Packages changed: cronie dracut ffmpeg2 firebird (3.0.0.32483 -> 3.0.1.32609) installation-images-openSUSE (14.270 -> 14.272) libesmtp ntp openconnect (7.06 -> 7.07) openslp patterns-openSUSE perl-Scalar-List-Utils (1.45 -> 1.46) poppler (0.47.0 -> 0.48.0) poppler-qt (0.47.0 -> 0.48.0) poppler-qt5 (0.47.0 -> 0.48.0) postfix (3.1.2 -> 3.1.3) python-setuptools (26.1.1 -> 28.3.0) sensors sysconfig sysvinit tiff unzip upower wicked wpa_supplicant (2.5 -> 2.6) xterm (324 -> 326) yast2-auth-client (3.3.12 -> 3.3.13) === Details === ==== cronie ==== Subpackages: cron - remove the omc xml config that is useless nowdays ==== dracut ==== - 95resume: Do not resume on iSCSI devices (bsc#999663) * add 0310-95resume-Do-not-resume-on-iSCSI.patch - 95iscsi: ip=ibft is deprecated (bsc#1004437) * add 0311-95iscsi-ip-ibft-is-deprecated.patch - 40network: do not print warning about non-existing file (bsc#1004437) * add 0312-40network-Do-not-print-message-about-tmp-net.ibft0.c.patch - 90dmraid: do not delete partitions (bsc#998860) * add 0309-90dmraid-do-not-delete-partitions.patch - Give-persistent_policy-precedence-over-dev-mapper-names (bsc#908143) * add: 0502-persistent_device_policy_param_enhance.patch - mdadm IMSM_NO_PLATFORM workaround for kdump (bsc#975404) * add: 0308-mdraid_add_IMSM_NO_PLATFORM_env.patch - 90multipath: parse commandline option 'multipath=off' (bsc#1001691) * add 0307-90multipath-parse-kernel-commandline-option-multipat.patch - 95fcoe: do not start fcoemon twice (bsc#1001512) * add 0225-95fcoe-do-not-start-fcoemon-twice.patch - Reformat patch headers: * modify 0199-rd-iscsi-waitnet-default-false.patch * modify 0200-dracut_fix_multipath_without_config.patch * modify 0210-add_fcoe_uefi_check.patch * modify 0212-fcoe_reorder_init_path.patch - Rediff patches to apply cleanly: * modify 0124-40network-Update-iBFT-scanning-code-to-handle-IPv6.patch * modify 0133-Allow-multiple-configurations-per-network-interface-.patch * modify 0170-iscsi-skip-ibft-invalid-dhcp.patch * modify 0218-40network-allow-persistent-interface-names.patch - Remove spurious whitespaces: * modify 0169-network_set_mtu_macaddr_for_dhcp.patch - 40network: print out correct prefix (bsc#996141) * modify 0125-40network-separate-mask-and-prefix.patch - 95iscsi: setup bnx2i offload connection correctly (bsc#997598) * add 0224-95iscsi-setup-bnx2i-offload-connections-properly.patch - Rename patches to match sequence number: * old: 0019-40network-Fix-race-condition-when-wait-for-networks.patch * new: 0012-40network-Fix-race-condition-when-wait-for-networks.patch * old: 0066-40network-always-start-netroot-in-ifup.sh.patch * new: 0013-40network-always-start-netroot-in-ifup.sh.patch - rd.iscsi.waitnet should default to false in order for dracut to wait for the network devices (bsc#997598) * add 0199-rd-iscsi-waitnet-default-false.patch - 95multipath: Replace 'grep' with 'sed' for shutdown scripts (bsc#999220) * modify 0306-90multipath-add-shutdown-script.patch ==== ffmpeg2 ==== Subpackages: libavcodec56 libavformat56 libavutil54 libswresample1 libswscale3 - Add 0001-avcodec-ansi-Check-dimensions.patch, 0001-avcodec-cavsdsp-use-av_clip_uint8-for-idct.patch 0001-avformat-avidec-Check-nb_streams-in-read_gab2_sub.patch 0001-avformat-avidec-Remove-ancient-assert.patch [boo#1003806] - Have libavcodec56 additionally provide libavcodec56(unrestricted) when building unrestricted: allow third party packages to require the unrestricted codec. The existing -full provides is not suitable as it can be provided by multiple libavcodec* packages, whereas we require a specific ABI version. ==== firebird ==== Version update (3.0.0.32483 -> 3.0.1.32609) Subpackages: libfbclient2 libib_util - update to upstream version 3.0.1 * an assertion could occur in createDatabase() when doing the overwrite check (CORE-5339) * a database could suffer partial corruption in the "use all space" (no-reserve) mode (CORE-5329) * trying to encrypt a database in the absence of the the appropriate key could corrupt it (CORE-5292) * a database could get decrypted after changing a couple of bytes in the database header without 'agreement' from the crypt plug-in (CORE-5213) * access violation from certain UDFs would cause the server to crash (CORE-5234) * a segfault could occur when op_que_events was used on a port that was not prepared for events processing (CORE-5335) * a segfault could occur if an attachment was closed while requests were still open * for the full list of bugs fixed, se the release notes at http://www.firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-bug.html#bug-301 * the statement CREATE OR ALTER USER SYSDBA PASSWORD can now be used to initialize an empty securityN.fdb security database (improvement CORE-5266) * nesting of keys in a plug-in configuration was enabled (improvement CORE-5257) * line and column numbers (location context) are now provided for runtime errors raised inside EXECUTE BLOCK (improvement CORE-5216) * gbak now returns a non-zero result code when restore fails on creating and activating a deferred user index (CORE-5201) * implicit conversion between Boolean and string is now done automatically when a string for 'true' or 'false' is used as a value in an expression (CORE-5167) - drop patches merged present in new upstream release: allow-creating-buildRoot-as-non-root-user.patch Allow-to-enforce-IPv4-or-IPv6-in-URL-like-connection.patch Fix-locking-on-big-endian-architectures.patch - update to current code: work-around-g-problem-in-SLE11.patch ==== installation-images-openSUSE ==== Version update (14.270 -> 14.272) - add xf86-input-libinput to inst-sys (bsc#999098) - 14.272 - gather ibft devices from wicked (bsc#997598) - 14.271 ==== libesmtp ==== - Add libesmtp-tlsv12.patch: All TLS clients must support and use the highest TLS version available if possible not only TLS 1.0. Patch sent to upstream long time ago, no response. website has also vanished from the internet. - Pass --disable-isoc to configure, pick the compiler's default C standard mode (currently gnu11). ==== ntp ==== Subpackages: ntp-doc - Depend on pps-tools-devel only for openSUSE > 13.2 ==== openconnect ==== Version update (7.06 -> 7.07) Subpackages: openconnect-devel - Upgraded to 7.07, included fix for Juniper vpn - Update to version 7.0.7 * More fixes for OpenSSL 1.1 build. * Support Juniper "Post Sign-in Message". * Add --protocol option. * Fix ChaCha20-Poly1305 cipher suite to reflect final standard. * Add ability to disable IPv6 support via library API. * Set groups appropriately when using setuid(). * Automatic DTLS MTU detection. * Support SSL client certificate authentication with Juniper servers. * Revamp SSL certificate validation for OpenSSL and stop supporting OpenSSL older than 0.9.8. * Fix handling of multiple DNS search domains with Network Connect. * Fix handling of large configuration packets for Network Connect. * Enable SNI when built with OpenSSL (1.0.1g or later). * Add --resolve and --local-hostname options to command line. - juniper-fix-for-upstream-sources.patch included to fix upgraded Juniper servers * Submitted to upstream, not yet included in release ==== openslp ==== Subpackages: openslp-devel openslp-server - Fix bounds check in SLPFoldWhiteSpace [bnc#1001600] [CVE-2016-7567] new patch: openslp.foldws.diff ==== patterns-openSUSE ==== Subpackages: patterns-openSUSE-apparmor patterns-openSUSE-apparmor_opt patterns-openSUSE-base patterns-openSUSE-books patterns-openSUSE-console patterns-openSUSE-devel_C_C++ patterns-openSUSE-devel_basis patterns-openSUSE-devel_gnome patterns-openSUSE-devel_ide patterns-openSUSE-devel_java patterns-openSUSE-devel_kde patterns-openSUSE-devel_kde_frameworks patterns-openSUSE-devel_kernel patterns-openSUSE-devel_osc_build patterns-openSUSE-devel_perl patterns-openSUSE-devel_python patterns-openSUSE-devel_qt4 patterns-openSUSE-devel_qt5 patterns-openSUSE-devel_rpm_build patterns-openSUSE-devel_ruby patterns-openSUSE-devel_web patterns-openSUSE-dhcp_dns_server patterns-openSUSE-directory_server patterns-openSUSE-enhanced_base patterns-openSUSE-enhanced_base_opt patterns-openSUSE-file_server patterns-openSUSE-fonts patterns-openSUSE-fonts_opt patterns-openSUSE-games patterns-openSUSE-gateway_server patterns-openSUSE-generic_server patterns-openSUSE-gnome patterns-openSUSE-gnome_admin patterns-openSUSE-gnome_basis patterns-openSUSE-gnome_basis_opt patterns-openSUSE-gnome_games patterns-openSUSE-gnome_ide patterns-openSUSE-gnome_imaging patterns-openSUSE-gnome_imaging_opt patterns-openSUSE-gnome_internet patterns-openSUSE-gnome_laptop patterns-openSUSE-gnome_multimedia patterns-openSUSE-gnome_multimedia_opt patterns-openSUSE-gnome_office patterns-openSUSE-gnome_office_opt patterns-openSUSE-gnome_utilities patterns-openSUSE-gnome_yast patterns-openSUSE-imaging patterns-openSUSE-imaging_opt patterns-openSUSE-kde patterns-openSUSE-kde_edutainment patterns-openSUSE-kde_games patterns-openSUSE-kde_ide patterns-openSUSE-kde_imaging patterns-openSUSE-kde_internet patterns-openSUSE-kde_multimedia patterns-openSUSE-kde_office patterns-openSUSE-kde_plasma patterns-openSUSE-kde_telepathy patterns-openSUSE-kde_utilities patterns-openSUSE-kde_utilities_opt patterns-openSUSE-kde_yast patterns-openSUSE-kvm_server patterns-openSUSE-lamp_server patterns-openSUSE-laptop patterns-openSUSE-lxde patterns-openSUSE-lxde_laptop patterns-openSUSE-lxde_office patterns-openSUSE-mail_server patterns-openSUSE-minimal_base patterns-openSUSE-minimal_base-conflicts patterns-openSUSE-misc_server patterns-openSUSE-multimedia patterns-openSUSE-multimedia_opt patterns-openSUSE-network_admin patterns-openSUSE-non_oss patterns-openSUSE-non_oss_opt patterns-openSUSE-office patterns-openSUSE-office_opt patterns-openSUSE-print_server patterns-openSUSE-remote_desktop patterns-openSUSE-rest_dvd patterns-openSUSE-sw_management patterns-openSUSE-sw_management_gnome patterns-openSUSE-sw_management_kde patterns-openSUSE-tabletpc patterns-openSUSE-technical_writing patterns-openSUSE-x11 patterns-openSUSE-x11_opt patterns-openSUSE-x11_yast patterns-openSUSE-xen_server patterns-openSUSE-xfce patterns-openSUSE-xfce_basis patterns-openSUSE-xfce_laptop patterns-openSUSE-xfce_office patterns-openSUSE-yast2_basis patterns-openSUSE-yast2_install_wf - Update LXQt pattern: * New core packages: lxqt-l10n, lxqt-sudo * Non core packages who still belong to LXQt upstream organization: obconf-qt, pavucontrol-qt * Replace gwenview by lximage-qt. ==== perl-Scalar-List-Utils ==== Version update (1.45 -> 1.46) - updated to 1.46 see /usr/share/doc/packages/perl-Scalar-List-Utils/Changes 1.46 -- 2016/09/28 23:17:07 [CHANGES] * Remember to add unpairs and uniq to SYNOPSIS * Document the behaviour of uniqnum() on NaN [BUGFIXES] * C89 fixes * Various internal bugfixes backported from perl core ==== poppler ==== Version update (0.47.0 -> 0.48.0) Subpackages: libpoppler-cpp0 libpoppler-devel libpoppler-glib8 poppler-tools - Update to version 0.48.0: + core: - Fix crashes and memory leaks in invalid files. - Small memory usage improvements. - TextOutputDev: Remove null characters from PDF text (fdo#97144). - TextOutputDev: Break words on all whitespace characters (fdo#97399). - Fix UTF16 decoding of document outline title (fdo#97156). - Add functions for named destination name in name-tree/dict. + glib: Increase glib requirement to 2.41. - Bump soversion following upstream changes. ==== poppler-qt ==== Version update (0.47.0 -> 0.48.0) - Update to version 0.48.0: + core: - Fix crashes and memory leaks in invalid files. - Small memory usage improvements. - TextOutputDev: Remove null characters from PDF text (fdo#97144). - TextOutputDev: Break words on all whitespace characters (fdo#97399). - Fix UTF16 decoding of document outline title (fdo#97156). - Add functions for named destination name in name-tree/dict. + glib: Increase glib requirement to 2.41. - Bump soversion following upstream changes. ==== poppler-qt5 ==== Version update (0.47.0 -> 0.48.0) Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel - Update to version 0.48.0: + core: - Fix crashes and memory leaks in invalid files. - Small memory usage improvements. - TextOutputDev: Remove null characters from PDF text (fdo#97144). - TextOutputDev: Break words on all whitespace characters (fdo#97399). - Fix UTF16 decoding of document outline title (fdo#97156). - Add functions for named destination name in name-tree/dict. + glib: Increase glib requirement to 2.41. - Bump soversion following upstream changes. ==== postfix ==== Version update (3.1.2 -> 3.1.3) Subpackages: postfix-doc - update to 3.1.3: * The Postfix SMTP server did not reset a previous session's failed/total command counts before rejecting a client that exceeds request or concurrency rates. This resulted in incorrect failed/total command counts being logged at the end of the rejected session. * The unionmap multi-table interface did not propagate table lookup errors, resulting in false "user unknown" responses. * The documentation was updated with a workaround for false "not found" errors with MySQL map queries that contain UTF8-encoded text. The workaround is to specify "option_group = client" in Postfix MySQL configuration files. This will be the default setting with Postfix 3.2 and later. ==== python-setuptools ==== Version update (26.1.1 -> 28.3.0) - update to 28.3.0: * #809: In ``find_packages()``, restore support for excluding a parent package without excluding a child package. * #805: Disable ``-nspkg.pth`` behavior on Python 3.3+ where PEP-420 functionality is adequate. Fixes pip #1924. * #803: Bump certifi to 2016.9.26. * #733: Do not search excluded directories for packages. This introduced a backwards incompatible change in ``find_packages()`` so that ``find_packages(exclude=['foo']) == []``, excluding subpackages of ``foo``. Previously, ``find_packages(exclude=['foo']) == ['foo.bar']``, even though the parent ``foo`` package was excluded. * #795: Bump certifi. * #719: Suppress decoding errors and instead log a warning when metadata cannot be decoded. * #790: In MSVC monkeypatching, explicitly patch each function by name in the target module instead of inferring the module from the function's ``__module__``. Improves compatibility with other packages that might have previously patched distutils functions (i.e. NumPy). * #794: In test command, add installed eggs to PYTHONPATH when invoking tests so that subprocesses will also have the dependencies available. Fixes `tox 330 `_. * #795: Update vendored pyparsing 2.1.9. * #520 and #513: Suppress ValueErrors in fixup_namespace_packages when lookup fails. * Nicer, more consistent interfaces for msvc monkeypatching. * #779 via #781: Fix circular import. * #778: Fix MSVC monkeypatching. * Introduce the (private) ``monkey`` module to encapsulate the distutils monkeypatching behavior. * Now use Warehouse by default for ``upload``, patching ``distutils.config.PyPIRCCommand`` to affect default behavior. Any config in .pypirc should be updated to replace https://pypi.python.org/pypi/ with https://upload.pypi.org/legacy/ Similarly, any passwords stored in the keyring should be updated to use this new value for "system". The ``upload_docs`` command will continue to use the python.org site, but the command is now deprecated. Users are urged to use Read The Docs instead. * #776: Use EXT_SUFFIX for py_limited_api renaming. * #774 and #775: Use LegacyVersion from packaging when detecting numpy versions. * Re-release of 26.1.0 with pytest pinned to allow for automated deployment and thus proper packaging environment variables, fixing issues with missing executable launchers. ==== sensors ==== Subpackages: libsensors4 libsensors4-32bit libsensors4-devel - lm_sensors-3.4.0-sensors-detect-ppc64le.patch: Fix sensors-detect CPU detection support on ppc architectures. ==== sysconfig ==== Subpackages: sysconfig-netconfig - Remove requires for not needed insserv (bsc#999850) ==== sysvinit ==== - Avoid spurious waring on a not existin session of a not existing process (boo#1002492) ==== tiff ==== Subpackages: libtiff-devel libtiff5 libtiff5-32bit - Added patches: * tiff-4.0.6-tools-tiffcrop.c-fix-various-out-of-bounds-write-vul.patch - Upstream fixes for MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098. * tiff-4.0.6-libtiff-tif_getimage.c-TIFFRGBAImageOK-Reject-attemp.patch - Enforce bits-per-sample requirements of floating point predictor. Fixes CVE-2016-3622 [bsc#974449] ==== unzip ==== Subpackages: unzip-doc - When decrypting an encrypted file, quit early if compressed size < HEAD_LEN. When extracting avoid an infinite loop if a file never finishes unzipping. (bsc#950110, bsc#950111, CVE-2015-7696, CVE-2015-7697, CVE-2015-7696.patch, CVE-2015-7697.patch) ==== upower ==== Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 - Add upower-hibernate-insteadof-hybridsleep.patch: + Set the system per default to hibernate, not hybridsleep. If the battery is going to be empty soon, there is no reason any longer to attempt to HybridSleep, which quite some hardware seems to get wrong. Simply hibernate, get the data on the disk and switch off (boo#985741). ==== wicked ==== Subpackages: libwicked-0-6 wicked-service - dhcp: fixed to properly append dhcp option data. Bug introduced by changes applied in version 0.6.37 (bsc#988954). [+ 0001-dhcp-fixed-to-properly-append-dhcp-option-data.patch] ==== wpa_supplicant ==== Version update (2.5 -> 2.6) Subpackages: wpa_supplicant-gui - updated to 2.6 / 2016-10-02 * fixed WNM Sleep Mode processing when PMF is not enabled [http://w1.fi/security/2015-6/] (CVE-2015-5310 bsc#952254) * fixed EAP-pwd last fragment validation [http://w1.fi/security/2015-7/] (CVE-2015-5315 bsc#953115) * fixed EAP-pwd unexpected Confirm message processing [http://w1.fi/security/2015-8/] (CVE-2015-5316 bsc#953115) * fixed WPS configuration update vulnerability with malformed passphrase [http://w1.fi/security/2016-1/] (CVE-2016-4476 bsc#978172) * fixed configuration update vulnerability with malformed parameters set over the local control interface [http://w1.fi/security/2016-1/] (CVE-2016-4477 bsc#978175) * fixed TK configuration to the driver in EAPOL-Key 3/4 retry case * extended channel switch support for P2P GO * started to throttle control interface event message bursts to avoid issues with monitor sockets running out of buffer space * mesh mode fixes/improvements - generate proper AID for peer - enable WMM by default - add VHT support - fix PMKID derivation - improve robustness on various exchanges - fix peer link counting in reconnect case - improve mesh joining behavior - allow DTIM period to be configured - allow HT to be disabled (disable_ht=1) - add MESH_PEER_ADD and MESH_PEER_REMOVE commands - add support for PMKSA caching - add minimal support for SAE group negotiation - allow pairwise/group cipher to be configured in the network profile - use ieee80211w profile parameter to enable/disable PMF and derive a separate TX IGTK if PMF is enabled instead of using MGTK incorrectly - fix AEK and MTK derivation - remove GTKdata and IGTKdata from Mesh Peering Confirm/Close - note: these changes are not fully backwards compatible for secure (RSN) mesh network * fixed PMKID derivation with SAE * added support for requesting and fetching arbitrary ANQP-elements without internal support in wpa_supplicant for the specific element (anqp[265]= in "BSS " command output) * P2P - filter control characters in group client device names to be consistent with other P2P peer cases - support VHT 80+80 MHz and 160 MHz - indicate group completion in P2P Client role after data association instead of already after the WPS provisioning step - improve group-join operation to use SSID, if known, to filter BSS entries - added optional ssid= argument to P2P_CONNECT for join case - added P2P_GROUP_MEMBER command to fetch client interface address * P2PS - fix follow-on PD Response behavior - fix PD Response generation for unknown peer - fix persistent group reporting - add channel policy to PD Request - add group SSID to the P2PS-PROV-DONE event - allow "P2P_CONNECT p2ps" to be used without specifying the default PIN * BoringSSL - support for OCSP stapling - support building of h20-osu-client * D-Bus - add ExpectDisconnect() - add global config parameters as properties - add SaveConfig() - add VendorElemAdd(), VendorElemGet(), VendorElemRem() * fixed Suite B 192-bit AKM to use proper PMK length (note: this makes old releases incompatible with the fixed behavior) * improved PMF behavior for cases where the AP and STA has different configuration by not trying to connect in some corner cases where the connection cannot succeed * added option to reopen debug log (e.g., to rotate the file) upon receipt of SIGHUP signal * EAP-pwd: added support for Brainpool Elliptic Curves (with OpenSSL 1.0.2 and newer) * fixed EAPOL reauthentication after FT protocol run * fixed FTIE generation for 4-way handshake after FT protocol run * extended INTERFACE_ADD command to allow certain type (sta/ap) interface to be created * fixed and improved various FST operations * added 80+80 MHz and 160 MHz VHT support for IBSS/mesh * fixed SIGNAL_POLL in IBSS and mesh cases * added an option to abort an ongoing scan (used to speed up connection and can also be done with the new ABORT_SCAN command) * TLS client - do not verify CA certificates when ca_cert is not specified - support validating server certificate hash - support SHA384 and SHA512 hashes - add signature_algorithms extension into ClientHello - support TLS v1.2 signature algorithm with SHA384 and SHA512 - support server certificate probing - allow specific TLS versions to be disabled with phase2 parameter - support extKeyUsage - support PKCS #5 v2.0 PBES2 - support PKCS #5 with PKCS #12 style key decryption - minimal support for PKCS #12 - support OCSP stapling (including ocsp_multi) * OpenSSL - support OpenSSL 1.1 API changes - drop support for OpenSSL 0.9.8 - drop support for OpenSSL 1.0.0 * added support for multiple schedule scan plans (sched_scan_plans) * added support for external server certificate chain validation (tls_ext_cert_check=1 in the network profile phase1 parameter) * made phase2 parser more strict about correct use of auth= and autheap= values * improved GAS offchannel operations with comeback request * added SIGNAL_MONITOR command to request signal strength monitoring events * added command for retrieving HS 2.0 icons with in-memory storage (REQ_HS20_ICON, GET_HS20_ICON, DEL_HS20_ICON commands and RX-HS20-ICON event) * enabled ACS support for AP mode operations with wpa_supplicant * EAP-PEAP: fixed interoperability issue with Windows 2012r2 server ("Invalid Compound_MAC in cryptobinding TLV") * EAP-TTLS: fixed success after fragmented final Phase 2 message * VHT: added interoperability workaround for 80+80 and 160 MHz channels * WNM: workaround for broken AP operating class behavior * added kqueue(2) support for eloop (CONFIG_ELOOP_KQUEUE) * nl80211: - add support for full station state operations - do not add NL80211_ATTR_SMPS_MODE attribute if HT is disabled - add NL80211_ATTR_PREV_BSSID with Connect command - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use unencrypted EAPOL frames * added initial MBO support; number of extensions to WNM BSS Transition Management * added support for PBSS/PCP and P2P on 60 GHz * Interworking: add credential realm to EAP-TLS identity * fixed EAPOL-Key Request Secure bit to be 1 if PTK is set * HS 2.0: add support for configuring frame filters * added POLL_STA command to check connectivity in AP mode * added initial functionality for location related operations * started to ignore pmf=1/2 parameter for non-RSN networks * added wps_disabled=1 network profile parameter to allow AP mode to be started without enabling WPS * wpa_cli: added action script support for AP-ENABLED and AP-DISABLED events * improved Public Action frame addressing - add gas_address3 configuration parameter to control Address 3 behavior * number of small fixes - wpa_supplicant-dump-certificate-as-PEM-in-debug-mode.diff: dump x509 certificates from remote radius server in debug mode in WPA-EAP. ==== xterm ==== Version update (324 -> 326) Subpackages: xterm-bin - Patch #326 - 2016/09/25 * updated appdata file (report by Richard Hughes). * improve discussion of the different terminal emulations provided by xterm in the manual page. * add examples of setting the icon title with/without the window title in the manual (Debian #833984). * correct a limit-check when using a numeric value for extended Booleans e.g., *fullscreen:3 rather than a name such as * fullscreen:never. * add action allow-bold-fonts * improved formatting fixes for manual page, using script to find mismatches in spelling of resources, actions and menu entries. * improve documentation of logging resources. * fix a special case of flickering cursor by adding GraphicsExpose to the list of event types that should not trigger making the mouse cursor visible (patch by Joe Peterson). * correct initialization of line-drawing in VT52-mode, overlooked in changes for patch #297 (report/patch by Ben Wiley Sittler). * minor clarification of form-feed versus line-feed in ctlseqs.ms (suggested by David Kemper). * amend fix for Debian #738794 to restore a check for missing characters which are not combining characters. Also fill in a corresponding special case for TrueType fonts (Debian #827905). - Patch #325 - 2016/06/05 * improve manual page discussion of function keys (discussion with Ross Combs). * further improve fix for Debian #545220 in patch #248, to avoid conflict with combining characters (Debian #738794). * improve -hold option to avoid 100% CPU usage with NetBSD after closing the shell, which makes subsequent checks for X input events fail (prompted by patch by Pierre Pronchery). * review #ifdef statements, listed those which do not have a configure option in xtermcfg.hin. * fixed one case where the menu sensistivity for Print-All Immediately and Print-All on Error was not properly ifdef'd. * modify terminfo entries for 16-, 88- and 256-color to reset palette with rs1 capability. * accept legacy value of -kt as synonym for the oldXtermFKeys resource, and extend the full-reset logic to use the keyboard type set via -kt. * modify ioctl calls for I_PUSH to first check if the module has been added, using I_FIND. This is needed for newer Solaris libraries with c11 support (adapted from patch by Alan Coopersmith). * add check in getXtermCombining to ensure that combining characters were allocated (report by Tor Andersson). * add configure option --without-xinerama to allow suppressing the extension (Gentoo #580936). * update keysym2ucs.c based on Unicode 9.0 * fixed most cppcheck --enable=all warnings, including for style (prompted by report by David Binderman). There was one bug-fix: + RGB least-squares computation in allocateClosestRGB used only one ordinate * add cppcheck to lint-like programs in configure script and makefile. * updates for SIXEL and ReGIS (Ross Combs): + Fixes some const correctness issues and points out an array lifetime issue + Sixel drawing should still happen after an error if some commands have been processed + Tiny steps toward reporting ReGIS input ==== yast2-auth-client ==== Version update (3.3.12 -> 3.3.13) - Add a missing nil check in network fact reader. - Bump version to 3.3.13 for bsc#1004083. - Change dialog return value to :next so that yast2-users will reload its summary upon completion of this dialog. - Format spec file with rake tool. Bump version to 3.3.12 for bsc#1000749.