Packages changed: autoyast2 (4.0.66 -> 4.0.68) festival flatpak (1.0.3 -> 1.0.5) giflib gjs (1.54.2 -> 1.54.3) gnome-shell (3.30.1 -> 3.30.2) gsettings-desktop-schemas gtk3 gupnp-av (0.12.10 -> 0.12.11) iptables (1.8.1 -> 1.8.2) kernel-source (4.19.1 -> 4.19.2) libgit2-glib (0.26.4 -> 0.27.7) libical libjpeg-turbo (2.0.0 -> 2.0.1) libostree (2018.8 -> 2018.9) librsvg (2.44.6 -> 2.44.9) libwpd mailx mutter (3.30.1 -> 3.30.2) ovmf (2018+git1538590187.c0b1f749ef13 -> 2018+git1542164568.85588389222a) plymouth (0.9.4+git20181105.f898586 -> 0.9.4+git20181111.118c5ca) python-paramiko schily (2018.08.24 -> 2018.10.30) tomcat (9.0.12 -> 9.0.13) webkit2gtk3 yast2-country (4.1.1 -> 4.1.4) yast2-network (4.1.15 -> 4.1.17) yast2-ntp-client (4.1.3 -> 4.1.5) yast2-storage-ng (4.1.31 -> 4.1.35) === Details === ==== autoyast2 ==== Version update (4.0.66 -> 4.0.68) Subpackages: autoyast2-installation - Fallback to English when using fbiterm on those languages which are not properly supported (fate#325746). - 4.0.68 - Removed unneeded flag network_needed in script section. (bsc#1094822) - 4.0.67 ==== festival ==== - Removed sysvinit support according to the boo#1116010. * Added systemd unit file * Moved rcfestival to /usr/lib/festival/server ==== flatpak ==== Version update (1.0.3 -> 1.0.5) Subpackages: libflatpak0 typelib-1_0-Flatpak-1_0 - Make polkit_rules_usability.patch effective by adding a 60- prefix to the rules file. This will cause it to be executed before the polkit-default-privs are executed (bsc#984817). - Update to version 1.0.5: + Make the /etc -> /usr/etc bind-mounts read-only. + Make various app-specific configuration files read-only. + flatpak is more picky about remote names to avoid problems with storing weird names in the ostree config. + A segfault in libflatpak handling of bundles was fixed. + Updated translations + Fixed a regression in flatpak run that caused problems running user-installed apps when the system installation was broken. + Implicity grant MPRIS2 permissions - Changes from version 1.0.4: + Flatpak 0.99.1 removed the inheritance of permissions from the runtime due to concerns with dynamic app permissions. Due to popular requests, this version re-introduces such inheritance, but does it instead at build time. This solved the issues with dynamic permissions while still allowing runtimes to have default permissions. Apps can disable this by passing - -no-inherit-permissions to build-finish. + The sandbox now always includes a /etc/timezone file, following the (old) debian standard for this. This is needed, because the more modern way of exposing the timezone name by having /etc/localtime be a symlink into /usr/share/zoneinfo doesn't work when exposing the host timezone. + All apps now have automatic permissions to own their own app id as a subname of org.mpris.MediaPlayer2. + We now properly re-load remote state in FlatpakTransaction if the metadata was updated for the remote. + The signature of the FlatpakTransaction::operation-done signal was wrong in the header and has now been corrected to the signature that is actually emitted. + A crash was fixed when reading invalid .flatpakref files. + A crash during updates when a local ref was unexpectedly missing was fixed. + An error case on uninstalling was incorrectly returning success even thought there was an error. + flatpak_installation_modify_remote did not correctly save the nodeps state. + flatpak_installation_load_app_overrides() was improperly returning freed memory. + The tarball now ships with an icon (flatpak.png). ==== giflib ==== - Remove unused build requires on X libraries - Use %license ==== gjs ==== Version update (1.54.2 -> 1.54.3) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.54.3: + object: Fix write-only properties. + SIGSEGV when exiting gnome-shell. + SelectionData.get_targets crashes with "Unable to resize vector". + Gnome-shell crashes on destroying cached param specs. + GType memleak fixes. + Fix build with --enable-dtrace and create CI job to ensure it doesn't break in the future. ==== gnome-shell ==== Version update (3.30.1 -> 3.30.2) Subpackages: gnome-shell-browser-plugin gnome-shell-calendar gnome-shell-lang - Update to version 3.30.2: + popupMenu: Fix keyboard activation when numlock is active. + Do not block all shortcuts while app folders are expanded. + Fix regression in handling new input sources. + Improve performance of app icon animations. + Respect natural-scroll setting for workspace swipe gesture. + notifications: Support icon theme names in 'image-path' hint. + Confine window preview titles to workspace area. + Misc. bug fixes. + Updated translations. - Add gnome-shell-fate324570-Make-GDM-background-image-configurable.patch: + Add a background for this_lockDialogGroup to make login/lock background configurable + This patch requires a patch in gsettings-desktop-schemas gsettings-desktop-schemas-fate324570-Add-key-for-GDM-background- configuration.patch + You can change the background via gsettings, and the schema id is "org.gnome.desktop.background.lockdialog" + The default theme is the same as upstream's, you can configure the the background in a branding package just like how GNOME Shell's wallpaper was changed (fate#324570, glgo#GNOME/gnome-shell#680). ==== gsettings-desktop-schemas ==== Subpackages: gsettings-desktop-schemas-lang - Add gsettings-desktop-schemas-fate324570-Add-key-for-GDM-background-configuration.patch: + Add settings for org.gnome.desktop.background.lockdialog This key is for the background of lockDialogGroup which makes login and lock background configurable. The default behavior will be retained to what it is currently. + This patch is required by a patch in GNOME Shell gnome-shell-fate324570-Make-GDM-background-image-configurable.patch (fate#324570, glgo#GNOME/gnome-shell#680). ==== gtk3 ==== Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Add gtk3-atk-table-cell.patch: add support for AtkTableCell (fate#326548 glgo#GNOME/gtk!411). ==== gupnp-av ==== Version update (0.12.10 -> 0.12.11) Subpackages: libgupnp-av-1_0-2 - Update to version 0.12.11: + Fix memory leak in GUPnPAVXMLDoc. + Fix parsing of storageUsed. + Fix name clash of internal XML utility functions. + Fix multiple compiler warnings with recent GCC. + Remove deprecated g_type_class_add_private. + Bugs fixed: bgo#770174, bgo#778396, bgo#784511. ==== iptables ==== Version update (1.8.1 -> 1.8.2) Subpackages: libiptc0 libxtables12 xtables-plugins - Update to new upstream release 1.8.2 * Fix incorrect handling of various targets and options in iptables-nft,ebtables-nft,arptables-nft. ==== kernel-source ==== Version update (4.19.1 -> 4.19.2) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Linux 4.19.2 (bnc#1012628). - bpf: fix partial copy of map_ptr when dst is scalar (bnc#1012628). - MIPS: VDSO: Reduce VDSO_RANDOMIZE_SIZE to 64MB for 64bit (bnc#1012628). - gpio: mxs: Get rid of external API call (bnc#1012628). - mtd: rawnand: marvell: fix the IRQ handler complete() condition (bnc#1012628). - mtd: maps: gpio-addr-flash: Fix ioremapped size (bnc#1012628). - mtd: spi-nor: fsl-quadspi: fix read error for flash size larger than 16MB (bnc#1012628). - mtd: spi-nor: intel-spi: Add support for Intel Ice Lake SPI serial flash (bnc#1012628). - mtd: spi-nor: fsl-quadspi: Don't let -EINVAL on the bus (bnc#1012628). - spi: spi-mem: Adjust op len based on message/transfer size limitations (bnc#1012628). - spi: bcm-qspi: switch back to reading flash using smaller chunks (bnc#1012628). - spi: bcm-qspi: fix calculation of address length (bnc#1012628). - bcache: trace missed reading by cache_missed (bnc#1012628). - bcache: fix ioctl in flash device (bnc#1012628). - bcache: correct dirty data statistics (bnc#1012628). - bcache: fix miss key refill->end in writeback (bnc#1012628). - hwmon: (pmbus) Fix page count auto-detection (bnc#1012628). - jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012628). - block: setup bounce bio_sets properly (bnc#1012628). - block: make sure discard bio is aligned with logical block size (bnc#1012628). - block: make sure writesame bio is aligned with logical block size (bnc#1012628). - cpufreq: conservative: Take limits changes into account properly (bnc#1012628). - dma-mapping: fix panic caused by passing empty cma command line argument (bnc#1012628). - pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012628). - ACPI / OSL: Use 'jiffies' as the time bassis for acpi_os_get_timer() (bnc#1012628). - ACPICA: AML interpreter: add region addresses in global list during initialization (bnc#1012628). - ACPICA: AML Parser: fix parse loop to correctly skip erroneous extended opcodes (bnc#1012628). - acpi, nfit: Fix Address Range Scrub completion tracking (bnc#1012628). - kprobes/x86: Use preempt_enable() in optimized_callback() (bnc#1012628). - ipmi: Fix timer race with module unload (bnc#1012628). - mailbox: PCC: handle parse error (bnc#1012628). - parisc: Fix address in HPMC IVA (bnc#1012628). - parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012628). - parisc: Fix exported address of os_hpmc handler (bnc#1012628). - ALSA: hda - Add quirk for ASUS G751 laptop (bnc#1012628). - ALSA: hda - Fix headphone pin config for ASUS G751 (bnc#1012628). - ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bnc#1012628). - ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012628). - ALSA: hda: Add 2 more models to the power_save blacklist (bnc#1012628). - ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012628). - ALSA: hda - Fix incorrect clearance of thinkpad_acpi hooks (bnc#1012628). - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bnc#1012628). - x86/xen: Fix boot loader version reported for PVH guests (bnc#1012628). - x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012628). - x86/kvm/nVMX: allow bare VMXON state migration (bnc#1012628). - x86/mm/pat: Disable preemption around __flush_tlb_all() (bnc#1012628). - x86/numa_emulation: Fix uniform-split numa emulation (bnc#1012628). - ARM: dts: exynos: Disable pull control for MAX8997 interrupts on Origen (bnc#1012628). - net: socionext: Reset tx queue in ndo_stop (bnc#1012628). - net: loopback: clear skb->tstamp before netif_rx() (bnc#1012628). - locking/lockdep: Fix debug_locks off performance problem (bnc#1012628). - netfilter: xt_nat: fix DNAT target for shifted portmap ranges (bnc#1012628). - ataflop: fix error handling during setup (bnc#1012628). - swim: fix cleanup on setup error (bnc#1012628). - arm64: cpufeature: ctr: Fix cpu capability check for late CPUs (bnc#1012628). - hv_netvsc: fix vf serial matching with pci slot info (bnc#1012628). - nfp: devlink port split support for 1x100G CXP NIC (bnc#1012628). - tun: Consistently configure generic netdev params via rtnetlink (bnc#1012628). - s390/sthyi: Fix machine name validity indication (bnc#1012628). - hwmon: (pwm-fan) Set fan speed to 0 on suspend (bnc#1012628). - lightnvm: pblk: fix race on sysfs line state (bnc#1012628). - lightnvm: pblk: fix two sleep-in-atomic-context bugs (bnc#1012628). - lightnvm: pblk: fix race condition on metadata I/O (bnc#1012628). - spi: spi-ep93xx: Use dma_data_direction for ep93xx_spi_dma_{finish,prepare} (bnc#1012628). - perf tools: Free temporary 'sys' string in read_event_files() (bnc#1012628). - perf tools: Cleanup trace-event-info 'tdata' leak (bnc#1012628). - perf tools: Free 'printk' string in parse_ftrace_printk() (bnc#1012628). - perf strbuf: Match va_{add,copy} with va_end (bnc#1012628). - cpupower: Fix coredump on VMWare (bnc#1012628). - bcache: Populate writeback_rate_minimum attribute (bnc#1012628). - mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012628). - sdhci: acpi: add free_slot callback (bnc#1012628). - mtd: rawnand: denali: set SPARE_AREA_SKIP_BYTES register to 8 if unset (bnc#1012628). - iwlwifi: pcie: avoid empty free RB queue (bnc#1012628). - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bnc#1012628). - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bnc#1012628). - x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC (bnc#1012628). - wlcore: Fix BUG with clear completion on timeout (bnc#1012628). - ACPI/PPTT: Handle architecturally unknown cache types (bnc#1012628). - ACPI / PM: LPIT: Register sysfs attributes based on FADT (bnc#1012628). - ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bnc#1012628). - cpufreq: dt: Try freeing static OPPs only if we have added them (bnc#1012628). - x86/intel_rdt: Show missing resctrl mount options (bnc#1012628). - mtd: rawnand: atmel: Fix potential NULL pointer dereference (bnc#1012628). - nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bnc#1012628). - ath10k: fix tx status flag setting for management frames (bnc#1012628). - signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack (bnc#1012628). - ice: fix changing of ring descriptor size (ethtool -G) (bnc#1012628). - ice: update fw version check logic (bnc#1012628). - net: hns3: Fix for packet buffer setting bug (bnc#1012628). - Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012628). - Bluetooth: hci_qca: Remove hdev dereference in qca_close() (bnc#1012628). - efi/x86: Call efi_parse_options() from efi_main() (bnc#1012628). - x86: boot: Fix EFI stub alignment (bnc#1012628). - net: hns3: Add nic state check before calling netif_tx_wake_queue (bnc#1012628). - net: hns3: Fix ets validate issue (bnc#1012628). - pinctrl: sunxi: fix 'pctrl->functions' allocation in sunxi_pinctrl_build_state (bnc#1012628). - pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012628). - brcmfmac: fix for proper support of 160MHz bandwidth (bnc#1012628). - net: hns3: Check hdev state when getting link status (bnc#1012628). - net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bnc#1012628). - net: phy: phylink: ensure the carrier is off when starting phylink (bnc#1012628). - block, bfq: correctly charge and reset entity service in all cases (bnc#1012628). - arm64: entry: Allow handling of undefined instructions from EL1 (bnc#1012628). - kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012628). - spi: gpio: No MISO does not imply no RX (bnc#1012628). - ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012628). - pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012628). - bpf/verifier: fix verifier instability (bnc#1012628). - failover: Add missing check to validate 'slave_dev' in net_failover_slave_unregister (bnc#1012628). - perf tests: Fix record+probe_libc_inet_pton.sh without ping's debuginfo (bnc#1012628). - pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012628). - pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012628). - net: hns3: Preserve vlan 0 in hardware table (bnc#1012628). - net: hns3: Fix ping exited problem when doing lp selftest (bnc#1012628). - net: hns3: Fix for vf vlan delete failed problem (bnc#1012628). - net: dsa: mv88e6xxx: Fix writing to a PHY page (bnc#1012628). - mt76x2u: run device cleanup routine if resume fails (bnc#1012628). - rsi: fix memory alignment issue in ARM32 platforms (bnc#1012628). - libertas_tf: prevent underflow in process_cmdrequest() (bnc#1012628). - iwlwifi: mvm: fix BAR seq ctrl reporting (bnc#1012628). - gpio: brcmstb: allow 0 width GPIO banks (bnc#1012628). - ixgbe: disallow IPsec Tx offload when in SR-IOV mode (bnc#1012628). - ixgbevf: VF2VF TCP RSS (bnc#1012628). - wil6210: fix RX buffers release and unmap (bnc#1012628). - ath10k: schedule hardware restart if WMI command times out (bnc#1012628). - libata: Apply NOLPM quirk for SAMSUNG MZ7TD256HAFV-000L9 (bnc#1012628). - thermal: rcar_thermal: Prevent doing work after unbind (bnc#1012628). - thermal: da9062/61: Prevent hardware access during system suspend (bnc#1012628). - cifs: fix a credits leak for compund commands (bnc#1012628). - cgroup, netclassid: add a preemption point to write_classid (bnc#1012628). - net: stmmac: dwmac-sun8i: fix OF child-node lookup (bnc#1012628). - f2fs: fix to account IO correctly for cgroup writeback (bnc#1012628). - MD: Memory leak when flush bio size is zero (bnc#1012628). - md: fix memleak for mempool (bnc#1012628). - of: Add missing exports of node name compare functions (bnc#1012628). - scsi: esp_scsi: Track residual for PIO transfers (bnc#1012628). - scsi: ufs: Schedule clk gating work on correct queue (bnc#1012628). - UAPI: ndctl: Fix g++-unsupported initialisation in headers (bnc#1012628). - KVM: nVMX: Clear reserved bits of #DB exit qualification (bnc#1012628). - scsi: megaraid_sas: fix a missing-check bug (bnc#1012628). - RDMA/core: Do not expose unsupported counters (bnc#1012628). - RDMA/cm: Respect returned status of cm_init_av_by_path (bnc#1012628). - IB/ipoib: Clear IPCB before icmp_send (bnc#1012628). - RDMA/bnxt_re: Avoid accessing nq->bar_reg_iomem in failure case (bnc#1012628). - RDMA/bnxt_re: Fix recursive lock warning in debug kernel (bnc#1012628). - usb: host: ohci-at91: fix request of irq for optional gpio (bnc#1012628). - PCI: mediatek: Fix mtk_pcie_find_port() endpoint/port matching logic (bnc#1012628). - PCI: cadence: Use AXI region 0 to signal interrupts from EP (bnc#1012628). - usb: typec: tcpm: Report back negotiated PPS voltage and current (bnc#1012628). - tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012628). - f2fs: clear PageError on the read path (bnc#1012628). - Drivers: hv: vmbus: Use cpumask_var_t for on-stack cpu mask (bnc#1012628). - VMCI: Resource wildcard match fixed (bnc#1012628). - PCI / ACPI: Enable wake automatically for power managed bridges (bnc#1012628). - xprtrdma: Reset credit grant properly after a disconnect (bnc#1012628). - irqchip/pdc: Setup all edge interrupts as rising edge at GIC (bnc#1012628). - usb: dwc2: fix call to vbus supply exit routine, call it unlocked (bnc#1012628). - usb: dwc2: fix a race with external vbus supply (bnc#1012628). - usb: gadget: udc: atmel: handle at91sam9rl PMC (bnc#1012628). - ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012628). - MD: fix invalid stored role for a disk (bnc#1012628). - PCI: cadence: Correct probe behaviour when failing to get PHY (bnc#1012628). - nvmem: check the return value of nvmem_add_cells() (bnc#1012628). - xhci: Avoid USB autosuspend when resuming USB2 ports (bnc#1012628). - scsi: qla2xxx: Fix recursive mailbox timeout (bnc#1012628). - f2fs: fix to recover inode's crtime during POR (bnc#1012628). - f2fs: fix to recover inode's i_flags during POR (bnc#1012628). - PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bnc#1012628). - coresight: etb10: Fix handling of perf mode (bnc#1012628). - PCI: dwc: pci-dra7xx: Enable errata i870 for both EP and RC mode (bnc#1012628). - crypto: caam - fix implicit casts in endianness helpers (bnc#1012628). - usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012628). - Smack: ptrace capability use fixes (bnc#1012628). - driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012628). - ASoC: AMD: Fix capture unstable in beginning for some runs (bnc#1012628). - firmware: coreboot: Unmap ioregion after device population (bnc#1012628). - IB/ipoib: Use dev_port to expose network interface port numbers (bnc#1012628). - IB/mlx5: Allow transition of DCI QP to reset (bnc#1012628). - uio: ensure class is registered before devices (bnc#1012628). - scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012628). - scsi: lpfc: Correct race with abort on completion path (bnc#1012628). - f2fs: avoid sleeping under spin_lock (bnc#1012628). - f2fs: report error if quota off error during umount (bnc#1012628). - signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (bnc#1012628). - f2fs: fix to flush all dirty inodes recovered in readonly fs (bnc#1012628). - mfd: menelaus: Fix possible race condition and leak (bnc#1012628). - dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012628). - IB/rxe: fix for duplicate request processing and ack psns (bnc#1012628). - ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012628). - cpupower: Fix AMD Family 0x17 msr_pstate size (bnc#1012628). - Revert "f2fs: fix to clear PG_checked flag in set_page_dirty()" (bnc#1012628). - f2fs: fix missing up_read (bnc#1012628). - f2fs: fix to recover cold bit of inode block during POR (bnc#1012628). - f2fs: fix to account IO correctly (bnc#1012628). - OPP: Free OPP table properly on performance state irregularities (bnc#1012628). - ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings (bnc#1012628). - ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250 (bnc#1012628). - xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012628). - tpm: Restore functionality to xen vtpm driver (bnc#1012628). - xen/blkfront: avoid NULL blkfront_info dereference on device removal (bnc#1012628). - xen/balloon: Support xend-based toolstack (bnc#1012628). - xen: fix race in xen_qlock_wait() (bnc#1012628). - xen: make xen_qlock_wait() nestable (bnc#1012628). - xen/pvh: increase early stack size (bnc#1012628). - xen/pvh: don't try to unplug emulated devices (bnc#1012628). - libertas: don't set URB_ZERO_PACKET on IN USB transfer (bnc#1012628). - usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bnc#1012628). - usb: typec: tcpm: Fix APDO PPS order checking to be based on voltage (bnc#1012628). - usb: gadget: udc: renesas_usb3: Fix b-device mode for "workaround" (bnc#1012628). - mt76: mt76x2: fix multi-interface beacon configuration (bnc#1012628). - iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bnc#1012628). - net/ipv4: defensive cipso option parsing (bnc#1012628). - dmaengine: ppc4xx: fix off-by-one build failure (bnc#1012628). - scsi: sched/wait: Add wait_event_lock_irq_timeout for TASK_UNINTERRUPTIBLE usage (bnc#1012628). - scsi: target: Fix target_wait_for_sess_cmds breakage with active signals (bnc#1012628). - libnvdimm: Hold reference on parent while scheduling async init (bnc#1012628). - libnvdimm, region: Fail badblocks listing for inactive regions (bnc#1012628). - libnvdimm, pmem: Fix badblocks population for 'raw' namespaces (bnc#1012628). - ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bnc#1012628). - ASoC: sta32x: set ->component pointer in private struct (bnc#1012628). - IB/mlx5: Fix MR cache initialization (bnc#1012628). - IB/rxe: Revise the ib_wr_opcode enum (bnc#1012628). - jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012628). - gfs2_meta: ->mount() can get NULL dev_name (bnc#1012628). - ext4: fix EXT4_IOC_SWAP_BOOT (bnc#1012628). - ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012628). - ext4: fix setattr project check in fssetxattr ioctl (bnc#1012628). - ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bnc#1012628). - ext4: fix use-after-free race in ext4_remount()'s error path (bnc#1012628). - selinux: fix mounting of cgroup2 under older policies (bnc#1012628). - HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452 (bnc#1012628). - HID: hiddev: fix potential Spectre v1 (bnc#1012628). - EDAC, amd64: Add Family 17h, models 10h-2fh support (bnc#1012628). - EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bnc#1012628). - EDAC, skx_edac: Fix logical channel intermediate decoding (bnc#1012628). - ARM: dts: dra7: Fix up unaligned access setting for PCIe EP (bnc#1012628). - PCI/ASPM: Fix link_state teardown on device removal (bnc#1012628). - PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk (bnc#1012628). - signal/GenWQE: Fix sending of SIGKILL (bnc#1012628). - signal: Guard against negative signal numbers in copy_siginfo_from_user32 (bnc#1012628). - crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012628). - crypto: tcrypt - fix ghash-generic speed test (bnc#1012628). - crypto: aesni - don't use GFP_ATOMIC allocation if the request doesn't cross a page in gcm (bnc#1012628). - crypto: morus/generic - fix for big endian systems (bnc#1012628). - crypto: aegis/generic - fix for big endian systems (bnc#1012628). - crypto: speck - remove Speck (bnc#1012628). - mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() (bnc#1012628). - userfaultfd: disable irqs when taking the waitqueue lock (bnc#1012628). - ima: fix showing large 'violations' or 'runtime_measurements_count' (bnc#1012628). - ima: open a new file instance if no read permissions (bnc#1012628). - hugetlbfs: dirty pages as they are added to pagecache (bnc#1012628). - mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly (bnc#1012628). - mm/hmm: fix race between hmm_mirror_unregister() and mmu_notifier callback (bnc#1012628). - KVM: arm/arm64: Ensure only THP is candidate for adjustment (bnc#1012628). - KVM: arm64: Fix caching of host MDCR_EL2 value (bnc#1012628). - kbuild: fix kernel/bounds.c 'W=1' warning (bnc#1012628). - iio: ad5064: Fix regulator handling (bnc#1012628). - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bnc#1012628). - iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012628). - iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012628). - w1: omap-hdq: fix missing bus unregister at removal (bnc#1012628). - smb3: allow stats which track session and share reconnects to be reset (bnc#1012628). - smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012628). - smb3: on kerberos mount if server doesn't specify auth type use krb5 (bnc#1012628). - printk: Fix panic caused by passing log_buf_len to command line (bnc#1012628). - genirq: Fix race on spurious interrupt detection (bnc#1012628). - tpm: fix response size validation in tpm_get_random() (bnc#1012628). - NFC: nfcmrvl_uart: fix OF child-node lookup (bnc#1012628). - NFSv4.1: Fix the r/wsize checking (bnc#1012628). - nfs: Fix a missed page unlock after pg_doio() (bnc#1012628). - nfsd: correctly decrement odstate refcount in error path (bnc#1012628). - nfsd: Fix an Oops in free_session() (bnc#1012628). - lockd: fix access beyond unterminated strings in prints (bnc#1012628). - dm ioctl: harden copy_params()'s copy_from_user() from malicious users (bnc#1012628). - dm zoned: fix metadata block ref counting (bnc#1012628). - dm zoned: fix various dmz_get_mblock() issues (bnc#1012628). - media: ov7670: make "xclk" clock optional (bnc#1012628). - fsnotify: Fix busy inodes during unmount (bnc#1012628). - powerpc64/module elfv1: Set opd addresses after module relocation (bnc#1012628). - powerpc/msi: Fix compile error on mpc83xx (bnc#1012628). - powerpc/tm: Fix HFSCR bit for no suspend case (bnc#1012628). - powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bnc#1012628). - MIPS: OCTEON: fix out of bounds array access on CN68XX (bnc#1012628). - rtc: ds1307: fix ds1339 wakealarm support (bnc#1012628). - rtc: cmos: Fix non-ACPI undefined reference to `hpet_rtc_interrupt' (bnc#1012628). - rtc: cmos: Remove the `use_acpi_alarm' module parameter for !ACPI (bnc#1012628). - power: supply: twl4030-charger: fix OF sibling-node lookup (bnc#1012628). - ocxl: Fix access to the AFU Descriptor Data (bnc#1012628). - iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bnc#1012628). - TC: Set DMA masks for devices (bnc#1012628). - net: bcmgenet: fix OF child-node lookup (bnc#1012628). - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bnc#1012628). - Revert "media: dvbsky: use just one mutex for serializing device R/W ops" (bnc#1012628). - kgdboc: Passing ekgdboc to command line causes panic (bnc#1012628). - remoteproc: qcom: q6v5: Propagate EPROBE_DEFER (bnc#1012628). - media: cec: make cec_get_edid_spa_location() an inline function (bnc#1012628). - media: cec: integrate cec_validate_phys_addr() in cec-api.c (bnc#1012628). - xen: fix xen_qlock_wait() (bnc#1012628). - xen: remove size limit of privcmd-buf mapping interface (bnc#1012628). - xen-blkfront: fix kernel panic with negotiate_mq error path (bnc#1012628). - media: cec: add new tx/rx status bits to detect aborts/timeouts (bnc#1012628). - media: cec: fix the Signal Free Time calculation (bnc#1012628). - media: cec: forgot to cancel delayed work (bnc#1012628). - media: em28xx: use a default format if TRY_FMT fails (bnc#1012628). - media: tvp5150: avoid going past array on v4l2_querymenu() (bnc#1012628). - media: em28xx: fix input name for Terratec AV 350 (bnc#1012628). - media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012628). - media: em28xx: fix handler for vidioc_s_input() (bnc#1012628). - media: adv7604: when the EDID is cleared, unconfigure CEC as well (bnc#1012628). - media: adv7842: when the EDID is cleared, unconfigure CEC as well (bnc#1012628). - drm/mediatek: fix OF sibling-node lookup (bnc#1012628). - media: media colorspaces*.rst: rename AdobeRGB to opRGB (bnc#1012628). - media: replace ADOBERGB by OPRGB (bnc#1012628). - media: hdmi.h: rename ADOBE_RGB to OPRGB and ADOBE_YCC to OPYCC (bnc#1012628). - arm64: lse: remove -fcall-used-x0 flag (bnc#1012628). - rpmsg: smd: fix memory leak on channel create (bnc#1012628). - Cramfs: fix abad comparison when wrap-arounds occur (bnc#1012628). - ARM: dts: socfpga: Fix SDRAM node address for Arria10 (bnc#1012628). - arm64: dts: stratix10: Correct System Manager register size (bnc#1012628). - soc: qcom: rmtfs-mem: Validate that scm is available (bnc#1012628). - soc/tegra: pmc: Fix child-node lookup (bnc#1012628). - selftests/ftrace: Fix synthetic event test to delete event correctly (bnc#1012628). - selftests/powerpc: Fix ptrace tm failure (bnc#1012628). - tracing: Return -ENOENT if there is no target synthetic event (bnc#1012628). - btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled (bnc#1012628). - btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012628). - btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012628). - btrfs: fix error handling in free_log_tree (bnc#1012628). - btrfs: fix error handling in btrfs_dev_replace_start (bnc#1012628). - btrfs: Enhance btrfs_trim_fs function to handle error better (bnc#1012628). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bnc#1012628). - btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012628). - btrfs: don't attempt to trim devices that don't support it (bnc#1012628). - btrfs: keep trim from interfering with transaction commits (bnc#1012628). - btrfs: wait on caching when putting the bg cache (bnc#1012628). - Btrfs: don't clean dirty pages during buffered writes (bnc#1012628). - btrfs: release metadata before running delayed refs (bnc#1012628). - btrfs: protect space cache inode alloc with GFP_NOFS (bnc#1012628). - btrfs: reset max_extent_size on clear in a bitmap (bnc#1012628). - btrfs: make sure we create all new block groups (bnc#1012628). - Btrfs: fix warning when replaying log after fsync of a tmpfile (bnc#1012628). - Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012628). - btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012628). - Btrfs: fix null pointer dereference on compressed write path error (bnc#1012628). - Btrfs: fix assertion on fsync of regular file when using no-holes feature (bnc#1012628). - Btrfs: fix deadlock when writing out free space caches (bnc#1012628). - btrfs: reset max_extent_size properly (bnc#1012628). - btrfs: set max_extent_size properly (bnc#1012628). - btrfs: don't use ctl->free_space for max_extent_size (bnc#1012628). - btrfs: only free reserved extent if we didn't insert it (bnc#1012628). - btrfs: fix insert_reserved error handling (bnc#1012628). - btrfs: don't run delayed_iputs in commit (bnc#1012628). - btrfs: move the dio_sem higher up the callchain (bnc#1012628). - Btrfs: fix use-after-free during inode eviction (bnc#1012628). - Btrfs: fix use-after-free when dumping free space (bnc#1012628). - net: sched: Remove TCA_OPTIONS from policy (bnc#1012628). - userns: also map extents in the reverse map to kernel IDs (bnc#1012628). - bpf: wait for running BPF programs when updating map-in-map (bnc#1012628). - vga_switcheroo: Fix missing gpu_bound call at audio client registration (bnc#1012628). - MD: fix invalid stored role for a disk - try2 (bnc#1012628). - Refresh patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. - commit 8adee6e ==== libgit2-glib ==== Version update (0.26.4 -> 0.27.7) - Update to version 0.27.7 + pkg-config pc file generation fixed + Fix cached hunks - Remove libgit2-glib-libgit2-0.27.0.patch: Version 0.27.7 added support for libgit2 0.27.0 ==== libical ==== - Add patches 0001-vcc.y-factor-out-hexdigit-conversion.patch, 0002-vcc.y-fix-infinite-loop-with-lower-case-hex-digits.patch, 0003-vcc.y-fix-infinite-loop-with-non-hex-digits.patch, 0004-vobject.c-vCard-Unicode-reading-support.patch, 0005-vcc.y-do-not-ignore-field-separator-in-QUOTED-PRINTA.patch to support Unicode in VCF (and fix infinite loops). [https://github.com/libical/libical/pull/354 ] ==== libjpeg-turbo ==== Version update (2.0.0 -> 2.0.1) Subpackages: libjpeg8 libjpeg8-32bit libturbojpeg0 - update to version 2.0.1: * jsimd_quantize_float_dspr2() and jsimd_convsamp_float_dspr2() functions in the MIPS DSPr2 SIMD extensions are now disabled at compile time if the soft float ABI is enabled * Fixed a regression in the SIMD feature detection code, introduced by the AVX2 SIMD extensions * Fixed out-of-bounds read in cjpeg that occurred when attempting to compress a specially-crafted malformed color-index (8-bit-per-sample) Targa file ==== libostree ==== Version update (2018.8 -> 2018.9) Subpackages: libostree-1-1 - Update to version 2018.9: + New features: * Allow disabling pulling from LAN/USB/Internet * lib/repo: Add an API to get min-free-space-* reserved bytes * OstreeMutableTree: add _remove method * repo: Add a checkout option to not hardlink zero-sized files + Bugfixes (apart from regular memory leaks fixes): * finalize-staged: Bump timeout to 5 minutes * deploy: Fix removing /var/.updated with separate /var mount * src/ostree: Don't delete refs having aliases + One notable change in this release is the initrd service ostree-prepare-root.service now runs earlier in the boot process. This shouldn't actually affect OSes, unless there's extended logic in the initrd that integrates tightly with OSTree. + Another systemd related change is the introduction of a path unit: ostree-finalize-staged.path. This allows the service of the same name to be path activated instead of explicitly started at deployment staging time. This release however does not yet rely on this mechanism to give time for packagers and integrators to adapt to the new unit (e.g. by enabling it in the systemd presets). A future release will require this. Note that deployment staging is still not the default for libostree, although at least rpm-ostree now unconditionally uses staging, and while it generally worked well, we hit issues with people using slower hard drives, hence the increase in timeout in PR #1755 . + Another change to call out is: lib/commit: Don't chown objects to repo target owner. We previously had incomplete support for a process running as uid 0 writing to a repository owned by a non-zero uid, but it was never finished. This will likely be revisited at a later time. ==== librsvg ==== Version update (2.44.6 -> 2.44.9) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.44.9: + rsvg-convert was positioning extracted elements incorrectly when using the -w/-h options together with --export-id. + Mis-rendering in small arc segments. + Rendering of gradients for horizontal/vertical stroked lines with gradientUnits="userSpaceOnUse". + Fix a couple of memory leaks in the error paths of the GdkPixbuf loader. - Update to version 2.44.8: + Don't drop spaces around elements. + rsvg-convert now uses pixel units for SVG output, instead of points. + Tweaks to have the test suite pass on i386 and non-x86_64 platforms. + With RSVG_LOG=1, librsvg will now report when SVGs have references to nonexistent elements, to aid debugging (for example, in an xlink:href attribute). + Allow reference tests with a small difference to pass without breaking the build. - Update to version 2.44.7: + Correctly match the systemLanguage attribute with the user's locale. + Parse xml:lang correctly. + Don't modify the caller's cairo_t state during rendering. + Don't panic if we get a "data:" URI with empty data. + Don't panic on getting a very large "order" for feConvolveMatrix. + Bugs fixed: glgo#GNOME/librsvg#256, glgo#GNOME/librsvg#320, glgo#GNOME/librsvg#334, glgo#GNOME/librsvg#349, glgo#GNOME/librsvg#352. ==== libwpd ==== - Drop tm markers, these are undesired by legal. - Add patch to fix rh#1643752 bsc#1115713 CVE-2018-19208: * 0001-Resolves-rhbz-1643752-bounds-check-m_currentTable-ac.patch ==== mailx ==== - Updates to mailx-12.5-openssl-1.1.0f.patch * If the openssl RNG is already seeded (on linux it always is) skip snake-oil reeseeding from file. Update man page accordingly. * Update man page with information that ssl2 and ssl3 are not only deprecated but currently unavailable and that tls1 forces TLS 1.0 but not later versions. * RAND_EGD is also unavailable, not just unused. * set SSL_OP_NO_TICKET, many servers accept session tickets, but almost never rotate them properly, TLS 1.3 session tickets are not affected by this flag. * When using client certificates, check if the cert and key match each other. ==== mutter ==== Version update (3.30.1 -> 3.30.2) Subpackages: libmutter-3-0 mutter-data mutter-lang - Update to version 3.30.2: + Fix handling of non-UTF8 encodings. + Fix memory leaks introduced in 3.30.1. + Work around hangul text input bug. + Fix crash when restarting window manager. + Fix crash on monitor hotplug. + Updated translations. ==== ovmf ==== Version update (2018+git1538590187.c0b1f749ef13 -> 2018+git1542164568.85588389222a) Subpackages: qemu-ovmf-x86_64 - Update to 2018+git1542164568.85588389222a (edk2-stable201811) + UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock + MdeModulePkg/NvmExpressPei: Refine data buffer & len check in PassThru + OvmfPkg/QemuVideoDxe: list "UnalignedIoInternal.h" in the INF file + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + OvmfPkg/QemuVideoDxe: Helper functions for unaligned port I/O + OvmfPkg: VMWare SVGA display device register definitions + Fix UEFI and Tiano Decompression logic issue + MdePkg: Fix incorrect check for DisplayOnly text format in AcpiEx + UefiCpuPkg/PiSmmCpuDxeSmm: Separate semaphore container + UefiCpuPkg/RegisterCpuFeaturesLib: Separate semaphore container + UefiCpuPkg/RegisterCpuFeaturesLib: Adjust Order + MdePkg/BaseSynchronizationLib: Fix InternalSync[De|In]crement + UefiCpuPkg/SmmCpu: Block access-out only when static paging is used + MdeModulePkg/Core: fix ineffective guard page issue + MdeModulePkg/Core: fill logic hole in MemoryProtectionCpuArchProtocolNotify + MdeModulePkg/Mtftp4Dxe: Fix invalid configuration of MTFTP local port + OvmfPkg: Replace obsoleted network drivers from platform DSC/FDF + MdePkg/Base.h: Implement BASE_CR() via OFFSET_OF() + MdeModulePkg/PiSmmIpl: Do not reset SMRAM to UC when CPU driver runs + NetworkPkg/TlsDxe: Fix failure to process multiple TLS records + BaseTools ConvertFceToStructurePcd: Fix the array value with empty string + CryptoPkg/BaseCryptLib: Fix potential integer overflow issue + ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE + UefiCpuPkg/PiSmmCpuDxeSmm: Fix ASSERT for success + UefiCpuPkg/MpInitLib: Fix ASSERT for success + MdeModulePkg/Core: fix an issue of potential NULL pointer access + NetworkPkg/Mtftp6Dxe: Correct the total received and saved block number + MdeModulePke/Mtftp4Dxe: Correct the total received and saved block number + MdeModulePkg EhciDxe: Extract new EhciInsertAsyncIntTransfer function + MdeModulePkg XhciDxe: Extract new XhciInsertAsyncIntTransfer function + BaseTools: Sync the DevicePath Function update from MdePkg + MdeModulePkg/HiiDB: Make sure database update behaviors are atomic + MdeModulePkg/HiiDB: Reorganize codes of exporting HII settings + UefiCpuPkg/RegisterCpuFeaturesLib: Support combo CPU feature style + UefiCpuPkg/RegisterCpuFeaturesLib: Fix ECC issues + MdeModulePkg/Core: add freed-memory guard feature + MdeModulePkg/Core: prevent re-acquire GCD memory lock + UefiCpuPkg/CpuDxe: prevent recursive calling of InitializePageTablePool + UefiCpuPkg/CpuDxe: consider freed-memory guard in non-stop mode + MdeModulePkg: introduce UEFI freed-memory guard bit in HeapGuard PCD + MdeModulePkg/NvmExpressDxe: Refine PassThru IO queue creation behavior + MdeModulePkg/NvmExpressDxe: Always copy CQ entry to PassThru packet + MdeModulePkg/NvmExpressDxe: Refine data buffer & len check in PassThru + MdePkg: Handle various device path when optional para is not specified + FatPkg: Correct the line ending to CRLF + MdePkg-BaseLib: Fix PathCleanUpDirectories() issue with "\\..\\.." + FatPkg/EnhancedFatDxe Fix Double Cluster Allocation + FatBinPkg: Remove FatBinPkg and refresh document + ShellPkg/dmem: Only dump sizeof (EFI_SYSTEM_TABLE) bytes for gST + MdeModulePkg/UsbMass: Fix USB key write failure + IntelFrameworkModulePkg: Add more checker in UefiTianoDecompressLib (CVE FIX) + MdePkg: Add more checker in UefiDecompressLib to access the valid buffer only (CVE FIX) + MdeModulePkg/PartitionDxe: Add check for underlying device block size + MdeModulePkg Xhci: Handle value 5 in Port Speed field of PORTSC + MdeModulePkg XhciDxe: Assign Usb2Hc.XXXRevision based on SBRN + MdePkg/BaseLib: AsciiStrToUnicodeStr(S) not handle EASCII properly + UefiCpuPkg/CpuCommonFeaturesLib: Register MSR base on scope Info + UefiCpuPkg/CpuS3DataDxe: Keep old data if value already existed + UefiCpuPkg/PiSmmCpuDxeSmm: Add logic to support semaphore type + UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support semaphore type + UefiCpuPkg/RegisterCpuFeaturesLib.h: Add new dependence types + UefiCpuPkg/Include/AcpiCpuData.h: Add Semaphore related Information + NetworkPkg/IpSecDxe: Fix issue to parse SA Payload + NetworkPkg: Correct the time stamp and fix the integer overflow issue + NetworkPkg/TlsDxe: Remove the redundant library class + MdePkg UefiLib: Check Table against NULL in ScanTableInSDT + MdeModulePkg BrotliDecompressLib: Add the checker to avoid array out of bound + UefiCpuPkg/CpuExceptionHandlerLib: always clear descriptor data in advance + fix InternalSyncCompareExchange*() + MdeModulePkg Variable: Fix Timestamp zeroing issue on APPEND_WRITE + MdeModulePkg/Bus/Ufs: Ensure device not return more data than expected + MdeModulePkg/AbsPointer: Don't access key codes when length is wrong + MdeModulePkg BrotliCustomDecompressLib: Don't build it for EBC arch + MdeModulePkg RegularExpressionDxe: Enable STDARG for variable arguments + MdeModulePkg/RegularExpressionDxe: Miss null pointer check + MdeModulePkg PcdDxe: ASSERT PcdSetNvStoreDefaultId set + UefiCpuPkg/S3Resume2Pei: disable paging before creating new page table + MdeModulePkg/SdMmcPciHcDxe: Allow additional SDHCI versions + MdeModulePkg/SdMmcPciHcDxe: Add controller version defines + MdePkg: Use VENDOR_DEVICE_PATH structure for Debug Port device path + ShellPkg-Cd: Ensure all valid cd targets are handled properly + MdePkg-BaseLib: Fix PathCleanUpDirectories() error involving "\..\.." + MdeModulePkg/NonDiscoverablePciDeviceDxe: expose unique B/D/F identifiers + MdeModulePkg: Update Brotli DecompressLib to the latest v1.0.6 + BaseTools: Update Brotli Compress to the latest one 1.0.6 + MdePkg: Add PciRoot/PcieRoot text for ACPI Expanded Device Path + MdePkg: Correct condition check for AcpiExp text format + MdePkg: Correct the string order of ACPI Expanded Device Path + MdePkg: Correct the string expression of UTF8 vendor device path + MdeModulePkg/HiiDB: Fix incorrect structure convention for checkbox + Lzma: Update LZMA SDK version to 18.05 + OvmfPkg/PlatformPei: clear CPU caches + Various BaseTools clean up and fixes + Various UDF fixes + Various USB fixes - Drop upstreamed patches + ovmf-bsc1115916-fix-timestamp-zeroing.patch + ovmf-bsc1115917-bounds-checking-for-ueficompress.patch - Add ovmf-bsc1115916-fix-timestamp-zeroing.patch to fix Timestamp zeroing issue on APPEND_WRITE (bsc#1115916, CVE-2018-3613) - Add ovmf-bsc1115917-bounds-checking-for-ueficompress.patch for the bound checking of ueficompress (bsc#1115917, CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735) ==== plymouth ==== Version update (0.9.4+git20181105.f898586 -> 0.9.4+git20181111.118c5ca) Subpackages: libply-boot-client4 libply-splash-core4 libply-splash-graphics4 libply4 plymouth-dracut plymouth-plugin-label plymouth-plugin-label-ft plymouth-plugin-script plymouth-plugin-two-step plymouth-scripts - Update to version 0.9.4+git20181111.118c5ca Modify systemd-units: Add "ConditionVirtualization=!container" in all plymouth-*.service, also systemd-ask-password-plymouth.path. ==== python-paramiko ==== - add disable-gssapi.patch - workaround for boo#1115769 ==== schily ==== Version update (2018.08.24 -> 2018.10.30) Subpackages: libdeflt1_0 libfind3_0 librmt1_0 spax star - Trim SELINUX from schily-2018-05-25_star_configuration.patch, it is already determined by %configure now. - Update to new upstream release 2018.10.30 * bsh/Bourne Shell/star: a very long path name could cause a core dump with a "chdir()" operation in some cases. * star: "star -c H=exustar -pax-o binary" now correctly results in unencoded strings for uname/gname/path/linkpath. * star: a new option -no-secure-links allows to disable the secure default behavior. * Changes to libfind options like -mount/-xdev and -perm; for details, see the AN-* files in the documentation directory. * New libfind primaries -chatime, -chctime, -chfile, -chown, etc. see AN-* for details. * star: Added "volatile" to a selection of struct members in struct m_head. This should help to avoid specific optimization from newer compilers that could cause problems with the synchronization of the fifo. * star: make sure that "star -c" results in a non-zero exit code if it is interupted by Ctrl-C. * star: Added new code to allow to debug a hanging FIFO. * star: the path name length and the link name length are now set from the POSIX 2001 extended tar headers in case that a name appears in that extended meta data. - Removed schily-2018-05-25_star_lock.patch (no longer needed). - Added schily-linker.diff. - Add smake and ved subpackages. ==== tomcat ==== Version update (9.0.12 -> 9.0.13) Subpackages: tomcat-admin-webapps tomcat-el-3_0-api tomcat-jsp-2_3-api tomcat-lib tomcat-servlet-4_0-api tomcat-webapps - Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt) ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update _constraints to latest values to avoid OOM erros ==== yast2-country ==== Version update (4.1.1 -> 4.1.4) Subpackages: yast2-country-data - Fallback to English when using fbiterm on those languages which are not properly supported (fate#325746). - 4.1.4 - Timezone: When ntp is configured to be used by default, offer also ntp servers proposed by DHCP but do not choose them if the user does not select one explicitly (fate#323454) - 4.1.3 - Timezone: Since ntp-client does not write the config anymore when called for syncing only, we need to remove the 'ntpdate_only' parameter in order to continue proposing a default when it is enabled in the control file (bsc#1108497). - 4.1.2 ==== yast2-network ==== Version update (4.1.15 -> 4.1.17) - Yast::Lan: Added method for obtaining the NTP servers offered by DHCP (fate#323454) - 4.1.17 - Allow to swich the network backend from the proposal (related to fate#326480) - 4.1.16 ==== yast2-ntp-client ==== Version update (4.1.3 -> 4.1.5) - fate#323454 - Bring back the menu button for choosing an NTP address from a public NTP servers list or from the ones returned by DHCP. - When no configuration is proposed by default, then use the DHCP offered servers as fallback. - Do not synchronize if chronyd service is running (bsc#1087048) - Use the title style capitalization in "Synchronize Now" button (bsc#1039987) - 4.1.5 - Only write the configuration once, and do not save changes when we are only synchronizing the date. (bsc#1108497) - 4.1.4 ==== yast2-storage-ng ==== Version update (4.1.31 -> 4.1.35) - The Guided Proposal tries to preserve partitions of type IRST (Intel Rapid Start Technology) when possible (bsc#1099187, fate#325885). - Made the Guided Proposal algorithm more clear, so it's easier to debug (bsc#1057436). - 4.1.35 - Initial proposal tries all possible attempts over each candidate device before switching to another device. - Related to bsc#1102026 and bsc#1090383. - 4.1.34 - adjust boot requirements to handle RAID cases (fate#326573) - 4.1.33 - SkipListValue.size_k returns the correct value (bsc#1115508). - 4.1.32