Removed rpms
============
Added rpms
==========
- fontconfig-lang
- libfontconfig1
Package Source Changes
======================
ImageMagick
+ fix CVE-2021-4219 [bsc#1196337], denial of service in MagicCore/draw.c via crafted SVG file
+ + ImageMagick-CVE-2021-4219.patch
+
+- security update
+- added patches
MozillaThunderbird
+- Mozilla Thunderbird 91.6.1
+ * changed: Thunderbird generated views of meeting invitations
+ are now expanded by default
+ * fixed: Emails were not downloading at startup under some
+ conditions
+ * fixed: Port numbers were not shown in "Confirm Security
+ Exception" dialog for CalDAV connections
+ * fixed: Various security fixes
+ MFSA 2022-07 (bsc#1196072)
+ * CVE-2022-0566 (bmo#1753094)
+ Crafted email could trigger an out-of-bounds write
+
+- Mozilla Thunderbird 91.6
+ * new: Thunderbird will now offer to send large forwarded
+ attachments via FileLink
+ * fixed: Partially signed unencrypted messages displayed an
+ incorrect "partially encrypted" notification
+ * fixed: Attachments filenames were not sanitized before saving
+ to disk
+ * fixed: In the attachment bar, the "Import OpenPGP Key" item
+ displayed for public keys displayed an error and did not
+ import the key
+ * fixed: "Open with" attachment dialog did not have a selected
+ radio button option
+ * fixed: Various security fixes
+ MFSA 2022-06 (bsc#1195682)
+ * CVE-2022-22753 (bmo#1732435)
+ Privilege Escalation to SYSTEM on Windows via Maintenance
+ Service
+ * CVE-2022-22754 (bmo#1750565)
+ Extensions could have bypassed permission confirmation during
+ update
+ * CVE-2022-22756 (bmo#1317873)
+ Drag and dropping an image could have resulted in the dropped
+ object being an executable
+ * CVE-2022-22759 (bmo#1739957)
+ Sandboxed iframes could have executed script if the parent
+ appended elements
+ * CVE-2022-22760 (bmo#1740985, bmo#1748503)
+ Cross-Origin responses could be distinguished between script
+ and non-script content-types
+ * CVE-2022-22761 (bmo#1745566)
+ frame-ancestors Content Security Policy directive was not
+ enforced for framed extension pages
+ * CVE-2022-22763 (bmo#1740534)
+ Script Execution during invalid object state
+ * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
+ bmo#1748210, bmo#1748279)
+ Memory safety bugs fixed in Thunderbird 91.6
+
avahi
+- remove avahi-mono* subspecfiles, they are no longer required
+ by anything. this makes the spec file slightly more readable.
+
+- Replace avahi-0.6.31-systemd-order.patch with
+ avahi-add-resolv-conf-to-inotify.patch: re-read configuration
+ when resolv.conf changes, per discussion on the bug
+ (boo#1194561).
+
+- Change to systemd-sysusers
+
+- Reinstate avahi-0.6.31-systemd-order.patch (boo#1194561).
+ This can probably go away if/when gh#lathiat/avahi#118 is fixed.
+- Drop avahi-0.6.32-suppress-resolv-conf-warning.patch: we should
+ no longer need this given the above patch.
+- Add several patches from git:
+ 0001-man-fix-reference-to-avahi-autoipd.action-8-in-avahi.patch
+ 0005-avahi-dnsconfd.service-Drop-Also-avahi-daemon.socket.patch
+ 0006-man-add-missing-bshell.1-symlink.patch
+ 0007-Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK.patch
+ 0009-fix-bytestring-decoding-for-proper-display.patch 0010-avahi_dns_packet_consume_uint32-fix-potential-undefi.patch
+- Build manpages with xmltoman. Currently needed for bssh.
+- Minor spec file clean-up.
+- Require python-rpm-macros for all builds (boo#1194744 boo#1194745).
+
+- Move sftp-ssh and ssh services to the doc directory. They allow
+ a host's up/down status to be easily discovered and should not
+ be enabled by default (boo#1179060).
+
blog
+- Update to version 2.26
+ * On s390/x and PPC64 gcc misses unused arg0
+- Remove patch fcb9e0c2.patch as now part of tar ball
+
+- Add upstream patch fcb9e0c2.patch
+ * On s390/x and PPC64 gcc misses unused arg0
+
+- Update to version 2.24
+ * Avoid install errror due missed directory
+
+- Update to version 2.22
+ * Avoid KillMode=none for newer systemd version as well as rework
+ the systemd unit files of blog (boo#1186506)
+
+- Move to /usr for UsrMerge (boo#1191057)
+
+- Update to version 2.21
+ * Merge pull request #4 from samueldr/fix/makefile
+ Fixup Makefile for better build system support
+ * Silent new gcc compiler
+
fontconfig
-- fontconfig-devel-32bit needs to require fontconfig-32bit,
- needed for Wine development (bsc#1172301)
+- adding bug reference to this changelog [bsc#1172301]
+
+- Add fontconfig-do-not-remove-UUID-file.patch: Removing .uuid
+ files caused frequent rescanning of all system fonts causing
+ intermittent CPU usage surges, for example, when browsing using
+ firefox; patch taken from upstream commit (boo#1124816,
+ https://gitlab.freedesktop.org/fontconfig/fontconfig/merge_requests/8).
+
+- Implement shared library packaging guideline
+- Split documentation to soothe rpmlint's
+ "W: package-with-huge-docs 86%"
+
+- Fix self obsoletion ipa-fonts-config and IPA-fonts-config.
+- Fix build error in Leap 42.3.
+- Fix location of fontconfig-devel.* doc-files.
+
+- Package AUTHORS, ChangeLog and README via standard doc macro.
+
+- Update to 2.13.1:
+ * conf.d: Drop aliases for (URW)++ fonts
+ * variable fonts support
+ * Use uuid-based cache filename if uuid is assigned to dirs
+ * Add new API to find out a font from current search path
+ * Add FONTCONFIG_SYSROOT environment variable
+ * [varfonts] Add FC_FONT_VARIATIONS
+ * [varfonts] Add FC_VARIABLE
+ * Add Simplified Chinese translations
+ * Fix memory leaks, double frees etc.
+ * See README for details
+- Drop fontconfig-remove-debug-output.patch
gdm
+- Use _pam_vendordir instead of _distconfdir/pam.d (boo#1195996).
+ AS this means /etc/pam.d on SLE15, we mark those files as
+ %config(noreplace).
+
+- Update to version 41.3:
+ + Juggle Xorg's -listen/-nolisten command line change better.
+ + Fix session type selection.
+ + Fix crash.
+ + Drop vestigial gdm-pin service.
+ + XDMCP fixes.
+ + Wayland nvidia udev updates.
+ + Updated translations.
+- Rebase gdm-disable-wayland-on-mgag200-chipsets.patch.
+- Drop gdm-daemon-Infer-session-type-from-desktop-file.patch and
+ gdm-restart-greeter-session-after-crash.patch: fixed upstream.
+
+- Move
+ %{_datadir}/glib-2.0/schemas/org.gnome.login-screen.gschema.xml
+ from main package to new gdm-schema split package and make
+ libgdm1 depend on the new gdm-schema split package. Currently,
+ the gdm-schema is required for gnome-shell to work, but
+ gnome-shell only depends on libgdm1 and not on gdm as a whole,
+ causing a crash of gnome-shell if the gdm main package is not
+ installed. By moving the gdm-schema to it's own split package and
+ making libgdm1 actually require it, the crash can be prevented.
+ Fixes boo#1194183.
+
+- Add gdm-restart-greeter-session-after-crash.patch: When active vt
+ is gdm initial vt, restart greeter session. Avoiding the blank
+ screen when greeter session crashed
+ (bsc#1190230 glgo#GNOME/gdm#735).
+
+- Update gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch:
+ With GDM_DISABLE_USER_DISPLAY_SERVER=1 environment variable, make
+ X server logging to /var/log/Xorg.*.log and journal log
+ (bsc#1192177).
+
glib2
+- Update to version 2.70.4:
+ + Bugs fixed: glgo#GNOME/GLib!2462 “Fix memory leak in
+ gio/gdbusauthmechanismsha1.c” to glib-2-70.
+ + Updated translations.
+
+- Update to version 2.70.3:
+ + Several important fixes to FD handling in gspawn.
+ + Several important fixes to GDBus message and GVariant parsing
+ of invalid data.
+ + Fix potential data loss due to missing fsync when saving files
+ on btrfs.
+ + Bugs fixed: glgo#GNOME/GLib#2503, glgo#GNOME/GLib#2506,
+ glgo#GNOME/GLib#2557, glgo#GNOME/GLib#2572,
+ glgo#GNOME/GLib#2580, glgo#GNOME/GLib!2394,
+ glgo#GNOME/GLib!2415, glgo#GNOME/GLib!2437,
+ glgo#GNOME/GLib!2444, glgo#GNOME/GLib!2455.
+ + Updated translations.
+
harfbuzz
+- update to 3.4.0:
+ + Perform sanity checks on shaping results is now part of
+ “harfbuzz” library and can be enabled by setting the buffer
+ flag HB_BUFFER_FLAG_VERIFY
+ + Arabic Mark Transient Reordering Algorithm have been updated
+ to revision 6
+ + ISO 15924 code for mathematical notation, ‘Zmth’, now maps to
+ the OpenType ‘math’ tag
+ + It is now possible to get at once all math kerning values for a
+ given glyph at a given corner
+ + Fix locale_t portability issues on systems the typedef’s it to
+ a void pointer
+
+- update to 3.3.2:
+ + Revert splitting of pair positioning values introduced in 3.3.0
+ as it proved problematic
+- includes changes from 3.3.1:
+ + Fix heap-use-after-free in harfbuzz-subset introduced in
+ previous release
+- includes changes from 3.3.0:
+ + Improved documentation, code cleanup
+ + The low 16-bits of face index will be used by hb_face_create()
+ to select a face inside a font collection file format, while the
+ high 16-bits will be used by hb_font_create() to load the named
+ instance
+ + Glyph positions and other font metrics now apply synthetic slant
+ set by hb_font_set_synthetic_slant(), for improved positioning
+ for synthetically slanted fonts
+ + Fixed unintentional locale dependency in hb_variation_to_string()
+ for decimal point representation
+ + When applying pair positioning (kerning) the positioning value
+ is split between the two sides of the pair for improved cursor
+ positioning between such pairs
+ + Introduced new HB_GLYPH_FLAG_UNSAFE_TO_CONCAT, to be used in
+ conjunction with HB_GLYPH_FLAG_UNSAFE_TO_BREAK for optimizing
+ re-shaping during line breaking. Check the documentation for
+ further details
+ + Improved handling of macrolanguages when mapping BCP 47 codes
+ to OpenType tags
+
jasper
+- bsc#1188437 CVE-2021-27845: Fix divide-by-zery in cp_create()
+ Add jasper-CVE-2021-27845.patch
+
kbd
+- Fix build without %_distconfdir (see bsc#1195679)
+
kernel-default
+- arch/x86/mm/numa: Do not initialize nodes twice (bsc#1195752
+ bsc#1196248).
+- commit a9cb651
+
+- powerpc/64s/hash: Make hash faults work in NMI context
+ (bsc#1195655 ltc#1195655).
+- commit 9801a29
+
+- brcmfmac: firmware: Fix crash in brcm_alt_fw_path (bsc#1195501)
+- commit 21498fa
+
+- Update kabi files.
+ Update after the nvme-fc map_queues callback addition.
+- commit ba2de57
+
+- Drop PCI xgene patch that caused a regression for mxl4 (bsc#1195352)
+ Delete patches.suse/PCI-xgene-Fix-IB-window-setup.patch
+ Also update blacklist
+- commit dd99303
+
+- nvme-fc: add support for ->map_queues (bsc#1195823).
+- commit f890a27
+
+- nvme-fabrics: fix state check in nvmf_ctlr_matches_baseopts() (bsc#1195012).
+- commit 5a50415
+
+- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
+- commit a0f28e5
+
+- Move upstreamed sound fix into sorted section
+- commit 80571bb
+
libeconf
+- Update to version 0.4.4+git20220104.962774f:
+ * Fixed i586 build (#158)
+
+- Update to version 0.4.2+git20220104.5dfd69d:
+ * Reading numbers with different bases (e.g. oktal) (bsc#1193632) (#157)
+
+- Update to version libeconf-0.4.2+git20211111.c7a2c52:
+ * CMake fixes regarding document installation.
+ * Fixed different issues while writing string values to file.
+ * Writing comments to file too.
+ * Fixed memory leaks.
+ * Fixed crash while merging values.
+
+- Update to version 0.4.1+git20210709.cf671f2:
+ * CMake fixes regarding installation of econftool and man pages.
+
+- Update to version 0.4.0+git20210708.6918ea1:
+ * Fixed covscan FORWARD_NULL_issues warnings
+
+- Update to version 0.4.0+git20210707.537a8a:
+ * Fixed resource leaks found by Iker Pedrosa.
+
+- Removed doxygen from build requires.
+
+- Update to version 0.4.0+git20210413.fdb8025:
+ * Installing man pages via meson. (#147)
+
+- Update to version 0.4.0+git20210412.1513a26:
+ * Added econftool cat option (#146)
+ * new API call: econf_readDirsHistory (showing ALL locations)
+ * new API call: econf_getPath (absolute path of the configuration file)
+
+- Update to version 0.4.0+git20210408.6d33e5e:
+ * Man pages libeconf.3 and econftool.8.
+ * Handling multiline strings.
+ * Added libeconf_ext which returns more information like
+ line_nr, comments, path of the configuration file,...
+ * Econftool, an command line interface for handling configuration
+ files.
+ * Generating HTML API documentation with doxygen.
+ * Improving error handling and semantic file check.
+ * Joining entries with the same key to one single entry if
+ env variable ECONF_JOIN_SAME_ENTRIES has been set.
+
libpwquality
+- Add python-rpm-macros to BuildRequires (boo#1194757).
+
librsvg
+- Update to version 2.52.6:
+ + Fix incorrect text rendering when text has different scales in
+ the X/Y axes. This regressed after librsvg 2.52.5, when Pango
+ had to revert its fix for the same bug. Now librsvg renders all
+ text as paths, and does the scaling itself. Please file a bug
+ if you have evidence that this presents a performance problem
+ for you.
+
libzypp
+- Hint on ptf<>patch resolver conflicts (bsc#1194848)
+- version 17.29.5 (22)
+
pango
+- Update to version 1.50.4:
+ + Tweak synthetic space size.
+ + itemize: Try harder to avoid NULL fonts.
+ + docs: Some additions.
+ + Pass synthetic slant to harfbuzz.
+ + Make sloped carets work with uneven scales.
+ + Fix serialiation on arm.
+ + Avoid an uninitialized variable warning.
+ + Reinstate previous behavior of pango_attr_list_splice.
+ + Deprecated pango_coverage_ref/unref.
+ + Fix serialization on non-glibc systems.
+ + Fix allow-breaks handling.
+
+- Update to version 1.50.3:
+ + pango-view: Add --serialize-to option for easy bug reporting.
+ + Revert a transformation change that broke metrics for vertical
+ text.
+ + Handle fonts without space glyph (such as icon fonts) better.
+ + Fix some corner cases of line width accounting.
+ + Fix line height with emulated Small Caps.
+
+- Update to version 1.50.2:
+ + Fix a problem with font fallback for Arabic.
+ + Fix handling of fonts without a space glyph.
+ + Various documentation improvements.
+ + Fix build issues.
+
+- Update to version 1.50.1:
+ + Fix a crash in tab handling.
+ + Fix tab positioning without line wrapping.
+ + Fix an assertion failure found by fuzzing.
+ + Make underlines work again for broken fonts.
+
+- Update to version 1.50.0:
+ + Fix glyph placement in gravity east
+ + Fix line heights in improper gravities
+ + Only shown selected ignorables with nicks
+ + Support tab alignments other than left
+ + Support custom decimal points on decimal tabs
+ + Fix a pango-view crash
+ + Optimize handling of many tabs
+ + Drop json-glib dependency
+- Drop pkgconfig(json-glib-1.0) BuildRequires, no longer needed.
+
+- Update to version 1.49.4:
+ + Require fontconfig 2.13
+ + Require harfbuzz 2.6
+ + Many fixes to line breaking accuracy
+ + coretext: Correctly clamp text weights at min/max values
+ + Add serialization api for PangoLayout, PangoFont and
+ PangoAttrList
+ + Require json-glib
+ + tests:
+ - Use serialized layouts for test cases
+ - Include fonts in git
+ + pango-view: Accept serialized layouts
+ + Fix a rounding problem with font metrics
+ + Fix visible space display using ␣
+- Changes from version 1.49.3:
+ + Fix hinting of glyph metrics
+ + Fix logical glyph extents in vertical gravities
+ + Visualize more default-ignorable glyphs
+ + Fix advance widths in transformed contexts
+ + Implement Small Caps and other casing variations
+- Changes from version 1.49.2:
+ + Update Unicode data to Unicode 14
+ + Fix underlining of spaces
+ + Round font metrics when appropriate
+ + Fix some corner cases of cursor positioning
+ + Handle Catalan middle-dot in text segmentation
+- Changes from version 1.49.1:
+ + Only recompute log attrs when needed
+ + Validate log attrs
+ + Fix conformance issues in Thai and Indic linebreaking
+ + Add pango_attr_break to support customizing line and word
+ breaks
+ + Add font-dependent baseline shifts and sizing for super- and
+ subscripts
+ + Improve hyphenation support
+ + pango-view:
+ - Visualize caret positions and slopes
+ - Show glyph rects
+ - Make --annotate easier to use
+ + Add pango_layout_get_caret_pos to support sloped carets
+ + Improve caret positioning for ligatures
+ + Better under- and overline placement
+ + layout:
+ - Allocate a bit less
+ - Fix cluster extents with rise
+ + Add pango_layout_iter_get_run_baseline
+ + Add pango_glyph_string_index_to_x_full
+ + coretext: Set size on font descriptions
+ + Add color information to PangoGlyphVisAttr
+- Changes from version 1.49.0:
+ + Require fribidi 1.0.6
+ + Fix threadsafety issues with Thai
+ + Fix a rounding problem on i386
+ + Fix font choice for ellipsis
+ + New api:
+ - pango_font_get_languages
+ - Introspection helpers for attributes
+ + Ignore width in horizontal context when itemizing
+ + markup:
+ - Allow specifying size and rise in points
+ - Allow specifying size as percentage
+ + Rewrite pango_layout_move_cursor_visually
+ + Add a line-height attribute and make logical line extents
+ respect it
+ + Add pango_justify_last_line
+ + Add pango_shape_item
+ + Add a text-transform attribute and implement it
+ + Clean up fribidi api usage
+ + Fix a bug in the gravity data table
+ + pango-view: Improve the --annotate option
+ + Fix a possible crash in rendering strikethroughs
+- Add pkgconfig(json-glib-1.0) BuildRequires, new dependency.
+
php7
+- security update
+- added patches
+ fix CVE-2021-21708 [bsc#1196252], Use after free due to php_filter_float() failing for ints
+ + php7-CVE-2021-21708.patch
+
php7:apache2
+- security update
+- added patches
+ fix CVE-2021-21708 [bsc#1196252], Use after free due to php_filter_float() failing for ints
+ + php7-CVE-2021-21708.patch
+
psmisc
+ * Determine the namespace of a process only once to speed
+ up the parsing of fdinfo (bsc#1194172).
+
+- Change patch 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch
python-pip
+- Switch this package to use update-alternatives for all files
+ in %{_bindir} so it doesn't collide with the versions on
+ "the latest" versions of Python interpreter (jsc#SLE-18038,
+ bsc#1195831).
+
rpm-config-SUSE
+- Remove definition of _distconfdir, as this should not be defined
+ for SLE-15. Else this will conflict with our non-usr-merged
+ environment and cause problems with transactional-update, openssh
+ and other packages (bsc#1195679)
+
s390-tools
+- Added s390-tools-sles15sp4-zdev-modify-the-lsblk-output-parser-in-lszdev.patch
+ for bsc#1196255. Version 2.37+ of util-linux modified the output
+ characters of lsblk,which breaks the parser function.
+- Added s390-tools-sles15sp4-zdev-Fix-path-resolution-for-multi-mount-point-file-.patch
+ for bsc#1196254. Path resolution fails when a device provides
+ multiple mount points such as, for example, when using btrfs
+ subvolumes, or when mounting the same file system at multiple
+ mount points.
+
sg3_utils
+- Update to version 1.47+4.82fb156:
+ * rescan_scsi_bus.sh: restore numeric ordering of hosts (bsc#1196244)
+
systemd
+- Fix a regression caused by the split of the sysusers config files shipped by
+ systemd (bsc#1196322)
+ Calls to %sysusers_create were not updated accordingly.
+
+- %_pam_vendordir is still wrong on SLE, let's define our own definition for
+ now.
+
+- Add in quarantine the following patches:
+ 6000-udev-net_id-add-debug-logging-for-construction-of-de.patch
+ 6001-udev-net_id-show-the-correct-identifier-in-the-debug.patch
+ They might help with predictable network device naming issues. They will be
+ moved to the git repo if nothing wrong happens.
+
+- Import commit d150ab3db99dea63a546567b3227baf0d85e4265 (merge of v249.10)
+ For a complete list of changes, visit:
+ https://github.com/openSUSE/systemd/compare/26736aafa1df67d222fe46c54bf74b5c7a44d8a1...d150ab3db99dea63a546567b3227baf0d85e4265
+
+- Import commit 26736aafa1df67d222fe46c54bf74b5c7a44d8a1
+ 8973cb2462 systemd-coredump: allow setting external core size to infinity (bsc#1195899 jsc#SLE-23866)
+
+- Fix build if %_distconfdir is not defined (see bsc#1195679)
+
+- Always create systemd-network system user, even if systemd-networkd is not
+ installed (bsc#1195559)
+- Don't rely on %{_distconfdir}, it's broken on SLE (bsc#1195998)
+
webkit2gtk3:gtk3-soup2
+- Update to version 2.34.6:
+ + Fix accessibility not working when the Bubblewrap sandbox is
+ enabled.
+ + Fix rendering of scrollbars when overlay scrollbars are
+ disabled.
+ + Fix the build when the X11 support is disabled.
+ + Fix the build in a number of situations where the main OpenGL
+ library is not called libGL or libgl, as is the case on
+ systems that use libglvnd.
+ + Fix several crashes and rendering issues.
+
+- Update to version 2.34.5 (boo#1195735):
+ + Improve VP8 codec selection when using GStreamer 1.20.
+ + Fix connecting to the accessiblity bus when using the
+ Bubblewrap sandbox.
+ + Fix links being incorrectly activated when starting a pinch
+ zoom gesture.
+ + Fix touch-based scrolling.
+ + Fix the build with recent toolchains based on GCC 12 and on
+ older ones as included e.g. in Ubuntu 18.04.
+ + Fix the build with ICU 60, version 61 is no longer required.
+ + Fix several crashes and rendering issues.
+ + Security fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592,.
+ + Drop webkit2gtk3-gcc12.patch: fixed upstream.
+
+- Update constraints for disk space even more, now at 20 gig.
+
+- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12.
+- Require glib2 2.44 to match source.
+
+- Update to version 2.34.4 (boo#1195064):
+ + Fix several crashes and rendering issues.
+ + This release fixes numerous security issues, including an
+ especially severe issue that allowed websites to read the names
+ of IndexedDB databases created by other websites.
+ + Security fixes: CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
+ CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984,
+ CVE-2022-22594.
+
+- Update _constraints, needs more disk space to build.
+
- CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889,
- CVE-2021-30897.
+ CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889,
+ CVE-2021-30897, CVE-2021-45481, CVE-2021-45483.
- CVE-2021-30809, CVE-2021-30836.
+ CVE-2021-30809, CVE-2021-30836, CVE-2021-45482.
- CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734,
- CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797,
- CVE-2021-30799.
- + Changes in version 2.32.2:
- + Improve calculation of initial WebKitWebView size.
- + Fix kinetic scrolling on touchpad with async scrolling off.
- + Fix a crash on empty drag operation in X11.
- + Fix rendering on HiDPI /4k screen and scaling.
- + Handle null native surface for for surfaceless rendering.
- + Fix JavaScriptCore crash on 32-bit big endian systems.
- + Fix several crashes and rendering issues.
- + Security fixes: CVE-2021-30758.
- + Changes in version 2.32.1:
- + Support building against the Musl C library.
- + Support building against ICU version 69 or newer.
- + Improve handling of Media Capture devices.
- + Improve WebAudio playback.
- + Improve video orientation handling.
- + Improve seeking support for MSE playback.
- + Improve flush support in EME decryptors.
- + Fix HTTP status codes for requests done through a custom URI
- handler.
- + Fix the Bubblewrap sandbox in certain 32-bit systems.
- + Fix inconsistencies between the WebKitWebView.is-muted property
- state and values returned by
- webkit_web_view_is_playing_audio().
- + Fix the build with ENABLE_VIDEO=OFF.
- + Fix wrong timestamps for long-lived cookies.
- + Fix UI process crash when failing to load favicons.
- + Fix several crashes and rendering issues.
- + Updated translations.
+ CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734,
+ CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797,
+ CVE-2021-30799.
-- Update to version 2.32.3 (boo#1188697):
- + Properly set the cookies settings after a network process
- crash.
- + Fix accessibility tree after a cross site navigation with PSON
- enabled.
- + Ensure WebKitScriptWorld::window-object-cleared signal is
- always emitted.
- + Fix several crashes and rendering issues.
- + Security fixes: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663,
- CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734,
- CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797,
- CVE-2021-30799.
-
- + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
+ + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765,
- CVE-2021-30682.
+ CVE-2021-30682.
- CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870,
- CVE-2021-21806.
+ CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870,
+ CVE-2021-21806.
- CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826,
- CVE-2021-30661.
+ CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826,
+ CVE-2021-30661.
- ++ Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813,
+ + Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813,
- CVE-2021-30666, CVE-2021-30761.
+ CVE-2021-30666, CVE-2021-30761.
yast2
+- do not strip surrounding white space in CDATA XML elements (bsc#1195910)
+- 4.4.45
+
+- Keep the user defined $Y2STYLE and $XCURSOR_THEME environment
+ variables, allow changing the installer theme via these
+ environment variables (related to jsc#SLE-20547)
+- 4.4.44
+
yast2-installation
+- LSM: Adjusted installation summary labels (bsc#1196013).
+- 4.4.41
+
yast2-schema-default
+- Added fcoe-client schema (bsc#1194895)
+- 4.4.11
+
zypper
+- info: print the packages upstream URL if available (fixes #426)
+- info: Fix SEGV with not installed PTFs (bsc#1196317)
+- Don't prevent less restrictive umasks (bsc#1195999)
+- version 1.14.52
+