Removed rpms ============ - libnettle8-32bit - libudev1-32bit - libz1-32bit - systemd-32bit - libblkid1-32bit - libdw1-32bit - libhogweed6-32bit - libixion-0_16-0 - libopenh264-6 - liborcus-0_16-0 - libserf-1-1 - libsystemd0-32bit - mozilla-openh264 Added rpms ========== - abseil-cpp - libblkid1-32bit - libdw1-32bit - libhogweed6-32bit - libsystemd0-32bit - libixion-0_17-0 - libnettle8-32bit - liborcus-0_17-0 - libudev1-32bit - libz1-32bit - systemd-32bit Package Source Changes ====================== Mesa +- revert previous change, since it resulted in Xorg and Mesa no + longer being able to load "i965" driver at all! This affects many + if not almost all Intel GPU users. I can't tell why this happens, + but I'm afraid we need to act immediately (boo#1202850); reopened + boo#1200965 for now ... + +- change default driver from 'iris' back to 'i965' for Intel + Gen8-11 hardware; that way we also use the same driver used by X + and Mesa (boo#1200965); related bugs: boo#1197045, boo#1197046 + Mesa-drivers +- revert previous change, since it resulted in Xorg and Mesa no + longer being able to load "i965" driver at all! This affects many + if not almost all Intel GPU users. I can't tell why this happens, + but I'm afraid we need to act immediately (boo#1202850); reopened + boo#1200965 for now ... + +- change default driver from 'iris' back to 'i965' for Intel + Gen8-11 hardware; that way we also use the same driver used by X + and Mesa (boo#1200965); related bugs: boo#1197045, boo#1197046 + audit-secondary +- Update audit-secondary.spec: create symbolic link from + /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519). + btrfsprogs +- Upstream behavior of btrfs compression=none (JSC#PED-1711) + * btrfs-progs_props_dont_translate_value_of_compression_none.patch + dracut +- Update to version 055+suse.294.gc5bc4bb5: + Missing network-manager module fixes (bsc#1201975): + * fix(network-manager): avoid calling unavailable dracut-logger functions + * fix(network-manager): skip non-directories in /sys/class/net + * fix(network-manager): disable tty output if the console is not usable + * fix(network-manager): show output on console only with rd.debug enabled + * fix(network-manager): write DHCP filename option to dhcpopts file + * fix(network-manager): ensure safe content of /tmp/dhclient."$ifname".dhcpopts + * fix(network-manager): include nm-daemon-helper binary + * fix(network-manager): don't pull in systemd-udev-settle + * fix(network-manager): support teaming under NM+systemd + * fix(network-manager): pull in network.target in nm-initrd.service + +- Update to version 055+suse.283.ge98ece25: + * fix(network-manager): check for nm-initrd-generator in both /usr/{libexec,lib} (bsc#1201975) + * fix(network-legacy): add auto timeout to wicked DHCP test (bsc#1198709) + emacs-apel +- Add emacs-apel-fix-build-error.patch: fix emacs-apel build error + on SLE-15-SP4 (bsc#1197714). + -- Add suse-start-apel.el. - gnutls +- Security fix: [bsc#1202020, CVE-2022-2509] + * Fixed double free during verification of pkcs7 signatures + * Add gnutls-CVE-2022-2509.patch + +- FIPS: + * Modify gnutls-FIPS-force-self-test.patch [bsc#1198979] + - gnutls_fips140_run_self_tests now properly releases fips_context + +- FIPS: + * Add gnutls_ECDSA_signing.patch [bsc#1190698] + - Check minimum keylength for symmetric key generation + - Only allows ECDSA signature with valid set of hashes + (SHA2 and SHA3) + * Add gnutls-FIPS-force-self-test.patch [bsc#1198979] + - Provides interface for running library self tests on-demand + - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1598 + libixion +- Fix build on SLE-12-SP5 +- Remove unneeded vulkan dependency + +- Added patch: + * libixion-boost-system.patch + + fix missing symbols from boost_system library + +- update to 0.17.0: + * set the baseline C++ version to 17. + * mdds has been internalized so that the public header no longer contains + references to mdds. With this change, the users can use different API + versions of mdds between the ixion build and run-time use. + * cleaned up public API to make use of std::string_view and std::variant + where appropriate. + * implemented built-in LEFT() function in the formula interpreter. + * it is no longer required to set the size of void* at build time to ensure + the binaries to be fully functional. + * fixed a bug where named expressions with names containing invalid + characters were still allowed in. + +- Define conditionally make_build to fix build on systems that do + not have that macro + libnettle +- update to 3.8.1: + * Avoid non-posix m4 argument references in the chacha + implementation for arm64, powerpc64 and s390x. Reported by + Christian Weisgerber, fix contributed by Mamone Tarsha. + * Use explicit .machine pseudo-ops where needed in s390x + assembly files. Bug report by Andreas K. Huettel, fix + contributed by Mamone Tarsha. + +- update to 3.8: + This release includes a couple of new features, and many + performance improvements. It adds assembly code for two more + architectures: ARM64 and S390x. + The new version is intended to be fully source and binary + compatible with Nettle-3.6. The shared library names are + libnettle.so.8.5 and libhogweed.so.6.5, with sonames + libnettle.so.8 and libhogweed.so.6. + New features: + * AES keywrap (RFC 3394), contributed by Nicolas Mora. + * SM3 hash function, contributed by Tianjia Zhang. + * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, + cbc_aes256_encrypt. + On processors where AES is fast enough, e.g., x86_64 with + aesni instructions, the overhead of using Nettle's general + cbc_encrypt can be significant. The new functions can be + implemented in assembly, to do multiple blocks with reduced + per-block overhead. + Note that there's no corresponding new decrypt functions, + since the general cbc_decrypt doesn't suffer from the same + performance problem. + Bug fixes: + * Fix fat builds for x86_64 windows, these appear to never + have worked. + Optimizations: + * New ARM64 implementation of AES, GCM, Chacha, SHA1 and + SHA256, for processors supporting crypto extensions. Great + speedups, and fat builds are supported. Contributed by + Mamone Tarsha. + * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, + SHA256, SHA512 and SHA3. Great speedups, and fat builds are + supported. Contributed by Mamone Tarsha. + * New PPC64 assembly for ecc modulo/redc operations, + contributed by Amitay Isaacs, Martin Schwenke and Alastair + D´Silva. + * The x86_64 AES implementation using aesni instructions has + been reorganized with one separate function per key size, + each interleaving the processing of two blocks at a time + (when the caller processes multiple blocks with each call). + This gives a modest performance improvement on some + processors. + * Rewritten and faster x86_64 poly1305 assembly. +- drop libnettle-s390x-CPACF-SHA-AES-support.patch (included in 3.8) + +- Make shared libraries executable + liborcus +- Added patch: + * no-std-filesystem.patch + + use boost::filesystem instead of std::filesystem, in order to + allow building with older compilers + +- Update to 0.17.2: + * fixed a bug where the state of style:cell-protect="none" was not + explicitly pushed, thereby having had the same effect as not having this + attribute. After the fix, style:cell-protect="none" will explicitly push + the hidden state to false, locked state to false, and the formula-hidden + state to false. +- Update to 0.17.1: + * addressed a number of coverity issues. + * removed a variety of compiler warnings. + * re-generated sax parser tokens from ODF v1.3. + * revised the style import code to only push style attributes that are + actually specified in the XML. + * revised the XML structure validation strategy to ignore any mis-placed + elements and their sub structures rather than aborting the import. + +- Update to 0.17.0: + * set the baseline C++ version to 17. + * cleaned up the public API to replace pstring with std::string_view, union + with std::variant, and boost::optional with std::optional. With this + change, the public API no longer has dependency on boost. + * switched to using ixion::model_iterator for horizontal iteration of cells + instead of using mdds::mtv::collection. + * fixed a bug where exporting a spreadsheet document containing adjacent + merged cells regions to html incorrectly exported the merged cell areas. + * cached cell values are now correctly loaded from the xlsx file. + * utf-8 names are now allowed as element and attribute names in the sax parser. + * unquoted utf-8 property values are now allowed in the css parser. + * added yaml output option in orcus-json. + * fixed a bug where mapping of an XML document with namespace aliases + sometimes corrupts the alias values. + * added orcus.FormulaTokenOp enum type in python which describes type formula token + operator types in a more finer grained manner. + * added notes to how to use orcus-xml and orcus-json to map XML and JSON + documents to spreadsheet documents. +- Drop GCC11_build_fixes.patch + +- Define conditionally make_build to fix build on systems that do + not have that macro + libreoffice +- Update to 7.3.3.1 (jsc#SLE-23447): + You can read the release notes for major version 7.3 here: + https://wiki.documentfoundation.org/ReleaseNotes/7.3 + Release notes for minor releases: + https://wiki.documentfoundation.org/Releases/7.3.3/RC1 + https://wiki.documentfoundation.org/Releases/7.3.2/RC2 + https://wiki.documentfoundation.org/Releases/7.3.2/RC1 + https://wiki.documentfoundation.org/Releases/7.3.1/RC3 + https://wiki.documentfoundation.org/Releases/7.3.1/RC2 + https://wiki.documentfoundation.org/Releases/7.3.1/RC1 + https://wiki.documentfoundation.org/Releases/7.3.0/RC3 + https://wiki.documentfoundation.org/Releases/7.3.0/RC2 + https://wiki.documentfoundation.org/Releases/7.3.0/RC1 + https://wiki.documentfoundation.org/Releases/7.3.0/Beta1 +- Update bundled dependencies: + * boost_1_75_0.tar.xz -> boost_1_77_0.tar.xz + * curl-7.79.1.tar.xz + * gpgme-1.13.1.tar.bz2 -> gpgme-1.16.0.tar.bz2 + * icu4c-69_1-data.zip -> icu4c-70_1-data.zip + * icu4c-69_1-src.tgz -> icu4c-70_1-src.tgz + * libassuan-2.5.3.tar.bz2 -> libassuan-2.5.5.tar.bz2 + * libgpg-error-1.37.tar.bz2 -> libgpg-error-1.43.tar.bz2 + * pdfium-4500.tar.bz2 -> pdfium-4699.tar.bz2 + * skia-m90-45c57e116ee0ce214bdf78405a4762722e4507d9.tar.xz -> + skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz +- Added patches: + * bsc1192616.patch +- Refreshed patches: + * 0001-Revert-java-9-changes.patch + * fix_gtk_popover_on_3.20.patch + * fix-wayland-scaling-in-plasma.patch +- Deleted patches: + * bsc1183308.patch +- This package contain the fixes for the following bugs: + * bsc#1196212 + * bsc#1195881 +- This package is not affected by the following bugs: + * bsc#1196017 + * bsc#1196499 +- Enable gtk3_kde5. The gtk3 interface is more stable than the + qt5/kf5 one, this option makes it possible to use gtk3 in kde + with the kde filepicker (bsc#1197017) +- Add system_curl build condition + libslirp +- security update +- added patches + fix CVE-2021-3593 [bsc#1187365], invalid pointer initialization may lead to information disclosure (udp6) + + libslirp-CVE-2021-3593.patch + +- Add patch to fix the version header (bsc#1201551): + * 0001-meson-remove-meson-dist-script.patch + mozilla-nss +- update to NSS 3.79.1 (bsc#1202645) + * bmo#1366464 - compare signature and signatureAlgorithm fields in legacy certificate verifier. + * bmo#1771498 - Uninitialized value in cert_ComputeCertType. + * bmo#1759794 - protect SFTKSlot needLogin with slotLock. + * bmo#1760998 - avoid data race on primary password change. + * bmo#1330271 - check for null template in sec_asn1{d,e}_push_state. + +- Update nss-fips-approved-crypto-non-ec.patch to unapprove the + rest of the DSA ciphers, keeping signature verification only + (bsc#1201298). +- Update nss-fips-constructor-self-tests.patch to fix compiler + warning. + ndctl +- Update to version 74 (jsc#PED-1080): + * Many CXL fixes + * Some build system fixes + * monitor: Fix the monitor config file parsing + * ndctl/bus: Handle missing scrub commands more gracefully + * ndctl/dimm: Flush invalidated labels after overwrite + - Remove upstreamed patch + - ndctl-build-Fix-systemd-unit-directory-detection.patch + - ndctl-meson-make-modprobedatadir-an-option.patch + +- Provide compatibility symlink for libdaxctl.h in the old location + +- Update to version 73: + * Many CXL fixes + * Fix shipped monitor.conf (bsc#1194696 https://github.com/pmem/ndctl/pull/189) + * inject-smart: Add support for papr + * Switch to meson build system + + ndctl-build-Fix-systemd-unit-directory-detection.patch + + ndctl-meson-make-modprobedatadir-an-option.patch +- Add monitor.conf migration as upstream has (bsc#1194696) +- Use %%config(noreplace) for files in /etc as upstream does. +- Update to version 72.1 + * Add support for CXL interface + * Configuration file rework + * Add service for automatic reconfiguration + * Drop upstreamed patches + - ndctl-namespace-skip-zero-namespaces-when-processing.patch + - ndctl-namespace-Suppress-ENXIO-when-processing-all-n.patch + - 0001-ndctl-namespace-Fix-disable-namespace-accounting-rel.patch + - 0002-Expose-ndctl_bus_nfit_translate_spa-as-a-public-func.patch + - 0003-libndctl-Unify-adding-dimms-for-papr-and-nfit-famili.patch + - 0004-daxctl-fail-reconfigure-device-based-on-kernel-onlin.patch + - 0005-libdaxctl-add-an-API-to-check-if-a-device-is-active.patch + - 0006-libndctl-check-for-active-system-ram-before-disablin.patch + - 0007-daxctl-emit-counts-of-total-and-online-memblocks.patch + - 0008-ndctl-Update-nvdimm-mailing-list-address.patch + - 0009-libndctl-papr-Fix-probe-for-papr-scm-compatible-nvdi.patch + - 0010-ndctl-scrub-Stop-translating-return-values.patch + - 0011-ndctl-scrub-Reread-scrub-engine-status-at-start.patch + - 0012-ndctl-dimm-Fix-label-index-block-calculations.patch + - 0013-daxctl-Add-Soft-Reservation-theory-of-operation.patch + - 0014-Documentation-ndctl-fix-self-reference-of-ndctl-disa.patch + - 0015-ndctl-docs-Clarify-update-firwmware-activation-overf.patch + - 0016-libndctl-papr-Add-support-for-reporting-shutdown-cou.patch +- Add rpmlinrc filter for libcxl and libdaxctl (boo#1191773). +- Fix asciidoctor conditional + open-vm-tools +- Update to 12.1.0 (build 20219665) (boo#1202733) + + New/Updated features: + - Contains security update fix for (bsc#1202657) - (CVE-2022-31676) + VUL-0: CVE-2022-31676: open-vm-tools: + local privilege escalation vulnerability + + A number of Coverity reported issues have been addressed. + + [FTBFS] Fix the build of the ContainerInfo plugin for a 32-bit Linux + release: + https://github.com/vmware/open-vm-tools/pull/588 + + Make HgfsConvertFromNtTimeNsec aware of 64-bit time_t on i386 (32-bit) + This change incorporates the support of 64 bit time epoch conversion + from Windows NT time to Unix Epoch time on i386. + https://github.com/vmware/open-vm-tools/pull/387 +- Drop patch now contained in 12.1.0: + + gcc_size_t.patch + openldap2 +- bsc#1198341 - Prevent memory reuse which may lead to instability + * 0243-Change-malloc-to-use-calloc-to-prevent-memory-reuse-.patch + osinfo-db +- bsc#1197958 - request support for SLE15-SP4 in the osinfo database +- Add support for SUSE linux Enterprise Micro 5.2 + add-slem5.2-support.patch + +- bsc#1196965 - openSUSE Tumbleweed unattended installation with + libvirt fails + opensuse-autoyast-desktop.patch + +- Update to database version 20220214 + osinfo-db-20220214.tar.xz + perl-HTTP-Daemon +- Fix request smuggling in HTTP::Daemon + (CVE-2022-31081, bsc#1201157) + * CVE-2022-31081.patch + * CVE-2022-31081-2.patch + * CVE-2022-31081-Add-new-test-for-Content-Length-issues.patch + procps +- Add the patches + * procps-3.3.17-library-bsc1181475.patch + * procps-3.3.17-top-bsc1181475.patch + which are backports of current newlib tree to solve bug bsc#1181475 + * 'free' command reports misleading "used" value + python-lxml +- add CVE-2022-2309.patch (bsc#1201253, CVE-2022-2309) + raptor +- add CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch (bsc#1178903, CVE-2020-25713) + -- Update to v2.0.7 - * CVE-2012-0037 fixed (bnc#745298) - * Removed Expat support - * Removed internal Unicode NFC code for better and optional ICU - * Added options for denying file requests and XML entity loading - * Added options for SSL certificate verifying - systemd +- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one + pointing to /usr/lib/systemd/ (bsc#1201795) + +- Update 1009-Drop-or-soften-some-of-the-deprecation-warnings.patch (jsc#PED-944) + To decrease log level of messages about use of KillMode=none from warning to + debug. SAP still uses this deprecated option and the warnings emitted by PID1 + confuse both SAP customers and support. + +- Import commit 7b70d88264a588fdba36c6e7655d1feea2b0e0a0 (merge of v249.12) + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/4949659dd6ce81845e13034504fe06b85a02f08b...7b70d88264a588fdba36c6e7655d1feea2b0e0a0 + +- Import commit 4949659dd6ce81845e13034504fe06b85a02f08b + 0f096f16ba tmpfiles: check the directory we were supposed to create, not its parent + 82c3793e43 stat-util: replace is_dir() + is_dir_fd() by single is_dir_full() call + 2191a9ae95 logind: don't delay login for root even if systemd-user-sessions.service is not activated yet (bsc#1195059) + systemd-presets-common-SUSE +- enable ignition-delete-config by default (bsc#1199524) + +- Modify branding-preset-states to fix systemd-presets-common-SUSE + not enabling new user systemd service preset configuration just + as it handles system service presets. By passing an (optional) + second parameter "user", the save/apply-changes commands now + work with user services instead of system ones (boo#1200485) + +- Add the wireplumber user service preset to enable it by default + in SLE15-SP4 where it replaced pipewire-media-session, but keep + pipewire-media-session preset so we don't have to branch the + systemd-presets-common-SUSE package for SP4 (boo#1200485) + timezone +- Update to reflect new Chile DST change, bsc#1202310 + * bsc1202310.patch + timezone-java +- Update to reflect new Chile DST change, bsc#1202310 + * bsc1202310.patch + transactional-update +- Version 4.0.1 + - create_dirs_from_rpmdb: Just warn if no default SELinux context found + [gh#openSUSE/transactional-update#88], [bsc#1188215] + - create_dirs_from_rpmdb: Don't update the rpmdb cookie on failure + [gh#openSUSE/transactional-update#88] + - Handle directories owned by multiple packages + [gh#openSUSE/transactional-update#90], [bsc#1188215] + ucode-intel +- Updated to Intel CPU Microcode 20220809 release. (bsc#1201727) + - CVE-2022-21233: Security updates for [INTEL-SA-00657](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html). + - Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification + +Update](https://www.intel.com/content/www/us/en/processors/xeon/scalable/xeon-scalable-spec-update.html?wapkw=processor+specification+update) for details. - Updated Platforms: + | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products + |:---------------|:---------|:------------|:---------|:---------|:--------- + | SKX-SP | B1 | 06-55-03/97 | 0100015d | 0100015e | Xeon Scalable + | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006d05 | 02006e05 | Xeon Scalable + | SKX-D | M1 | 06-55-04/b7 | 02006d05 | 02006e05 | Xeon D-21xx + | ICX-SP | D0 | 06-6a-06/87 | 0d000363 | 0d000375 | Xeon Scalable Gen3 + | GLK | B0 | 06-7a-01/01 | 0000003a | 0000003c | Pentium Silver N/J5xxx, Celeron N/J4xxx + | GLK-R | R0 | 06-7a-08/01 | 0000001e | 00000020 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 + | ICL-U/Y | D1 | 06-7e-05/80 | 000000b0 | 000000b2 | Core Gen10 Mobile + | TGL-R | C0 | 06-8c-02/c2 | 00000026 | 00000028 | Core Gen11 Mobile + | TGL-H | R0 | 06-8d-01/c2 | 0000003e | 00000040 | Core Gen11 Mobile + | RKL-S | B0 | 06-a7-01/02 | 00000053 | 00000054 | Core Gen11 + | ADL | C0 | 06-97-02/03 | 0000001f | 00000022 | Core Gen12 + | ADL | C0 | 06-97-05/03 | 0000001f | 00000022 | Core Gen12 + | ADL | L0 | 06-9a-03/80 | 0000041c | 00000421 | Core Gen12 + | ADL | L0 | 06-9a-04/80 | 0000041c | 00000421 | Core Gen12 + | ADL | C0 | 06-bf-02/03 | 0000001f | 00000022 | Core Gen12 + | ADL | C0 | 06-bf-05/03 | 0000001f | 00000022 | Core Gen12 + util-linux +- agetty: Resolve tty name even if stdin is specified (bsc#1197178, + util-linux-agetty-resolve-tty-if-stdin-is-specified.patch). +- libmount: When moving a mount point, update all sub mount entries + in utab (bsc#1198731, + util-linux-libmount-moving-mount-point-sub-mounts.patch, + util-linux-libmount-fix-and-improve-utab-on-ms_move.patch). + util-linux-systemd +- agetty: Resolve tty name even if stdin is specified (bsc#1197178, + util-linux-agetty-resolve-tty-if-stdin-is-specified.patch). +- libmount: When moving a mount point, update all sub mount entries + in utab (bsc#1198731, + util-linux-libmount-moving-mount-point-sub-mounts.patch, + util-linux-libmount-fix-and-improve-utab-on-ms_move.patch). + yast2 +- On transactional systems, inform the user that packages are + required to be installed manually (related to bsc#1199840) +- 4.5.11 + yast2-security +- Do not crash when reading active LSM modules returns nil + (related to jsc#SLE-22069) +- 4.5.1 + yast2-tune +- Added runtime dependency on hwinfo (bsc#1202651) +- 4.5.1 + yast2-users +- AY: Fix writing ssh keys for user without specified home + (bsc#1201185) +- 4.5.2 + zlib +- Fix heap-based buffer over-read or buffer overflow in inflate via + large gzip header extra field (bsc#1202175, CVE-2022-37434, + CVE-2022-37434-extra-header-1.patch, + CVE-2022-37434-extra-header-2.patch). + +- CVE-2018-25032: Fix memory corruption on deflate, bsc#1197459 + * bsc1197459.patch + +- Update 410.patch to include new fixes from upstream, + fixes bsc#1192688 +- Refresh bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch + to match upstream commit +- Drop patches which changes have been merged in 410.patch: + * zlib-compression-switching.patch + * zlib-390x-z15-fix-hw-compression.patch + * bsc1174551-fxi-imcomplete-raw-streams.patch + +- Fix hw compression on z15 bsc#1176201 +- Add zlib-s390x-z15-fix-hw-compression.patch + +- Add patch to fix compression level switching + bsc#1175811 bsc#1175830 bsc#1175831 + * zlib-compression-switching.patch + +- Set -DDFLTCC_LEVEL_MASK=0x7e on s390/s390x jsc#13776 + +- Permit a deflateParams() parameter change as soon as possible(bsc#1174736) + * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch + Fix DFLTCC not flushing EOBS when creating raw streams(bsc#1174551) + * bsc1174551-fxi-imcomplete-raw-streams.patch + +- Update 410.patch to contain latest fixes from IBM bsc#1166260 + * The build behaviour changed + +- Update the zlib-no-version-check.patch to be even more forgiving + with the versions on the zlib to allow updates without rebuilds + +- Add SUSE specific patch to fix bsc#1138793, we simply don't want + to test if the app was linked with exactly same version of zlib + like the one that is present on the runtime: + * zlib-no-version-check.patch + +- Update the s390 patchset bsc#1137624: + * 410.patch + +- Tweak zlib-power8-fate325307.patch to have type of crc32_vpmsum + conform to usage + bsc#1141059 + +- Use FAT LTO objects in order to provide proper static library. + +- Do not enable the previous patchset on s390 but just s390x + bsc#1137624 + +- Add patchset for s390 improvements jsc#SLE-5807 bsc#1136717: + * 410.patch + +- Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: + * zlib-power8-fate325307.patch + +- Add patch for fate#325307 zlib speedup on power8: + * zlib-power8-fate325307.patch + +- Add patch to safeguard against negative values in uInt bsc#1071321: + * 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch + +- Added 32bit minizip support + +- Add gpg signature +- Re-enable profiling + +- Add s390 performance patch (fate#314093): + * zlib-1.2.11-optimized-s390.patch + +- baselibs.conf: add missing dependencies + +- Update to version 1.2.11: + * Fix deflate stored bug when pulling last block from window + * Permit immediate deflateParams changes before any deflate input + +- Update to version 1.2.10: + * Avoid warnings on snprintf() return value + * Fix bug in deflate_stored() for zero-length input + * Fix bug in gzwrite.c that produced corrupt gzip files + * Remove files to be installed before copying them in Makefile.in + * Add warnings when compiling with assembler code + +- Update to version 1.2.9: + * Improve compress() and uncompress() to support large lengths + * Allow building zlib outside of the source directory + * Fix bug when level 0 used with Z_HUFFMAN or Z_RLE + * Fix bugs in creating a very large gzip header + * Add uncompress2() function, which returns the input size used + * Dramatically speed up deflation for level 0 (storing) + * Add gzfread() and gzfwrite(), duplicating the interfaces of fread() and fwrite() + * Add crc32_z() and adler32_z() functions with size_t lengths + * Many portability improvements +- Drop patches included in upstream: + * zlib-bnc1003577.patch + * zlib-bnc1003579-part2.patch + * zlib-bnc1003579.patch + * zlib-bnc1003580.patch + * zlib-bnc1013882.patch +- Drop zlib-1.2.7-improve-longest_match-performance.patch + * not accepted by upstream for two releases + * rebasing no longer possible + +- Include fixes for bnc#1003580 bnc#1003579 bnc#1003577 bnc#1013882: + * zlib-bnc1003577.patch + * zlib-bnc1003579-part2.patch + * zlib-bnc1003579.patch + * zlib-bnc1003580.patch refreshed + * zlib-bnc1013882.patch CVE-2016-9843 + +- Trim descriptions to fit target audience. Update RPM group + classification. + +- Require zlib-devel in zlib-devel-static to fix previous change + +- Bring back zlib-devel-static. Needed by binutils + +- Remove zlib-devel-static, nothing should use libz.a anyway. +- Package minizip library, everything using it should now pull + minizip-devel and unbundle it bnc#935864 +