------|:--------- + | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a08 | 02006a0a | Xeon Scalable + | SKX-D | M1 | 06-55-04/b7 | 02006a08 | 02006a0a | Xeon D-21xx + | CLX-SP | B0 | 06-55-06/bf | 04003003 | 04003006 | Xeon Scalable Gen2 + | CLX-SP | B1 | 06-55-07/bf | 05003003 | 05003006 | Xeon Scalable Gen2 + util-linux -- libblkid: Do not trigger CDROM autoclose (bsc#1084671, +- libmount: don't use "symfollow" for helpers on user mounts + (boo#1181750, util-linux-libmount-dont-use-symfollow.patch) + +- Override GTKDOCIZE with /bin/true so we can run autoreconf + without needing gtk-doc as a dependency. + +- Merge package with SLE15 SP3 and openSUSE Leap 15.3: + Obsoletes upstreamed patches: +- libblkid: Do not trigger CDROM autoclose (v2.35, bsc#1084671, +- lscpu: avoid segfault on PowerPC systems with valid hardware + configurations + (v2.36.1, bsc#1175623, bsc#1178554, bsc#1178825, + lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) +- Fix for SG#57988, bsc#1174942 (v2.36): + libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts + to CIFS with mount –a. +- blockdev: Do not fail --report on kpartx-style partitions on + multipath (v2.36, + bsc#1168235, util-linux-blockdev-report-dm.patch). +- nologin: Add support for -c to prevent error from su -c + (v2.35, bsc#1151708, util-linux-nologin-su-c.patch). +- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: + Avoid triggering autofs in lookup_umount_fs_by_statfs + (v2.36 boo#1168389) +- mount: fall back to device node name if /dev/mapper link not found + (v2.34, bsc#1149911) + * Add patch: util-linux-canonicalize-coverity-scan.patch +- De-duplicate fstrim -A properly (v2.34, bsc#1127701, + util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, + util-linux-fstrim-A-4.patch). +- Do not trim read-only volumes + (v2.34, boo#1106214, util-linux-fstrim-A-2.patch, + util-linux-fstrim-A-4.patch). +- libmount: To prevent incorrect behavior, recognize more pseudofs + and netfs (v2.34, bsc#1122417, + util-linux-libmount-pseudofs.patch). +- agetty: Return previous response of agetty for special characters + (v2.34, bsc#1085196, bsc#1125886, + util-linux-agetty-smart-reload-13.patch, + util-linux-agetty-smart-reload-14.patch). +- Fix problems in reading of login.defs values (v2.34, bsc#1121197, + util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch, + util-linux-login_defs-SYS_UID.patch). + +- Build with libudev support to support non-root users + (boo#1169006). +- Move findmnt and lsblk to util-linux-systemd, as they use libudev + (bsc#1169006#c10). + +- Do not require libeconf-devel on products without /usr/etc. + +- s/--enable-vendordir/--with-vendordir/ +- remove pam_securetty line again. As long as there is no agreement + from pam side having it would fail openQA (boo#1033626) + +- Update to version 2.36.1: + * chrt: use SCHED_FLAG_RESET_ON_FORK for sched_setattr() + * fallocate: fix --dig-holes at end of files + * fdisk: always report fdisk_create_disklabel() errors + * flock: keep -E exit status more restrictive + * fstrim: remove fstab condition from fstrim.timer + * hexdump: automatically use -C when called as hd + * hwclock: add fallback if SYS_settimeofday does not exist, fix + SYS_settimeofday fallback + * libblkid: allow a lot of mac partitions, fix Atari prober logic, + limit amount of parsed partitions + * more libfdisk improvements + * losetup: avoid infinite busy loop, increase limit of setup + attempts + * lsblk: fix -T optional argument, fix SCSI_IDENT_SERIAL, print + zero rather than empty SIZE, read ID_SCSI_IDENT_SERIAL if + available + * lscpu: Add FUJITSU aarch64 A64FX cpupart, Even more Arm part + numbers, avoid segfault on PowerPC systems with valid hardware + configurations (bsc#1175623) + * mount: Add support for "nosymfollow" mount option. + * pg: fix wcstombs() + * sfdisk: correct --json --dump false exclusive, fix backward + - -move-data + * vipw: fix short write handling in copyfile + * whereis: fix out of boundary read, support zst compressed man + pages + * minor code improvements and fixes + * minor licensing changes + * improve docs +- Require both group(uuidd) and user(uuidd). + +- Do search /usr/sbin for mount helpers. (This drops /sbin/fs, + /sbin/fs.d, which we do not use in openSUSE.) + +- prepare usrmerge (boo#1029961) -- Build with libudev support to support non-root users - (boo#1169006). +- Fix default permissions of wall and write. +- Update to version 2.36: + * blkdiscard(8) refuses to proceed if filesystem or RAID + signatures are found in interactive mode (executed on a + terminal). The option --force is required to the discard + data. + * new commands irqtop(1) and lsirq(1)to monitor kernel + interrupts. + * cal(1) provides a new --vertical command line option. + * blkzone(8) implements open/close/finish commands now. + * unshare(1) and nsenter(1) commands support the time namespace + now. + * agetty(8) now supports multiple paths in the option + - -issue-file. + * fdisk(8), sfdisk(8), cfdisk(8), mkswap(8) and wipefs(8) now + support block devices locking by flock(2), new command line + option --lock and $LOCK_BLOCK_DEVICE environmental variable. + * dmesg(1) new command line option --follow-new to wait and + print only new kernel messages. + * fdisk(8) new command line option --list-details and + - -noauto-pt. + * fdisk(8) and sfdisk(8) support user-friendly aliases for + partition types. + * fstrim(8) supports new command line option --listed-in. + * libfdisk provides API to relocate GPT backup header. New + command line option "sfdisk --relocate". + * mount(8) now supports mount by ID= tag. + * login(1) supports list of "message of the day". + * All tools which read /etc/login.defs is possible to compile + with libeconf now. + * more(1) has been refactored. + * man pages cleanup + * other fixes and improvements, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.36/v2.36-ReleaseNotes +- Refresh Add-documentation-on-blacklisted-modules-to-mount-8-.patch. +- Drop upstreamed libeconf.patch, + libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch. +- util-linux-login_defs-check.sh: Perform all steps to integrate + MOTD_FIRSTONLY. +- Update baselibs.conf. + +- Use plain #!/bin/sh for flushb + +- Include pam_securetty in login.pamd again (bsc#1033626) +- Update to 2.35.2 + * make glibc 2.31 compatible +- Dropped unneeded patch libfdisk-script-accept-sector-size.patch + +- Add patch to fix sfdisk not reading its own scripts: + * libfdisk-script-accept-sector-size.patch +- Use %autopatch + +- Fix verification of mount, su and umount (bsc#1166948) + +- Update to version 2.35.1: + * agetty: add --show-issue, support for /run/issue and + * fdisk: Correct handling of hybrid MBR, cleanup wipe warning, + use 'r' to return from MBR to GPT. + * lsblk: FSVER column, + drop e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch. + * lscpu: Add HiSilicon aarch64 tsv110 cpupart, add a new columns + to --cache. + * mount: add --target-prefix. + * mountpoint: add --nofollow option. + * script: add --echo, --log-in, --logging-format, --log-out and + - -log-timing. + * scriptlive: new command. + * scriptreplay: add --log-* options, --cr-mode, --stream, + - -summary, -T --log-timing. + * sfdisk: add progress bars. + * unshare: add --keep-caps and --map-current-user options. + * Many other fixes and improvements, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35.1-ReleaseNotes +- Refresh libeconf.patch. -- lscpu: avoid segfault on PowerPC systems with valid hardware - configurations - (bsc#1175623, bsc#1178554, bsc#1178825, - lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) +- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: + Avoid triggering autofs in lookup_umount_fs_by_statfs + (boo#1168389) -- Fix for SG#57988, bsc#1174942: - libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts - to CIFS with mount –a. +- libeconf.patch: fix a long int error on 32bit -- blockdev: Do not fail --report on kpartx-style partitions on - multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). +- libeconf.patch: Add support for libeconf +- Move /etc/pam.d/* to /usr/etc/pam.d +- Remove migration code for su from coreutils to util-linux, not + needed anymore -- nologin: Add support for -c to prevent error from su -c - (bsc#1151708, util-linux-nologin-su-c.patch). +- Do not recommend lang package. The lang package already has a + supplements. -- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: - Avoid triggering autofs in lookup_umount_fs_by_statfs - (boo#1168389) +- lsblk: force to print PKNAME for partition with + e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch -- mount: fall back to device node name if /dev/mapper link not found - (bsc#1149911) - * Add patch: util-linux-canonicalize-coverity-scan.patch +- Remove outdated buildignore for pwdutils, had no effect with + shadow anyways -- Fix comments and unify look of PAM files that were just changed - (login.pamd, remote.pamd). +- Fix comments and unify look of PAM files (login.pamd, + remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd). + +- Update to version 2.34: + * new command hardlink + * rewrite of lsblk, now supports --dedup + * support for FUSE in umount + * support for "--all -o remount" in mount + * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH + over ENV_ROOTPATH (bsc#1121197), improved --pty + * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd + * fstrim: do not suppress warnings unless --quiet is used + * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add + - -caches + * logger: merge multiple MESSAGE= lines + * libblkid: do not depend on libuuid, supports DRBD9 detection + * libsmartcols: support N:M relationships in tree-like output + * fstrim and uuidd systemd services: hardening settings to + improve security and service isolation + * fstrim: trim root filesystem on --fstab, check for read-only + filesystems on --all and --fstab (boo#1106214). + * fstrim -A: properly de-duplicate sub-volumes (boo#1127701). + * Obsoletes util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch and + util-linux-login_defs-SYS_UID.patch. + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes +- Provide and obsolete hardlink package. +- util-linux-login_defs-check.sh: Update checksum, login now + supports LASTLOG_UID_MAX. -- De-duplicate fstrim -A properly (bsc#1127701, - util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, - util-linux-fstrim-A-4.patch). -- Do not trim read-only volumes - (boo#1106214, util-linux-fstrim-A-2.patch, - util-linux-fstrim-A-4.patch). - -- libmount: To prevent incorrect behavior, recognize more pseudofs - and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). - +- Use FAT LTO objects in order to provide proper static library (boo#1138795). + -- agetty: Return previous response of agetty for special characters - (bsc#1085196, bsc#1125886, - util-linux-agetty-smart-reload-13.patch, - util-linux-agetty-smart-reload-14.patch). +- Update to version 2.33.2 (bsc#1134337): + * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). + * mount: Fix "mount" output for net file systems (bsc#1122417). + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes +- Add virtual symbols for login.defs compatibility (bsc#1121197). +- Add login.defs safety check util-linux-login_defs-check.sh + (bsc#1121197). +- Drop bc BuildRequires: not needed. + +- libmount: remove jffs2 and ubifs from blacklist (jsc#SLE-4085). + - (jsc#SUSE-4085, fate#326832), and add documentation + (jsc#SLE-4085, fate#326832), and add documentation +- agetty: Fixes for reload issue only if it is really needed + (bsc#1085196, boo#1120298, + util-linux-agetty-smart-reload-10.patch, + util-linux-agetty-smart-reload-11.patch, + util-linux-agetty-smart-reload-12.patch). + -- Update to version 2.33 (FATE#326844): +- Update to version 2.33: +- Drop klogconsole in favor of dmesg --console-level plus + setlogcons (kbd) (boo#1116277). + +- Fix runstatedir path (to /run) (boo#1113188#c1). + +- Create empty /etc/issue.d for the new agetty feature. + +- Drop obsolete downstream ppc utilities + chrp-addnote and mkzimage_cmdline (boo#1109284). +- Drop obsolete setctsid (boo#1109290). + +- Update to version 2.32.1: - https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33-ReleaseNotes - util-linux-chcpu-cpu-count.patch, - util-linux-bash-completion-umount-CVE-2018-7738.patch). -- agetty: Fixes for reload issue only if it is really needed - (bsc#1085196, util-linux-agetty-smart-reload-10.patch, - util-linux-agetty-smart-reload-11.patch, - util-linux-agetty-smart-reload-12.patch). -- agetty BEHAVIOR CHANGE: Terminal switches to character mode when - entering logname; echo is generated by the agetty itself. - (In past, logname echo was generated locally by the terminal, - using the canonical line editing mode.) - -- Fix runstatedir path (to /run) (boo#1113188#c1). - -- Create empty /etc/issue.d for the new agetty feature. + util-linux-chcpu-cpu-count.patch). -- Fix local vulnerability using embeded shell commands in - a mountpoint name (bsc#1084300, CVE-2018-7738, - util-linux-bash-completion-umount-CVE-2018-7738.patch). - util-linux-systemd -- libblkid: Do not trigger CDROM autoclose (bsc#1084671, +- libmount: don't use "symfollow" for helpers on user mounts + (boo#1181750, util-linux-libmount-dont-use-symfollow.patch) + +- Override GTKDOCIZE with /bin/true so we can run autoreconf + without needing gtk-doc as a dependency. + +- Merge package with SLE15 SP3 and openSUSE Leap 15.3: + Obsoletes upstreamed patches: +- libblkid: Do not trigger CDROM autoclose (v2.35, bsc#1084671, +- lscpu: avoid segfault on PowerPC systems with valid hardware + configurations + (v2.36.1, bsc#1175623, bsc#1178554, bsc#1178825, + lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) +- Fix for SG#57988, bsc#1174942 (v2.36): + libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts + to CIFS with mount –a. +- blockdev: Do not fail --report on kpartx-style partitions on + multipath (v2.36, + bsc#1168235, util-linux-blockdev-report-dm.patch). +- nologin: Add support for -c to prevent error from su -c + (v2.35, bsc#1151708, util-linux-nologin-su-c.patch). +- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: + Avoid triggering autofs in lookup_umount_fs_by_statfs + (v2.36 boo#1168389) +- mount: fall back to device node name if /dev/mapper link not found + (v2.34, bsc#1149911) + * Add patch: util-linux-canonicalize-coverity-scan.patch +- De-duplicate fstrim -A properly (v2.34, bsc#1127701, + util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, + util-linux-fstrim-A-4.patch). +- Do not trim read-only volumes + (v2.34, boo#1106214, util-linux-fstrim-A-2.patch, + util-linux-fstrim-A-4.patch). +- libmount: To prevent incorrect behavior, recognize more pseudofs + and netfs (v2.34, bsc#1122417, + util-linux-libmount-pseudofs.patch). +- agetty: Return previous response of agetty for special characters + (v2.34, bsc#1085196, bsc#1125886, + util-linux-agetty-smart-reload-13.patch, + util-linux-agetty-smart-reload-14.patch). +- Fix problems in reading of login.defs values (v2.34, bsc#1121197, + util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch, + util-linux-login_defs-SYS_UID.patch). + +- Build with libudev support to support non-root users + (boo#1169006). +- Move findmnt and lsblk to util-linux-systemd, as they use libudev + (bsc#1169006#c10). + +- Do not require libeconf-devel on products without /usr/etc. + +- s/--enable-vendordir/--with-vendordir/ +- remove pam_securetty line again. As long as there is no agreement + from pam side having it would fail openQA (boo#1033626) + +- Update to version 2.36.1: + * chrt: use SCHED_FLAG_RESET_ON_FORK for sched_setattr() + * fallocate: fix --dig-holes at end of files + * fdisk: always report fdisk_create_disklabel() errors + * flock: keep -E exit status more restrictive + * fstrim: remove fstab condition from fstrim.timer + * hexdump: automatically use -C when called as hd + * hwclock: add fallback if SYS_settimeofday does not exist, fix + SYS_settimeofday fallback + * libblkid: allow a lot of mac partitions, fix Atari prober logic, + limit amount of parsed partitions + * more libfdisk improvements + * losetup: avoid infinite busy loop, increase limit of setup + attempts + * lsblk: fix -T optional argument, fix SCSI_IDENT_SERIAL, print + zero rather than empty SIZE, read ID_SCSI_IDENT_SERIAL if + available + * lscpu: Add FUJITSU aarch64 A64FX cpupart, Even more Arm part + numbers, avoid segfault on PowerPC systems with valid hardware + configurations (bsc#1175623) + * mount: Add support for "nosymfollow" mount option. + * pg: fix wcstombs() + * sfdisk: correct --json --dump false exclusive, fix backward + - -move-data + * vipw: fix short write handling in copyfile + * whereis: fix out of boundary read, support zst compressed man + pages + * minor code improvements and fixes + * minor licensing changes + * improve docs +- Require both group(uuidd) and user(uuidd). + +- Do search /usr/sbin for mount helpers. (This drops /sbin/fs, + /sbin/fs.d, which we do not use in openSUSE.) + +- prepare usrmerge (boo#1029961) -- Build with libudev support to support non-root users - (boo#1169006). +- Fix default permissions of wall and write. +- Update to version 2.36: + * blkdiscard(8) refuses to proceed if filesystem or RAID + signatures are found in interactive mode (executed on a + terminal). The option --force is required to the discard + data. + * new commands irqtop(1) and lsirq(1)to monitor kernel + interrupts. + * cal(1) provides a new --vertical command line option. + * blkzone(8) implements open/close/finish commands now. + * unshare(1) and nsenter(1) commands support the time namespace + now. + * agetty(8) now supports multiple paths in the option + - -issue-file. + * fdisk(8), sfdisk(8), cfdisk(8), mkswap(8) and wipefs(8) now + support block devices locking by flock(2), new command line + option --lock and $LOCK_BLOCK_DEVICE environmental variable. + * dmesg(1) new command line option --follow-new to wait and + print only new kernel messages. + * fdisk(8) new command line option --list-details and + - -noauto-pt. + * fdisk(8) and sfdisk(8) support user-friendly aliases for + partition types. + * fstrim(8) supports new command line option --listed-in. + * libfdisk provides API to relocate GPT backup header. New + command line option "sfdisk --relocate". + * mount(8) now supports mount by ID= tag. + * login(1) supports list of "message of the day". + * All tools which read /etc/login.defs is possible to compile + with libeconf now. + * more(1) has been refactored. + * man pages cleanup + * other fixes and improvements, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.36/v2.36-ReleaseNotes +- Refresh Add-documentation-on-blacklisted-modules-to-mount-8-.patch. +- Drop upstreamed libeconf.patch, + libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch. +- util-linux-login_defs-check.sh: Perform all steps to integrate + MOTD_FIRSTONLY. +- Update baselibs.conf. + +- Use plain #!/bin/sh for flushb + +- Include pam_securetty in login.pamd again (bsc#1033626) +- Update to 2.35.2 + * make glibc 2.31 compatible +- Dropped unneeded patch libfdisk-script-accept-sector-size.patch + +- Add patch to fix sfdisk not reading its own scripts: + * libfdisk-script-accept-sector-size.patch +- Use %autopatch + +- Fix verification of mount, su and umount (bsc#1166948) + +- Update to version 2.35.1: + * agetty: add --show-issue, support for /run/issue and + * fdisk: Correct handling of hybrid MBR, cleanup wipe warning, + use 'r' to return from MBR to GPT. + * lsblk: FSVER column, + drop e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch. + * lscpu: Add HiSilicon aarch64 tsv110 cpupart, add a new columns + to --cache. + * mount: add --target-prefix. + * mountpoint: add --nofollow option. + * script: add --echo, --log-in, --logging-format, --log-out and + - -log-timing. + * scriptlive: new command. + * scriptreplay: add --log-* options, --cr-mode, --stream, + - -summary, -T --log-timing. + * sfdisk: add progress bars. + * unshare: add --keep-caps and --map-current-user options. + * Many other fixes and improvements, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35.1-ReleaseNotes +- Refresh libeconf.patch. -- lscpu: avoid segfault on PowerPC systems with valid hardware - configurations - (bsc#1175623, bsc#1178554, bsc#1178825, - lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) +- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: + Avoid triggering autofs in lookup_umount_fs_by_statfs + (boo#1168389) -- Fix for SG#57988, bsc#1174942: - libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts - to CIFS with mount –a. +- libeconf.patch: fix a long int error on 32bit -- blockdev: Do not fail --report on kpartx-style partitions on - multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). +- libeconf.patch: Add support for libeconf +- Move /etc/pam.d/* to /usr/etc/pam.d +- Remove migration code for su from coreutils to util-linux, not + needed anymore -- nologin: Add support for -c to prevent error from su -c - (bsc#1151708, util-linux-nologin-su-c.patch). +- Do not recommend lang package. The lang package already has a + supplements. -- Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: - Avoid triggering autofs in lookup_umount_fs_by_statfs - (boo#1168389) +- lsblk: force to print PKNAME for partition with + e3bb9bfb76c17b1d05814436ced62c05c4011f48.patch -- mount: fall back to device node name if /dev/mapper link not found - (bsc#1149911) - * Add patch: util-linux-canonicalize-coverity-scan.patch +- Remove outdated buildignore for pwdutils, had no effect with + shadow anyways -- Fix comments and unify look of PAM files that were just changed - (login.pamd, remote.pamd). +- Fix comments and unify look of PAM files (login.pamd, + remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd). + +- Update to version 2.34: + * new command hardlink + * rewrite of lsblk, now supports --dedup + * support for FUSE in umount + * support for "--all -o remount" in mount + * su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH + over ENV_ROOTPATH (bsc#1121197), improved --pty + * unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd + * fstrim: do not suppress warnings unless --quiet is used + * lscpu: print 'Frequency boost' and 'Vulnerability' fields, add + - -caches + * logger: merge multiple MESSAGE= lines + * libblkid: do not depend on libuuid, supports DRBD9 detection + * libsmartcols: support N:M relationships in tree-like output + * fstrim and uuidd systemd services: hardening settings to + improve security and service isolation + * fstrim: trim root filesystem on --fstab, check for read-only + filesystems on --all and --fstab (boo#1106214). + * fstrim -A: properly de-duplicate sub-volumes (boo#1127701). + * Obsoletes util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch and + util-linux-login_defs-SYS_UID.patch. + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes +- Provide and obsolete hardlink package. +- util-linux-login_defs-check.sh: Update checksum, login now + supports LASTLOG_UID_MAX. -- De-duplicate fstrim -A properly (bsc#1127701, - util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, - util-linux-fstrim-A-4.patch). -- Do not trim read-only volumes - (boo#1106214, util-linux-fstrim-A-2.patch, - util-linux-fstrim-A-4.patch). - -- libmount: To prevent incorrect behavior, recognize more pseudofs - and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). - +- Use FAT LTO objects in order to provide proper static library (boo#1138795). + -- agetty: Return previous response of agetty for special characters - (bsc#1085196, bsc#1125886, - util-linux-agetty-smart-reload-13.patch, - util-linux-agetty-smart-reload-14.patch). +- Update to version 2.33.2 (bsc#1134337): + * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). + * mount: Fix "mount" output for net file systems (bsc#1122417). + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes +- Add virtual symbols for login.defs compatibility (bsc#1121197). +- Add login.defs safety check util-linux-login_defs-check.sh + (bsc#1121197). +- Drop bc BuildRequires: not needed. + +- libmount: remove jffs2 and ubifs from blacklist (jsc#SLE-4085). + - (jsc#SUSE-4085, fate#326832), and add documentation + (jsc#SLE-4085, fate#326832), and add documentation +- agetty: Fixes for reload issue only if it is really needed + (bsc#1085196, boo#1120298, + util-linux-agetty-smart-reload-10.patch, + util-linux-agetty-smart-reload-11.patch, + util-linux-agetty-smart-reload-12.patch). + -- Update to version 2.33 (FATE#326844): +- Update to version 2.33: +- Drop klogconsole in favor of dmesg --console-level plus + setlogcons (kbd) (boo#1116277). + +- Fix runstatedir path (to /run) (boo#1113188#c1). + +- Create empty /etc/issue.d for the new agetty feature. + +- Drop obsolete downstream ppc utilities + chrp-addnote and mkzimage_cmdline (boo#1109284). +- Drop obsolete setctsid (boo#1109290). + +- Update to version 2.32.1: - https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33-ReleaseNotes - util-linux-chcpu-cpu-count.patch, - util-linux-bash-completion-umount-CVE-2018-7738.patch). -- agetty: Fixes for reload issue only if it is really needed - (bsc#1085196, util-linux-agetty-smart-reload-10.patch, - util-linux-agetty-smart-reload-11.patch, - util-linux-agetty-smart-reload-12.patch). -- agetty BEHAVIOR CHANGE: Terminal switches to character mode when - entering logname; echo is generated by the agetty itself. - (In past, logname echo was generated locally by the terminal, - using the canonical line editing mode.) - -- Fix runstatedir path (to /run) (boo#1113188#c1). - -- Create empty /etc/issue.d for the new agetty feature. + util-linux-chcpu-cpu-count.patch). -- Fix local vulnerability using embeded shell commands in - a mountpoint name (bsc#1084300, CVE-2018-7738, - util-linux-bash-completion-umount-CVE-2018-7738.patch). - vm-install +- Fixes for PV PXE booting (jsc#SLE-11885) + Fix read of pxelinux.cfg/default after downloading + Accept PVOPS kernels as PV bootable kernels +- Version 0.10.11 + wpa_supplicant +- Add CVE-2021-0326.patch -- P2P group information processing vulnerability + (bsc#1181777) + - [https://w1.fi/security/2019-1/] (CVE-2019-9494) + [https://w1.fi/security/2019-1/] (CVE-2019-9494, bsc#1131868) - [https://w1.fi/security/2019-2/] (CVE-2019-9495) + [https://w1.fi/security/2019-2/] (CVE-2019-9495, bsc#1131870) - [https://w1.fi/security/2019-4/] (CVE-2019-9499) + [https://w1.fi/security/2019-4/] (CVE-2019-9497, CVE-2019-9498, + CVE-2019-9499, bsc#1131874, bsc#1131872, bsc#1131871, bsc#1131644) - [https://w1.fi/security/2019-5/] + [https://w1.fi/security/2019-5/] (CVE-2019-11555, bsc#1133640) + - SAE/EAP-pwd side-channel attack update + [https://w1.fi/security/2019-6/] (CVE-2019-13377, bsc#1144443) - [http://w1.fi/security/2015-5/] + [http://w1.fi/security/2015-5/] (CVE-2015-8041) -- added patch for bnc#930077 +- added patch for bnc#930077 CVE-2015-4141 -- added patch for bnc#930078 +- added patch for bnc#930078 CVE-2015-4142 -- added patches for bnc#930079 +- added patches for bnc#930079 CVE-2015-4143 xen +- Upstream bug fixes (bsc#1027519) + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch) + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + xfce4-taskmanager +- Update to version 1.4.2 + * Ellipsize memory and swap labels (gxo#apps/xfce4-taskmanager#32) + +- Update to version 1.4.1 + * Replace AC_PROG_LIBTOOL with IT_PROG_INTLTOOL + * Simplify "query-tooltip" signal handler + * statusbar: Use better color that works well with both light + and dark themes (gxo#apps/xfce4-taskmanager!17) + * Fix tooltip markdown issue + * Create notification area icon only if needed + (gxo#apps/xfce4-taskmanager#25) + -- specfile cleanup -- split off -lang subpackage - -- call %desktop_database_post/un - xfce4-whiskermenu-plugin +- Update to version 2.5.3 + * Fix invalid command expansion with Xfce 4.14 + (bxo#panel-plugins/xfce4-whiskermenu-plugin#39) + * Translation updates + yast2 +- Fixed bug introduced while adding auto wrapping (bsc#1179893) +- 4.3.55 + +- Use Auto Wrapping of long lines for Yast2::Popup and Yast::Report + (bsc#1179893) +- 4.3.54 + +- Do not use the 'installation-helper' binary to create snapshots + during installation or offline upgrade (bsc#1180142). +- Add a new exception to properly handle exceptions + when reading/writing snapshots numbers (related to bsc#1180142). +- 4.3.53 + +- Added supported migration "openSUSE Leap 15.3" -> SLES + (in 15.3 the product has been renamed from "openSUSE" to "Leap") + (bsc#1181773) +- 4.3.52 + yast2-add-on +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.8 + yast2-bootloader +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.22 + +- use shim for secure boot also on aarch64 (jsc#SLE-15020) +- 4.3.21 + yast2-configuration-management +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.5 + yast2-country +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893) +- 4.3.12 + yast2-firewall +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893) +- 4.3.10 + yast2-installation +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.26 + +- Do not crash when it is not possible to create a snapshot after + installing or upgrading the system (bsc#1180142). +- 4.3.25 + yast2-kdump +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.4 + yast2-network +- Added AutoYaST interfaces section errors reporting (bsc#1174353, + bsc#1178107). +- 4.3.49 + +- Improve the AutoYaST interfaces reader handling better the IP + Addresses configuration. (bsc#1174353, bsc#1178107) +- 4.3.48 + +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.47 + +- Allow to disable the proposal of the bridge network configuration + for virtualization in the installation summary or by the new + 'virt_bridge_proposal' AutoYaST option (bsc#1178603) +- 4.3.46 + +- Fix for not present interfaces when deciding whether + the "Scan Network" button should be disabled or not during a + wireless configuration (bsc#1177834). +- 4.3.45 + +- Cache the hardware netcards information in order to speed up the + access (bsc#1180702) +- 4.3.44 + +- Added lladdr attribute to the interface section in the networking + schema and honors it when importing the config (bsc#1179876) +- 4.3.43 + yast2-nfs-client +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.3 + yast2-nfs-server +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.2 + yast2-nis-client +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.6 + yast2-ntp-client +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.2 + yast2-packager +- Show correct number of downloaded packages in log (bsc#1180278) +- Fix crash when installation proposal require pattern and such + pattern is not available in any repository (found during testing + jsc#SLE-17427) +- 4.3.14 + +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.13 + yast2-pam +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.4 + yast2-samba-server +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.4 + yast2-schema +- Add the 'virt_bridge_proposal' element to the networking section + in order to permit to disable the proposal of the bridge network + configuration for virtualization (bsc#1178603). +- 4.3.18 + +- Add the 'lladdr' element to the networking interface section + (bsc#1179876). +- 4.3.17 + yast2-security +- Move SELinux .autorelabel file from / to /etc/selinux if root + filesystem will be mounted as read only (jsc#SLE-17307). +- 4.3.10 + +- jsc#SMO-20, jsc#SLE-17342: + - Add class for managing SELinux configuration. + - AutoYaST: add support for SELinux configuration. +- 4.3.9 + +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.8 + yast2-services-manager +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.6 + yast2-storage-ng +- Partitioner: ask for recursively unmounting affected devices when + deleting a device (bsc#1171310). +- 4.3.44 + +- Partitioner: in general, collapse branches of the tables only if + they contain Btrfs snapshots (related to bsc#1181464). +- 4.3.43 + +- Partitioner: stop offering LVM pools as possible base devices + for bcache devices and for multi-device btrfs (bsc#1170044). +- 4.3.42 + yast2-sysconfig +- Adapted unit test to recent changes in Yast::Report (related to + bsc#1179893). +- 4.3.3 + yast2-theme +- Use Poppins fonts instead of Raleway in all style files. +- Part of jsc#SLE-15714. +- 4.3.4 + +- Update branding (jsc#SLE-15714). +- 4.3.3 + +- Add icon for cinnamon pattern +- 4.3.2 + yast2-trans +- Update to version 84.87.20210219.c6a06209b7: + * New POT for text domain 'security'. + +- Update to version 84.87.20210212.15272017a9: + * New POT for text domain 'ncurses'. + * New POT for text domain 'base'. + * New POT for text domain 'update'. + * New POT for text domain 'installation'. + * New POT for text domain 'network'. + +- Update to version 84.87.20210205.68980f3ed7: + * New POT for text domain 'qt-pkg'. + * New POT for text domain 'qt'. + * New POT for text domain 'ncurses-pkg'. + * New POT for text domain 'wol'. + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'rmt'. + * New POT for text domain 'relocation-server'. + * New POT for text domain 'reipl'. + * New POT for text domain 'registration'. + * New POT for text domain 'rdp'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'multipath'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'iplb'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'geo-cluster'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'cluster'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'add-on'. + * Add empty po files for cc and cc-control + * product-check.sh: Add support for 000product and inherited products + * DOMAIN_MAP: Add system-role-common-criteria + * Automatic update of wol. + * Automatic update of vpn. + * Automatic update of users. + * Automatic update of update. + * Automatic update of tune. + * Automatic update of s390. + * Automatic update of sysconfig. + * Automatic update of support. + * Automatic update of sudo. + * Automatic update of storage. + * Automatic update of squid. + * Automatic update of sound. + * Automatic update of snapper. + * Automatic update of slp-server. + * Automatic update of services-manager. + * Automatic update of security. + * Automatic update of scanner. + * Automatic update of samba-server. + * Automatic update of samba-client. + * Automatic update of rmt. + * Automatic update of relocation-server. + * Automatic update of reipl. + * Automatic update of registration. + * Automatic update of rdp. + * Automatic update of proxy. + * Automatic update of printer. + * Automatic update of pam. + * Automatic update of packager. + * Automatic update of online-update. + * Automatic update of ntp-client. + * Automatic update of nis_server. + * Automatic update of nis. + * Automatic update of nfs_server. + * Automatic update of nfs. + * Automatic update of network. + * Automatic update of multipath. + * Automatic update of migration. + * Automatic update of mail. + * Automatic update of ldap-client. + * Automatic update of ldap. + * Automatic update of kdump. + * Automatic update of journalctl. + * Automatic update of isns. + * Automatic update of iscsi-lio-server. + * Automatic update of iscsi-client. + * Automatic update of iplb. + * Automatic update of instserver. + * Automatic update of installation. + * Automatic update of http-server. + * Automatic update of geo-cluster. + * Automatic update of ftp-server. + * Automatic update of firewall. + * Automatic update of fcoe-client. + * Automatic update of drbd. + * Automatic update of dns-server. + * Automatic update of dhcp-server. + * Automatic update of crowbar. + * Automatic update of country. + * Automatic update of control. + * Automatic update of cluster. + * Automatic update of bootloader. + * Automatic update of base. + * Automatic update of autoinst. + * Automatic update of auth-client. + * Automatic update of audit-laf. + * Automatic update of apparmor. + * Automatic update of add-on. + * New POT for text domain 'ncurses'. + * New POT for text domain 'autoinst'. + yast2-update +- Do not rely on the 'installation-helper' binary to create + snapshots after installation or offline upgrade (bsc#1180142). +- Do not crash when it is not possible to create a snapshot before + upgrading the system (related to bsc#1180142). +- 4.3.2 + yast2-x11 +- Added "active_window" for switching the current X window + (or restoring back the previously active window) + (jsc#PM-1895, jsc#SLE-16263) +- 4.3.0 + -- Add explicit COPYING file - yast2-ycp-ui-bindings +- Handle special keyboard shortcuts (jsc#PM-1895, jsc#SLE-16263) +- 4.3.9 + +- Adapted to libyui SO bump 14 -> 15 (bsc#1181653) +- 4.3.8 + zlib +- Add patch to fix compression level switching + bsc#1175811 bsc#1175830 bsc#1175831 + * zlib-compression-switching.patch + +- Set -DDFLTCC_LEVEL_MASK=0x7e on s390/s390x jsc#13776 + +- Permit a deflateParams() parameter change as soon as possible(bsc#1174736) + * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch + Fix DFLTCC not flushing EOBS when creating raw streams(bsc#1174551) + * bsc1174551-fxi-imcomplete-raw-streams.patch + +- Update 410.patch to contain latest fixes from IBM bsc#1166260 + * The build behaviour changed + +- Update the zlib-no-version-check.patch to be even more forgiving + with the versions on the zlib to allow updates without rebuilds + +- Add SUSE specific patch to fix bsc#1138793, we simply don't want + to test if the app was linked with exactly same version of zlib + like the one that is present on the runtime: + * zlib-no-version-check.patch + +- Update the s390 patchset bsc#1137624: + * 410.patch + +- Tweak zlib-power8-fate325307.patch to have type of crc32_vpmsum + conform to usage + bsc#1141059 + +- Use FAT LTO objects in order to provide proper static library. + +- Do not enable the previous patchset on s390 but just s390x + bsc#1137624 + +- Add patchset for s390 improvements jsc#SLE-5807 bsc#1136717: + * 410.patch + +- Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: + * zlib-power8-fate325307.patch + +- Add patch for fate#325307 zlib speedup on power8: + * zlib-power8-fate325307.patch + +- Add patch to safeguard against negative values in uInt bsc#1071321: + * 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch + +- Added 32bit minizip support + +- Add gpg signature +- Re-enable profiling + +- Add s390 performance patch (fate#314093): + * zlib-1.2.11-optimized-s390.patch + +- baselibs.conf: add missing dependencies + +- Update to version 1.2.11: + * Fix deflate stored bug when pulling last block from window + * Permit immediate deflateParams changes before any deflate input + +- Update to version 1.2.10: + * Avoid warnings on snprintf() return value + * Fix bug in deflate_stored() for zero-length input + * Fix bug in gzwrite.c that produced corrupt gzip files + * Remove files to be installed before copying them in Makefile.in + * Add warnings when compiling with assembler code + +- Update to version 1.2.9: + * Improve compress() and uncompress() to support large lengths + * Allow building zlib outside of the source directory + * Fix bug when level 0 used with Z_HUFFMAN or Z_RLE + * Fix bugs in creating a very large gzip header + * Add uncompress2() function, which returns the input size used + * Dramatically speed up deflation for level 0 (storing) + * Add gzfread() and gzfwrite(), duplicating the interfaces of fread() and fwrite() + * Add crc32_z() and adler32_z() functions with size_t lengths + * Many portability improvements +- Drop patches included in upstream: + * zlib-bnc1003577.patch + * zlib-bnc1003579-part2.patch + * zlib-bnc1003579.patch + * zlib-bnc1003580.patch + * zlib-bnc1013882.patch +- Drop zlib-1.2.7-improve-longest_match-performance.patch + * not accepted by upstream for two releases + * rebasing no longer possible + +- Include fixes for bnc#1003580 bnc#1003579 bnc#1003577 bnc#1013882: + * zlib-bnc1003577.patch + * zlib-bnc1003579-part2.patch + * zlib-bnc1003579.patch + * zlib-bnc1003580.patch refreshed + * zlib-bnc1013882.patch CVE-2016-9843 + +- Trim descriptions to fit target audience. Update RPM group + classification. + +- Require zlib-devel in zlib-devel-static to fix previous change + +- Bring back zlib-devel-static. Needed by binutils + +- Remove zlib-devel-static, nothing should use libz.a anyway. +- Package minizip library, everything using it should now pull + minizip-devel and unbundle it bnc#935864 + zypper +- doc: give more details about creating versioned package locks + (bsc#1181622) +- man: Document synonymously used patch categories (bsc#1179847) +- version 1.14.43 +