commit patchinfo.5191 for openSUSE:13.2:Update
Hello community, here is the log from the commit of package patchinfo.5191 for openSUSE:13.2:Update checked in at 2016-06-15 11:29:01 Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.5191 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.5191.new (New) Package is "patchinfo.5191" Changes: New Changes file: NO CHANGES FILE!!! New: _patchinfo Other differences: -- ++ _patchinfo ++ recommended moderate simotek This recommended update for xdg-utils fixes the following issues: - Fix issues related to xdg-open/xdg-mime generic code paths. Recommended update for xdg-utils
commit xdg-utils for openSUSE:13.2:Update
Hello community, here is the log from the commit of package xdg-utils for openSUSE:13.2:Update checked in at 2016-06-15 11:28:57 Comparing /work/SRC/openSUSE:13.2:Update/xdg-utils (Old) and /work/SRC/openSUSE:13.2:Update/.xdg-utils.new (New) Package is "xdg-utils" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.0egy0q/_old 2016-06-15 11:28:58.0 +0200 +++ /var/tmp/diff_new_pack.0egy0q/_new 2016-06-15 11:28:58.0 +0200 @@ -1 +1 @@ - +
commit librtas for openSUSE:Factory
Hello community, here is the log from the commit of package librtas for openSUSE:Factory checked in at 2016-06-15 09:26:05 Comparing /work/SRC/openSUSE:Factory/librtas (Old) and /work/SRC/openSUSE:Factory/.librtas.new (New) Package is "librtas" Changes: New Changes file: --- /dev/null 2016-04-07 01:36:33.300037506 +0200 +++ /work/SRC/openSUSE:Factory/.librtas.new/librtas-doc.changes 2016-06-15 09:26:06.0 +0200 @@ -0,0 +1,205 @@ +--- +Mon Jun 13 12:03:11 UTC 2016 - m...@suse.com + +- Split off documents to -doc sub-package + * We can't really add doxygen to Ring0 which required by -doc + +--- +Wed Mar 2 14:09:55 UTC 2016 - jloe...@suse.com + +- version update to 1.4.0 (FATE#319934) + - see Changelog under librtas-1.4.0/Changelog + +--- +Wed Oct 29 12:08:14 UTC 2014 - jloe...@suse.com + +- version update to 1.3.13 + see changelog for changes + +--- +Fri Sep 5 09:50:17 UTC 2014 - jeng...@inai.de + +- RPM group classification; add project web locations + +--- +Fri Sep 5 09:08:06 UTC 2014 - jloe...@suse.com + +- version update to 1.3.12 (BNC#894854) + - get_sensor, set_sensor: Handle big endian data in little endian + - fix for sc_platform_dump endian handling + +--- +Thu Jul 3 14:31:24 CEST 2014 - p...@suse.de + +- Update to 1.3.11 (bnc#884710: + * README: documentation on handling endianness + * librtas: Little endian support in syscalls + + See Changelog in the package documentation for the full changes + documentation. +- Refresh librtas-failedmagic.patch. +- Packege Changelog +- No need to remove and create buildroot, that's done by osc. + +--- +Tue Mar 25 13:23:54 UTC 2014 - jloe...@suse.com + +- version update to 1.3.10 (BNC#870006) + see changelog for change + +--- +Tue Mar 4 14:57:14 UTC 2014 - jloe...@suse.com + +- change license to CPL-1.0 (see COPYRIGHT) + +--- +Tue Mar 4 12:53:20 UTC 2014 - jloe...@suse.com + +- version update to 1.3.9 (BNC#866674) + see changelog for changes + +--- +Mon Dec 9 15:02:54 UTC 2013 - dval...@suse.com + +- enable ppc64le + +--- +Sun Feb 24 16:27:48 UTC 2013 - dval...@suse.com + +- Update to 1.3.8 + * Identify Platform Resource Reassignment Notifications (PRRN) + +--- +Fri Dec 28 12:11:40 UTC 2012 - dval...@suse.com + +- update to 1.3.7 + librtas allocates buffer space (required for RTAS call) in the +RTAS private memory area through sc_get_rmo_buffer() which +internally allocates memory and protects it by acquiring +lock on the allocated memory area. + +Locking function : + At present acquire_file_lock() tries to lock the particular +memory area. If the memory area is already locked then it +returns error without retrying. + +So when two process executes rtas call simultaneously one fails +with "Unknown librtas I/O" error. + +This patch introduces "Wait for lock to be available" instead +of returning with IO error. + +- fixed minor memory leak in librtas.so + +--- +Tue Jan 31 10:48:35 UTC 2012 - jeng...@medozas.de + +- Remove redundant tags/sections per specfile guideline suggestions +- Parallel building using %_smp_mflags + +--- +Mon Nov 14 10:48:21 UTC 2011 - dval...@suse.com + +- update -> 1.3.6 + - changes and small fixes in regards to lib64 support mostly +- split up devel, doc packages +- split librtas1 package according shared library policy +- patch refresh +- fix baselibs.conf +- fix %files permission + +--- +Fri Nov 20 14:45:45 CET 2009 - u...@suse.de + +- update -> 1.3.4: + - new inventory model (fate#304149) + - support rtas event updates (fate#307049) + +--- +Wed Nov 5 16:47:14 CET 2008 - r...@suse.de + +- added baselibs.conf (bnc#434975) + +--- +Tue Oct 28 08:45:39 CET 2008 - o...@suse.de + +- fix header
commit ntp.5195 for openSUSE:13.2:Update
Hello community, here is the log from the commit of package ntp.5195 for openSUSE:13.2:Update checked in at 2016-06-15 08:03:10 Comparing /work/SRC/openSUSE:13.2:Update/ntp.5195 (Old) and /work/SRC/openSUSE:13.2:Update/.ntp.5195.new (New) Package is "ntp.5195" Changes: New Changes file: --- /dev/null 2016-04-07 01:36:33.300037506 +0200 +++ /work/SRC/openSUSE:13.2:Update/.ntp.5195.new/ntp.changes2016-06-15 08:03:12.0 +0200 @@ -0,0 +1,1795 @@ +--- +Sun Jun 5 05:20:03 UTC 2016 - m...@suse.com + +- Keep the parent process alive until the daemon has finished + initialisation, to make sure that the PID file exists when the + parent returns (ntp-daemonize.patch). + +--- +Thu Jun 2 14:21:45 UTC 2016 - m...@suse.com + +- Update to 4.2.8p8 (bsc#982056): + * CVE-2016-4953, bsc#982065: Bad authentication demobilizes +ephemeral associations. + * CVE-2016-4954, bsc#982066: Processing spoofed server packets. + * CVE-2016-4955, bsc#982067: Autokey association reset. + * CVE-2016-4956, bsc#982068: Broadcast interleave. + * CVE-2016-4957, bsc#982064: CRYPTO_NAK crash. +- Change the process name of the forking DNS worker process to + avoid the impression that ntpd is started twice (bsc#979302). +- Don't ignore SIGCHILD because it breaks wait() (boo#981422). +- ntp-wait does not accept fractional seconds, so use 1 instead of + 0.2 in ntp-wait.service (boo#979981). +- Separate the creation of ntp.keys and key #1 in it to avoid + problems when upgrading installations that have the file, but + no key #1, which is needed e.g. by "rcntp addserver". + +--- +Thu Apr 28 13:10:01 UTC 2016 - m...@suse.com + +- Update to 4.2.8p7 (bsc#977446): + * CVE-2016-1547, bsc#977459: +Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. + * CVE-2016-1548, bsc#977461: Interleave-pivot + * CVE-2016-1549, bsc#977451: +Sybil vulnerability: ephemeral association attack. + * CVE-2016-1550, bsc#977464: Improve NTP security against buffer +comparison timing attacks. + * CVE-2016-1551, bsc#977450: +Refclock impersonation vulnerability + * CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig +directives will cause an assertion botch in ntpd. + * CVE-2016-2517, bsc#977455: remote configuration trustedkey/ +requestkey/controlkey values are not properly validated. + * CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7 +causes array wraparound with MATCH_ASSOC. + * CVE-2016-2519, bsc#977458: ctl_getitem() return value not +always checked. + * integrate ntp-fork.patch + * Improve the fixes for: +CVE-2015-7704, CVE-2015-7705, CVE-2015-7974 +- Restrict the parser in the startup script to the first + occurrance of "keys" and "controlkey" in ntp.conf (boo#957226). + +--- +Fri Apr 15 12:34:40 UTC 2016 - m...@suse.com + +- Enable compile-time support for MS-SNTP (--enable-ntp-signd). + This replaces the w32 patches in 4.2.4 that added the authreg + directive. (fate#320758). +- Fix ntp-sntp-dst.patch (bsc#975496). +- Call /usr/sbin/sntp with full path to synchronize in start-ntpd. + When run as cron job, /usr/sbin/ is not in the path, which caused + the synchronization to fail. (boo#962318) +- Speedup ntpq (boo#782060, ntp-speedup-ntpq.patch). +- Sync service files with openSUSE Factory. + +--- +Wed Mar 30 14:56:11 UTC 2016 - m...@suse.com + +- Fix the TZ offset output of sntp during DST (bsc#951559). + +--- +Fri Mar 18 13:51:13 UTC 2016 - m...@suse.com + +- Add ntp-fork.patch and build with threads disabled to allow + name resolution even when running chrooted. + +--- +Fri Jan 22 15:44:38 UTC 2016 - m...@suse.com + +- Update to 4.2.8p6: + * CVE-2015-8158, bsc#962966: Potential Infinite Loop in ntpq. + * CVE-2015-8138, bsc#963002: origin: Zero Origin Timestamp +Bypass. + * CVE-2015-7979, bsc#962784: Off-path Denial of Service (DoS) +attack on authenticated broadcast mode. + * CVE-2015-7978, bsc#963000: Stack exhaustion in recursive +traversal of restriction list. + * CVE-2015-7977, bsc#962970: reslist NULL pointer dereference. + * CVE-2015-7976, bsc#962802: ntpq saveconfig command allows +dangerous characters in filenames. + * CVE-2015-7975, bsc#962988: nextvar() missing length check. + * CVE-2015-7974, bsc#962960: Skeleton Key: Missing key check +allows impersonation between authenticated peers. + * CVE-2015-7973, bsc#962995: Deja Vu: Replay attack on +
commit ntp for openSUSE:13.2:Update
Hello community, here is the log from the commit of package ntp for openSUSE:13.2:Update checked in at 2016-06-15 08:03:13 Comparing /work/SRC/openSUSE:13.2:Update/ntp (Old) and /work/SRC/openSUSE:13.2:Update/.ntp.new (New) Package is "ntp" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.DIbM3B/_old 2016-06-15 08:03:15.0 +0200 +++ /var/tmp/diff_new_pack.DIbM3B/_new 2016-06-15 08:03:15.0 +0200 @@ -1 +1 @@ - +
