Removed rpms ============ - gstreamer-plugins-bad-chromaprint-32bit - gstreamer-plugins-bad-fluidsynth-32bit - krb5-32bit - libLLVM7-32bit - libQt5DesignerComponents5-32bit - libclang7-32bit - libdevmapper-event1_03-32bit - libdevmapper1_03-32bit - libdouble-conversion3-32bit - libgstisoff-1_0-0-32bit - libgstplayer-1_0-0-32bit - libgsturidownloader-1_0-0-32bit - libpython3_6m1_0-32bit - libqt5-qtdeclarative-devel-32bit - llvm7-LTO-devel-32bit - openldap2-devel-32bit - python3-base-32bit - wine-staging-32bit - wine-staging-devel-32bit - libf2fs1 - libf2fs_format0 - libfdt1-32bit - libgstbadaudio-1_0-0-32bit - libgstbasecamerabinsrc-1_0-0-32bit - libgstinsertbin-1_0-0-32bit - libgstphotography-1_0-0-32bit - llvm7-devel-32bit - nip2 - python-vips - python3-32bit - typelib-1_0-Vips-8_5 - wine-32bit - wine-devel-32bit Added rpms ========== - FreeCAD - enblend-enfuse-doc - gdk-pixbuf-loader-libheif - gstreamer-plugins-bad-chromaprint-32bit - gstreamer-plugins-bad-fluidsynth-32bit - libfdt1-32bit - libgstbadaudio-1_0-0-32bit - libgstbasecamerabinsrc-1_0-0-32bit - libgstinsertbin-1_0-0-32bit - libgstphotography-1_0-0-32bit - llvm7-devel-32bit - python3-32bit - wine-32bit - wine-devel-32bit - kdevelop5 - kdevelop5-lang - kdevplatform - kdevplatform-devel - kdevplatform-lang - kernel-livepatch-4_12_14-150_72-default - kernel-livepatch-5_3_18-24_64-default - kernel-livepatch-5_3_18-24_64-preempt - krb5-32bit - libLLVM7-32bit - libQt5DesignerComponents5-32bit - libQt5Pdf5 - libQt5PdfWidgets5 - libclang7-32bit - libdevmapper-event1_03-32bit - libdevmapper1_03-32bit - libdouble-conversion3-32bit - libf2fs8 - libf2fs_format7 - libgstisoff-1_0-0-32bit - libgstplayer-1_0-0-32bit - libgsturidownloader-1_0-0-32bit - libheif-devel - libheif1 - libkdevplatform56 - libpython3_6m1_0-32bit - libqt5-qtdeclarative-devel-32bit - libqt5-qtpdf-devel - libqt5-qtpdf-examples - libqt5-qtpdf-imports - libqt5-qtpdf-private-headers-devel - libradcli5 - llvm7-LTO-devel-32bit - openldap2-devel-32bit - python3-base-32bit - python3-pyside2 - python3-pyside2-devel - python3-pyside2-examples - radcli - radcli-compat-devel - radcli-devel - suil-plugin-qt5-in-gtk3 - typelib-1_0-Vips-8_10 - wine-staging-32bit - wine-staging-devel-32bit Package Source Changes ====================== amazon-ecs-init +- Add info about bundled dependencies in spec +- Fix required go version +- Handle go 1.16 or later by switching GO111MODULE to previous default + +- Only build for x86_64 and aarch64 + +- Update to version 1.50.1 (bsc#1182343, bsc#1182344) + + Cache Agent version 1.50.1 + + Does not restart ECS Agent when it exits with exit code 5 +- For detailed changes between the previous version and this version see + the included Changelog.md file + +- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to + shortcut through the -mini flavors. + apache2-mod_auth_openidc +- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726] + autofs +- Update pidfile path to /run from /var/run (bsc#1185155) + -- add autofs-debuginfo-fix.patch to fix building of debuginfo - package - -- Do not depend on insserv if the system use systemd; it's useless -- Update to version 5.1.0 - + fix mistake in assignment. - + add amd map format parser. - + check for non existent negative entries in lookup_ghost(). - + fix reset flex scan buffer on init. - + fix fix negative status being reset on map read. - + amd lookup update lookup ldap to handle amd keys. - - inadvertantly dropped from initial series. - + amd lookup update lookup hesiod to handle amd keys. - - inadvertantly dropped from initial series. - + fix wildcard key lookup. - + fix out of order amd timestamp lookup. - + fix ldap default schema config. - + fix ldap default master map name config. - + fix map format init in lookup_init(). - + fix incorrect max key length in defaults get_hash(). - + fix xfn sets incorrect lexer state. - + fix old style key lookup. - + fix expire when server not responding. - + fix ldap_uri config update. - + fix typo in conf_load_autofs_defaults(). - + fix hash on confg option add and delete. - + add plus to path match pattern. - + fix multi entry ldap option handling. - + cleanup options in amd_parse.c - + allow empty value for some map options. - + allow empty value in macro selectors. -- Adapt autofs-5.0.9-dbus-udisks-monitor.patch to upstream changes, - rename to autofs-5.1.0-dbus-udisks-monitor.patch - -- autofs.init: drop when systemd is enabled (bnc#863970) - -- update to version 5.0.9: - * fixes for samples/auto.master - * fix variable substitution description - * fix incorrect append options description in README.v5-release -- rebase, refresh and rename all patches on top of 5.0.9 -- switch to .xz compressed tarball instead of bzip2 -- autofs-5.0.8-upstream-patches-20140324.bz2: remove - -- Avoid bad timings and timeouts if a shutdown was done by a remote - user via su and with autofs based home directory - -- autofs-5.0.8-upstream-patches-20140324.bz2: update 5.0.8 upstream - patches up to 2014-03-24, fixing the following bugs: - * fix fix options compare - * use open(2) instead of access(2) to trigger dependent mounts - * fix fix map source with type lookup (bnc#869377) - -- autofs-5.0.8-upstream-patches-20140224.bz2: update 5.0.8 upstream - patches up to 2014-02-24, fixing the following bugs: - * fix ipv6 link local address handling - * fix fix ipv6 libtirpc getport - * get_nfs_info() should query portmapper if port is not given - * fix rpc_portmap_getport() proto not set - * fix protmap not trying proto v2 - * fix rpc_getport() when libtirpc is disabled - * fix rpc_getrpcbport() when libtirpc is disabled - * don't reset errno (former autofs-5.0.8-eaccess.patch) - * extend fix for crash due to thread unsafe use of libldap (bnc#853469) - * fix deadlock in init_ldap_connection (bnc#859969) - * fix options compare - * fix negative status being reset on map read - * check for existing offset mount before mounting - * fix max() declaration - * fix symlink fail message in mount_bind.c - * fix cache readlock not taken on lookup - * pass map_source as function paramter where possible - * check for bind onto self in mount_bind.c - * fix symlink expire - * dont clobber mapent for negative cache - * fix macro_addvar() and move init to main thread - * change walk_tree() to take ap - * add negative cache lookup to hesiod lookup - * fix external env configure - * make autofs(5) consistent with auto.master(5) - * fix map source with type lookup - * fix lookup_nss_mount() map lookup - * dont ignore null cache entries on multi mount umount - * fix inconsistent error returns in handle_packet_missing_direct() - * simple coverity fixes -- autofs-5.0.8-eaccess.patch: removed (merged upstream) -- autofs-5.0.8-dbus-udisks-monitor.patch: refresh - -- autofs-5.0.8-revert-fix-libtirpc-name-clash.patch: no longer - needed after libtirpc was updated to 0.2.4-rc2, remove - -- autofs-5.0.8-upstream-patches-20131124.bz2: update 5.0.8 upstream - patches up to 2013-11-24, fixing the following bugs: - * fix undefined authtype_requires_creds err if ldap enabled but - without sasl - * fix master map type check - * fix task manager not getting signaled - * allow --with-systemd to take a path arg - * fix WITH_LIBTIRPC function name - * fix ipv6 libtirpc getport -- autofs-5.0.8-dbus-udisks-monitor.patch: rebase on top of 5.0.8 - -- update to version 5.0.8: no code changes as all patches were - already present in autofs-5.0.7-upstream-patches-20131001.bz2 -- autofs-5.0.7-upstream-patches-20131001.bz2: removed - -- autofs-suse-build.patch: removed, no longer needed. - -- autofs-5.0.7-upstream-patches-20131001.bz2: update 5.0.7 upstream - patches up to 2013-10-01, fixing many bugs: - * fix add null check in parse_server_string() - * check for protocol option - * use ulimit max open files if greater than internal maximum - * don't override LDFLAGS in make rules - * fix a couple of compiler warnings - * add after sssd dependency to unit file - * dont start readmap unless ready - * fix crash due to thread unsafe use of libldap (bnc#820585) - * fix compile error with heimdal support enabled - * fix typo forced-shutdown should be force-shutdown - * fix hesiod check error and use correct $(LIBS) setting - * fix dead LDAP symbolic link when LDAP support is disabled - * add missing libtirpc lib to mount_nfs.so when TIRPC enabled - * use compiler determined by configure instead of hard-coded ones - * remove hard-coded STRIP variable - * use LIBS for link libraries - * unbundle NOTSTRIP from DEBUG so they dont depend on each other - * fix occasional build error when enable parallel compiling - * fix compilation of lookup_ldap.c without sasl - * fix dumpmaps multi output - * try and cleanup after dumpmaps - * teach dumpmaps to output simple key value pairs - * fix syncronize handle_mounts() shutdown - * fix fix wildcard multi map regression - * improve timeout option description - * only probe specific nfs version when requested - * fix bad mkdir permission on create - * setup program map env from macro table - * add short host name standard marco variable - * allow use of hosts map in maps - * fix get_nfs_info() probe - * fix portmap lookup - * add std vars to program map invocation - * samples/auto.smb: add logic to obtain credentials - -- autofs-5.0.7-upstream-patches-20130619.bz2: update 5.0.7 upstream - patches up to 2013-06-19, fixing some bugs: - * make dump maps check for duplicate indirect mounts - * document allowed map sources in auto.master - * add enable sloppy mount option to configure - * fix interface address null check - * don't probe rdma mounts - * fix master map mount options matching - * fix master map bogus keywork match - * fix fix map entry duplicate offset detection - * probe each nfs version in turn for singleton mounts - * fix probe each nfs version in turn for singleton mounts - * misc man page fixes - -- Explicitly specify cyrus-sasl-devel and openssl-devel - which were implicit before - -- autofs-5.0.7-upstream-patches-20130428.bz2: update 5.0.7 upstream - patches up to 2013-04-28, fixing some bugs: - * fix some automount(8) typos - * syncronize handle_mounts() shutdown - * fix submount tree not all expiring (bnc#801808) -- remove patches that are now upstream: - * autofs-5.0.7-fix-submount-tree-not-all-expiring.patch - -- autofs-5.0.7-fix-submount-tree-not-all-expiring.patch: expire - multiple levels of recursive mounts correctly (bnc#801808) - -- autofs-5.0.7-upstream-patches-20130311.bz2: update 5.0.7 upstream - patches to 20130311, fixing some bugs: - * dont fail on master map self include (bnc#799873) - * fix wildcard multi map regression - * fix file descriptor leak when reloading the daemon (bnc#772698) - * deprecate nosymlink pseudo option - * add symlink pseudo option - * document browse option in man page - -- autofs-5.0.6-invalid-ghost-dirs.patch: delete. the problem's - root cause was fixed in the kernel - -- rpm spec: enable sssd support if available - -- autofs-5.0.7-upstream-patches-20130121.bz2: update 5.0.7 upstream - patches to 20130121, fixing some bugs: - * fix nobind man page description - * fix submount offset delete - * fix init script status return - * fix use get_proximity() without libtirpc - * don't use dirent d_type to filter out files in scandir() - * don't schedule new alarms after readmap - * use numeric protocol ids instead of protoent structs - * lib/defaults.c: use WITH_LDAP conditional around LDAP types - * make yellow pages support optional - * modules/replicated.c: use sin6_addr.s6_addr32 - * workaround missing GNU versionsort extension -- remove patches that are now upstream: - * autofs-5.0.7-fix-scandir-filter.patch - * autofs-5.0.7-use-protocol-id-instead-of-protoent.patch - * autofs-5.0.7-dont-reschedule-alarm-after-signals.patch - -- fix build on older versions of the distribution, do not install - org.freedesktop.AutoMount.conf - -- autofs-5.0.7-fix-scandir-filter.patch: fix lookup_dir when the - included directory is on an XFS file system (bnc#798158) - -- autofs-5.0.7-upstream-patches-20121120.bz2: update 5.0.7 upstream - patches to 20121120, fixing some bugs: - * fix map entry duplicate offset detection - * allow nsswitch.conf to not contain "automount:" lines - -- revert systemd initialization type from "simple" to "forking" - and drop the patch that partially implemented "new style systemd" - daemon (bnc#798162) -- autofs-5.0.7-new-style-systemd-daemon.patch: delete - -- UDisks dbus module support: use private connection, do not refer - to a reply if already handled, install dbus AutoMount.conf in - direct way - -- autofs-5.0.7-use-protocol-id-instead-of-protoent.patch: use - protocol id directly instead of calling the non-reentrant - function getprotobyname() (bnc#787410) - -- autofs-5.0.7-dont-reschedule-alarm-after-signals.patch: don't - schedule new alarms after handling SIGHUP and SIGUSR1 (bnc#783651) - -- autofs-5.0.7-new-style-systemd-daemon.patch: add new command - line parameter --systemd, which instructs automount to skip - daemonization completely, leaving the task to systemd -- autofs.service: use new --systemd option when starting up - -- autofs.service: use service type simple with no forking - -- autofs-5.0.7-upstream-patches-20121018.bz2: update 5.0.7 upstream - patches to 20121018, fixing some bugs: - * fix recursive mount deadlock - * increase file map read buffer size - * handle new location of systemd -- remove patches that are now upstream: - * autofs-5.0.7-handle-new-location-of-systemd.patch - -- rpm spec: don't try to build with udisks support on old versions - of the distribution - -- autofs-5.0.7-upstream-patches-20121016.bz2: update 5.0.7 upstream - patches to 20121016, fixing some bugs: - * add timeout option description to man page - * fix null map entry order handling - * make description of default MOUNT_WAIT setting clear - * configure.in: allow cross compilation - * README: update mailing list subscription info - -- autofs-systemd-path.patch: handle new location of systemd - -- Make it possible to use tmpfs based parents for autofs mount points - -- autofs-5.0.7-upstream-patches-20120911.bz2: update 5.0.7 upstream - patches to 20120911, fixing some bugs: - * fix nobind sun escaped map entries - * fix use cache entry after free in lookup_prune_one_cache() - * fix ipv6 proximity calculation - * fix parse buffer initialization - * fix typo in automount(8) -- remove patches that are now upstream: - * autofs-5.0.7-fix-parse-buffer-initialization.patch - * autofs-5.0.7-fix-use-devid-after-free.patch - -- autofs-5.0.7-fix-use-devid-after-free.patch: fix use cache entry - after free in lookup_prune_one_cache() (bnc#774241) - -- autofs-5.0.7-fix-parse-buffer-initialization.patch: fix parse - buffer initialization to avoid corruption in the map file name - string (bnc#777709) - -- Udisk: Check for unknown key word `eavesdrop' for dbus matching - rules and if not supported retry without -- Udisk: Do not crash if map file is not found - -- First initial udisks support, that is listen over dbus the udisks - daemon and the events for USB and optical devices. Also ask at - startup the udisks daemon for all devices and its properties as - well as manage the removals and plugins of devices. - TODO: - + With parsing the map configuration file apply the rules - to the map entry, like special options for file systems types - and/or devices. Also make keys unique, that is compare with - existing keys and add an counter or similar. - + Also with parsing the map configuration file apply the rules - to the key of map entry, like using more than one dict entry - for the key. - + Security management: who is allowed to access the devices? - + How to trigger sync and unmount before any timeout? - + What is about UTF-8 and Latin to UTF-8? - -- adjust the NetworkManager dispatcher script to check if the - AutoFS service is enabled in SysV or systemd (bnc#773440) - -- update to version 5.0.7: - * check negative cache much earlier - * dont use pthread_rwlock_tryrdlock() - * mount_nfs.so to honor explicit NFSv4 requests - * mount_nfs.so fix port=0 option behavior v3 - * documentation fix some typos and misleading comments - -- add reload action to systemd service file (bnc#772487) - -- update 5.0.6 upstream patches to 20120716, fixing some bugs: - * fix systemd argument passing - * fix get_nfs_info() can incorrectly fail - * fix offset directory removal - -- update 5.0.6 upstream patches to 20120629, fixing some bugs: - * check if /etc/mtab is a link to /proc/self/mounts - * fix nfs4 contacts portmap - * fix sss map age not updated - * fix remount deadlock (bnc#733479) - * fix umount recovery of busy direct mount (bnc#734924) - * fix offset mount point directory removal - * remove move mount code and configure option - * fix remount of multi mount - * fix device ioctl alloc path check - * refactor hosts lookup module - * remove cache update from parse_mount() - * add function to delete offset cache entry - * allow update of multi mount offset entries - * add hup signal handling to hosts map -- remove patches that are now upstream: - * autofs-5.0.6-fix-remount-deadlock.patch - * autofs-5.0.6-fix-umount-recovery-of-busy-direct-mount.patch - -- fix umount recovery of busy direct mounts (bnc#734924) -- fix remount deadlock that can happen on a restart when there are - nested direct mounts busy (bnc#733479) - -- revert "fix libtirpc name clash": auth_put() is not yet available - in our version of tirpc - -- update 5.0.6 upstream patches to 20120525, fixing some bugs: - * fix sss wildcard match - * fix dlopen() error handling in sss module - * fix configure string length tests - * report "map not read" when debug logging - * duplicate parent options for included maps (bnc#753693) - * update ->timeout() function to not return timeout - * move timeout to map_source - * fix kernel verion check of version components - * dont retry ldap connect if not required - * fix initialization in rpc create_client() - * fix libtirpc name clash -- remove patches that are now upstream: - * autofs-5.0.6-duplicate-parent-options-for-included-maps.patch - -- duplicate parent options for included maps (bnc#753693) - -- update 5.0.6 upstream patches to 20120402, fixing some bugs: - * use strtok_r() in linux_version_code() - * improve UDP RPC timeout handling - * allow MOUNT_WAIT to override probe - * fix rework error return handling in rpc code - * fix typo in libtirpc file name - * fix function to check mount.nfs version - * fix segmentation fault in get_query_dn() (bnc#752044) -- remove patches that are now upstream: - * autofs-5.0.6-fix-libtirpc-name-typo.patch - -- update 5.0.6 upstream patches to 20120228, fixing some bugs and - implementing new features (bnc#749098): - * fix improve mount location error reporting - * fix fix wait for master source mutex - * add sss lookup module - * teach automount about sss source - * fix init script usage message - * ignore duplicate exports in auto.net - * add kernel version check function - * add function to check mount.nfs version - * reinstate singleton mount probe - * rework error return handling in rpc code - * catch EHOSTUNREACH and bail out early - * systemd support fixes - * check scandir() return value (bnc#748588) - * allow for kernel packet size change (in kernel 3.3.0+) - * fix function to check mount.nfs version -- get-upstream-patches: make it work again after kernel.org FTP - server reorganization - -- fix segfault caused by an use after free in st_queue_handler() - (bnc#727392) - -- comment out /etc/auto.master.d from the shipped auto.master file - -- configure with --disable-mount-move only when systemd is enabled - -- rpm spec: simplify some commands in the install section and - use more rpm macros (from Cristian Rodriguez) - -- enable systemd support by default on openSUSE 12.2 (bnc#741879): - * enable disable-mount-move and with-systemd configure options - * install systemd service file - -- disable "--as-needed" to make sure automount will be linked - against libtirpc (bnc#742846) - -- fix typo in libtirpc file name -- rpm spec: use the %configure macro - -- update 5.0.6 upstream patches to 20111210, fixing some bugs and - implementing new features (bnc#741878): - * add systemd unit support (not enabled yet) - * add disable move mount configure option - * implement 'dir' map type - * improve mount location error reporting - * fix rpc build error - * fix ipv6 configure check - * fix ipv6 rpc calls - * fix ipv6 name lookup check - * fix map source check in file lookup - * fix submount shutdown race - * fix wait for master source mutex - * fix not bind mounting local filesystem - * fix LDAP result leaks on error paths - * fix result null check in read_one_map() - * fix dumpmaps not reading maps - * fix paged query more results check - -- add autoconf as buildrequire to avoid implicit dependency - -- fix initialization of LDAP results (bnc#730245) - -- init script: remove SUSE-specific actions that systemd doesn't - support (force-expire and force-stop) (bnc#725199) - -- rpm spec: remove redundant tags/sections -- rpm spec: use %_smp_mflags for parallel build - -- fix LDAP result leaks on error paths -- fix result null check in read_one_map() (bnc#707715) -- fix paged query more results check - -- update 5.0.6 upstream patches to 20110703, removing one patch - that is now upstream: - * autofs-5.0.6-fix-ipv6-name-for-lookup-fix.patch - -- fix an error in the recent ipv6 name for lookup patch - -- update to version 5.0.6 (bnc#702791): - * add nobind option - * add base64 password encode - * fix ipv6 name for lookup - * fix libtirpc ipv6 check - * dont bind nfs mount if nobind is set -- remove patches that are now upstream: - * autofs-5.0.5-fix-null-cache-deadlock.patch - -- rpm spec: install the rcautofs(8) man page as a symbolic link - to autofs(8) -- rpm spec: restart the automount daemon after updates -- init script: update Free Software Foundation address - -- fix null cache deadlock (bnc#696596) - -- update 5.0.5 upstream patches to 20110613 (bnc#699767): - * remove master_mutex_unlock() leftover - * fix sanity checks for brackets in server name - * fix lsb service name in init script - * fix map source check in file lookup - * fix simple bind without SASL support - * fix sasl bind host name selection - -- build against libtirpc since glibc's rpc code is deprecated - -- modify the NetworkManager dispatcher script to prevent it from - restarting AutoFS when the network goes down (bnc#693402) - -- init script: remove references to the obsolete autofs.ko (v3) - kernel module (bnc#696708) -- init script: don't wait one second if the misc device is already - available (bnc#696708) - -- documentation: add the following (commented out) options to - the default sysconfig file (bnc#695487, bnc#691617): - * DEFAULT_NEGATIVE_TIMEOUT - * DEFAULT_MOUNT_WAIT and DEFAULT_UMOUNT_WAIT - * MOUNT_NFS_DEFAULT_PROTOCOL - * LDAP_URI, LDAP_TIMEOUT, LDAP_NETWORK_TIMEOUT and SEARCH_BASE - -- update 5.0.5 upstream patches to 20110427 (bnc#692104): - * fix paged ldap map read - * fix next task list update - * fix stale map read - * fix null cache clean - * automount(8) man page correction - * fix out of order locking in readmap - * include ip address in debug logging - * mount using address for DNS round robin host names - * reset negative status on cache prune -- remove patches that are now upstream: - * autofs-5.0.5-fix-next-task-list-update.patch - * autofs-5.0.5-fix-stale-map-read.patch - * autofs-5.0.5-fix-out-of-order-locking-in-readmap.patch - -- init script: use misc device (/dev/autofs) by default, unless it - is explicitly disabled in sysconfig (bnc#684997) - -- fix out of order locking in readmap (bnc#667967) - -- add upstream fixes for the "non-expiring mounts" problem and - put the "fix direct map not updating on reread" patch back in - (bnc#677143) - -- ship init script as a source file and not as a patch against the - upstream sample - -- update 5.0.5 upstream patches to 20110318, fixing one bug: - * replace GPLv3 code (bnc#682268) - -- revert "fix direct map not updating on reread" due to expiration - problems (bnc#677143) - -- update 5.0.5 upstream patches to 20110302 (bnc#676690): - * use weight only for server selection - * fix isspace() wild card substitution - * auto adjust ldap page size - * fix prune cache valid check - * fix mountd vers retry - * fix expire race - -- init script: remove "gssd" from Should-Start/Stop lists, there - is no service with this name (bnc#626516) - -- when ghosting is enabled, don't create mount points for cached - entries that don't have a valid mapent (bnc#658734) - -- update 5.0.5 upstream patches to 20101021 (bnc#650177): - * remove ERR_remove_state() openssl call - * always read file maps mount lookup map read fix - * fix direct map not updating on reread - * fix add simple bind auth - * fix submount shutdown wait - * add external bind method - * add dump maps option - -- add MAP_HASH_TABLE_SIZE option to sysconfig - -- update 5.0.5 upstream patches to 20100810 (bnc#630736): - * remove extra read master map call - * fix "fix cache_init() on source re-read" - * fix error handing in do_mount_indirect() - * expire thread use pending mutex - * link against krb5 library by default - * make "verbose" mode a little less verbose (bnc#630719) -- merge patches autofs-5.0.2-use_local_cflags.patch and - autofs-5.0.5-as_needed.patch into autofs-suse-build.patch -- remove autofs-5.0.4-link_kerberos.patch (now upstream) - -- update 5.0.5 upstream patches to 20100524 (bnc#608284): - * add support to LDAP simple bind authentication - * fix master map source server unavailable handling - * add autofs_ldap_auth.conf man page - * fix random selection for host on different network - * don't hold lock for simple mounts - * fix remount locking - * fix wildcard map entry match (bnc#585201) - * fix parse_sun() module init - * don't check null cache on expire - * fix null cache race - * fix cache_init() on source re-read - * mapent becomes negative during lookup - * check each dc server - * fix negative cache included map lookup - * remove state machine timed wait - -- init script: improve stop routine to avoid problems on restart - (bnc#604497) - -- update 5.0.5 upstream patches to 20100326: - * fix reconnect get base dn - * add missing sasl mutex callbacks - * fix get query dn failure - * fix ampersand escape in auto.smb - * add locality as valid ldap master map attribute - * add locality as valid ldap master map attribute fix - -- add "network-remotefs" to Should-Start: and Should-Stop: in the - init script (bnc#522224) - -- remove configure to make sure it will be recreated by autoconf. - fixes a build problem that sometimes prevented lookup_ldap.so to - be linked against krb5 (bnc#572934, bnc#578655) - -- update 5.0.5 upstream patches to 20100201: - * check for path mount location in generic module - * don't fail mount on access fail - * fix rpc fail on large export list - * fix memory leak on reload - * don't connect at ldap lookup module init - * fix random selection option - * fix disable timeout - * fix strdup() return value check -- include README file about active restart feature (bnc#565151) - -- fix build on releases that do not support ext4 - -- add new sysconfig parameter USE_MISC_DEVICE and enable it by - default (bnc#565151) -- update initscript bringing it closer to what we have upstream: - * remove the deprecated force-stop logic and handle it like a - regular stop - * remove force-reload from usage and handle it like a regular - reload - -- update to version 5.0.5. lots of bug fixes including: - * fix nested submount expire deadlock - * fix negative caching for non-existent map keys - * make hash table scale to thousands of entries - * fix uri list locking (again) - * add nfs mount protocol default configuration option - * fix bad token declaration in master map parser - * fix double free in expire_proc() - * fix file map lookup when reading included or nsswitch sources - * fix memory leak reading master map - * fix st_remove_tasks() locking - * dont umount existing direct mount on master re-read - * fix incorrect shutdown introduced by library relaod fixes - * fix not releasing resources when using submounts - * fix double free in sasl_bind() - * fix map type info parse error - * fix an RPC fd leak - * fix pthread push order in expire_proc_direct() - * fix libxml2 non-thread-safe calls - * fix direct map cache locking - * fix dont umount existing direct mount on reread. -- update 5.0.5 upstream patches to 20091124: - * add mount wait parameter - * don't use master_lex_destroy() to clear parse buffer - * fix backwards #ifndef INET6 - * fix ext4 fsck at mount - * fix included map read fail handling - * fix libxml2 workaround configure - * fix pidof init script usage - * fix stale initialization for file map instance - * fix timeout in connect_nb() - * make documentation for set-log-priority clearer - * refactor ldap sasl bind - * special case cifs escapes. - -- fixed build with --as-needed - -- Add nfsserver to should start/stop in rc script (bnc#467906) - -- make sure that submounts are not busy anymore (bnc#467906) - brp-check-suse +- make sure all brp-scripts are actually executable + (still bsc#1184555) + ca-certificates-cacert +- spec-cleaner run (bsc#1186362) + +- update Class 3 certificate from https://www.cacert.org/class3.crt + (the old one expired today) + chromium +- Chromium 90.0.4430.212 (boo#1185908) + * CVE-2021-30506: Incorrect security UI in Web App Installs + * CVE-2021-30507: Inappropriate implementation in Offline + * CVE-2021-30508: Heap buffer overflow in Media Feeds + * CVE-2021-30509: Out of bounds write in Tab Strip + * CVE-2021-30510: Race in Aura + * CVE-2021-30511: Out of bounds read in Tab Group + * CVE-2021-30512: Use after free in Notifications + * CVE-2021-30513: Type Confusion in V8 + * CVE-2021-30514: Use after free in Autofill + * CVE-2021-30515: Use after free in File API + * CVE-2021-30516: Heap buffer overflow in History + * CVE-2021-30517: Type Confusion in V8 + * CVE-2021-30518: Heap buffer overflow in Reader Mode + * CVE-2021-30519: Use after free in Payments + * CVE-2021-30520: Use after free in Tab Strip +- FTP support disabled at runtime by default since release 88. + Chromium 91 will remove support for ftp altogether + (boo#1185496) + +* Patch change * +- Fix build with GCC 11 again (bsc#1185716) +- Remove chromium-88-compiler.patch +- Remove chromium-90-cstdint.patch +- Remove chromium-90-gslang-linkage-fixup.patch +- Added chromium-90-compiler.patch +- Added chromium-90-angle-constexpr.patch +- Added chromium-90-TokenizedOutput-include.patch +- Added chromium-90-ruy-include.patch +- Added chromium-90-CrossThreadCopier-qualification.patch +- Added chromium-90-quantization_utils-include.patch + chrony +- boo#1162964, clknetsim-glibc-2.31.patch: + Fix build with glibc-2.31 +- bsc#1184400, chrony-pidfile.patch: + Use /run instead of /var/run for PIDFile in chronyd.service. + clamav-database +- database refresh on 2021-05-17 (bsc#1084929) + +- database refresh on 2021-05-10 (bsc#1084929) + cloud-regionsrv-client +- Update to version 9.1.5 (bsc#1182779, bsc#1185234, bsc#1185198) + + Another startup process may run zypper before the registration process + if zypper is still running we cannot get the lock and as such + the installed products cannot be determined. Wait for the lock to be + released for up to 30 seconds. + + On any error durring product list generation return a list to avoid + a traceback by trying to iterate over None + dracut +- Update to version 049.1+suse.188.gbf445638: + * 90kernel-modules-extra: don't resolve symlinks before instmod (bsc#1185277) + dtc +- explicitly pass -pie in CFLAGS, since the build system explicitly passes + - fPIC, which breaks our gcc-PIE profile. This makes all packaged binaries + PIE-executables (bsc#1184122). + enblend-enfuse +- Add enblend-enfuse-4.2-gcc-10.patch: Fix build with GCC 10 + (picked from Gentoo, https://bugs.gentoo.org/723306). + +- Add reproducibledate.patch to override build date (boo#1047218) +- Add reproducible.patch to override build hostname (boo#1084909) + +- Update RPM groups. + +- Switched to cmake build + * Removed patch for autotools: enblend-latex-optional.patch +- Added enblend-enfuse-4.2-add-missing-cmakelists.patch +- Enabled support for OpenMP +- Enabled support for SSE2 +- Turn on optimizations again +- Info pages are no longer available +- Added PDF documentation for enblend and enfuse + -- Update to patchlevel 3 of version 4.1: - + Bug Fixes: - [Enblend only] Fix problem of multiple, almost-identical - seamlines that produce inexplicable black areas in the output - panorama. - + LCMS 2.5 is now required to build. - -- update to patchlevel 2 of version 4.1: - [Enblend and Enfuse] Fix a bug in the highlight-recovery that caused - Enfuse to bail out with the uncaught exception - "Minimizer1D::set_bracket: minimum not bracketed". - This addresses LaunchPad Bug #1214004. - [Enfuse] Clean up seemingly random, bright-colored pixels that - sometimes show up when fusing images with high contrast and "large" - color profiles. - [Enblend only] Fix a race condition in the seam-line optimizer that - can cause wrongly placed seams. - [Enblend and Enfuse] Use a per-thread storage of all OpenMP - Vigra-functors. This avoids data races. - [Enblend and Enfuse] The Boost implementation of the `Mersenne - Twister' random number generator caused segmentation faults when - used in the OpenMP-enabled versions of Enblend and Enfuse. The new - implementation is based on the GNU Scientific Library (GSL), which - plays nicely with concurrent accesses. - [Enblend only] Correct a mistake that causes overlapping images with - multiple seams to be blended incorrectly. - [Enblend only] Require the OpenGL extension - `GL_ARB_texture_rectangle' for the `--gpu' option to work. This - does away with a pesky warning of OpenGL drivers that do support - this extension and avoids crashes with drivers that don't. - The GPU performance improvement of Enblend via `--gpu' now is only - available with drivers that feature `GL_ARB_texture_rectangle' - (among many other required OpenGL extensions). - The OpenGL warning about odd texture sizes is unaffected by this - change. - [Enblend and Enfuse] Fix a longstanding quirk, which allowed to load - masks that were unsuitable for processing. -- no more signed tar balls, droping gpg verification :/ -- modified patches: - * use-default-gcc-inlining.diff - -- Added BuildRequire help2man to fix build with new automake - -- Update to version 4.1 (bnc#800803): - * All deprecated options since version 4.0 have been removed. - * New primary seam-line generator. - * Default to perceptual model of the difference image. - * Parallelize CIECAM02 color conversion. - * Enblend and Enfuse integrate seamlessly in color-managed - workflow. - * Require LittleCMS Version 2.x Unbounded CMM feature. - * Option to assign different profiles to profile-free input images. - * New gray-scale projector called "anti-value". - * Enblend and Enfuse stop after saving all generated masks to - files, if option "--save-masks" is given, but option "--output" - is not. - * Enblend and Enfuse can write output JPEG files with arithmetic - JPEG compression and TIFF files with JPEG compression. - * Enblend and Enfuse warn on images that alternate between with - color profile and without. - * Several new Commandline options: "--primary-seam-generator", - "--image-difference", "--ciecam" (for -c) and --no-ciecam", - "--fallback-profile=PROFILE", "--exposure-cutoff", - "--load-masks", "--layer-selector", "--levels=auto". - * Deprecated: "--smooth-difference", user-(re)sizable image-cache. - * External Vigra version 1.8 or later is required. - * Enblend no longer relies on libXMI. -- Verify GPG signature. - f2fs-tools +- Remove /usr/sbin/sg_write_buffer. This file is already provided + by sg3_utils as /usr/bin/sg_write_buffer. + +- prepare usrmerge (boo#1029961) + +- Update to release 1.14 + * f2fs_io: add copy command + * fsck: Check fsync data always for zoned block devices + * fsck: Check write pointer consistency of open zones + * fsck: Check write pointer consistency of non-open zones + * fsck.f2fs: Enable user-space cache + * f2fs-tools: support data compression + * dump.f2fs: print more info of inode layout + * resize.f2fs: add option for large_nat_bitmap feature + * f2fs-tools: Casefolded Encryption support + * mkfs.f2fs: allow setting volume UUID manually + * f2fs-tools: zns zone-capacity support + * mkfs.f2fs: add -T flag + * mkfs.f2fs: add -r (fake_seed) flag + +- Update to release 1.13 + * introduce some preen mode in fsck.f2fs + * add f2fs_io tool + * add casefolding support + +- Update to new upstream release 1.12 + * resize.f2fs: fix access out-of memory boundary + * mkfs.f2fs: support fsverity feature + * fsck.f2fs: fix stack overflow when reading out nat block + * mkfs.f2fs: avoid selinux denial for unnecessary sysfs node + * fsck.f2fs: allow -p without value + * mkfs.f2fs: support multiple features with one "-O" + * f2fs-tools: add -g to give default options + +- Update to version 1.10.0 + * f2fs-tools: support inode creation time + * fsck.f2fs: add -y for generic fsck + * fsck.f2fs: support quota + * mkfs.f2fs: support quota option in mkfs + * f2fs-tools: support flexible inline xattr size + * add sparse support for f2fs + * f2fscrypt: add a tool for encryption management in f2fs + -- Replace 0001-build-provide-definitions-for-byteswapping-on-big-en.patch - with official upstream version. - -- Update to new upstream release 1.4.0 - * fsck: add the -a option (auto-fix errors) [bnc#856645] - * fsck: remove corrupted xattr blocks and corrupted orphan inodes; - remove dentry if inode block is corrupted -- Add 0001-build-provide-definitions-for-byteswapping-on-big-en.patch - -- Update to new snapshot 1.3.0.g22 - * add "f2fstat" program to print f2fs's status in sec - * mkfs: support large directories - * mkfs.f2fs, fsck.f2fs: large volume support - -- Update to new upstream release 1.2.0 - * f2fs-tools: add stat information into fibmap - * fibmap.f2fs: change fibmap to fibmap.f2fs - * fsck, lib: support inline xattr - * fsck: skip to check block addresses in device files - * fsck: fix to handle file types correctly - * fsck: fix checking orphan inodes - -- Update to new snapshot v1.1.0-40-g6e8f2d5 - * Correct endianess conversions for CRC calculations, checkpoint - flags and in f2fs_update_nat_root. - * Fix the total_zones calculation in f2fs_prepare_super_block - * Add the fsck.f2fs and dump.f2fs utilities - -- Update to new snapshot v1.1.0-24-gfef98eb - * mkfs: add option to disable trim at format - * mkfs: handle labels longer than 16 characters - gdm +- Add gdm-Remove-deprecated-StandardOutput-syslog.patch: Remove + deprecated StandardOutput=syslog in gdm.service file + (bsc#1185146, glgo#GNOME/gdm!623). + gssproxy +- Use /run instead of /var/run for daemon PID files; (bsc#1185161); + ibutils +- Hardening: Link ibis executable with -pie (bsc#1184123). + * Added patch: ibutils-ibis-PIE.patch + -- Remove the bogus rpath from ibdmsh and that vein do not link - ibdmsh statically. - ipvsadm +- Hardening: link as position independent executable (bsc#1184988). + * Added ipvsadm-PIE.patch + -- Updated to ipvsadm-1.26 (for kernel 2.6.28-rc3 or later) - adding IPv6 support, netlink interface and code cleanups. -- Adopted patches and spec file, switched to use new netlink - interface and popt (getopt support dropped). -- Fixed rpmlint warnings in the init script and spec file. - java-11-openjdk -- Update to upstream tag jdk-11.0.10-9 (January 2021 CPU, +- Update to upstream tag jdk-11.0.11+9 (April 2021, CPU) + * Security fixes + + JDK-8244473: Contextualize registration for JNDI + + JDK-8244543: Enhanced handling of abstract classes + + JDK-8249906, CVE-2021-2163, bsc#1185055: Enhance opening JARs + + JDK-8250568, CVE-2021-2161, bsc#1185056: Less ambiguous + processing + + JDK-8253799: Make lists of normal filenames + + JDK-8257001: Improve Http Client Support + * Other changes + + JDK-7107012: sun.jvm.hotspot.code.CompressedReadStream + readDouble() conversion to long mishandled + + JDK-7146776: deadlock between URLStreamHandler.getHostAddress + and file.Handler.openconnection + + JDK-8086003: Test fails on OSX with java.lang.RuntimeException + 'Narrow klass base: 0x0000000000000000, Narrow klass shift: 3' + missing + + JDK-8168869: jdeps: localized messages don't use proper line + breaks + + JDK-8180837: SunPKCS11-NSS tests failing with + CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID + + JDK-8202343: Disable TLS 1.0 and 1.1 + + JDK-8205992: jhsdb cannot attach to Java processes running in + Docker containers + + JDK-8209193: Fix aarch64-linux compilation after -Wreorder + changes + + JDK-8210413: AArch64: Optimize div/rem by constant in C1 + + JDK-8210578: AArch64: Invalid encoding for fmlsvs instruction + + JDK-8211051: jdeps usage of --dot-output doesn't provide + valid output for modular jar + + JDK-8211057: Gensrc step CompileProperties generates unstable + CompilerProperties output + + JDK-8211150: G1 Full GC not purging code root memory and + hence causing memory leak + + JDK-8211825: ModuleLayer.defineModulesWithXXX does not setup + delegation when module reads automatic module + + JDK-8212043: Add floating-point Math.min/max intrinsics + + JDK-8212218: [TESTBUG] runtime/ErrorHandling/ + /TestHeapDumpOnOutOfMemoryErrorInMetaspace.java timed out + + JDK-8213116: javax/swing/JComboBox/WindowsComboBoxSize/ + /WindowsComboBoxSizeTest.java fails in Windows + + JDK-8213909: jdeps --print-module-deps should report missing + dependences + + JDK-8214180: Need better granularity for sleeping + + JDK-8214223: tools/jdeps/listdeps/ListModuleDeps.java failed + due to missing Lib2 file + + JDK-8214230: Classes generated by SystemModulesPlugin.java + are not reproducable + + JDK-8214741: docs/index.html has no title or copyright + + JDK-8215687: [Graal] unit test CheckGraalIntrinsics failed + after 8212043 + + JDK-8217848: [Graal] vmTestbase/nsk/jvmti/ResourceExhausted/ + /resexhausted003/TestDescription.java fails + + JDK-8218482: sun/security/krb5/auto/ReplayCachePrecise.java + failed - no KrbException thrown + + JDK-8218550: Add test omitted from JDK-8212043 + + JDK-8221584: SIGSEGV in os::PlatformEvent::unpark() in + JvmtiRawMonitor::raw_exit while posting method exit event + + JDK-8221995: AARCH64: problems with CAS instructions encoding + + JDK-8222518: Remove unnecessary caching of Parker object in + java.lang.Thread + + JDK-8222785: aarch64: add necessary masking for immediate + shift counts + + JDK-8223186: HotSpot compile warnings from GCC 9 + + JDK-8225773: jdeps --check produces NPE if there are missing + module dependences + + JDK-8225805: Java Access Bridge does not close the logger + + JDK-8226810: Failed to launch JVM because of + NullPointerException occured on System.props + + JDK-8229396: jdeps ignores multi-release when + generate-module-info used on command line + + JDK-8229474: Shenandoah: Cleanup CM::update_roots() + + JDK-8232225: Rework the fix for JDK-8071483 + + JDK-8232905: JFR fails with assertion: + assert(t->unflushed_size() == 0) failed: invariant + + JDK-8233164: C2 fails with assert(phase->C->get_alias_index(t) + == phase->C->get_alias_index(t_adr)) failed: correct memory + chain + + JDK-8233910: java/awt/ColorClass/AlphaColorTest.java is + failing intermittently in nightly lnux-x64 system + + JDK-8233912: aarch64: minor improvements of atomic operations + + JDK-8234508: VM_HeapWalkOperation::iterate_over_object reads + non-strong fields with an on-strong load barrier + + JDK-8234742: Improve handshake logging + + JDK-8234796: Refactor Handshake::execute to take a more + complex type than ThreadClosure + + JDK-8235324: Dying objects are published from users of + CollectedHeap::object_iterate + + JDK-8235351: Lookup::unreflect should bind with the original + caller independent of Method's accessible flag + + JDK-8237369: Shenandoah: failed vmTestbase/nsk/jvmti/ + /AttachOnDemand/attach021/TestDescription.java test + + JDK-8237392: Shenandoah: Remove unreliable assertion + + JDK-8237483: AArch64 C1 OopMap inserted twice fatal error + + JDK-8237495: Java MIDI fails with a dereferenced memory error + when asked to send a raw 0xF7 + + JDK-8239355: (dc) Initial value of SO_SNDBUF should allow + sending large datagrams (macOS) + + JDK-8240353: AArch64: missing support for + - XX:+ExtendedDTraceProbes in C1 + + JDK-8240704: CheckHandles.java failed "AssertionError: Handle + use increased by more than 10 percent." + + JDK-8240751: Shenandoah: fold ShenandoahTracer definition + + JDK-8240795: [REDO] 8238384 CTW: C2 compilation fails with + "assert(store != load->find_exact_control(load->in(0))) + failed: dependence cycle found" + + JDK-8241598: Upgrade JLine to 3.14.0 + + JDK-8241649: Optimize Character.toString + + JDK-8241770: Module xxxAnnotation() methods throw NCDFE if + module-info.class found as resource in unnamed module + + JDK-8241911: AArch64: Fix a potential register clash issue in + reduce_add2I + + JDK-8242030: Wrong package declarations in jline classes after + JDK-8241598 + + JDK-8242565: Policy initialization issues when the denyAfter + constraint is enabled + + JDK-8243618: compiler/rtm/cli tests can be run w/o WhiteBox + + JDK-8243670: Unexpected test result caused by C2 + MergeMemNode::Ideal + + JDK-8244088: [Regression] Switch of Gnome theme ends up in + deadlocked UI + + JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 header + files + + JDK-8244340: Handshake processing thread lacks yielding + + JDK-8244573: java.lang.ArrayIndexOutOfBoundsException thrown + for malformed class file + + JDK-8244683: A TSA server used by tests + + JDK-8245005: javax/net/ssl/compatibility/BasicConnectTest.java + failed with No enum constant + + JDK-8245026: PsAdaptiveSizePolicy::_old_gen_policy_is_ready is + unused + + JDK-8245283: JFR: Can't handle constant dynamic used by Jacoco + agent + + JDK-8245512: CRC32 optimization using AVX512 instructions + + JDK-8245527: LDAP Channel Binding support for Java + GSS/Kerberos + + JDK-8246707: (sc) SocketChannel.read/write throws + AsynchronousCloseException on closed channel + + JDK-8246709: sun/security/tools/jarsigner/ + /TsacertOptionTest.java compilation failed after JDK-8244683 + + JDK-8247200: assert((unsigned)fpargs < 32) + + JDK-8247766: [aarch64] guarantee(val < (1U << nbits)) + failed: Field too big for insn. + + JDK-8248336: AArch64: C2: offset overflow in + BoxLockNode::emit + + JDK-8248865: Document JNDI/LDAP timeout properties + + JDK-8248901: Signed immediate support in + .../share/assembler.hpp is broken. + + JDK-8249543: Force DirectBufferAllocTest to run with + - ExplicitGCInvokesConcurrent + + JDK-8249588: libwindowsaccessbridge issues on 64bit Windows + + JDK-8249749: modify a primitive array through a stream and a + for cycle causes jre crash + + JDK-8249787: Make TestGCLocker more resilient with concurrent + GCs + + JDK-8249867: xml declaration is not followed by a newline + + JDK-8250911: [windows] os::pd_map_memory() error detection + broken + + JDK-8251255: [linux] Add process-memory information to hs-err + and VM.info + + JDK-8251359: Shenandoah: filter null oops before calling + enqueue/SATB barrier + + JDK-8251925: C2: RenaissanceStressTest fails with + assert(!had_error): bad dominance + + JDK-8251944: Add Shenandoah test config to + compiler/gcbarriers/UnsafeIntrinsicsTest.java + + JDK-8251992: VM crashed running TestComplexAddrExpr.java test + with -XX:UseAVX=X + + JDK-8253220: Epsilon: clean up unused code/declarations + + JDK-8253274: The CycleDMImagetest brokes the system + + JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node + + JDK-8253368: TLS connection always receives close_notify + exception + + JDK-8253404: C2: assert(C->live_nodes() <= + C->max_node_limit()) failed: Live Node limit exceeded limit + + JDK-8253409: Double-rounding possibility in float fma + + JDK-8253476: TestUseContainerSupport.java fails on some Linux + kernels w/o swap limit capabilities + + JDK-8253524: C2: Refactor code that clones predicates during + loop unswitching + + JDK-8253644: C2: assert(skeleton_predicate_has_opaque(iff)) + failed: unexpected + + JDK-8253681: closed java/awt/dnd/MouseEventAfterStartDragTest/ + /MouseEventAfterStartDragTest.html test failed + + JDK-8253702: BigSur version number reported as 10.16, should + be 11.nn + + JDK-8253756: C2 CompilerThread0 crash in Node::add_req(Node*) + + JDK-8254104: MethodCounters must exist before nmethod is + installed + + JDK-8254734: "dead loop detected" assert failure with patch + from 8223051 + + JDK-8254748: Bad Copyright header format after JDK-8212218 + + JDK-8254799: runtime/ErrorHandling/ + /TestHeapDumpOnOutOfMemoryError.java fails with release VMs + + JDK-8255058: C1: assert(is_virtual()) failed: type check + + JDK-8255351: Add detection for Graviton 2 CPUs + + JDK-8255368: Math.exp() gives wrong result for large values on + x86 32-bit platforms + + JDK-8255387: Japanese characters were printed upside down on + AIX + + JDK-8255401: Shenandoah: Allow oldval and newval registers to + overlap in cmpxchg_oop() + + JDK-8255479: [aarch64] assert(src->section_index_of(target) == + CodeBuffer::SECT_NONE) failed: sanity + + JDK-8255544: Create a checked cast + + JDK-8255559: Leak File Descriptors Because of + ResolverLocalFilesystem#engineResolveURI() + + JDK-8255681: print callstack in error case in + runAWTLoopWithApp + + JDK-8255734: VM should ignore SIGXFSZ on ppc64, s390 too + + JDK-8255742: PrintInlining as compiler directive doesn't print + virtual calls + + JDK-8255845: Memory leak in imageFile.cpp + + JDK-8255880: UI of Swing components is not redrawn after their + internal state changed + + JDK-8255908: ExceptionInInitializerError due to + UncheckedIOException while initializing cgroupv1 subsystem + + JDK-8256025: AArch64: MachCallRuntimeNode::ret_addr_offset() + is incorrect for stub calls + + JDK-8256056: Deoptimization stub doesn't save vector registers + on x86 + + JDK-8256061: RegisterSaver::save_live_registers() omits upper + halves of ZMM0-15 registers + + JDK-8256187: [TEST_BUG] Automate bug4275046.java test + + JDK-8256220: C1: x86_32 fails with -XX:UseSSE=1 after + JDK-8210764 due to mishandled lir_neg + + JDK-8256258: some missing NULL checks or asserts after + CodeCache::find_blob_unsafe + + JDK-8256264: Printed GlyphVector outline with low DPI has bad + quality on Windows + + JDK-8256290: javac/lambda/T8031967.java fails with + StackOverflowError on x86_32 + + JDK-8256359: AArch64: runtime/ReservedStack/ + /ReservedStackTestCompiler.java fails + + JDK-8256387: Unexpected result if patching an entire + instruction on AArch64 + + JDK-8256421: Add 2 HARICA roots to cacerts truststore + + JDK-8256488: [aarch64] Use ldpq/stpq instead of ld4/st4 for + small copies in StubGenerator::copy_memory + + JDK-8256489: Make gtest for long path names on Windows more + resilient in the presence of virus scanners + + JDK-8256501: libTestMainKeyWindow fails to build with Xcode + 12.2 + + JDK-8256633: Fix product build on Windows+Arm64 + + JDK-8256682: JDK-8202343 is incomplete + + JDK-8256751: Incremental rebuild with precompiled header fails + when touching a header file + + JDK-8256757: Incorrect MachCallRuntimeNode::ret_addr_offset() + for CallLeafNoFP on x86_32 + + JDK-8256806: Shenandoah: optimize shenandoah/jni/ + /TestPinnedGarbage.java test + + JDK-8256807: C2: Not marking stores correctly as mismatched + in string opts + + JDK-8256810: Incremental rebuild broken on Macosx + + JDK-8256818: SSLSocket that is never bound or connected leaks + socket resources + + JDK-8256888: Client manual test problem list update + + JDK-8257083: Security infra test failures caused by + JDK-8202343 + + JDK-8257408: Bump update version for OpenJDK: jdk-11.0.11 + + JDK-8257423: [PPC64] Support -XX:-UseInlineCaches + + JDK-8257436: [aarch64] Regressions in ArrayCopyUnalignedDst + .testByte/testChar for 65-78 bytes when UseSIMDForMemoryOps + is on + + JDK-8257513: C2: assert((constant_addr - + _masm.code()->consts()->start()) == con.offset()) + + JDK-8257547: Handle multiple prereqs on the same line in deps + files + + JDK-8257561: Some code is not vectorized after 8251925 and + 8250607 + + JDK-8257565: epsilonBarrierSet.hpp should not include + barrierSetAssembler + + JDK-8257575: C2: "failed: only phis" assert failure in loop + strip mining verification + + JDK-8257594: C2 compiled checkcast of non-null object triggers + endless deoptimization/recompilation cycle + + JDK-8257633: Missing -mmacosx-version-min=X flag when linking + libjvm + + JDK-8257670: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java + reports leaks + + JDK-8257707: Fix incorrect format string in Http1HeaderParser + + JDK-8257746: Regression introduced with JDK-8250984 - memory + might be null in some machines + + JDK-8257798: [PPC64] undefined reference to + Klass::vtable_start_offset() + + JDK-8257884: Re-enable sun/security/ssl/SSLSocketImpl/ + /SSLSocketLeak.java as automatic test + + JDK-8257910: [JVMCI] Set exception_seen accordingly in the + runtime. + + JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java + again reports leaks after JDK-8257884 + + JDK-8257999: Parallel GC crash in gc/parallel/ + /TestDynShrinkHeap.java: new region is not in covered_region + + JDK-8258077: Using -Xcheck:jni can lead to a double-free after + JDK-8193234 + + JDK-8258247: Couple of issues in fix for JDK-8249906 + + JDK-8258373: Update the text handling in the JPasswordField + + JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder + .rotateDisk() + + JDK-8258419: RSA cipher buffer cleanup + + JDK-8258471: "search codecache" clhsdb command does not work + + JDK-8258534: Epsilon: clean up unused includes + + JDK-8258805: Japanese characters not entered by mouse click + on Windows 10 + + JDK-8258833: Cancel multi-part cipher operations in SunPKCS11 + after failures + + JDK-8258836: JNI local refs exceed capacity + getDiagnosticCommandInfo + + JDK-8258884: [TEST_BUG] Convert applet-based test + open/test/jdk/javax/swing/JMenuItem/8031573/bug8031573.java + to a regular java test + + JDK-8259007: This test printed a blank page + + JDK-8259048: (tz) Upgrade time-zone data to tzdata2020f + + JDK-8259049: Uninitialized variable after JDK-8257513 + + JDK-8259231: Epsilon: improve performance under contention + during virtual space expansion + + JDK-8259271: gc/parallel/TestDynShrinkHeap.java still fails + "assert(covered_region.contains(new_memregion)) failed: new + region is not in covered_region" + + JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert + will expire in 90 days + + JDK-8259319: Illegal package access when SunPKCS11 requires + SunJCE's classes + + JDK-8259339: AllocateUninitializedArray C2 intrinsic fails + with void.class input + + JDK-8259428: AlgorithmId.getEncodedParams() should return copy + + JDK-8259446: runtime/jni/checked/ + /TestCheckedReleaseArrayElements.java fails with stderr not + empty + + JDK-8259451: Zero: skip serviceability/sa tests, set vm.hasSA + to false + + JDK-8259580: Shenandoah: uninitialized label in + VerifyThreadGCState + + JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use + condition is incorrect + + JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE + after JDK-8244543 + + JDK-8259706: C2 compilation fails with assert(vtable_index == + Method::invalid_vtable_index) failed: correct sentinel value + + JDK-8259707: LDAP channel binding does not work with StartTLS + extension + + JDK-8259773: Incorrect encoding of AVX-512 kmovq instruction + + JDK-8259849: Shenandoah: Rename store-val to IU-barrier + + JDK-8259949: x86 32-bit build fails when -fcf-protection is + passed in the compiler flags + + JDK-8259954: gc/shenandoah/mxbeans tests fail with -Xcomp + + JDK-8260029: aarch64: fix typo in verify_oop_array + + JDK-8260308: Update LogCompilation junit to 4.13.1 + + JDK-8260338: Some fields in HaltNode is not cloned + + JDK-8260349: Cannot programmatically retrieve Metaspace max + set via JAVA_TOOL_OPTIONS + + JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a + + JDK-8260378: [TESTBUG] DcmdMBeanTestCheckJni.java reports + false positive + + JDK-8260497: Shenandoah: Improve SATB flushing + + JDK-8260502: [s390] NativeMovRegMem::verify() fails because + it's too strict + + JDK-8260632: Build failures after JDK-8253353 + + JDK-8260704: ParallelGC: oldgen expansion needs release-store + for _end + + JDK-8261022: Fix incorrect result of Math.abs() with char type + + JDK-8261089: [TESTBUG] native library of test + TestCheckedReleaseCriticalArray.java fails to compile with + gcc 4.x + + JDK-8261183: Follow on to Make lists of normal filenames + + JDK-8261209: isStandalone property: remove dependency on + pretty-print + + JDK-8261231: Windows IME was disabled after DnD operation + + JDK-8261251: Shenandoah: Use object size for full GC + humongous compaction + + JDK-8261310: PPC64 Zero build fails with + 'VMError::controlled_crash(int)::FunctionDescriptor + functionDescriptor' has incomplete type and cannot be defined + + JDK-8261334: NMT: tuning statistic shows incorrect hash + distribution + + JDK-8261413: Shenandoah: Disable class-unloading in I-U mode + + JDK-8261522: [PPC64] AES intrinsics write beyond the + destination array + + JDK-8261534: Test sun/security/pkcs11/KeyAgreement/ + /IllegalPackageAccess.java fails on platforms where no nsslib + artifacts are defined + + JDK-8261585: Restore HandleArea used in + Deoptimization::uncommon_trap + + JDK-8261753: Test java/lang/System/OsVersionTest.java still + failing on BigSur patch versions after JDK-8253702 + + JDK-8261829: Exclude tools/jlink/JLinkReproducibleTest.java + in 11u + + JDK-8261912: Code IfNode::fold_compares_helper more + defensively + + JDK-8261920: [AIX] jshell command throws java.io.IOError on + non English locales + + JDK-8262018: Wrong format in SAP copyright header of + OsVersionTest + + JDK-8263069: Exclude some failing tests from + security/infra/java/security/cert/CertPathValidator + +- moved mozilla-nss dependency to java-11-openjdk-headless package + This is necessary to be able to do crypto with just + java-11-openjdk-headless installed. Fixes boo#1184606 + +- Added patches: + * system-crypto-policy.patch + + Let OpenJDK use system crypto policies unless explicitely told + not to + * nss-security-provider.patch + + Add the NSS security provider with configuration in generated + nss.cfg file + * keytool-default-rsa.patch + + Make keytool generate RSA keys by default, since only the + LEGACY system crypto policy allows DSA + +- Update to upstream tag jdk-11.0.10+9 (January 2021 CPU, krb5 +- Use /run instead of /var/run for daemon PID files; (bsc#1185163); + krita +- Enable HEIF plugin also on Leap 15.3 now that libheif was added + ksh +- Remove BuildRequires: bind-libs. Requiring libs this way + is just wrong. + +- prepare usrmerge (boo#1029961) +- clean up SLE11 compat sections + +- remove pwdutils buildrequires, it's not needed and pwdutils got + dropped many years ago + +- remove sys/sysctl.h include as it no longer exists in linux + new patch: ksh93-no-sysctl.dif + +- fix build by removing -Werror=return-type and using + - ffat-lto-objects + -- Disable patch ksh93-backticks.dif as it breaks several test cases - -- Rename rpmlintrc to %{name}-rpmlintrc. - Follow the packaging guidelines. - -- Add patch ksh93-backticks.dif to allow the ksh to use more than - 65536 characters in the output of old fashion `...` commands (bnc#887320) - libqt5-qttools +- Modify the %requires_eq of libqt5-qttools-doc to use libclang + instead of clang now that llvm7 moved the header files to libclang + in SLE-15-SP1:Update (boo#1184920, boo#1109367, QTBUG-70687) + libqt5-qtwebengine -- Do not with build system_vpx on 15.3 +- Update to version 5.15.3: + * Fix spelling and coding style + * Fix new view request handling (QTBUG-87378) + * Fix getDefaultScreenId on X11 + * Fix flaky tst_QWebEngineView::textSelectionOutOfInputField test + * Move touch input tests to separate testcase + * Add touch input tests for scrolling and pinch zooming + * Fix rare duplicate ids forming in touch point id's mapping + * Use the module's version number for QtWebEngineProcess + * Touch handling: provide id mapping without modifying TouchPoint instance + (QTBUG-88001) + * Touch handling: fix mapped ids cleanup for TouchCancel event + * et custom headers from QWebEngineUrlRequestInfo before triggering redirect + (QTBUG-88861) + * Forward modifier flags for lock keys (QTBUG-89001) + * Fix handling of more than one finger for touch event (QTBUG-86389) + * Stabilize load signals emitting (QTBUG-65223, QTBUG-87089) + * Fix building against 5.12 on most CIs + * Update minimum HarfBuzz version to 2.4.0 (QTBUG-88976) + * Fix building against Qt 5.14 + * Migrate user script IPC to mojo + * Fix crashes in user resource controller when single process + * Minor. Fix namespace for user resource controller + * Minor. RenderThreadObserverQt is really a RenderConfiguration + * Remove RenderViewObserverHelper from UserResourceController + * Cache mojo interface bindings to UserResourceControllerRenderFrame + * Cache mojo interface bindings for WebChannelIPCTransport + * Migrate render_view_observer_qt to mojo + * Fix crash on linkedin.com (QTBUG-89740) + * Suppress error pages also for http errors if they are disabled + * Fix leak in QQuickWebEngineViewPrivate::contextMenuRequested + * Register PerformanceNode early enough + * Quiet log on webrtc usage + * Remove configure option that doesn't work + * Remove Java build dependency + * Fix blank popups in qml (QTBUG-86034) + * Fix position of popup on qml (QTBUG-86034, QTBUG-89358) + * Enable hangout services extension (QTBUG-85731) + * Allow to fallback to default locale for non existent data packs (QTBUG-90490) + * Support devtools close button + * Do not extract download file names from certain url schemes (QTBUG-90355) + * Leave room for the null-termination byte when checking remote drive path + (QTBUG-90347) + * Do not set open files limit for linking if not necessary + * Remove even more remains of non network service code + * Add back prefers-color-scheme support (QTBUG-89753) + * Start supporting chrome.resourcesPrivate API (QTBUG-90035) + * Enable chrome://user-actions WebUI + * Remove remains of chrome://flash + * Fix loadFinished signal if page has content but server sends HTTP error + (QTBUG-90517) + * Fix devtools page resource loading as raw data instead of html string + * Remove frame metadata observer (RenderWidgetHostViewQt) on destroy + * Resolve installed interceptors right before interception point (QTBUG-86286) + * Update searches faster + * Remove more leftovers of the old compositor + * Enable webrtc logging and the corresponding WebUI + * Support mips64el platform CPU(loongson 3A4000) + * Add tracing UI resources + * Fix crash on meet.google.com + * Fix mad popup qquickwindows on wayland + * Fix crashes on BrowserContext destruction + * Fix crash on exit in quicknanobrowser when popup + * Remove QtPdf dependency on nss at build-time + * Avoid accessing profileAdapter when profile is shutting down (QTBUG-91187) + * Do not flush messages form profile destructor + * Ignore QQuickWebEngineNewViewRequest if it is unhandled + * Fix ScopedGLContextChecker with QTWEBENGINE_DISABLE_GPU_THREAD=1 + * Don't send duplicate load progress values + * Fix neon support in libpng + * Do not call deprecated profile interceptor on ui thread (QTBUG-86267) + * Add certificate error message for ERR_SSL_OBSOLETE_VERSION + * Fix assert in WebContentsAdapter::devToolsFrontendDestroyed + * Avoid to reject a certificate error twice in Quick + * Fix PDF viewer plugin + * FIXUP: Fix swap condition in DisplayGLOutputSurface::updatePaintNode + (QTBUG-86599) + * Fix favicon engine under device pixel scaling + * Do not pass a native keycode matching the menu key when it is remapped + (QTBUG-86672) + * Optimize WebEngineSettings::testAttribute + * Warn about QtWebengineProcess launching from network share (QTBUG-84632) + * Handle non-ascii names for pulseaudio (QTBUG-85363) + * Do not set audio device for desktop capture if audio loopback is unsupported + * Fix new view request handling (QTBUG-87378) + * Fix getDefaultScreenId on X11 + * Touch handling: provide id mapping without modifying TouchPoint instance + (QTBUG-88001) + * Set custom headers from QWebEngineUrlRequestInfo before triggering redirect + (QTBUG-88861) + * Stabilize load signals emitting (QTBUG-65223) +- CVE fixes backported in chromium updates: + * CVE-2020-16044: Use after free in WebRTC + * CVE-2021-21118: Heap buffer overflow in Blink + * CVE-2021-21119: Use after free in Media + * CVE-2021-21120: Use after free in WebSQL + * CVE-2021-21121: Use after free in Omnibox + * CVE-2021-21122: Use after free in Blink + * CVE-2021-21123: Insufficient data validation in File System API + * CVE-2021-21125: Insufficient policy enforcement in File System API + * CVE-2021-21126: Insufficient policy enforcement in extensions + * CVE-2021-21127: Insufficient policy enforcement in extensions + * CVE-2021-21128: Heap buffer overflow in Blink + * CVE-2021-21129: Insufficient policy enforcement in File System API + * CVE-2021-21130: Insufficient policy enforcement in File System API + * CVE-2021-21131: Insufficient policy enforcement in File System API + * CVE-2021-21132: Inappropriate implementation in DevTools + * CVE-2021-21135: Inappropriate implementation in Performance API + * CVE-2021-21137: Inappropriate implementation in DevTools + * CVE-2021-21140: Uninitialized Use in USB + * CVE-2021-21141: Insufficient policy enforcement in File System API + * CVE-2021-21145: Use after free in Fonts + * CVE-2021-21146: Use after free in Navigation + * CVE-2021-21147: Inappropriate implementation in Skia + * CVE-2021-21148: Heap buffer overflow in V8 + * CVE-2021-21149: Stack overflow in Data Transfer + * CVE-2021-21150: Use after free in Downloads + * CVE-2021-21152: Heap buffer overflow in Media + * CVE-2021-21153: Stack overflow in GPU Process + * CVE-2021-21156: Heap buffer overflow in V8 + * CVE-2021-21157: Use after free in Web Sockets +- Drop obsolete patches: + * icu-68.patch + * icu-68-2.patch +- Rebase patches: + * fix1163766.patch + * sandbox-statx-futex_time64.patch + * rtc-dont-use-h264.patch + * chromium-glibc-2.33.patch +- Add patch to fix crash with certain locales: + * 0001-Fix-normalization-of-app-locales.patch +- Clean the spec file a bit + +- Can't use system_vpx on Leap 15.3 + +- Add patch to fix sandbox with glibc 2.33 on 32bit: + * sandbox-statx-futex_time64.patch + +- Relax constraints for armv6 and armv7 + +- Add patch to fix sandbox with glibc 2.33 (boo#1182233): + * chromium-glibc-2.33.patch + +- Bump _constraints and %limit_build, hopefully avoid occasional + OOM and make the build quicker +- Drop obsolete conditions + +- Drop baselibs.conf, not needed after libksysguard5 got adjusted + +- Fix build with ICU 68: + * Added icu-68.patch + * Added icu-68-2.patch + +- Update to 5.15.2: + * New bugfix release + * For more details please see: + http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.2/?h=5.15.2 + +- Update to 5.15.1: + * New bugfix release + * For more details please see: + http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.1/?h=5.15.1 +- Drop patches, now upstream: + * icu-v67.patch + * 0001-fix-build-after-y2038-changes-in-glibc.patch +- Refresh disable-gpu-when-using-nouveau-boo-1005323.diff +- Update rtc-dont-use-h264.patch + +- Add patch to not require openh264 and don't build the bundled version: + * rtc-dont-use-h264.patch + +- Can't use system VPX on Leap 15.2 + +- Update to version 5.15.0: + * No changelog available + +- Update to version 5.15.0-rc2: + * No changelog available + * Removed some-more-includes-gcc10.patch: contained in upstream + +- Update to 5.15.0-rc: + * New bugfix release + * For the changes between 5.14.2 and 5.15.0 please see: + http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.0/?h=5.15.0 +- Drop patches, now upstream: + * QTBUG-82186.patch + +- Add icu-v67.patch to fix compilation with icu v67, this is a backport + of https://github.com/v8/v8/commit/3f8dc4b2e5baf77b463334c769af85b79d8c1463 +- Rebase icu-v67.patch on 5.15.0-beta4 + +- Update to 5.15.0-beta4: + * New bugfix release + * No changelog available +- Refresh QTBUG-82186.patch + +- Update to 5.15.0-beta3: + * New bugfix release + * No changelog available +- Refresh fix1163766.patch + +- Add fix1163766.patch to fix opensuse-welcome on i686 (boo#1163766) + +- Add patch to fix build with GCC 10 (boo#1158516): + * some-more-includes-gcc10.patch + +- Update to 5.15.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta1: + * New bugfix release + * No changelog available +- Drop patches, now upstream: + * fix-missing-designerplugin.patch + * QTBUG-81574.patch + +- Fix a deadlock causing audio/video playback to fail (boo#1163744): + * QTBUG-82186.patch -- Update to 5.12.7: +- Update to 5.15.0-alpha: + * New feature release + * For more details please see: + https://wiki.qt.io/New_Features_in_Qt_5.15 +- Add patch to fix building the designer plugin: + * fix-missing-designerplugin.patch +- Move designer plugin into -devel subpackage +- Add packages for new Qt PDF module (which is technically separate + from WebEngine, but shares the source tarball) + +- Update to 5.14.1: - http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.7/?h=v5.12.7 -- Refresh chromium-non-void-return.patch + http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.14.1/?h=v5.14.1 -- Update to 5.12.6: +- Disable valgrind on %arm due to boo#1130395 + +- Update to 5.14.0: + * New bugfix release + * For the changes between 5.13.2 and 5.14.0 please see: + https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.14.0?h=v5.14.0 + * For the changes between 5.13.1 and 5.13.2 please see: + https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.13.2?h=v5.14.0 + +- Update to 5.14.0-rc: + * No changelog available - * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.6/?h=v5.12.6 + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 -- Use bundled libvpx on Leap 15.2 (for now) as well +- Update to 5.14.0-beta3: + * New bugfix release + * No changelog available +- Remove patches, now upstream: + * fix-system-icu.patch + +- Update to 5.14.0-beta2: + * New bugfix release + * No changelog available +- Drop patch, not necessary anymore: + * harmony-fix.diff + +- Update to 5.14.0-beta1: + * New bugfix release + * No changelog available + +- Update to 5.14.0-alpha: + * New feature release + * No changelog available + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 +- Drop chromium-non-void-return.patch, with newer post-build-checks + this is not necessary anymore +- Add patch to fix build with system ICU (QTBUG-78911): + * fix-system-icu.patch +- Enable kerberos support -- Update to 5.12.5: +- Update to 5.13.1: - * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.5/?h=5.12.5 + * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.13.1/?h=v5.13.1 + +- Increase disk constraints to 12G, TW needs 11.7G currently + +- Increase assumed per-job memory use to 2.5GB -- Update to 5.12.4: +- add 0001-fix-build-after-y2038-changes-in-glibc.patch + +- Update to 5.13.0: - * For more details please see: - * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.4/?h=5.12.4 + * No changelog available + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.13.0/?h=5.13 + +- Replace open coded macro for parallel build limit by the one from the + memory-constraints package +- Update to 5.13.0-rc: + * New bugfix release + * No changelog available + +- Fix system_vpx bcond + +- Update to 5.13.0-beta2: + * New bugfix release + * No changelog available +- Refresh patches: + * harmony-fix.diff + * chromium-non-void-return.patch (sigh, again) +- Disable using the system ICU on Leap < 16, too old +- Update to 5.13.0-beta1: + * New feature release + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.13.0/?h=5.13 +- Refresh patches: + * disable-gpu-when-using-nouveau-boo-1005323.diff + * harmony-fix.diff + * chromium-non-void-return.patch (sigh) +- Remote patches, now upstream: + * reproducible.patch + llvm7 +- Backport fixes and changes from obs. +- Fri Oct 18 18:40:39 UTC 2019 - Stefan Brüns +- (Build)Require only python3-base instead of full python3 package, + the additional modules are not required. Helps shortening the + build dependency chain. +- Remove python3-* requires from lldb7 subpackage, and add it to + the bindings/pretty-printer subpackage (python3-lldb7). +- Wed Sep 4 15:02:41 UTC 2019 - Aaron Puchert +- Remove unneccesary dependencies: + * groff, bison and flex don't seem to be used. + * jsoncpp is no longer used since r338461. + * Devel packages are only required in other devel packages, + when their headers are included in the installed headers. +- Remove some duplicate BuildRequires. +- Move libxml to the main package, since Clang also needs it. +- Remove unused (since r268685) CMake flags LLVM_ENABLE_TIMESTAMPS. +- Fri Aug 9 20:18:20 UTC 2019 - Petr Tesařík +- llvm-skip-broken-float-test.patch + * Skip a test that is broken with 387 FPU registers. + * Avoids check failure on i586 (bsc#1145085). +- Fri Aug 9 14:34:09 UTC 2019 - Petr Tesařík +- openmp-link-with-atomic-if-needed.patch +- openmp-link-with-atomic-if-needed.patch + * Link libomp with atomic if needed (bsc#1145085). + * Fixes build using gcc-4.8 (e.g. SLE-12). +- Thu Mar 28 15:15:46 UTC 2019 - Bernhard Wiedemann +- Add clang-deterministic-selector-order.patch to make build of + gnustep-libobjc2 package reproducible (boo#1067478) +- Sun Mar 10 20:24:03 UTC 2019 - Aaron Puchert +- Remove -fno-strict-aliasing, which upstream doesn't use any more + since r245304 in 2015. (http://reviews.llvm.org/D12036) + It's probably also not needed for modern versions of GCC. + It was enabled in r105644 because of some bugs there. +- Package clang builtin headers with libclang. The library is + basically unusable without the builtin headers. Currently + consumers of libclang have to require clang as well, although + only the headers are needed. (boo#1109367) + lvm2 +- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190) + + bug-1185190_01-pvscan-support-disabled-event_activation.patch + + bug-1185190_02-config-improve-description-for-event_activation.patch + +- LVM cannot be disabled on boot (bsc#1184687) + + bug-1184687_Add-nolvm-for-kernel-cmdline.patch +- Update patch for avoiding apply warning message + + bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch + monitoring-plugins-haproxy +- Build require icinga2-bin and icinga2-common to get rid of owning + directories that belong to icinga2 + +- Update to 1.1: + + Add new option -i or --ignore-backends to exclude certain backend(s) + from the check. The parameter expects a single string for the backend + name or a list of comma-separated backend names + + Fix and display the maximum number of allowed concurrent sessions + of the backend in performance data (was always showing 0 before) + + Added bytes_in and bytes_out to performance data per backend +- switch to https://github.com/Napsty/check_haproxy as upstream + URL: contains latest 1.1 relase plus additional icinga2 config +- package NRPE snipplet +- package icinga2 CheckCommand definition template +- use _service for sources +- ran spec-cleaner + monitoring-plugins-sar-perf +- include abstractions/bash in apparmor profile - otherwise + the 'which iostat' command fails +- reload the apparmor profile in postun to make the changes effective + +- update apparmor profile again to allow reading + /sys/devices/**/stat + +- update AppArmor profiles to include a comment why the check + needs to read nsswitch.conf and passwd + +- update AppArmor profile to allow reading /etc/nsswitch.conf and /etc/passwd + +- update apparmor profile usr.lib.nagios.plugins.check_iostat + to allow reading / and /proc/$pid/mountinfo + +- check_iostat: add reasons why state is warning or critical + to the output + +- check_iostat: sanitize dev name to properly match iostat output + +- check_iostat: exit with OK if running on tmpfs +- check_iostat: fix apparmor profile to allow stat call + +- check_iostat: allow to just specify a directory + +- update AppArmor profile for usrMerge (bash) (boo#1132350) + +- check_iostat: fix to work with iostat on sle15 + -- Renamed package to monitoring-plugins-sar-perf - -- check_iostat: use 5 seconds instead of 2 to get more useful data - -- check_iostat: add warning and critical levels for iowait - -- check_iostat: actually check current io stats, not since boot - -- more additions to check_iostat: can use device-mapper name - openSUSE-build-key +- Refresh the SLE15 build@suse.de key + * Updated gpg-pubkey-39db7c82-5847eb1f.asc + -- updated keys: - - 307E3D54 build@suse.de "SuSE Package Signing Key" (2014-05-03) - - 7E2E3B05 novell-provo-build@novell.com "Novell Provo Build" - (2014-05-06) - - 9C800ACA build@suse.de "SuSE Package Signing Key" (2014-05-03) - - 56B4177A openSUSE:Factory@build.opensuse.org - "openSUSE:Factory OBS Project" (2014-05-04) - - 3DBDC284 opensuse@opensuse.org "openSUSE Project Signing Key" - (2014-05-04) - opentoonz +- Use a _service file to exclude most of third party subfolders. + thirdparty/openblas contains unredistributable files and some + precompiled dll files are present in a couple other folders. + +- Update to 1.5.0 + * Ease Regulations for the Use of Animate Tool + * New - Aotz MyPaint brush set (Sketch, Ink, Fill, Clouds, Water, + Grass, Leaves, Fur, Eraser, etc.) + * Fix vector custom styles + * Fix color model pick mode + * New - Save/Reload Color Separation Colors Parameters + * New - Add snap option to control point editor tool + * New - Freehand mode in control point editor tool + * New - Convert To Vector : Align Boundary Strokes Direction Option + * New - Snap at intersection in cutter tool + * New - Bloom Iwa Fx + * New - Fractal Noise Iwa Fx + * New - Glare Iwa Fx + * New - Search bar in New Fx browser + * New - Linear color space option for Add Fx Ino + * New - Logarithmic option for Spiral fx + * New - Particle FX Preset: Flock fx + * New Segment Erase + * New Frame range for segment mode of eraser tool + * New - (Optional/Experimental) Expression Reference Manager + * New - Expression Function: Periodic Random + * New - Copy expression object address directly from UI + * New - multi arc shape in geometric tool + * Fix - Geometric tool / Type tool first point offset + * Enhance - Premultiply on Loading PNG images + * Fix - Fix copy/paste keyframe causing bad data + * New - Horizontal Level Strip option + * Fix icon rendering for HDPI + * Fix for Duplicate Window Title (Mac) + * Fix for Full Screen on Multiple Monitors (WIndows) + * New - (Optional) Toolbar location + * New - Color Keys Global Palette + * Fix - OpenGL Line Smoothing + * Updated Dwango plugins (separate download) + * Fix Batch Rendering on Mac + * Updated Output Settings Dialogue + * Fix incorrect xml in tnz file + * Fix - Scene Cast Update on Pasting + * Enhancement - Improved target area for Transform selection + * New - (Optional) Create New Style Command Button + * Fix - Fix Vector Tape Tool on Joining Points at the Same Position + * Updated Languages ( ) + * New - Initial support for Norwegian Bokmal + * New - Weblate widget + * New - Generation of translation projects now optional in cmake + * New - All New Icons (GUI Cleanup) + * New - Live update for 3DLuts via Preferences + * New - Additional UI Style Sheet customizations via Preferences + * New - Icons for all commands + * Update Default Room set + * Fix - Fix Crash When Drawing on Absent Level + * New - More shapes for Adobe Animate keyboard shortcuts + * New - Shortcut keypress length option + * New - Undo: Reset Undo when Saving Levels Preference Option +- Drop patches: + * p_handle-no-return-in-nonvoid-function.patch + * 0001-Fix-build-with-GCC-10.patch + * 0001-Fix-build-with-Qt-5.15.patch + * 0001-System-depend-code-deduplication.patch +- Rebase 0001-Fix-linker-errors-on-Linux.patch +- Update 0001-Use-the-system-mypaint-brushes.patch + +- use usb-1.0 dependency instead of deprecated usb-0.1 + openvpn +- bsc#1185279, CVE-2020-15078, openvpn-CVE-2020-15078.patch: + Authentication bypass with deferred authentication. +- bsc#1169925, CVE-2020-11810, openvpn-CVE-2020-11810.patch: + race condition between allocating peer-id and initializing data + channel key +- bsc#1085803, CVE-2018-7544, openvpn-CVE-2018-7544.patch: + Cross-protocol scripting issue was discovered in the management + interface + -- Update to version 2.3.4 - * Add support for client-cert-not-required for PolarSSL. - * Introduce safety check for http proxy options. - -- Build with large file support in 32 bit systems. - -- use %_rundir for %ghost directory - leaving /var/run everywhere - else - -- Updated README.SUSE, documented also the rcopenvpn compatibility - wrapper script (bnc#848070). - -- openvpn-fips140-2.3.2.patch: Allow usage of SHA1 instead of MD5 in - some internal checking routines. This allows operation in FIPS 140-2 - mode. - -- Readded rcopenvpn helper script under systemd (bnc#848070) - -- Fixed invalid mode in exec bit removal call from doc files - -- Add a section about how to control all or a named configuration with the - help of systemctl to the README.SUSE file. - -- Update to 2.3.2 - +Fixes since 2.3.0 -- Remove dead code path and putenv functionality -- Remove unused function xor -- Move static prototype definition from header into c file -- Remove unused function no_tap_ifconfig -- fix build with automake 1.13(.1) -- Fix corner case in NTLM authentication (trac #172) -- Update README.IPv6 to match what is in 2.3.0 -- Repair "tcp server queue overflow" brokenness, more fallout. -- Permit pool size of /64.../112 for ifconfig-ipv6-pool -- Add MIN() compatibility macro -- Fix directly connected routes for "topology subnet" on Solaris. -- close more file descriptors on exec -- Ignore UTF-8 byte order mark -- reintroduce --no-name-remapping option -- make --tls-remote compatible with pre 2.3 configs -- add new option for X.509 name verification -- add man page patch for missing options -- Fix parameter listing in non-debug builds at verb 4 -- (updated) [PATCH] Warn when using verb levels >=7 without debug -- Enable TCP_NODELAY configuration on FreeBSD. -- Updated README -- Cleaned up and updated INSTALL -- PolarSSL-1.2 support -- Improve PolarSSL key_state_read_{cipher, plain}text messages -- Improve verify_callback messages -- Config compatibility patch. Added translate_cipher_name. -- Switch to IANA names for TLS ciphers. -- Fixed autoconf script to properly detect missing pkcs11 with polarssl. -- Use constant time memcmp when comparing HMACs in openvpn_decrypt. - -- Try to migrate openvpn.service autostart to openvpn@.service - instance enablement. - -- Fixed to enable systemd support in configure -- Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. -- Added openvpn.target file allowing to handle all instances at once. -- Fixed to install the service template correctly as openvpn@.service. - Use "systemctl enable openvpn@foo.service" to enable instance using - /etc/openvpn/foo.conf. -- Disabled systemd variant of restart on update rpm macro, adopted other - macros to use openvpn.target to e.g. stop all instances on uninstall. - -- Remove _unitdir definition, it is provided by systemd. -- Install service file without x permissions - -Update to version 2.3.0: - * Full IPv6 support - * SSL layer modularised, enabling easier implementation for other SSL libraries - * PolarSSL support as a drop-in replacement for OpenSSL - * New plug-in API providing direct certificate access, improved logging API - and easier to extend in the future - * Added 'dev_type' environment variable to scripts and plug-ins - which is - set to 'TUN' or 'TAP' - * New feature: --management-external-key - to provide access to the encryption - keys via the management interface - * New feature: --x509-track option, more fine grained access to X.509 fields - in scripts and plug-ins - * New feature: --client-nat support - * New feature: --mark which can mark encrypted packets from the tunnel, suitable - for more advanced routing and firewalling - * New feature: --management-query-proxy - manage proxy settings via the management - interface (supercedes --http-proxy-fallback) - * New feature: --stale-routes-check, which cleans up the internal routing table - * New feature: --x509-username-field, where other X.509v3 fields can be used for - the authentication instead of Common Name - * Improved client-kill management interface command - * Improved UTF-8 support - and added --compat-names to provide backwards compatibility - with older scripts/plug-ins - * Improved auth-pam with COMMONNAME support, passing the certificate's common - name in the PAM conversation - * More options can now be used inside blocks - * Completely new build system, enabling easier cross-compilation and Windows builds - * Much of the code has been better documented - * Many documentation updates - * Plenty of bug fixes and other code clean-ups -- Add systemd native support for OpenSUSE > 12.1 -- Adapt patchs to upstream release: - * openvpn-2.1-plugin-man.dif > openvpn-2.3-plugin-man.dif - * openvpn-2.1.0-man-dot.diff > openvpn-2.3.0-man-dot.diff -- Remove obsolete patchs; fixed or merged on upstream release: - * 0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch - * openvpn-2.1-plugin-build.dif - * openvpn-2.1-systemd-passwd.patch -- Rebase specfile to upstream changes: - * easy-rsa is not provided anymore with main package - * remove %clean section - * autoreconf -fi is no needed -- Update openvpn.keyring file for upstream release asc key - -- Join openvpn.service systemd cgroup in start when needed, e.g. - when starting with further parameters. (bnc#781106) - -- Verify GPG signature. - -- fix ciaran's previous license entry. the license has a SUSE prefix - -- Fixed openvpn init script to not map reopen to reload so the - reopen code is without any effect (bnc#781106). -- Added requested OPENVPN_AUTOSTART variable allowing to provide - an optional list of config names started by default (bnc#692440). - -- license update: GPL-2.0-with-openssl-exception and LGPL-2.1 - openssl has an openssl exception (also, it is GPL-2.0 only) - -- Fixed SLES build readding Group tags to sub-packages in spec, - not require libselinux-devel on SLE-10 and datadir/doc cleanup. - -- Updated to openvpn-2.2.2: - - Warn once, that IPv6 in tun mode is not supported in OpenVPN 2.2 - - Pkcs11 support built into the Windows version - - Fixed a bug in the Windows TAP-driver - -- Fix source URLs. - -- add automake as buildrequire to avoid implicit dependency - -- Marked /var/run/openvpn as ghost (bnc#710270), man page and - other rpmlint warning fixes - -- BuildRequires libselinux-devel -- Use SSL_MODE_RELEASE_BUFFERS to keep memory usage low, sent - upstream as https://community.openvpn.net/openvpn/ticket/157 - -- Add openvpn-2.1-systemd-passwd.patch / modify openvpn.init to - support systemd password query (bnc#675406) - -- Updated to openvpn-2.2.1, a new version series providing several - new features. This version fixes build issues and provides - updated easy-rsa for OpenSSL 1.0.0 (fixes Trac ticket #125), -- Adopted spec file, enabled saving password in a file and to - specify an alternative username in x509 cert. -- Removed X-Interactive from init script again, as systemd isn't - able to use it correctly [any more?] (bnc#675406). We will - address it later and probably use /bin/systemd-ask-password. - -- KVPNC is unable to parse openvpn version [bnc#679153] - -- Added X-Interactive: true LSB tag to the init script. - -- Updated to openvpn 2.1.4, providing several bug fixes and - improvements, such as: - * Fix of a problem with special case route targets - * Try to ensure, that the tun/tap interface gets closed on - non-graceful aborts. - * Several AUTH_FAILED reporting fixes causing the connection - to fail without any error indication. - * Enable exponential backoff in reliability layer retransmits. - * Proxy improvements - Please review the ChangeLog file for a complete and exact list. - -- Do not include build date in binaries - -- Improved netconfig based client up and down sample scripts. - -- Added netconfig based client up and down scripts to samples. - -- Updated to openvpn 2.1.1; linux related changes since 2.1_rc20: - * Fixed a couple issues in sample plugins auth-pam.c and - down-root.c. - (1) Fail gracefully rather than segfault if calloc returns NULL. - (2) The openvpn_plugin_abort_v1 function can potentially be - called with handle == NULL. Add code to detect this case, - and if so, avoid dereferencing pointers derived from handle - (Thanks to David Sommerseth for finding this bug). - * Documented "multihome" option in the man page. - * Added a hard failure when peer provides a certificate chain - with depth > 16. Previously, a warning was issued. - * Added additional session renegotiation hardening. OpenVPN has - always required that mid-session renegotiations build up a new - SSL/TLS session from scratch. While the client certificate - common name is already locked against changes in mid-session - TLS renegotiations, we now extend this locking to the - auth-user-pass username as well as all certificate content in - the full client certificate chain. -- Improved openvpn init script adding messages giving a hint about - pid write failure and to look into the log messages (bnc#559041). -- Added -fno-strict-aliasing to compile flags in the spec file. - -- Updated to openvpn 2.1 2.1_rc20, fixing problems in route and - option handling provided by the from server (bnc#552440). - For complete list of changes, see ChangeLog file, here just - the IMO most important: - * Fixed a bug introduced in 2.1_rc17 (svn r4436) where using - the redirect-gateway option by itself, without any extra - parameters, would cause the option to be ignored. - * Optimized PUSH_REQUEST handshake sequence to shave several - seconds off of a typical client connection initiation. - * The maximum number of "route" directives (specified in the - config file or pulled from a server) can now be configured - via the new "max-routes" directive. - * Eliminated the limitation on the number of options that can - be pushed to clients, including routes. Previously, all - pushed options needed to fit within a 1024 byte options - string. - * Added --server-poll-timeout option : when polling possible - remote servers to connect to in a round-robin fashion, - spend no more than n seconds waiting for a response before - trying the next server. - * Added the ability for the server to provide a custom reason - string when an AUTH_FAILED message is returned to the client. - This string can be set by the server-side managment interface - and read by the client-side management interface. - * client-kill management interface command, when issued on server, - will now send a RESTART message to client. This feature is - intended to make UDP clients respond the same as TCP clients - in the case where the server issues a RESTART message in order - to force the client to reconnect and pull a new options/route - list. - -- Added network-remotefs to init script dependencies (bnc#522279). - -- Updated to openvpn 2.1 [2.1_rc18] series (fate#305289). -- Enabled pkcs11-helper for openSUSE > 10.3 (bnc#487558). -- Adopted spec file and patches, improved init script. -- Disabled installation of easy-rsa for Windows. - orthanc-wsi +- orthanc193.diff added (boo#1186112) + package-translations +- Merge Leap, Tumbleweed and SLE into a single package + (bump major version from 84 to 89). +- Update to version 89.87.20210518.c8ca1c2f: + * Generate previous context for patterns po files + * Update README.md + * Import strings from SLE branch into patterns po files + * Remove reference to obsolete rpm-groups + * Update strings with both Leap and SLE support + * prepare_split_tw_leap.sh: Accept more files + * Add support for urls_sle.txt + * Include updates from SLE branch - SLE support - Remove rpm-groups - Make package translations optional + * Update with Leap 15.3 specific strings + * Bump URLs for 15.3 + * Added translation using Weblate (Central Atlas Tamazight) + * Added translation using Weblate (Hindi) + * Added translation using Weblate (Sinhala) + * Added translation using Weblate (Turkish) + * Translated using Weblate (Catalan) + * Translated using Weblate (Central Atlas Tamazight) + * Translated using Weblate (Chinese (China) (zh_CN)) + * Translated using Weblate (Chinese (China)) + * Translated using Weblate (Chinese (Taiwan) (zh_TW)) + * Translated using Weblate (Czech) + * Translated using Weblate (Dutch) + * Translated using Weblate (English (United Kingdom)) + * Translated using Weblate (Finnish) + * Translated using Weblate (French) + * Translated using Weblate (German) + * Translated using Weblate (Greek) + * Translated using Weblate (Hindi) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Italian) + * Translated using Weblate (Japanese) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese) + * Translated using Weblate (Russian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Spanish) + * Translated using Weblate (Ukrainian) + parsec +- Fix build with old rust used in Leap 15.3/SLE15-SP3. + * parsec-fix-old-rust.patch + +- Requires 'tpm2-0-tss' as it holds the udev rule to make /dev/tpm* + owned by tss user +- Requires 'libtss2-tcti-device0' as it is required to start parsec + with TPM support + +- Enable all authenticators which adds 'direct-authenticator' +- Add CryptoAuthLib template (disabled) in config.toml + +- Make 'parsec' user part of 'tss' group to access /dev/tpm* devices + +- Update to 0.7.2: + * Changelog: https://github.com/parallaxsecond/parsec/compare/0.6.0...0.7.2 + +- Recommends 'opensc' as it is used to initialize HSM keys (PKCS#11 backend) +- Add PKCS#11 template (disabled) in config.toml +- Disable Tpm backend by default in config.toml + patterns-base +- Do not recommending SUSEConnect and rollback-helper for openSUSE + procps +- Add upstream patch procps-vmstat-1b9ea611.patch for bsc#1185417 + * Support up to 2048 CPU as well + python-paramiko +- Add support-cryptography-25-and-above.patch: + * Since SLE15 SP1 and above have cryptography 2.8, stop using deprecated + methods, and update the required version. (bsc#1178341) + python3 +- Add CVE-2021-3426-inf-disclosure-pydoc-getfile.patch to remove + getfile feature from pydoc, which is a security nightmare + (among other things, CVE-2021-3426, allows disclosure of any + file on the system; bsc#1183374, bpo#42988). + python3-azuremetadata +- Version 5.1.4 (bsc#1184720, bsc#1172581) +- Use versions endpoint to list the available versions +- Add bypass proxy +- Update way to check classic vms + sensors +- change-pidfile-path-from-var-run-to-run.patch: Change PIDFile + path from /var/run to /run (bsc#1185183). +- var-run-deprecated.patch: /var/run is deprecated (bsc#1185183). + strongswan +- Add support for AES CCM aead algorithms to openssl plugin (cc/fips,bsc#1185363) + [+ 0009-strongswan-openssl-aead-add-ccm-support.patch] + suil +- update to 0.10.6: + * Add no-cocoa configure flag + * Update build system + * Add support for Qt5 in Gtk3 + * Add support for min/base size hints for X11 in Gtk (thanks Hermann Meyer) +- Drop upstreamed patch suil-wrong-cocoa-detection.patch + +- Drop bogus python(2)-qt5 runtime dependencies, python is only + required for the build system. +- Remove unused python3-rdflib build dependency. + +- Update to version 0.10.2 + * Fix resizing and add idle and update rate support for Qt5 in + Gtk2 + * Fix various issues with Qt5 in Gtk2 +- Use python3 for build +- Added suil-wrong-cocoa-detection.patch +- Spec cleanup + systemtap +- Adjust stap-server.conf to refer to /run not /var/run (bsc#1185068) + +- Use %{_tmpfilesdir} instead of wrong %{_libexecdir}/tmpfiles.d + trytond +- Version 5.0.35 - Bugfix Release + +- Parameter for webdav server added to trytond.conf + +- Version 5.0.34 - Bugfix Release + +- add upstream signing key and validate source signature + trytond_account +- Version 5.0.17 - Bugfix Release + +- add upstream signing key and validate source signature + trytond_account_invoice +- Version 5.0.12 - Bugfix Release + +- Version 5.0.11 - Bugfix Release + +- add upstream signing key and validate source signature + trytond_currency +- Version 5.0.5 - Bugfix Release + +- add upstream signing key and validate source signature + trytond_party +- Version 5.0.4 - Bugfix Release + +- add upstream signing key and validate source signature + trytond_stock +- Version 5.0.13 - Bugfix Release + +- add upstream signing key and validate source signature + vips +- Update to version 8.10.5 + * fix potential /0 in animated webp load [lovell] + * fix spng detection + * fix vips7 webp load [barryspearce] + * fix out of bounds exif read in heifload + * fix out of bounds read in tiffload + * fix tiffsave region shrink mode [imgifty] + * add missing flushes on write to target [harukizaemon] + * hide info messages you could get with some older glibs [kleisauke] + * fix --no-strip on dzsave with icc-profiles [altert] + * relax heic is_a rules [hisham] + * better GraphicsMagick image write [bfriesen] + * add missing read loops to spng, heif, giflib and ppm load [kleisauke] + * block zero width or height images from imagemagick load [Koen1999] + * check for overflow in gifload height [lovell] + * fix msb_first default in ppm load and save [ewelot] + * force binary mode on win for connection read / write [Alreiber] + * better testing for output to target [barryspearce] + * ppmload_source was missing is_a [ewelot] + * improve webpload rounding and blending behaviour [lovell] + * fix range clip in int32 -> unsigned casts [ewelot] + * fix precision error in clip of float -> int casts [ewelot] + * fix load of HEIC images with 0 length metadata [ddennedy-gpsw] + * revise rounding in reduce [kleisauke] + +- Update to vips 8.10.2 + * update magicksave/load profile handling [kelilevi] + * better demand hint rules [kaas3000] + * fix tiff thumbnail from buffer and source [vansante] + * in jpegsave, don't set JFIF resolution if we set EXIF resolution + * bump minimum libheif version to 1.3 [lovell] + * dzsave in iiif mode could set info.json dimensions off by one [Linden6] + * pdfload allows dpi and scale to both be set [le0daniel] + * allow gaussblur sigma zero, meaning no blur + * better heif signature detection [lovell] + * fix vips_fractsurf() typo [kleisauke] + * better heif EOF detection [lovell] + * fix gir build with g-o-i 1.66+ [László] + * improve seek behaviour on pipes + * add "speed" param to heifsave [lovell] + * fix regression in C path for dilate / erode [kleisauke] + * fix build with libheif save but no load [estepnv] + +- Add AVIF support via libheif + * libheif is *only* built with AVIF support + * HEIF is not working as it isn't linked against x265 + +- update to vips 8.10.0: + - more conformat IIIF output from dzsave [regisrob] + - add @id to dzsave to set IIIF id property [regisrob] + - add max and min to region shrink [rgluskin] + - allow \ as an escape character in vips_break_token() [akemrir] + - tiffsave has a "depth" param to set max pyr depth + - libtiff LOGLUV images load and save as libvips XYZ + - add gifload_source, csvload_source, csvsave_target, matrixload_source, + matrixsave_source, pdfload_source, heifload_source, heifsave_target, + ppmload_source, ppmsave_target + - revise vipsthumbnail flags + - add VIPS_LEAK env var + - add vips_pipe_read_limit_set(), --vips-pipe-read-limit, + VIPS_PIPE_READ_LIMIT + - revise gifload to fix BACKGROUND and PREVIOUS dispose [alon-ne] + - add subsample_mode, deprecate no_subsample in jpegsave [Elad-Laufer] + - add vips_isdirf() + - add PAGENUMBER support to tiff write [jclavoie-jive] + - add "all" mode to smartcrop + - flood fill could stop half-way for some very complex shapes + - better handling of unaligned reads in multipage tiffs [petoor] + - mark old --delete option to vipsthumbnail as deprecated [UweOhse] + - png save with a bad ICC profile just gives a warning + - add "premultipled" option to vips_affine(), clarified vips_resize() + behaviour with alpha channels + - improve bioformats support with read and write of tiff subifd pyramids + - thumbnail exploits subifd pyramids + - handle all EXIF orientation cases, deprecate + vips_autorot_get_angle() [Elad-Laufer] + - load PNGs with libspng, if possible + - deprecate heifload autorotate -- it's now always on + - revised resize improves accuracy [kleisauke] + - add --vips-config flag to show configuration info + - add "bitdepth" param to tiff save, deprecate "squash" [MathemanFlo] + - tiff load and save now supports 2 and 4 bit data [MathemanFlo] + - pngsave @bitdepth parameter lets you write 1, 2 and 4 bit PNGs + - ppmsave also uses "bitdepth" now, for consistency + - reduce operation cache max to 100 + - rework the final bits of vips7 for vips8 [kleisauke] + - --disable-deprecated now works [kleisauke] + - vipsheader allows "stdin" as a filename + - gifload allows gifs with images outside the canvas + - wasm compatibility patches [kleisauke] + - webpsave has a @profile param + +- Update to version 8.9.2 + * Too many changes to list, see ChangeLog +- Dropped python subpackage (bindings now supplied separately) +- Added vips-8.9.2-implicit-fortify-decl.patch +- Spec cleanup +