Packages changed: efivar epiphany (3.20.0 -> 3.20.1) giflib (5.1.3 -> 5.1.4) gnome-klotski (3.20.0 -> 3.20.1) gnome-nibbles (3.20.0 -> 3.20.1) gnome-robots (3.20.0.1 -> 3.20.1) gnome-software (3.20.0 -> 3.20.1) gnutls (3.4.8 -> 3.4.11) libgames-support (1.0 -> 1.0.1) libinput (1.2.2 -> 1.2.3) python3-setuptools (20.6.7 -> 20.7.0) xdg-app (0.5.0 -> 0.5.1) yast2-auth-server (3.1.15 -> 3.1.16) yast2-users (3.1.46 -> 3.1.47) === Details === ==== efivar ==== - Add efivar-relicensing.patch to update the license in some files - Add the missing COPYING ==== epiphany ==== Version update (3.20.0 -> 3.20.1) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.20.1: + Always store passwords in web app mode (bgo#672573). + Allow opening WebP files with open dialog (bgo#739934). + Activate downloads popover when download is started or completed (bgo#763141). + Avoid stale overview snapshots (bgo#763184). + Fix security popover opening above the window in Wayland (bgo#763921). + Fix session saving of multiple windows (bgo#764101). + Allow closing history dialog with Escape key (bgo#764408). + Updated translations. ==== giflib ==== Version update (5.1.3 -> 5.1.4) Subpackages: giflib-devel libgif7 - Update to version 5.1.4 * Fix SF bug #94: giflib 5 loves to fail to load images... a LOT. * Fix SF Bug #92: Fix buffer overread in gifbuild. * Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path * Fix SF Bug #89: Fix buffer overread in gifbuild. - Removed patch: * giflib-sf-88.patch + Integrated upstream - Added patch: * giflib-CVE-2016-3977.patch - Fix CVE-2016-3977: heap buffer overflow in gif2rgb (bsc#974847) ==== gnome-klotski ==== Version update (3.20.0 -> 3.20.1) Subpackages: gnome-klotski-lang - Update to version 3.20.1: + Updated translations. ==== gnome-nibbles ==== Version update (3.20.0 -> 3.20.1) Subpackages: gnome-nibbles-lang - Update to version 3.20.1: + Updated translations. ==== gnome-robots ==== Version update (3.20.0.1 -> 3.20.1) Subpackages: gnome-robots-lang - Update to version 3.20.1: + Updated translations. ==== gnome-software ==== Version update (3.20.0 -> 3.20.1) - Update to version 3.20.1: + Do not make the ODRS functionality depend on xdg-app. + Fix live installing firmware. + Support unlocking fwupd devices. + Updated translations. - Drop gnome-software-PK-updates.patch: it has been disabled for two years. - Add gnome-software-icon-crash.patch: fix crash when unable to find icon (boo#974806 bgo#764921). ==== gnutls ==== Version update (3.4.8 -> 3.4.11) Subpackages: libgnutls-dane0 libgnutls-devel libgnutls-openssl27 libgnutls30 libgnutls30-32bit - Updated to 3.4.11 * Version 3.4.11 (released 2016-04-11) * * libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. Reported by Fridolin Pokorny. * * libgnutls: Fixes in DSA key generation under PKCS #11. Report and patches by Jan Vcelak. * * libgnutls: Corrected behavior of ALPN extension parsing during session resumption. Report and patches by Yuriy M. Kaminskiy. * * libgnutls: Corrected regression (since 3.4.0) in gnutls_server_name_set() which caused it not to accept non-null- terminated hostnames. Reported by Tim Ruehsen. * * libgnutls: Corrected printing of the IP Adress name constraints. * * ocsptool: use HTTP/1.0 for requests. This avoids issue with servers serving chunk encoding which ocsptool doesn't support. Reported by Thomas Klute. * * certtool: do not require a CA for OCSP signing tag. This follows the recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate OCSP signing to another certificate without requiring it to be a CA. Reported by Thomas Klute. * Version 3.4.10 (released 2016-03-03) * * libgnutls: Eliminated issues preventing buffers more than 2^32 bytes to be used with hashing functions. * * libgnutls: Corrected leaks and other issues in gnutls_x509_crt_list_import(). * * libgnutls: Fixes in DSA key handling for PKCS #11. Report and patches by Jan Vcelak. * * libgnutls: Several fixes to prevent relying on undefined behavior of C (found with libubsan). * Version 3.4.9 (released 2016-02-03) * * libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would negotiate the last commonly supported protocol, rather than the first. Reported by Remi Denis-Courmont (#63). * * libgnutls: Tolerate empty DN fields in informational output functions. * * libgnutls: Corrected regression causes by incorrect fix in gnutls_x509_ext_export_key_usage() at 3.4.8 release. ==== libgames-support ==== Version update (1.0 -> 1.0.1) - Update to version 1.0.1: + Updated translations. ==== libinput ==== Version update (1.2.2 -> 1.2.3) Subpackages: libinput-devel libinput-udev libinput10 - Update to version 1.2.3: * The handling of the T450 jerky cursor motion had a bug, causing libinput to complain about invalid states (fdo#94601). This is fixed now. * The top software buttons on the T440 generation touchpads had their left-handed button mapping applied twice, effectively cancelling it out (fdo#94733). Fixed now, the top buttons will be mapped correctly in left-handed mode. * The Wacom airbrush pen slider range now sends the correct [-1, 1] normalized range. * And finally, the config call to fetch the default profile libinput_device_config_accel_get_default_profile() actually returns the default profile now. - Drop libinput-touchpad-fixes.patch: Fixed upstream. ==== python3-setuptools ==== Version update (20.6.7 -> 20.7.0) - specfile: * README.txt -> README.rst * no more CHANGES.txt in tar-ball (removed from %doc) - update to version 20.7.0: * Refactored extra enviroment marker processing in WorkingSet. * Issue #533: Fixed intermittent test failures. * Issue #536: In msvc9_support, trap additional exceptions that might occur when importing distutils.msvc9compiler in mingw environments. * Issue #537: Provide better context when package metadata fails to decode in UTF-8. - changes from version 20.6.8: * Issue #523: Restored support for environment markers, now honoring 'extra' environment markers. ==== xdg-app ==== Version update (0.5.0 -> 0.5.1) - Update to version 0.5.1: + xdg-app-builder: Don't export if --build-only specified. + Prefer non-subdir extensions over subdir ones.. + builder: Build single every-locale extension. + Extract icons for all appstream components. + Document xdg-app-build-bundle. + Align contents of xdg-app.1 with xdg-app --help. + Don't check that the name is a branch. + Add xdg-app info to docs. + builder: Use the right field for the platform cache checksum. + builder: Checksum metadata-platform contents for cache too. + builder: Actually respect the defined branch. + Fix indentation. + Support endianness markers in bundle files. + seccomp: Always try to do the socket filtering, but don't fail if not supported. + seccomp: Allow running the target arch. + doc: Minor reshuffling. + XdgAppInstallation: Fix a doc typo. + version information: Add documentaiton. + XdgAppError: Add documentation. + XdgAppInstallation: Add documentation. + XdgAppRef: Add documentation. + XdgAppInstalledRef: Add documentation. + XdgAppRemoteRef: Add documentation. + XdgAppRemote: Add documentation. + docs: Pick up the version number automatically. + docs: No need for a deprecated index. + docs: Exclude more private headers. + docs: Fix a typo. + docs: Hide class structs. + doc: Add xdg_app_installation_install_bundle. + More class hiding. + docs: Document XdgProgressCallback. + helper: Use 64bit capset/capget versions. + Release 0.5.1. ==== yast2-auth-server ==== Version update (3.1.15 -> 3.1.16) - The recent OpenLDAP upgrade in Tumbleweed no longer loads DB drivers and essential modules by default, hence adapting to that by explicitly loading them. Bump version to 3.1.16. Address bsc#959760 bsc#964924. ==== yast2-users ==== Version update (3.1.46 -> 3.1.47) - Does not set empty passwords fields in /etc/shadow during installation (CVE-2016-1601, bnc#973639, bnc#974220) - Set root password correctly when using a minimal profile (bnc#971804) - 3.1.47