Packages changed: Mesa (13.0.2 -> 13.0.3) ModemManager acpica (20160422 -> 20161117) apache2-mod_perl (2.0.9 -> 2.0.10) ark autoyast2 (3.2.5 -> 3.2.6) cairo (1.15.2 -> 1.15.4) dar (2.4.20 -> 2.5.8) device-mapper (1.02.134 -> 1.02.137) epiphany (3.22.3 -> 3.22.4) gdk-pixbuf (2.36.1 -> 2.36.3) glib2 gnome-photos (3.22.2 -> 3.22.3) gnome-shell gpg2 gstreamer-rtsp-server gtk3 (3.22.5 -> 3.22.6) gtksourceviewmm (3.21.2 -> 3.21.3) harfbuzz (1.3.4 -> 1.4.1) iputils irssi (0.8.20 -> 1.0.0) iw (4.7 -> 4.9) javacc krusader libgphoto2 (2.5.11 -> 2.5.12) libgweather (3.20.3 -> 3.20.4) libpng12 (1.2.56 -> 1.2.57) libpng16 (1.6.26 -> 1.6.28) lvm2 (2.02.165 -> 2.02.168) openvpn (2.3.11 -> 2.3.13) pciutils-ids (20161121 -> 20170101) perl-Moose (2.1806 -> 2.1807) plasma5-integration polari python3-gst ruby2.2 (2.2.5 -> 2.2.6) sqlite3 (3.15.1 -> 3.16.2) swig (3.0.10 -> 3.0.11) tomcat (8.0.36 -> 8.0.39) vim (8.0.130 -> 8.0.147) wine (2.0~rc2 -> 2.0~rc4) wireshark yast2 (3.2.9 -> 3.2.11) yast2-bootloader (3.2.12 -> 3.2.13) yast2-core (3.2.0 -> 3.2.2) yast2-installation (3.2.12 -> 3.2.13) yast2-ntp-client (3.2.3 -> 3.2.4) yast2-perl-bindings (3.1.2 -> 3.2.0) yast2-ruby-bindings (3.2.2 -> 3.2.4) yast2-snapper (3.1.11 -> 3.2.0) yast2-storage (3.2.1 -> 3.2.2) yast2-update (3.1.43 -> 3.2.0) === Details === ==== Mesa ==== Version update (13.0.2 -> 13.0.3) Subpackages: Mesa-dri-devel Mesa-dri-nouveau Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGLESv2-2 Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa9 libOSMesa9-32bit libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libwayland-egl1 libxatracker2 - update to 13.0.3 + dropped U_cso-don-t-release-sampler-states-that-are-bound.patch * fdo#77662 Fail to render to different faces of depth-stencil cube map * fdo#92234 [BDW] GPU hang in Shogun2 * fdo#98329 dEQP-EGL.functional.image.render_multiple_contexts.gles2_renderbuffer_depth16_depth_buffer * fdo#99038 dEQP-EGL.functional.negative_api.create_pixmap_surface crashes * many radeonsi and i965 bugfixes ==== ModemManager ==== Subpackages: ModemManager-bash-completion ModemManager-devel libmm-glib0 typelib-1_0-ModemManager-1_0 - Recommend libmbim (boo#1017734) ==== acpica ==== Version update (20160422 -> 20161117) - Update to version 20161117 - __DATE__ __TIME__ macros added again mainline, revert them to avoid constant build service rebuilding * Add revert_62ca7996_build_date_and_time.patch * Add revert_cdd3c612d4230bbb_build_date_and_time.patch ==== apache2-mod_perl ==== Version update (2.0.9 -> 2.0.10) - update to 2.0.10: * Automatically select the appropriate c89 option when modperl is being built with either gcc 5 or clang * Fix non-threaded Perl 5.22.x build and tests * Add support for Perl 5.22.x drop upstreamed mod_perl-add_support_for_perl_5.22.patch ==== ark ==== Subpackages: libkerfuffle16 - Add patch to avoid running executable scripts when clicking on them: * 0001-Stop-running-executables-when-opening-urls.patch (kde#374572, boo#1018648) ==== autoyast2 ==== Version update (3.2.5 -> 3.2.6) Subpackages: autoyast2-installation - Fixed tests to pass with the latest yast2-core and yast2-ruby-bindings packages (related to the bsc#932331 fix) - 3.2.6 ==== cairo ==== Version update (1.15.2 -> 1.15.4) Subpackages: cairo-devel libcairo-gobject2 libcairo-script-interpreter2 libcairo2 libcairo2-32bit - Update to version 1.15.4: + The PDF backend has gained support for a range of widely used features, including thumbnails, page labels, metadata, document outlines, structured text, hyperlinks, and tags. Tags permit adding logical info such as headings, tables, figures, etc. that facilitates indexing, accessibility, text reflow, searching, and extraction of the tagged items to other software. + API Changes: - Added a cairo API to set up Win32 surfaces for HDC with alpha channels. - New API for added PDF functionality (see above), and new error status item for problems relating to PDF tagging. - New error status items for handling of GDI, libfreetype, and libpng errors, respectively. + Fix playback of recording surfaces into PDF surfaces, where objects with negative coordinates were not getting drawn. To address this, the coordinate systems for PDF and PS have been changed to match cairo's coordinate system. This allows recording surfaces to be emitted in cairo coordinates, and results in the same origin being used for all operations when using the recording surface XObject. Test cases for PDF and PS have also been updated accordingly (fdo#89232). + Fix "invalidfont" error on some printers when printing PDFs with embedded fonts that have glyphs (such as spaces) with num_contours == 0 (fdo#79897). + Fix missing glyphs such as thin dashes, which get scaled to 0 in userspace and thus have their drawing operations culled (fdo#94615). + Fix other oddities caused by variously idiosyncratic fonts. + Fix deadlock when destruction of a scaled font indirectly triggers destruction of a second scaled font, causing the global cache to be locked twice (fdo#93891). + Fix X errors reported to applications when shmdt() is called before the Attach request is processed, due to missing xcb and xlib calls. + Fix random failure in record-paint-alpha-clip-mast test case, caused by an incorrect assumption that a deferred clear can be skipped (fdo#84330). + Fix crash when dealing with an XShmGetImage() failure, caused by a double free in _get_image_surface() (fdo#91967). + Fix invalid execution of ASCII85 data by the PS interpreter that the image operator didn't use, by flushing the extraneous data after drawing the image (fdo#84811). + Fix decoding of Adobe Photoshop's inverted CMYK JPEG files in PDF export. + Fix unbounded surface assertion in win32-print code. + Fix a data race in freed_pool discovered by Firefox's cairo usage. The patch adads atomic int load and store functions, with relaxed memory ordering (fdo#90318). + Cleanup debugging text sent to stdout instead of log (fdo#95227). + Fix build issue when using non-GNU strings utility (fdo#88639). + Fix build of cairo modules as regular modules, not as versioned shared libaries (fdo#29319). + Fix build on win32 using gcc 5.4. + Fix build of script backend to require zlib. + Update test suite reference images using Debian Jessie 64-bit and poppler current as of June, 2016. + Various improvements to documentation and tests, compiler warning fixes, and an assortment of code refactoring and cleanup. - Drop cairo-modules-no-version.patch, cairo-bsc958844-deadlock-on-scaled-font-cache-reset.patch and cairo-xlib-double-free.patch: Fixed upstream. - Drop libtool BuildRequires and stop passing autoreconf, we no longer have any patches touching the buildsystem. ==== dar ==== Version update (2.4.20 -> 2.5.8) Subpackages: dar-lang libdar5000 - Update to version 2.5.8: * support for lzma compression * improved backwards api compatibility * For extensive list of changes from 2.4.20 to 2.5.8 see provided CHANGES file - Packaging cleanups and dependencies update ==== device-mapper ==== Version update (1.02.134 -> 1.02.137) Subpackages: libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit - Version update to 2.02.168 release, see WHATS_NEW and WHATS_NEW_DM files for detailed changelogs * Refresh patch cluster_support_mirrord_log.diff - fix bsc#1015357 about blkid_wiping printed warning. * Add dependency on pkgconfig(blkid) ==== epiphany ==== Version update (3.22.3 -> 3.22.4) Subpackages: epiphany-lang gnome-shell-search-provider-epiphany - Update to version 3.22.4: + Fix Alt-Left/Right keyboard shortcuts (bgo#772437). + Fix crash right-clicking address bar in certain locales (bgo#772994). + Fix new overview item on deletion of previous item (bgo#775604, bgo#775612). + Fix adblocker sometimes not blocking ads in new tabs (bgo#775736). + Do not show the lock icon in the address bar for about:blank pages. ==== gdk-pixbuf ==== Version update (2.36.1 -> 2.36.3) Subpackages: gdk-pixbuf-devel gdk-pixbuf-query-loaders gdk-pixbuf-query-loaders-32bit libgdk_pixbuf-2_0-0 libgdk_pixbuf-2_0-0-32bit typelib-1_0-GdkPixbuf-2_0 - Update to version 2.36.3: + gif, ico: Fix area-updated coordinates (bgo#581484). + tga: Improve error handling (bgo#575217). + jasper: Improve error handling (bgo#685543). + Test suite improvements (bgo#696331). + Minor documentation fixes (bgo#776457). + Updated translations. - Update to version 2.36.2: + Fix a NULL pointer dereference (bgo#776026). + Fix a memory leak (bgo#776020). + Support bmp headers with bitmask (bgo#766890). + Add tests for scaling (bgo#80925). + Handle compressed pixdata in resources (bgo#776105). + Avoid a buffer overrun in the qtif loader (bgo#775648). + Fix a crash in the bmp loader (bgo#775242). + Fix crash opening pnm images with large dimensions (bgo#775232). + Prevent buffer overflow in the pixdata loader (bgo#775693). + Updated translations. ==== glib2 ==== Subpackages: glib2-devel glib2-tools libgio-2_0-0 libgio-2_0-0-32bit libglib-2_0-0 libglib-2_0-0-32bit libgmodule-2_0-0 libgmodule-2_0-0-32bit libgobject-2_0-0 libgobject-2_0-0-32bit libgthread-2_0-0 libgthread-2_0-0-32bit - Add glib2-Add-missing-check-for-termios_h.patch: Add missing check for termios.h. Check for termios.h is missing and passwords in the new gio tool are echoed in the terminal consequently, which is really bad! (bgo#775517). - Add glib2-fix-notify-id-FDO-notification-backend.patch: Fixed notify id in FDO notification backend (bgo#775765). ==== gnome-photos ==== Version update (3.22.2 -> 3.22.3) Subpackages: gnome-shell-search-provider-gnome-photos - Update to version 3.22.3: + Bugs fixed: bgo#774253, bgo#775153, bgo#776133. + Updated translations. ==== gnome-shell ==== Subpackages: gnome-shell-browser-plugin gnome-shell-calendar - Added gnome-shell-bgo774805-guard-against-animations-that-dont-load.patch for bgo#774805 - make the authentication dialog work even if some animations cannot be loaded. ==== gpg2 ==== - Remove the fixme, condition around fdupes - add runtime dependency to match runtime version check for libksba ==== gstreamer-rtsp-server ==== - Summary updates. ==== gtk3 ==== Version update (3.22.5 -> 3.22.6) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Add gtk3-wayland-handle-subsurface-popup-parent.patch: Handle subsurface as popup parent (bgo#776225). - Update to version 3.22.6: + Fix GL checks to work better on OpenGL ES 2.0. + Avoid a possible crash in ::activate-url handlers. + scrolledwindow: Fix func summary being cut off in bindings using doxygen. + Bugs fixed: bgo#774534, bgo#776132, bgo#776187, bgo#776012, bgo#774784, bgo#776306, bgo#775808, bgo#776524, bgo#776560. + Updated translations. ==== gtksourceviewmm ==== Version update (3.21.2 -> 3.21.3) - Update to version 3.21.3: + Add SearchContext ad SearchSettings. + Add StyleSchemeChooser, StyleSchemeChooserWidget and StyleSchemeChooserButton. + Buffer: Add implicit-trailing-newline property. + CompletionWords: Add activation property. + Language: Add get_style_fallback(). + Style: Add style and scale-set properties. + View: Add get/set_background-pattern(). ==== harfbuzz ==== Version update (1.3.4 -> 1.4.1) Subpackages: harfbuzz-devel libharfbuzz-icu0 libharfbuzz0 libharfbuzz0-32bit - Update to version 1.4.1: + Always build and use UCDN for Unicode data by default. Reduces dependence on version of Unicode data in glib. - Changes from version 1.4.0: + Merged "OpenType GX" branch which adds core of support for OpenType 1.8 Font Variations. + New API: - hb_font_set_var_coords_normalized(). - HB_OT_LAYOUT_NO_VARIATIONS_INDEX. - hb_ot_layout_table_find_feature_variations(). - hb_ot_layout_feature_with_variations_get_lookups(). - hb_shape_plan_create2(). - hb_shape_plan_create_cached2(). + Currently variations in GSUB/GPOS/GDEF are fully supported, and no other tables are supported. In particular, fvar/avar are NOT supported, hence the hb_font_set_var_coords_normalized() taking normalized coordinates. API to take design coordinates will be added in the future. + HVAR/VVAR/MVAR support will also be added to hb-ot-font in the future. + Fix regression in GDEF glyph class processing. + Add decompositions for Chakma, Limbu, and Balinese in USE shaper. + Misc fixes. ==== iputils ==== - Add ping6 symlink (boo#1017616) ==== irssi ==== Version update (0.8.20 -> 1.0.0) - Update to version 1.0.0 * irssiproxy can now forward all tags through a single port. * The kill buffer now remembers consecutive kills. New bindings were added: yank_next_cutbuffer and append_next_kill. * autolog_ignore_targets and activity_hide_targets learn a new syntax tag/* and * to ignore whole networks or everything. * hilight got a -matchcase flag to hilight case sensitively. * Display TLS connection information upon connect. You can disable this by setting tls_verbose_connect to FALSE * Certificate pinning for TLS certificates * /names and $[?] now uses utf8 string operations. * New setting completion_nicks_match_case * /channel /server /network now support modify subcommand. * New option sasl_disconnect_on_failure to disconnect when SASL log-in failed. - Drop not applied irssi-0.8.15_ssl_proxy.patch - Run through spec-cleaner, remove support for old openSUSE/SUSE releases. - irssi 0.8.21 fixes four vulnerabilities that could result in denial of service (remote crash) when connecting to malicious servers or receiving specially crafted data [boo#1018357]: * CVE-2017-5193: NULL pointer dereference in the nickcmp function * CVE-2017-5194: out of bounds read in certain incomplete control codes * CVE-2017-5195: out of bounds read in certain incomplete character sequences * CVE-2017-5196: Correct an error when receiving invalid nick message - drop irssi-0.8.20-buf.pl.patch, upstream ==== iw ==== Version update (4.7 -> 4.9) - Update to version 4.9 * Support all new kernel features of kernel 4.9 ==== javacc ==== - Do not use gcj as it is getting deprecated ==== krusader ==== Subpackages: kio_iso - Add Handle-arrow-key-press-in-brief-view.patch to fix the behavior when pressing the left/right cursor keys in brief view (boo#1017533, kde#374238) - Add add-service-actions-to-right-click-popup-menu.patch to add KDE's service actions to the right click popup menu in krusader again (boo#1016980, kde#372231) ==== libgphoto2 ==== Version update (2.5.11 -> 2.5.12) Subpackages: libgphoto2-6 libgphoto2-6-32bit libgphoto2-devel - updated to 2.5.12 release ptp2: * Canon EOS: more fixes for Canon EOS 5D Mark IV and Canon EOS 80D. * Parrot Sequoia support and property decoding * Nikon 1: Fixed Nikon 1 capture * Sony Alpha: various bugfixes. * New USB IDs: * Nikon Coolpix AW130 * Nikon DSC D3400 * Parrot Sequoia * GoPro Hero, Hero4 Silver, Hero + * bugfixes and cleanups canon: * fixed zoom on some older Canon Powershots translations: * updated polish, ukrainian, vietnamese, danish, french, svensk ==== libgweather ==== Version update (3.20.3 -> 3.20.4) Subpackages: libgweather-3-6 libgweather-data typelib-1_0-GWeather-3_0 - Update to version 3.20.4: + Updated translations. ==== libpng12 ==== Version update (1.2.56 -> 1.2.57) Subpackages: libpng12-0 libpng12-0-32bit libpng12-devel - updated to 1.2.57: fixes CVE-2016-10087 ==== libpng16 ==== Version update (1.6.26 -> 1.6.28) Subpackages: libpng16-16 libpng16-16-32bit libpng16-compat-devel libpng16-devel - update to 1.6.28: fix build issues - update to 1.6.27: fixes CVE-2016-10087 ==== lvm2 ==== Version update (2.02.165 -> 2.02.168) Subpackages: liblvm2app2_2 liblvm2cmd2_02 - Version update to 2.02.168 release, see WHATS_NEW and WHATS_NEW_DM files for detailed changelogs * Refresh patch cluster_support_mirrord_log.diff - fix bsc#1015357 about blkid_wiping printed warning. * Add dependency on pkgconfig(blkid) ==== openvpn ==== Version update (2.3.11 -> 2.3.13) - update to 2.3.13 - removed obsolete patch files openvpn-2.3.0-man-dot.diff and openvpn-fips140-AES-cipher-in-config-template.patch 2016.11.02 -- Version 2.3.13 Arne Schwabe (2): * Use AES ciphers in our sample configuration files and add a few modern 2.4 examples * Incorporate the Debian typo fixes where appropriate and make show_opt default message clearer David Sommerseth (4): * t_client.sh: Make OpenVPN write PID file to avoid various sudo issues * t_client.sh: Add support for Kerberos/ksu * t_client.sh: Improve detection if the OpenVPN process did start during tests * t_client.sh: Add prepare/cleanup possibilties for each test case Gert Doering (5): * Do not abort t_client run if OpenVPN instance does not start. * Fix t_client runs on OpenSolaris * make t_client robust against sudoers misconfiguration * add POSTINIT_CMD_suf to t_client.sh and sample config * Fix --multihome for IPv6 on 64bit BSD systems. Ilya Shipitsin (1): * skip t_lpback.sh and t_cltsrv.sh if openvpn configured --disable-crypto Lev Stipakov (2): * Exclude peer-id from pulled options digest * Fix compilation in pedantic mode Samuli Seppänen (1): * Automatically cache expected IPs for t_client.sh on the first run Steffan Karger (6): * Fix unittests for out-of-source builds * Make gnu89 support explicit * cleanup: remove code duplication in msg_test() * Update cipher-related man page text * Limit --reneg-bytes to 64MB when using small block ciphers * Add a revoked cert to the sample keys 2016.08.23 -- Version 2.3.12 Arne Schwabe (2): * Complete push-peer-info documentation and allow IV_PLAT_VER for other platforms than Windows if the client UI supplies it. * Move ASSERT so external-key with OpenSSL works again David Sommerseth (3): * Only build and run cmocka unit tests if its submodule is initialized * Another fix related to unit test framework * Remove NOP function and callers Dorian Harmans (1): * Add CHACHA20-POLY1305 ciphersuite IANA name translations. Ivo Manca (1): * Plug memory leak in mbedTLS backend Jeffrey Cutter (1): * Update contrib/pull-resolv-conf/client.up for no DOMAIN Jens Neuhalfen (2): * Add unit testing support via cmocka * Add a test for auth-pam searchandreplace Josh Cepek (1): * Push an IPv6 CIDR mask used by the server, not the pool's size Leon Klingele (1): * Add link to bug tracker Samuli Seppänen (2): * Update CONTRIBUTING.rst to allow GitHub PRs for code review purposes * Clarify the fact that build instructions in README are for release tarballs Selva Nair (4): * Make error non-fatal while deleting address using netsh * Make block-outside-dns work with persist-tun * Ignore SIGUSR1/SIGHUP during exit notification * Promptly close the netcmd_semaphore handle after use Steffan Karger (4): * Fix polarssl / mbedtls builds * Don't limit max incoming message size based on c2->frame * Fix '--cipher none --cipher' crash * Discourage using 64-bit block ciphers ==== pciutils-ids ==== Version update (20161121 -> 20170101) - Update to 20170101 - Update to 20161225 ==== perl-Moose ==== Version update (2.1806 -> 2.1807) - updated to 2.1807 see /usr/share/doc/packages/perl-Moose/Changes 2.1807 2016-12-22 [BUG FIXES] - The definition context (package, file, & line) for attributes on Class::MOP and Moose metaclasses was wrong in all cases. - Slight tweaks to the syntax used for hashes in a few tests, that were broken by a recent Test::More release that started using a new namespace that clashes with a (bareword) type name in these tests. (PR#141, D.Maestro) ==== plasma5-integration ==== - Add patch to fix regression in 5.8.5 (Save dialog appears as Open dialog) * 0001-Fix-regression-in-which-the-Save-dialog-appears-as-a.patch ==== polari ==== Subpackages: typelib-1_0-Polari-1_0 - Add polari-allow-run-in-background.patch: Allow app to run in background (bgo#770750). - Following the above add libtool BuildRequires and pass autoreconf as patch touches buildsystem. ==== python3-gst ==== - Add gobject-introspection BuildRequires: needed in order to get automatic typelib() Requires added to the package. ==== ruby2.2 ==== Version update (2.2.5 -> 2.2.6) Subpackages: libruby2_2-2_2 ruby2.2-devel ruby2.2-stdlib - update to 2.2.6 This release includes new SSL certificates for RubyGems. And, this also includes about 80 bug fixes after the previous release. See the ChangeLog for details. - ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): fix parsing protocol list. The protocol list from OpenSSL is not null-terminated. patched by Kazuki Yamaguchi [Bug #11810] [ruby-core:72082] - ext/-test/file/fs.c (get_atime_p): Updating of file access times is enabled or not. - test/ruby/test_file.rb (TestFile#test_stat): fix noatime case. [ruby-core:77943] [Bug #12903] - test/rinda/test_rinda.rb (test_make_socket_ipv6_multicast, test_make_socket_ipv6_multicast_hops): skip if IPv6 multicast address is not available. - lib/net/http.rb (transport_request): other than HTTPContinue in 1xx (HTTPInformation) also needs to continue. [Bug #12890] - proc.c (mnew_internal): follow the original class, not to loop the prepended module. [ruby-core:77591] [Bug #12832] - cont.c (cont_new): disable optimization if clang's version is 3.8.0. [ruby-core:77894] [Bug #12893] - sprintf.c (rb_str_format): format exact number more exactly. - ext/openssl/ossl.c (Init_openssl): register an ex_data index for X509_STORE and X509_STORE_CTX respectively. Since they don't share the ex_data index registry, we can't use the same index. (ossl_verify_cb): use the the correct index. - ext/openssl/ossl_ssl.c (ossl_ssl_verify_callback): ditto. - ext/openssl/ossl_x509store.c (ossl_x509store_set_vfy_cb): ditto. (ossl_x509stctx_verify): ditto. - ext/openssl/ossl.h (void ossl_clear_error): add extern declarations of ossl_store_{ctx_,}ex_verify_cb_idx. - ext/openssl/openssl_missing.c: remove X509_STORE_set_ex_data and X509_STORE_get_ex_data. - ext/openssl/openssl_missing.h: implement X509_STORE_get_ex_data, X509_STORE_set_ex_data and X509_STORE_get_ex_new_index as macros. - thread.c (rb_thread_pending_interrupt_p): no pending interrupt before initialization. - thread.c (thread_raise_m, rb_thread_kill): uninitialized thread cannot interrupt. [ruby-core:72732] [Bug #11959] - eval_intern.h (TH_PUSH_TAG): Initialize struct rb_vm_tag::tag with Qundef rather than 0 which is equal to Qfalse. Since Kernel#throw(obj) searches a tag with rb_vm_tag::tag == obj, throw(false) can accidentally find an unrelated tag which is not created by Kernel#catch. [ruby-core:77229] [Bug #12743] - test/ruby/test_exception.rb (test_throw_false): Add a test case for this. - lib/logger.rb (Logger::Period#next_rotate_time): fix monthly log rotate when DST is applied during a month of 31 days. [Fix GH-1458] - object.c: Improve documentation for Float conversion. [ruby-core:71661][Bug #11736][ci skip] - lib/rubygems/ssl_certs/GlobalSignRootCA.pem: add for RubyGems.org. - variable.c (rb_const_search): raise with the actual class/module name which defines the private constant. - vm_dump.c (backtrace): use rip in the saved context for the case the SIGSEGV is received when the process is in userland. Note that ip in the stack should be used if the signal is received when it is in kernel (when it is calling syscall) [Bug [#12711]] - lib/uri/generic.rb (def check_password): don't include bad password in URI exception output - test/uri/test_generic.rb (def test_set_component): test for behavior - io.c (nogvl_fsync, nogvl_fdatasync): on Windows, just ignore if the fd is associated to non-disk device. if call fsync and/or fdatasync with such fds, it causes Errno::EBADF exception and the behavior is incompatible with ruby 2.1 and earlier unintentionally introduced. - array.c (flatten): use rb_obj_class instead of rb_class_of because rb_class_of may return a singleton class. [ruby-dev:49781] [Bug #12738] - man/irb.1: remove useless -width option. [ruby-dev:49767] [Bug [#12692]] - ext/win32ole/win32ole.c (Init_win32ole): should not use atexit to free allocated hash table to avoid error on Cygwin. - test/fiddle/test_pointer.rb (test_to_str, test_to_s, test_aref_aset): Attempt to use independent strings for destructive tests that directly modify values on memory by using Fiddle::Pointer. [Bug #12537] [ruby-dev:49700] - string.c (str_buf_cat): Fix capa size for embed string. Fix bug in r55547. [Bug #12536] - string.c (rb_str_change_terminator_length): New function to change termlen and resize heap for the terminator. This is split from rb_str_fill_terminator (str_fill_term) because filling terminator and changing terminator length are different things. [Bug #12536] - internal.h: declaration for rb_str_change_terminator_length. - string.c (str_fill_term): Simplify only to zero-fill the terminator. For non-shared strings, it assumes that (capa + termlen) bytes of heap is allocated. This partially reverts r55557. - encoding.c (rb_enc_associate_index): rb_str_change_terminator_length is used, and it should be called whenever the termlen is changed. - string.c (str_capacity): New static function to return capacity of a string with the given termlen, because the termlen may sometimes be different from TERM_LEN(str) especially during changing termlen or filling terminator with specific termlen. - string.c (rb_str_capacity): Use str_capacity. - string.c: Partially reverts r55547 and r55555. ChangeLog about the reverted changes are also deleted in this file. [Bug [#12536]] [ruby-dev:49699] [ruby-dev:49702] - string.c (str_fill_term): When termlen increases, re-allocation of memory for termlen should always be needed. In this fix, if possible, decrease capa instead of realloc. [Bug #12536] [ruby-dev:49699] - string.c: Specify termlen as far as possible. Additional fix for [Bug #12536] [ruby-dev:49699]. - string.c (str_new_static): Specify termlen from the given encoding when creating a new String object is needed. - string.c (rb_tainted_str_new_with_enc): New function to create a tainted String object with the given encoding. This means that the termlen is correctly specified. Currently static function. The function name might be renamed to rb_tainted_enc_str_new or rb_enc_tainted_str_new. - string.c (rb_external_str_new_with_enc): Use encoding by using the above rb_tainted_str_new_with_enc(). - string.c (rb_str_subseq, str_substr): When RSTRING_EMBED_LEN_MAX is used, TERM_LEN(str) should be considered with it because embedded strings are also processed by TERM_FILL. Additional fix for [Bug #12536] [ruby-dev:49699]. - string.c: Fix memory corruptions when using UTF-16/32 strings. [Bug #12536] [ruby-dev:49699] - string.c (rb_str_new_with_class): Use TERM_LEN of the "obj". - string.c (rb_str_plus, rb_str_justify): Use str_new0 which is aware of termlen. - string.c (str_shared_replace): Copy +termlen bytes instead of +1. - string.c (rb_str_times): termlen should not be included in capa. - string.c (RESIZE_CAPA_TERM): When using RSTRING_EMBED_LEN_MAX, termlen should be counted with it because embedded strings are also processed by TERM_FILL. - string.c (rb_str_capacity, str_shared_replace, str_buf_cat): ditto. - string.c (rb_str_drop_bytes, rb_str_setbyte, str_byte_substr): ditto. - ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior - test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660] - compile.c (ADD_TRACE): ignore trace instruction on non-positive line. - parse.y (coverage): get rid of ArgumentError when the starting line number is not positive. [ruby-core:76141] [Bug #12517] - test/coverage/test_coverage.rb: ignored test when enabled to coverage. It lead to crash with `make test-all`. - lib/uri/mailto.rb (initialize): RFC3986_Parser#split sets opaque only if the URI has path-rootless, not path-empty. [ruby-core:76055] [Bug #12498] patched by Chris Heisterkamp - ext/date/date_strftime.c (date_strftime_with_tmx): reject too large precision to get rid of buffer overflow. reported by Guido Vranken . - regcomp.c (noname_disable_map): don't optimize out group 0 Ruby's Regexp doesn't allow normal numbered groups if the regexp has named groups. On such case it optimizes out related NT_ENCLOSE. But even on the case it can use \g<0>. This fix not to remove NT_ENCLOSE whose regnum is 0. [ruby-core:75828] [Bug #12454] - missing/crypt.c: fix size macros to use configured values for platforms long is larger than 32bit. [ruby-core:75792] [Bug [#12446]] - ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from GetBNPtr(). This doesn't raise exception but returns NULL on error. (GetBNPtr): Raise TypeError if conversion fails. (ossl_bn_eq): Implement BN#==. (ossl_bn_eql): #eql? should not raise TypeError even if the argument is not compatible with BN. (ossl_bn_hash): Implement BN#hash. - ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash. - test/openssl/test_bn.rb: Test BN#eql?, #== and #hash - transcode.c (str_transcode0): scrub in the given encoding when the source encoding is given, not in the encoding of the receiver. [ruby-core:75732] [Bug #12431] - ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH has 'p' (the prime) before calling DH_size(). We can create a DH with no parameter but DH_size() does not check and dereferences NULL. [ruby-core:75720] [Bug #12428] - ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does not check dsa->q. - ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt, ossl_rsa_public_decrypt, ossl_rsa_private_encrypt, ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n. - transcode.c (enc_arg, str_transcode_enc_args, econv_args): remove volatile, and add GC guards in callers. [ruby-core:75664] [Bug #12411] - common.mk (build-ext), ext/extmk.rb: use variable EXTENCS different than ENCOBJS, to get rid of circular dependency. build libencs when linking encodings statically. [ruby-core:75618] [Bug #12401] - variable.c (rb_local_constants_i): exclude private constants when excluding inherited constants too. [Bug #12345] - lib/drb/timeridconv.rb: don't use keeper thread. [Bug #12342] - test/drb/ut_timerholder.rb: ditto. - ext/json/lib/*.rb: Removed some comments. Because these are unnecessary class description. [ci skip][Bug [#12255]][ruby-core:74835] - pack.c (pack_pack): use union instead of bare variable to ease optimizations and avoid assigning x87 floating point number. [ruby-core:74496] [Bug #12209] - pack.c (pack_unpack): ditto. - ext/socket/option.c, ext/socket/rubysocket.h (inet_ntop): share the fallback definition. [ruby-core:76646] [Bug #12645] - vm.c (vm_set_main_stack): remove unnecessary check. toplevel binding must be initialized. [Bug #12611] (N1) - string.c (rb_str_split_m): simplify the condition. [Bug [#12611]](N4) - thread.c (rb_wait_for_single_fd): Clean up fds.revents every time before calling ppoll(2). [Bug #12575] [ruby-dev:49725] - lib/webrick/httpservlet/cgihandler.rb (do_GET): delete HTTP_PROXY - test/webrick/test_cgi.rb (test_cgi_env): new test - test/webrick/webrick.cgi (do_GET): new endpoint to dump env [ruby-core:76511] [Bug #12610] - lib/rexml/attribute.rb (REXML::Attribute#to_string): Fix wrong entry reference name of double quote. [Bug [#12609]][ruby-core:76509] Patch by Joseph Marrero. Thanks!!! - gc.c (gc_mark_roots): should mark the VM object itself to mark singleton class of the VM object. Before this patch, we only set mark bit for the VM object and invoke mark function separately. [Bug #12583] - test/ruby/test_gc.rb: add a test. - lib/rubygems/package.rb: Fixed potential perms issue unpacking of gems on NFS. [Backport #12579] - lib/rubygems.rb: bump version. - vm_args.c (setup_parameters_complex): don't raise ArgumentError if an array is given for instance_exec with optional argument. [ruby-core:76300] [Bug #12568] https://github.com/rails/rails/pull/25699 - lib/net/http/generic_rquest.rb (write_header): A Request-Line must not contain CR or LF. - lib/net/ftp.rb (putline): raise an ArgumentError when CR or LF is included in a line. - string.c (tr_trans): consider terminator length and fix heap overflow. reported by Guido Vranken . - tool/fake.rb: don't fake libdir. use libdirname instead. - bignum.c (Init_Bignum): revert a part of previous commit (r55598), because the implementation of Object#hash is a little difference from trunk. cf. [Backport #12391] - bignum.c (rb_big_hash): make it public function to be available in other source files, and remove documentation comment for Bignum#hash. - bignum.c (Bignum#hash): remove its definition because it is unified with Object#hash. - include/ruby/intern.h (rb_big_hash): add a prototype declaration. - hash.c (any_hash): treat Bignum values directly. - lib/optparse.rb (OptionParser::Completion.candidate): get rid of nil as key names. [ruby-core:75773] [Bug #12438] - lib/optparse.rb (OptionParser#make_switch): char class option cannot be NoArgument, default to RequiredArgument. - re.c (unescape_nonascii): scan hex up to only 3 characters. [Bug #12420] [Bug #12423] - regparse.c (fetch_token_in_cc): raise error if given octal escaped character is too big. [Bug #12420] [Bug #12423] - process.c (rb_exec_getargs): honor the expected argument types over the conversion method. the basic language functionality should be robust. [ruby-core:75388] [Bug #12355] - parse.y (new_if_gen): set newline flag to NODE_IF to trace all if/elsif statements. [ruby-core:67720] [Bug #10763] - ext/date/date_core.c (Init_date_core): [DOC] Convert DateTime documentation to RDoc from Markdown. [ruby-core:75136] [Bug [#12311]] - variable.c (rb_local_constants_i): exclude hidden constants. [ruby-core:75575] [Bug #12389] - regcomp.c (compile_length_tree): return error code immediately if compile_length_tree raised error [Bug #12418] - include/ruby/missing.h (isfinite): move from numeric.c. - ext/bigdecimal/bigdecimal.c (isfinite): get rid of a warning on cygwin. [Bug #12417][ruby-core:75691] - ext/bigdecimal/bigdecimal.c (isfinite): isfinite does not always exist. fixed build error on Windows introduced at r55123. - ext/bigdecimal/bigdecimal.c (GetVpValueWithPrec): consider non-finite float values not to raise FloatDomainError. [ruby-core:75682] [Bug #12414] - thread.c (recursive_list_access): a object id may be a Bignum. so, the list must be a objhash, instead of a identhash. this fixes many test errors on mswin64 CI. - string.c (rb_str_modify_expand): check integer overflow. [ruby-core:75592] [Bug #12390] - insns.def (defineclass): Also raise an error when redeclaring the superclass of a class as Object and it has another superclass. [Bug #12367] [ruby-core:75446] - test/ruby/test_class.rb: test for above. - bignum.c: [DOC] Update result of 123456789 ** -2. [ruby-dev:49606] [Bug #12339] - internal.h (RCOMPLEX_SET_IMAG): undef RCOMPLEX_SET_IMAG instead of duplicated undef RCOMPLEX_SET_REAL. - complex.c (rb_complex_set_imag): Fix to properly set imag of complex. - win32/win32.c, include/ruby/win32.h (rb_w32_utruncate): implements new truncate alternative which accepts UTF-8 path. - file.c (truncate): use above function. [Bug #12340] - test/ruby/test_time_tz.rb: Tests depends on Europe/Moscow removed to avoid test failures due to the tzdata change. https://github.com/eggert/tz/commit/8ee11a301cf173afb0c76e0315b9f9ec8ebb9d95 Found by naruse. - compile.c (new_label_body): missed backporting r54548 in r54698. this fixes randomly test failure introduced by r54698. cf. [Bug #12082] ==== sqlite3 ==== Version update (3.15.1 -> 3.16.2) Subpackages: libsqlite3-0 libsqlite3-0-32bit sqlite3-devel sqlite3-doc - Update to version 3.16.2: * Fix the REPLACE statement for WITHOUT ROWID tables that lack secondary indexes so that it works correctly with triggers and foreign keys. * Fix the sqlite3_value_text() interface so that it correctly translates content generated by zeroblob() into a string of all 0x00 characters. * Fix the bytecode generator to deal with a subquery in the FROM clause that is itself a UNION ALL where one side of the UNION ALL is a view that contains an ORDER BY. * Adjust the sqlite3_column_count() API so it more often returns the same values for PRAGMA statements as it did in prior releases, to minimize disruption to applications that might be using that interface in unexpected ways. - Update to version 3.16.1 * Fix a bug concerning the use of row values within triggers (see ticket 8c9458e7) that was in version 3.15.0. - Update to version 3.16.0: * Uses 9% fewer CPU cycles. (See the CPU performance measurement report for details on how the this performance increase was computed.) * Added experimental support for PRAGMA functions. * Added the SQLITE_DBCONFIG_NO_CKPT_ON_CLOSE option to sqlite3_db_config(). * Enhance the date and time functions so that the 'unixepoch' modifier works for the full span of supported dates. * Changed the default configuration of the lookaside memory allocator from 500 slots of 128 bytes each into 125 slots of 512 bytes each. * Enhanced "WHERE x NOT NULL" partial indexes so that they are usable if the "x" column appears in a LIKE or GLOB operator. * Enhanced sqlite3_interrupt() so that it interrupts checkpoint operations that are in process. * Enhanced the LIKE and GLOB matching algorithm to be faster for cases when the pattern contains multiple wildcards. * Added the SQLITE_FCNTL_WIN32_GET_HANDLE file control opcode. * Added ".mode quote" to the command-line shell. * Added ".lint fkey-indexes" to the command-line shell. * Added the .imposter dot-command to the command-line shell. * Added the remember(V,PTR) SQL function as a loadable extension. * Rename the SQLITE_OMIT_BUILTIN_TEST compile-time option to * SQLITE_UNTESTABLE to better reflect the implications of using it. - SQLite 3.15.2: * Multiple bug fixes to the row value logic that was introduced in version 3.15.0. * Fix a NULL pointer dereference in ATTACH/DETACH following a maliciously constructed syntax error * Fix a crash that can occur following an out-of-memory condition in the built-in instr() function. * In the JSON extension, fix the JSON validator so that it correctly rejects invalid backslash escapes within strings. ==== swig ==== Version update (3.0.10 -> 3.0.11) - Update to 3.0.11 - PHP 7 support added. - C++11 alias templates and type aliasing support added. - Minor fixes and enhancements for C# Go Guile Java Javascript Octave PHP Python R Ruby Scilab XML. ==== tomcat ==== Version update (8.0.36 -> 8.0.39) Subpackages: tomcat-admin-webapps tomcat-el-3_0-api tomcat-jsp-2_3-api tomcat-lib tomcat-servlet-3_1-api tomcat-webapps - update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream ==== vim ==== Version update (8.0.130 -> 8.0.147) Subpackages: gvim vim-data - Updated to revision 147, fixes the following problems * Not enough test coverage for syntax commands. * Test fails because of using :finish. * "2;'(" causes ml_get errors in an empty buffer. * Null pointer access reported by UBsan. * An address relative to the current line, ":.,+3y", does not work properly on a closed fold. * When using indent folding and changing indent the wrong fold is opened. * When 'maxfuncdepth' is set above 200 the nesting is limited to 200. * Small build fails. * Warning for unused argument. * Pasting inserted text in Visual mode does not work properly. * Nested function test fails on AppVeyor. * Normal colors are wrong with 'termguicolors'. * Line number of current buffer in getbufinfo() is wrong. * When using MSVC the GvimExt directory is cleaned twice. * Running tests on MS-Windows is a little bit noisy. * When using 'termguicolors' on MS-Windows the RGB definition causes the colors to be wrong. * searchpair() does not work when 'magic' is off. ==== wine ==== Version update (2.0~rc2 -> 2.0~rc4) Subpackages: wine-32bit - Updated to 2.0-rc4 development snapshot - Bug fixes only, we are in code freeze. - updated winetricks - Updated to 2.0-rc3 development snapshot - Bug fixes only, we are in code freeze. - updated winetricks ==== wireshark ==== Subpackages: wireshark-ui-qt - Obsolete the ui-gtk in the ui-qt to ensure clean non-conflicted install - Cleanup a bit with spec-cleaner - Properly set ethereal symlink based on UI and set it to proper subpkg - Update conditionals on wireshark to only build Qt or GTK depending on the interface, because upstream now only supports Qt5 - Update the caps code in spec but keep it disabled - Enable geoip only on platforms that support it - Enable libnl only on newer releases - Update desktop file and icon caches - Drop not really needed patch wireshark-1.10.0-authors-pod2man.patch - Use full commands for icon/desktop cache for gtk mode as on sle11 it was not present yet as a macro - Split shared libraries properly to subpackages ==== yast2 ==== Version update (3.2.9 -> 3.2.11) - bnc#1017716 - do not cache ifcfg files with empty device name part (ifcfg-). Such file cannot be mapped to any existing device and providing empty device name could lead to unexpected crashes in other parts of yast. - 3.2.11 - Fixed tests to pass with the latest yast2-core package (related to the bsc#932331 fix) - 3.2.10 ==== yast2-bootloader ==== Version update (3.2.12 -> 3.2.13) - do not try to write legacy_boot flag for msdos partition table in more disks scenario when there is also GPT disk (bsc#1017776) - 3.2.13 ==== yast2-core ==== Version update (3.2.0 -> 3.2.2) - Dropped the YCP debugger in yast2-core-debugger not to confuse people who want to use the Byebug based Ruby debugger (bsc#1018038) - 3.2.2 - Allow more detailed error specification when loading namespace to component system failed (bsc#932331) - 3.2.1 ==== yast2-installation ==== Version update (3.2.12 -> 3.2.13) - AutoYaST after second stage: Initialize tty1 in order to remove old YaST output and to show the cursor again. (bnc#1018037) - 3.2.13 ==== yast2-ntp-client ==== Version update (3.2.3 -> 3.2.4) - Update the Rubocop style to version 0.41.2 (to match the other YaST modules) - AutoYaST: Fixed crash while exporting settings. Do not export Augeas objects (bnc#1017490) - 3.2.4 ==== yast2-perl-bindings ==== Version update (3.1.2 -> 3.2.0) - Initial adaptation to new ErrorNamespace for failed imports which is already used by ruby-bindings (bsc#932331) - 3.2.0 ==== yast2-ruby-bindings ==== Version update (3.2.2 -> 3.2.4) - Throw exception with more detailed error specification when loading namespace to component system failed (bsc#932331) - 3.2.4 - Do not crash when FastGettext is unable to find the empty.mo file (bsc#1014458) - 3.2.3 ==== yast2-snapper ==== Version update (3.1.11 -> 3.2.0) - Fixed tests to pass with the latest yast2-core and yast2-ruby-bindings packages (related to the bsc#932331 fix) - 3.2.0 ==== yast2-storage ==== Version update (3.2.1 -> 3.2.2) - Mock properly testsuite, because failed import is no longer ignored (bsc#932331) - 3.2.2 ==== yast2-update ==== Version update (3.1.43 -> 3.2.0) - Add storage to build dependencies as tests depends on it (related to changes done for bsc#932331) - 3.2.0