Packages changed: autoyast2 (3.3.1 -> 3.3.2) gpg2 (2.1.21 -> 2.1.22) hwdata (0.302 -> 0.303) libxslt libxslt-python pcre (8.40 -> 8.41) rpm rubygem-cfa_grub2 (0.6.2 -> 0.6.3) yast2 (3.3.6 -> 3.3.7) yast2-network (3.3.2 -> 3.3.5) yast2-ntp-client (3.3.2 -> 3.3.3) yast2-services-manager (3.3.0 -> 3.3.1) === Details === ==== autoyast2 ==== Version update (3.3.1 -> 3.3.2) Subpackages: autoyast2-installation - Saving ask-scripts and corresponding log files to /var/adm/autoinstall. (bnc#1049473) - 3.3.2 ==== gpg2 ==== Version update (2.1.21 -> 2.1.22) - GnuPG 2.1.22: * gpg: Extend command --quick-set-expire to allow for setting the expiration time of subkeys. * gpg: By default try to repair keys during import. New sub-option no-repair-keys for --import-options. * gpg,gpgsm: Improved checking and reporting of DE-VS compliance. * gpg: New options --key-origin and --with-key-origin. Store the time of the last key update from keyservers, WKD, or DANE. * agent: New option --ssh-fingerprint-digest. * dimngr: Lower timeouts on keyserver connection attempts and made it configurable. * dirmngr: Tor will now automatically be detected and used. The option --no-use-tor disables Tor detection. * dirmngr: Now detects a changed /etc/resolv.conf. * agent,dirmngr: Initiate shutdown on removal of the GnuPG home directory. * gpg: Avoid caching passphrase for failed symmetric encryption. * agent: Support for unprotected ssh keys. * dirmngr: Fixed name resolving on systems using only v6 nameservers. * dirmngr: Allow the use of TLS over http proxies. * wks: New man pages for client and server. ==== hwdata ==== Version update (0.302 -> 0.303) - Update to version 0.303 ==== libxslt ==== Subpackages: libxslt-devel libxslt-tools libxslt1 libxslt1-32bit - Add gpg signature - Cleanup spec file with spec-cleaner ==== libxslt-python ==== - Add gpg signature - Cleanup spec file with spec-cleaner ==== pcre ==== Version update (8.40 -> 8.41) Subpackages: libpcre1 libpcre1-32bit libpcre16-0 libpcrecpp0 libpcreposix0 pcre-devel - pcre 8.41: * If pcregrep in multiline mode with --only-matching matched several lines, it restarted scanning at the next line instead of moving on to the end of the matched string, which can be several lines after the start. * Fix a missing else in the JIT compiler reported by 'idaifish'. CVE-2017-6004 bsc#1025709 * A (?# style comment is now ignored between a basic quantifier and a following '+' or '?' (example: /X+(?#comment)?Y/. * Avoid use of a potentially overflowing buffer in pcregrep * Fix issues reported by fuzzers in pcretest: - Check for values < 256 when calling isprint() in pcretest. - Give an error for too big a number after \O. * In the 32-bit library in non-UTF mode, an attempt to find a Unicode property for a character with a code point greater than 0x10ffff (the Unicode maximum) caused a crash. CVE-2017-7186 bsc#1030066, CVE-2017-7244 bsc#1030807 * The alternative matching function, pcre_dfa_exec() misbehaved if it encountered a character class with a possessive repeat, for example [a-f]{3}+. * When pcretest called pcre_copy_substring() in 32-bit mode, it set the buffer length incorrectly, which could result in buffer overflow. CVE-2017-7245 bsc#1030805, CVE-2017-7246 bsc#1030803 ==== rpm ==== Subpackages: rpm-32bit rpm-build rpm-devel - Amend finddebuginfo.diff to adjust readelf -Wn pattern matching to account for fixed readelf no longer emitting spurious newlines with -W. - Drop net-tools Requires from rpm-build: net-tools only ships uninteresting binaries. Most people would probably rather have net-tools-depreacted expected (e.g. ifconfig), but as we did not pull this in neither, we can just ignore this. - Define %_sharedstatedir as /var/lib, which is the path for shared state content in Red Hat/Fedora; Mageia; and Debian/Ubuntu. The old path (/usr/com) isn't recognized by FHS, whereas /var/lib is recognized as suitable for this purpose. - Change the RPM binary payload from old-lzma to xz, in line with payload settings for RH/Fedora and Mageia - Backport upstream commit to read changelog entries with full timestamps New patch: changes-doc.diff - Added a %rpm_vercmp macro which accepts two versions as parameters and returns -1, 0, 1 if the first version is less than, equal or greater than the second version respectively. - Added a %pkg_version macro that accepts a package or capability name as argument and returns the version number of the installed package. If no package provides the argument, it returns the string ~~~ - Added a %pkg_vcmp macro that accepts 3 parameters. The first parameter is a package name or provided capability name, the second argument is an operator ( < <= = >= > != ) and the third parameter is a version string to compare the installed version of the first argument with. - Added a %pkg_version_cmp macro which accepts a package or capability name as first argument and a version number as second argument and returns - 1, 0, 1 or ~~~ . The number values have the same meaning as in %rpm_vercmp and the ~~~ string is returned if the package or capability can't be found. ==== rubygem-cfa_grub2 ==== Version update (0.6.2 -> 0.6.3) - do not share parsers to avoid use of wrong file content as cache (bsc#1044409) - 0.6.3 ==== yast2 ==== Version update (3.3.6 -> 3.3.7) - run_ifconfig.scr - make "inet" section optional, handle additional whitespace characters (bsc#811760) - 3.3.7 - More robust systemctl test to avoid possible timeout error ==== yast2-network ==== Version update (3.3.2 -> 3.3.5) - bsc#1051624 - Fix default values for not existent sysconfig network variables when read. - 3.3.5 - bnc#1050986 - fix udev rules export when more than one device is configured - bnc#1037727 - dhclient configuration warning message does not block AutoYaST - 3.3.4 - bsc#1039851 - Host: Load /etc/hosts entries before import the ones defined in a given AutoYaST profile making it backward compatible. - bnc#1038717 - avoid creating duplicate udev rules in AutoYaST installation - bnc#1049814 - Moving network setup in AY into first stage completely when the second stage is disabled. - 3.3.3 ==== yast2-ntp-client ==== Version update (3.3.2 -> 3.3.3) - fix crash in ntp-client (bsc#1051899) - 3.3.3 ==== yast2-services-manager ==== Version update (3.3.0 -> 3.3.1) - Optimize services manager output for ncurses on 80x24 (bsc#993826) - 3.3.1