Removed rpms ============ - mozilla-nss-certs Added rpms ========== - libexiv2-27 - p11-kit-nss-trust Package Source Changes ====================== cepces +- Fix cepces won't compile on SLE15SP5; (bsc#1203273). + exiv2 -- add CVE-2021-37621.patch (CVE-2021-37621, bsc#1189333) -- add CVE-2021-32617.patch (CVE-2021-32617, bsc#1186192) -- add CVE-2020-19716.patch (CVE-2020-19716, bsc#1188645) -- add CVE-2019-14368.patch (CVE-2019-14368, bsc#1143278) -- add CVE-2019-20421.patch (CVE-2019-20421, bsc#1161901) - -- add CVE-2018-10772.patch (CVE-2018-10772, bsc#1092096) -- add CVE-2018-18915.patch (CVE-2018-18915, bsc#1114690) -- add CVE-2021-37620.patch (CVE-2021-37620, bsc#1189332) -- add CVE-2021-29470.patch (CVE-2021-29470, bsc#1185447) - -- add CVE-2018-5772.patch (CVE-2018-5772, bsc#1076579) -- add CVE-2018-8976.patch (CVE-2018-8976, bsc#1086810) -- add CVE-2018-8977.patch (CVE-2018-8977, bsc#1086798) -- add CVE-2020-18898.patch (CVE-2020-18898, bsc#1189780) -- add CVE-2021-31291.patch (CVE-2021-29457 and CVE-2021-31291, bsc#1185002 and bsc#1188733) -- add CVE-2021-31292.patch (CVE-2021-31292, bsc#1188756) -- add CVE-2021-37618.patch (CVE-2021-37618, bsc#1189330) -- add CVE-2021-37619.patch (CVE-2021-37619, bsc#1189331) -- add CVE-2020-18899.patch (CVE-2020-18899, bsc#1189636) - -- add 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch (bsc#1142684, CVE-2019-13114): - * fixes null-pointer dereference in http.c causing denial of service -- add 0001-IptcData-printStructure-Remove-buffer-overrun.patch (bsc#1088424, CVE-2018-9305): - * fixes an out-of-bounds read in IptcData::printStructure in iptc.c -- add 0001-Fix-SEGV-in-DataValue-Copy.patch (bsc#1109299, CVE-2018-17282): - * fixes null pointer dereference in Exiv2:DataValue:copy in value.cpp -- add 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch, - 0002-PSD-enforce-Length-of-image-resource-section-file-si.patch (CVE-2018-19108, bsc#1115364): - * fixes denial of service in Exiv2::PsdImage::readMetadata -- add 0001-Fix-561.-Use-proper-counter-for-the-idx-variable.patch (CVE-2018-19607, bsc#1117513): - * fixes a denial of service (NULL pointer dereference and application crash) +- add tracker for SLE (jsc#PED-1393) + +- update to 0.27.5 (bsc#1189332, CVE-2021-37620, + bsc#1189333, CVE-2021-37621, + bsc#1189334, CVE-2021-37622, + bsc#1189338, CVE-2021-34334, + bsc#1189335, CVE-2021-37623): + * BMFF bug fixes including CR3 previews + * Security fixes + * libFuzzer target + * Exiv2 monitored by oss-fuzz + * Minor bugs and fixes + +- enable bmff format +- disable docs for now: + - graphviz was failing for a long time when trying to render the + pngs as graphviz-gd was missing + - even after adding this it still fails with missing fonts + +- Update to 0.27.4 (bsc#1186053, CVE-2021-29623, + bsc#1185447, CVE-2021-29470, + bsc#1185002, CVE-2021-29457, + bsc#1188733, CVE-2021-31291, + bsc#1186192, CVE-2021-32617): + - Support for bmff files (HEIC, HEIF, AVIF, CR3, JXL/bmff) + - Bash test scripts rewritten in python + - DNG 1.6 and Exif 2.32 support + - Bug and Security fixes + - Updated build and test environments + - Localisation support on Crowdin + - Revised documentation + - Other improvements +- drop 1271.patch: + included in update + +- Add 1271.patch: Fix build using GCC 11 (boo#1185218). +- Drop the sed hack to remove -fcf-protection: this is properly + solved with the above patch. + +- -fcf-protection doesn't work on i586 with gcc11 either (boo#1185218) + +- Fix build on non-x86 by dropping -fcf-protection flag + on non-x86 architectures + +- Update to 0.27.3: + * Bug and security fixes + * UNIX suppport + * Support for building with C++11 and C++14 + * Revised build and test environments + * Revised documentation + * Improved charset handling in UserComment + * Other improvements + +- Use C++11 for building instead of C++98. Googletest 1.10 is no + longer compatible with C++98. For details, see + https://github.com/Exiv2/exiv2/issues/1163 + +- Use FAT LTO objects in order to provide proper static library. + +- Update to 0.27.2 (bsc#1188645, CVE-2020-19716) + * Bug and security fixes + * Support for Nikon/AutoFocus and Sony/FocusPosition Metadata + * Documentation and man page revisions + * Updated Catalan Localisation + * Using mergify to sync select PRs between 0.27-maintenance and 0.28 + * Monitoring API changes for v0.27 dot releases + * Prelinary Dutch Localisation + * Prelinary Support for Unix (FreeBSD and NetBSD) + * Better Build Bundle Dependency handling + +- Update exiv2-build-date.patch to new source tarball +- Enable testsuite run in %check on x86_64 for Leap >= 15.0, SLE >= 15 and + Tumbleweed +- Use libcurl for HTTP +- Enable webready (webp image support) +- Add licenses to %license & add BSD 3 clause license (used for some CMake + scripts) + +- update to 0.27.1 (CVE-2019-13108, bsc#1142675) + * Bug and security fixes. + * Deprecation warnings for Video, EPS and SSH support. + * Branch 0.27-maintenance for "dots" to avoid confusion with tag 0.27 (== 0.27.0 code). + * Support for Visual Studio 2019 using Conan and CMake +- Update patch exiv2-build-date.patch +- Drop exiv2-cmake-installdir.patch (included upstream) +- Drop exiv2-rename-libxmp.patch (included upstream) +- Drop exiv2-install-headers.patch (included upstream) +- Drop exiv2-BanAllEntityUsage.patch (included upstream) + +- Create libexiv2-xmp-static subpackage + +- Updated exiv2-build-date.patch +- Added exiv2-cmake-installdir.patch (exiv2 bug #623) +- Added exiv2-rename-libxmp.patch (exiv2 bug #624) + * This should prevent possible issues with libxmp project +- Added exiv2-install-headers.patch (exiv2 bug #627) +- Added exiv2-BanAllEntityUsage.patch + * This prevents a denial of service attack related to XML entity expansion + +- Add libxmp.a to the devel package instead of deleting it, it's + needed by the new exiv2Config.cmake that's installed now +- Add libexpat-devel requirement to the devel package, also needed + by exiv2Config.cmake + +- update to final 0.27.0 release + +- update to official RC2 tarball release: + which obsoletes the following patches in previous dists as backports + that have always been upstream: + * obsoletes 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch + * obsoletes 0002-PSD-enforce-Length-of-image-resource-section-file-si.patch (CVE-2018-19108, bsc#1115364) + * obsoletes 0001-Fix-561.-Use-proper-counter-for-the-idx-variable.patch (CVE-2018-19607, bsc#1117513) + * obsoletes 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch (bsc#1142684, CVE-2019-13114) + * obsoletes 0001-IptcData-printStructure-Remove-buffer-overrun.patch (bsc#1088424, CVE-2018-9305) + * obsoletes 0001-Fix-SEGV-in-DataValue-Copy.patch (bsc#1109299, CVE-2018-17282) + +- update to current 0.27-RC2 git state to fix SONAME + change issues +- drop exiv2-0.27-rc2-branch.patch: built git tarball instead. + +- update to 0.27-RC1: + * Security Fixes. + * New build and test infrastructure. + * Many bug fixes. + * Support for MinGW/msys2. + * Buildserver rewritten. + * Support for Adobe XMPsdk +- drop exiv2-update-to-0.26-branch.patch, parallel-build-dep.patch: obsolete +- add exiv2-0.27-rc2-branch.patch: add fixes staged for RC2 - * Includes fix for CVE-2019-14982 (bsc#1146294) + * Fixes CVE-2017-1000128 (bsc#1068871) expat + * (CVE-2022-43680, bsc#1204708) use-after free caused by overeager + destruction of a shared DTD in XML_ExternalEntityParserCreate in + out-of-memory situations + - Added patch expat-CVE-2022-43680.patch + +- Security fix: gnutls +- Fix AVX CPU feature detection for OSXSAVE [bsc#1203299] + * Fixes a SIGILL termination at the verzoupper instruction when + trying to run GnuTLS on a Linux kernel with the noxsave command + line parameter set. Relevant mostly for virutal systems. + * Upstream bug: https://gitlab.com/gnutls/gnutls/issues/1282 + * Add gnutls-clear-AVX-bits-if-it-cannot-be-queried-XSAVE.patch + gstreamer-plugins-good +- Add gstreamer-CVE-2022-1920.patch: avoid integer overflow in + WavPack header handling code (boo#1201688 CVE-2022-1920). +- Add gstreamer-CVE-2022-1921.patch: fix integer overflow resulting + in heap corruption (boo#1201693 CVE-2022-1921). +- Add gstreamer-CVE-2022-1922-matroska.patch and + gstreamer-CVE_2022-1922-qt.patch: fix integer overflows in + zlib/bz2/etc. decompression (boo#1201702 boo#1201704 boo#1201706 + boo#1201707 boo#1201708 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 + CVE-2022-1925 CVE-2022-2122). + kernel-firmware -- Fix missing aliases for qlogic (bsc#1200889); - update other aliases as well from the latest SLE15-SP4 kernels +- Update to version 20221031 (git commit 8bb75626e9dd): + * linux-firmware: Add firmware for Cirrus CS35L41 on new ASUS Laptop + * iwlwifi: add new PNVM binaries from core74-44 release + * iwlwifi: add new FWs from core69-81 release + * qcom: update venus firmware files for VPU-2.0 + * qcom: remove split SC7280 venus firmware images + * qcom: update venus firmware file for v5.4 + * qcom: replace split SC7180 venus firmware images with symlink + * rtw89: 8852b: update fw to v0.27.32.1 + * rtlwifi: update firmware for rtl8192eu to v35.7 + * rtlwifi: Add firmware v4.0 for RTL8188FU + * i915: Add HuC 7.10.3 for DG2 + * linux-firmware: Add firmware for Cirrus CS35L41 on ASUS Laptops + * linux-firmware: Add firmware for Cirrus CS35L41 on Lenovo Laptops + * linux-firmware: Add firmware for Cirrus CS35L41 on HP Laptops +- Drop the CS35L41 firmware tarball that has been merged +- Drop obsoleted cirrus-WHENCE-update.patch + +- Update to version 20221017 (git commit 48407ffd7adb): + * cnm: update chips&media wave521c firmware. + * brcm: add symlink for Pi Zero 2 W NVRAM file + * rtw89: 8852b: add initial fw v0.27.32.0 + * iwlwifi: add new FWs from core72-129 release + * iwlwifi: update 9000-family firmwares to core72-129 + * rtl_bt: Update RTL8852C BT USB firmware to 0xD5B8_A40A + * amdgpu: update GC 10.3.6 RLC firmware + * amdgpu: update GC 10.3.7 RLC firmware + * amdgpu: update Yellow Carp RLC firmware + * amdgpu: update Beige Goby RLC firmware + * amdgpu: update Dimgrey Cavefish RLC firmware + * amdgpu: update Navy Flounder RLC firmware + * amdgpu: update Sienna Cichlid RLC firmware + * mediatek: Update mt8195 SOF firmware to v0.4.1 + * qcom: add squashed version of a530 zap shader + * rtw89: 8852c: update fw to v0.27.56.1 + * rtw89: 8852c: update fw to v0.27.56.0 + * mediatek: Update mt8186 SCP firmware +- Update Cirrus CS35L41 firmware (bsc#1203699) + cirrus-WHENCE-update.patch +- Update aliases from 6.1-rc1 kernel + +- Apply the same workaround to uncompressed flat package, too + (bsc#1204103) + +- Workaround for update failure of kernel-firmware-qcom package + due to the change from a directory to a symlink (bsc#1204103) + +- Update to version 20220930 (git commit fdf1a6525852): + * linux-firmware: Update AMD cpu microcode + * mediatek: mt8195: Update scp.img to v2.0.11956 + * mediatek: Add new mt8195 SOF firmware + * mediatek: Update mt8186 SOF firmware to v0.2.1 + * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) + * rtl_bt: Update RTL8852A BT USB firmware to 0xD9B8_8207 + * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) + * linux-firmware: update firmware for MT7922 WiFi device + * linux-firmware: update firmware for MT7921 WiFi device + * cxgb4: Update firmware to revision 1.27.0.0 (jsc#PED-1501) + * i915: Add versionless HuC files for current platforms + * i915: Add GuC v70.5.1 for DG1, DG2, TGL and ADL-P + * qca: Update firmware files for BT chip WCN3991. + * Removing crnv32 + * amdgpu: update yellow carp DMCUB firmware + * amdgpu: add firmware for VCN 3.1.2 IP block + * amdgpu: add firmware for SDMA 5.2.6 IP block + * amdgpu: add firmware for PSP 13.0.5 IP block + * amdgpu: add firmware for GC 10.3.6 IP block + * amdgpu: add firmware for DCN 3.1.5 IP block + * qcom: rename Lenovo ThinkPad X13s firmware paths + * rtw89: 8852c: update fw to v0.27.42.0 + * rtw89: 8852c: update fw to v0.27.36.0 +- Fix install-split.sh for dealing with a symlink of directory + +- Update to version 20220902 (git commit 2f2f0181581d): + * Mellanox: Add new mlxsw_spectrum firmware xx.2010.3146 + * amdgpu: update beige goby VCN firmware + * amdgpu: update dimgrey cavefish VCN firmware + * amdgpu: update navy flounder VCN firmware + * amdgpu: update sienna cichlid VCN firmware (bsc#1202707) + * rtl_bt: Update RTL8852C BT USB firmware to 0xDFB8_5A33 + * mediatek: reference the LICENCE file for MediaTek firmwares + * mediatek: Add new mt8186 SOF firmware + * ice: Update package to 1.3.30.0 + * QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00438 + * brcm: Add nvram for Lenovo Yoga Tablet 2 830F/L and 1050F/L tablets + * brcm: Add nvram for the Xiaomi Mi Pad 2 tablet + * brcm: Add nvram for the Asus TF103C tablet + * Add amd-ucode README file + * qca: Update firmware files for BT chip WCN6750. This commit will update required firmware files for WCN6750. + * amdgpu: Update Yellow Carp VCN firmware + * qcom: Add firmware for Lenovo ThinkPad X13s +- Update aliases from 6.0-rc +- Update topics list for mtk-sof + +- Update to version 20220804 (git commit e6185d5197fd): + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * Mellanox: Add new mlxsw_spectrum firmware xx.2010.3020 + * linux-firmware: Add firmware for Cirrus CS35L41 + * i915: Add GuC v70.4.1 for DG2 + * i915: Add DMC v2.07 for DG2 + * amdgpu partially revert "amdgpu: update beige goby to release 22.20" + * mediatek: Update mt8183/mt8192/mt8195 SCP firmware + * amdgpu: update renoir to release 22.20 + * amdgpu: update beige goby to release 22.20 + * amdgpu: update yellow carp to release 22.20 + * amdgpu: update dimgrey cavefish to release 22.20 + * amdgpu: update vega20 to release 22.20 + * amdgpu: update vega12 to release 22.20 + * amdgpu: update raven to release 22.20 + * amdgpu: update navy flounder to release 22.20 + * amdgpu: update vega10 to release 22.20 + * amdgpu: update sienna cichlid to release 22.20 + * amdgpu: update navi14 to release 22.20 + * amdgpu: update green sardine to release 22.20 + * amdgpu: update vangogh to release 22.20 + * amdgpu: update navi12 to release 22.20 + * amdgpu: update navi10 to release 22.20 + * amdgpu: update picasso to release 22.20 + * amdgpu: update aldebaran to release 22.20 + * amdgpu: update psp 13.0.8 TA firmware + * WHENCE: Fix the dangling symlinks fix +- Revert the previous rtw88/rtw8822c_fw.bin change due to regression + on HP Pavilion 15 (bsc#1202152) +- Update alias from 5.19 + +- Update to version 20220714 (git commit 84661a3ba62f): + * amdgpu: update DMCUB firmware for DCN 3.1.6 + * WHENCE: Correct dangling symlinks + * Correct WHENCE entry for wfx firmware + * bnx2: Drop unsupported Broadcom NetXtremeII firmware + * bnx2: drop unsupported firmwares + * bnx2: sort firmware names in filesystem order + * Remove old Broadcom Everest (bnx2x) v4/5 firmware + * drop Token Ring network firmwares + * Drop TDA7706 radio firmware + * Drop Intel WiMax firmware + * Drop Computone IntelliPort Plus serial firmware + * Drop ATM Ambassador devices firmware + * brocade: drop old unsupported firmware revs + * amdgpu: update yellow carp DMCUB firmware + * linux-firmware: update firmware for MT7622 WiFi device + * linux-firmware: update firmware for MT7922 WiFi device + * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * mediatek: Add SCP firmware for MT8186 + * rtw88: 8822c: Update normal firmware to v9.9.13 + * rtw88: 8822c: Update normal firmware to v9.9.12 +- Drop obsoleted temporary patches: + wfx-WHENCE-fix.diff + brcm-symlink-fixes.diff +- Minor update of README.build +- Fix missing aliases for qlogic (bsc#1200889) + +- Update to version 20220622 (git commit 9ed4d42c51ac): + * amdgpu: update Yellow Carp VCN firmware + * linux-firmware: update firmware for MT7921 WiFi device + * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) + * qed: update 8.59.1.0 firmware + * Link some devices that ship with the AW-CM256SM + * Add initial AzureWave AW-CM256SM NVRAM file + * Remove the Pine64 Quartz copy of the RPi NVRAM + * qca: Update firmware files for BT chip WCN6750. + * QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00409 + * WHENCE: add symlinks for StarFive based boards + * linux-firmware: wilc1000: update WILC1000 firmware to v15.6 + * brcm: Add NVRAM file 43455 based Wifi/BT module as used on the Quartz64 Model B from Pine64. This file is based on the existing "brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt" NVRAM file. + * iwlwifi: add new FWs from core70-87 release + * iwlwifi: update 9000-family firmwares to core70-87 +- Temporary fix for incorrect symlinks for brcm in WHENCE: + brcm-symlink-fixes.diff +- Minor updates of scripts, sorting alphabetically and add version + to Provides/Obsoletes +- Update alias + +- Update to version 20220607 (git commit 02c69863c885): + * rtl_bt: Update RTL8852A BT USB firmware to 0xDFB8_0634 + * Makefile: replace mkdir by install + * iwlwifi: remove old unsupported 3160/7260/7265/8000/8265 firmware + * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.9 + * WHENCE: ath11k: move regdb.bin before board-2.bin + * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00157 + * ath10k: QCA9888 hw2.0: update board-2.bin + * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00157 + * ath10k: QCA4019 hw1.0: update board-2.bin + * ath10k: WCN3990 hw1.0: add board-2.bin +- Update aliases from 5.19-rc1 +- Minor adjustment of spec template and makespec.sh to align with + the latest TW format + +- Update to version 20220516 (git commit 251d29004ffc): + * amdgpu: update beige goby firmware for 22.10 + * amdgpu: update renoir firmware for 22.10 + * amdgpu: update dimgrey cavefish firmware for 22.10 + * amdgpu: update vega20 firmware for 22.10 + * amdgpu: update yellow carp firmware for 22.10 + * amdgpu: update vega12 firmware for 22.10 + * amdgpu: update navy flounder firmware for 22.10 + * amdgpu: update vega10 firmware for 22.10 + * amdgpu: update raven2 firmware for 22.10 + * amdgpu: update raven firmware for 22.10 + * amdgpu: update sienna cichlid firmware for 22.10 + * amdgpu: update green sardine firmware for 22.10 + * amdgpu: update PCO firmware for 22.10 + * amdgpu: update vangogh firmware for 22.10 + * amdgpu: update navi14 firmware for 22.10 + * amdgpu: update navi12 firmware for 22.10 + * amdgpu: update navi10 firmware for 22.10 + * amdgpu: update aldebaran firmware for 22.10 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * mediatek: Update mt8192 SCP firmware libarchive +- Fix CVE-2021-31566, modifies file flags of symlink target + (CVE-2021-31566, bsc#1192426.patch) + CVE-2021-31566.patch +- Fix bsc#1192427, processing fixup entries may follow symbolic links + bsc1192427.patch + libfprint +- update to 1.94.5: + * New driver: fpcmoc, supporting various FPC MOC Fingerprint Sensors + * goodixmoc: New PIDs 0x6014, 0x6094, 0x631C, 0x634C, 0x6384, 0x659A. + * goodixmoc: Support resetting device on firmware failure due to corrupted DB. + * elanmoc: New PIDs 0x0c88, 0x0c8c, 0x0c8d. + * synaptics: New PID 0x0104. + * upektc: New PID 0x2017. + * Fixed various memory leaks + * More tests + libyui +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + libyui:libyui-ncurses +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + libyui:libyui-ncurses-pkg +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + libyui:libyui-qt +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + libyui:libyui-qt-graph +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + libyui:libyui-qt-pkg +- Prevent antisocial focus grabbing in pkg list (bsc#1204429) +- 4.4.6 + +- Fixed build failure with gcc 13 (gh#libyui/libyui/#80) +- Killed YCP zombies in log output and comments +- 4.4.5 + mozilla-nspr +- update to version 4.34.1 + * add file descriptor sanity checks in the NSPR poll function. + openssh +- Add openssh-do-not-send-empty-message.patch: Prevent empty + messages from being sent. This avoids a superfluous new line + (bsc#1192439). + openssl-1_1 +- FIPS: Add a missing dependency on jitterentropy-devel for + libopenssl-1_1-devel [bsc#1202148] + +- FIPS: OpenSSL service-level indicator - Allow AES XTS 256 [bsc#1190651] + * Add patches: openssl-1_1-ossl-sli-004-allow-aes-xts-256.patch + pam +- Update pam_motd to the most current version. This fixes various issues + and adds support for mot.d directories [jsc#PED-1712]. + * Added: pam-ped1712-pam_motd-directory-feature.patch + protobuf +- Fix a potential DoS issue in protobuf-cpp and protobuf-python, + CVE-2022-1941, bsc#1203681 + * Add protobuf-CVE-2022-1941.patch +- Fix a potential DoS issue when parsing with binary data in + protobuf-java, CVE-2022-3171, bsc#1204256 + * Add protobuf-CVE-2022-3171.patch +- Refresh protobuf-CVE-2021-22570.patch +- Backport changes from 3.16.x tree for apply recent CVE patches + * Add protobuf-51026d922970e06475f005b39287963594134b96.patch + * Add protobuf-6ee16a9c60e734104aeb738503fe3f411c97bd88.patch + * Add protobuf-73e0d748b9acdc40b693f2879ce82ecb1a849b81.patch + * Add protobuf-7bff8393cab939bfbb9b5c69b3fe76b4d83c41ee.patch + * Add protobuf-4f02f056b5cea99052bfdfb6698afe47a3cf2964.patch + * Add protobuf-763c3588740b97e8e80b1b1a1a2dc4f417647133.patch + * Add protobuf-6c92f9dff1807c142edf6780d775b58a3b078591.patch + * Add protobuf-4e93585e8bb234efeacb7737b8d080968c5ab91e.patch + * Add protobuf-58d4420e2dd8a3cd354fff9db0052881c25369ce.patch +- Reorganize patch set ordering + +- Fix potential Denial of Service in protobuf-java in the parsing procedure + for binary data, CVE-2021-22569, bsc#1194530 + * Add protobuf-improve-performance-of-parsing-unknown-fields-in-Java.patch + transactional-update +- Version 4.1.0 + - t-u: Add a "setup-kdump" command; implements [jsc#PED-1441] + - Export TRANSACTIONAL_UPDATE_ROOT (the path to the snapshot) in + the update environment; implements [jsc#PED-1078] + - Add support for "notify" reboot method for desktop use + [gh#openSUSE/transactional-update#93] + - Fix kdump initrd recreation detection; the check was performed in the + active snapshot instead of the target snapshot + - Document register command [bsc#1202900] + - Avoid unnecessary snapshots for register command [bsc#1202901] + - Various optimizations for register command + - Remove bogus error message when triggering reboot + - Rework /etc overlay documentation in "The Transactional Update Guide" + - Fix incorrect manpage formatting + - Remove leftover "salt" reboot method in configuration example file + - Replace deprecated std::mem_fn with lambdas + +- Migration of logrotate configuration to /usr/etc: Saving user + changed configuration files in /etc and restoring them while + an RPM update. + vsftpd +- systemd versions prior to 244 do not support the ProtectXYZ + directives we use in our vsftpd.service file and log warnings + every time the daemon starts, which confuses our users. We avoid + this issue by removing the unsupported options from the service + file when installing on a distribution that comes with such an + older version of systemd. [bsc#1196918] + - on all distributions. [jsc#PM-3322, bsc#1187686] + on all distributions. This allows us to update vsftpd in all + maintained SLE codestreams to the current Factory version and + mitigate the newly discovered ALPACA attack. [jsc#SLE-24275, + jsc#PM-3322, bsc#1187686] xwayland +- U_xkb-proof-GetCountedString-against-request-length-at.patch + * security update for CVE-2022-3550 (bsc#1204412) +- U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch + * security update for CVE-2022-3551 (bsc#1204416) + yast2 +- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) +- 4.5.19 + yast2-configuration-management +- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) +- 4.5.1 + yast2-packager +- Do not add an empty repository to the system when upgrading + a registered system using the Full installation medium + (bsc#1204399) +- 4.5.8 + +- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) +- 4.5.7 + yast2-samba-client +- Enable pam_mount also for gdm-password service; (bsc#1204830); +- 4.5.2 + yast2-security +- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) +- 4.5.2 +