Removed rpms
============
- libpoppler89
- mozilla-nss-certs
- poppler-data
Added rpms
==========
- p11-kit-nss-trust
Package Source Changes
======================
MozillaFirefox
+- Firefox Extended Support Release 91.8.0 ESR (bsc#1197903)
+ Release candidate! Details filled in later, once it has been released
+
+- Adjust rust dependency for SP3 and later. TW uses always the
+ newest version of rust, but we don't, so we can't use the
+ rust+cargo notation, which would need both < and >= requirements.
+ (bsc#1197698)
+
+- Add cpu-flag `asimdrdm` to aarch64 constraints, to select newer,
+ faster buildhosts, as the others struggle to build FF.
+
+- Firefox Extended Support Release 91.7.1 ESR
+ * Changed: Yandex and Mail.ru have been removed as optional
+ search providers in the drop-down search menu in Firefox.
+ If you previously installed a customized version of Firefox
+ with Yandex or Mail.ru, offered through partner distribution
+ channels, this release removes those customizations,
+ including add-ons and default bookmarks. Where applicable,
+ your browser will revert back to default settings, as offered
+ by Mozilla. All other releases of Firefox remain unaffected
+ by the change.
+
SuSEfirewall2
+- perl-Net-DNS is only needed by some ancillary helper tool but not for the
+ core features. So set it to Recommended.
+
+- hosting moved to github.com/opensuse/susefirewall2
+- added a sysvinit -> systemd conversion hack (bnc#891669)
+
+- SuSEfirewall2, ACCEPT from services is a local variable, otherwise
+ "ACCEPT" would be used a service name (bnc#889406 bnc#889555 bnc#887040)
+
+- Added ACCEPT to TEMPLATE using FW_SERVICES_ACCEPT
+
+- Allow incoming DHCPv6 replies, currently unlimited.
+ bnc#867819,bnc#868031,bnc#783002,bnc#822959
+- typo fix customary -> custom bnc#835677
+
+- add perl-Net-DNS requires for "SuSEfirewall2 log" (bnc#856705)
+
+- adjust service files so manual starts work better (bnc#819499)
+
+- license update: GPL-2.0
+ Various GPL-2.0 (only) licensed files
+
+- clarify what the default is in FW_MASQ_NETS (bnc#817233)
+- removed the --rttl option in recent matches, as this could also be used by attackers (bnc#800719)
+
+- do not add dependency information about YaST2 Second Stage (bnc#800365)
+
+- fix defaultl value docu for FW_PROTECT_FROM_INT (bnc#798834)
+
+- move to /usr, remove init scripts
+
+- adjust for starting via systemd service files
+- move lock files to /run
+- just CT instead of NOTRACK (bnc#793459)
+
+- getdevinfo is gone as per commit 0c5ac93 (bnc#777271)
+
+- honor FW_IPv6 setting also in debug mode (bnc#769411)
+
+- fix logging in test mode
+
+- allow icmpv6 in FW_SERVICES_*_*
+
+- allow ICMPv6 Multicast Listener Query (bnc#767392)
+
+- fix typo spotted by Frederic
+
+- assume all interface names are correct (bnc#739084)
+
+- fix forward masquerading (bnc#736205)
+- compat syntax for negated options no longer works (bnc#660156, bnc#731088)
+- enhance debug mode
+
+- use /sbin/rpcinfo as /usr/sbin/rpcinfo is gone (bnc#727438)
+
+- set SYSTEMD_NO_WRAP for status (bnc#727445)
+
+- fix manual rcSuSEfirewall2 stop with sytemd (bnc#717583)
+
+- fix typo (bnc#721845)
+- atomic zone status writing
+
+- Remove redundant tags/sections from specfile
+
+- sanitize FW_ZONE_DEFAULT (bnc#716013)
+- add warning about iptables-batch to SuSEfirewall2-custom
+- fix warning about /proc/net/ip_tables_names not readable
+- don't install input rules for interfaces in default zone
+- Add hook fw_custom_after_finished
+- update FAQ (bnc#694464)
+- clean up overrides when stopping the firewall (bnc#630961)
+- change default FW_LOG_ACCEPT_CRIT to "no"
+- allow redir without port specification
+- make FW_SERVICES_{REJECT,DROP}_* take precedende before ACCEPT (bnc#671997)
+- fix zonein and zoneout parameters
+- fix reverse direction of forwarding rules (bnc#679192)
+
+- introduce rpcusers file to allow statd to run as non-root
+ (bnc#668553)
+
+- add zonein and zoneout parameters for FW_FORWARD
+- fix typos
+
+- don't start in runlevel 4 by default (bnc#656520)
+- cut off long zone names (bnc#644527)
+- fix and enhance output of log command (bnc#663262)
+
+- don't unload rules when using systemd
+
+- list some known rpc services as Should-Start
+- don't filter outgoing packets at all
+- fix an example (bnc#641907)
+- fix status check in SuSEfirewall2_init (bnc#628751)
+
+- don't use fillup anymore as it keeps corrupting the config file
+ (bnc#340926)
+
+- remove "batch committing..." message
+- read defaults from separate file
+- warn if highports config options are set
+- finally drop 'highports' misfeature
+- remove kernel ipv6 module detection (bnc#617033)
+- silence warning about default zone (bnc#616841)
+- SuSEfirewall2-open: don't add values multiple times
+- Use multiprotocol xt_conntrack
+
+- only directories in /sys/class/net are real interfaces (bnc#609810)
+
+- add entry about drbd to FAQ
+- update docu
+- implement FW_BOOT_FULL_INIT
+
+- use new versioning scheme after switch of repo to git
+- update and rebuild docu
+- remove really old rc.config conversion code from spec file
+
+- fix spelling error in sysconfig file (bnc#537427)
+- polishing of log drop policy (bnc#538053)
+ * drop multicast packets silently
+ * separate drop rule for broadcast packets at end of chain
+ * only consider NEW udp packets as critical
+ * don't log INVALID packets as critical
+
+- implement runtime override of interface zones
+- allow disabling NOTRACK rules on lo (bnc#519526)
+
+- remove chkconfig calls (bnc#522268)
+
+- add note about use as bridging firewall
+- allow to set FW_ZONE_DEFAULT via config file
+- deprecate fw_custom_before_antispoofing and
+ fw_custom_after_antispoofing, use fw_custom_after_chain_creation
+ instead
+
+- add note that ulog doesn't work with IPv6 (bnc#442756)
+- fix version number in help text
+- allow service files to specify kernel modules and allow related packets
+- silence an error from bash if a service config file is not available (bnc#487870)
+- better wording for BROADCAST in template
+- update firewall hook script (patch by Marius)
+
aaa_base
+- fix (bsc#1194883) - aaa_base: Set net.ipv4.ping_group_range to
+ allow ICMP ping
+- added patches
+ + git-40-d004657a244d75b372a107c4f6097b42ba1992d5.patch
+
+- Port change from Thu Sep 30 08:51:55 UTC 2022 forword to
+ current version which includes a rename of patch
+ git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
+ to
+ git-43-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
+ as otherwise autopatch macro does not work anymore
+
+- Include all fixes and changes for systemwide inputrc to remove
+ the 8 bit escape sequence which interfere with UTF-8 multi byte
+ characters as well as support the vi mode of readline library.
+ This is done with the patches
+ * git-41-f00ca2600331602241954533a1b1610d1da57edf.patch
+ * git-42-f39a8d18719c3b34373e0e36098f0f404121b5c5.patch
+ before the changed patch
+ git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
+ rename it to
+ git-43-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch
+ and also add the patches
+ * git-44-425f3e9b44ba9ead865d70ff6690d5f2869442dc.patch
+ * git-45-bf0a31597d0ed3562bfc5e6be0ade2fe5dc1f7a1.patch
+
aalib
+- fix build with newer ld
+
+- BuildRequire gpm-devel
+
+- package baselibs.conf
+
+- fix aalib-1.4.0-477.9: possible missing call to fclose [bnc#523344]
+
+- remove static libraries and "la" files
+- fix -devel package dependencies
+- fix aalib-config so it only returns needed libraries
+
autoyast2
+- Respect general/signature-handling settings during the 2nd
+ stage (bsc#1197655).
+- 4.4.36
+
bcm43xx-firmware
+- Add required firmware file for Bluetooth module found on RPi Zero 2W (bsc#1197286)
+
+- Update BCM4345C0.hcd to fix Spectra for CYW43455 (CVE-2020-10370)
-- Update BCM4345C0.hcd to fix Spectra for CYW43455 (CVE-2020-10370)
+- Update BCM4345C0.hcd
dracut
+- Update to version 055+suse.248.g92d06110:
+ * fix(resume): correct call to block_is_netdevice function (bsc#1197737)
+ * chore(suse): remove fipscheck requirement (bsc#1198065)
+
gnome-shell-extensions
+- Add gnome-shell-extensions-restore-classic-css.patch: the version
+ of gnome-classic.css in the tarball is wrong, somehow it contains
+ the CSS file for GNOME42, so restore to the right version by this
+ patch before the upstream release the new tarball.
+- Revert gse-sle-classic-ext.patch to the last revision
+ (bsc#1197175, glgo#GNOME/gnome-shell-extensions#382).
+
gutenprint
+- Version upgrade to 5.2.10:
+ * Added a unified CUPS backend 'gutenprint52+usb' that requires
+ libusb 1.0 (or newer) to support selected dye sublimation
+ printers. Support for all Canon SELPHY CP- and ES- printers
+ has been improved considerably through that CUPS backend.
+ * Added duplex support for the EPSON WorkForce 630, 635,
+ and 645, and NX635.
+ * Many new printers supported in this release.
+ * Very many new printers supported experimentally.
+ For details see the NEWS file.
+- For openSUSE 11.4 or newer BuildRequires libusb-1_0-devel
+ to build the 'gutenprint52+usb' backend. When libusb-1.0 is
+ not installed, the configure magic does not build that backend.
+ The installed /usr/share/cups/usb/net.sf.gimp-print.usb-quirks
+ needs a current CUPS version (that supports usb quirks).
+ Older CUPS versions would ignore gutenprint's usb quirks
+ which means that the generic CUPS backend 'usb' reports
+ in particular the dye sublimation printers that do not work
+ with it but require the special 'gutenprint52+usb' backend.
+
+- Do no longer send SIGHUP to cupsd in RPM post install script
+ (which would let the cupsd recognize new and updated PPD files
+ see the entry dated "Fri Sep 24 10:45:28 CEST 2010" below)
+ because SIGHUP to cupsd makes active print jobs fail
+ (see bnc#637455 starting at comment#3).
+- Added explicit "Requires: ghostscript" if suse_version > 1210
+ because since openSUSE 12.2 cups only "Recommends: ghostscript"
+ (to avoid a build dependency cycle) so that gutenprint needs
+ an explicit "Requires: ghostscript" for the "cups" device in
+ Ghostscript that is required by "rastertogutenprint" (compare
+ the entry dated "Thu Apr 28 17:20:03 CEST 2011" below).
+
+- Version upgrade to 5.2.9:
+ Revert an inappropriate change to the internal library version
+ number that was introduced in the 5.2.8 release.
+- Version upgrade to 5.2.8:
+ The Canon driver has been significantly overhauled. Its output
+ and functionality may be significantly different from previous
+ releases. Further work in future releases is expected.
+ Several Canon PIXMA and SELPHY printers were removed, as they
+ are not supported.
+ Several Canon printers do not offer a grayscale printing mode.
+ CD printing support for some Canon PIXMA printers was added.
+ Added borderless functionality to most Canon printers
+ (except S series and BJC series).
+ Many new Canon printers are now EXPERIMENTAL supported.
+ A few new Epson printers are now supported.
+ For details see the NEWS file.
+- escputil-send_nulls-void.patch is obsolete because its fixed
+ in the sources.
+- compile-fix.patch is obsolete because its fixed in the sources.
+
+- compile-fix.patch adds missing includes.
+
+- Add python-cups BuildRequires to have postscriptdriver() Provides
+ for the drivers in gutenprint.
+
+- Upgraded to version 5.2.7:
+ This release features support for many additional Canon inkjets,
+ some Epson inkjets, and some dye sublimation printers,
+ greatly upgraded support for many Epson Stylus Pro printers,
+ and numerous bug fixes.
+ For details see the NEWS file.
+- escputil-send_nulls-void.patch makes send_nulls a void function
+ because nowhere is a return value of send_nulls used
+ to fix a "no-return-in-nonvoid-function escputil.c:683" error.
+
+- Removed the needless RPM requirement for pstoraster.
+- Removed the duplicate RPM requirement for ghostscript-library
+ because there is a RPM requirement for cups
+ and cups requires ghostscript.
+
+- Added missing directories for /usr/lib/gimp/2.0/plug-ins/*
+ to the "gimpplugin" files section in the RPM spec file.
+- Marked /usr/share/gutenprint/doc/* as "doc" in the RPM
+ spec file (see Novell/openSUSE Bugzilla bnc#661350).
+
+- Removed gutenprint-5.2.6-make_A4_DefaultPageSize.patch
+ because it is useless because the DefaultPageSize in the PPD
+ templates in /usr/share/cups/model/ does not matter because
+ the cupsd sets the DefaultPageSize for PPDs in /etc/cups/ppd/
+ by default according to the locale that the cupsd runs in or
+ according to a DefaultPaperSize entry in /etc/cups/cupsd.conf.
+- Run cups-genppdupdate in the RPM post install script to update
+ Gutenprint PPD files in /etc/cups/ppd/ if such PPDs exist
+ (see Novell/openSUSE Bugzilla bnc#637455).
+
+- Disable the PPD generator /usr/lib/cups/driver/gutenprint.5.2
+ to avoid duplicated PPDs because we provide ready-made PPDs
+ in /usr/share/cups/model/gutenprint/... in the RPM package
+ (see Novell/openSUSE Bugzilla bnc#514994 comment#9
+ the section "Regarding CUPS PPD files").
+
+- gutenprint-5.2.6-make_A4_DefaultPageSize.patch
+ moves the paper definition for "A4" to the top of the list
+ to make A4 the DefaultPageSize in the Gutenprint PPDs.
+- Upgraded to version 5.2.6:
+ This release offers additional support for Epson Stylus Pro
+ printers, along with some changes for other Epson printers
+ and support for additional Canon inkjets and PCL laser
+ printers over 5.2.5. For details see the NEWS file.
+- Upgraded to version 5.2.5:
+ This release offers several fixes, new features, and support
+ for new printers over 5.2.4. For details see the NEWS file.
+
+- Split gutenprint from the cups-drivers package to have it as a
+ stand-alone package (see Novell/openSUSE Bugzilla bnc#514994).
+ The IJS driver /usr/bin/ijsgutenprint is no longer provided
+ because it is not recommend if CUPS is used. Only the native
+ CUPS driver is provided as recommend, see the README file.
+
inkscape
+- Add upstream patches required to build on SP4 (bsc#1197731):
+ inkscape-poppler-build-fix.patch
+ inkscape-c-standard.patch
+ inkscape-new-glib.patch
+
joe
+- Convert Russian and Ukrainian docs and locales from KOI8 to
+ UTF-8.
+- Corrected License tag.
+- Use full URL for Source.
+
+- Fix yet another case of stack smashing.
+
+- Remove lang_additions.bz2 obsoleted by inclusion in the gettextization
+ patch.
+
+- Fix SIGIOT in autoindent (bnc#548327)
+- Minor code cleanup.
+- Redo the gettextisation patch (include all files added by tarball
+ and gettextize).
+- Update German translation.
+
+- Make syntax files config(noreplace) so that updates don't overwrite
+ modifications.
+
kdump
+- pull sources directly from git using obs_scm
+- fix bsc#1190299, bsc#1186272
+- remove patches included in upstream git:
+ kdump-calibrate-include-af_packet.patch,
+ kdump-calibrate-fix-nic-naming.patch,
+ kdump-calibrate.conf-depends-on-kdumptool.patch
+
kernel-default
+- iwlwifi: fix use-after-free (bsc#1197762 git-fixes).
+- commit d5140bb
+
+- Refresh patches.suse/iwlwifi-module-firmware-ucode-fix.patch (bsc#1197762)
+ Correct the entries that have *-64.ucode instead of *-63.ucode
+- commit d8b5646
+
+- Update patch references for a few already backported fixes (CVE-2022-26878 bsc#1197035 bsc#1193983 CVE-2021-4148 bsc#1197366 CVE-2021-45868 CVE-2022-0644 bsc#1196155)
+- commit 69353e8
+
+- USB: gadget: validate interface OS descriptor requests
+ (CVE-2022-25258 bsc#1196095 git-fixes).
+- commit 4a7f6a3
+
+- Update patch reference for vdpa fix (CVE-2022-0998 bsc#1197247)
+- commit 5b2f9f9
+
+- vdpa: clean up get_config_size ret value handling (CVE-2022-0998
+ bsc#1197247).
+- commit 0d2ae2e
+
+- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
+ (bsc#1196806, bsc#1196961).
+- commit 2771ae3
+
+- Move upstreamed ALSA fix into sorted section
+- commit 051af6b
+
+- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and
+ mmap_lock (CVE-2022-1048 bsc#1197331).
+- Refresh
+ patches.kabi/ALSA-kABI-workaround-for-snd_pcm_runtime-changes.patch.
+- commit 5e55cab
+
+- net: sched: fix use-after-free in tc_new_tfilter()
+ (CVE-2022-1055 bsc#1197702).
+- commit 77a7f01
+
kernel-kvmsmall
+- iwlwifi: fix use-after-free (bsc#1197762 git-fixes).
+- commit d5140bb
+
+- Refresh patches.suse/iwlwifi-module-firmware-ucode-fix.patch (bsc#1197762)
+ Correct the entries that have *-64.ucode instead of *-63.ucode
+- commit d8b5646
+
+- Update patch references for a few already backported fixes (CVE-2022-26878 bsc#1197035 bsc#1193983 CVE-2021-4148 bsc#1197366 CVE-2021-45868 CVE-2022-0644 bsc#1196155)
+- commit 69353e8
+
+- USB: gadget: validate interface OS descriptor requests
+ (CVE-2022-25258 bsc#1196095 git-fixes).
+- commit 4a7f6a3
+
+- Update patch reference for vdpa fix (CVE-2022-0998 bsc#1197247)
+- commit 5b2f9f9
+
+- vdpa: clean up get_config_size ret value handling (CVE-2022-0998
+ bsc#1197247).
+- commit 0d2ae2e
+
+- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
+ (bsc#1196806, bsc#1196961).
+- commit 2771ae3
+
+- Move upstreamed ALSA fix into sorted section
+- commit 051af6b
+
+- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and
+ mmap_lock (CVE-2022-1048 bsc#1197331).
+- Refresh
+ patches.kabi/ALSA-kABI-workaround-for-snd_pcm_runtime-changes.patch.
+- commit 5e55cab
+
+- net: sched: fix use-after-free in tc_new_tfilter()
+ (CVE-2022-1055 bsc#1197702).
+- commit 77a7f01
+
libdvdread
+- Added baselibs.conf. Removed licenses link from spec.
+
+- Added Requires: pkg-config to get the .pc file to build.
+
libexif
+- libexif-CVE-2020-0198-CVE-2020-0181.patch: adjusted overflow checking
+ code to in exif-data to not be optimized away. (CVE-2020-0198,
+ CVE-2020-0181, bsc#1172802, bsc#1172768)
+- libexif-CVE-2020-0452.patch: adjusted a overflow check to not
+ be optimized away by the compiler (CVE-2020-0452 bsc#1178479)
+
-- updated to 0.6.21
- * Fixed some buffer overflows in exif_entry_format_value()
- This fixes CVE-2012-2814. Reported by Mateusz Jurczyk of
- Google Security Team
- * Fixed an off-by-one error in exif_convert_utf16_to_utf8()
- This can cause a one-byte NUL write past the end of the buffer.
- This fixes CVE-2012-2840
- * Don't read past the end of a tag when converting from UTF-16
- This fixes CVE-2012-2813. Reported by Mateusz Jurczyk of
- Google Security Team
- * Fixed an out of bounds read on corrupted input
- The EXIF_TAG_COPYRIGHT tag ought to be, but perhaps is not,
- NUL-terminated.
- This fixes CVE-2012-2812. Reported by Mateusz Jurczyk of
- Google Security Team
- * Fixed a buffer overflow problem in exif_entry_get_value
- If the application passed in a buffer length of 0, then it would
- be treated as the buffer had unlimited length.
- This fixes CVE-2012-2841
- * Fix a buffer overflow on corrupt EXIF data.
- This fixes bug #3434540 and fixes part of CVE-2012-2836
- Reported by Yunho Kim
- * Fix a buffer overflow on corrupted JPEG data
- An unsigned data length might wrap around when decremented
- below zero, bypassing sanity checks on length.
- This code path can probably only occur if exif_data_load_data()
- is called directly by the application on data that wasn't parsed
- by libexif itself.
- This solves the other part of CVE-2012-2836
- * Fixed some possible division-by-zeros in Olympus-style makernotes
- This fixes bug #3434545, a.k.a. CVE-2012-2837
- Reported by Yunho Kim
- * lots and lots of translations updates.
- * added more Canon lenses.
- * changed "knots" to "nautical miles"
-
libgadu
+- Update to version 1.10.1:
+ + improved direct connections
+ + improved connections over proxy server
+ + some minor changes
+
+- Update to version 1.10.0:
+ + ssl connections restored
+ + typing notifications
+ + multilogin support
+ + buddies' info enhancement
+ + support for additional xml events
+ + initial file transfer over server
+ + partial import of new-api branch
+- Spec cleanup.
+
+- Update to version 1.9.1:
+ + fixed memory leak in html messages
+ + improved converting messages to html
+ + status flag can be changed now
+ + improved direct connection API
+- Drop libgadu-mem-leak-fix.patch: fixed upstream.
+
+- Update to version 1.9.0:
+ + support for new version of gadu-gadu protocol (8 and 10)
+ + images sending fixed
+ + resolve name schema option
+ + doc and test programs
+- Add libgadu-mem-leak-fix.patch.
+
+- Build with threads support (bnc#525312) and SSL support.
+
libgcrypt
+- FIPS: Implement a service indicator for asymmetric ciphers [bsc#1190700]
+ * Mark RSA public key encryption and private key decryption with
+ padding (e.g. OAEP, PKCS) as non-approved since RSA-OAEP lacks
+ peer key assurance validation requirements per SP800-56Brev2.
+ * Mark ECC as approved only for NIST curves P-224, P-256, P-384
+ and P-521 with check for common NIST names and aliases.
+ * Mark DSA, ELG, EDDSA, ECDSA and ECDH as non-approved.
+ * Add libgcrypt-FIPS-SLI-pk.patch
+ * Rebase libgcrypt-FIPS-service-indicators.patch
+- Run the regression tests also in FIPS mode.
+ * Disable tests for non-FIPS approved algos.
+ * Rebase: libgcrypt-FIPS-verify-unsupported-KDF-test.patch
+
libnvme
+- Update to version 1.0:
+ * tree: Remove default port setting for TCP and RDMA ports
+ * tree: add 'f_args' argument to pass user data to the filter function
+ * tree: remove 'ctrl_get_ana_state()'
+ * tree: add namespace path iterators
+ * tree: filter out namespaces
+ * tree: update nvme_scan_filter_t usage
+
+- Update to version 1.0-rc8:
+ * types: Add support for get log - MI Command Supported
+ * types: Add new Identify constant
+ * types: Update persistent event entry struct added new fields
+ * types: Add Host Initiated Data Gen Number to telemetry log struct
+ * tree: always allocate config file in nvme_read_config()
+ * tree: rework nvme_scan_subsystem()
+ * tree: make subsystem name mandatory in nvme_scan_ctrl()
+ * tree: move nvme_init_subsystem() into nvme_lookup_subsystem()
+ * tree: do not return error when filtering out subsystems
+ * tree: add debugging messages during scanning
+ * tree: Handle NULL subsysname in nvme_scan_ctrl()
+ * tree: Fix subsystem initialization in nvme_scan_ctrl()
+ * tree: Fix leaking 'name' in nvme_subsystem_lookup_namespace()
+ * tree: Avoid dereferencing nvme_subsystem_t before its check for NULL
+ * tree: Clarify NULL return values from nvme_get_attr()
+ * fabrics: Invoke nvmf_dim() with provided tas argument
+ * fabrics: add 'nvmf_update_config()'
+ * fabrics: Avoid out of bounds string chomping
+ * fabrics: Free old traddr in nvmf_add_ctrl
+ * fabrics: update log level for write failures
+ * fabrics: Streamlining documentation
+ * fabrics: Fix leaking ctrl in nvmf_connect_disc_entry()
+ * fabrics: Add missing break in a switch
+ * ioctl: Remove attribute packed and alignedof for args structs
+ * ioctl: Align arguments indentation with braces
+ * json: fix endless loop scanning for controllers
+ * Remove nvme_init_id_ns
+ * Add lbstm support for create-ns
+ * documentation updates
+
libotr
+- add libtool as buildrequire to avoid implicit dependency
+
libqt5-qtdeclarative
+- Increase the disk constraint to 6GB since the SLE build use
+ 5.5GB already (boo#1197992)
+
librest
-- Add baselibs.conf, as we need the 32bit package for
- gnome-online-account libraries.
-
-- Split typelib files into typelib-1_0-Rest-0_7 subpackage.
-- Add typelib-1_0-Rest-0_7 Requires to devel subpackage.
-- Change librest0 group from Development/Libraries/GNOME to
- System/Libraries.
-
-- Update to version 0.7.12:
- + Build: Detect CA file location [bgo#663783]
- + proxy: Force all SSL certificates to be trusted [bgo#663783]
-- Add config(ca-certificates) BuildRequires and Recommends in the
- shared library package.
-- Pass --with-ca-certificates=/etc/ssl/ca-bundle.pem to configure.
-
-- Update to version 0.7.11:
- + oauth-proxy: Fix format string warning
- + oauth:
- - Add GType for OAuthSignatureMethod enum
- - Add property for signature type
- + Build fixes.
-
-- Update to version 0.7.10:
- + Introduce rest_proxy_call_upload to provide progress feedback.
- + youtube-proxy: Added upload progress callbacks.
- + Added documentation to rest_proxy_call_upload.
- + bmc#13746: proxy-call: Allow customisation of data
- serialization.
-
-- Update to version 0.7.9:
- + Add "disable-cookies" construction property to RestProxy.
-
-- Update to version 0.7.8:
- + Add youtube proxy for uploaded video.
- + Fix introspection build.
-- Drop librest-fix-introspection.patch: fixed upstream.
-
-- Update to version 0.7.7:
- + Fix a few introspection issues
- + oauth-proxy:
- - Use POST method to do OAuth 1.0 authentication.
- - Added 'signature-host' propery.
-- Add librest-fix-introspection.patch: fix introspection build.
- Taken from upstream, commit e9c917.
-
-- Update to version 0.7.6:
- + API for manually constructing and outputting XML
-- Changes from version 0.7.5:
- + Introspection build fixes
-- Changes from version 0.7.4:
- + Add cookie support to rest-proxy.
- + proxy-call: Add continuous call mode
- + Various bug fixes.
-- Changes from version 0.7.3:
- + Fix memory corruption in oauth-proxy-call.
-- Changes from version 0.7.2:
- + post-twitter: use the correct URL endpoint
- + Plug leak.
-- Changes from version 0.7.1:
- + Flickr: add upload support
- + Various bug fixes.
- + Improved documentation.
-- Changes from version 0.7.0:
- + Remove FacebookProxy
- + Add Lastfm proxy
- + Add a oauth2 proxy
- + Add RestParam and RestParams types
- + Flickr proxy: Allow specifying the permissions required in the
- login url
- + Various bug fixes.
- + Improved documentation.
-- Drop librest-fbconnect-url.patch: facebook features got removed
- upstream.
-- Change BuildRequires to pkgconfig() ones: glib2-devel to
- glib-2.0, libsoup-devel to libsoup-2.4 and libsoup-gnome-2.4,
- libxml2-devel to libxml-2.0.
-- Add pkgconfig(gobject-introspection-1.0) BuildRequires to enable
- introspection.
-- Update Url tag.
-
-- Update to version 0.6.3:
- + Fix leaks.
- + Code cleanups.
-- Changes from version 0.6.2:
- + Add introspection support.
- + Mark GErrors which shouldn't be freed as const.
- + Add oauth_proxy_call_parse_token_reponse to parse token
- responses.
- + Build system fixes.
-- Remove explicit Requires of devel packages in devel subpackage:
- they will be added automatically the pkgconfig()-way.
-
-- (re?)add librest-fbconnect-url.patch from Moblin:Factory to fix
- the build of bisho
-- some spec file tidying: more explicit %files listing to avoid
- unintended/unnoticed major changes
-- use %soname and %abi defines throughout to spec to ease
- future maintenance
-
-- Fix spec to comply with shared libraries policy.
-
-- Rename to librest, provide/obsolete rest
-
-- Add librest-fbconnect-url.patch to add a new fbconnect url
- funciton for facebook
-
-- Upddate to 0.6.1
- * ĺ 7ć 16 2009 Gary Lin <glin@novell.com> 0.520090716
-- Update to commit ff4561e2a8c38f49127f6e3b2ce7c238a29e1571
- * ĺ 7ć 09 2009 Gary Lin <glin@novell.com> 0.420090709
-- Update to commit e9a71922f5997243c45dfaaff21dd9b4a6340ca3
- * ĺ 7ć 09 2009 Gary Lin <glin@novell.com> 0.420090709
-- Update to commit 41f91eec3d26a2514c4bc310b90829cd2d14ed4a
-
-- Update to commit 92e1871d3181a73a780f588689733f25e3df5b48
-
-- Use configure macro to get the right options.
-
-- Update to commit e49d8730bfb277af59732822e78535ef37e29b6c
-
-- Update to commit 153d2e8c5cc3452a7275c7ea7fa6abe8750cde8b
-
libvirt
+- qemu: Improve save operation by increasing pipe size
+ c61d1e9b-virfile-set-pipe-size.patch,
+ 47d6d185-virfile-fix-indent.patch,
+ cd7acb33-virfile-report-error.patch
+ bsc#1196625
+
+- CVE-2022-0897: nwfilter: fix crash when counting number of
+ network filters
+ a4947e8f-nwfilter-CVE-2022-0897.patch
+ bsc#1197636
+
libwmf
+- Remove further redundant sections
+
+- Actually use "libwmf-tools" instead of wmf-utils, this goes much
+ more in line with the preexisting libwpd-tools and libwps-tools.
+
+- Remove redundant/unwanted tags/section (cf. specfile guidelines)
+- Apply shlib packaging (-> new libwmf-0_2-7 subpackage),
+ create "wmf-utils" subpackage as suggested by namtrac
+
+- fix file list
+
+- fix build of in-tree copy of gd to build with new libpng14
+ (long deprecated function has been removed)
+
+- package baselibs.conf
+- enable parallel build
+
+- rediff another patch
+
+- rediffed without fuzz, some spec cleanups
+
mariadb
+- Build mariadb-galera on SLE (jsc#SLE-22245)
+- Add dependency on galera-4 for mariadb-galera
+- Remove old constraints for mariadb-galera
+
+- Update to 10.6.7 (bsc#1196016):
+ * release notes and changelog:
+ https://mariadb.com/kb/en/library/mariadb-1067-release-notes
+ https://mariadb.com/kb/en/library/mariadb-1067-changelog
+ https://mariadb.com/kb/en/library/mariadb-1066-release-notes
+ https://mariadb.com/kb/en/library/mariadb-1066-changelog
+ * fixes for the following security vulnerabilities:
+ 10.6.7: CVE-2021-46665
+ CVE-2021-46664
+ CVE-2021-46661
+ CVE-2021-46668
+ CVE-2021-46663
+ 10.6.6: CVE-2022-24052
+ CVE-2022-24051
+ CVE-2022-24050
+ CVE-2022-24048
+ CVE-2021-46659, bsc#1195339
+- Skip failing tests for s390x, fixes bsc#1195076
+ * suse_skipped_tests.list
+- Remove upstreamed patches:
+ * mariadb-10.0.15-logrotate-su.patch
+ * mariadb-10.1.1-mysqld_multi-features.patch
+- Refresh mariadb-10.2.4-logrotate.patch
+- The following issues have already been fixed in this package but weren't
+ previously mentioned in the changes file:
+ CVE-2021-46658, bsc#1195334
+ CVE-2021-46657, bsc#1195325
+
mousepad
+- Update to version 0.5.9
+ * Add Shortcuts plugin, requires libxfce4ui >= 4.17.5 and as
+ such remains disabled at build time until Xfce 4.18 is released
+ (gxo#apps/mousepad#70, gxo#apps/mousepad!121)
+ * Add search history (gxo#apps/mousepad!119)
+ * File monitoring: Add an automatic reloading option
+ * Move the document modification mark to the close button
+ (gxo#apps/mousepad#63, gxo#apps/mousepad!122)
+ * Add mousepad styleclass for easier theming (gxo#apps/mousepad#33)
+ * Hide search bar by pressing Esc key even when not focused
+ * Search: Escape selection when regex search is enabled
+ * Plugins: Add a skeleton plugin to ease writing of new plugins
+ * Test plugin: Sanitize memory management of sources
+ * Honor GTK_CSD
+ * Filter entries from `accels.scm` on non-detailed action name
+ * i18n: Check for `bind_textdomain_codeset()`
+ * Update Copying (gxo#apps/mousepad#160, gxo#apps/mousepad!120)
+ * Session history: Never clear session array on exit
+ (gxo#apps/mousepad#162)
+ * Fix broken feature "Show menubar temporarily when hidden"
+ * Force encoding when reloading
+ * Force encoding when it has been explicitly set by the user
+ * Do not consider encoding as always user-set in the "Open" dialog
+ * Fix antonym of the word "indent" in preferences dialog
+ (gxo#apps/mousepad!118)
+ * File monitoring: Try to filter out fake deletions
+ * Add ellipsis to preferences menu entry (gxo#apps/mousepad!117)
+ * Switch all labels to title case in prefs dialog
+ (gxo#apps/mousepad!116)
+ * Correctly restore font size after zooming when using system font
+ (gxo#apps/mousepad#158)
+ * Printing: Enable line wrapping by default (gxo#apps/mousepad#156)
+ * Fix a warning from GCC static analyzer
+ * Search: Do not delay the search when the text changes
+ * Translation Updates
+
nfs-utils
+- Add 0023-cache.c-removed-a-couple-warning.patch
+ Fix compilation with new glibc (SLE15-SP4)
+ (bsc#1197788)
+
+- Add 0021-mount.nfs-insert-sloppy-at-beginning-of-the-options.patch
+ Add 0022-mount.nfs-Fix-the-sloppy-option-processing.patch
+ Ensure "sloppy" is added correctly for newer kernels. Particularly
+ required for kernels since 5.6 (so SLE15-SP4), and safe for all kernels.
+ (boo#1197297)
+
nvme-cli
+- Update to version 2.0:
+ * fabrics: Create persistent controller using unique subsystem NQN (bsc#1198243)
+ * fabrics: Set KATO for discovery controller when connecting
+ * fabrics: Do no modify default config for discovery controller
+ * fabrics: Set default trsvcid ports for TCP and RDMA (bsc#1195858)
+ * fabrics: Support connect even when no /etc/nvme/hostnqn file exists
+ * nvme: update to nvme_scan_filter_t modifications (bsc#1195938)
+ * plugins/intel: make 'buckets' a json array
+ * plugins: Update WDC capabilities command with new commmands
+ * plugins: Add OCP plugin
+
+- Update to version 2.0-rc8:
+ * fabrics: Add DIM command
+ * fabrics: Introduce force flag to overwrite persistence logic (bsc#1197076)
+ * fabrics: Free non-matching controller during discovery
+ * fabrics: add 'nvme config' command
+ * fabrics: Correctly stringify discovery.conf and config.json paths
+ * nvme-print: Add human readable print for nsattr field
+ * nvme-print: Update Persistent Event log fields
+ * nvme-print: print discovery async event support
+ * nvme-rpmb: Fix spelling for 'Partition'
+ * nvme-copy: add missing field to the command
+ * nvme: add get_mi_cmd_support_effects_log command
+ * nvme: Fixup namespace filtering yet again
+ * nvme: Use type bool for OPT_FLAG
+ * nvme: use filter for 'list-subsys <devname>' (bsc#1195938)
+ * Add lbstm option to create-ns
+ * argconfig: Do not use default value loading by getopt_long_only
+ * argconfig: Rename CFG_NONE to CFG_FLAG
+ * plugins: Use type bool for OPT_FLAG
+ * documenation updates
+- Drop 'ProtectKernelTunables=true' (bsc#1197076)
+
patterns-yast
+- Neither recommend nor suggest YaST NIS packages for TW
+ (bsc#1183893).
+- 20220411
+
permissions
+ * squid: adjust pinger path, drop basic_pam_auth (bsc#1197649)
+
+- Update to version 20201225:
plasma5-openSUSE
+- Update to 5.24.4
+
+- Use 'https://' instead of 'git://' to fetch Github changes.
+
polkit-default-privs
+- Update to version 13.2+20220404.53052a9:
+ * Add missing GNOME Control Center login helper
+ * Reorder gnome and budgie control center entries
+ * Backport budgie-control-center whitelisting (bsc#1195023)
+
+- Update to version 13.2+20220401.c64d869:
+ * Backport of deepin-api whitelisting (bsc#1196681 bsc#1070943)
+ * Fix generation of file /etc/polkit-1/rules.d/90-default-privs.rules
+
python-evtx
+- bsc#1197837 - FTBFS: python-evtx won't compile on SP4
+ python-evtx.spec
+
python-pyOpenSSL
+- update to 20.0.1:
+ - Fixed compatibility with OpenSSL 1.1.0.
+
+- Adjust metadata for skip-networked-test.patch and refer to the proper
+ upstream ticket gh#pyca/pyopenssl#68.
+
+- According to gh#pyca/pyopenssl#684 tests must run with TZ=UTC, also
+ skip test_verify_with_time on %ix86.
+
+- Update to v20.0.0
+ - Backward-incompatible changes:
+ - The minimum cryptography version is now 3.2.
+ - Remove deprecated OpenSSL.tsafe module.
+ - Removed deprecated
+ OpenSSL.SSL.Context.set_npn_advertise_callback,
+ OpenSSL.SSL.Context.set_npn_select_callback, and
+ OpenSSL.SSL.Connection.get_next_proto_negotiated.
+ - Drop support for Python 3.4
+ - Drop support for OpenSSL 1.0.1 and 1.0.2
+ - Deprecations:
+ - Deprecated OpenSSL.crypto.loads_pkcs7 and
+ OpenSSL.crypto.loads_pkcs12.
+ - Changes:
+ - Added a new optional chain parameter to
+ OpenSSL.crypto.X509StoreContext() where additional untrusted
+ certificates can be specified to help chain building. #948
+ - Added OpenSSL.crypto.X509Store.load_locations to set trusted
+ certificate file bundles and/or directories for verification.
+ [#943]
+ - Added Context.set_keylog_callback to log key material. #910
+ - Added OpenSSL.SSL.Connection.get_verified_chain to retrieve
+ the verified certificate chain of the peer. #894.
+ - Make verification callback optional in Context.set_verify. If
+ omitted, OpenSSLâs default verification is used. #933
+ - Fixed a bug that could truncate or cause a zero-length key
+ error due to a null byte in private key passphrase in
+ OpenSSL.crypto.load_privatekey and
+ OpenSSL.crypto.dump_privatekey. #947
+- drop patch fix-compilation-2020.patch: no longer needed
+- refreshed patch skip-networked-test.patch
+
+- Update to v19.1
+ * Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
+ X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
+ Use the classes without the ``Type`` suffix instead.
+ * The minimum ``cryptography`` version is now 2.8
+ * Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
+ OpenSSL.SSL.Context.set_npn_select_callback, and
+ OpenSSL.SSL.Connection.get_next_proto_negotiated
+ ALPN should be used instead.
+ * Support bytearray in SSL.Connection.send() by using cffi's from_buffer
+ * The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
+ NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
+ to complete without an application protocol.
+
qemu
+- Support the SGX feature (bsc#1197807)
+ * Patches added:
+ doc-Add-the-SGX-numa-description.patch
+ numa-Enable-numa-for-SGX-EPC-sections.patch
+ numa-Support-SGX-numa-in-the-monitor-and.patch
+
+- Backport CVE-2021-3929 (bsc#1193880)
+ * Patches added:
+ hw-nvme-fix-CVE-2021-3929.patch
+
+- The patches from upstream cause testsuit failures (bsc#1197150 bsc#1197528)
+ * Patches added:
+ Revert-python-iotests-replace-qmp-with-a.patch
+ Revert-python-machine-add-instance-disam.patch
+ Revert-python-machine-add-sock_dir-prope.patch
+ Revert-python-machine-handle-fast-QEMU-t.patch
+ Revert-python-machine-move-more-variable.patch
+ Revert-python-machine-remove-_remove_mon.patch
+
+- Add missing patch from a PTFs (bsc#1194938)
+ * Patches added:
+ scsi-generic-check-for-additional-SG_IO-.patch
+
+- Kill downstream patches around bifmt handling that makes
+ cumbersome to run multi-arch containers, and switch to the
+ upstream behavior, which is well documented and valid on
+ all other distros. This is possible thanks to Linux kernel
+ commit 2347961b11d4 and QEMU commit 6e1c0d7b951e19c53 (so
+ it can only work on Leap/SLE 15.4 and higher). (bsc#1197298)
+ * Patches dropped:
+ qemu-binfmt-conf.sh-allow-overriding-SUS.patch
+ qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
+
+- Fix update_git.sh wiping all the package file of the local
+ checkout while cloning the git repository on demand (in case they
+ don't exist and the user as to do so).
+
+- Improve test reliability
+ * Patches added:
+ Fix-the-module-building-problem-for-s390.patch
+ tests-qemu-iotests-040-Skip-TestCommitWi.patch
+ tests-qemu-iotests-testrunner-Quote-case.patch
+
+- Fix virtiofs crashing with glibc >= 2.35, due to rseq syscall
+ (bsc#1196924)
+ * Patches added:
+ tools-virtiofsd-Add-rseq-syscall-to-the-.patch
+
+- Avoid warnings caused by a GCC 12 bug, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503
+ (bsc#1197018)
+ * Patches added:
+ hw-i386-amd_iommu-Fix-maybe-uninitialize.patch
+ Silence-GCC-12-spurious-warnings.patch
+ Ignore-spurious-GCC-12-warning.patch
+
+- Proactive fix
+ * Patches added:
+ hw-nvram-at24-return-0xff-if-1-byte-addr.patch
+
rasqal
+- Update to 0.9.21:
+ * Updated to handle aggregate expression execution as defined by the
+ SPARQL 1.1 Query W3C working draft of 14 October 2010
+ * Executes grouping of results: GROUP BY
+ * Executes aggregate expressions: AVG, COUNT, GROUP_CONCAT, MAX, MIN,
+ SAMPLE, SUM
+ * Executes filtering of aggregate expressions: HAVING
+ * Parses new syntax: BINDINGS, isNUMERIC(), MINUS, sub SELECT and
+ SERVICE.
+ * The syntax format for parsing data graphs at URIs can be explictly
+ declared.
+ * The roqet utility can execute queries over SPARQL HTTP Protocol and
+ operate over data from stdin.
+ * Added several new APIs
+ * Fixed Issue: #0000388
+- Spec file updates:
+ * Changes based on spec-cleaner run.
+ * Changed License: to LGPLv2.1+ or GPLv2+ or ASLv2.0+.
+ * Changed rasqal Group to Productivity/Other.
+ * Added mpfr-devel in BuildRequires:.
+ * Removed gtk-doc from BuildRequires: (not needed to build html docs).
+ * Removed autoreconf from %build section and simplified configure.
+ * Install html docs in %{_docdir}/librasqal-devel/.
+ * Minor other updates.
+
+- added 32bit compatibility libraries
+- removed package name from summary (fix for RPMLINT warning)
+
+- update to 0.9.20:
+ * Updated to handle more of the new syntax defined by the SPARQL 1.1
+ Query and SPARQL 1.1 Update W3C working drafts of 1 June 2010
+ Added execution support for new SPARQL 1.1 query built-in expressions
+ IF, URI, STRLANG, STRDT, BNODE, IN and NOT IN.
+ Added an 'html' query result table format from patch by Nicholas J
+ Humfrey
+ Added API support for group by HAVING expressions
+ Added XSD Date comparison support
+ Support building with Raptor V2 API if configured with --with-raptor2.
+ Many other bug fixes and improvements were made.
+ Fixed Issues: #0000352, #0000353, #0000354, #0000360, #0000374,
+ [#0000377] and #0000378
+ See the Rasqal 0.9.20 Release Notes for the full details of the
+ changes.
+
+- update to 0.9.19:
+ * Add initial draft parsing and API (NOT execution) support for
+ SPARQL 1.1 Update W3C Working Draft of 2010-01-26.
+ * Add public APIs (row, results, result formatter, variables table)
+ so that query results can be built, read and written without query.
+ * Add API resilience checks for invalid NULL pointer arguments.
+ * Many other bug fixes and improvements were made.
+
+- update to 0.9.17:
+ Added a new query engine that implements the SPARQL algebra better
+ All constructors now take a rasqal_world argument
+ Added LAQRS syntax support for SUM, AVG, MIN, MAX, COALESCE()
+ experimental syntax
+ Added query result formatters for CSV, TSV and ASCII tables
+ Prefer pkg-config for configuring
+ Many resilience and resource failure fixes by Lauri Aalto
+ Many other bug fixes and improvements were made
+ Fixed Issues: Issue#0000077, Issue#0000128, Issue#0000168,
+ Issue#0000258, Issue#0000261, Issue#0000271, Issue#0000279 and
+ Issue#0000305
+
rp-pppoe
+- beautify spec
+
stoken
+- Change gtk and libtomcrypt build requirements.
+- Remove useless "--with-libtomcrypt" parameter from %%configure.
+
+- Add patch to avoid static CFLAGS.
+- Require proper libtomcrypt version.
+
+- First build.
+
sunpinyin
+- initial package 2.0.4
+
+- Updated to 2.0.3.99. Thanks to csslayer!
+
+- Rename libsunpinyin3-devel to libsunpinyin-devel
+- Add explicitly dependency from devel sub-package
+- Clean up spec file
+
+- Check the license for open-gram.
+- bz2ed all sources.
+
+- First build 2.0.3 for suse and Fedora.
+
systemd
+- Import commit e62acb68de9bccfa272bef98fe5b38effc37528a
+ b70267d883 journald: make use of CLAMP() in cache_space_refresh()
+ 3953e685cb journald: make sure journal_file_open() doesn't leave a corrupted file around after failing (bsc#1198114)
+ d03a5f79bf fs-util: make sure openat_report_new() initializes return param also on shortcut
+ 05499d5a30 fs-util: fix typos in comments
+ 9f77c8fae1 journal-file: port journal_file_open() to openat_report_new()
+ 4d07c034da fs-util: add openat_report_new() wrapper around openat()
+ 258c04836d meson: build kernel-install man page when necessary
+ 23da9cc83a man: do not install sd-boot man pages when -Dgnu-efi=false is set
+ d452b8738c unit: install the systemd-bless-boot.service only if we have gnu-efi
+ 98f44dc500 boot: don't build bootctl when -Dgnu-efi=false is set (bsc#1198093)
+ 9145684460 build: include status of TPM2 in the feature string show by --version
+
+- spec: make sure /lib exists when installing conf files in /lib/modprobe.d
+
+- spec: enable 'efi' support regardless of whether sd_boot is enabled or not
+ We should support EFI systems even if systemd-boot is not enabled.
+
+- spec: cope with %{_modprobedir} being /lib/modprobe.d on SLE
+
texlive
+- Make sure that texlive-texconfig package from 2017 are obsolete (bsc#1197979)
+
thunar
+- Update to version 4.16.11
+ * Don't reload the view when text is copied (gxo#xfce/thunar#706)
+ * NULL checks to prevent crash on malformed bookmark URI (gxo#xfce/thunar#716)
+ * Use 'g_timeout_add_full' to set tree-view cursor (gxo#xfce/thunar#351)
+ * Fix signal disconnect in thunar_window_unrealize
+ * Don't go beyond THUNAR_N_VISIBLE_COLUMNS while parsing col widths
+ * Translation Updates
+
timezone
+- timezone update 2022a (bsc#1177460):
+ * Palestine will spring forward on 2022-03-27, not -03-26*
+ * zdump -v now outputs better failure indications
+ * Bug fixes for code that reads corrupted TZif data
+
timezone-java
+- timezone update 2022a (bsc#1177460):
+ * Palestine will spring forward on 2022-03-27, not -03-26*
+ * zdump -v now outputs better failure indications
+ * Bug fixes for code that reads corrupted TZif data
+
xfce4-terminal
+- Update to version 1.0.0
+ * Replace the deprecated GtkActionEntries with XfceGtkActionEntries
+ (gxo#apps/xfce4-terminal#79)
+ * Opening a dialog from a drop-down window closes the window
+ (gxo#apps/xfce4-terminal#136)
+ * Add `Fill` background image style (gxo#apps/xfce4-terminal!23).
+ * Improved options parsing (for both short and long forms)
+ * Add a menu entry to send signals to the foreground process
+ (gxo#apps/xfce4-terminal#59)
+ * Fix `keep window open` preference being applied on restart.
+ * Rework "--tab" and "--window" behavior (gxo#apps/xfce4-terminal#13)
+ * Ignore unused modifiers for scroll wheel zooming
+ * Add alternative shortcuts for zooming (gxo#apps/xfce4-terminal#126)
+ * Expand scrolled window and make dialog size 70% of parent
+ (gxo#apps/xfce4-terminal!17)
+ * Support libxfce4ui XfceTitledDialog new API
+ * Update unsafe paste dialog text (gxo#apps/xfce4-terminal#73)
+ * Fix paste button focus
+ * Replace subtitle by infobar for Unsafe paste dialog
+ * Fix the `unsafe paste` dialog to actually paste
+ * Update `.gitignore`, HACKING, AUTHORS, COPYRIGHTS
+ * Update --preferences, --tab and --window documentation
+ * Fix various typos
+ * Fix compilation warnings
+ * Remove unnecessary function call (gxo#apps/xfce4-terminal!24)
+ * Add a "Do not warn me again" checkbox for the "Unsafe Paste"
+ dialog (gxo#apps/xfce4-terminal#129)
+ * Use GtkScrolledWindow for TerminalScreen and add an
+ overlay-scrolling preference (gxo#apps/xfce4-terminal#149)
+ * Support the new Shortcuts editor widget
+ (requires libxfce4ui 4.17.2 or greater)
+ * New preference: Select right click action
+ * Improved `scrolling-on-output` behaviour.
+ * Unsafe Paste Dialog temporary override (gxo#apps/xfce4-terminal#106)
+ * Fix regression: File Menu missing `Close Window` entry
+ * Fix regression: Disable Help shortcut does not work
+ * Fix regression: go-to accelerators not working on startup
+ * Fix regression: Revert accelerator paths to maintain backwards
+ compatibility
+ * Use the latest .glade file structure
+ * Change incorrect reference to ${XDG_CONFIG_DIRS} in man page
+ (gxo#apps/xfce4-terminal#47)
+ * Change outdated documentation links
+ * Use XfceTitledDialog for `Find` (gxo#apps/xfce4-terminal#168)
+ * Include '\r' in unsafe-paste checks
+ * Update tab accelerators at runtime
+ * Consume events that activate accelerator callbacks
+ (gxo#apps/xfce4-terminal#159, gxo#apps/xfce4-terminal#153)
+ * Center on the active terminal window.
+ * Change handling of goto-tab accelerators so they can be changed
+ through the editor.
+ * Menubar changes size when the window is maximized
+ (gxo#apps/xfce4-terminal#156)
+ * Context Menu: Revert changes in order and contents introduced by
+ the transition to XfceGtkActionEntries
+ * Add "Show Window Borders" entry in View menu (it was missing
+ in the last 2 dev releases)
+ * Revert view menu order (Zoom entries below checkboxes)
+ * Fix the visibility flag of the scrollbar
+ (gxo#apps/xfce4-terminal#161, could lead to broken themes)
+ * Replace GTimeVal with gint64
+ * Fix build warnings
+ * Update Copyright
+ * Translation Updates
+
xz
+- Fix ZDI-CAN-16587 Fix escaping of malicious filenames
+ (ZDI-CAN-16587 bsc#1198062 CVE-2022-1271)
+ * bsc1198062.patch
+
yaml-cpp
+- Fix CVE-2018-20573 The Scanner:EnsureTokensInQueue function in yaml-cpp
+ allows remote attackers to cause DOS via a crafted YAML file
+ (CVE-2018-20573, bsc#1121227)
+- Fix CVE-2018-20574 The SingleDocParser:HandleFlowMap function in
+ yaml-cpp allows remote attackers to cause DOS via a crafted YAML file
+ (CVE-2018-20574, bsc#1121230)
+- Fix CVE-2019-6285 The SingleDocParser::HandleFlowSequence function in
+ cpp allows remote attackers to cause DOS via a crafted YAML file
+ (CVE-2019-6285, bsc#1122004)
+- Fix CVE-2019-6292 An issue was discovered in singledocparser.cpp in
+ yaml-cpp which cause DOS by stack consumption
+ (CVE-2019-6292, bsc#1122021)
+- Added patch cve-2018-20574.patch
+
yast2-installation
+- AutoYaST: move custom file creation past user creation so that
+ the element files/file/file_owner actually has an effect
+ (bsc#1196595)
+- 4.4.51
+
yast2-packager
+- Fixed regression in repository alias name for add-ons (bsc#1193214)
+- 4.4.27
+