Packages changed: GeoIP (1.6.7 -> 1.6.9) MozillaFirefox (43.0.4 -> 44.0) acl gcc5 (5.2.1+r228589 -> 5.3.1+r231346) icedtea-web (1.6.1 -> 1.6.2) java-1_8_0-openjdk-plugin (1.6.1 -> 1.6.2) libffi-gcc5 (5.2.1+r228589 -> 5.3.1+r231346) libgcj-gcc5 (5.2.1+r228589 -> 5.3.1+r231346) liblogging libyui (3.2.3 -> 3.2.4) libyui-ncurses (2.47.5 -> 2.47.6) nbd python3-gst (1.6.1 -> 1.6.2) sk1 sysdig (0.7.1_k4.4.0_3 -> 0.8.0_k4.4.0_3) thunar virt-manager === Details === ==== GeoIP ==== Version update (1.6.7 -> 1.6.9) Subpackages: GeoIP-data libGeoIP1 - Update to 1.6.9 * Fix a regression introduced in version 1.6.8, which caused GeoIP_database_info to erroneously return NULL. - Changes for 1.6.8 * Allow compilation on older systems by relaxing the autoconf and automake minimum versions. Thank you, Jose Rubio! * Avoid potential problems in multi-threaded environments by consistently using pread() rather than read(). * Fix various small issues reported by clang's static analyser. ==== MozillaFirefox ==== Version update (43.0.4 -> 44.0) Subpackages: MozillaFirefox-translations-common - update to Firefox 44.0 (boo#963520) * MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards * MFSA 2016-02/CVE-2016-1933 (bmo#1231761) Out of Memory crash when parsing GIF format images * MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow in WebGL after out of memory allocation * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) Firefox allows for control characters to be set in cookie names * MFSA 2016-06/CVE-2016-1937 (bmo#724353) Missing delay following user click events in protocol handler dialog * MFSA 2016-07/CVE-2016-1938 (bmo#1190248) Errors in mp_div and mp_exptmod cryptographic functions in NSS (fixed by requiring NSS 3.21) * MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590) Addressbar spoofing attacks * MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946 (bmo#1186621, bmo#1214782, bmo#1232096) Unsafe memory manipulation found through code inspection * MFSA 2016-11/CVE-2016-1947 (bmo#1237103) Application Reputation service disabled in Firefox 43 * requires NSPR 4.11 * requires NSS 3.21 - prepare mozilla-kde.patch for Gtk3 builds - rebased patches ==== acl ==== Subpackages: libacl1 libacl1-32bit - Update to git snapshot dated 21 Sep 2015. - Added: * 0001-Install-the-libraries-to-the-appropriate-directory.patch * 0002-setfacl.1-fix-typo-inclu-de-include.patch * 0003-test-fix-insufficient-quoting-of.patch * 0004-Makefile-rename-configure.in-to-configure.ac.patch * 0005-Bad-markup-in-acl.5-page.patch * 0006-.gitignore-ignore-and-config.h.in.patch * 0007-Use-autoreconf-rather-than-autoconf-to-regenerate-th.patch * 0008-libacl-Make-sure-that-acl_from_text-always-sets-errn.patch * 0009-libacl-fix-SIGSEGV-of-getfacl-e-on-overly-long-group.patch * 0010-punt-debian-rpm-packaging-logic.patch * 0011-move-gettext-logic-into-misc.h.patch * 0012-test-make-running-parallel-out-of-tree-safe.patch * 0013-modernize-build-system.patch * 0014-po-regenerate-files-after-move.patch * 0015-build-drop-aclincludedir-use-pkgincludedir.patch * 0016-build-make-use-of-an-aux-dir-to-stow-away-helper-scr.patch * 0017-build-ship-a-pkgconfig-file-for-libacl.patch * 0018-read_acl_-comments-seq-rename-line-to-lineno.patch * 0019-read_acl_-comments-seq-switch-to-next_line.patch * 0020-telldir-return-value-and-seekdir-second-parameters-a.patch * 0021-mark-libmisc-funcs-as-hidden-so-they-are-not-exporte.patch * 0022-add-__acl_-prefixes-to-internal-symbols.patch * 0023-cp.test-Check-permissions-of-the-right-file.patch * 0024-libacl-acl_set_file-Remove-unnecesary-racy-check.patch * 0025-fix-compilation-with-latest-xattr-git.patch * 0026-getfacl-Fix-memory-leak.patch * 0027-Fix-the-display-block-nesting-in-acl.5.patch * 0028-setfacl-man-page-Minor-wording-improvements.patch * 0029-getfacl-Fix-minor-resource-leak.patch * 0030-Do-not-export-symbols-that-are-not-supposed-to-be-ex.patch * 0031-walk_tree-mark-internal-variables-as-static.patch * 0032-ignore-configure.lineno.patch - Signficant spec file restructuring due to 0013-modernize-build-system.patch - removed builddefs.in.diff ==== gcc5 ==== Version update (5.2.1+r228589 -> 5.3.1+r231346) Subpackages: cpp5 gcc5-c++ gcc5-fortran gcc5-info gcc5-locale gcc5-objc libasan2 libatomic1 libcilkrts5 libgcc_s1 libgcc_s1-32bit libgfortran3 libgomp1 libitm1 liblsan0 libmpx0 libmpxwrappers0 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-devel-gcc5 libstdc++6-locale libtsan0 libubsan0 - Update to GCC 5.3.1 (r231346). * Includes GCC 5.3 release with many bugfixes. - Drop cloog-isl build dependency from cross packages. - Update to gcc-5-branch head (r230656). * Includes fix for HTM builtins on powerpc. [bnc#955382] * Includes fix for build with ISL 0.15. - For x86_64 default 32bit code generation to -march=x86-64 rather than -march=i586. - Fix libgo certificate lookup, adds gcc5-libgo-fix-certificates-lookup.patch. [bsc#953831] - Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11 again. [bnc#954002] ==== icedtea-web ==== Version update (1.6.1 -> 1.6.2) - Update to 1.6.2 * all connection restrictions now consider also port * PR2779: html-gen.sh: Don't try to call hg if .hg directory isn't present * PR2591 - IcedTea-Web request resources twice for meta informations and causes ClientAbortException on tomcat in conjunction with JnlpDownloadServlet * PR2690 - Can't run BOM into JNLP file * PR2669 - remove bash-specific syntax from top level Makefile.am * PR2489 - various NPEs when codebase is null * NetX + main-class attribute trimmed by default + in strict mode, main-class attribute checked for invalid characters * Plugin + RH1273691 - Escaped equals signs in deployment.properties not un-escaped when used + PR2746 - IcedTea-Web Plugin 1.6.1: net.sourceforge.jnlp.LaunchException + PR2714 - IcedTea-Web plugin sends uninitialized memory garbage across a pipe when NPN_GetValueForURL call fails - Removed patches: * icedtea-web-1.6.1-doInit.patch * icedtea-web-1.6.1-HexDumpEncoder.patch + integrated upstream ==== java-1_8_0-openjdk-plugin ==== Version update (1.6.1 -> 1.6.2) - Update to 1.6.2 * all connection restrictions now consider also port * PR2779: html-gen.sh: Don't try to call hg if .hg directory isn't present * PR2591 - IcedTea-Web request resources twice for meta informations and causes ClientAbortException on tomcat in conjunction with JnlpDownloadServlet * PR2690 - Can't run BOM into JNLP file * PR2669 - remove bash-specific syntax from top level Makefile.am * PR2489 - various NPEs when codebase is null * NetX + main-class attribute trimmed by default + in strict mode, main-class attribute checked for invalid characters * Plugin + RH1273691 - Escaped equals signs in deployment.properties not un-escaped when used + PR2746 - IcedTea-Web Plugin 1.6.1: net.sourceforge.jnlp.LaunchException + PR2714 - IcedTea-Web plugin sends uninitialized memory garbage across a pipe when NPN_GetValueForURL call fails - Removed patches: * icedtea-web-1.6.1-doInit.patch * icedtea-web-1.6.1-HexDumpEncoder.patch + integrated upstream ==== libffi-gcc5 ==== Version update (5.2.1+r228589 -> 5.3.1+r231346) Subpackages: libffi-devel-gcc5 libffi4 libffi4-32bit - Update to GCC 5.3.1 (r231346). * Includes GCC 5.3 release with many bugfixes. - Drop cloog-isl build dependency from cross packages. - Update to gcc-5-branch head (r230656). * Includes fix for HTM builtins on powerpc. [bnc#955382] * Includes fix for build with ISL 0.15. - For x86_64 default 32bit code generation to -march=x86-64 rather than -march=i586. - Fix libgo certificate lookup, adds gcc5-libgo-fix-certificates-lookup.patch. [bsc#953831] - Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11 again. [bnc#954002] ==== libgcj-gcc5 ==== Version update (5.2.1+r228589 -> 5.3.1+r231346) Subpackages: gcc5-gij gcc5-java libgcj-devel-gcc5 libgcj-jar-gcc5 libgcj_bc1 - Update to GCC 5.3.1 (r231346). * Includes GCC 5.3 release with many bugfixes. - Drop cloog-isl build dependency from cross packages. - Update to gcc-5-branch head (r230656). * Includes fix for HTM builtins on powerpc. [bnc#955382] * Includes fix for build with ISL 0.15. - For x86_64 default 32bit code generation to -march=x86-64 rather than -march=i586. - Fix libgo certificate lookup, adds gcc5-libgo-fix-certificates-lookup.patch. [bsc#953831] - Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11 again. [bnc#954002] ==== liblogging ==== - make the suse_version portable - fix broken conditional with sles_version macro ==== libyui ==== Version update (3.2.3 -> 3.2.4) - Fixed a compilation error in YTableCell with GCC 6 (bsc#964144). - 3.2.4 ==== libyui-ncurses ==== Version update (2.47.5 -> 2.47.6) - replace deprecated auto_ptr by unique_ptr (bsc#962744) - 2.47.6 ==== nbd ==== Subpackages: nbd-doc - nbd-server.service: implement reload ==== python3-gst ==== Version update (1.6.1 -> 1.6.2) - Update to version 1.6.2: + overrides: fix a few typos in exception messages. + python: - Check return value of g_module_symbol(). - Don't call Py_DECREF() on NULL. + pythonplugin: Clean up error handling a bit. ==== sk1 ==== - require python-imaging-tk, e.g. from python-Pillow-tk, boo#960401 ==== sysdig ==== Version update (0.7.1_k4.4.0_3 -> 0.8.0_k4.4.0_3) - Update to 0.8.0 * Bug fixes + Better terminal mouse handling for csysdig + Minor bugfixes * New and updated features + rkt support (when running sysdig in a container, bind mounting the rkt directory is necessary, e.g. -v /var/lib/rkt:/host/var/lib/rkt:ro for Docker) + chroot event + container.type: the container type, e.g. docker or rkt + Prebuild sysdig-probe for Debian kernels ==== thunar ==== Subpackages: libthunarx-2-0 thunar-lang - Created thunar-appdata.patch to correct mismatched names between thunar.appdata.xml and thunar.desktop. Renamed Thunar.desktop to thunar.desktop to solve installation system problems see: boo#952324 ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#964407 - Virt-Manager: Installer wrongly detects SLE-12-GA media as SLE-12-SP1 virtinst-fix-sle12sp1-detection.patch - Fix Tumbleweed detection virtinst-fix-tumbleweed-detection.patch