Packages changed: aria2 (1.19.3 -> 1.20.0) fcitx geoclue2 (2.4.2 -> 2.4.3) graphite2 (1.3.5 -> 1.3.6) grub2 (2.02~beta2 -> 2.02~beta3) irssi (0.8.17 -> 0.8.18) kgamma5 (5.5.4 -> 5.5.5) kholidays libofx libvirt (1.3.1 -> 1.3.2) libzypp (15.21.3 -> 15.21.4) lightdm (1.17.3 -> 1.17.5) marble mgetty mutt nasm (2.11.08 -> 2.12) nfs-utils obs-service-source_validator (0.5+git20150622.3c3fa65 -> 0.6+git20160222.62c56d3) osc (0.152.0 -> 0.153.0) plasma-framework presage python3-pip (8.0.3 -> 8.1.0) samba subversion transmission (2.84 -> 2.92) webkitgtk webkitgtk3 xdm xen xmlgraphics-batik (1.7 -> 1.8) xmlgraphics-commons (2.0 -> 2.1) xorg-x11-server yakuake (2.9.9 -> 3.0.2) yast2-country (3.1.25 -> 3.1.26) yast2-packager (3.1.89 -> 3.1.90) yast2-security (3.2.0 -> 3.2.1) === Details === ==== aria2 ==== Version update (1.19.3 -> 1.20.0) Subpackages: aria2-lang libaria2-0 - Update to 1.20.0 * src/WinConsoleFile.cc: fix colour * configure.ac: fix autoreconf error * Don't inherit file descriptor to child process * Update Russian version documentation * Add "seeder" key to tellStatus RPC response * WinTLS: Fix hang because of buffered received data * Add --max-mmap-limit option * mingw: Use SetFileValidData to make --file-allocation=falloc work * Retry with 504 status code * Increase DHT transaction ID from 2 to 4 bytes to avoid conflict * Update wslay * Add --enable-werror option to configure to enable warning flags * Don't modify user variables (e.g., CFLAGS, LIBS, etc) * Improve error message when loading pkcs12 file failed * Updated dependency and source url's * Reduce delay in tracker request * Disable IPv6 on non-async NameResolver if configuration wants * Fix mysterious 1 second delay with async DNS * Fix bug that UDP port was incorrectly used in UDP tracker announce request * Refactor HttpRequest * Send Want-Digest as per RFC 3230 * Try all found address set to bind sockets with - -multiple-interface * Replace sourceforge references with aria2.github.io * Add system.listMethods RPC method * Support content-range from non-compliant server * Reduce UDP tracker request timeout * Apply --retry-wait when retrying after 404 - Spec file cleanup * Dependencies updated * Install localised manpages * Simplify conditions ==== fcitx ==== Subpackages: fcitx-branding-openSUSE fcitx-gtk2 fcitx-gtk3 fcitx-pinyin fcitx-qt4 fcitx-table libfcitx-4_2_9 - backport a upstream fix: * boo#954623: fcitx prevents dropbox system tray loading in KDE Plasma 5 * commit#c73761 : avoid unnecessary xembed tray icon fallback, try harder to avoid touch tray protocol related code when notification is available or kimpanel is available. * add patch boo954623.patch, delete next update ==== geoclue2 ==== Version update (2.4.2 -> 2.4.3) - Update to version 2.4.3: + Fix a crash in the helper library. ==== graphite2 ==== Version update (1.3.5 -> 1.3.6) Subpackages: graphite2-devel libgraphite2-3 libgraphite2-3-32bit - Update to 1.3.6 * This fixes a number of security related bugs. There are no feature improvements or bug fixes in this release. ==== grub2 ==== Version update (2.02~beta2 -> 2.02~beta3) Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - new upstream version 2.02~beta3 * highlights of user visible changes not yet present in openSUSE package - arm-uboot now generates position independent self relocating image, so single binary should run on all supported systems - loader for Xen on aarch64. grub-mkconfig support was not in time for beta3 yet. - improved ZFS support (extensible_dataset, large_blocks, embedded_data, hole_birth features) - support for IPv6 Router Advertisements - support for persistent memory (we do not overwrite it and pass correct information to OS) - try to display more specific icons for os-prober generated menu entries - grub-install detects EFI bit size and selects correct platform (x86_64-efi or i386-efi) independent of OS bit size; needs kernel 4.0 or higher. - LVM RAID1 support - xnu loader fixes which should make OS X menu entry generated by os-prober work again - key modifiers (Ctrl-X etc) should work on EFI too - ... and lot of fixes over entire tree * rediff - rename-grub-info-file-to-grub2.patch - use-grub2-as-a-package-name.patch - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-chainloader.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-efi-xen-chainload.patch - grub2-mkconfig-aarch64.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64-cas-reboot-support.patch - 0002-Add-Virtual-LAN-support.patch * fix grub2-secureboot-add-linuxefi.patch - use grub_memset and grub_memcpy instead of memset and memcpy (caused errors due to compiler warning) * drop upstream patches - 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch - 0001-look-for-DejaVu-also-in-usr-share-fonts-truetype.patch - 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch - 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch - 0003-efinet-open-Simple-Network-Protocol-exclusively.patch - 0001-efinet-Check-for-immediate-completition.patch - 0001-efinet-enable-hardware-filters-when-opening-interfac.patch - grub2-xen-legacy-config-device-name.patch - grub2-getroot-support-NVMe-device-names.patch - grub2-netboot-hang.patch - grub2-btrfs-fix-incorrect-address-reference.patch - aarch64-reloc.patch - grub2-glibc-2.20.patch (related code dropped upstream) - grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch - grub2-btrfs-fix-get_root-key-comparison-failures-due-to-en.patch - grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch - grub2-ppc64-qemu.patch - grub2-xfs-Add-helper-for-inode-size.patch - grub2-xfs-Fix-termination-loop-for-directory-iteration.patch - grub2-xfs-Convert-inode-numbers-to-cpu-endianity-immediate.patch - grub2-xfs-V5-filesystem-format-support.patch - 0001-Add-bootargs-parser-for-open-firmware.patch - grub2-arm64-set-correct-length.patch - grub2-arm64-setjmp-Add-missing-license-macro.patch - grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch - 0001-unix-password-Fix-file-descriptor-leak.patch - 0002-linux-getroot-fix-descriptor-leak.patch - 0003-util-grub-mount-fix-descriptor-leak.patch - 0004-linux-ofpath-fix-descriptor-leak.patch - 0005-grub-fstest-fix-descriptor-leak.patch - ppc64le.patch - libgcc-prereq.patch - libgcc.patch - 0001-Fix-security-issue-when-reading-username-and-passwor.patch - 0001-menu-fix-line-count-calculation-for-long-lines.patch - grub2-arm64-Reduce-timer-event-frequency-by-10.patch - 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch - 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch - 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch - 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch - 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch - 0005-i386-fix-TSC-calibration-using-PIT.patch - biendian.patch - ppc64_opt.patch * drop workarounds for gdb_grub and grub.chrp, they are now installed under fixed name * do not patch docs/Makefile.in, it is regenerated anyway - Make mkconfig search for zImage on arm * grub2-mkconfig-arm.patch - Add support to directly pass an EFI FDT table to a kernel on 32bit arm * 0001-arm64-Move-firmware-fdt-search-into-global-function.patch * 0002-arm-efi-Use-fdt-from-firmware-when-available.patch ==== irssi ==== Version update (0.8.17 -> 0.8.18) - Update to version 0.8.18 New Features + CAP SASL PLAIN login is now supported natively. + Paste bracket markers can be requested from terminal with /set paste_use_bracketed_mode on + "Self messages" generated by some bouncers can now be received in the proper window. + Try to split long lines on spaces to avoid words being splitted. Adds a new option: split_line_on_space which defaults to on. + Add setting hilight_nick_matches_everywhere (#56). + The config parser is more robust and prints out better diagnostics on incorrect config files. + Ctrl+^ (FS#721) and Ctrl+J can now be bound. + Command history can be cleared with /window history -clear + /hilight -mask -line is now supported (FS#275). + CHANTYPES are now supported. + Improved reload speed of ignores. + Add -date feature to /lastlog + irssiproxy can be more easily enabled and disabled. + Expando for hostname (FS#829). + UNIX sockets can now also be specified in the config file. + Disable SSLv3 due to the POODLE vulnerability. + SSL ciphers can now be specified per server. + Added SNI support for SSL. Bugfixes + /ignore now respects -pattern on merge (#78). + irssiproxy (BNC) module now uses correct line endings. + Fix missing lines on large pastes (FS#905). + Correctly preserve STATUSMSG prefixes (#291). + Fix infinite recursion in key bindings (FS#817). + Fix incomplete awaylog caused by buffering. + Fix calculation of UTF-8 string length display in some cases. + Fix some Perl warnings related to @ISA. + EXEC windowitems now get proper references on the Perl side. + Incremental help file improvements. + ANSI attributes are now properly reset. + Fixed regression where text would blink when terminal lacks color support. + Permit the usage of Freenode extban syntax in /ban (#150) + Fixed regression in scriptassist on unload of scripts. + Fixed regression in -actcolor %n - Remove irssi-0.8.15-ssl-passphrase.patch, fixed upstream. ==== kgamma5 ==== Version update (5.5.4 -> 5.5.5) - Update to 5.5.5 (boo#968966) * Bugfix release * For more details please see: https://www.kde.org/announcements/plasma-5.5.5.php ==== kholidays ==== - Add kholidays-glibc-2.23.patch to fix build with glibc 2.23 ==== libofx ==== Subpackages: libofx-devel libofx6 - Replace libxmll++-devel BuildRequires with pkgconfig(libxml++-2.6) in order to be ready for the compatibility package introduction (libxml++ goes 3.0). ==== libvirt ==== Version update (1.3.1 -> 1.3.2) Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen - libxl: advertise system qemu instead of qemu-xen in caps libxl-qemu-emulator-caps.patch FATE#320638 - Update to libvirt 1.3.2 - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - libxl: Add support for block-{dmmd,drbd,npiv} scripts libxl-support-block-script.patch bsc#954872 ==== libzypp ==== Version update (15.21.3 -> 15.21.4) - media: Send stats header to download.opensuse.org only (bsc#955801) - fix build-compare (#57, #58) - version 15.21.4 (19) ==== lightdm ==== Version update (1.17.3 -> 1.17.5) Subpackages: liblightdm-gobject-1-0 lightdm-lang - update to 1.17.5 * Set XDG_RUNTIME_DIR for ConsoleKit sessions. This is a recent change in ConsoleKit2. * Add support for g_autoptr and liblightdm-gobject * Fix dm-tool add-local-seat not working because LightDM is trying to connect with TCP/IP ==== marble ==== Subpackages: libastro-qt5-1 libmarblewidget-qt5-23 marble-data marble-devel marble-doc marble-kde - Add marble-glibc-2.23.patch to build against glibc 2.23 ==== mgetty ==== Subpackages: g3utils sendfax - Use correct permissions for unit files (boo#968571) ==== mutt ==== - Add perl(Expect) as requirement for mutt due to the fact that a useful helper script below the samples depends on this (boo#968699) ==== nasm ==== Version update (2.11.08 -> 2.12) - new nasm_change_unused.patch to avoid PowerPC build error - Update to 2.12 * Major fixes to the macho backend (section 7.8); earlier versions would produce invalid symbols and relocations on a regular basis. * Support for thread-local storage in Mach-O. * Support for arbitrary sections in Mach-O. * Fix wrong negative size treated as a big positive value passed into backend causing NASM to crash. * Fix handling of zero-extending unsigned relocations, we have been printing wrong message and forgot to assign segment with predefined value before passing it into output format. * Fix potential write of oversized (with size greater than allowed in output format) relative relocations. * Portability fixes for building NASM with LLVM compiler. * Add support of Codeview version 8 (cv8) debug format for win32 and win64 formats in the COFF backend, see section 7.5.3. * Allow 64-bit outputs in 16/32-bit only backends. Unsigned 64-bit relocations are zero-extended from 32-bits with a warning (suppressible via -w-zext-reloc); signed 64-bit relocations are an arror. * Line numbers in list files now correspond to the lines in the source files, instead of simply being sequential. * There is now an official 64-bit (x64 a.k.a. x86-64) build for Windows. - Changes for 2.11.09 * Fix potential stack overwrite in macho32 backend. * Fix relocation records in macho64 backend. * Fix symbol lookup computation in macho64 backend. * Adjust .symtab and .rela.text sections alignments to 8 bytes in elf64 backed. * Fix section length computation in bin backend which leaded in incorrect relocation records. - Update build dependencies ==== nfs-utils ==== Subpackages: nfs-client nfs-doc nfs-kernel-server - 0001-mount.nfs-hide-EBUSY-errors.patch Stop "mount -a -t nfs" from complaining if filesystem already mounted (bsc#950340) ==== obs-service-source_validator ==== Version update (0.5+git20150622.3c3fa65 -> 0.6+git20160222.62c56d3) - Update to version 0.6+git20160222.62c56d3: + turned off warnings to avoid misleading messages + fixes boo#967610 + related to bsc#967265 - Update to version 0.6+git20160218.73d6618: + Attempt to fix and handling in Release in a minimal invasive way. + 20-files-present-and-referenced: also look for *.sign files + various security and bug fixes (boo#967265) + removed bash 4 test syntax ==== osc ==== Version update (0.152.0 -> 0.153.0) - 0.153.0 - "my sr" is using the server side request collection to get right results - maintenance request offers to supersede old, but still open requests - add build --vm-telnet option for getting debug shell in KVM builds - add buildhistory --limit option OBS 2.7 only: - add "addchannels" and "enablechannel" commands - support new package instances on branching when using -N parameter - add --linkrev option to branch command - add --add-repository-block option to branch command - add --add-repository-rebuild option to branch command - add service merge command - add service wait command ==== plasma-framework ==== Subpackages: plasma-framework-components plasma-framework-private - Added 0001-Theme-Discard-pixmap-cache-when-changing-theme.patch (kde#359924) - Add 0001-if-path-is-passed-pick-the-tail.patch -- fix loading of c++ based applets ==== presage ==== Subpackages: libpresage1 presage-data - Add reproducible.patch to make build-compare work ==== python3-pip ==== Version update (8.0.3 -> 8.1.0) - update to version 8.1.0: * Implement PEP 513, which adds support for the manylinux1 platform tag, allowing carefully compiled binary wheels to be installed on compatible Linux platforms. * Allow wheels which are not specific to a particular Python interpreter but which are specific to a particular platform (#3202). * Fixed an issue where call_subprocess would crash trying to print debug data on child process failure (#3521, PR #3522). * Exclude the wheel package from the pip freeze output (like pip and setuptools). #2989. * Allow installing modules from a subdirectory of a vcs repository in non-editable mode (#3217, PR #3466). * Make pip wheel and pip download work with vcs urls with subdirectory option (PR #3466). * Show classifiers in pip show. * Show PEP376 Installer in pip show (#3517). * Unhide completion command (PR #1810). * Show latest version number in pip search results (PR #1415). * Decode requirement files according to their BOM if present (PR [#3485], #2865). * Fix and deprecate package name detection from url path (#3523 and PR #3495). * Correct the behavior where interpreter specific tags (such as cp34) were being used on later versions of the same interprter instead of only for that specific interpreter (#3472). * Fix an issue where pip would erroneously install a 64 bit wheel on a 32 bit Python running on a 64 bit OS X machine. * Do not assume that all git repositories have an origin remote. * Correctly display the line to add to a requirements.txt for an URL based dependency when --require-hashes is enabled. ==== samba ==== Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libgensec0 libgensec0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libregistry0 libsamba-credentials0 libsamba-credentials0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient-devel libsmbclient-raw0 libsmbclient-raw0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap0 libsmbldap0-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-32bit samba-client samba-client-32bit samba-doc samba-libs samba-libs-32bit samba-winbind samba-winbind-32bit - Only obsolete but do not provide gplv2/3 package names; (bsc#968973). - Relocate existing lock files to /var/lib/samba/lock; (bsc#968963). ==== subversion ==== Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-devel subversion-perl subversion-python subversion-server subversion-tools - make the subversion package conflict with KWallet and Gnome Keyring packages with do not require matching subversion versions in SLE 12 and openSUSE Leap 42.1 and thus break the main package upon partial upgrade. Fix/workaround for boo#969159 ==== transmission ==== Version update (2.84 -> 2.92) Subpackages: transmission-common transmission-gtk - Update to version 2.92: + Mac Client: Build OSX.KeRanger.A ransomware removal into the app. - Changes from version 2.91: + All Platforms: - Fix Makefile.am to include Windows patches into source archive. - Fix miniupnpc script to handle spaces and other special chars in paths. + Mac Client: - Prevent crash during group rules removal in some cases. - Fix failure to remove seeding completion notifications from notification center. - Show main window and scroll to torrent on notification click. - Fix issue on Yosemite where peers view didn't occupy all the available space when web seed view was hidden. + Qt Client: Fix existing running instance detection and torrents delegation when using DBus. + Daemon: - Fix building on Windows x86. - Add `--blocklist-update` argument description to transmission-remote man page. - Use `-rad` as short form of `--remove-and-delete` option in transmission-remote. - Update to version 2.90: + All Platforms: - Fix renaming torrent files with common prefix. - Fix some more thread safety bugs in the tr_list datatype. - Fix infinite loop when removing torrent data. - Add support for CyaSSL/WolfSSL and PolarSSL cryptographic backends; bump OpenSSL minimum to v0.9.7. - Initial CMake build system support. - Many improvements to support Windows builds with MSVS and MinGW; drop XP/2003 support, only Vista and up now. - Allow building against system UTP and DHT libraries. - Fix several memory leaks and buffer overflows. - Support miniupnpc API v14. - Fix "prefetch-enabled" value type in settings.json (boolean instead of integer). - Fix some issues discovered by static analysis (cppcheck, coverity). - Fix invalid JSON encoding for non-printable characters. - Fix multi-threaded locale use when encoding/decoding JSON data. - Fix encrypted communication with libevent 2.1+. - Prevent completed pieces modification by webseeds. - Require absolute paths in RPC requests. - Fix and unify torrent origin display in GTK+, Qt and web clients. - Fix crash on session shutdown (evdns_getaddrinfo_cancel). - Retry if RPC server fails to bind to specified address. - Improve error checking on metadata retrieval. - Improve UTF-8 validity checking (merge changes from LLVM). - Don't build transmission-cli by default (it's long deprecated). + GTK+ Client: - Fix overshoot and undershoot indicators display with GTK+ 3.16+ in main window. - Don't require DISPLAY if started with `--version` argument. + Qt Client: - Improve performance in Torrent Properties dialog for torrents with lots of files. - Prevent entering file renaming mode with mouse double-click. - Add context menu on files tab of Torrent Properties dialog resembling that of Mac client. - Remove torrent file from watch directory even if "show options dialog" is not set. - Use theme-provided icons in system tray and About dialog. - Fix initial watch directory scan. - Improve filter bar look and feel; lots of other small visual fixes; RTL layout fixes. - Show message to the user when duplicate torrent is being added. - Improve magnets handling in main window. - Display notifications via tray icon if D-Bus is not available. - Show notice on top of filtered torrents list; clear whole filter on notice double-click. - Add proper compiler flags to indicate C++11 use. - Fix translation files loading. + Daemon: - Run as service on Windows when in background mode. - Rework directory watching, add support for native mechanisms on BSD/Darwin (kqueue) and Windows (ReadDirectoryChanges). - Don't make assumptions of remote path validity in transmission-remote. + Web Client: - Content Security Policy enhancements. - Enable "resume now" for queued torrents. - Mark appropriate fields in preferences dialog as HTML5 number fields. - Update to jQuery 1.11.2, jQueryUI 1.11.4; use jQueryUI menus instead of custom ones. + Updated translations. - Pass --enable-external-b64 to configure: use the system provided b64 library. - Pass --enable-cli to configure: retain the (deprecated) CLI interface. - Add pkgconfig(zlip) and libb64-devel BuildRequires: new dependencies. - Drop transmission-miniupnp14.patch: fixed upstream. ==== webkitgtk ==== Subpackages: libjavascriptcoregtk-1_0-0 libwebkitgtk-1_0-0 libwebkitgtk-devel libwebkitgtk2-lang typelib-1_0-JavaScriptCore-1_0 typelib-1_0-WebKit-1_0 - Switch to geoclue2: replace pkgconfig(geoclue) BuildRequires with pkgconfig(geoclue-2.0). ==== webkitgtk3 ==== Subpackages: libjavascriptcoregtk-3_0-0 libwebkitgtk-3_0-0 - Switch to geoclue2: replace pkgconfig(geoclue) BuildRequires with pkgconfig(geoclue-2.0). ==== xdm ==== - After boo#968405 got fixed in /etc/rpm/macros.systemd, resurrect the old behavior of %postun (boo#968405). - xdm.tar.bz: * /etc/X11/xdm/sys.xsession: fix regression from fix for boo#967002 (boo#968172). * /etc/X11/xdm/Xsession: + Add comments for documentation + Fix semantics + Don't use $HOME/.xinitrc as session script. Let sys.xession handle this. + Make argument parser more robust: add parse error detection. * Add an 'xsession' desktop file: this should offer a session where the $HOME/.xsession is used (boo#968631). - Remove %service_del_postun display-manager.service from %postun macro (boo#968405). ==== xen ==== Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU - bsc#969377 - xen does not build with GCC 6 ipxe-use-rpm-opt-flags.patch gcc6-warnings-as-errors.patch - bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch - Drop xsa154-fix.patch - Use system qemu instead of building/installing yet another qemu FATE#320638 - Dropped files qemu-xen-dir-remote.tar.bz2 CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch qemu-xen-enable-spice-support.patch qemu-xen-upstream-qdisk-cache-unsafe.patch tigervnc-long-press.patch xsa162-qemuu.patch - bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer dereference in vapic_write() CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch ==== xmlgraphics-batik ==== Version update (1.7 -> 1.8) - Update to batik-1.8: batik-src-1.7.zip -> batik-src-1.8.tar.gz - Update xmlgraphics-batik-manifests.patch - Refresh xmlgraphics-batik-policy.patch ==== xmlgraphics-commons ==== Version update (2.0 -> 2.1) - Update to version 2.1 - No changelog available ==== xorg-x11-server ==== Subpackages: xorg-x11-server-extra xorg-x11-server-sdk - Backport upstream patches for Xephyr input hot-plugging / single-GPU multi-seat support: * U_kdrive-fix-up-NewInputDeviceRequest-implementation.patch * U_kdrive-set-evdev-driver-for-input-devices-automatica.patch * U_ephyr-don-t-load-ephyr-input-driver-if-seat-option-i.patch * U_kdrive-don-t-let-evdev-driver-overwrite-existing-dev.patch * U_ephyr-ignore-Xorg-multiseat-command-line-options.patch * U_ephyr-enable-option-sw-cursor-by-default-in-multi-se.patch * U_kdrive-introduce-input-hot-plugging-support-for-udev.patch * U_kdrive-add-options-to-set-default-XKB-properties.patch * U_kdrive-evdev-update-keyboard-LEDs-22302.patch * U_config-udev-distinguish-between-real-keyboards-and-o.patch - u_os-connections-Check-for-stale-FDs.patch Ignore file descriptor if socket or devices dies. This prevents the Xserver to loop at 100% when dbus dies (boo#954433). ==== yakuake ==== Version update (2.9.9 -> 3.0.2) Subpackages: yakuake-lang - Update to 3.0.2 * Also install the AppData file. - Update to 3.0.1 * Fixed installation and integratin of hicolor application icon - Update to 3.0 * Yakuake was ported to KDE Frameworks 5 and Qt 5 * A new default skin follows the Plasma 5 Breeze design - Drop yakuake-2.9.9_no-close.patch ==== yast2-country ==== Version update (3.1.25 -> 3.1.26) Subpackages: yast2-country-data - Improved macintosh and sun keymaps (boo#968183) - 3.1.26 ==== yast2-packager ==== Version update (3.1.89 -> 3.1.90) - Show messages coming from libzypp except during installation (bsc#943805) - 3.1.90 ==== yast2-security ==== Version update (3.2.0 -> 3.2.1) - Removed "Boot permissions - Interpretation of Ctrl + Alt + Del" combo box "Reboot" entry for s390 architecture. (fate#319711) - 3.2.1