SUSE-FU-2022:0484-1: important: Feature update for tcl and tk
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Feb 18 08:17:15 UTC 2022
SUSE Feature Update: Feature update for tcl and tk
______________________________________________________________________________
Announcement ID: SUSE-FU-2022:0484-1
Rating: important
References: #1072657 #1085480 #1138797 #1179615 #1181840
#1185662 #1195257 SLE-21015 SLE-23283
Affected Products:
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
______________________________________________________________________________
An update that solves one vulnerability, contains two
features and has 6 fixes is now available.
Description:
This feature update for tcl and tk fix the following issues:
Update tcl and tk to version 8.6.12 (jsc#SLE-21015, jsc#SLE-23283):
- Move tcl.macros to /usr/lib/rpm/macros.d (bsc#1185662)
- Use FAT LTO objects in order to provide proper static library
(bsc#1138797)
- Fix tcl build issues on s390 architecture (bnc#1085480)
- Fix tcl build issues caused by deprecated libieee in tcl configs
(bsc#1179615, bsc#1181840)
- Whitelist PowerPC tests that are not needed (bsc#1072657)
- Add [combobox current] support "end" index
- Add fixes in [text] bindings
- Add missing "deferred clear code" support to GIF photo images
- Add new virtual event <<TkWorldChanged>>
- Add new keycodes: CodeInput, SingleCandidate, MultipleCandidate,
PreviousCandidate
- Add new support for POSIX error: EILSEQ
- Add new command [tcl::unsupported::corotype]
- Add new command [tcl::unsupported::timerate] for performance testing
- Add new option -state to [ttk::scale]
- Add portable keycodes: OE, oe, Ydiaeresis
- Add support for backrefs in [array names -regexp]
- Add support for Unicode 14
- Disfavor Master/Slave terminology
- Enhance [oo::object] to acquire or lose a class identity dynamically
- Fix canvas rotated text overlap detection
- Fix canvas closed polylines yo fully honor -joinstyle
- Fix display of Long non-wrapped lines in text
- Fix display treeview focus ring when -selectmode none
- Fix focus events not to break entry validation
- Fix [package prefer stable] failing case
- Fix auto_path initialization by Safe Base interps
- Fix bad interaction between grab and mouse pointer warp
- Fix borderwidth calculations on menu items
- Fix cascade tearoff menu redraw artifacts
- Fix coords rounding when drawing canvas items
- Fix corrupt result from [$c postscript] with -file or -channel
- Fix errno management in socket full close
- Fix failure when a [proc] argument name is computed, not literal
- Fix focus on unmapped windows
- Fix handling of duplicates in spinbox -values list
- Fix incomplete read of multi-image GIF
- Fix initialization order of static package in wish
- Fix issue when trying to display angled text without Xft
- Fix issue with font initialization when no font is installed
- Fix problems with Noto Color Emoji font
- Fix race conditions in [file delete] and [file mkdir]
- Fix Std channel initialization for multi-thread operations
- Fix tearoff menu redraw artifacts
- Fix up arrow key in [text] to correctly move cursor to index 1.0
- Fix various cursor issues
- Fix various encoding issues
- Fix various fontchooser issues
- Fix various issues causing crashes and hang in
- Fix various memory issues
- Fix various scrolling bugs and add improvements
- Fix 32/64-bit confusion of FS DIR operations reported for AIX
- Improve appearance of text selection in [*entry] widgets
- Improve checkbutton handling of -selectcolor
- Improve handling of resolution changes
- Improve multi-thread safety when Xft is in use
- Improve ttk high-contrast-mode support
- Improve emoji support
- Improve legacy support for [tk_setPalette]
- Make combobox -postoffset option work with default style
- Make spinbox use proper names in query of option database
- Menu flaws when empty menubar clicked
- New index argument in [$menubutton post x y index]
- Preserve canvas tag list order during add/delete
- Prevent cross-manager loops of geom management
- Rewrite of zlib inflation for multi-stream and completeness
- Run fileevents in proper thread after [thread::attach $channel]
- Stop [unload] corruption of list of loaded packages
- Stop app switching exposing withdrawn windows as zombies
- Tk now denied access to PRIMARY selection from safe interps
- TkpDrawAngledCharsInContext leaked a CGColor
- Try to restore Tcl's [update] command when Tk is unloaded
- Changed [info * methods] to include mixins
- [package require] is now NR-enabled
The following fixes might show some potential incompatibilities with
existing software:
- Revised [binary (en|de)code base64] for RFC compliance and roundtrip
- Fix precision of Tcl_DStringAppendElement quoting of #
- Extended [clock scan] ISO format and time zone support
- Allow for select/copy from disabled text widget on all platforms
- Revised case of [info loaded] module names
- [info hostname] reports DNS name, not NetBIOS name
- Force -eofchar \032 when evaluating library scripts
- Revised error messages: "too few" => "not enough"
- Performed rewrite of Tk event loop to prevent ring overflow
- Refactored all MouseWheel bindings
- Revised precision of ::scale widget tick mark values
- Prevent transient window cycles (crashed on Aqua)
- Builds no longer use -lieee
- Quoting of command line arguments by [exec] on Windows revised. Prior
quoting rules left holes where some values would not pass through, but
could trigger substitutions or program execution. See
https://core.tcl-lang.org/tcl/info/21b0629c81
- [lreplace] accepts all out-of-range index values
Patch Instructions:
To install this SUSE Feature Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-484=1
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-484=1
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):
tcl-debuginfo-8.6.12-11.3.1
tcl-debugsource-8.6.12-11.3.1
tcl-devel-8.6.12-11.3.1
tk-debuginfo-8.6.12-11.3.1
tk-debugsource-8.6.12-11.3.1
tk-devel-8.6.12-11.3.1
- SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
tcl-8.6.12-11.3.1
tcl-debuginfo-8.6.12-11.3.1
tcl-debugsource-8.6.12-11.3.1
tk-8.6.12-11.3.1
tk-debuginfo-8.6.12-11.3.1
tk-debugsource-8.6.12-11.3.1
- SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):
tcl-32bit-8.6.12-11.3.1
tcl-debuginfo-32bit-8.6.12-11.3.1
tk-32bit-8.6.12-11.3.1
tk-debuginfo-32bit-8.6.12-11.3.1
References:
https://www.suse.com/security/cve/CVE-2021-35331.html
https://bugzilla.suse.com/1072657
https://bugzilla.suse.com/1085480
https://bugzilla.suse.com/1138797
https://bugzilla.suse.com/1179615
https://bugzilla.suse.com/1181840
https://bugzilla.suse.com/1185662
https://bugzilla.suse.com/1195257
More information about the sle-updates
mailing list