Packages changed: autoyast2 (3.1.108 -> 3.1.111) findutils (4.5.15 -> 4.6.0) nano (2.5.0 -> 2.5.1) net-snmp openssh permissions (2015.09.28.1626 -> 2016.01.15.1451) yast2-dhcp-server (3.1.8 -> 3.1.9) yast2-firewall (3.1.3 -> 3.1.4) yast2-inetd (3.1.11 -> 3.1.12) yast2-kdump (3.1.35 -> 3.1.36) yast2-mail (3.1.5 -> 3.1.6) yast2-ntp-client (3.1.20 -> 3.1.21) yast2-samba-server (3.1.12 -> 3.1.13) yast2-schema (3.1.5 -> 3.1.6) yast2-services-manager (3.1.41 -> 3.1.42) yast2-slp-server (3.1.3 -> 3.1.4) yast2-users (3.1.40 -> 3.1.41) === Details === ==== autoyast2 ==== Version update (3.1.108 -> 3.1.111) Subpackages: autoyast2-installation - Installation with "autoyast=default". Fixed nil exception error. (bnc#959723) - 3.1.111- Fixed init scripts which have been defined inside an AutoYaST configuration file. (bnc#961320) - 3.1.110 ==== findutils ==== Version update (4.5.15 -> 4.6.0) - Upgrade to 4.6.0 stable release, removing 'oldfind'. - Delete now-upstream patches: findutils-gnulib-ppc64le.patch, gnulib-perl522.patch - Refresh patch: findutils-4.4.2-xautofs.patch ==== nano ==== Version update (2.5.0 -> 2.5.1) Subpackages: nano-lang - 2.5.1: * fix syntax-highlighting bug * fix positionlog bug * disable time-eating multiline regex in the C syntax * adds an escape hatch to the WriteOut menu when --tempfile is used: the discardbuffer command, ^Q. * translation updates for fifteen languages * small fix in the softwrap code ==== net-snmp ==== - Request pkgconfig(libssl) instead of openssl-devel to support using LibreSSL as well.- update to upstream version 5.7.3 - remove patch that is now present in the upstream release: * net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch - rename patches to new version number 5.7.3: delete: * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.2-net-snmp-config-headercheck.patch * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-velocity-mib.patch add: * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch * net-snmp-5.7.3-net-snmp-config-headercheck.patch * net-snmp-5.7.3-perl-tk-warning.patch * net-snmp-5.7.3-pie.patch * net-snmp-5.7.3-socket-path.patch * net-snmp-5.7.3-testing-empty-arptable.patch * net-snmp-5.7.3-velocity-mib.patch - add build requirement 'procps' to fix a net-snmp-config error (bsc#935863) - enable DTLS and TLS support (FATE#318789) new binary 'snmptls' was added - add support for hostname netgroups (FATE#316305) '@hostgroup' can be specified for multiple hosts * net-snmp-5.7.3-netgroups.patch - suppress network statistics output in snmpstatus (FATE#316289) '-Sn' don't print any info about the network '-Si' don't print the operational status of network interfaces * net-snmp-5.7.3-snmpstatus-suppress-output.patch- also stop snmptrapd on removal- update to upstream version 5.7.3.pre5 - remove patches that are now present in the upstream release: * net-snmp-5.7.2-build-fix-for-strlcat.patch * net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch * net-snmp-5.7.2-fix-perl-trap-handler.patch - net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: refresh and add patch header- added net-snmp-5.7.2-fix-snmptrapd-remote-denial-of-service.patch: fix remote denial of service problem inside snmptrapd when started with the "-OQ" option (CVE-2014-3565)(bnc#894361) - added net-snmp-5.7.2-fix-perl-trap-handler.patch: fix potential remote denial of service problem inside the snmptrapd Perl trap handler (CVE-2014-2285)(bnc#866942)- merge some old fixes from SLE 11: * init script should provide snmpd. (bnc#466805) * stop all snmp agents when stopping the daemon. (bnc#473328)- recompress .tar.gz - it has trailing garbage, hope we can readd source url on next update- update to upstream version 5.7.2.1, fixing one security issue: * A denial of service attack vector was discovered on the Linux implementation of the ICMP-MIB. (CVE-2014-2284, bnc#866942)- net-snmp-5.7.2-fix-mib-representation-of-timeout-values.patch: fix mib representation of timeout values (bnc#833153)- use _rundir macro- remove old workaround for ppc/ppc64 migrations which is no longer needed (bnc#437293)- add support for python bindings- improve snmptrapd init script (avoid to overwrite the logfile on restart)- Disable parallelism during build. The dependencies between the Perl module and libnetsnmp are not defined correctly and might result in broken linkage (bnc#819497, bnc#818907)- Add Source URL, see https://en.opensuse.org/SourceUrls- net-snmp-5.7.2-build-fix-for-strlcat.patch: fix exported strlcat() prototype that could conflict with other packages (bnc#793548)- update to version 5.7.2: several bug fixes in the agent, client utilities and libraries. The CHANGES file shipped with the package contains a comprehensive list of fixes and improvements - rebase patches to apply cleanly: * net-snmp-5.7.2-perl-tk-warning.patch * net-snmp-5.7.2-socket-path.patch * net-snmp-5.7.2-testing-empty-arptable.patch * net-snmp-5.7.2-pie.patch * net-snmp-5.7.2-velocity-mib.patch * net-snmp-5.7.2-fix-snmpd-crashing-when-an-agentx-disconnects.patch - remove patches that are now present in the upstream release: * net-snmp-5.7.0-recognize-reiserfs.patch * net-snmp-5.7.1-snmplib-zero-timeout.patch * net-snmp-5.7.1-old-api-double-free.patch * net-snmp-5.7.1-use-pclose-to-close-pipes.patch * net-snmp-5.7.1-fix-handling-of-large-filesystems.patch * net-snmp-5.7.1-snmplib-default-retries.patch * net-snmp-5.7.1-fsys-memory-leak.patch * net-snmp-5.7.1-adjust-copyright-in-agent-txt-file.patch * net-snmp-5.7.1-recognize-ocfs2.patch * net-snmp-5.7.1-properly-clean-up-old-requests-in-subagents.patch * net-snmp-5.7.1-reduce-code-duplication-in-agentx.patch * net-snmp-5.7.1-log-agentx-disconnections.patch * net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch * net-snmp-5.7.1-report-problems-with-setundo-processing.patch * net-snmp-5.7.1-fix-array-index-error.patch- Remove redundant sections from specfile - Avoid shipping .la files- fix array index error that could lead to a crash (CVE-2012-2141) (bnc#759352)- fix agent crash when reloading a subagent (AgentX) during a query (bnc#670789)- add OCFS2 to the list of known file systems- update copyright notice of AGENT.txt allowing us to redistribute the file in our package (from Dave Shield) (bnc#750704)- fix license to be in spdx.org format- logrotate: use "reload" instead of "try-restart" to avoid an unnecessary stop/start cycle in the agent (bnc#707636)- net-snmp-5.7.1-fsys-memory-leak.patch: fix a memory leak in agent/mibgroup/hardware/fsys (bnc#725766) - net-snmp-5.7.1-snmplib-default-retries.patch: change default number of retries back from 0 to 5 (bnc#725766) - net-snmp-5.7.1-fix-handling-of-large-filesystems.patch: fix bug in handling large (>8TB) filesystems (bnc#725766) - net-snmp-5.7.1-use-pclose-to-close-pipes.patch: use pclose() instead of fclose() to close a pipe (bnc#725766) - net-snmp-5.7.1-old-api-double-free.patch: agent: avoid double free when netsnmp_register_old_api() fails (bnc#725766) - net-snmp-5.7.1-snmplib-zero-timeout.patch: snmplib: avoid waiting indefinitely if a session has timeout zero (bnc#725766)- update to version 5.7.1: minor release including some bug fixes- enable net-snmp-devel on all baselib architectures- make sure all delegated requests are removed before closing an AgentX session (bnc#670789)- update to version 5.7.1.rc1 but keep package version as 5.7.1 to avoid update problems when the final version is released- small fixes to snmpd and snmptrapd init scripts: - if $SNMPD_LOGLEVEL is not defined, use LOG_NOTICE instead of LOG_DEBUG - improve messages printed and service description - write snmptrapd logs to /var/log/net-snmpd.log- update README.SUSE to reflect some recent changes and drop a bit of outdated information - update baselibs to reflect new library version - spec file cleanup: rename some source files for consistency- add ReiserFS to the list of known file systems (bnc#715199)- install snmptrapd init script by default (bnc#712175)- fix logging option in snmptrapd init script (bnc#712174)- update upstream patches from branch V5-7-patches to 20110714- update to version 5.7: new features and lots of bug fixes - remove patches that are no longer needed: net-snmp-5.6.0-enable-hrh-filesys.patch net-snmp-5.6.1-recognize-jfs-and-xfs.patch net-snmp-5.6.1-rpm490.patch - refresh and rename patches to apply cleanly after update: net-snmp-5.7.0-pie.patch net-snmp-5.7.0-velocity-mib.patch- switch from rpmdb to rpmts to support rpm-4.9.0- update upstream patches from branch V5-6-patches to 20110512- add JFS and XFS to the list of known file systems (bnc#687327)- update upstream patches from branch V5-6-patches to 20110328- fix libsnmp version in baselibs.conf- update to version 5.6.1: new features and lots of bug fixes - update upstream patches from branch V5-6-patches to 20110104 - remove patches that are no longer needed: net-snmp-5.6.0-ethtool-speed.patch- remove /var/adm/perl-modules/net-snmp from the Perl module- update upstream patches from branch V5-6-patches to 20101129 - spec file cleanup: upstream uses -fno-strict-aliasing by default now - remove patches that are no longer needed: net-snmp-5.5.0-rpmdb-h-detect.patch net-snmp-5.6.0-vendorperl.patch- if-mib: add support for more speeds with ethtool (bnc#650558)- update upstream patches from branch V5-6-patches to 20101101, fixing a segmentation fault on shutdown (bnc#650282)- enable new implementation of hrStorage and hrFilesys to fix persistent indexes in FS and Storage tables (bnc#648364)- update upstream patches from branch V5-6-patches to 20101021- update to version 5.6: new features and lots of bug fixes - refresh and rename patches to apply cleanly after update: net-snmp-5.6.0-pie.patch net-snmp-5.6.0-vendorperl.patch net-snmp-5.6.0-net-snmp-config-headercheck.patch- update upstream patches from branch V5-5-patches to 20100803- change default log level from DEBUG to NOTICE (bnc#623497)- spec file cleanup: remove old backward compatibility scripts- update upstream patches from branch V5-5-patches to 20100602: fixed potential buffer overflow in parsing OIDs in config files- update upstream patches from branch V5-5-patches to 20100531 - add net-snmp-5.5.0-rpmdb-h-detect.patch: workaround for autoconf failing to detect rpm/rpmdb.h - remove patches that are no longer needed: net-snmp-5.5.0-use-lmsensors-v3.patch- create /var/run/agentx during startup to support systems that mount /var/run as tmpfs- update libsnmp package name to reflect the library version we are currently shipping - remove patches that are obsolete: net-snmp-5.4.rc2-versinfo.diff net-snmp-5.4.2_snmpconf-selinux.patch - refresh all patches to apply as "-p1" - spec file cleanup: remove conditionals to build on unsupported versions of the distribution- update upstream patches from branch V5-5-patches to 20100428- add net-snmp-5.5.0_upstream-20100405.patch: merge all patches committed to upstream branch V5-5-patches - remove patches that are now upstream: net-snmp-5.4.2_audit.patch net-snmp-5.5.0_autoconf.patch net-snmp-5.4.2_overflow.patch net-snmp-5.4.2.1-rpm4.7.patch net-snmp-5.5.0_gcc45.patch- Fix strncat properly (from Andreas Jaeger)- Fix code errors found by gcc 4.5- build for libsensors4 instead of libsensors3- remove sparcv9-specific baselib exceptions (not needed)- remove net-snmp-5.4.1.2-rmon-mib-revised_3.patch from sources (upstream since 5.5) - refresh net-snmp-5.5.0_autoconf.patch - spec file cleanup: update package description- update to version 5.5: new features and lots of bug fixes, including: - fix hrSWRunPath for processes other than init (bnc#486270) - remove patches that are now upstream: Add-Default-Router-Table-support.patch Add-ICMP-Statistics-Tables-support.patch Add-IPv6-Scope-Zone-Index.patch Add-IPv6-support-on-Internet-Address-Translation-Tab.patch Fix-for-IPv6-Interface-Table.patch Fix-for-Internet-Address-Prefix-Table.patch Fix-for-Internet-Address-Table.patch Fix-for-tcpConnnectionTable-tcpListenerTable-udpEn.patch Improve-IP-Statistics-tables.patch net-snmp-5.3.0.1_trap-agent-addr_v2.patch net-snmp-5.4.1.2-etherlike-mib-revised_4.patch net-snmp-5.4.x_embedded_perl_error_message.patch- add baselibs.conf as a source - add baselib defs for SPARC- Fix build with rpm 4.7 (net-snmp-5.4.2.1-rpm4.7.patch)- make patch0 usage consistent ==== openssh ==== Subpackages: openssh-helpers - CVE-2016-0777, bsc#961642, CVE-2016-0778, bsc#961645 Add CVE-2016-0777_CVE-2016-0778.patch to disable the roaming code to prevent information leak and buffer overflow ==== permissions ==== Version update (2015.09.28.1626 -> 2016.01.15.1451) - the apache folks renamed suexec2 to suexec with symlink. adjust both (bsc#962060)- pinger needs to be squid:root, not root:squid (there is no squid group) bsc#961363- add suexec with 0755 to all standard profiles. this can and should be overridden in permissions.local if you need it setuid root. bsc#951765 bsc#263789 - added missing / to the squid specific directories (bsc#950557) ==== yast2-dhcp-server ==== Version update (3.1.8 -> 3.1.9) - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.9 ==== yast2-firewall ==== Version update (3.1.3 -> 3.1.4) - fix validation of AutoYaST profiles (bnc#954412) - 3.1.4 ==== yast2-inetd ==== Version update (3.1.11 -> 3.1.12) - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.12 ==== yast2-kdump ==== Version update (3.1.35 -> 3.1.36) - fix AutoYaST profile schema (bsc#954412) - 3.1.36 ==== yast2-mail ==== Version update (3.1.5 -> 3.1.6) - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.6 ==== yast2-ntp-client ==== Version update (3.1.20 -> 3.1.21) - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.21 ==== yast2-samba-server ==== Version update (3.1.12 -> 3.1.13) - Fix validation of AutoYaST profiles (bsc#954412) - 3.1.13 ==== yast2-schema ==== Version update (3.1.5 -> 3.1.6) - Fix validation of AutoYaST schema (bsc#954412) - 3.1.6 ==== yast2-services-manager ==== Version update (3.1.41 -> 3.1.42) - Add X-SuSE-YaST-AutoInstSchema declaration so services-manager.rnc could be included in yast2-schema package - Fix validation of AutoYaST profile (bsc#954412) - 3.1.42 ==== yast2-slp-server ==== Version update (3.1.3 -> 3.1.4) - Fix handling of broken options due to bsc#878892 (bsc#954494) - 3.1.4 ==== yast2-users ==== Version update (3.1.40 -> 3.1.41) - fix validation of AutoYaST profiles (bsc#954412) - 3.1.41