Packages changed: blueberry (1.2.0 -> 1.3.6) ceph (15.2.1.277+g17d346932e -> 15.2.2.18+g1dbcddb5d8) file-roller (3.32.4 -> 3.32.5) flatpak gnome-themes-standard gnuhealth grub2 libgcrypt libguestfs libxml2 libyui-qt (2.52.2 -> 2.52.4) libyui-qt-graph (2.46.2 -> 2.46.3) mozilla-nss open-vm-tools (11.0.5 -> 11.1.0) openconnect permissions pipewire (0.3.1 -> 0.3.5) polkit-qt5-1 (0.112.0 -> 0.113.0) pragha (1.3.3 -> 1.3.99.1) projectM python python-Babel (2.5.1 -> 2.8.0) python-base python-cairocffi (1.1.0 -> 0.8.0) python-libxml2-python python-matplotlib (2.0.2 -> 2.2.5) python-qrcode recode (3.7.1 -> 3.7.6) tcsh thunar (1.8.14 -> 1.8.15) xfce4-notifyd (0.4.4 -> 0.6.1) xfce4-power-manager (1.6.5 -> 1.6.6) xfce4-taskmanager (1.2.2 -> 1.2.3) yast2-bootloader (4.2.23 -> 4.2.24) yast2-iscsi-client (4.2.5 -> 4.2.6) === Details === ==== blueberry ==== Version update (1.2.0 -> 1.3.6) Subpackages: blueberry-lang - Update to version 1.3.6 * tray: Switch to symbolic icons (#100) * Lower min requirement to GTK 3.22 * Update tranlsations - Update to version 1.3.5 * blueberry.py: Fix handling of the device name/alias. - Other changes since version 1.2.7 * Handle error from rfkill (#94) * Add support for XAppStatusIcon * StatusIcon: Switch to activate signal * obex: check for None when setting shared path * rework override to be compatible with any version * Fix tray icon not shown with window (#89) * blueberry: UI redesign * rfkillMagic: support hotpluggable bt devices * rfkillMagic: support device indexes above 9 * blueberry: rework rfkill error to be switch-specific * cleanup some unneded code * UI: Ensure burger menu is visible * Don't spin spinner in devices tab (#85) * Update translations - Remove obsolete Groups tag (fate#326485) - Update to version 1.2.8 * Don't spin spinner in devices tab (#85) - Update to version 1.2.7 * Update translations - 1.2.6 changes * Fix generate_desktop_files * Convert everything to use Python 3 (#66) * Add paired submenu for quick connect/disconnect (#69) * Tray: Use a tick image to represent connected device * l10n: Update POT * Tray: Fix paired menu when no devices are paired * Use shell launchers and use setproctitle to name the python processes * rfkill: Show error message on permission denied (#83) * rfkill: Show the error message in the UI * l10n: Update POT - Updated and cleaned up spec file - Rebased blueberry-fix-rfkill-path.patch - Update to version 1.2.5: * Update translations. - Update to version 1.2.4: * Update translations. - Do not use /usr/bin/env for Python scripts. - Add blueberry-rfkill.rules to fix boo#957071. - Revert to Python 2: the switch to Python 3 was actually in shebangs of just two basic launcher scripts, nothing more (boo#1105239). - Update to version 1.2.3 (changes isnce 1.2.1): * Add a 2s timeout around bt-adapter -i. * Update translations. - Update to version 1.2.1: * Update translations. ==== ceph ==== Version update (15.2.1.277+g17d346932e -> 15.2.2.18+g1dbcddb5d8) Subpackages: librados2 librbd1 - Update to 15.2.2-18-g1dbcddb5d8: + rebase on tip of upstream "octopus" branch, SHA1 0c857e985a29d90501a285f242ea9c008df49eb8 * Upstream v15.2.2 release https://ceph.io/releases/v15-2-2-octopus-released/ * mon, mgr: require all caps for pre-octopus tell commands (bsc#1170021, CVE-2020-10736) ==== file-roller ==== Version update (3.32.4 -> 3.32.5) Subpackages: file-roller-lang - Update to version 3.32.5 (boo#1171486): + libarchive: do not follow external links when extracting files (boo#1169428 CVE-2020-11736). + libarchive: overwrite symbolic links as well if requested by the user. + Updated translations. - Add gcc-fno-common-fix.patch in order to fix boo#1160390. ==== flatpak ==== Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0 - When SLE uses GNOME desktop environment, GNOME Software is automatically started to provide key update features. During the startup, it setups flatpak repository so that related features can function properly. In a system environment of no flatpak repository has ever been setup before, this triggers "org.freedesktop.Flatpak.modify-repo" polkit action. Therefore in systems which use a restrictive security policy (eg. SLES) for the aforementioned policy action, a polkit authentication dialog will pop up without any user interaction for the first time login. This is not user friendly. This submission creates /var/lib/flatpak/repo at package installation to avoid such a confusing authentication pop-up, at nearly 0 cost of security compromise (bsc#1169619, bsc#1170416). ==== gnome-themes-standard ==== Subpackages: gnome-themes-accessibility gnome-themes-accessibility-gtk2 gtk2-metatheme-adwaita gtk2-theming-engine-adwaita gtk3-metatheme-adwaita metatheme-adwaita-common - Remove the is_opensuse tag to close the gap between Leap and SLE (bsc#1170757, jsc#SLE-11890). ==== gnuhealth ==== - fixed different behviour of bsdtar in script and shell (gnuhealth-control) ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi - Skip zfcpdump kernel from the grub boot menu (bsc#1166513) * grub2-s390x-skip-zfcpdump-image.patch ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-32bit - FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872] * Print the debug messages in test_keys() only in debug mode. - Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch libgcrypt-PCT-ECC.patch ==== libguestfs ==== Subpackages: guestfs-data libguestfs0 virt-v2v - bsc#1167131 - virt-v2v fails importing ubuntu 18.04 LTS ova 500acb15-v2v-linux-fix-kernel-detection-when-split-in-different-packages.patch ==== libxml2 ==== Subpackages: libxml2-2 libxml2-2-32bit libxml2-tools - Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch - Security fix: [bsc#1161517, CVE-2020-7595] * xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation - Add libxml2-CVE-2020-7595.patch - Security fix: [bsc#1159928, CVE-2019-19956] * Memory leak related to newDoc->oldNs in xmlParseBalancedChunkMemoryRecover:parser.c - Add libxml2-CVE-2019-19956.patch ==== libyui-qt ==== Version update (2.52.2 -> 2.52.4) - Fixed build failures with older Qt versions (pre-5.15) (bsc#1165118) - 2.52.4 - Fixed Qt 5.15 deprecated warnings (bsc#1165118) - 2.52.3 ==== libyui-qt-graph ==== Version update (2.46.2 -> 2.46.3) - allow to move graph by dragging mouse (bsc#1171865) - 2.46.3 ==== mozilla-nss ==== Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs - nss-fips-aes-keywrap-post.patch: Add AES Keywrap POST. - nss-fips-constructor-self-tests.patch: Accept EACCES in lieu of ENOENT when trying to access /proc/sys/crypto/fips_enabled (bsc#1170908). - nss-fips-constructor-self-tests.patch: Add Softoken POSTs for new DSA and ECDSA hash-and-sign update functinos. - nss-fips-combined-hash-sign-dsa-ecdsa.patch: Add pairwise consistency check for CKM_SHA224_RSA_PKCS. Remove ditto checks for CKM_RSA_PKCS, CKM_DSA and CKM_ECDSA, since these are served by the new CKM_SHA224_RSA_PKCS, CKM_DSA_SHA224, CKM_ECDSA_SHA224 checks. - nss-fips-constructor-self-tests.patch: Replace bad attempt at unconditional nssdbm checksumming with a dlopen(), so it can be located consistently and perform its own self-tests. - Add nss-fix-dh-pkcs-derive-inverted-logic.patch. This fixes an instance of inverted logic due to a boolean being mistaken for a SECStatus, which caused key derivation to fail when the caller provided a valid subprime. - Add nss-fips-combined-hash-sign-dsa-ecdsa.patch. This implements API mechanisms for performing DSA and ECDSA hash-and-sign in a single call, which will be required in future FIPS cycles. - nss-fips-constructor-self-tests.patch: Always perform nssdbm checksumming on softoken load, even if nssdbm itself is not loaded. - nss-fips-detect-fips-mode-fixes.patch: Use secure_getenv() to avoid PR_GetEnvSecure() being called when NSPR is unavailable, resulting in an abort (bsc#1168669). - Added patches related to FIPS certification: * nss-fips-use-getrandom.patch: Use getrandom() to obtain entropy where possible. * nss-fips-dsa-kat.patch: Make DSA KAT FIPS compliant. * nss-fips-pairwise-consistency-check.patch: Use FIPS compliant hash when validating keypair. * nss-fips-rsa-keygen-strictness.patch: Enforce FIPS requirements on RSA key generation. * nss-fips-cavs-keywrap.patch, nss-fips-cavs-kas-ffc.patch, nss-fips-cavs-kas-ecc.patch, nss-fips-cavs-general.patch, nss-fips-cavs-dsa-fixes.patch, nss-fips-cavs-rsa-fixes.patch: Miscellaneous fixes to CAVS tests. * nss-fips-gcm-ctr.patch: Enforce FIPS limits on how much data can be processed without rekeying. * nss-fips-constructor-self-tests.patch: Run self tests on library initialization in FIPS mode. * nss-fips-approved-crypto-non-ec.patch: Disable non-compliant algorithms in FIPS mode (hashes and the SEED cipher). * nss-fips-zeroization.patch: Clear various temporary variables after use. * nss-fips-tls-allow-md5-prf.patch: Allow MD5 to be used in TLS PRF. * nss-fips-use-strong-random-pool.patch: Preferentially gather entropy from /dev/random over /dev/urandom. * nss-fips-detect-fips-mode-fixes.patch: Allow enabling FIPS mode consistently with NSS_FIPS environment variable. * nss-unit-test-fixes.patch: Fix argument parsing bug in lowhashtest. ==== open-vm-tools ==== Version update (11.0.5 -> 11.1.0) Subpackages: libvmtools0 open-vm-tools-desktop - Update to 11.1.0 (build 16036546) (boo#1171764, boo#1171765) + open-vm-tools 11.1.0 includes a new 'Service Discovery' plugin, which connects with the vRealize Operations Manager product. For more information and details on configuring this plugin, refer to Configuring Service Discovery. + In this release, a new tools.conf switch is added to enable and disable the guest customization in the guest virtual machine. By default, the guest customization is enabled. For more details, refer KB 78903. - Spec file changes to remove the is_opensuse macros where possible. - Remoed the mv vm-support line from the spec file. vm-support is now automatically placed in the /usr/bin directory. - Added version number to Requires: libxmlsec1-openssl1 to help with vgauth version checking. - Added patches + pam-vmtoolsd.patch (boo#1171003) - Drop unnecessary patch: - app_info_plugin.patch - diskinfo-debug-logging-1162435.patch - gcc9-static-inline.patch ==== openconnect ==== Subpackages: openconnect-lang - Add openconnect-CVE-2020-12105.patch: Use OpenSSL X509_check_host() and X509_check_ip() correctly(bsc#1170452, CVE-2020-12105). ==== permissions ==== - Remove setuid bit for newgidmap and newuidmap in paranoid profile (bsc#1171173) ==== pipewire ==== Version update (0.3.1 -> 0.3.5) Subpackages: libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Filter out libpulse.so.0 and libjack.so.0 automatic provides so this is not considered an alternative when resolving dependencies in the distribution. - Add patch to fix build in SLE/Leap where alsa doesn't have a snd_pcm_ioplug_hw_avail function: * do-not-use-snd_pcm_ioplug_hw_avail.patch - Update to version 0.3.5: * Compiler fixes * Add pw-midiplay and pw-midirecord aliases * Add pw-mididump tool * Add pw-metadata tool to inspect, add and remove metadata for objects. * Docs updates, man pages * install alsa config files * Fix linked sink/source in pulseaudio * ratelimit graph processing warnings * improve buffer handling in GStreamer elements * Fix power usage by removing the queue for the alsa sequencer system announce messages. * Fix metadata clear() method dispatch. * Improve parameter enumeration, make it possible to detect missing parameters vs no-compatible parameters so that we can use defaults in the first case and error in the second case. * Fix cleanup of proxy objects. Stability improvements on plug/unplug in session manager. * Make it possible to set log level from config file * improve debug of param negotiation errors. Log the parameters to stderr/journal. * Make it possible to configure global logger implementation. * Fix NEON detection * JACK and PulseAudio compatibility improvements - Update to version 0.3.4: * A quick update with some important stability fixes. - Update to version 0.3.3: * NEON optimizations for audio conversion (32 and 64 bits) * rework of session manager implementation * Add option to disable modules in the session manager * Release midi hardware devices when suspended * various build fixes * Clean up options of various utils * Stability improvements * Mayor improvements in pulseaudio emulation. Improved timings and compatibility. * Implementation of drain and flush in pulse and alsa emulation. * Implement poll on file descriptors. * Improvement of metadata for jack emulation. * Fix memory and thread problems in jack emulation. * Simplification of state changes. Should make more use cases work in the jack emulation. * Improvements in the gstreamer elements. Removal of extra internal queue. pipewiresink can now be used to play audio. * Add pw-jack and pw-pulse scripts to run pulseaudio and jack applications with the right library path. - Replace libpulse* replacement packages with a single pipewire-libpulse-0_3 package that includes all libraries installed in the non-standard directory %{_libdir}/pipewire-0.3/pulse and a new pw-pulse wrapper script. Likewise for the jack replacement libraries in a new pipewire-libjack-0_3 package. - Use update-alternatives for the wrapper scripts. - Use the License rpm tag to specify that although most of pipewire is licensed under MIT, the pulseaudio replacement library is licensed under LGPL-2.1+. - Use gcc9 to build in SLE-15 / Leap 15, since at least gcc8 is needed now. - Update to version 0.3.2: + build fixes + Added support for data type negotiation. This makes it possible for a client to say that it can handle DMABuf and MemFd and then let the server select a compatible format. + Handle errors when enumerating parameters better. + Add support for rate, format, channels and period_bytes to the alsa config file to restrict what alsa apps can negotiate. + Fix JACK midi output. + Optimizations in common audio format conversions using AVX2. Small optimizations to plugins. + Change the vulkan compute example to an MIT licensed shader. + Remove some hardcoded defaults in the audio and video processing and use the values from the processing context. This also fixes the vulkan example. + Correct the documentation and defaults in the daemon config file. + Fix alsa and v4l2 buffer recycle. A paused client could cause the server to leak all buffers. + Remove some warnings that should be ignored. + Fix a crash in the bluez5 plugins. + Try to select higher quality formats first when negotiating a format with an audio device. + Fix an infinite loop in udev detection in some cases. + Add non-interactive mode to pw-cli. You can now just do "pw-cli ls Port" to get a listing of all ports. pw-cli will now also connect to the default server by default and has options to select a different server. + Allow the server to go up to the maximum quantum (8192 samples or ~=180ms) if a client explicitly wants this. ==== polkit-qt5-1 ==== Version update (0.112.0 -> 0.113.0) - New upstream release 0.113.0 - Changes since 0.112.0: * Bump version for release * Don't set version numbers as INT cache entries * Move cmake_minimum_required to the top of CMakeLists.txt * Remove support for Qt4 * Remove unneded documentation * authority: add support for passing details to polkit * Fix typo in comments * Add .arcconfig * Remove unused file * polkitqtlistener.cpp - pedantic * Fix build with -DBUILD_TEST=TRUE * Allow compilation with older polkit versions * Fix compilation with Qt5.6 * Drop use of deprecated Qt functions REVIEW: 126747 * Add wrapper for polkit_system_bus_name_get_user_sync * Add .reviewboardrc * Fix QDBusArgument assertion * fix build with Qt4, which doesn't have QStringLiteral. so use QString instead. * do not use global static systembus instance - Dropped patch, now upstream: * do-not-use-global-static-systembus-instance.patch - Run spec-cleaner ==== pragha ==== Version update (1.3.3 -> 1.3.99.1) Subpackages: pragha-lang pragha-plugins - Fix build for Leap 15.2 - Fix CPPFLAGS to use current versions. - Fix the source URL. - try to fix crazy deps explosion by packaging libpragha.so in main pragha package - do not package plugins again in plugins-devel package - Update to 1.3.99.1 (1.4 RC) * Shows temporary messages or services errors such as in-app-notifications. * Replace the status bar with a floating bar that does not require so much space. * Huge refactoring of the mtp plugin. Everything runs in a second thread. * Split Pragha between the application and a library to link the plugins. * Add proxy setting to song-info plugin. * Introduce PraghaTempProvider but not used yet. * Move background tasks popover to main toolbar. * Strip accentuation and others characters when approximate search. Issue #146 * Send notification when finished ampache or koel import * Use popovers in the menus of sidebars. * Improve metadata for appstream. Issue #152 * Adjust copyright mentioning Consonance. * Convert the status bar to an floating bar. * Implement upgrade Koel and Ampache from library pane menu. * Ampache: Reports when the server is empty. * Save the list of suggestions with the original information. * Show and hide the status bar automatically. * Depends on xdt-csource instead of exo-csource to compile the menus. * Add option to ignore playback errors to continue with others songs. * Vizualizer: Not saturate particles so much but give them more dynamics. * Last.fm: Postpose update current song when a scrobble is pending. Improve issue #142 * Tune.In: Find the first audio between all results. * Rename dbus and appstream ids to better reverse-DNS domain. Issue #117 * Don't use deprecated g_type_class_add_private. * Port the status icon menu to GktBuilder/GMenu/GAction. * Port part of library pane to GtkBuilder/GMenu. * Fix a lot of deprecations messages. * Fix ghost row (null null), in the list of similar songs * Fix pulse indication in filter entry while search. * DLNA client.. Force load glr-dleyna plugin. * Various fixes to compile pragha with msys2 - Fixed dependency issue due to new gupnp version in Tumbleweed - Removed conditionals for Leap < 15 - Update to 1.3.99 (1.4 RC) * First implementation of Favorites as a playlist. * Sync favorites with Koel and Last.Fm. * New Visualizer plugin. Just thanks to Koel for the idea. * Use Alt+Return shortcut to edit the selected song. * Add progress indicator to the search entry while it works. * Remember last pane used on song info plugin. * Allows to customize the styles to the distro packagers. * Restore X11 session support. As fallback try to use dbus session manager. * Fix bad encoding on lastfm responses (gh#pragha-music-player/pragha#93) * Fix encoding on similar song panel. * Import Year from Koel if available. * Fix typo in autogen.sh. Thanks to acharjyanisankh. * Misc deprecation fixes and remove old code. - Update to 1.3.92 (1.4 beta3). * News: + Some improvements the recommendations panel. - New button to append all recommendations. - Can queue the songs with the Q key. * Bug Fixes: + Fix some memory leaks. + Fix some deprecation warnings. Issue #136. + Fix issue #139 "Similar songs" always shown. + Mitigate a lot of warnings introduced on pull request #131. + Ignore phones that are charging without mtp support. + Handle correctly when disconnect the phone cable. * Updated Translations: Arabic (new), Bulgarian, Danish, German, Catalan, Spanish, French, Indonesian, Korean, Polish, Portuguese, Portuguese (Brazil), Russian, Slovak, Chinese. - Changes in 1.3.91.1. * News: + Save lyrics and artist bio ans similar songs in user cache as files. - These are easily editable by the user. + Implement increse play count to Koel. + Various improvements to the tag editor dialog. - Add a header that highlights the main tags. - Update the header as you edit the tags. - Hides the check buttons and shows them when the tag is modified. - When you demarcate the check, restore the original tag. * Bug Fixes: + Fix plugins on last tarball due to an internal development patch. Issue #135. - Drop pragha-gtk_switch_set_state.patch: no need anymore. - Remove BuildRequires: ImageMagick, autoconf, libtool, pkgconfig(grilo-0.2) - Add BuildRequires: fdupes, rygel-devel, pkgconfig(grilo-0.3), pkgconfig(gupnp-1.0), pkgconfig(json-glib-1.0). - Improve plugins description. - Changes in 1.3.91. * News: + New Koel plugin that allow play music from this service. + Implements cache purge limited by size. 1GB by default. + Add option to "Add and Play" from library view. + Allows reordering the columns of the playlists. + New panel on info plugin that show recomendations from Lastfm. * Other Changes: + Use custom name for the panel icons. Issue #121. + Add a symbolic icon for panel. Not used by default. + Put cover arts cache to .cache/pragha/art. + Need Gtk >= 3.14. + Add "Search" hint to search entry. * Bug Fixes: + Fix Incorrect Can* properties of the MPRIS Specification. + Implement emit CanNext/Prev/Play/Pause/Seek. Issue #123. + Rename default playlist name from "Playlists" to "Tracks" on MPRIS2. + Fixes for Appstream Standard Conformance. + Add BUFFERING state to backend to allow stop on slow connections. + Fix some GtkDialog mapped without a transient parent. + Fix Build system can try to use grilo-0.2 and grilo-0.3 simultaneously. Issue #124. + Fix double unref on Ampache and Koel plugins. + Fix easy to miss dependency on exo-csource. Issue #128. + Try to improve filter response. + Silently ignore utf8 errors from last.fm reponces. Issue #93. + Try to improve open files dialog. - Changes in 1.3.90. * News: + New Ampache plugin. + Uses a new concept of 'provider' that allows show music from multiple collections independently. + New standard widget to display progress of long tasks. * Other Changes: + Allow apply a custom css. Related to Issue #64, #87. + Register session in GtkApplication now compatible with Xfce 4.14. + Implement disconect device action to mtp plugin. + Add backward compatibility to grilo. + Use a .ui file to define menu button. + Remove custom invisible char of lastfm password. + Dist pragha.ico/.rc needed to msys build. + Fixes some border, spacing and margins. * Bug Fixes: + Use same accel to show second sidebar that gnome-builder. Issue #73. + Fix Menu icon blured preferring non symbolic icons. Issue [#85]. + Fixing duration formatting. Issue #103. + Fix dnd over an empty place in the playlist. Issue #104. + Align to center the toolbar icons instead vertical fill. Issue #108. + Don't use keybinder plugin on wayland. Issue #118. + Fix a few of Gtk deprecations. + Misc fixes to Gtk 3.20 and GCC 6.0. + Valgrind: Fix a lot of memory leaks. + Fixed typo analized -> analyzed. + Fix spelling and grammar on README. + Consider all rows as fixed size. It is supposed to improve speed. * New Translations: Danish, Indonesian, Slovak. + A lot of updated translations. ==== projectM ==== - Re-enable pulseaudio_qt on aarch64 and %arm - Fix build on aarch64 and %arm: * Enable GLES flavor * Disable Qt * Enable SDL - Other architectures are unchanged ==== python ==== - Add CVE-2019-18348-CRLF_injection_via_host_part.patch to disallow control characters in hostnames in httplib, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. (bsc#1155094) ==== python-Babel ==== Version update (2.5.1 -> 2.8.0) - update to 2.8.0 * CLDR: Upgrade to CLDR 36.0 * Messages: Don't even open files with the "ignore" extraction method * Numbers: Fix formatting very small decimals when quantization is disabled * Messages: Attempt to sort all messages - version update to 2.7.0 Possibly incompatible changes * General: Internal uses of ``babel.util.odict`` have been replaced with ``collections.OrderedDict`` from The Python standard library. Improvements * CLDR: Upgrade to CLDR 35.1 - Alberto Mardegan, Aarni Koskela (#626, #643) * General: allow anchoring path patterns to the start of a string - Brian Cappello (#600) * General: Bumped version requirement on pytz - @chrisbrake (#592) * Messages: `pybabel compile`: exit with code 1 if errors were encountered - Aarni Koskela (#647) * Messages: Add omit-header to update_catalog - Cédric Krier (#633) * Messages: Catalog update: keep user comments from destination by default - Aarni Koskela (#648) * Messages: Skip empty message when writing mo file - Cédric Krier (#564) * Messages: Small fixes to avoid crashes on badly formatted .po files - Bryn Truscott (#597) * Numbers: `parse_decimal()` `strict` argument and `suggestions` - Charly C (#590) * Numbers: don't repeat suggestions in parse_decimal strict - Serban Constantin (#599) * Numbers: implement currency formatting with long display names - Luke Plant (#585) * Numbers: parse_decimal(): assume spaces are equivalent to non-breaking spaces when not in strict mode - Aarni Koskela (#649) * Performance: Cache locale_identifiers() - Aarni Koskela (#644) Bugfixes * CLDR: Skip alt=... for week data (minDays, firstDay, weekendStart, weekendEnd) - Aarni Koskela (#634) * Dates: Fix wrong weeknumber for 31.12.2018 - BT-sschmid (#621) * Locale: Avoid KeyError trying to get data on WindowsXP - mondeja (#604) * Locale: get_display_name(): Don't attempt to concatenate variant information to None - Aarni Koskela (#645) * Messages: pofile: Add comparison operators to _NormalizedString - Aarni Koskela (#646) * Messages: pofile: don't crash when message.locations can't be sorted - Aarni Koskela (#646) - Remove superfluous devel dependency for noarch package - update to version 2.6.0: * Possibly incompatible changes + Numbers: Refactor decimal handling code and allow bypass of decimal quantization. (@kdeldycke) (PR #538) + Messages: allow processing files that are in locales unknown to Babel (@akx) (PR #557) + General: Drop support for EOL Python 2.6 and 3.3 (@hugovk) (PR [#546]) * Other changes + CLDR: Use CLDR 33 (@akx) (PR #581) + Lists: Add support for various list styles other than the default (@akx) (#552) + Messages: Add new PoFileError exception (@Bedrock02) (PR #532) + Times: Simplify Linux distro specific explicit timezone setting search (@scop) (PR #528) * Bugfixes + CLDR: avoid importing alt=narrow currency symbols (@akx) (PR [#558]) + CLDR: ignore non-Latin numbering systems (@akx) (PR #579) + Docs: Fix improper example for date formatting (@PTrottier) (PR [#574]) + Tooling: Fix some deprecation warnings (@akx) (PR #580) * Tooling & docs + Add explicit signatures to some date autofunctions (@xmo-odoo) (PR #554) + Include license file in the generated wheel package (@jdufresne) (PR #539) + Python 3.6 invalid escape sequence deprecation fixes (@scop) (PR [#528]) + Test and document all supported Python versions (@jdufresne) (PR [#540]) + Update copyright header years and authors file (@akx) (PR #559) - update to version 2.5.3: * This is a maintenance release that reverts undesired API-breaking changes that slipped into 2.5.2 (see https://github.com/python-babel/babel/issues/550). It is based on v2.5.1 (f29eccd) with commits 7cedb84, 29da2d2 and edfb518 cherry-picked on top. - changes from version 2.5.2: * Bugfixes + Revert the unnecessary PyInstaller fixes from 2.5.0 and 2.5.1 (#533) (@yagebu) - Export TZ and LC_ALL before running the tests. Without this python-Babel is not able to see the TZ variable, and produce a `local` LOCALTZ ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Add CVE-2019-18348-CRLF_injection_via_host_part.patch to disallow control characters in hostnames in httplib, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. (bsc#1155094) ==== python-cairocffi ==== Version update (1.1.0 -> 0.8.0) - Add xcffib support - Spec file cleaned - Fix download URL. - Update to version 0.8.0 * Follow semver * Avoid implicit relative import * Use utf-8 instead of utf8 in headers * Keep cairo library loaded until all relevant objects are freed * Add cairo_quartz_* functions for MacOS * Use the default ReadTheDocs theme * Fix implicit casts - update for multipython build - update to version 0.7.2: * Use ctypes.util.find_library with dlopen. * Fix loading of gdk_pixbuf library on Ubuntu - update to version 0.7.1: * Add a possible work-around for #64. - Depend on cairo instead of cairo-tools - update to version 0.6: * #39 Add :class:xcb.XCBSurface. * #42 Add :class:Win32PrintingSurface. - add Group field to subpackage python-cairocffi-pixbuf - Require gdk-pixbuf instead of typelib(GdkPixbuf) - Split out optional gdk-pixbuf module. This avoids a lot of gtk dependencies for the main package, and is the recommended approach by upstream. - Initial version ==== python-libxml2-python ==== - Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch - Security fix: [bsc#1161517, CVE-2020-7595] * xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation - Add libxml2-CVE-2020-7595.patch - Security fix: [bsc#1159928, CVE-2019-19956] * Memory leak related to newDoc->oldNs in xmlParseBalancedChunkMemoryRecover:parser.c - Add libxml2-CVE-2019-19956.patch ==== python-matplotlib ==== Version update (2.0.2 -> 2.2.5) - Remove Qt4 backend as we don't want to ship Qt4 anymore - Update version to 2.2.5: * Latest 2.x series that supports python2 (we have 3x on TW) - Make it agnostic between SLE and openSUSE jsc#SLE-11752 * Same change done to 3.x series in TW - Update to version 2.2.3 * Fix import failure on BSD systems * Fix import errors in Qt shims for PyQt5 5.11 and PyQt4 4.12 * Fix import errors if bz2 module is not in standard library * Fix overflow in _path.h * Fix infinite recursion in transform repr * Fix bug with XKCD style * Remove unsafe usage of Popen - don't use any lua expressions for suse_version < 1500 - Only recommend python-matplotlib-tk if tk is already flagged for installation. On most systems there is no reason to have tk available (those UIs are out of date and not well perceived anyway). - Add missing Requires for python-backports.functools_lru_cache (boo#1074491) - Fix building on SLE which doesn't have qhull. - update to version 2.2.2: * v2.2.1 did not actually restore matplotlib.verbose. - changes from version 2.2.1: * This release fixes a number of critical bugs: + restores matplotlib.verbose (fixing embedding in pycharm) + preserve precision when color mapping small portions of data with extreme outliers + fixes saving long movies with ffmpeg + fixes UnbourdLocal error in contour labeling + fixes import failure on python 3.4.0 and 3.4.1 + fixes compile time failures with clang on 32bit platforms + fixes an icon in the Tk backends + fixes several issues with Tables + fixes expanding offset boxes with tight_layout + revert changes to the font caching to avoid a possible bug in backports.lru_cache + numerous docstring and documentation fixes * We have reverted the deprecation of `font_manager.TempCache`. - specfile: * require kiwisolver * update required version for dateutil - update to version 2.2.0: * The first release of the v2.2 LTS series and the last version of Matplotlib to support python2. There will be bug-fix release for this series until 2020. * This release includes new features including: + An experimental constrained layout manager + Color blind friendly color map (cividis) and color cycle (tableau-colorblind10) + native support for numpy.datetime64 types + animated gif writing via pillow + TkAgg now works with pypy + cairo based backends for Qt, Tk, and WX * There are several API changes in this release: + To support the constrained layout Matplotlib has a new required dependency (kiwisolver). + The `matplotlib.finance` module has been removed, development has moved to a stand-alone project. - Update versions of required packages. - specfile: * update copyright year - update to version 2.1.2: * This release fixes a number of critical bugs: + fix a typo in mlab.cohere which yielded incorrect results + allow nonposx / nonposy to pass through loglog + fix color comparisons when finding handles with legend + fixes a recursive draw bug and a major performance regression in Qt5Agg backend + fix a re-draw bug in WxAgg + fix image scaling with high-bit depth integers + revert the busy-cursor - dependency changed to python-six >= 1.10 (see "site-packages/matplotlib/__init__.py", line 187) - update to version 2.1.1: * The first and only planned bug-fix release for the 2.1 series. * This release include many bug and documentation fixes. Highlights are: + change default logscale behavior to clip + fixed webagg import errors + tweaks to polar ticks + fixed exception when guessing afm family names + update manifest to include all doc files + improve masked array handling in pcolormesh + fix segfault from reading invalid png + fix blocking_input + fix bug resulting in huge multi-page pdf files + make `show` in nbagg take args as other backends do + several fixes to OSX backend + restore positional arg handling on Figure.legend + fix bugs in interactive navigation + fix issues when panning with invalid limits + fix bug with fully masked arrays passed to imshow - Update to version 2.1.0 + New features * String categorical values * Interactive JS widgets for animation * Enhancements to polar plot * Figure class now has subplots method * Metadata savefig keyword argument * Busy Cursor * PolygonSelector * Added matplotlib.ticker.PercentFormatter * Reproducible PS, PDF and SVG output * Orthographic projection for mplot3d * voxels function for mplot3d + Improvements * Add capstyle and joinstyle attributes to Collection * CheckButtons widget get_status function * Add fill_bar argument to AnchoredSizeBar * Annotation can use a default arrow style * Barbs and Quiver Support Dates * Hexbin default line color * Figure.legend() can be called without arguments * Multiple legend keys for legend entries * New parameter clear for :func:`~matplotlib.pyplot.figure` * Specify minimum value to format as scalar for LogFormatterMathtext * New quiverkey angle keyword argument * Colormap reversed method * Artist.setp (and pyplot.setp) accept a file argument * streamplot streamline generation more configurable * Axis.set_tick_params now responds to rotation * Shading in 3D bar plots * New which Parameter for autofmt_xdate * New Figure Parameter for subplot2grid * Interpolation in fill_betweenx * New keyword argument sep for EngFormatter * Extend MATPLOTLIBRC behavior * density kwarg to hist + Internals * New TransformedPatchPath caching object * Abstract base class for movie writers * Stricter validation of line style rcParams + Performance * Path simplification updates * Implement intersects_bbox in c++\ - Remove upstream-included patches: * 0001-Fix-include-path-for-system-libqhull.patch * 0001-Allow-divmod-to-be-overridden-by-num.patch * 166a14473272_Fix-contour-colour-level-determination.patch * 97e170d2fc2c_Pass-integers-to-np_linspace.patch ==== python-qrcode ==== - %python3_only -> %python_alternative ==== recode ==== Version update (3.7.1 -> 3.7.6) - reflect version of shared library in package name: librecode3 - Update to version 3.7.6: * Improvements to the build system. - Changes from version 3.7.5: * Port tests to Python 3. - Changes from version 3.7.4: * Fixes to file handling in enchant program. * Fix tests on Windows. - Changes from version 3.7.3: * No code changes to recode itself; this release features a properly versioned shared library. - Changes from version 3.7.2: * No code changes to recode itself; this release includes updates to license headers to guide users to the GPL online, corrects the version of COPYING-LIB shipped with the sources, and updates the message files for various languages. - Replace python and python-Cython for their py3 variants following upstreams port. ==== tcsh ==== Subpackages: tcsh-lang - Better support of Midnight Commander (bsc#1170527) * Do avoid locked mc/tcsh pair each waiting on the other ==== thunar ==== Version update (1.8.14 -> 1.8.15) Subpackages: libthunarx-3-0 thunar-lang - Update to version 1.8.15 * Only open devices after successful mount attempt (bxo#16831) * Fix shortcut support for addressbar (bxo#4537 and bxo#13680) * Fix crash in bulk renamer on repeated rename (bxo#16824) * Add checks for thumbnailer 0 handles (bxo#14122) * Replace 'thunar_return_if_fail (THUNAR_IS_DEVICE (device))' with standard 'if (..)' to prevent possible crashes. (bxo#13404) * Fix check if folder is fully loaded when expanding path in tree view. * Prevents 100% CPU load and loosing sync with main view in some cases. (bxo#15762) * Fixes 100%CPU on tree-view in some rare cases (bxo#16024) * Delete native files faster (bxo#16641) * Support libxfce4ui XfceTitledDialog new API (bxo#16616) * Translation Updates ==== xfce4-notifyd ==== Version update (0.4.4 -> 0.6.1) Subpackages: xfce4-notifyd-lang - Update to 0.6.1 * Fix hover effect without compositing (bxo#16586) * Move from exo-csource to xdt-csource (bxo#16717) * Translation Updates - Update to 0.6.0 * Simplify drawing the notification bubble * Switch to new fallback style class "keycap" * Ensure normal font size with Adwaita and keycap class * Fix logging simultaneous notifications (bxo#15167) * Disable rounded corners w/o compositing (bxo#16586) * panel-plugin: Fix configure dialog * panel-plugin: Use new XfceTitledDialog api * panel-plugin: Toggle 'Do not disturb' with middle mouse click (bxo#16132) * Allow compilation with panel 4.15 * panel-plugin: Remove deprecated calls * Replace GtkStock buttons * Translation Updates ==== xfce4-power-manager ==== Version update (1.6.5 -> 1.6.6) Subpackages: xfce4-power-manager-lang xfce4-power-manager-plugin - Update to version 1.6.6 * Dismiss critical notification when connecting to AC * Fix inhibiting xfce4-screensaver (bxo#16364) * settings: Move % sign out of spinbutton (bxo#15994) * panel-plugin: Toggle presentation mode on middle click * panel-plugin: Properly show 'About' menu item * panel-plugin: Add missing about callback * panel-plugin: Properly hook up about signal * panel-plugin: Replace deprecated call * Switch to symbolic window-close icons ==== xfce4-taskmanager ==== Version update (1.2.2 -> 1.2.3) Subpackages: xfce4-taskmanager-lang - Update to version 1.2.3 * Improve settings saving (bxo#15213) * Fix closing taskman with Esc (bxo#16656) * Move legend from tooltip to hide-able statusbar (bxo#14131) * Update copyright * Translation Updates ==== yast2-bootloader ==== Version update (4.2.23 -> 4.2.24) - s390 secure boot: enhance disk type detection to cover multipath (bsc#1171821) - 4.2.24 ==== yast2-iscsi-client ==== Version update (4.2.5 -> 4.2.6) - Help text to clarify the behavior of the Startup widget when iBFT is detected (bsc#1170317). - 4.2.6