Packages changed: apache2 apache2-prefork apache2-utils audit audit-secondary elfutils-debuginfod fprintd (1.90.6 -> 1.90.8) glib2 (2.66.3 -> 2.66.4) glibc gmp gnome-disk-utility (3.38.0 -> 3.38.1) inotify-tools (3.20.2.2 -> 3.20.11.0) libcap (2.43 -> 2.44) libheif (1.9.1 -> 1.10.0) libqt5-qtwebengine libvirt linux-glibc-devel (5.9 -> 5.10) ncurses (6.2.20201031 -> 6.2.20201205) perl-LWP-Protocol-https (6.09 -> 6.10) poppler (20.12.0 -> 20.12.1) poppler-qt5 (20.12.0 -> 20.12.1) python-argcomplete (1.11.1 -> 1.12.2) qalculate (3.14.0 -> 3.15.0) readline rubygem-ffi (1.13.1 -> 1.14.1) rubygem-tzinfo (2.0.3 -> 2.0.4) xen (4.14.0_12 -> 4.14.1_02) yast2-alternatives (4.3.0 -> 4.3.1) yast2-schema (4.3.15 -> 4.3.16) yast2-tune (4.2.3 -> 4.3.1) === Details === ==== apache2 ==== - obsolete apache2-example-page and obsolete/provide apache2-doc [bsc#180075] ==== apache2-prefork ==== - obsolete apache2-example-page and obsolete/provide apache2-doc [bsc#180075] ==== apache2-utils ==== - obsolete apache2-example-page and obsolete/provide apache2-doc [bsc#180075] ==== audit ==== Subpackages: libaudit1 libaudit1-32bit libauparse0 - Enable Aarch64 processor support. (bsc#1179515 bsc#1179806) ==== audit-secondary ==== Subpackages: audit python3-audit - Enable Aarch64 processor support. (bsc#1179515 bsc#1179806) ==== elfutils-debuginfod ==== - Move profile files to libdebuginfod1 sub-package. - Silent 2 rpmlint issues. ==== fprintd ==== Version update (1.90.6 -> 1.90.8) - Update to version 1.90.8 It seems that we are finally reaching the end of the tunnel with regard to regressions. One more issue that cropped up was that a pam_fprintd fix to avoid a possible authentication bypass caused issues when fprintd was just started on demand. Highlights: * pam: Only listen to NameOwnerChanged after fprintd is known to run. * Place new ObjectManager DBus API at /net/reactivated/Fprint - Update to version 1.90.7 While 1.90.6 fixed a number of issues, we did have a bad regression due causing pam_fprintd to crash when there are no fingerprint devices installed. Highlights: * pam: Guard strdup calls against NULL pointers ==== glib2 ==== Version update (2.66.3 -> 2.66.4) Subpackages: glib2-lang glib2-tools libgio-2_0-0 libgio-2_0-0-32bit libglib-2_0-0 libglib-2_0-0-32bit libgmodule-2_0-0 libgmodule-2_0-0-32bit libgobject-2_0-0 libgobject-2_0-0-32bit libgthread-2_0-0 libgthread-2_0-0-32bit - Update to version 2.66.4: + Fix some issues in parsing floating point seconds in `GDateTime` + Fix some issues in handling invalid UTF-8 when parsing for `GDate` + Bugs fixed: glgo#GNOME/GLib#2264, glgo#GNOME/GLib!1774, glgo#GNOME/GLib!1790, glgo#GNOME/GLib!1793, glgo#GNOME/GLib!1799, glgo#GNOME/GLib!1805. ==== glibc ==== Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - aarch64-static-pie.patch: fix static PIE start code for BTI (bsc#1179450, BZ #27068) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859) ==== gmp ==== Subpackages: libgmp10 libgmp10-32bit - Add gmp-6.2.1-arm64-invert_limb.patch [bsc#1179751] ==== gnome-disk-utility ==== Version update (3.38.0 -> 3.38.1) Subpackages: gnome-disk-utility-lang - Update to version 3.38.1: + Do not display zram devices. + Updated translations. ==== inotify-tools ==== Version update (3.20.2.2 -> 3.20.11.0) Subpackages: libinotifytools0 - update to 3.20.11.0: * Added --no-dereference to watch a symlink * bugfixes ==== libcap ==== Version update (2.43 -> 2.44) - update to 2.44: Generally, this is a release to help package builders: no functional change to any of the generated code just documentation and make related fixes. ==== libheif ==== Version update (1.9.1 -> 1.10.0) - Re-download tarball and check with osc service runall download_files, all ok. - Updated to version 1.10.0: * New API: may access all (vendor-dependent) auxiliary images (e.g. hdrgainmap, semanticskinmatte, ...). * When ICC profile is present, will now write two color boxes (nclx and ICC) into AVIF files. Also reads files with two color boxes. * Alpha image is now saved as monochrome. * Loading of 16bit greyscale PNGs in heif_enc. * Deprecated heif_enc option "-E". * Remove dependency on alloca(). * Bug fixes. ==== libqt5-qtwebengine ==== - Fix build with ICU 68: * Added icu-68.patch * Added icu-68-2.patch ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - qemu: Fix logic bug in inactive snapshot deletion 0ddebdb4-qemu-snapshot-deletion.patch boo#1180049 ==== linux-glibc-devel ==== Version update (5.9 -> 5.10) - Update to kernel headers 5.10 ==== ncurses ==== Version update (6.2.20201031 -> 6.2.20201205) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20201205 + amend build-fixes for gnat 10 to work with certain systems lacking gprbuild (cf: 20200627). + eliminate an additional strlen and wsclen. + eliminate an unnecessary strlen in waddnstr() (suggested by Benjamin Abendroth). + modify inopts manpage, separating the items for nodelay and notimeout (patch by Benno Schulenberg). + correct mlterm3 kf1-kf4 (Debian #975322) -TD + add flash to mlterm3 -TD - Add ncurses patch 20201128 + add Smulx to alacritty (Christian Duerr). + add rep to PuTTY -TD + add putty+keypad -TD + add another fflush(stdout) in _nc_flush() to handle time-delays in the middle of strings such as flash when the application uses low-level calls rather than curses (cf: 20161217). + modify configure check for c89/c99 aliases of clang to use its - std option instead, because some platforms, in particular macOS, do not provide workable c89/c99 aliases. - Add ncurses patch 20201121 + fix some compiler-warnings in experimental Windows-10 driver. + add the definitions needed in recent configure-check for clang (report by Steven Pitman). - Add ncurses patch 20201114 + fix some compiler-warnings in experimental Windows-10 driver. + modify a check for parameters in terminfo capabilities to handle the special case where short extended capability strings were not converted from terminfo to termcap format. + modify CF_MIXEDCASE_FILENAMES macro, adding darwin as special case when cross-compiling (report by Eli Rykoff). - Add ncurses patch 20201107 + update kitty+common -TD + add putty+screen and putty-screen (suggested by Alexandre Montaron). + explain in ncurses.3x that functions in the tinfo library do not rely upon wide-characters (prompted by discussion with Reuben Thomas). ==== perl-LWP-Protocol-https ==== Version update (6.09 -> 6.10) - updated to 6.10 see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes 6.10 2020-12-17 15:42:06Z - Fix #39 - prevent user env from breaking the test (GH#63) (Gianni Ceccarelli) - Include Net::SSLeay in reported prereqs (GH#60) (Olaf Alders) - Use GitHub as a bug tracker (GH#59) (Olaf Alders) ==== poppler ==== Version update (20.12.0 -> 20.12.1) Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler105 poppler-tools - Update to version 20.12.1: + core: - PSOutputDev: fixing regression in the rasterization code. - Add missing profile copy operation in GfxICCBasedColorSpace::copy() - Fix issue in broken files. + build system: Use modern CMake linking for Qt and boost. ==== poppler-qt5 ==== Version update (20.12.0 -> 20.12.1) - Update to version 20.12.1: + core: - PSOutputDev: fixing regression in the rasterization code. - Add missing profile copy operation in GfxICCBasedColorSpace::copy() - Fix issue in broken files. + build system: Use modern CMake linking for Qt and boost. ==== python-argcomplete ==== Version update (1.11.1 -> 1.12.2) - update to 1.12.2: - Update importlib-metadata dependency pin (#332) - Add change log project URL (#312) - Replace Travis CI with GitHub Actions (#323) - Update importlib-metadata dependency version range - Bash nounset mode fixes (#313) - remove 0001-Remove-expected-test-failure-for-new-versions-of-fish.patch (upstream) ==== qalculate ==== Version update (3.14.0 -> 3.15.0) Subpackages: libqalculate21 qalculate-data - Update to 3.15.0: * Automatic and dual approximation and fractions mode in qalc and Gnome shell search provider * Do not ask before overwriting temporary variables in qalc * Add keyboard shortcuts for approximation (Ctrl+E), fraction mode (Ctrl+F), and save variable (Ctrl+R) in qalc * Add "precalculate expression" argument (default false) to save() function (this also changes the behaviour of ":=") * Support multiple equivalent custom digits, separated by semicolon (e.g. "0;aA1;bB2;cC3"), and phoneword digit set in base() function * Always place unit with prefix first (fixes kWh) * Fix local time zone on Windows * Fix matrix/vector multiplication with approximate matrix/vector variable * Fix parsing of expression with multiple degree signs * Minor bug fixes and feature improvements ==== readline ==== Subpackages: libreadline8 readline-doc - get rid of /lib hack and install readline in /usr. Bash is already there anyways (boo#1029961) - remove deprecated %install_info ==== rubygem-ffi ==== Version update (1.13.1 -> 1.14.1) - updated to version 1.14.1 Changed: * Revert changes to FFI::Pointer#write_string made in ffi-1.14.0. It breaks compatibilty in a way that can cause hard to find errors. #857 ==== rubygem-tzinfo ==== Version update (2.0.3 -> 2.0.4) - updated to version 2.0.4 * Fixed an incorrect `InvalidTimezoneIdentifier` exception raised when loading a zoneinfo file that includes rules specifying an additional transition to the final defined offset (for example, Africa/Casablanca in version 2018e of the Time Zone Database). #123. ==== xen ==== Version update (4.14.0_12 -> 4.14.1_02) Subpackages: xen-libs xen-tools xen-tools-domU - Update to Xen 4.14.1 bug fix release (bsc#1027519) xen-4.14.1-testing-src.tar.bz2 Contains the following recent security fixes bsc#1179516 XSA-359 - CVE-2020-29571 bsc#1179514 XSA-358 - CVE-2020-29570 bsc#1179513 XSA-356 - CVE-2020-29567 bsc#1178963 XSA-355 - CVE-2020-29040 bsc#1178591 XSA-351 - CVE-2020-28368 bsc#1179506 XSA-348 - CVE-2020-29566 bsc#1179502 XSA-325 - CVE-2020-29483 bsc#1179501 XSA-324 - CVE-2020-29484 bsc#1179498 XSA-322 - CVE-2020-29481 bsc#1179496 XSA-115 - CVE-2020-29480 - Dropped patches contained in new tarball 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch 5f560c42-x86-PV-64bit-segbase-consistency.patch 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch 5f5b6b7a-hypfs-fix-custom-param-writes.patch 5f607915-x86-HVM-more-consistent-IO-completion.patch 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch 5f6a008e-x86-MSI-drop-read_msi_msg.patch 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch 5f6a00c4-evtchn-relax-port_is_valid.patch 5f6a00df-x86-PV-avoid-double-exception-injection.patch 5f6a00f4-evtchn-add-missing-barriers.patch 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch 5f6a0178-evtchn-address-races-with-evtchn_reset.patch 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch 5f71a21e-x86-S3-fix-shadow-stack-resume.patch 5f76ca65-evtchn-Flask-prealloc-for-send.patch 5f76caaf-evtchn-FIFO-use-stable-fields.patch 5f897c25-x86-traps-fix-read_registers-for-DF.patch 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch xsa286-1.patch xsa286-2.patch xsa286-3.patch xsa286-4.patch xsa286-5.patch xsa286-6.patch xsa351-1.patch xsa351-2.patch xsa351-3.patch xsa355.patch - bsc#1178736 - allow restart of xenwatchdogd, enable tuning of keep-alive interval and timeout options via XENWATCHDOGD_ARGS= add xenwatchdogd-options.patch add xenwatchdogd-restart.patch - bsc#1177112 - Fix libxc.sr.superpage.patch The receiving side may punch holes incorrectly into optimistically allocated superpages. Also reduce overhead in bitmap handling. add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch add libxc-bitmap-long.patch add libxc-bitmap-longs.patch - boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin xen-destdir.patch Drop tmp_build.patch - bsc#1176782 - L3: xl dump-core shows missing nr_pages during core. If maxmem and current are the same the issue doesn't happen 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch - bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change (XSA-355) xsa355.patch - Fix build error with libxl.fix-libacpi-dependency.patch - Enhance libxc.migrate_tracking.patch Hide SUSEINFO messages from pause/unpause/resume from xl command. They are intended for libvirt logging, but lacked info about execution context. Remove extra logging about dirty pages in each iteration, the number of transferred pages + protocol overhead is already reported elsewhere. - Remove libxl.libxl__domain_pvcontrol.patch It is already part of 4.14.0-rc1 ==== yast2-alternatives ==== Version update (4.3.0 -> 4.3.1) - Change .desktop file so module launches with xdg-su (bsc#1180173). - 4.3.1 ==== yast2-schema ==== Version update (4.3.15 -> 4.3.16) - Add support for Btrfs quotas (jsc#SLE-7742). - 4.3.16 ==== yast2-tune ==== Version update (4.2.3 -> 4.3.1) - remove elevator settings (bsc#1178797) - 4.3.1 - add I/O device autoconfig checkbox on s390 (bsc#1168036) - 4.3.0