Packages changed: MozillaFirefox (90.0 -> 90.0.1) NetworkManager (1.32.2 -> 1.32.4) NetworkManager-openconnect apparmor bind clazy (1.9 -> 1.10) curl (7.77.0 -> 7.78.0) emacs gdb gnome-shell gtk3 (3.24.29 -> 3.24.30) ibus ibus-m17n (1.4.5 -> 1.4.6) java-11-openjdk (11.0.11.0 -> 11.0.12.0) kcm_tablet kde-gtk-config5 kwin5 libapparmor libidn2 (2.3.1 -> 2.3.2) libproxy libproxy-plugins libvirt makedumpfile (1.6.8 -> 1.6.9) moonjit ncurses (6.2.20210626 -> 6.2.20210718) open-iscsi openssh osinfo-db postfix publicsuffix (20210615 -> 20210707) shim-leap systemd systemd-presets-branding-openSUSE virtualbox (6.1.22 -> 6.1.24) virtualbox-kmp (6.1.22_k5.13.2_1 -> 6.1.24_k5.13.2_1) webkit2gtk3 (2.32.1 -> 2.32.2) xf86-video-qxl xorg-x11-server yast2-network (4.4.20 -> 4.4.21) === Details === ==== MozillaFirefox ==== Version update (90.0 -> 90.0.1) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 90.0.1 (boo#1188480): * Fixed: Fixed busy looping processing some HTTP3 responses (bmo#1720079) * Fixed: Fixed transient errors authenticating with some smart cards (bmo#1715325) * Fixed: Fixed a rare crash on shutdown (bmo#1707057) * Fixed: Fixed a race on startup that caused about:support to end up empty after upgrade (bmo#1717894, boo#1188330) ==== NetworkManager ==== Version update (1.32.2 -> 1.32.4) Subpackages: NetworkManager-lang libnm0 typelib-1_0-NM-1_0 - Update to version 1.32.4: + core: - Remove stale entries from "seen-bssids" and "timestamp" files in "/var/lib/NetworkManager". - Add ipv[46].required-timeout option to wait for IP configuration while activating. - Send ARP announcements when there is carrier. - Start DHCPv6 when a prefix delegation is needed for shared mode. + bond: support the peer_notif_delay option. + firewall: fix nftables backend to create "ip" table for IPv4 only. + initrd: set required-timeout of 20 seconds for default IPv4 configuration to opportunistically wait for IPv4. + ifcfg: - Log warning about invalid keys in ifcfg files. - Reject non-UTF-8 from ifcfg files. + nmcli: show DNS SEARCH field in device information. + cloud-setup: add support for Aliyun cloud. ==== NetworkManager-openconnect ==== Subpackages: NetworkManager-openconnect-gnome NetworkManager-openconnect-lang - Add now working CONFIG parameter to sysusers generator ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit python3-apparmor - added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point ==== bind ==== Subpackages: bind-doc bind-utils python3-bind - Since BIND 9.9, it has been easier to use tsig-keygen and ddns-confgen to generare TSIG keys. In 9.13, TSIG support was removed from dnssec-keygen, so now it is just for DNSKEY (and KEY for obscure cases). tsig-keygen is now used to generate DDNS keys. [bsc#1187921, vendor-files.tar.bz2] ==== clazy ==== Version update (1.9 -> 1.10) - Update to 1.10 * Requires C++17 * Fixed a -Wclazy-lambda-in-connect false-positive * Fixed crash in copyable-polymorphic when PCH was enabled - Drop 0001-Fix-build-with-Clang-12.patch. Fixed upstream. ==== curl ==== Version update (7.77.0 -> 7.78.0) Subpackages: libcurl4 - Update to 7.78.0: [bsc#1188217, CVE-2021-22922][bsc#1188218, CVE-2021-22923] [bsc#1188219, CVE-2021-22924][bsc#1188220, CVE-2021-22925] * Changes: - curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE - CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax - hostip: make 'localhost' return fixed values - mbedtls: add support for cert and key blob options - metalink: remove all support for it - mqtt: add support for username and password * Bugfixes: - ares: always store IPv6 addresses first - c-hyper: abort CONNECT response reading early on non 2xx responses - c-hyper: add support for transfer-encoding in the request - c-hyper: bail on too long response headers - c-hyper: clear NTLM auth buffer when request is issued - c-hyper: fix NTLM on closed connection tested with test159 - conncache: lowercase the hash key for better match - curl_multibyte: Remove local encoding fallbacks - Curl_ntlm_core_mk_nt_hash: fix OOM in error path - Curl_ssl_getsessionid: fail if no session cache exists - easy: during upkeep, attach Curl_easy to connections in the cache - gnutls: set the preferred TLS versions in correct order - hsts: ignore numberical IP address hosts - HSTS: not experimental anymore - http2: init recvbuf struct for pushed streams - http: fix crash in rate-limited upload - http: make the haproxy support work with unix domain sockets - http_proxy: deal with non-200 CONNECT response with Hyper - lib: don't compare fd to FD_SETSIZE when using poll - lib: fix compiler warnings with CURL_DISABLE_NETRC - lib: fix type of len passed to *printf's %*s - lib: more %u for port and int for %*s fixes - lib: use %u instead of %ld for port number printf - libssh2: limit time a disconnect can take to 1 second - mqtt: detect illegal and too large file size - msnprintf: return number of printed characters excluding null byte - multi: add scan-build-6 work-around in curl_multi_fdset - multi: alter transfer timeout ordering - multi: do not switch off connect_only flag when closing - multi: fix crash in curl_multi_wait / curl_multi_poll - ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS - openssl: avoid static variable for seed flag - openssl: don't remove session id entry in disassociate - socketpair: fix potential hangs - socks4: scan for the IPv4 address in resolve results - ssl: read pending close notify alert before closing the connection - telnet: fix option parser to not send uninitialized contents - TLS: prevent shutdown loops to get stuck - vtls: exit addsessionid if no cache is inited - vtls: fix connection reuse checks for issuer cert and case sensitivity ==== emacs ==== Subpackages: emacs-info emacs-nox emacs-x11 etags - sigsegv-stack.patch: Port alternate signal stack to upcoming glibc 2.34 ==== gdb ==== - amd64-linux-siginfo-include-order.patch: Adjust include order to avoid gnulib error ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Drop gnome-shell-lock-bg-on-primary.patch: the gnome-shell-1007468-lock-screen-SUSE-logo-missing.patch has been removed, we don't need this patch now(bsc#1188533). ==== gtk3 ==== Version update (3.24.29 -> 3.24.30) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-lang gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Update to version 3.24.30: + Input: - Ignore NoSymbol key events (happens with some XKB options). - Fix incomplete reset in some cases. + GtkEmojiChooser: - Update data from CLDR 39. - Support translated keywords for multiple languages. - Allow inserting multiple Emoji with Ctrl. - Match keywords for search. - Fix a memory leak. + GtkFileChooser: Accessibility improvements. + GtkTreeView: - Fix an accessibility-related memory leak. - Fix assertion failures in some cases. + Printing: Remove the Google Cloud Print backend, since the service was shut down. + Wayland: Work with pointer-gestures v1 protocol. + Updated translations. ==== ibus ==== Subpackages: ibus-dict-emoji ibus-gtk ibus-gtk-32bit ibus-gtk3 ibus-lang libibus-1_0-5 libibus-1_0-5-32bit typelib-1_0-IBus-1_0 - Own /usr/share/GConf and /usr/share/GConf/gsettings: the time has come where the migration code is drying out and we can't expect the deps to just be in the buildroot (but it still works). ==== ibus-m17n ==== Version update (1.4.5 -> 1.4.6) - Update version to 1.4.6 * Make inscript2 engines rank higher than inscript engines ==== java-11-openjdk ==== Version update (11.0.11.0 -> 11.0.12.0) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.12+7 (July 2021, CPU) * Security fixes + JDK-8256157: Improve bytecode assembly + JDK-8256491: Better HTTP transport + JDK-8258432, CVE-2021-2341, bsc#1188564: Improve file transfers + JDK-8260453: Improve Font Bounding + JDK-8260960: Signs of jarsigner signing + JDK-8260967, CVE-2021-2369, bsc#1188565: Better jar file validation + JDK-8262380: Enhance XML processing passes + JDK-8262403: Enhanced data transfer + JDK-8262410: Enhanced rules for zones + JDK-8262477: Enhance String Conclusions + JDK-8262967: Improve Zip file support + JDK-8264066, CVE-2021-2388, bsc#1188566: Enhance compiler validation + JDK-8264079: Improve abstractions + JDK-8264460: Improve NTLM support * Other changes + JDK-6847157: java.lang.NullPointerException: HDC for component at sun.java2d.loops.Blit.Blit + JDK-7106851: Test should not use System.exit + JDK-8073446: TimeZone getOffset API does not return a dst offset between years 2038-2137 + JDK-8076190: Customizing the generation of a PKCS12 keystore + JDK-8153005: Upgrade the default PKCS12 encryption/MAC algorithms + JDK-8171303: sun/java2d/pipe/InterpolationQualityTest.java fails on Windows & Linux + JDK-8177068: incomplete classpath causes NPE in Flow + JDK-8185734: [Windows] Structured Exception Catcher missing around gtest execution + JDK-8187450: JNI local refs exceeds capacity warning in NetworkInterface::getAll + JDK-8190763: Class cast exception on (CompoundEdit) UndoableEditEvent.getEdit() + JDK-8195841: PNGImageReader.readNullTerminatedString() doesnt check for non-null terminated strings with length equal to maxLen + JDK-8196100: javax/swing/text/JTextComponent/5074573/ /bug5074573.java fails + JDK-8199646: JShell tests: jdk/jshell/ /FailOverDirectExecutionControlTest.java failed with java.lang.UnsupportedOperationException + JDK-8206925: Support the certificate_authorities extension + JDK-8207160: ClassReader::adjustMethodParams can potentially return null if the args list is empty + JDK-8207247: AARCH64: Enable Minimal and Client VM builds + JDK-8207404: MulticastSocket tests failing on AIX + JDK-8207779: Method::is_valid_method() compares 'this' with NULL + JDK-8208061: runtime/LoadClass/TestResize.java fails with "Load factor too high" when running in CDS mode. + JDK-8209459: TestSHA512MultiBlockIntrinsics failed on AArch64 + JDK-8210443: Migrate Locale matching tests to JDK Repo. + JDK-8213231: ThreadSnapshot::_threadObj can become stale + JDK-8213483: ARM32: runtime/ErrorHandling/ /ShowRegistersOnAssertTest.java jtreg test fail + JDK-8213725: JShell NullPointerException due to class file with unexpected package + JDK-8213794: ARM32: disable TypeProfiling, CriticalJNINatives, Serviceablity tests for ARM32 + JDK-8213845: ARM32: Interpreter doesn't call result handler after native calls + JDK-8214128: ARM32: wrong stack alignment on Deoptimization::unpack_frames + JDK-8214512: ARM32: Jtreg test compiler/c2/Test8062950.java fails on ARM + JDK-8214854: JDWP: Unforseen output truncation in logging + JDK-8214922: Add vectorization support for fmin/fmax + JDK-8215009: GCC 8 compilation error in libjli + JDK-8216184: CDS/appCDS tests failed on Windows due to long path to a classlist file + JDK-8216259: AArch64: Vectorize Adler32 intrinsics + JDK-8216314: SIGILL in CodeHeapState::print_names() + JDK-8217348: assert(thread->is_Java_thread()) failed: just checking + JDK-8217465: [REDO] - Optimize CodeHeap Analytics + JDK-8217561: X86: Add floating-point Math.min/max intrinsics + JDK-8217918: C2: -XX:+AggressiveUnboxing is broken + JDK-8218458: [TESTBUG] runtime/NMT/ /CheckForProperDetailStackTrace.java fails with Expected stack trace missing from output + JDK-8219142: Remove unused JIMAGE_ResourcePath + JDK-8219586: CodeHeap State Analytics processes dead nmethods + JDK-8220074: Clean up GCC 8.3 errors in LittleCMS + JDK-8220407: compiler/intrinsics/math/ /TestFpMinMaxIntrinsics.java timedout + JDK-8222302: [TESTBUG] test/hotspot/jtreg/compiler/intrinsics/ /sha/cli/TestUseSHAOptionOnUnsupportedCPU.java fails on any other CPU + JDK-8222412: AARCH64: multiple instructions encoding issues + JDK-8223020: aarch64: expand minI_rReg and maxI_rReg patterns into separate instructions + JDK-8223444: Improve CodeHeap Free Space Management + JDK-8223504: Improve performance of forall loops by better inlining of "iterator()" methods + JDK-8223667: ASAN build broken + JDK-8225081: Remove Telia Company CA certificate expiring in April 2021 + JDK-8225116: Test OwnedWindowsLeak.java intermittently fails + JDK-8225438: javax/net/ssl/TLSCommon/ /TestSessionLocalPrincipal.java failed with Read timed out + JDK-8225756: [testbug] compiler/loopstripmining/ /CheckLoopStripMining.java sets too short a SafepointTimeoutDelay + JDK-8226374: Restrict TLS signature schemes and named groups + JDK-8226627: assert(t->singleton()) failed: must be a constant + JDK-8226721: Missing intrinsics for Math.ceil, floor, rint + JDK-8227080: (fs) Files.newInputStream(...).skip(n) is slow + JDK-8227222: vmTestbase/jit/FloatingPoint/gen_math/Loops04/ /Loops04.java failed XMM register should be 0-15 + JDK-8227609: (fs) Files.newInputStream(...).skip(n) should allow skipping beyond file size + JDK-8230428: Cleanup dead CastIP node code in formssel.cpp + JDK-8231460: Performance issue (CodeHeap) with large free blocks + JDK-8231713: x86_32 build failures after JDK-8226721 (Missing intrinsics for Math.ceil, floor, rint) + JDK-8231841: AArch64: debug.cpp help() is missing an AArch64 line for pns + JDK-8232084: HotSpot build failed with GCC 9.2.1 + JDK-8232591: AArch64: Add missing match rules for smaddl, smsubl and smnegl + JDK-8233185: HttpServer.stop() blocks indefinitely when called on dispatch thread + JDK-8233787: Break cycle in vm_version* includes + JDK-8233948: AArch64: Incorrect mapping between OptoReg and VMReg for high 64 bits of Vector Register + JDK-8234355: Buffer overflow in jcmd GC.class_stats due to too many classes + JDK-8235368: Update BCEL to Version 6.4.1 + JDK-8236859: WebSocket over authenticating proxy fails with NPE + JDK-8236992: AArch64: remove redundant load_klass in itable stub + JDK-8237743: test/langtools/jdk/jshell/ /FailOverExecutionControlTest.java fails No ExecutionControlProvider with name 'nonExistent' and parameter keys: [] + JDK-8237804: sun/security/mscapi tests fail with "Key pair not generated, alias already exists" + JDK-8238175: CTW: Class.getDeclaredMethods fails with assert(k->is_subclass_of(SystemDictionary::Throwable_klass())) failed: invalid exception class + JDK-8238567: SoftMainMixer.processAudioBuffers(): Wrong handling of stoppedMixers + JDK-8238812: assert(false) failed: bad AD file + JDK-8239312: [macos] javax/swing/JFrame/NSTexturedJFrame/ /NSTexturedJFrame.java + JDK-8239386: handle ContendedPaddingWidth in vm_version_aarch64 + JDK-8239536: Can't use 'java.util.List' object after importing 'java.awt.List' + JDK-8240487: Cleanup whitespace in .cc, .hh, .m, and .mm files + JDK-8240848: ArrayIndexOutOfBoundsException buf for TextCallbackHandler + JDK-8241082: Upgrade IANA Language Subtag Registry data to 03-16-2020 version + JDK-8241087: Build failure with VS 2019 (16.5.0) due to C2039 and C2873 + JDK-8241101: [s390] jtreg test failure after JDK-8238696: not conformant features string + JDK-8241248: NullPointerException in sun.security.ssl.HKDF.extract(HKDF.java:93) + JDK-8241372: Several test failures due to javax.net.ssl.SSLException: Connection reset + JDK-8241475: AArch64: Add missing support for PopCountVI node + JDK-8241829: Cleanup the code for PrinterJob on windows + JDK-8241960: The SHA3 message digests impl of SUN provider are not thread safe after cloned + JDK-8242010: Upgrade IANA Language Subtag Registry to Version 2020-04-01 + JDK-8242429: Better implementation for sign extract + JDK-8242557: Add length limit for strings in PNGImageWriter + JDK-8242919: Paste locks up jshell + JDK-8243155: AArch64: Add support for SqrtVF + JDK-8243240: AArch64: Add support for MulVB + JDK-8243452: JFR: Could not create chunk in repository with over 200 recordings + JDK-8243559: Remove root certificates with 1024-bit keys + JDK-8243597: AArch64: Add support for integer vector abs + JDK-8244031: HttpClient should have more tests for HEAD requests + JDK-8244205: HTTP/2 tunnel connections through proxy may be reused regardless of which proxy is selected + JDK-8244847: Linux/PPC: runtime/CompressedOops/ /CompressedClassPointers: smallHeapTest fails + JDK-8245511: G1 adaptive IHOP does not account for reclamation of humongous objects by young GC + JDK-8246274: G1 old gen allocation tracking is not in a separate class + JDK-8247354: [aarch64] PopFrame causes assert(oopDesc::is_oop(obj)) failed: not an oop + JDK-8247408: IdealGraph bit check expression canonicalization + JDK-8247432: Update IANA Language Subtag Registry to Version 2020-09-29 + JDK-8247438: JShell: When FailOverExecutionControlProvider fails the proximal cause is not shown + JDK-8247753: UIManager.getSytemLookAndFeelClassName() returns wrong value on Fedora 32 + JDK-8248043: Need to eliminate excessive i2l conversions + JDK-8248411: [aarch64] Insufficient error handling when CodeBuffer is exhausted + JDK-8248568: compiler/c2/TestBit.java failed: test missing from stdout/stderr + JDK-8248870: AARCH64: I2L/L2I conversions can be skipped for masked positive values + JDK-8249142: java/awt/FontClass/CreateFont/DeleteFont.sh is unstable + JDK-8249189: AARCH64: more L2I conversions can be skipped + JDK-8249719: MethodHandle performance suffers from bad ResolvedMethodTable hash function + JDK-8249875: GCC 10 warnings -Wtype-limits with JFR code + JDK-8250635: MethodArityHistogram should use Compile_lock in favour of fancy checks + JDK-8250876: Fix issues with cross-compile on macos + JDK-8251031: Some vmTestbase/nsk/monitoring/RuntimeMXBean tests fail with hostnames starting from digits + JDK-8251525: AARCH64: Faster Math.signum(fp) + JDK-8252259: AArch64: Adjust default value of FLOATPRESSURE + JDK-8252311: AArch64: save two words in itable lookup stub + JDK-8252779: compiler/graalunit/HotspotTest.java failed after 8251525 + JDK-8252883: AccessDeniedException caused by delayed file deletion on Windows + JDK-8253167: ARM32 builds fail after JDK-8247910 + JDK-8253572: [windows] CDS archive may fail to open with long file names + JDK-8253923: C2 doesn't always run loop opts for compilations that include loops + JDK-8253948: Memory leak in ImageFileReader + JDK-8254631: Better support ALPN byte wire values in SunJSSE + JDK-8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards + JDK-8255086: Update the root locale display names + JDK-8255625: AArch64: Implement Base64.encodeBlock accelerator/intrinsic + JDK-8255763: C2: OSR miscompilation caused by invalid memory instruction placement + JDK-8255992: JFR EventWriter does not use first string from StringPool with id 0 + JDK-8256037: [TESTBUG] com/sun/jndi/dns/ConfigTests/ /PortUnreachable.java fails due to the hard coded threshold is small + JDK-8256244: java/lang/ProcessHandle/PermissionTest.java fails with TestNG 7.1 + JDK-8256287: [windows] add loop fuse to map_or_reserve_memory_aligned + JDK-8256523: Streamline Java SHA2 implementation + JDK-8257414: Drag n Drop target area is wrong on high DPI systems + JDK-8257569: Failure observed with JfrVirtualMemory::initialize + JDK-8257574: C2: "failed: parsing found no loops but there are some" assert failure + JDK-8257580: Bump update version for OpenJDK: jdk-11.0.12 + JDK-8257604: JNI_ArgumentPusherVaArg leaks valist + JDK-8257621: JFR StringPool misses cached items across consecutive recordings + JDK-8257796: [TESTBUG] TestUseSHA512IntrinsicsOptionOnSupportedCPU.java fails on x86_32 + JDK-8257822: C2 crashes with SIGFPE due to a division that floats above its zero check + JDK-8257828: SafeFetch may crash if invoked in non-JavaThreads + JDK-8257853: Remove dependencies on JNF's JNI utility functions in AWT and 2D code + JDK-8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m + JDK-8257860: [macOS]: Remove JNF dependency from libosxkrb5/SCDynamicStoreConfig.m + JDK-8257988: Remove JNF dependency from libsaproc/MacosxDebuggerLocal.m + JDK-8258414: OldObjectSample events too expensive + JDK-8258505: [TESTBUG] TestDivZeroWithSplitIf.java fails due to missing UnlockDiagnosticVMOptions + JDK-8258753: StartTlsResponse.close() hangs due to synchronization issues + JDK-8259061: C2: assert(found) failed: memory-writing node is not placed in its original loop or an ancestor of it + JDK-8259227: C2 crashes with SIGFPE due to a division that floats above its zero check + JDK-8259232: Bad JNI lookup during printing + JDK-8259276: C2: Empty expression stack when reexecuting tableswitch/lookupswitch instructions after deoptimization + JDK-8259343: [macOS] Update JNI error handling in Cocoa code. + JDK-8259585: Accessible actions do not work on mac os x + JDK-8259651: [macOS] Replace JNF_COCOA_ENTER/EXIT macros + JDK-8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl + JDK-8259710: Inlining trace leaks memory + JDK-8259729: Missed JNFInstanceOf -> IsInstanceOf conversion + JDK-8259777: Incorrect predication condition generated by ADLC + JDK-8259786: initialize last parameter of getpwuid_r + JDK-8259843: initialize dli_fname array before calling dll_address_to_library_name + JDK-8259869: [macOS] Remove desktop module dependencies on JNF Reference APIs + JDK-8259886: Improve SSL session cache performance and scalability + JDK-8259983: do not use uninitialized expand_ms value in G1CollectedHeap::expand_heap_after_young_collection + JDK-8260030: Improve stringStream buffer handling + JDK-8260236: better init AnnotationCollector _contended_group + JDK-8260255: C1: LoopInvariantCodeMotion constructor can leave some fields uninitialized + JDK-8260284: C2: assert(_base == Int) failed: Not an Int + JDK-8260380: Upgrade to LittleCMS 2.12 + JDK-8260420: C2 compilation fails with assert(found_sfpt) failed: no node in loop that's not input to safepoint + JDK-8260426: awt debug_mem.c DMem_AllocateBlock might leak memory + JDK-8260432: allocateSpaceForGP in freetypeScaler.c might leak memory + JDK-8260616: Removing remaining JNF dependencies in the java.desktop module + JDK-8260653: Unreachable nodes keep speculative types alive + JDK-8260707: java/lang/instrument/PremainClass/ /InheritAgent0100.java times out + JDK-8260925: HttpsURLConnection does not work with other JSSE provider. + JDK-8260926: Trace resource exhausted events unconditionally + JDK-8261020: Wrong format parameter in create_emergency_chunk_path + JDK-8261027: AArch64: Support for LSE atomics C++ HotSpot code + JDK-8261167: print_process_memory_info add a close call after fopen + JDK-8261170: Upgrade to freetype 2.10.4 + JDK-8261198: [macOS] Incorrect JNI parameters in number conversion in A11Y code + JDK-8261235: C1 compilation fails with assert(res->vreg_number() == index) failed: conversion check + JDK-8261261: The version extra fields needs to be overridable in jib-profiles.js + JDK-8261262: Kitchensink24HStress.java crashed with EXCEPTION_ACCESS_VIOLATION + JDK-8261354: SIGSEGV at MethodIteratorHost + JDK-8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding + JDK-8261397: try catch Method failing to work when dividing an integer by 0 + JDK-8261422: Adjust problematic String.format calls in jdk/internal/util/Preconditions.java outOfBoundsMessage + JDK-8261447: MethodInvocationCounters frequently run into overflow + JDK-8261481: Cannot read Kerberos settings in dynamic store on macOS Big Sur + JDK-8261505: Test test/hotspot/jtreg/gc/parallel/ /TestDynShrinkHeap.java killed by Linux OOM Killer + JDK-8261601: free memory in early return in Java_sun_nio_ch_sctp_SctpChannelImpl_receive0 + JDK-8261649: AArch64: Optimize LSE atomics in C++ code + JDK-8261730: C2 compilation fails with assert(store->find_edge(load) != -1) failed: missing precedence edge + JDK-8261752: Multiple GC test are missing memory requirements + JDK-8261791: (sctp) handleSendFailed in SctpChannelImpl.c potential leaks + JDK-8261812: C2 compilation fails with assert(!had_error) failed: bad dominance + JDK-8261914: IfNode::fold_compares_helper faces non-canonicalized bool when running JRuby JSON workload + JDK-8262093: java/util/concurrent/tck/JSR166TestCase.java failed "assert(false) failed: unexpected node" + JDK-8262110: DST starts from incorrect time in 2038 + JDK-8262121: [11u] Redo 8244287: JFR: Methods samples have line number 0 + JDK-8262163: Extend settings printout in jcmd VM.metaspace + JDK-8262295: C2: Out-of-Bounds Array Load from Clone Source + JDK-8262298: G1BarrierSetC2::step_over_gc_barrier fails with assert "bad barrier shape" + JDK-8262446: DragAndDrop hangs on Windows + JDK-8262461: handle wcstombsdmp return value correctly in unix awt_InputMethod.c + JDK-8262465: Very long compilation times and high memory consumption in C2 debug builds + JDK-8262726: AArch64: C1 StubAssembler::call_RT can corrupt stack + JDK-8262739: String inflation C2 intrinsic prevents insertion of anti-dependencies + JDK-8262829: Native crash in Win32PrintServiceLookup.getAllPrinterNames() + JDK-8262837: handle split_USE correctly + JDK-8262900: ToolBasicTest fails to access HTTP server it starts + JDK-8263260: [s390] Support latest hardware (z14 and z15) + JDK-8263311: Watch registry changes for remote printers update instead of polling + JDK-8263361: Incorrect arraycopy stub selected by C2 for SATB collectors + JDK-8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec + JDK-8263425: AArch64: two potential bugs in C1 LIRGenerator::generate_address() + JDK-8263448: CTW: fatal error: meet not symmetric + JDK-8263504: Some OutputMachOpcodes fields are uninitialized + JDK-8263557: Possible NULL dereference in Arena::destruct_contents() + JDK-8263558: Possible NULL dereference in fast path arena free if ZapResourceArea is true + JDK-8263676: AArch64: one potential bug in C1 LIRGenerator::generate_address() + JDK-8263729: [test] divert spurious output away from stream under test in ProcessBuilder Basic test + JDK-8263846: Bad JNI lookup getFocusOwner in accessibility code on Mac OS X + JDK-8264047: Duplicate global variable 'jvm' in libjavajpeg and libawt + JDK-8264096: slowdebug jvm crashes when StrInflatedCopy match rule is not supported + JDK-8264151: ciMethod::ensure_method_data() should return false is loading resulted in empty state + JDK-8264173: [s390] Improve Hardware Feature Detection And Reporting + JDK-8264190: Harden TLS interop tests + JDK-8264223: CodeHeap::verify fails extra_hops assertion in fastdebug test + JDK-8264328: Broken license in javax/swing/JComboBox/8072767/bug8072767.java + JDK-8264360: Loop strip mining verification fails with "should be on the backedge" + JDK-8264626: C1 should be able to inline excluded methods + JDK-8264640: CMS ParScanClosure misses a barrier + JDK-8264786: [macos] All Swing/AWT apps cause Allow Notifications prompt to appear when app is launched + JDK-8264821: DirectIOTest fails on a system with large block size + JDK-8264848: [macos] libjvm.dylib linker warning due to macOS version mismatch + JDK-8264923: PNGImageWriter.write_zTXt throws Exception with a typo + JDK-8264958: C2 compilation fails with assert "n is later than its clone" + JDK-8265099: Revert backport to 11u of 8236859: WebSocket over authenticating proxy fails with NPE + JDK-8265154: vinserti128 operand mix up for KNL platforms + JDK-8265239: Shenandoah: Shenandoah heap region count could be off by 1 + JDK-8265417: Backport of JDK-8249672 breaks Solaris x86 build + JDK-8265421: java/lang/String/StringRepeat.java test is missing a memory requirement + JDK-8265462: Handle multiple slots in the NSS Internal Module from SunPKCS11's Secmod + JDK-8265537: x86 version string truncated after JDK-8249672 11u backport + JDK-8265666: Enable AIX build platform to make external debug symbols + JDK-8265677: CMS: CardTableBarrierSet::write_ref_array_work() lacks storestore barrier + JDK-8265690: Use the latest Ubuntu base image version in Docker testing + JDK-8265718: Build failure after JDK-8258414 11u backport + JDK-8265750: Fatal error in safepoint.cpp after backport of 8258414 + JDK-8265784: [C2] Hoisting of DecodeN leaves MachTemp inputs behind + JDK-8265938: C2's conditional move optimization does not handle top Phi + JDK-8266220: keytool still prompt for store password on a password-less pkcs12 file if -storetype pkcs12 is specified + JDK-8266293: Key protection using PBEWithMD5AndDES fails with "java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long" + JDK-8266713: [AIX] Build failure after 11u backport of JDK-8247753 + JDK-8266802: Shenandoah: Round up region size to page size unconditionally + JDK-8266892: avoid maybe-uninitialized gcc warnings on linux s390x + JDK-8266929: Unable to use algorithms from 3p providers + JDK-8267235: [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash + JDK-8267561: Shenandoah: Reference processing not properly setup for outside of cycle degenerated GC + JDK-8267599: Revert the change to the default PKCS12 macAlgorithm and macIterationCount props for 11u/8u/7u + JDK-8267641: [11u] 8227609 backport typo + JDK-8267721: Enable sun/security/pkcs11 tests for Amazon Linux 2 AArch64 + JDK-8268678: LetsEncryptCA.java test fails as Let's Encrypt Authority X3 is retired ==== kcm_tablet ==== Subpackages: kcm_tablet-lang - Fix the %files section. plasma-framework >= 5.84 doesn't install desktop files in %_kf5_servicesdir anymore. - Update URL ==== kde-gtk-config5 ==== Subpackages: kde-gtk-config5-gtk3 - BuildRequire gsettings-desktop-schemas explicitly ==== kwin5 ==== Subpackages: kwin5-lang - Add patch to fix issues with EGLStream clients: * 0001-platforms-drm-check-wl_eglstream-buffers-before-atta.patch ==== libapparmor ==== Subpackages: libapparmor1 libapparmor1-32bit - added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point ==== libidn2 ==== Version update (2.3.1 -> 2.3.2) Subpackages: libidn2-0 libidn2-0-32bit libidn2-lang - Update to 2.3.2: * Upgrade TR46 tables from Unicode 11 to Unicode 13. - Refresh libidn2.keyring ==== libproxy ==== - Do no longer BuildRequire libmodman-devel: libproxy 0.4.17 was changed upstream to only support to internal version (no other consumer of libmodman exists). - No longer pass -DFORCE_SYSTEM_LIBMODMAN=ON to cmake: not understood anymore (boo#1188265). ==== libproxy-plugins ==== Subpackages: libproxy1-config-gnome3 libproxy1-config-kde libproxy1-networkmanager libproxy1-pacrunner-webkit - Do no longer BuildRequire libmodman-devel: libproxy 0.4.17 was changed upstream to only support to internal version (no other consumer of libmodman exists). - No longer pass -DFORCE_SYSTEM_LIBMODMAN=ON to cmake: not understood anymore (boo#1188265). ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - spec: Don't forcibly remove '--listen' arg from /etc/sysconfig/libvirtd. Add '--timeout 120' if '--listen' is not specified. bsc#1188232 - spec: Remove the sysconfig fillup files for the various daemons - Dropped patches: suse-libvirtd-sysconfig-settings.patch, suse-virtlockd-sysconfig-settings.patch, suse-virtlogd-sysconfig-settings.patch - spec: Add bash-completion dependency to libvirt-daemon and libvirt-client. It was mistakenly dropped when libvirt-bash-completion was merged into the daemon and client subpackages - qemu: Use correct flag constant for enabling storage migration f58349c9-qemu-storage-migration.patch bsc#1188171 ==== makedumpfile ==== Version update (1.6.8 -> 1.6.9) - Update to 1.6.9 * Add initial mips64 support * Support newer kernels up to v5.12 * x86_64: fix a use-after-free bug in -e option * arm64: support flipped VA and 52-bit kernel VA * Add shorthand --show-stats option to show report stats * Add --dry-run option to prevent writing the dumpfile * printk: add support for lockless ringbuffer - Fix rpmlintrc to not be version agnostic - Refresh makedumpfile-override-libtinfo.patch - Drop upstream merged * makedumpfile-printk-add-support-for-lockless-ringbuffer.patch * makedumpfile-printk-use-committed-finalized-state-value.patch * makedumpfile-use-uts_namespace.name-offset-VMCOREINFO.patch * makedumpfile-1-3-Use-vmcoreinfo-note-in-proc-kcore-for-mem-.patch * makedumpfile-2-3-arm64-Make-use-of-NUMBER-VA_BITS-in-vmcore.patch * makedumpfile-3-3-arm64-support-flipped-VA-and-52-bit-kernel.patch ==== moonjit ==== - Rewrite the packaging to acommodate a possibility of two LuaJIT implementations in the distribution. ==== ncurses ==== Version update (6.2.20210626 -> 6.2.20210718) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20210718 + correct typo in "vip" comments (report by Nick Black), reviewed this against Glink manual -TD + fill in some missing pieces for pccons, to make it comparable to the vt220 entry -TD + modify mk-1st.awk to account for extra-suffix configure option (report by Juergen Pfeifer). + change default for --disable-wattr-macros option to help packagers who reuse wide ncursesw header file with non-wide ncurses library. + build-fix for test/test_opaque.c, for configurations without opaque curses structs. - Add ncurses patch 20210710 + improve history section for tset manpage based on the 1BSD tarball, which preceded BSD's SCCS checkins by more than three years. + improve CF_XOPEN_CURSES macro used in test/configure (report by Urs Jansen). + further improvement of libtool configuration, adding a dependency of the install.tic rule, etc., on the library in the build-tree. + update config.sub ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Merge latest upstream, which includeds: * Support the "qede" CMA-card driver. (bsc#1188579) * iscsistart: fix null pointer deref before exit ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - The linux kernel has close_range(2) syscall which current glibc uses to implement closefrom(3) which will be then used by openssh. whitelist the new system call so closefrom does not fail or fallback to iterating proc/self/fd (openssh-whitelist-syscalls.patch) ==== osinfo-db ==== - bsc#1188336 - openSUSE Tumbleweed unattended installation in libvirt fails due to invalid autoyast.xml Drop fix-autoyast-validation.patch ==== postfix ==== Subpackages: postfix-doc - spamd wants to start before mail-transfer-agent.target, but that target doesn't exist (bsc#1066854) ==== publicsuffix ==== Version update (20210615 -> 20210707) - Update to version 20210707: * util: gTLD data autopull updates for 2021-07-07T15:17:15 UTC (#1369) * util: gTLD data autopull updates for 2021-06-26T15:13:32 UTC (#1362) ==== shim-leap ==== - Update to shim to 15.4-lp152.4.17.1 from openSUSE Leap 15.2 + Version: 15.4, "Thu Jul 15 2021" + Updated openSUSE x86 signature + Include the fixes for bsc#1187696, bsc#1185261, bsc#1185441, bsc#1187071, bsc#1185621, bsc#1185261, bsc#1185232, bsc#1185261, bsc#1187260, bsc#1185232. - Remove shim-install because the shim-install is updated in Leap 15.2 RPM. ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-container systemd-doc systemd-lang systemd-logger systemd-sysvinit udev - Added patches to fix CVE-2021-33910 (bsc#1188063) Added 1001-unit-name-generate-a-clear-error-code-when-convertin.patch Added 1002-basic-unit-name-do-not-use-strdupa-on-a-path.patch Added 1003-basic-unit-name-adjust-comments.patch These patches will be moved to the git repo once the bug will become public. - systemd-hwdb-update.service should be shipped by the udev package ==== systemd-presets-branding-openSUSE ==== - Enable storeBackup (bsc#1115457). ==== virtualbox ==== Version update (6.1.22 -> 6.1.24) Subpackages: virtualbox-guest-tools virtualbox-guest-x11 - Version bump to 6.1.24 (released July 20 2021 by Oracle) This is a maintenance release. The following items were fixed and/or added: Storage: Fixed starting a VM if a device is attached to a VirtIO SCSI port higher than 30 (bug #20213) Storage: Improvement to DVD medium change signaling Serial: Fixed a the guest missing interrupts under certain circumstances (6.0 regression, bug #18668) Audio: Multiple fixes and enhancements Network: Fixed connectivity issue with virtio-net after resuming VM with disconnected link Network: Fixed UDP GSO fragmentation issue with missing 8 bytes of payload at the end of the first fragment API: Fixed VM configuration for recent Windows Server versions Extension Pack: Fixed issues with USB webcam pass-through on Linux Host and guest driver: Fix small memory leak (bug #20280) Linux host and guest: Support kernel version 5.13 (bug #20456) Linux host and guest: Introduce support for SUSE SLES/SLED 15 SP3 kernels (bug #20396) Linux host: Installer will not attempt to build kernel modules if system already has them installed and modules versions match current version Guest Additions: Fixed crash on using shared clipboard (bug #19165) Linux Guest Additions: Introduce support for Ubuntu specific kernels (bug #20325) Solaris guest: Increased default memory and disk sizes EFI: Support network booting with the E1000 network controller emulation EFI: Stability improvements (bug #20090) Delete file "fix_random_stack_failure.patch" - fixed upstream. - Add vboximg-mount to packaging. boo#1188045. Fix an error in file "fixes_for_5.14.patch". ==== virtualbox-kmp ==== Version update (6.1.22_k5.13.2_1 -> 6.1.24_k5.13.2_1) - Version bump to 6.1.24 (released July 20 2021 by Oracle) This is a maintenance release. The following items were fixed and/or added: Storage: Fixed starting a VM if a device is attached to a VirtIO SCSI port higher than 30 (bug #20213) Storage: Improvement to DVD medium change signaling Serial: Fixed a the guest missing interrupts under certain circumstances (6.0 regression, bug #18668) Audio: Multiple fixes and enhancements Network: Fixed connectivity issue with virtio-net after resuming VM with disconnected link Network: Fixed UDP GSO fragmentation issue with missing 8 bytes of payload at the end of the first fragment API: Fixed VM configuration for recent Windows Server versions Extension Pack: Fixed issues with USB webcam pass-through on Linux Host and guest driver: Fix small memory leak (bug #20280) Linux host and guest: Support kernel version 5.13 (bug #20456) Linux host and guest: Introduce support for SUSE SLES/SLED 15 SP3 kernels (bug #20396) Linux host: Installer will not attempt to build kernel modules if system already has them installed and modules versions match current version Guest Additions: Fixed crash on using shared clipboard (bug #19165) Linux Guest Additions: Introduce support for Ubuntu specific kernels (bug #20325) Solaris guest: Increased default memory and disk sizes EFI: Support network booting with the E1000 network controller emulation EFI: Stability improvements (bug #20090) Delete file "fix_random_stack_failure.patch" - fixed upstream. - Add vboximg-mount to packaging. boo#1188045. Fix an error in file "fixes_for_5.14.patch". ==== webkit2gtk3 ==== Version update (2.32.1 -> 2.32.2) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.32.2: + Improve calculation of initial WebKitWebView size. + Fix kinetic scrolling on touchpad with async scrolling off. + Fix a crash on empty drag operation in X11. + Fix rendering on HiDPI /4k screen and scaling. + Handle null native surface for for surfaceless rendering. + Fix JavaScriptCore crash on 32-bit big endian systems. + Fix several crashes and rendering issues. ==== xf86-video-qxl ==== - Remove unneeded Requires on python >= 2.6 - Add Xspice-python3.patch: * Add support for Python 3, and run it under Python 3. ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk - U_modesetting-unflip-not-possible-when-glamor-is-not-s.patch * this should fixes crashes of xfce when running under qemu (boo#1188559) - add U_present-get_crtc-should-not-return-crtc-when-its-scr.patch (bsc#1188559) https://gitlab.freedesktop.org/xorg/xserver/-/issues/1195 ==== yast2-network ==== Version update (4.4.20 -> 4.4.21) - Do not crash when the aliases defined in the AutoYaST profile are not defined as a map (bsc#1188344) - 4.4.21