Packages changed: CoreFreq (1.82.2+git20201229_k5.11.12_1 -> 1.84.1+git20210415_k5.11.12_1) MozillaThunderbird (78.9.0 -> 78.9.1) adwaita-qt (1.2.0 -> 1.2.1) automake bbswitch ceph (16.1.0.1217+g8e1da7347e -> 16.2.0.91+g24bd0c4acf) exo (4.16.1 -> 4.16.2) fuse3 (3.10.2 -> 3.10.3) gthumb (3.10.2 -> 3.10.3) krb5 libksba (1.5.0 -> 1.5.1) libsolv (0.7.17 -> 0.7.19) perl-Crypt-Rijndael (1.15 -> 1.16) perl-Digest-HMAC (1.03 -> 1.04) perl-Mojolicious (9.16 -> 9.17) poppler (21.03.0 -> 21.04.0) poppler-qt5 (21.03.0 -> 21.04.0) postfix (3.5.9 -> 3.5.10) python-jedi (0.17.2 -> 0.18.0) python-parso (0.7.1 -> 0.8.1) shadow spamassassin (3.4.5 -> 3.4.6) usbredir (0.8.0 -> 0.9.0) vym (2.7.0 -> 2.8.0) yast2-trans (84.87.20210402.ed8ff6d0a2 -> 84.87.20210411.9a07deafea) === Details === ==== CoreFreq ==== Version update (1.82.2+git20201229_k5.11.12_1 -> 1.84.1+git20210415_k5.11.12_1) - updated to v1.84.1 See commits on https://github.com/cyring/CoreFreq/commits/master for changes list - added patch leap15_3.patch: fix failure to build on Leap 15.3 ==== MozillaThunderbird ==== Version update (78.9.0 -> 78.9.1) Subpackages: MozillaThunderbird-translations-common - Mozilla Thunderbird 78.9.1 * Support recipient aliases for OpenPGP encryption * The key and signature parts of the message security popup on a received message could not be selected for copy/paste * Various UX and theme improvements MFSA 2021-13 * CVE-2021-23991 (bmo#1673240) An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key * MOZ-2021-23992 (bmo#1666236) A crafted OpenPGP key with an invalid user ID could be used to confuse the user * CVE-2021-23993 (bmo#1666360) Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key ==== adwaita-qt ==== Version update (1.2.0 -> 1.2.1) - Fix SLPP package name: + Rename libadwaitaqt1_2_1 to libadwaitaqt1: the libraries have a sover of '1'. + Obsolete the previously wrongly named libadwaitaqt1_2_0 ( libadwaitaqt1_2_1 was never shipped in a product). - Update to 1.2.1 * Fixes for Adwaita library * Define ADWAITAQT_LIBRARIES variable * Define ADWAITAQT_INCLUDE_DIRS variable ==== automake ==== - move license to licensedir ==== bbswitch ==== - Fix build with Leap 15.3 kernel due to the missing header inclusion (boo#1183060): bbswitch-fix-header-inclusion.patch - Refreshed 0001-Update-proc_create_call-for-5.6-kernel.patch ==== ceph ==== Version update (16.1.0.1217+g8e1da7347e -> 16.2.0.91+g24bd0c4acf) Subpackages: librados2 librbd1 - Update to 16.2.0-91-g24bd0c4acf: + rebase on top of upstream pacific SHA1 4cbaf866034715d053e6259dcd5bd8e4e1d1e1ed - Update to 16.2.0-31-g5922b2b9c1: + rebase on top of upstream v16.2.0 (first stable release in Pacific series) see https://ceph.io/releases/v16-2-0-pacific-released/ ==== exo ==== Version update (4.16.1 -> 4.16.2) Subpackages: exo-data exo-lang exo-tools libexo-2-0 - Update to version 4.16.2 * Properly initialize GdkRectangle to prevent crash (gxo#xfce/exo#57) ==== fuse3 ==== Version update (3.10.2 -> 3.10.3) Subpackages: libfuse3-3 - Update to release 3.10.3 * Fix returning d_ino and d_type from readdir(3) in non-plus mode ==== gthumb ==== Version update (3.10.2 -> 3.10.3) Subpackages: gthumb-lang - Update to version 3.10.3: + Fix possible build error. + Updated translations. ==== krb5 ==== Subpackages: krb5-32bit krb5-client - do not own %sbindir, it comes from filesystem package ==== libksba ==== Version update (1.5.0 -> 1.5.1) - libksba 1.5.1: * Support Brainpool curves specified by ECDomainParameters ==== libsolv ==== Version update (0.7.17 -> 0.7.19) Subpackages: libsolv-tools python3-solv ruby-solv - fix rare segfault in resolve_jobrules() that could happen if new rules are learnt - fix a couple of memory leaks in error cases - fix error handling in solv_xfopen_fd() - bump version to 0.7.19 - fixed regex code on win32 - fixed memory leak in choice rule generation - repo_add_conda: add flag to skip v2 packages - bump version to 0.7.18 ==== perl-Crypt-Rijndael ==== Version update (1.15 -> 1.16) - updated to 1.16 see /usr/share/doc/packages/perl-Crypt-Rijndael/Changes 1.16 - 2021-04-01 * Add non-blocksized encoding support to streaming modes * Explicitly use downgraded strings ==== perl-Digest-HMAC ==== Version update (1.03 -> 1.04) - updated to 1.04 see /usr/share/doc/packages/perl-Digest-HMAC/Changes Version 1.04: 2021-04-01 No-change release updating maintainer to ARODLAND ==== perl-Mojolicious ==== Version update (9.16 -> 9.17) - updated to 9.17 see /usr/share/doc/packages/perl-Mojolicious/Changes 9.17 2021-04-12 - Deprecated ?format=* parameter in favor of ?_format=* for content negotiation in Mojolicious::Renderer. ==== poppler ==== Version update (21.03.0 -> 21.04.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - update to 21.04.0 core: * Hide symbols by default * TextSelectionDumper: fix word order for RTL text * Fix rendering of text in some files. Issue #1052 * Implement rendering of Masks of Image subtype. Issue #1058 * Forms: fix unclicking standalone form buttons. Issue #1034 glib: * Expose more fields from MediaRendition in PopplerMedia * Use stock glib macro to define boxed type * Remove incorrecly used volatile from enum type registration code qt5: * Fix crash in files with malformed signatures * Fix memory leak when QImage constructor "fails" qt6: * Fix crash in files with malformed signatures * Fix memory leak when QImage constructor "fails" utils: * pdfsig: New paragraph for "-sign" in manpage * pdfimages: Do not assert in "too big images". Issue #1061 - Add a Qt6 flavor to poppler ==== poppler-qt5 ==== Version update (21.03.0 -> 21.04.0) - update to 21.04.0 core: * Hide symbols by default * TextSelectionDumper: fix word order for RTL text * Fix rendering of text in some files. Issue #1052 * Implement rendering of Masks of Image subtype. Issue #1058 * Forms: fix unclicking standalone form buttons. Issue #1034 glib: * Expose more fields from MediaRendition in PopplerMedia * Use stock glib macro to define boxed type * Remove incorrecly used volatile from enum type registration code qt5: * Fix crash in files with malformed signatures * Fix memory leak when QImage constructor "fails" qt6: * Fix crash in files with malformed signatures * Fix memory leak when QImage constructor "fails" utils: * pdfsig: New paragraph for "-sign" in manpage * pdfimages: Do not assert in "too big images". Issue #1061 - Add a Qt6 flavor to poppler ==== postfix ==== Version update (3.5.9 -> 3.5.10) Subpackages: postfix-doc - Update to 3.5.10 with security fixes: * Missing null pointer checks (introduced in Postfix 3.4) after an internal I/O error during the smtp(8) to tlsproxy(8) handshake. Found by Coverity, reported by Jaroslav Skarvada. Based on a fix by Viktor Dukhovni. * Null pointer bug (introduced in Postfix 3.0) and memory leak (introduced in Postfix 3.4) after an inline: table syntax error in main.cf or master.cf. Found by Coverity, reported by Jaroslav Skarvada. Based on a fix by Viktor Dukhovni. * Incomplete null pointer check (introduced: Postfix 2.10) after truncated HaProxy version 1 handshake message. Found by Coverity, reported by Jaroslav Skarvada. Fix by Viktor Dukhovni. * Missing null pointer check (introduced: Postfix alpha) after null argv[0] value. ==== python-jedi ==== Version update (0.17.2 -> 0.18.0) - Add jedi-py39-pytest.patch to support Python 3.9 - update to 0.18.0 (get it together with the latest python-parso just to be sure): - Dropped Python 2 and Python 3.5 - Using ``pathlib.Path()`` as an output instead of ``str`` in most places: - ``Project.path`` - ``Script.path`` - ``Definition.module_path`` - ``Refactoring.get_renames`` - ``Refactoring.get_changed_files`` - Functions with ``@property`` now return ``property`` instead of ``function`` in ``Name().type`` - Started using annotations - Better support for the walrus operator - Project attributes are now read accessible - Removed all deprecations This is likely going to be the last minor release before 1.0. - Revert back to 0.17.2. ==== python-parso ==== Version update (0.7.1 -> 0.8.1) - update to 0.8.1 (according to gh#davidhalter/jedi#1650 it should be compatible with python-jedi now): - Dropped Support for Python 2.7, 3.4, 3.5 - It's possible to use ``pathlib.Path`` objects now in the API - The stubs are gone, we are now using annotations - ``namedexpr_test`` nodes are now a proper class called ``NamedExpr`` - A lot of smaller refactorings ==== shadow ==== - Do not require libeconf-devel on products without /usr/etc. - Split login.defs configuration file into own sub-package, which allows to install util-linux or pam on small embedded/edge systems or container without the need to pull in the full shadow suite. - Amend patches/useradd-userkeleton.patch to also write into existing directories and prefer files from /etc - Add patch useradd-userkeleton.patch to extend original C code of useradd to handle /usr/etc/skel (boo#1173321) - Remove /usr/etc/skel support in useradd.local script ==== spamassassin ==== Version update (3.4.5 -> 3.4.6) Subpackages: perl-Mail-SpamAssassin spamassassin-spamc - update spamassassin to 3.4.6 * Fixed URIDNSBL not triggering meta rules * Fix false positive in T_KAM_HTML_FONT_INVALID on CSS color !important ==== usbredir ==== Version update (0.8.0 -> 0.9.0) Subpackages: libusbredirhost1 libusbredirparser1 - Update to version 0.9.0 + Changes noted in ChangeLog.md: !2 Add usbredirect tool with feature parity with usbredirserver !6 Add fuzzer for usbredirparser !12 Add MSI installer for usbredirect tool !11 Add meson build: autotool will be removed in a future release !5 Limit packet's length to 65 kB !4 Fix wrong up-cast when checking for package's length Require LLVM's compiler-rt (optional: for fuzzer) Require glib2 >= 2.44 (optional: for usbredirect) Deprecate usbredirserver in favor of usbredirect + Require libusb-1.0 >= 1.22 due to libusb_set_option() usage + Require meson >= 0.48 due to dictionary usage + Change docs to be in markdown format + add usbredir TCP client + add meson build support (which we now use to build package) - Package the new usbredir TCP client: 'usbredirect' - Fix meson include directory paths + meson-Fix-include-directories-needed-to-build.patch - Fix pkgconfig data used in meson build + meson-Fix-pkgconfig-required-library-name-reference.patch ==== vym ==== Version update (2.7.0 -> 2.8.0) - Update to upstream version 2.8.0 (bugfixes and features) ==== yast2-trans ==== Version update (84.87.20210402.ed8ff6d0a2 -> 84.87.20210411.9a07deafea) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210411.9a07deafea: * Translated using Weblate (French) * New POT for text domain 'installation'. * New POT for text domain 'autoinst'. * Translated using Weblate (Portuguese) * Translated using Weblate (Hindi) * New POT for text domain 'packager'. * New POT for text domain 'network'. * New POT for text domain 'installation'. * New POT for text domain 'autoinst'. * New POT for text domain 'network'. * New POT for text domain 'users'.