Changed packages: ==== FastCGI ==== - Update license tag to spdx 1.2. ==== IPython ==== - Add pandoc dependency for nbconvert notebook converter. This is only available for openSUSE > 13.1. - Change some dependencies that are not required for basic functionality to Recommends. ==== MozillaFirefox ==== Version update (31.0 -> 31.1.0) Subpackages: MozillaFirefox-translations-common - update to Firefox 31.1.0esr (bnc#894370) * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562 Miscellaneous memory safety hazards * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality - changes to support compilation on 11.4 * explicit xz BuildRequires * mozilla-nullptr-gcc45.patch * remove unresolved makeinfo BuildRequires - adapted _constraints, used more than 3900MB on s390x during last build ==== MozillaThunderbird ==== Version update (31.0 -> 31.1.0) Subpackages: MozillaThunderbird-translations-common - update to Thunderbird 31.1.0 (bnc#894370) * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562 Miscellaneous memory safety hazards * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality - added mozilla-nullptr-gcc45.patch to build on gcc 4.5 dists (e.g. openSUSE 11.4) ==== branding-openSUSE ==== Subpackages: dynamic-wallpaper-branding-openSUSE gfxboot-branding-openSUSE grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE xfce4-splash-branding-openSUSE yast2-qt-branding-openSUSE - fix merge conflicts - Lower openSUSE logo in grub2 by 5px to improve spacing under OS title - replace grub2 openSUSE logo with high resolution badge - add openSUSE logo to gfxboot images - new yast branding location now handled by git makefile, remove mv from spec file - Initial openSUSE 13.2 branding - yast branding needs to be installed in /usr/share/YaST2/theme/current now ==== bzip2 ==== Subpackages: libbz2-1 libbz2-1-32bit libbz2-devel - revert the bzip2-handle_pipe_input_with-f_option.patch because it breaks other programs using the bzip2 library - Implement %check - handle pipe input with the -f option (bnc#884004) * added bzip2-handle_pipe_input_with-f_option.patch ==== cmake ==== - Add possible patch to fix random test failure * cmake-fix-module-loading-test.patch ==== cups ==== Subpackages: cups-client cups-devel cups-libs cups-libs-32bit - Let fdupes only create symlinks in /usr/share/cups/templates/ to avoid a symlink /usr/share/cups/webcontent/images/cups-icon.png because the cupsd web server does no longer follow symlinks to avoid the security issues mentioned in the previous entry below (fixes bnc#892587 a regression of bnc#887240). - str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch fixes that the web interface incorrectly served symlinked files and files that were not world-readable, potentially leading to a disclosure of information (CVE-2014-3537 STR #4450 plus the subsequent CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 STR #4455 all in bnc#887240). ==== digikam ==== Version update (4.1.0 -> 4.2.0) Subpackages: digikam-doc kipi-plugins kipi-plugins-acquireimage kipi-plugins-geolocation libkface-devel libkface2 libkgeomap-devel libkgeomap1 libmediawiki-devel libmediawiki1 - Update to 4.2.0 digikam: - AlbumGui : New view on left sidebar to search quickly items with assigned Labels. Details: http://mohamedanwer.wordpress.com/2014/07/17/the-great-merging-day/ - AlbumGui : Tags view: add a new option to show items with no tag. Details: http://mohamedanwer.wordpress.com/2014/07/11/tags-left-sidebar-supports-new-action-now/ - Geberal : Add retina display support with preview and editor canvas under OSX. - 16 fixed bugs (kde#336851, kde#336650, kde#326019, kde#337231, kde#337392, kde#262175, kde#262167, kde#286463, kde#337417, kde#160363, kde#330976, kde#337507, kde#337688, kde#160363, kde#132827, kde#337993) kipi-plugins: - 4 fixed bugs (kde#313203, kde#334089, kde#336835, kde#256466) - adapt remove-gplv2-only.patch - dropped QtGstreamer-1.0.patch (added upstream) - Added QtGstreamer-1.0.patch to support QtGstreamer 1.x API (applied on Factory/13.2 only) - Build with gstreamer-plugins-qt-devel for those openSUSE versions ==== doxygen ==== Version update (1.8.7 -> 1.8.8) - Doxygen 1.8.8 - New features: * Support for PlantUML * Add BREAD_CRUMB_TRAIL - A selection of bug fixes and updates as listed in http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_8 ==== e2fsprogs ==== Version update (1.42.11 -> 1.42.12) Subpackages: e2fsprogs-devel libcom_err-devel libcom_err2 libcom_err2-32bit libext2fs-devel libext2fs2 - Update to 1.42.12 * fix e2fsck bugs when repairing bigalloc filesystems * fix rare e2fsck bugs discovered by fs fuzzing * resize2fs will use less memory when resizing large filesystems ... ==== elfutils ==== Subpackages: libasm1 libdw1 libelf1 libelf1-32bit - Package changes file to support local rpmbuild (bnc#879011) ==== glew-devel ==== Subpackages: libGLEW1_10 - Fix baselibs.conf (bnc#894331). ==== glibc-32bit ==== Subpackages: glibc-locale-32bit - iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, bnc#894553, BZ #17325) ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-info glibc-locale nscd - iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, bnc#894553, BZ #17325) ==== gnutls ==== Version update (3.2.16 -> 3.2.17) Subpackages: libgnutls-devel libgnutls-openssl27 libgnutls28 libgnutls28-32bit - Upgrade to Version 3.2.17 (released 2014-08-24) * * libgnutls: initialize parameters variable on PKCS #8 decryption. * * libgnutls: Explicitly set the exponent in PKCS #11 key generation. That improves compatibility with certain PKCS #11 modules. Contributed by Wolfgang Meyer zu Bergsten. * * libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1 algorithms. * * libgnutls: when checking the hostname of a certificate with multiple CNs ensure that the "most specific" CN is being used. * * libgnutls: In DTLS ignore only errors that relate to unexpected packets and decryption failures. Delete files: gnutls-3.2.16.tar.xz, gnutls-3.2.16.tar.xz.sig Add files: gnutls-3.2.17.tar.xz, gnutls-3.2.17.tar.xz.sig ==== libibus-1_0-5 ==== Subpackages: typelib-1_0-IBus-1_0 - Do not only requires typelib-1_0-Gtk-3_0 when building with python3. - Update ibus xim script to properly detect GNOME 3.12+ and to use ibus default configuration on first startup of GNOME (bnc#862589 internal), with help from Takashi Iwai. ==== libicu-devel ==== Subpackages: libicu53_1 - Build both B and L-type endianess variants of icudt53.dat so that icu-data really is arch-independent again - Add icu-error-reporting.diff ==== install-initrd-openSUSE ==== Version update (14.129 -> 14.134) - really use nfs-kernel-server - 14.134 - use 'upgrade' (lower case, as expected by latest gfxboot) - add ftp, nfs & samba server to rescue-server - 14.133 - fix mkbootdisk (bnc #892339) - 14.132 - prepare for new yast2-theme - package split: util-linux-systemd - move libgcrypt20-hmac to initrd, as gpg and libgcrypt20 live there already - 14.131 - ensure autoyast files in /var are writable - add back libgcrypt20-hmac and libcryptsetup4-hmac dependency - 14.130 ==== kdelibs4-branding-openSUSE ==== Subpackages: kdm-branding-openSUSE ksplash-qml-branding-openSUSE ksplashx-branding-openSUSE susegreeter-branding-openSUSE - fix merge conflicts - Lower openSUSE logo in grub2 by 5px to improve spacing under OS title - replace grub2 openSUSE logo with high resolution badge - add openSUSE logo to gfxboot images - new yast branding location now handled by git makefile, remove mv from spec file - Initial openSUSE 13.2 branding - yast branding needs to be installed in /usr/share/YaST2/theme/current now ==== kdump ==== - Write proper regex into multipath.conf to prevent syntax error there (bnc#883883) Add: 0001-multipath-Write-proper-regex-into-multipath-conf.patch ==== krb5 ==== Version update (1.12.1 -> 1.12.2) Subpackages: krb5-32bit krb5-client krb5-devel - krb5 5.12.2: * Work around a gcc optimizer bug that could cause DB2 KDC database operations to spin in an infinite loop * Fix a backward compatibility problem with the LDAP KDB schema that could prevent krb5-1.11 and later from decoding entries created by krb5-1.6. * Avoid an infinite loop under some circumstances when the GSS mechglue loads a dynamic mechanism. * Fix krb5kdc argument parsing so "-w" and "-r" options work togetherreliably. - Vulnerability fixes previously fixed in package via patches: * Handle certain invalid RFC 1964 GSS tokens correctly to avoid invalid memory reference vulnerabilities. [CVE-2014-4341 CVE-2014-4342] * Fix memory management vulnerabilities in GSSAPI SPNEGO. [CVE-2014-4343 CVE-2014-4344] * Fix buffer overflow vulnerability in LDAP KDB back end. [CVE-2014-4345] - updated patches: * krb5-1.7-doublelog.patch for context change * krb5-1.6.3-ktutil-manpage.dif, same - removed patches, in upstream: * krb5-master-keyring-kdcsync.patch * krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch * krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch * krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch * krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch - Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch from upstream ==== krename ==== - Add patch fix-freetype2-includes.patch to ensure that the right freetype2 includes are found ==== leafpad ==== - applied spec-cleaner ==== libXaw3d8 ==== - Add baselibs.conf as source. - Add obsoletes to baselibs.conf. ==== libevdev-tools ==== Subpackages: libevdev2 - Add git repository metadata ==== libfm ==== Version update (1.2.1 -> 1.2.2.1) Subpackages: libfm-gtk4 libfm-lang libfm4 lxshortcut - new upstream version 1.2.2.1 * Fix installation of libfm-extra.pc file for development with it. - changes on 1.2.2 since 1.2.1: * Fixed display name of created shortcut after dropping from another application. * Fixed the screen for context in fm_launch_command_simple(). * Added KDE archiver "Ark" into archivers list. * Fixed parsing order of directories in XDG_DATA_DIRS and XDG_CONFIG_DIRS. * Added a possibility for application that was started (by PCManFM or any other application that uses LibFM) to never die after our application (i.e. its parent) was closed. * Fixed possible memory leak in fm_config_load_from_file(). * Corrected g_content_type_guess() call with file sample. This may help with correct file type detection. * When calculate total file sizes in directory, filesize of directory now is skipped. * Fixed problem with memory consumption in case image has big dimension but not so big filesize - in that case loading may consume all the available memory to create bitmap. The file dimensions should also be checked against thumbnail_max configuration variable. * Fixed problem with starting custom command from application selection dialog. This stopped to work with new GLib versions. ==== libgcrypt-devel ==== Subpackages: libgcrypt20 libgcrypt20-32bit - fix an issue in DRBG patchset * size_t type is 32-bit on 32-bit systems - fix a potential NULL pointer deference in DRBG patchset * patches from https://bugs.g10code.com/gnupg/issue1701 - added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - added v9-0007-User-interface-to-DRBG.patch - removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - removed v7-0007-User-interface-to-DRBG.patch - add a subpackage for CAVS testing * add cavs_driver.pl and cavs-test.sh from the kernel cavs package * added drbg_test.patch ==== libkolab0 ==== Version update (0.5.2 -> 0.5.3) - New upstream release 0.5.3 ==== libkolabxml1 ==== Version update (1.0.1 -> 1.0.2) - New upstream release 1.0.2 - Dropped the following patches, as they're now included upstream: - libkolabxml-1.0.1_xsd_type.patch - libkolabxml-1.0.1_csharp_bindings.patch ==== libQt5Core5 ==== Subpackages: libQt5DBus5 libQt5Gui5 libQt5Widgets5 - Added upstream patches for bnc#890168 * libqt5-fix-leak-with-touch-devices-in-xcb.patch, QTBUG-39596 * * fixed a leak what did not free m_touchDevices. * libqt5-listen-to-touch-events-on-the-master-device.patch, QTBUG-38625 * * listen to touch events on the master device instead of slave, was also affects by fdo#78345 * libqt5-avoid-crash-during-querying-device.patch, QTBUG-40820 * * avoid crashes if querying device that has gone away ==== libvirt ==== Version update (1.2.7 -> 1.2.8) Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen - Update to libvirt 1.2.8 - virDomainBlockCopy with XML destination, typed params - Introduce API for retrieving bulk domain stats - Introduce virDomainOpenGraphicsFD API - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - bnc#893999: remove mount rules from libvirt-lxc apparmor abstraction file as those aren't handled by our kernel. apparmor-no-mount.patch - bnc#894232 - Update apparmor profile to allow raw packets install-apparmor-profiles.patch - remove not necessary hunks from libvirt-ppc64le-support.patch - move new patches to section for to be upstreamed - add patch: libvirt-power8-models.patch add current power8 cpu models to map - add patch: libvirt-ppc64le-support.patch add preliminary ppc64le support to libvirt - bnc#820399 - virsh blockcopy should refuse identical device blockcopy-check-dst-identical-device.patch - Update to libvirt 1.2.7 - Introduce virConnectGetDomainCapabilities - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: dba3432b-virt-lxc-convert-fix.patch, 9b1e4cd5-skip-useless-apparmor-files.patch, 9265f8ab-apparmor-lxc-rework.patch, add-nocow-to-vol-xml.patch, lxc-keep-caps-feature.patch, lxc-keep-caps-feature-conversion.patch, lxc-keep-caps-feature-doc.patch, lxc-net-target-name.patch, lxc-net-target-name-conversion.patch, lxc-net-target-name-doc.patch - lxc AppArmor profile now only restricting potentially dangerous accesses. fdo#886460 - Add virt-lxc-convert to libvirt-daemon-driver-lxc package - added patches: * 9265f8ab-apparmor-lxc-rework.patch * 9b1e4cd5-skip-useless-apparmor-files.patch - virt-lxc-convert: force free to output values in bytes - added patches: * dba3432b-virt-lxc-convert-fix.patch - lxc: allow setting a custom name for container NICs as LXC is is able to do it. lxc-net-target-name.patch, lxc-net-target-name-conversion.patch, lxc-net-target-name-doc.patch - Move 'Requires' of qemu from libvirt-daemon-qemu subpackage to libvirt-daemon-driver-qemu bnc#885267 - Temporarily disable virt-aa-helper-test, which fails in Factory - Update to libvirt 1.2.6 - libxl: add migration support and fixes - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patch libxl-migration-support.patch - Drop ia64-clone.patch since libvirt is not built for IA64 - lxc-keep-caps-feature.patch: allow to keep/drop additional capabilities for LXC containers. bnc#881465 - lxc-keep-caps-feature-conversion.patch: convert lxc.cap.drop to the new domain configuration. - lxc-keep-caps-feature-doc.patch: documentation for the new feature. - Disable failing virportallocatortest on aarch64 - Update to libvirt 1.2.5 - Introduce virDomain{Get,Set}Time APIs - Introduce virDomainFSFreeze() and virDomainFSThaw() public API - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: b98bf811-add-paravirt-shutdown-flag.patch, c4fe29f8-use-shutdown-flag.patch, da744120-use-reboot-flag.patch, d6b27d3e-CVE-2014-0179.patch, fd43d1f8-libxl-iface-hostdev.patch, 99f50208-managed-hostdev-iface.patch, 292d3f2d-libselinux-build-fix1.patch, b109c097-libselinux-build-fix2.patch - Add upstream patches that fix build with libselinux 2.3 Added: 292d3f2d-libselinux-build-fix1.patch, b109c097-libselinux-build-fix2.patch Dropped: libselinux-build-fix.patch - Fix the build breakers brought by libselinux 2.3. libselinux-build-fix.patch - spec: libvirt-daemon package owns /etc/libvirt, not libvirt-client bnc#878056 - libxl: Fix syntax for SR-IOV devices fd43d1f8-libxl-iface-hostdev.patch, 99f50208-managed-hostdev-iface.patch - Update to libvirt 1.2.4 - Primarily a bug-fix release. See http://libvirt.org/news.html for a detailed list of bug fixes and improvements - Drop upstream patches: 0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch - libxl: Support ACPI shutdown event b98bf811-add-paravirt-shutdown-flag.patch, c4fe29f8-use-shutdown-flag.patch, da744120-use-reboot-flag.patch bnc#872777 - libx: Support migration libxl-migration-support.patch bnc#875193 - CVE-2014-0179: Don't expand entities when parsing XML d6b27d3e-CVE-2014-0179.patch bnc#873705 - blacklist one more unit test for qemu_linux_user builds - libxl: Set disk format for empty cdrom device 0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch bnc#872517 - Fate#315125: add NOCOW flag add-nocow-to-vol-xml.patch - Removed libxl-hvm-vnc.patch: went upstream in another form - Update to libvirt 1.2.3 - add new virDomainCoreDumpWithFormat API - conf: Introduce virDomainDeviceGetInfo API - more features and fixes on bhyve driver - lot of cleanups and improvement on the Xen driver - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Add /usr/sbin/rc{libvirtd,virtlockd,libvirt-guests} symlinks to preserve backwards compatibility bnc#868190 - Improve lock manager comments in qemu.conf Updated suse-qemu-conf.patch - Create /etc/libvirt/hooks to allow using hook scripts - Update to libvirt 1.2.2 - add LXC from native conversion tool - vbox: add support for v4.2.20+ and v4.3.4+ - CVE-2013-6456 (bnc#857490) - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: 37564b47-xend-parse-response.patch, 4f20084-fix-apparmor-install-patch.patch - Add local disable-virCgroupGetPercpuStats-test.patch to disable failing virCgroupGetPercpuStats test in 'make check' - daemon-qemu: Require qemu instead of kvm to align with recent changes to the qemu package structure - spec: fix dependencies of daemon-config-network and daemon-config-nwfilter subpackages. Influenced by upstream commits cf76c4b3 and dca5ce4c - Remove libvirtd, virtlockd, and libvirt-guests init scripts when using systemd bnc#863540 - Fix the path to libvirtd AppArmor template profile - Fix parsing xend http response 37564b47-xend-parse-response.patch rhb#1055165 - Add CAP_SYS_PACCT capability to libvirtd AppArmor profile Modified install-apparmor-profiles.patch bnc#817407 - Fix build on code 11 - Fix rpmlint warning - Following the upstream pattern, introduce the daemon-config-network subpackage to handle defining the default network bnc#859041 - Update to libvirt 1.2.1 - CVE-2014-0028, CVE-2014-1447, CVE-2013-6458, CVE-2013-6457, CVE-2013-6436 - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Dropped upstream patches: 5e397d9c-test-fix-dbus-crash.patch, 78af457e-fix-virnettlscontexttest.patch, 9faf3f29-LXC-memtune.patch, f8c1cb90-CVE-2013-6436.patch, libxl-hvm-nic.patch - Ignore 'make check' on older, code 11 base - Fixed and reenabled unit tests. bnc#854694 - Remove dependency on pm-utils from libvirt-client bnc#856381 - CVE-2013-6436: Fix crashes in lxc memtune code, one of which results in DoS f8c1cb90-CVE-2013-6436.patch, 9faf3f29-LXC-memtune.patch bnc#854486 - More adjustments to the spec file to fix package dependency issues bnc#848918 - Update to libvirt 1.2.0 - Add support for gluster pool - Separation of python binding - vbox: add support for 4.3 APIs - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Updated and renamed clone.patch to ia64-clone.patch - Enabled numad support for openSUSE >= 13.1 - Link with same versions of libnl used by netcontrol to prevent crashing libvirtd on start - Add '/etc/sasl2' to libvirt-client file list to fix Factory build - Fix starting of libvirtd when NetworkManager is enabled Modified libvirt-suse-netcontrol.patch - Allow execution of libvirt hook scripts in /etc/libvirt/hooks/ in libvirtd AppArmor profile - Update to libvirt 1.1.4 - Add support for AArch64 architecture - Various improvements on test code and test driver - Don't link virt-login-shell against libvirt.so - Close all non-stdio FDs in virt-login-shell - Only allow 'stderr' log output when running setuid - Fix perms for virConnectDomainXML{To,From}Native - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: e7f400a1-CVE-2013-4296.patch, 2dba0323-CVE-2013-4297.patch, db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch, 8294aa0c-CVE-2013-4399.patch, 484cc321-fix-spice-migration.patch, 79552754-libvirtd-chardev-crash.patch, 57687fd6-CVE-2013-4401.patch, ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch, b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch, 5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch, bd773e74-lxc-terminate-machine.patch, e350826c-python-fix-fd-passing.patch - Allow execution of Xen binaries in /usr/lib{,64}/xen/bin in libvirtd AppArmor profile bnc#849524 - Require libvirt-daemon- in the main libvirt package for each supported hypervisor bnc#850882 - Fix initialization of libxl NIC devices libxl-hvm-nic.patch bnc#848918 - Fix typo in libvirtd apparmor profile which prevented the profile from loading bnc#848216 - libxl driver: fix initialization of VNC and SDL info for HVM domains libxl-hvm-vnc.patch bnc#847566 - Allow libvirtd apparmor profile to access /etc/xen/scripts/* - Fix file descriptor passing in python bindings e350826c-python-fix-fd-passing.patch rhb#1021434 - Have systemd terminate the machine as a workaround of fdo#68370 bd773e74-lxc-terminate-machine.patch bnc#842834 - Spec file fixes to only package libvirt-login-shell when building the LXC driver - CVE-2013-4400: Unsantized use of env variables allows privilege escalation via virt-login-shell ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch, b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch, 5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch bnc#837609 - CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native 57687fd6-CVE-2013-4401.patch bnc#845704 - Move hypervisor-specific files out of libvirt-daemon package and into libvirt-daemon- subpackage bnc#845851 - conf: Don't crash on invalid chardev source definition 79552754-libvirtd-chardev-crash.patch bnc#845704, rhb#1012196 - Use newer libnl3 instead of libnl-1_1 bnc#845540 - Move virt-login-shell to new subpackage libvirt-login-shell, requiring users to opt-in for this setuid binary. Note: For now, virt-login-shell will not have setuid permissions, pending resolution of bnc#837609 - qemu: Fix seamless SPICE migration 484cc321-fix-spice-migration.patch bnc#842301 - CVE-2013-4399: Fix crash in libvirtd when events are registered and ACLs active 8294aa0c-CVE-2013-4399.patch bnc#844052, bnc#842300 - Update the stale gettext BuildRequires and Requires dependencies in the spec file bnc#841325 - virt-aa-helper apparmor profile was denying read access to /proc/$PID/*. Give read accesss to these files. Updated install-apparmor-profiles.patch bnc#841720 - libvirtd apparmor profile was denying access to /usr/lib/xen/bin/qemu-system-i386, which is now the default emulator used with Xen guests Updated install-apparmor-profiles.patch bnc#845648 - Fix condrestart|try-restart invocation of virtlockd init script Modifed virtlockd-init-script.patch - CVE-2013-4311: Add support for using 3-arg pkcheck syntax for process db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch bnc#836931 - CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats e7f400a1-CVE-2013-4296.patch bnc#838638 - CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate 2dba0323-CVE-2013-4297.patch bnc#838642 - Update to libvirt 1.1.2 - various improvements to libxl driver - systemd integration improvements - Add flag to BaselineCPU API to return detailed CPU features - Introduce a virt-login-shell binary - conf: add startupPolicy attribute for harddisk - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: bcef0f01-libxl-console.patch, 9d0557b9-legacy-xen-double-free.patch, d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch - Includes fixes for bnc#837530, bnc#837531, bnc#837999 - Fix memory corruption in legacy Xen driver 0e671a16-CVE-2013-4239.patch bnc#834598 - Upstream patches to fix dumpxml in legacy Xen driver 9d0557b9-legacy-xen-double-free.patch, d7a45bf2-legacy-xen-dumpxml.patch - Backport upstream patch implementing domainOpenConsole in the libxl driver. Allows 'virsh console dom-name' to work with Xen libxl toolstack. bcef0f01-libxl-console.patch - Update to libvirt 1.1.1 - Adding device removal or deletion events - Introduce new domain create APIs to pass pre-opened FDs to LXC - Add interface versions for Xen 4.3 - Add new public API virDomainSetMemoryStatsPeriod - Various LXC improvements - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: f38c8185-CVE-2013-2230.patch, fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch, 96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch - Drop relax-qemu-usergroup-check.patch - no longer needed after hypervisor-specific daemon package split - Unlock the storage volume object after looking it up fe89fd3b-storage-pool-deadlock.patch rhb#980676 - CVE-2013-4153: Fix double free of returned JSON array in qemuAgentGetVCPUs() dfc69235-CVE-2013-4153.patch - CVE-2013-4154: Prevent crash of libvirtd without guest agent configuration 96518d43-CVE-2013-4154.patch bnc#830498 - Fix legacy xen driver with Xen 4.3 fd2e3c4c-xen-sysctl-domctl.patch - CVE-2013-2230: Fix crash when multiple event callbacks were registered f38c8185-CVE-2013-2230.patch bnc#827801 - Update to libvirt 1.1.0 - Extensible migration APIs - Add a policy kit access control driver - various improvements in the Xen and libxl drivers - improve networking support on BSD - agent based vCPU hotplug support - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: 244e0b8c-CVE-2013-2218.patch - Only require lzop if suse_version > 1210 - Fix typo in spec file - Enable support for netcontrol by default - Only require libvirt-daemon-driver-interface when building the interface driver - CVE-2013-2218: Fix crash listing network interfaces with filters 244e0b8c-CVE-2013-2218.patch - Add xencommons as 'Wanted' in the systemd libvirtd service file systemd-service-xen.patch bnc#820888 - Fix build for SLE11 SP2 - Add a README to the empty packages. Provides some info about their purpose and satisfies suse-filelist-empty check. Drop rpmlintrc - Fix typo in spec file: devel package requires doc package, not docs - Add rpmlintrc to get around suse-filelist-empty error on older distros. - Refactor libvirt spec file to create subpackages for the various libvirtd components. This allows installing a libvirtd tailored for the underlying virtualizer. E.g. on a KVM/QEMU virtualizer only the libvirt-daemon-qemu package needs installed. Similarly, only libvirt-daemon-xen on a Xen virtualizer and libvirt-daemon-lxc on LXC. - Update to libvirt 1.0.6 - Move VirtualBox driver into libvirtd - Support for static routes on a virtual bridge - Various improvement for hostdev SCSI support - Switch to VIR_STRDUP and VIR_STRNDUP - Various cleanups and improvement in Xen and LXC drivers - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: f493d83f-cgroup-swap-control.patch, 486a86eb-cgroups-docs.patch, 0ced83dc-cgroup-escape-dot.patch, bbe97ae9-no-cgroups.patch, c2cf5f1c-no-cgroups-fix.patch, 95c6cc34-selinux.patch - Update to libvirt 1.0.5.1 stable release - qemu: Fix cgroup handling when setting VCPU BW - daemon: fix leak after listing all volumes - Fix iohelper usage with streams opened for read - util: fix virFileOpenAs return value and resulting error logs - iscsi: don't leak portal string when starting a pool - don't mention disk controllers in generic controller errors - conf: don't crash on a tpm device with no backends - qemu: allocate network connections sooner during domain startup - Make detect_scsi_host_caps a function on all architectures - Fix release of resources with lockd plugin - Fix potential use of undefined variable in remote dispatch code - Fix F_DUPFD_CLOEXEC operation args - qemu: fix stupid typos in VFIO cgroup setup/teardown - network: fix network driver startup for qemu:///session - Remove patches that are included in the 1.0.5.1 release 0471637d-cgroups-vcpu-bw.patch, a2214c52-iohelper.patch, ca697e90-CVE-2013-1962.patch - Don't mount selinux fs in LXC if selinux is disabled 95c6cc34-selinux.patch bnc#814680 - fix leak after listing all volumes - CVE-2013-1962 ca697e90-CVE-2013-1962.patch bnc#820397 - Fix iohelper usage with streams opened for read a2214c52-iohelper.patch - Cope with missing swap cgroup controls f493d83f-cgroup-swap-control.patch bnc#819976 - Fix cgroup handling when setting VCPU BW 0471637d-cgroups-vcpu-bw.patch rhb#963592 - Escape a leading '.' with '_' in the cgroup names 0ced83dc-cgroup-escape-dot.patch - Add missing documentation on new cgroup layout 486a86eb-cgroups-docs.patch - Another fix related to systems with no cgroups c2cf5f1c-no-cgroups-fix.patch bnc#819963 - Fix botched backport of commit bbe97ae9 - Fix starting domains when kernel has no cgroups support bbe97ae9-no-cgroups.patch - Update to libvirt 1.0.5 - PPC64: Add NVRAM device - Add XML config for resource partitions - Add support for TPM - NPIV storage migration support - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Update to libvirt 1.0.4 - qemu: support passthrough for iscsi disks - various S390 improvements - various LXC bugs fixes and improvements - add API for thread cancellation - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: ce4557c3-apparmor-tapfd-label.patch libvirt-iptables-1.4.18.diff - add libvirt-iptables-1.4.18.diff, fix masquerading with iptables v1.4.18 (--state match is deprectated, use conntrack instead) - Fix PCI device attach for xen HVM domains fix-pci-attach-xen-driver.patch FATE#313570 - Apparmor security driver: Ensure tapfd's are labled when generating the guest profile. Modified install-apparmor-profiles.patch, added upstream patch ce4557c3-apparmor-tapfd-label.patch bnc#807940 - Grant permission to use datagram packets in libvirtd apparmor profile. Remove AF_PACKET.patch, modify install-apparmor-profiles.patch bnc#801145 - Add 'managed' PCI passthrough support to legacy xen driver support-managed-pci-xen-driver.patch FATE#313570 - Update to libvirt 1.0.3 - Introduce virDomainMigrate*CompressionCache APIs - Introduce virDomainGetJobStats API - Add basic support for VDI images - Introduce API virNodeDeviceLookupSCSIHostByWWN - Various locking improvements - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: a6b8bae5-python-generator-fix1.patch, 25ea8e47-python-generator-fix2.patch, 567779e5-libxl-default-disk-backend.patch - Fix path to qemu-bridge-helper in libvirt-qemu apparmor profile Modified install-apparmor-profiles.patch - Fix detach of managed PCI devices from inactive domains. Detected while running test cases for FATE #313570. Modified xen-name-for-devid.patch - spec: Fix installation of default network - Fix default setting of backend field of libxl_device_disk 567779e5-libxl-default-disk-backend.patch rhb#912488 - Fix build on IA64 Modified clone.patch - Fix error handling in python bindings a6b8bae5-python-generator-fix1.patch 25ea8e47-python-generator-fix2.patch bnc#802619 - Require modutils instead of module-init-tools. - Update to libvirt 1.0.2 - LXC improvements - S390 architecture improvements - Power architecture improvements - large Coverity report cleanups and associated bug fixes - virTypedParams* APIs to help with those data structures - libxenlight driver improvements - Fixes CVE-2013-0170, bnc#800976 - Drop upstream patches: 68e7bc45-libxl-link-fix.patch, 462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch, 5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch, 66ff2ddc-virtlockd-systemd-file-perms.patch - Unconditionally build sanlock support bnc#799262 - Fix interface management functions that were broken when rebasing libvirt-suse-netcontrol.patch bnc#799444 (SLES bug that affect Factory too) - Update to libvirt 1.0.1 - Introduce virtlockd daemon - parallels: add disk and network device support - Add virDomainSendProcessSignal API - Introduce virDomainFSTrim() public API - add fuse support for libvirt lxc - Add Gluster protocol as supported network disk backend - various snapshot improvements - Add upstream patches to fix bugs in 1.0.1 66ff2ddc-virtlockd-systemd-file-perms.patch, 462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch, 5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch, 68e7bc45-libxl-link-fix.patch - Rework SUSE patches for the various init scripts Dropped use-init-script-redhat.patch and added libvirtd-init-script.patch, libvirt-guests-init-script.patch, and virtlockd-init-script.patch - Update to libvirt 1.0.0 - virNodeGetCPUMap: Define public API - Add systemd journal support - Add a qemu capabilities cache manager - USB migration support - various improvement and fixes when using QMP QEmu interface - Support for Xen 4.2 in legacy xen driver - Lot of localization enhancements - Drop upstream patches: 371ddc98-xen-sysctl-9.patch, 416eca18-xenstore-header-fix.patch, f644361b-virCommand-env.patch, 2b32735a-virCommand-env.patch, 9785f2b6-fix-xen-sysctl9.patch - Fix Xen sysctl version 9 support 9785f2b6-fix-xen-sysctl9.patch - Add upstream patches to support latest libguestfs f644361b-virCommand-env.patch 2b32735a-virCommand-env.patch - Fix build when using -werror 416eca18-xenstore-header-fix.patch - Support Xen sysctl version 9 371ddc98-xen-sysctl-9.patch bnc#781425 - Temporarily disable building libxl driver. The current implementation does not support libxl in Xen 4.2. - Update to libvirt 0.10.2 - network: define new API virNetworkUpdate - add support for QEmu sandbox support - blockjob: add virDomainBlockCommit - node_memory: Define the APIs to get/set memory parameters - list: Define new API virConnectListAllSecrets - list: Define new API virConnectListAllNWFilter - list: Define new API virConnectListAllNodeDevices - list: Define new API virConnectListAllInterfaces - list: Define new API virConnectListAllNetworks - list: Define new API virStoragePoolListAllVolumes - list: Define new API virStorageListAllStoragePools - parallels: add support of containers to the driver - Add PMSUSPENDED life cycle event - Add per-guest S3/S4 state configuration - qemu: Support for Block Device IO Limits - Update to libvirt 0.10.1 - Bug fix release for critical bugs in 0.10.0 - Drop upstream patch f781e276-xen-driver-fix.patch - Update to libvirt 0.10.0 - agent: add qemuAgentArbitraryCommand() - Introduce virDomainPinEmulator and virDomainGetEmulatorPinInfo - network: use firewalld instead of iptables, when available - network: make network driver vlan-aware - esx: Implement network driver - driver for parallels hypervisor - Various LXC improvements - Add virDomainGetHostname - Drop upstream patches 4036aa91-systemd.patch 6039a2cb-CVE-2012-3445.patch - Fix xen driver following changes to make it stateful f781e276-xen-driver-fix.patch bnc#778006 - Update to libvirt 0.9.13 - S390: support for s390(x) - snapshot: implement new APIs for esx and vbox - snapshot: new query APIs and many improvements - virsh: Allow users to reedit rejected XML - nwfilter: add DHCP snooping - storage backend: Add RBD (RADOS Block Device) support - sVirt support for LXC domains inprovement - Drop upstream patches 0dda594d-libvirtd-shutdown-deadlock.patch 9c77bf04-fix-virnetserver-refcnt.patch 57349ffc-lxc-ctrl.patch revert-d8978c90.patch _ Update to libvirt 0.9.12 - qemu: allow snapshotting of sheepdog and rbd disks - blockjob: add new AP - many bug fixes and improvements - daemon: Fix crash in virTypedParameterArrayClear CVE-2012-3445 6039a2cb-CVE-2012-3445.patch bnc#773955 - libvirtd.service: ensure libvirtd starts after network 4036aa91-systemd.patch bnc#767932 - Add upstream patch to fix ref count of virNetServer object 9c77bf04-fix-virnetserver-refcnt.patch - Fix libvirtd deadlock on shutdown 0dda594d-libvirtd-shutdown-deadlock.patch bnc#767797 - Fix segfault in libvirt_lxc 57349ffc-lxc-ctrl.patch bnc#767448 - Fix build on i586 revert-d8978c90.patch - Update to libvirt 0.9.11.4 stable release - VUL-1: Fix hotplug support for usb devices with same vendorID, productID 9914477e-usb-search-funcs.patch 05abd150-usb-improve-hotplug.patch bnc#766559 - Add capability 'audit_write' to libvirtd apparmor profile update install-apparmor-profiles.patch bnc#764388 - Update to libvirt 0.9.11.3 stable release - Copy user in virURIParse 4eb1c256-viruri-user.patch bnc#757766 - yajl is availabile in all supported SUSE products, so always use it when building libvirtd - Update to libvirt 0.9.11 - Add support for the suspend event - Add support for event tray moved of removable disks - qemu: Support numad - cpustats: API, improvements and qemu support - qemu: support type='hostdev' network devices at domain start - Introduce virDomainPMWakeup API - network: support Open vSwitch - snapshot improvements - Remove unconditional define of 'with_netcontrol' - Add a note in /etc/libvirt/qemu.conf describing administrator vigilance required when enabling a lock manager such as sanlock - Recommend dmidecode if suse_version > 1110. dmidecode is used by virConnectGetSysinfo. - Add upstream patches to fix issues with older PolicyKit c05ec920-polkit0-build.patch fcdfa31f-polkit0-auth.patch - Update to libvirt 0.9.10 - Add support for sVirt in the LXC driver - Add new API virDomainBlockRebase - Add api to set and get domain metadata - virDomainGetDiskErrors public API - Add rawio attribute to disk element of domain XML - Introduce virDomainPMSuspendForDuration API - Add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support - Fix libvirtd apparmor profile to work with libxenlight toolstack Updated install-apparmor-profiles.patch bnc#745890 - Fix init script packaging after enabling systemd support - Fix %files after enabling sanlock support - Enable libvirt integration with sanlock - During configure, libvirt checks for availability of iptables binary and doesn't actually use anything from iptables-devel package, hence only need 'BuildRequires: iptables'. - Update to libvirt 0.9.9 - Add new API virDomain{S,G}etInterfaceParameters - Add new API virDomain{G,S}etNumaParameters - Add support for ppc64 qemu - Support Xen domctl v8 - Fixup systemd support as per openSUSE systemd packaging guidelines. - Use %fdupes for duplicate file checking instead of hand-rolled function - CVE-2011-4600: unintended firewall port exposure after restarting libvirtd when defining a bridged forward-mode network ae1232b2-CVE-2011-4600.patch bnc#736082 - Post-0.9.8 upstream systemd patches 10404671-systemd-build-fix.patch 478a4d07-systemd-build-fix.patch - Update to libvirt 0.9.8 - Add support for QEMU 1.0 - Add first parts of PPC cpu driver - Add new API virDomain{Set, Get}BlockIoTune - block_resize: Define the new API - Add a public API to invoke suspend/resume on the host - Various improvements for LXC containers - Define keepalive protocol and add virConnectIsAlive API - Add support for STP and VLANfiltering - Numerous bug fixes and improvements - Add support for QEMU 1.0 dd8e8956-qemu-1.0.patch bnc#736569 - Allow qemu driver (and hence libvirtd) to load when qemu user:group does not exist. The kvm or qemu package, which may not exist on a xen host, creates qemu user:group. relax-qemu-usergroup-check.patch - Handle empty strings in s-expression returned by xend a495365d-sexpr-empty-str.patch bnc#731344 - Allow libvirtd to access libvirt_{io,part}helper when confined by apparmor Update install-apparmor-profiles.patch bnc#730435 - Accommodate Xen domctl version 8 xen-domctl-ver8.patch - add libtool as buildrequire to avoid implicit dependency - Fix build when using older PolicyKit d47ab3fe-polkit0.patch - Update to libvirt 0.9.7 - esx: support vSphere 5.x - vbox: support for VirtualBox 4.1 - Introduce the virDomainOpenGraphics API - Add AHCI support to qemu driver - snapshot: many improvements and 2 new APIs - api: Add public api for 'reset' - Add AHCI controller support to qemu driver c1bc3d89-qemu-add-ahci.patch - Set security driver to 'none' in /etc/libvirt/qemu.conf. Users must opt-in for Apparmor confinement of qemu instances. suse-qemu-conf.patch - Revert upstream commit f84aedad, which is not needed since affected SUSE kvm packages have the necessary qemu fix f84aedad-revert.patch - Update to libvirt 0.9.6 - Fix shutdown regression with buggy qemu - Fixed typos in libvirt.spec - Update to libvirt 0.9.5 - many snapshot improvements - latency: Define new public API and structure - USB2 and various USB improvements - storage: Add fs pool formatting - Add public API for getting migration speed - Add basic driver for Microsoft Hyper-V - Many bug fixes and improvements - Enable building with libnetcontrol - Select libnl-1_1-devel - Set qemu migration speed unlimited when migrating to file 7e5f6a51-rpc-generator.patch b12354be-mig-speed-1.patch 1282bd80-mig-speed-2.patch 6f84e110-mig-speed-3.patch 829bce17-mig-speed-4.patch 8fc40c51-mig-speed-5.patch ef1065cf-mig-speed-6.patch 0257ba8f-mig-speed-7.patch bnc#706436 - Increase max size of buffer used to receive xend response 57c95175-xend-buff-size.patch - Don't overwrite useful error messages in legacy xen driver 32620dab-fix-xen-err-msg.patch bnc#711096 - Add upstream patches to stop excessive logging 7f2498ef-no-log-invalid.patch 6ff9fc26-quiet-libxl-logging.patch - Add 'Conflicts: kvm < 0.14.1' to ensure libvirt is using a kvm package that creates qemu user:group. Remove user:group creation from libvirt bnc#694883 - Add libvirt group at package installation bnc#694885 - Explicitly add 'BuildRequires: libgcrypt-devel' since it is no longer required by libgnutls-devel - netcf is buggy and not well maintained in SUSE. Disable it in libvirt - polkit support was mistakenly disabled, re-enable - Add cgconfig to Should-{Start,Stop} in libvirtd init script bnc#712245 - Fix apparmor profile location and content update install-apparmor-profiles.patch bnc#705668 - Fix libvirtd SIGHUP handler 9e093f0b-libvirtd-sighup.patch - add baselibs.conf to sources - Enable apparmor security dirver, SLES bnc#705668 install-apparmor-profiles.patch - Update to libvirt 0.9.4 - bandwidth QoS control - Add new API virDomainBlockPull* - save: new API to manipulate save file images - CPU bandwidth limits support - allow to send NMI and key event to guests - new API virDomainUndefineFlags - Implement code to attach to external QEMU instances - various missing python binding - bios: Add support for SGA - Numerous improvements and documentation / bug fixes - Add some upstream patches to fix memory leaks and some bugs in new rpc code c2ddd536-cert-key-order.patch 3e5d48ef-rpc-1.patch 927dfcf6-rpc-2.patch 2c85644b-rpc-3.patch afe8839f-rpc-4.patch 3cfdc57b-rpc-5.patch 7518ad75-remote-mem-leak.patch a34e193f-statstest.patch 41828514-skip-xen-tests.patch eb314315-pv-kernel-cmdline.patch 00d3c5a6-remove-dead-code.patch b8adfcc6-fix-polkit0-build.patch b2534529-unused-param.patch - Update to libvirt 0.9.3 - vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo) - Add TXT record support for virtual DNS service - Support reboots with the QEMU driver - Introduce virDomainGetControlInfo API - virNodeGetMemoryStats: Expose new API - virNodeGetCPUTime: Implement public API - send-key: Defining the public API - vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags) - support multifunction PCI device - lxc: various improvements - Create qemu user:group if necessary at package installation. More fallout from bnc#694883 - VUL-0: libvirt: integer overflow in VirDomainGetVcpus 774b21c1-CVE-2011-2511.patch bnc#703084 - Enable building libvirt with audit support bnc#694891 - fate#311371 Enhance yast to configure live migration for Xen and KVM add firewall service file for libvirt - Invoke qemu instances as user:group qemu:qemu by default bnc#694883 - Update to libvirt 0.9.2 - Framework for lock manager plugins - API for network config change transactions (netcf required) - flags for setting memory parameters - virDomainGetState public API - qemu: allow blkstat/blkinfo calls during migration - Introduce migration v3 API - Defining the Screenshot public API - public API for NMI injection - spec file: Adjust some directory attributes to support running non-privileged qemu instances - Remove vi_VN locale if suse_version < 11.3 - Enable cap_ng when building lxc support. - Update to libvirt 0.9.1 - support various persistent domain updates - improvements on memory APIs - Add virDomainEventRebootNew - various improvements to libxl drive - Spice: support audio, images and stream compression - Move libvirt-iohelper from client to base package - fix baselibs.conf not to requires source 32bit - Install log dir for libxl f7e9b448-libxl-build.patch - Update to libvirt 0.9.0 final - Support cpu usage tuning - Add public APIs for storage volume upload/download - Add public API for setting migration speed on the fly - Add libxenlight driver - qemu: support migration to fd - add virDomain{Get,Set}BlkioParameters - introduce a new libvirt API (virDomainSetMemoryFlags) - Expose event loop implementation as a public API - Dump the debug buffer to libvirtd.log on fatal signal - Audit support - Numerous enhancements and bug fixes - Update to libvirt 0.9.0 RC3 - use %first_lang before changing symlinks, find_lang removes unsupported languages - VUL-0: libvirt: several API calls do not honour read-only connection 71753cb7-CVE-2011-1146.patch bnc#678406 - Add baselibs.conf file to build xxbit packages for multilib support bnc#676921 - Minor fixes for libvirt-guests bnc#653398 - Do not add drive 'boot=on' param when a kernel is specified efc2594b-boot-param.patch - Update to libvirt 0.8.8 final - sysinfo: expose new API - cgroup blkio weight support - smartcard device support - qemu: Support per-device boot ordering - Update to libvirt 0.8.8 RC3 - Update to libvirt 0.8.8 RC1 - Remove explicit dependency on libyajl libvirt.spec bnc#668225 - Retry JSON monitor 'cont' cmd on MigrationExpected error 4301b95a-json-cont-cmd.patch - Add support for specifying Hardware Assisted Paging (HAP) in libvirt domain XML. 48a5dccd-hap1.patch 04197350-hap2.patch af521a01-hap3.patch 79f56c66-hap4.patch 094c6f4a-hap-fix.patch bnc#659665 - Enabled yajl for suse_version >= 1140 - Fix generation of dnsmasq's --dhcp-hostsfile option a43c7338-dnsmasq-hostfile-fix.patch - Disable yajl support as the library does not yet exist in SuSE distros. - Support libvirt-guests on SuSE distros use-libvirt-guests-on-suse.patch bnc#653398 - Update to libvirt 0.8.7 - Preliminary support for VirtualBox 4.0 - IPv6 support - Add VMware Workstation and Player driver - Add network disk support - Fix VNC port reservation race in qemu driver c58b1056-init-bitmap-size.patch bnc#659431 - Do not limit insserv_cleanup to SLES - disable building openvz driver - Update to libvirt 0.8.6 - new API virDomainIsUpdated - Add support for iSCSI target auto-discovery - QED: Basic support for QED images - Introduce a virDomainOpenConsole API - Support for SPICE graphics - Add a sysinfo and SMBIOS support - Implement virsh qemu-monitor-command - Enabled yajl, macvtap, and virtualport for suse_version >= 1140 - Fix build when using "policy kit 0" polkit0.patch - Update to libvirt 0.8.5 - Enable JSON and netdev features in QEMU > 0.13 - framework for auditing integration - framework for DTrace/SystemTap integration - Setting the number of vcpu at boot - Enable support for nested SVM - Virtio plan9fs filesystem QEMU - Memory parameter controls - portability to OS-X - lot of bug fixes and other improvements - cannot restart dead libvirtd without manually removing pidfile modified libvirtd.init bnc#645755 - Fix package dependencies so can be installed without pulling excess of optional components - Support dropping capabilities with cap-ng library in openSUSE >= 11.3 - Fix build when virtualport support is available but macvtap is disabled. vport-configure.patch - Fix CDROM media change for Xen PV domains modified xen-pv-cdrom.patch bnc#636231 - Update to libvirt 0.8.4 - various improvements to UML driver - documentation improvements - lot of bug fixes and other improvements - enable ESX driver for openSUSE - Update to libvirt 0.8.3 - Support vSphere 4.1 - Qemu arbitrary monitor commands - Qemu Monitor API entry point - lots of improvements and bug fixes - VUL-0: multiple issues in libvirt CVE-2010-223x-000[1-0].patch, CVE-2010-223x-0010.patch, CVE-2010-2242-nat.patch bnc#618155 - Use netcat-openbsd, which contains a proper 'nc' program supporting the '-U' option. Drop socat.patch. bnc#611023 - Re-enable numa support now that bnc#598488 is resolved. - Allocate buffer to hold xend content bnc#609738 xend-buff-size.patch - Add upstream fixes to bitmap code that was introduced to fix bnc#594024 bitmap-alloc.patch bitmap-fixes.patch - Fix race in VNC port reservation with qemu/KVM domains bnc#594024 vnc-race-{1,2,3}.patch - Don't package directories/files under /var/run - Add upstream commit 34a7f3f6 to fix unintentional breakage of RPC protocol. - Disable numa support in openSUSE11.3/Factory pending resolution of bnc#598488 - Update to libvirt 0.8.1 - Add virDomainGetBlockInfo API to query disk sizing - Start dnsmasq from libvirtd with --dhcp-hostsfile option - lots of improvements and bug fixes - Update to libvirt 0.8.0 - Snapshot API framework - Add managed save API entry points - Timer subselection for domain clock - Add hook utilities - Network filtering API - Introduce a new virDomainUpdateDeviceFlags public API - Introduce a new public API for domain events - Public virDomainMigrateSetMaxDowntime API - Add public API for volume wiping - xenapi: Initial commit of the new driver - lots of improvements and bug fixes - Fix 'virsh dominfo' crash when no security driver is configured fix-no-secdriver.patch - Updated to version 0.7.7 - Introduce public API for domain async job handling - macvtap support - Add QEMU support for virtio channel - Add persistence of PCI addresses to QEMU - Functions for computing baseline CPU from a set of host CPUs - Public API for virDomain{Attach,Detach}DeviceFlags - lots of improvements and bug fixes - Ensure yast-created bridges are not manipulated by libvirt bnc#584757 Modified suse-network.patch - Fix ordering of xen disks to preserve 'bootable' flag bnc#474738 xend-disk-order.patch - Add support for blktap2 disks xen-tap2-support.patch - Fix listing of yast-created bridges bnc#583754 Modified suse-network.patch - Add support for new XEN_DOMCTL_INTERFACE_VERSION version 7. xen-domctl-ver7.patch - Unconditionally add /var/log/libvirt/{qemu,lxc,uml} directories. bnc#579522 - Updated to version 0.7.6 - Implement support for multi IQN - Implement CPU topology support for QEMU driver - Use QEmu new device adressing when possible - Implement SCSI controller hotplug/unplug for QEMU - lots of improvements and bug fixes - Support new XEN_SYSCTL_INTERFACE_VERSION 7 in libvirt bnc#574124 xen-sysctl-v7.patch - Add upstream patches as prelude to fixing various device attach/detach issues devflag-0[1-9].patch - Fix attaching/detaching disk device from inactive Xen guest bnc#500586 and bnc#573748 - Fix migration with Xen4.0 bnc#569598 Add xen-migration-params.patch Remove migrate-params.patch - Fix freeing of uninitialized pointer when using HAL in node device driver node-dev-free.patch - Require virt-utils package for common tools such as qemu-img - Updated to version 0.7.5 - Add new API virDomainMemoryStats to header and drivers - Public API and domain extension for CPU flags - expose SR IOV physical/virtual function relationships - Support for JSON mode monitor [deactivated] - Support for interface model='netfront' - vbox: Add support for version 3.1 - Support QEMU's virtual FAT block device driver - lots of improvements and bug fixes - Fix libvirt xen hypervisor driver to work with domctl interface version 6 xen-shr-pages.patch - Plumb domain description in xend backend xend-description-tag.patch - Fix listing of defined but inactive Xen domains xen-list-defined.patch - Updated to version 0.7.4 - Implement a node device backend using libudev - New APIs for checking some object properties - Fully asynchronous monitor I/O processing - add MAC address based port filtering to qemu - support for IPv6 / multiple addresses per interfaces - lots of improvements and bug fixes - Fix compilation against xen-unstable xen-max-vcpus.patch - Modify detach-disk.patch as per upstream suggestions - spec file: Fix polkit vs PolicyKit Requires - Fix compilation when selinux is enabled selinux-ldflags.patch - Fix compilation warnings updated snapshots.patch virsh-warning.patch - Updated to version 0.7.2 - sVirt AppArmor security driver - Add public API definition for data stream handling - ESX add esxDomainDefineXML() - LXC: suspend/resume support - Big code tree cleanup - Lots of bug fixes and improvements - Add ocfs2 to list of supported fs pool types fate#307387 - Build phyp driver ifarch ppc64 fate#307096 - Fix memory leaks in libvirtd's message processing msg-proc-memleak.patch - Fix connection ref counting in xen drivers xen-refcnt.patch - Fix abort in virsh when specifying a connection URI vshdeinit-recurse.patch - Workaround for missing pkgconfig file in device-mapper-devel devmap-no-pkgconfig.patch bnc#540942 - Updated to version 0.7.1 - Add support for encrypted (qcow) volume creation - Secret manipulation public API - Multipath storage support module - VBox add Storage Volume support - Support configuration of huge pages in guests - Support new PolicyKit 1.0 API - Compressed save image format for Qemu - Qemu add host PCI device hotplug support - Updated to version 0.7.0 - Interface implementation based on netcf (disabled on SuSE) - Add new net filesystem glusterfs - Initial VMWare ESX driver - Add support for VBox 3 and event callbacks on vbox - First version of the Power Hypervisor driver - Run QEMU guests as an unprivileged user (still root on SuSE) - Support cgroups in QEMU driver - QEmu hotplug NIC support - Storage cloning for LVM and Disk backends - Updated to version 0.6.5 - create storage volumes on disk backend - drop of capabilities based on libcap-ng when possible - forbid autostart on transcient networks - re-detection of transient VMs after libvirtd restart - create and destroy NPIV support - other bug fixes and cleanups - Removed unnecessary call to fillup_and_insserv macro in %post scriptlet - Updated to version 0.6.2 - support SASL auth for VNC server - memory ballooning in QEMU - SCSI HBA storage pool support - PCI passthrough in Xen driver - new APIs for Node device detach reattach and reset - sVirt mandatory access control support - thread safety of the API and event handling - allow QEmu domains to survive daemon restart - extended logging capabilities - support copy-on-write storage volumes - support of storage cache control options for QEMU/KVM - Improvements from lnussel@suse.de - add %jobs macro again - package default qemu network and augeas config files again - don't start libvirtd by default (bnc#496838) - use --disable-static instead of just removing static libraries ==== ltrace ==== Version update (0.7.2 -> 0.7.91) - Update to git rev 6c6bcc3 * * Prototype libraries - Each DSO can now ship an ltrace config file (called prototype library) that ltrace will open when that DSO is loaded to process image. See ltrace(1) for details. - ltrace.conf is no longer part of installation tarball. Instead, we now ship libc.so.conf, libm.so.conf, libacl.so.conf, and syscalls.conf. Those are now istalled to /usr/share/ltrace by default. /etc/ltrace.conf and $HOME/.ltrace.conf are still loaded if present, and can contain arbitrary user configuration. - The option -F was retrofitted to be a colon-separated list of prototype libraries, and directories to look for prototype libraries in. On Linux, ltrace looks into XDG_CONFIG_HOME, XDG_CONFIG_DIRS, and /usr/share/ltrace as well. - Wide character strings are supported in prototypes. Use "string" lens as usual, but use array of integers as underlying type. libc.so.conf now contains prototypes of wide character functions. - Sole void function parameter such as in the following example, is now considered obsolete: | int fork(void); | This use is still accepted, taken to mean "hide(int)", but produces a warning, and will be removed in future. - Prototypes are now read from DWARF debug info, if available. This complements the data available in config files * * Architectural support - MIPS and MIPSel are now handled by the same backend. - ARMv6, ARMv7 and ARMv8 (AArch64) are supported, including full fetch backend. ARMv8 backend doesn't support tracing of 32-bit binaries, as currently there's no 32-bit userspace available for ARM64 processors. - Imagination Technologies Meta is now supported. - PowerPC64 ELFv2 little-endian ABI is now supported including full fetch backend. - On Linux, tracing of IFUNC symbols is supported. On i386, x86_64, ppc32 with secure PLT and ppc64, IRELATIVE PLT slots are traced as well. * * -w output now shows full library path The output format is similar to glibc's backtrace_symbols, e.g.: > /bin/ls(_init+0x19be) [0x40398e] > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f50cbc3676d] > /bin/ls(_init+0x25fd) [0x4045cd] - Enable for ppc64le and aarch64 ==== lxappearance ==== Subpackages: lxappearance-lang - applied spec-cleaner ==== fcitx-mozc ==== Version update (1.15.1785.102 -> 1.15.1868.102) Subpackages: mozc mozc-gui-tools - Upstream update to 1.15.1868.102 * Fix 'Set input mode to X' commands do not work during "Direct Input" mode - Upstream update to 1.15.1856.102 * Several internal changes and changes for other platforms - Upstream update to 1.15.1834.102 * Use Ninja for building - Upstream update to 1.15.1814.102 * Fix wring key mapping for Numpad-End in mozc.el * Fix dropping candidats unexpectedly * Fix preceding text is not correctly extracted by ibus-mozc * Fix undo-commit (MS IME keybind) is not functional in ibus-mozc - Update fcitx-mozc - Update gyp to r1957 ==== mtr ==== Version update (0.85 -> 0.85_p20140126) - cleaned up by spec-cleaner - xmtr moved from bin to sbin and use capabilities. Fixes bnc#878729 - version bump to 0.85_p20140126: * snapshot taken from Gentoo * this works with gtk properly - refreshed patches: * mtr-0.75-manxmtr.patch * mtr-0.82-capabilities.patch ==== kpartx ==== Subpackages: multipath-tools - Fixup segfault during uev_path_add() (bnc#892214) ==== libncurses5 ==== Subpackages: libncurses5-32bit libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base - Add ncurses patch 20140831 + modify test/demo_termcap.c and test/demo_terminfo.c to make their options more directly comparable, and add "-i" option to specify a terminal description filename to parse for names to lookup. ==== libp11-kit0 ==== Version update (0.20.2 -> 0.20.3) Subpackages: libp11-kit0-32bit p11-kit p11-kit-32bit p11-kit-devel p11-kit-tools - new version 0.20.3 * Fix problems reinitializing managed modules after fork * Fix bad bookeeping when fail initializing one of the modules * Fix case where module would be unloaded while in use [#74919] * Remove assertions when module used before initialized [#74919] * Fix handling of mmap failure and mapping empty files [#74773] * Stable p11_kit_be_quiet() and p11_kit_be_loud() functions * Require automake 1.12 or later * Build fixes for Windows [#76594 #74149] - apply patches to avoid errors from certificates with invalid public key (fdo#82328, bnc#890908, trust-Dont-use-invalid-public-keys-for-looking-up-.patch, trust-Print-label-of-certificate-when-complaining-.patch) ==== patchutils ==== Version update (0.3.2 -> 0.3.3) - Update to 0.3.3: * Context output format for "no newline" lines has been fixed. * The splitdiff utility now has an option to disable ".patch" filename extensions. * Some fixes for bugs spotted by Coverity. * Interdiff can now use "-" (stdin) for one of the inputs. - Run "make check" in %check section. ==== libpcre1 ==== Subpackages: libpcre1-32bit libpcre16-0 libpcrecpp0 libpcreposix0 pcre-devel pcre-doc pcre-tools - Harden build with full RELRO as this libraries end linked to at least one setuid root executable. ==== python-matplotlib ==== Version update (1.3.1 -> 1.4.0) Subpackages: python-matplotlib-tk - adjust python-tz buildrequires to match runtime requires (python-pytz) - Add new python-cairocffi dependency. This is the recommended dependency for the cairo backend upstream. - Split out the cairo backend into its own subpackage. It is no longer tied to gtk, so people can use it on its own without pulling in any gtk dependencies. - Fixed issues with qt. The qt5 backend is actually a generic qt backend, which the qt4 backend depends on. So it needs to be available for the qt4 backend to work at all. However, we need to pull in the python-qt5 package to make it work, and that package is only available for openSUSE > 13.1. So we need to split the generic qt stuff, including the qt5 stuff, into a package both the qt4 and qt5 backends can depend on, and then create a stub qt5 package that just pulls in python-qt5 - Reorganized some other backend packages based on backend changes - Update to 1.4.0 * New colormap for red-green color blind users * Documentation changes - Phil Elson rewrote of the documentation and userguide for both Legend and PathEffects. * New plotting features - Power-law normalization - Fully customizable boxplots - Support for datetime axes in 2d plots - Support for additional spectrum types - Support for detrending and windowing 2D arrays in mlab - Support for strides in mlab - Formatter for new-style formatting strings - Consistent grid sizes in streamplots - Get a list of all tick labels (major and minor) - Separate horizontal/vertical axes padding support in ImageGrid - Support for skewed transformations - Support for specifying properties of wedge and text in pie charts. - Fixed the direction of errorbar upper/lower limits - More consistent add-object API for Axes - Violin Plots - More `markevery` options to show only a subset of markers - Added size related functions to specialized `Collections` - Fixed the mouse coordinates giving the wrong theta value in Polar graph - Simple quiver plot for mplot3d toolkit - polar-plot r-tick locations * Date handling - n-d array support for date conversion * Configuration (rcParams) - 'savefig.transparent' added - 'axes.titleweight' - 'axes.formatter.useoffset' added * XDG compliance - Matplotlib now looks for configuration files (both rcparams and style) in XDG compliant locations. * 'style' package added - You can now easily switch between different styles using the new 'style' package * Backends - Qt5 backend added - Qt4 backend + Rudolf Höfler changed the appearance of the subplottool. + In the figure options dialog one can now choose to (re-)generate a simple automatic legend. + Interactive performance of the Qt4 backend has been dramatically improved under windows. + The mapping of key-signals from Qt to values matplotlib understands was greatly improved (For both Qt4 and Qt5). - Cairo backends + The Cairo backends are now able to use the cairocffi bindings, which are more actively maintained than the pycairo bindings. - Gtk3Agg backend + The Gtk3Agg backend now works on Python 3.x, if the cairocffi bindings are installed. - PDF backend + Added context manager for saving to multi-page PDFs. * Text - Text URLs supported by SVG backend - Anchored sizebar font * Sphinx extensions - The context directive in the plot_directive Sphinx extension can now accept an optional reset setting, which will cause the context to be reset. * Widgets - Span Selector * Added an option span_stays to SpanSelector which makes the selector rectangle stay on the axes after you release the mouse. * GAE integration - Matplotlib will now run on google app engine. - Added python-qt5 backend on openSUSE > 13.1 - Spec file cleanups ==== libqhull6-6_3_1_1494 ==== Subpackages: qhull qhull-devel - Change license to Qhull - it is now recognized by spdx.org ==== shim ==== - updated shim to new version (OpenSSL 0.9.8za) and requested a new certificate from Microsoft. Removed * shim-allow-fallback-use-system-loadimage.patch * shim-bnc872503-check-key-encoding.patch * shim-bnc877003-fetch-from-the-same-device.patch * shim-correct-user_insecure-usage.patch * shim-fallback-avoid-duplicate-bootorder.patch * shim-fallback-improve-entries-creation.patch * shim-fix-dhcpv4-path-generation.patch * shim-fix-uninitialized-variable.patch * shim-fix-verify-mok.patch * shim-get-variable-check.patch * shim-improve-error-messages.patch * shim-mokmanager-delete-bs-var-right.patch * shim-mokmanager-handle-keystroke-error.patch * shim-remove-unused-variables.patch since they're included in upstream and rebased the remaining onces. Added shim-signed-unsigned-compares.patch to fix some compiler warnings - Keep shim-devel.efi for the devel project - don't fail the build if the UEFI signing service signature can't be attached anymore. This way shim can still pass through staging projects. We will verify the correct signature for release builds using openQA instead. - shim-install: fix GRUB shows broken letters at boot by calling grub2-install to initialize /boot/grub2 directory with files needed by grub.cfg (bnc#889765) - Add shim-remove-unused-variables.patch to remove the unused variables - Add shim-bnc872503-check-key-encoding.patch to check the encoding of the keys (bnc#872503) - Add shim-bnc877003-fetch-from-the-same-device.patch to fetch the netboot image from the same device (bnc#877003) - Refresh shim-opensuse-cert-prompt.patch - Use --reinit instead of --refresh in %post to update the files in /boot - shim-install: fix boot partition and rollback support kluge (bnc#875385) - Replace shim-mokmanager-support-sha1.patch with shim-mokmanager-support-sha-family.patch to support the SHA family - Add shim-mokmanager-support-sha1.patch to support SHA1 hashes in MOK - snapper rollback support (fate#317062) - refresh shim-install - Insert the right signature (bnc#867974) - Add shim-fix-uninitialized-variable.patch to fix the use of uninitialzed variables in lib - Add shim-mokmanager-delete-bs-var-right.patch to delete the BS+NV variables the right way - Update shim-opensuse-cert-prompt.patch to delete openSUSE_Verify correctly - Add shim-fallback-avoid-duplicate-bootorder.patch to fix the duplicate entries in BootOrder - Add shim-allow-fallback-use-system-loadimage.patch to handle the shim protocol properly to keep only one protocol entity - Refresh shim-opensuse-cert-prompt.patch - shim-install: fix the $prefix to use grub2-mkrelpath for paths on btrfs subvolume (bnc#866690). - FATE#315002: Update shim-install to install shim.efi as the EFI default bootloader when none exists in \EFI\boot. - Update signature-sles.asc: shim signed by UEFI signing service, based on code from "Thu Feb 20 11:57:01 UTC 2014" - Add shim-opensuse-cert-prompt.patch to show the prompt to ask whether the user trusts the openSUSE certificate or not - allow package to carry multiple signatures - check correct certificate is embedded - always clean up generated files that embed certificates (shim_cert.h shim.cer shim.crt) to make sure next build loop rebuilds them properly - Add shim-bnc863205-mokmanager-fix-hash-delete.patch to fix the hash deletion operation to avoid ruining the whole list (bnc#863205) - Update shim-mokx-support.patch to support the resetting of MOK blacklist - Add shim-get-variable-check.patch to fix the variable checking in get_variable_attr - Add shim-fallback-improve-entries-creation.patch to improve the boot entry pathes and avoid generating the boot entries that are already there - Update SUSE certificate - Update attach_signature.sh, show_hash.sh, strip_signature.sh, extract_signature.sh and show_signatures.sh to remove the creation of the temporary nss database - Add shim-only-os-name.patch: remove the kernel version of the build server - Match the the prefix of the project name properly by escaping the percent sign. - enable signature assertion also in SUSE: hierarchy - Add shim-mokmanager-handle-keystroke-error.patch to handle the error status from ReadKeyStroke to avoid unexpected keys - Update to 0.7 - Add upstream patches: + shim-fix-verify-mok.patch + shim-improve-error-messages.patch + shim-correct-user_insecure-usage.patch + shim-fix-dhcpv4-path-generation.patch - Add shim-mokx-support.patch to support the MOK blacklist (Fate#316531) - Drop upstreamed patches + shim-fix-pointer-casting.patch + shim-merge-lf-loader-code.patch + shim-fix-simple-file-selector.patch + shim-mokmanager-support-crypt-hash-method.patch + shim-bnc804631-fix-broken-bootpath.patch + shim-bnc798043-no-doulbe-separators.patch + shim-bnc807760-change-pxe-2nd-loader-name.patch + shim-bnc808106-correct-certcount.patch + shim-mokmanager-ui-revamp.patch + shim-netboot-fixes.patch + shim-mokmanager-disable-gfx-console.patch - Drop shim-suse-build.patch: it's not necessary anymore - Drop shim-bnc841426-silence-shim-protocols.patch: shim is not verbose by default - Update microsoft.asc: shim signed by UEFI signing service, based on code from "Tue Oct 1 04:29:29 UTC 2013". - Add shim-netboot-fixes.patch to include upstream netboot fixes - Add shim-mokmanager-disable-gfx-console.patch to disable the graphics console to avoid system hang on some machines - Add shim-bnc841426-silence-shim-protocols.patch to silence the shim protocols (bnc#841426) - Create boot.csv in ESP for fallback.efi to restore the boot entry - Update microsoft.asc: shim signed by UEFI signing service, based on code from "Fri Sep 6 13:57:36 UTC 2013". - Improve extract_signature.sh to work on current path. - set timestamp of PE file to time of the binary the signature was made for. - make sure cert.o get's rebuilt for each target - Update microsoft.asc: shim signed by UEFI signing service, based on code from "Wed Aug 28 15:54:38 UTC 2013" - always build a shim that embeds the distro's certificate (e.g. shim-opensuse.efi). If the package is built in the devel project additionally shim-devel.efi is created. That allows us to either load grub2/kernel signed by the distro or signed by the devel project, depending on use case. Also shim-$distro.efi from the devel project can be used to request additional signatures. - also include old openSUSE 4096 bit certificate to be able to still boot kernels signed with that key. - add show_signatures script - replace the 4096 bit openSUSE UEFI CA certificate with new a standard compliant 2048 bit one. - fix shell syntax error - don't include binary in the sources. Instead package the raw signature and attach it during build (bnc#813448). - Update shim-mokmanager-ui-revamp.patch to include fixes for MokManager + reboot the system after clearing MOK password + fetch more info from X509 name + check the suffix of the key file - Update to 0.4 - Rebase patches + shim-suse-build.patch + shim-mokmanager-support-crypt-hash-method.patch + shim-bnc804631-fix-broken-bootpath.patch + shim-bnc798043-no-doulbe-separators.patch + shim-bnc807760-change-pxe-2nd-loader-name.patch + shim-bnc808106-correct-certcount.patch + shim-mokmanager-ui-revamp.patch - Add patches + shim-merge-lf-loader-code.patch: merge the Linux Foundation loader UI code + shim-fix-pointer-casting.patch: fix a casting issue and the size of an empty vendor cert + shim-fix-simple-file-selector.patch: fix the buffer allocation in the simple file selector - Remove upstreamed patches + shim-support-mok-delete.patch + shim-reboot-after-changes.patch + shim-clear-queued-key.patch + shim-local-key-sign-mokmanager.patch + shim-get-2nd-stage-loader.patch + shim-fix-loadoptions.patch - Remove unused patch: shim-mokmanager-new-pw-hash.patch and shim-keep-unsigned-mokmanager.patch - Install the vendor certificate to /etc/uefi/certs - Add shim-mokmanager-ui-revamp.patch to update the MokManager UI - Call update-bootloader in %post to update *.efi in \efi\opensuse (bnc#813079) - Add shim-bnc807760-change-pxe-2nd-loader-name.patch to change the PXE 2nd stage loader name (bnc#807760) - Add shim-bnc808106-correct-certcount.patch to correct the certificate count of the signature list (bnc#808106) - Add shim-bnc798043-no-doulbe-separators.patch to remove double seperators from the bootpath (bnc#798043#c4) - sign shim also with openSUSE certificate - identify project, export certificate as DER file - don't create an unused extra keypair - Add shim-bnc804631-fix-broken-bootpath.patch to fix the broken bootpath generated in generate_path(). (bnc#804631) - Update with shim signed by UEFI signing service, based on code from "Thu Feb 7 06:56:19 UTC 2013". - prepare for having a signed shim from the UEFI signing service - Sign shim-opensuse.efi and MokManager.efi with the openSUSE cert - Add shim-keep-unsigned-mokmanager.patch to keep the unsigned MokManager and sign it later. - Add shim-install utility - Add Recommends to grub2-efi - Add shim-mokmanager-support-crypt-hash-method.patch to support password hash from /etc/shadow (FATE#314506) - Embed openSUSE-UEFI-CA-Certificate.crt in shim - Rename shim-unsigned.efi to shim-opensuse.efi. - Update shim-mokmanager-new-pw-hash.patch to extend the password hash format - Rename shim.efi as shim-unsigned.efi - Merge patches for FATE#314506 + Add shim-support-mok-delete.patch to add support for deleting specific keys + Add shim-mokmanager-new-pw-hash.patch to support the new password hash. - Drop shim-correct-mok-size.patch which is included in shim-support-mok-delete.patch - Merge shim-remove-debug-code.patch and shim-local-sign-mokmanager.patch into shim-local-key-sign-mokmanager.patch - Install COPYRIGHT - Add shim-fix-loadoptions.patch to adopt the UEFI shell style LoadOptions (bnc#798043) - Drop shim-check-pk-kek.patch since upstream rejected the patch due to violation of SPEC. - Install EFI binaries to /usr/lib64/efi - Update shim-reboot-after-changes.patch to avoid rebooting the system after enrolling keys/hashes from the file system - Add shim-correct-mok-size.patch to correct the size of MOK - Add shim-clear-queued-key.patch to clear the queued key and show the menu properly - Remove shim-rpmlintrc, it wasn't fixing the error, hide error stdout to prevent post build check to get triggered by cast warnings in openSSL code - Add shim-remove-debug-code.patch: remove debug code - Add shim-rpmlintrc to filter 64bit portability errors - Add shim-local-sign-mokmanager.patch to create a local certicate to sign MokManager - Add shim-get-2nd-stage-loader.patch to get the second stage loader path from the load options - Add shim-check-pk-kek.patch to verify EFI images with PK and KEK - Add shim-reboot-after-changes.patch to reboot the system after enrolling or erasing keys - Install the EFI images to /usr/lib64/shim instead of the EFI partition - Update the mail address of the author - Add new package shim 0.2 (FATE#314484) + It's in fact git 2fd180a92 since there is no tag for 0.2 ==== splix ==== - splix-add-debuginfo.patch (from lpechacek@suse.cz) lets build make also the missing debuginfo packages (bnc#890843). ==== klogd ==== Subpackages: syslog-service - Klog service: Move the Alias tag from Unit section to the Install section bnc#893741 ==== libgudev-1_0-0 ==== Subpackages: libgudev-1_0-devel libudev-devel libudev1 libudev1-32bit systemd systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit typelib-1_0-GUdev-1_0 udev - udev: add option to generate old 'buggy' serials (bnc#886852) Add 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch - Add upstream patch 0001-login-simplify-controller-handling.patch - Add upstream patches 0001-completion-filter-templates-from-restartable-units.patch 0002-systemd-fix-error-message.patch 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch 0004-config-parser-fix-mem-leak.patch 0005-login-fix-mem-leak.patch 1065-udev-bump-event-timeout-to-60-seconds.patch - Add upstream patch 0001-nspawn-fix-network-interface.patch to make option network-interface of systemd-nspawn work ==== traceroute ==== Version update (2.0.19 -> 2.0.20) - version 2.0.20 * Describe all complementary long options in the man page * Use correct service name for AS lookups * Avoid some rare case null dereference * Improve expiration check for simultaneous probes - traceroute-secure_getenv.patch use secure_getenv - traceroute-autotools.patch refresh ==== vsftpd ==== - force using fork() instead of clone() on s390 - fixes bnc#890469 * vsftpd-3.0.2-s390.patch ==== libwicked-0-6 ==== Version update (0.6.2 -> 0.6.3) Subpackages: wicked wicked-service - version 0.6.3 - client/nanny: lease handling/status fixes (partial bnc#891045), do not fail when slave/port is missing (bnc#889666,bnc#890275) - ifstatus: Do not check for config files (bnc#889666,bnc#890275) - dhcp4: advance secs field for dhcpd min-secs (bnc#889314), retransmit DHCP4 renewals enter reboot state with valid lease. - ifevent: increase netlink socket recv buffer size (bnc#884012) - ipv6: wait for addresses to become usable (bnc#882259) - fixed completed sit/gre/ipip tunnel support - dhcp6: initial defer handling and no-addr cleanup (bnc#891045) - dhcp: apply suse ifcfg dhcp options (bnc#866994) - ifup/reload: use default timeout if 0 (bnc#892486) ==== xf86-video-ast ==== Version update (0.99.9 -> 1.0.1) - Update to Version 1.0.1: This update essentially contains: * my fixes (which get obsoleted): u_01-Fix-compiler-warnings-get-rid-if-xf86PciInfo-h.patch u_02-Fix-compiler-warnings-get-rid-of-deprecated-IOADDRESS.patch u_03-Fix-compiler-warnings-add-DrawablePtr-argument-to-ASTPutImage.patch u_04-Clean-up-namespace-in-ast_vgatools.c.patch u_05-Clean-up-namespace-in-ast_2dtool.c.patch u_06-Clean-up-namespace-in-ast_cursor.c.patch u_07-Clean-up-namespace-in-ast_mode.c.patch u_08-Clean-up-namespace-in-ast_accel.c.patch u_09-Clean-up-namespace-in-ast_tool.c.patch u_10-Include-local-headers-only-when-needed.patch u_11-Fix-typo.patch u_12-Fix-ABI-version-conflict-in-xf86UnclaimPciSlot.patch u_13-Move-firmware-for-DP501-to-a-separate-file.patch u_14-Add-_AST_H_-define-to-ast.h.patch * Fix for bnc#892723: Fixed-1600x900-cannot-display-properly.patch * An update for DP501 support ==== xinetd ==== - Update license tag to use SPDX 1.2. ==== yast2 ==== Version update (3.1.102 -> 3.1.103) Subpackages: yast2-devel-doc - fix using changed root in netd agent so it can be used in installation (bnc#893965) - 3.1.103 ==== yast2-add-on ==== Version update (3.1.8 -> 3.1.9) - make add-ons dialog consistent when going back (bnc#893103) - 3.1.9 ==== yast2-inetd ==== Version update (3.1.6 -> 3.1.7) - allow tested code to know it is being tested (bnc#893965) - 3.1.7 ==== yast2-ntp-client ==== Version update (3.1.10 -> 3.1.12) - Using Report.Error to be autoyast-proof - Fixed variable replacement int gettext string; - Added linebreaks in too long popup content (bnc#894573) - 3.1.12 - Aligned "Synchronize now" button and "NTP Server Address" box (bnc#893065) - Fixed checking of return value of "sntp -s" (bnc#893094) - 3.1.11 ==== yast2-packager ==== Version update (3.1.42 -> 3.1.44) - Use DM device for encrypted partitions during test mount (bnc#889334) - 3.1.44 - Use options from partitioner during test mount (bnc#873180) - 3.1.43 Removed packages: libicu53_1-data yast2-theme-openSUSE Added packages: ghc-array > ghc-base > ghc-binary > ghc-bytestring > ghc-containers > ghc-deepseq > ghc-directory > ghc-filepath > ghc-old-locale > ghc-old-time > ghc-pretty > ghc-process > ghc-template-haskell > ghc-time > ghc-unix ghc-HTTP ghc-aeson ghc-attoparsec ghc-base-unicode-symbols ghc-base64-bytestring ghc-blaze-builder ghc-blaze-html ghc-blaze-markup ghc-conduit ghc-data-default ghc-digest ghc-dlist ghc-extensible-exceptions ghc-hashable ghc-hslua ghc-lifted-base ghc-mmorph ghc-monad-control ghc-mtl ghc-nats ghc-network ghc-pandoc-types ghc-parsec ghc-pcre-light ghc-primitive ghc-random ghc-resourcet ghc-semigroups ghc-syb ghc-tagsoup ghc-temporary ghc-text ghc-transformers ghc-transformers-base ghc-unordered-containers ghc-vector ghc-void ghc-xml ghc-yaml ghc-zip-archive ghc-zlib gstreamer-plugins-qt ghc-highlighting-kate libicu53_1-ledata kdevelop4 > kdevelop4-devel > kdevelop4-lang kdevelop4-plugins-php ghc-pandoc > pandoc ghc-texmath yast2-branding-openSUSE