Packages changed: ImageMagick (6.9.8.2 -> 7.0.5.4) ccache (3.3.3 -> 3.3.4) cmake hylafax+ (5.5.8 -> 5.5.9) libvirt-python (3.1.0 -> 3.2.0) lightdm (1.21.5 -> 1.22.0) perl-DBD-Pg tiff units (2.13 -> 2.14) === Details === ==== ImageMagick ==== Version update (6.9.8.2 -> 7.0.5.4) Subpackages: ImageMagick-devel ImageMagick-extra perl-PerlMagick - updated to 7.0.5-4 * new branch, see https://www.imagemagick.org/script/porting.php - deleted unneded patches . ImageMagick-6.6.8.9-doc.patch . ImageMagick-6.6.8.9-examples.patch . ImageMagick-6.7.6.1-no-dist-lzip.patch . ImageMagick-6.8.4.0-dont-build-in-install.patch . ImageMagick-6.8.4.0-rpath.patch . ImageMagick-montage.t.patch . ImageMagick-6.8.5.7-no-XPMCompliance.patch - renamed patches . ImageMagick-6.8.8-1-disable-insecure-coders.patch to ImageMagick-disable-insecure-coders.patch ==== ccache ==== Version update (3.3.3 -> 3.3.4) - Update to version 3.3.4: * Documented the different cache statistics counters. * Fixed a regression in ccache 3.3 related to potentially bad content of dependency files when compiling identical source code but with different source paths. This was only partially fixed in 3.3.2 and reverts the new ?Names of included files are no longer included in the hash of the compiler?s preprocessed output? feature in 3.3. * Corrected statistics counter for -optf/--options-file failure. * Fixed undefined behavior warnings in ccache found by - fsanitize=undefined. ==== cmake ==== - Add reproducible.patch and reproducible2.patch to allow for reproducible builds of freerdp and other packages - find ImageMagick 7 + cmake-ImageMagick7.patch ==== hylafax+ ==== Version update (5.5.8 -> 5.5.9) Subpackages: hylafax+-client - hylafax+ 5.5.9 * fix a handful of compiler warnings for gcc v7 (13, 17 Feb 2017) * fix job rescheduling if the proxy connection attempt fails (13 Jul 2016) * increase the maximum number of triggers from 1024 to 4096 (13 Jul 2016) * eliminate faxq job priority "bounding" (13 Jul 2016) * attempt to detect premature non-ECM Phase C carrier loss (15 Jun 2016) * add missing recvq error message indications (6 May 2016) * fix tagtest support for multi-strip images (25 Mar 2016) * enhance textfmt wrapping to occur on word boundaries (24 Feb 2016) ==== libvirt-python ==== Version update (3.1.0 -> 3.2.0) - Update to 3.2.0 - Add all new APIs and constants in libvirt 3.2.0 - FATE#319684, FATE#321335, FATE#321349 ==== lightdm ==== Version update (1.21.5 -> 1.22.0) Subpackages: liblightdm-gobject-1-0 lightdm-lang - Update to version 1.22.0: * Allow guest sessions to talk to Mir. ==== perl-DBD-Pg ==== - Fixed sle_version macro - Removed %clean section ==== tiff ==== Subpackages: libtiff-devel libtiff5 libtiff5-32bit - Added patches: * tiff-CVE-2016-10266.patch + Upstream fix for CVE-2016-10266, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image (bsc#1031263) * tiff-CVE-2016-10267.patch + Upstream fix for CVE-2016-10267, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image (bsc#1031262) * tiff-CVE-2016-10268.patch + Upstream fix for CVE-2016-10268, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image (bsc#1031255) * tiff-CVE-2016-10269.patch + Upstream fix for CVE-2016-10269, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image (bsc#1031254) * tiff-CVE-2016-10270.patch + Upstream fix for CVE-2016-10270, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image (bsc#1031250) * tiff-CVE-2016-10271.patch + Upstream fix for CVE-2016-10271, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image (bsc#1031249) * tiff-CVE-2016-10272.patch + Upstream fix for CVE-2016-10272, LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image (bsc#1031247) ==== units ==== Version update (2.13 -> 2.14) - units 2.14: * Eliminated parser memory management limitation affecting long input expressions (e.g. a sum of more than 100 units) * Control characters are treated as white space rather than producing an error about invalid UTF-8.