Packages changed: Mesa Mesa-drivers clazy libfprint libpwquality mozjs68 open-iscsi pam-config (1.2 -> 1.3) perl-IO-Socket-SSL (2.067 -> 2.068) perl-Mojolicious (8.41 -> 8.42) ruby (2.6 -> 2.7) samba (4.12.0+git.135.dd3c974c75f -> 4.12.2+git.149.16ff41ef1f4) v4l-utils (1.18.0 -> 1.18.1) xapian-core (1.4.14 -> 1.4.15) xfce4-notifyd (0.6.0 -> 0.6.1) === Details === ==== Mesa ==== Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - avoid build error PowerPC, using gnu++14 (not gnu++11) https://bugzilla.opensuse.org/show_bug.cgi?id=1171045 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - avoid build error PowerPC, using gnu++14 (not gnu++11) https://bugzilla.opensuse.org/show_bug.cgi?id=1171045 ==== clazy ==== - Add upstream patch: * 0001-qstring-allocations-Fix-unit-tests-with-llvm-10.patch ==== libfprint ==== - gobject-introspection-devel added to fix TW build error ==== libpwquality ==== Subpackages: libpwquality-lang libpwquality1 - Add baselibs.conf ==== mozjs68 ==== - Add patch to drop unused LLVM and Rust build dependencies + Remove-unused-LLVM-and-Rust-build-dependencies.patch - Drop cargo, clang-devel, llvm-devel and rust from BuildRequires ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Update SPEC file to handle the fact that the service_del_postun_without_restart RPM macro exists in factory but not in SLE. No functional change for factory. ==== pam-config ==== Version update (1.2 -> 1.3) - Update to version 1.3 - Add support for pam_pwquality - Replace cracklib with pam_pwquality - Add pam_systemd if installed and we create a new configuration - Change check for existence of a Module - Drop bsc1153630-prevent-systemd-pam_mount.patch, integrated in v1.3 ==== perl-IO-Socket-SSL ==== Version update (2.067 -> 2.068) - updated to 2.068 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.068 2020/03/31 - treat OpenSSL 1.1.1e as broken and refuse to build with it in order to prevent follow-up problems in tests and user code https://github.com/noxxi/p5-io-socket-ssl/issues/93 https://github.com/openssl/openssl/issues/11388 https://github.com/openssl/openssl/issues/11378 - update PublicSuffix with latest data from publicsuffix.org ==== perl-Mojolicious ==== Version update (8.41 -> 8.42) updated to 8.42 see /usr/share/doc/packages/perl-Mojolicious/Changes 8.42 2020-05-04 - This release contains fixes for security issues, everybody should upgrade! - Added EXPERIMENTAL support for :any-link pseudo-class to Mojo::DOM::CSS. - Added EXPERIMENTAL support for case-sensitive attribute selectors like [foo="bar" s] to Mojo::DOM::CSS - Renamed experimental :matches pseudo-class to :is in Mojo::DOM::CSS. - Fixed a security issue that allowed for _method query parameters to be used with GET requests. - Fixed a bug in Mojo::DOM::CSS where the case-sensitivity identifier was case-sensitive. ==== ruby ==== Version update (2.6 -> 2.7) - switch the default ruby to 2.7 ==== samba ==== Version update (4.12.0+git.135.dd3c974c75f -> 4.12.2+git.149.16ff41ef1f4) Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr1 libndr1-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-libs samba-libs-32bit samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit - Move libdcerpc-server-core.so to samba-libs package, this was initially erroneously located in samba-ad-dc. - Update to samba 4.12.2 + CVE-2020-10700: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server;(bso#14331); (bsc#1169850) + CVE-2020-10704: A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV; (bso#14334); (bsc#1169851). - Update to samba 4.12.1 + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14295); + samba-tool group: Handle group names with special chars correctly; (bso#14296); + Add missing check for DMAPI offline status in async DOS attributes; (bso#14293); + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307); + vfs_recycle: Prevent flooding the log if we're called on non-existant paths; (bso#14316); + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313); + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred; (bso#14327); + fruit:time machine max size is broken on arm; (bso#13622); + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294); + s3/utils: Fix double free error with smbtree; (bso#14332); + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294); + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); + CTDB recovery daemon can crash due to dereference of NULL pointer; (bso#14324); ==== v4l-utils ==== Version update (1.18.0 -> 1.18.1) Subpackages: libv4l libv4l1-0 libv4l2-0 libv4lconvert0 - Update to 1.18.1: Fix GCC 10 / -fno-common - Drop upstream gcc10.patch - Avoid symbol name clash causing qv4l2 crash - v4l2_open is defined by the public libv4l2 and private libv4l2utils * Update use_system_v4l_for_qv4l.patch ==== xapian-core ==== Version update (1.4.14 -> 1.4.15) - Update to version 1.4.15: + API: * Database::check(): Fix checking of replication changesets. This reverts a change incorrectly made in 1.3.7. * Database::locked(): Return false instead of true for a closed inmemory DB. * Database::commit(): If commit() failed with an exception while trying to add pending changes (e.g. InvalidArgumentError due to a long term containing zero bytes) then a subsequent commit() on the same object would throw the same exception. Now we clear the pending changes in this situation (like we already did for failure at other stages in the commit). This bug remains unfixed for the chert backend as it's harder to fix there and the effort to fix it and extra risk of breakage don't seem justified for a backend we recommend people migrate away from. * QueryParser::parse_query(): Optimise parsing of multi-word synonyms. + Testsuite fixes. + matcher: * Hoist positional check above OP_FILTER. * Handle OP_FILTER with more than two subqueries correctly. Previously we'd only check the first two subqueries in some situations. + remote backend: * For a remote WritableDatabase, the client now keeps track of whether there are pending changes, and if there aren't then we now do nothing for commit() or cancel() calls. In particular this saves a message exchange when the WritableDatabase destructor is called when changes have already been committed with an explicit call to commit() (which is what we recommend doing, since with an explicit call to commit() you get to see any exception which gets thrown). * When closing a remote prog WritableDatabase, previously an exception could leave the remote connection open with the remote server running, and we'd then wait for the specified timeout before closing the connection. Now we close the connection before letting the exception propagate. * Don't swallow exceptions from Database::close() on a remote database. If we aren't in a transaction and so try to commit() and that fails then previously the caller would have no indication of the failure. * Fix handling the reported term weight when remote shards are searched. Fixes 5 XFAILs in the testsuite. * Add missing space to mismatching protocol versions error message. + build system: * Fix to build when configured with --disable-backend-remote, broken by changes in 1.4.14. Fixes #797, reported by ????? ????????. * The clang and icc compilers both define __GNUC__, which led our ABI mismatch message to report them as "g++" with a bogus version (the version of GCC that these compilers advertise themselves as, which for clang is always 4.2.0) - now we report clang++ or icc along with the actual version of that compiler. + updated documentation. ==== xfce4-notifyd ==== Version update (0.6.0 -> 0.6.1) Subpackages: xfce4-notifyd-lang - Update to 0.6.1 * Fix hover effect without compositing (bxo#16586) * Move from exo-csource to xdt-csource (bxo#16717) * Translation Updates