Removed rpms ============ - gnome-todo - gnome-todo-devel - gnome-todo-lang - libLLVM13-32bit - libSDL2_ttf-2_0-0-32bit - libSDL_image-1_2-0-32bit - libSDL_ttf-2_0-0-32bit - libclang-cpp13-32bit - libSDL2_net-2_0-0-32bit - libSDL_net-1_2-0-32bit - libjreen-qt5-1 - libjreen-qt5-devel - typelib-1_0-Gtd-1_0 Added rpms ========== - artha - bash-git-prompt - chronic - cpuminer - cramfs-tools - git-mr - git-subrepo - git-subrepo-bash-completion - git-subrepo-zsh-completion - iasimage - libSDL2_net-2_0-0-32bit - libSDL_net-1_2-0-32bit - ldas-tools-cmake - lha - libLLVM13-32bit - libSDL2_ttf-2_0-0-32bit - libSDL_image-1_2-0-32bit - libSDL_ttf-2_0-0-32bit - libclang-cpp13-32bit - liblunar-calendar-3_0-1 - lunar-calendar - lunar-calendar-devel - lunar-calendar-doc - lunar-calendar-gtk3-module - lunar-calendar-lang - moreutils-perl - prom2json - reaim - soundkonverter - spindle - spindle-devel - st - ts - typelib-1_0-LunarCalendar-3_0 Package Source Changes ====================== chromium +- Chromium 105.0.5195.102 (boo#1203102): + * CVE-2022-3075: Insufficient data validation in Mojo +- Chromium 105.0.5195.52 (boo#1202964): + * CVE-2022-3038: Use after free in Network Service + * CVE-2022-3039: Use after free in WebSQL + * CVE-2022-3040: Use after free in Layout + * CVE-2022-3041: Use after free in WebSQL + * CVE-2022-3042: Use after free in PhoneHub + * CVE-2022-3043: Heap buffer overflow in Screen Capture + * CVE-2022-3044: Inappropriate implementation in Site Isolation + * CVE-2022-3045: Insufficient validation of untrusted input in V8 + * CVE-2022-3046: Use after free in Browser Tag + * CVE-2022-3071: Use after free in Tab Strip + * CVE-2022-3047: Insufficient policy enforcement in Extensions API + * CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen + * CVE-2022-3049: Use after free in SplitScreen + * CVE-2022-3050: Heap buffer overflow in WebUI + * CVE-2022-3051: Heap buffer overflow in Exosphere + * CVE-2022-3052: Heap buffer overflow in Window Manager + * CVE-2022-3053: Inappropriate implementation in Pointer Lock + * CVE-2022-3054: Insufficient policy enforcement in DevTools + * CVE-2022-3055: Use after free in Passwords + * CVE-2022-3056: Insufficient policy enforcement in Content Security Policy + * CVE-2022-3057: Inappropriate implementation in iframe Sandbox + * CVE-2022-3058: Use after free in Sign-In Flow +- Added patches: + * chromium-105-AdjustMaskLayerGeometry-ceilf.patch + * chromium-105-Bitmap-include.patch + * chromium-105-browser_finder-include.patch + * chromium-105-raw_ptr-noexcept.patch + * chromium-105-Trap-raw_ptr.patch + * chromium-105-wayland-1.20.patch + * chromium-105-compiler.patch +- Removed patches: + * chromium-104-compiler.patch + * chromium-104-ContentRendererClient-type.patch + * chromium-78-protobuf-RepeatedPtrField-export.patch + +- Update chromium-symbolic.svg: this fixes bsc#1202403. + +- Fix quoting in chrome-wrapper, don't put cwd on LD_LIBRARY_PATH + +- Chromium 104.0.5112.101 (boo#1202509): + * CVE-2022-2852: Use after free in FedCM + * CVE-2022-2854: Use after free in SwiftShader + * CVE-2022-2855: Use after free in ANGLE + * CVE-2022-2857: Use after free in Blink + * CVE-2022-2858: Use after free in Sign-In Flow + * CVE-2022-2853: Heap buffer overflow in Downloads + * CVE-2022-2856: Insufficient validation of untrusted input in Intents + * CVE-2022-2859: Use after free in Chrome OS Shell + * CVE-2022-2860: Insufficient policy enforcement in Cookies + * CVE-2022-2861: Inappropriate implementation in Extensions API + +- Re-enable our version of chrome-wrapper +- Set no sandbox if root is being used (https://crbug.com/638180) + iio-sensor-proxy +- Update to version 3.3: + * Fix a bug left-over in one of the 3.2 bug fixes where some + accelerometers would fail to initialise. +- Changes from version 3.2: + * Fix problems parsing numbers with decimal separator. +- Require gudev >= 237 for building (for consistency with + upstream). +- Drop the rpmlintrc file and add back appropriate service macros + in pre/post scriptlets. + +- Update to version 3.1: + * Port to meson as a build system and add a test-suite. + * Fix long-standing problem with property changes being sent as + a broadcast. + * Fix sensor support for accelerometers with different scales on + different axes. + * Add sensor support for RGBC light sensors. + * Support reading proximity threshold from sysfs for DeviceTree + devices. +- Use tar.bz2 source as this can be accessed using a repeatable + URL (not requiring commit id). +- Switch to meson based building. +- New BuildRequires: meson (for building), gtk-doc (to generate + docs); update required version of gudev to 234 in keeping with + minimum required version upstream. + +- Update to version 3.0: + + This release adds support for a number of sensors that didn't + work before, usually due to being combined with other sensors + of the same or different types (eg. dual-accelerometers, + light/proximity combined sensors, etc.), and adds support for + kernel-exported mount-matrix properties on Device Tree + hardware. + + Update URL and Source to new home on gitlab.freedesktop.org. + +- Update to version 2.8: + + Add support for accelerometers in ChromeBooks. + + Fix screen orientation in favour of portrait when rotating + display instead of favouring the previous orientation. + +- Update to version 2.7: + + This release fixes broken sensor readings on multiple platforms + due to a compiler optimisation. + +- Update to version 2.6: + + Add support for mount matrices coming from the kernel itself, + checking those more thoroughly for validity. On devices with + multiple accelerometers, the ones in the base are now ignored. + + Improve/fix support for sensors with uncommon formats. + + Fix a couple of possible crashes and memory leaks. +- Minor specfile cleanups using spec-cleaner. + libqt5-qtstyleplugins +- Edit qtstyleplugins-fix-deprecations.patch to use the older more + reliable method for progress bar orientation (boo#1202611) + moreutils +- Do not strip debuginfo + * makefile.patch +- Do not make parallel require the main package, the utilities are standalone. +- Split the programs with additional requirements (Perl) to a separate subpackage. + python-apipkg -- Update to v2.1.0 - * fix race condition for import of modules using apipkg.initpkg - in Python 3.3+ by updating existing modules in-place rather - than replacing in sys.modules with an apipkg.ApiModule - instances. This race condition exists for import statements - (and __import__) in Python 3.3+ where sys.modules is checked - before obtaining an import lock, and for - importlib.import_module in Python 3.11+ for the same reason. -- Release 2.0.1 - * fix race conditions for attribute creation -- Release 2.0.0 - * also transfer __spec__ attribute - * make py.test hack more specific to avoid hiding real errors - * switch from Travis CI to GitHub Actions - * modernize package build - * reformat code with black -- Drop pytest4.patch - -- The now broken apicycle requires apipkg to be importable from - elsewhere -- use src dir. - -- Split package into multibuild, to avoid apipkg -> pytest -> py -> - apipkg cycle. - -- refresh pytest4.patch for pytest5 - -- Add patch to fix build with pytest newer than 4: - * pytest4.patch - -- update to 1.5 -- fixed dependencies - * switch to setuptools_scm - * avoid dict iteration (fixes issue on python3) - * preserve __package__ - ths gets us better pep 302 compliance - rr +- filelist fix for aarch64 + tryton +- Version 6.0.17 - Bugfix Release + +- Version 6.0.16 - Bugfix Release + trytond +- Version 6.0.21 - Bugfix Release + trytond_account +- Version 6.0.13 - Bugfix Release +