Changed packages: ==== IPython ==== - specfile: * updated copyright year * added Jinja2 requirement for notebook and nbconvert (bnc#911524) ==== calibre ==== - Removed liberation fonts from package (boo#911756) ==== cscope ==== - support-fun-as-params.patch: swallow function as parameters - remove INSTALL from %doc, as suggested by the rpm checker ==== dbus-1-devel ==== Version update (1.8.12 -> 1.8.14) Subpackages: libdbus-1-3 libdbus-1-3-32bit - Update to 1.8.14 * Security hardening: - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls (such as CVE-2014-8148) then this prevents memory consumption and possible privilege escalation via UpdateActivationEnvironment. We believe that in practice, privilege escalation here is avoided by dbus-daemon-launch-helper sanitizing its environment; but it seems better to be safe. - Do not allow calls to UpdateActivationEnvironment or the Stats interface on object paths other than /org/freedesktop/DBus. Some system services install unsafe security policy rules that allow arbitrary method calls to any destination, method and interface with a specified object path; while less bad than allowing arbitrary method calls, these security policies are still harmful, since dbus-daemon normally offers the same API on all object paths and other system services might behave similarly. * Other fixes: - Add missing initialization so GetExtendedTcpTable doesn't crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko) ==== dbus-1 ==== Version update (1.8.12 -> 1.8.14) Subpackages: dbus-1-x11 - Update to 1.8.14 * Security hardening: - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls (such as CVE-2014-8148) then this prevents memory consumption and possible privilege escalation via UpdateActivationEnvironment. We believe that in practice, privilege escalation here is avoided by dbus-daemon-launch-helper sanitizing its environment; but it seems better to be safe. - Do not allow calls to UpdateActivationEnvironment or the Stats interface on object paths other than /org/freedesktop/DBus. Some system services install unsafe security policy rules that allow arbitrary method calls to any destination, method and interface with a specified object path; while less bad than allowing arbitrary method calls, these security policies are still harmful, since dbus-daemon normally offers the same API on all object paths and other system services might behave similarly. * Other fixes: - Add missing initialization so GetExtendedTcpTable doesn't crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko) ==== dialog ==== Subpackages: libdialog11 - Update to version 1.2-20140911 + correct malloc-size for change to prgbox. ==== dnsmasq ==== - The change from Wed Dec 24 messed group w/ user IDs. Switch them back and be more careful w/ what is changed. ==== fslsfonts ==== Version update (1.0.4 -> 1.0.5) - Update to version 1.0.5: This minor maintenance release provides the usual set of accumulated build configuration improvements, compiler warning fixes, and janitorial cleanups. ==== fstobdf ==== Version update (1.0.5 -> 1.0.6) - Update to version 1.0.6: This minor maintenance release provides the usual set of accumulated build configuration improvements, compiler warning fixes, and other janitorial cleanups. ==== gupnp-av ==== Version update (0.12.6 -> 0.12.7) Subpackages: libgupnp-av-1_0-2 - Update to version 0.12.7: + Remove use of deprecated INCLUDES. + Fix GUPnPDIDLLiteObject namespace getters. + Avoid warnings on missing protocol info. + Require vapigen 0.22 to avoid endless loop on VAPI generation. + Bugs fixed: bgo#740265, bgo#741103, bgo#741555, bgo#740365. ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen - Replaced hard to maintain install-apparmor-profiles.patch by upstreamed 30c6aecc-apparmor-lib64.patch. - Reformatted libvirt.spec and libvirtd.init to pass upstream make syntax-check ==== libpurple-plugin-sipe ==== Version update (1.18.4 -> 1.18.5) Subpackages: pidgin-sipe - Update to version 1.18.5: + Redundant "const" breaks build with clang. + Purple idle-away converted to Away. + Svc: use authuser for RealmInfo request. + Adium: add release checking script. + Mingw: update fetch script to Pidgin 2.10.11. + Bugs fixed: sf#269, sf#276. + Updated translations. ==== libsgutils2-2 ==== Subpackages: sg3_utils - blacklist some usb controllers that don't like sg_inq (bnc#840054) Add: sg3_utils-sg_inq-blacklist.diff ==== showfont ==== Version update (1.0.4 -> 1.0.5) - Update to version 1.0.5: This minor maintenance release provides the usual set of accumulated build configuration improvements, compiler warning fixes, and other janitorial cleanups. ==== tuned ==== - Add tuned-powertop2tuned-fix-KeyError-on-id-attribute.patch; fix bnc#888599 ==== vdr ==== - fixed wrong writing of SUSE - added template for SuSEfirewall2 ==== wireshark ==== Subpackages: wireshark-ui-gtk - build with PIE ==== libxfce4panel-1_0-4 ==== Subpackages: xfce4-panel xfce4-panel-lang - add xfce4-panel-fix-action-button-saving-session.patch in order to fix the action button logout session saving logic (bxo#7930, backported from upstream git) ==== xfsinfo ==== Version update (1.0.4 -> 1.0.5) - Update to version 1.0.5: This minor maintenance release provides the usual set of accumulated build configuration improvements, compiler warning fixes, and other janitorial cleanups. ==== xterm ==== Version update (312 -> 313) Subpackages: xterm-bin - Patch #313 - 2014/11/28 * add regisScreenSize resource setting to allow custom screensizes for ReGIS graphics (prompted by discussion with Scott Froebe). * fix some minor issues in manpage (Jens Schweikhardt). * improve ReGIS font-handling (Ross Combs): + remove "random junk" generation for unknown characters + add xterm extension to load user glyphs for alphabet 0 + add xterm extension to specify loading an alphabet from a font by name + fix bug with use of empty alphabet slots which caused slot 0 to be clobbered + update/clarify ReGIS-related comments + add DECprint extension for printing/clearing the screen (only clearing is performed) * improve ReGIS colorspec conversion (Ross Combs): + avoid some floating point math for colorspace conversion + move two copies of colorspec parsing to a single function + change colorspec parsing to handle components being out of order or with spaces and commas between them + add support for an extension where RGB components can be given instead of HLS * improve use of const, e.g., for the LineData pointers (patch by Ross Combs). * clip of graphics that overlap the scrollback buffer and alt screen (patch by Ross Combs). * amend change to focus-change events in patch #287 to limit it to suppressing the reset of the urgency-hint, because some useful FocusOut events were lost (report by Joe Peterson). * modify dpkg build-script to configure xterm-dev as an x-terminal-emulator alternative. * extend the --with-xterm-symlink feature to make symbolic links for the other programs and scripts. * minor fix to vttests/resize.pl to avoid undefined variable when receiving broken/missing response, e.g., from mrxvt. * change the way that ReGIS graphics are refreshed (patch by Ross Combs): + it pre-composes any overlapping graphics to avoid unnecessary and flickering draws + it adds a three-dimensional lookup table for RGB -> pixel values and uses this across all graphics + it draws in line segments when there is a run of the same color + in cases where there are no transparent parts, it uses an XImage to draw + it hooks into the double-buffering support if it is enabled (though this doesn't seem to get rid of all flicker). * This has the effect of reducing flicker and speeding up redraws. - Add libX11-devel, libXft-devel and libXrender-devel BuildRequires: the configure script silently disables XRENDERFONT support if the dependencies are missing (boo#911683). - Add an extra check after configure to ensure we do not lose this support accidentally ever again. Removed packages: Added packages: vmware-guest-kmp-default > vmware-guest-kmp-desktop