January 2024 - openSUSE Factory - openSUSE Mailing Lists

New Tumbleweed snapshot 20240104 released!
by Dominique Leuenberger 05 Jan '24

05 Jan '24

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ImageMagick (7.1.1.21 -> 7.1.1.25) apache2-mod_php8 (8.2.13 -> 8.2.14) bluez fltk (1.3.8 -> 1.3.9) ghostscript gnome-control-center hplip (3.23.8 -> 3.23.12) icewm (3.4.4 -> 3.4.5) iw (5.19 -> 6.7) kernel-firmware (20231214 -> 20240102) kernel-source (6.6.7 -> 6.6.9) kmozillahelper libarchive (3.7.0 -> 3.7.2) libebml (1.4.4 -> 1.4.5) libheif (1.17.5 -> 1.17.6) libical (3.0.16 -> 3.0.17) libical-glib (3.0.16 -> 3.0.17) libjpeg-turbo (8.2.2 -> 8.3.2) libqt5-qtbase (5.15.11+kde138 -> 5.15.12+kde147) libqt5-qtconnectivity (5.15.11+kde6 -> 5.15.12+kde6) libqt5-qtdeclarative (5.15.11+kde30 -> 5.15.12+kde31) libqt5-qtgraphicaleffects (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtimageformats (5.15.11+kde12 -> 5.15.12+kde10) libqt5-qtlocation (5.15.11+kde4 -> 5.15.12+kde6) libqt5-qtmultimedia (5.15.11+kde2 -> 5.15.12+kde2) libqt5-qtnetworkauth (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtquickcontrols (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtquickcontrols2 (5.15.11+kde5 -> 5.15.12+kde5) libqt5-qtscript (5.15.15 -> 5.15.16) libqt5-qtsensors (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtserialport (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtspeech (5.15.11+kde1 -> 5.15.12+kde1) libqt5-qtsvg (5.15.11+kde6 -> 5.15.12+kde6) libqt5-qttools (5.15.11+kde3 -> 5.15.12+kde4) libqt5-qttranslations (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtvirtualkeyboard (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtwayland (5.15.11+kde59 -> 5.15.12+kde60) libqt5-qtwebchannel (5.15.11+kde3 -> 5.15.12+kde3) libqt5-qtwebsockets (5.15.11+kde2 -> 5.15.12+kde2) libqt5-qtwebview (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtx11extras (5.15.11+kde0 -> 5.15.12+kde0) libqt5-qtxmlpatterns (5.15.11+kde0 -> 5.15.12+kde0) libraw (0.21.1 -> 0.21.2) libstorage-ng (4.5.168 -> 4.5.169) lttng-ust (2.13.5 -> 2.13.6) newt (0.52.23 -> 0.52.24) nftables nodejs21 perl-IO-Socket-SSL perl-MIME-tools (5.510 -> 5.511.0) php8 (8.2.13 -> 8.2.14) pulseaudio python-falcon python-python-slugify (5.0.2 -> 8.0.1) python-unicodedata2 qca-qt5 (2.3.7+git8 -> 2.3.7+git12) qt6-base sdbootutil (1+git20231214.b186b2d -> 1+git20231221.42797ab) suse-module-tools (16.0.39 -> 16.0.42) tracker-miners unbound (1.18.0 -> 1.19.0) vim (9.0.2181 -> 9.1.0000) wireless-regdb (20230901 -> 20231201) yast2-trans (84.87.20231224.d98b72cc24 -> 84.87.20231230.7bdda36766) === Details === ==== ImageMagick ==== Version update (7.1.1.21 -> 7.1.1.25) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.1.25 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - update to 7.1.1.24: * Added extra check for rare case when ImageMagick is build without any delegates. * Corrected order to fix invalid matches. * only fill the alpha channel for alpha floodfill * Make sure we use the lt_ methods like we do elsewhere. * support dng:max-raw-memory define (ImageMagick/ImageMagick#6922) * properly export YUV JP2 images (ImageMagick/ImageMagick#6943) * use : specifier * correct display program name * check for corrupt DJVU images * support UTF-8 comments (ImageMagick/ImageMagick#6949) * do not prefix iTxt key with 'png:' * enhance sampling factor parser (ImageMagick/ImageMagick#6943) * Switch to ubuntu 20.04 in the app-image build. * Corrected packages that need to be install due to ubuntu upgrade. * improve accuracy of image statistics * fx calculations of skewness and kurtosis * Only write comments as itxt when the string contains non ansi chars. * check if the string contains non-Latin1 characters * Corrected patch to check for non-Latin1 characters. * invalid JSON with -ping (ImageMagick/ImageMagick#6966) * throw exception if # of meta channels exceed max https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hx5j-px… * multiplication result converted to larger type * invalid HTTPS certificates are no longer ignored https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3r24-6m… * multiplication result converted to larger type * eliminate compiler warning * don't include the index channel in the overall image statistics * multiplication result converted to larger type - version update to 7.1.1.23 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - deleted patches - ImageMagick-infinite-resource-time-limit.patch (upstreamed) ==== apache2-mod_php8 ==== Version update (8.2.13 -> 8.2.14) - version update to 8.2.14 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.14 ==== bluez ==== Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - add fix-link-key-address-type.patch - thanks to pallaswept for identifying the right patch for the pairing regression ==== fltk ==== Version update (1.3.8 -> 1.3.9) - update to 1.3.9: * Support macOS up to macOS 14 "Sonoma". * Update bundled libraries to current versions (see below). * Introduce bundled image library "prefixing" to avoid conflicts with system libraries. * Bundled library versions (see also README.bundled-libs.txt): * Library Version Release date * jpeg jpeg-9e 2022-01-16 * png libpng-1.6.40 2023-06-21 * zlib zlib-1.3 2023-08-18 * Backport X11 INCR protocol fixes from 1.4.0 (issue #451) * X11: Suppress compiler warnings when using gcc or clang * Fix crash if a program exits before it opens a window * Fix compilation error with current Visual Studio 2022 * Backport warning fixes from 1.4.0 in src/fl_draw.cxx * Fix compiler warning as pointed out in PR #693 * Fix another compiler warning (#693) * Remove unused variable, fix "type issue" (#445, part 2) * Fix stack buffer overflow found by address sanitizer * Fix "gtk+ rendering" (GitHub Issue #443) * Fix doxygen warnings * Bump version numbers, prepare release 1.3.9 * Fix several compiler warnings * Update bundled image libraries and zlib to current versions * Update README, README.CMake.txt, and some support files * Fix compiler warnings: backported from 1.4 (git 'master') * CMake/MSVC: remove confusing recommendation to rerun * Documentation: remove dark color on title page * Raise CMake minimum required version to 3.15 and more * macOS platform: Issue #325 "Disabling IM disables Greek and Cyrillic layouts" * Fix fullscreen window level corner cases on macOS * Fix issue #373 apparent with macOS platform and SDK â¤ * Issue #452: Fl::get_font_name failure on OS-X. * Issue #454: crash in Fl::get_font_name(). * Issue #469: Fl_Sys_Menu_Bar menu item shortcuts using Esc Tab don't work on Mac * Fix "Focus is lost leaving full screen on macOS 13" * Add support of macOS Ventura 13.0 and macOS Sonoma 14.0 * macOS: remove configure option --enable-x11 and CMake OPTION_APPLE_X11; this functionality remains in FLTK 1.4. * configure.ac: make sure local-png and local-zlib always run together * Remove the -mwindows argument from CFLAGS and CXXFLAGS ==== ghostscript ==== Subpackages: ghostscript-x11 - CVE-2023-46751.patch is https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=dcdbc595c13 adapted for Ghostscript-9.56.1 that fixes https://bugs.ghostscript.com/show_bug.cgi?id=707264 which includes a fix for CVE-2023-46751 "dangling pointer in gdev_prn_open_printer_seekable()" (bsc#1217871) ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Add gnome-control-center-fix-region-preview-crash.patch: nl_langinfo's returned pointer could be invalid after switching locale, so we have to save the result before switch locale to prevent the crash (bsc#1218528, glgo#GNOME/gnome-control-center!2122). ==== hplip ==== Version update (3.23.8 -> 3.23.12) Subpackages: hplip-hpijs hplip-sane hplip-udev-rules - Update to hplip 3.23.12 * del fix-printer-attributes-parsing.patch (merged upstream) * del hppsfilter-booklet-printing-change-insecure-fixed-tm.patch (merged upstream) - Added support for new printers: * HP OfficeJet Pro 9130b series * HP OfficeJet Pro 9120b series * HP OfficeJet Pro 9110b series * HP Color LaserJet Enterprise Flow MFP X58045z * HP Color LaserJet Enterprise Flow MFP X58045zs * HP Color LaserJet Enterprise MFP X58045dnâ * HP Color LaserJet Enterprise MFP X58045 * HP LaserJet Pro P1106 plus * HP LaserJet Pro P1108 plus ==== icewm ==== Version update (3.4.4 -> 3.4.5) Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - Update to 3.4.5: * Fix for centering the clock LED digits vertically * Fix the KeyWinTile commands for multi-mon setups * Fix the workspace buttons for right-to-left languages ==== iw ==== Version update (5.19 -> 6.7) - Update to version 6.7: * update nl80211.h * bump version to 6.7 * update nl80211.h * iw: allow extra cflags * iw: S1G: add 802.11ah support for link command display * update nl80211.h * iw: connect: Fix segfault during open authentication * iw: fix attribute size mismatch * iw: add more extended capa bits * iw: Fix EHT rates printing. * iw: S1G: add list command support for 802.11ah * iw: S1G: add parsing for 802.11ah scan IE's * iw: S1G: add frequency set in kHz and offset options * util: don't print EHT info if not present * interface: print links * link: update for MLO * link: fix some formatting * iw: scan: set NL80211_SCAN_FLAG_COLOCATED_6GHZ in case of full sched scan * util: add support for 320MHz bandwidth without cf1 * util: add support for 320Mhz bandwidth * update nl80211.h * iw: event: fix printf format error * iw: add support for retrieving keys * iw: info: fix bug reading preambles and bandwidths * iw: add cac background command * iw: info: print PMSR capabilities ==== kernel-firmware ==== Version update (20231214 -> 20240102) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240102 (git commit b83108216200): * linux-firmware: add firmware for mediatek bluetooth chip (MT7925) * linux-firmware: add firmware for MT7925 * ASoC: tas2563: Add dsp firmware for laptops or other mobile devices * QCA: Add bluetooth firmware nvm files for QCA2066 * QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00629 - Update aliases - Update to version 20231226 (git commit abfcad8b1405): * rtl_bt: Add firmware and config files for RTL8852BT/RTL8852BE-VT * ASoC: tas2781: Add dsp firmware for different laptops * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.36 * ath11k: WCN6855 hw2.0: update board-2.bin * ath11k: WCN6750 hw1.0: update board-2.bin * ath11k: IPQ8074 hw2.0: update board-2.bin * ath10k: WCN3990 hw1.0: update board-2.bin * ath10k: QCA9888 hw2.0: update board-2.bin * ath10k: QCA4019 hw1.0: update board-2.bin * ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00309- * ath12k: add new driver and firmware for WCN7850 * iwlwifi: update gl FW for core80-165 release * intel: vsc: Add firmware for Visual Sensing Controller * cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2023 Models * cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2022 Models * amdgpu: DMCUB updates for various AMDGPU ASICs - New subpackag kernel-firmware-ath12k - Update aliases ==== kernel-source ==== Version update (6.6.7 -> 6.6.9) - Linux 6.6.9 (bsc#1012628). - bpf: Fix prog_array_map_poke_run map poke update (bsc#1012628). - mm/damon/core: use number of passed access sampling as a timer (bsc#1012628). - mm/damon/core: make damon_start() waits until kdamond_fn() starts (bsc#1012628). - btrfs: qgroup: iterate qgroups without memory allocation for qgroup_reserve() (bsc#1012628). - btrfs: qgroup: use qgroup_iterator in qgroup_convert_meta() (bsc#1012628). - btrfs: free qgroup pertrans reserve on transaction abort (bsc#1012628). - drm/amd/display: fix hw rotated modes when PSR-SU is enabled (bsc#1012628). - drm/i915: Fix FEC state dump (bsc#1012628). - drm/i915: Introduce crtc_state->enhanced_framing (bsc#1012628). - drm/i915/edp: don't write to DP_LINK_BW_SET when using rate select (bsc#1012628). - drm: Update file owner during use (bsc#1012628). - drm: Fix FD ownership check in drm_master_check_perm() (bsc#1012628). - spi: spi-imx: correctly configure burst length when using dma (bsc#1012628). - arm64: dts: allwinner: h616: update emac for Orange Pi Zero 3 (bsc#1012628). - ARM: dts: dra7: Fix DRA7 L3 NoC node register size (bsc#1012628). - ARM: OMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (bsc#1012628). - reset: Fix crash when freeing non-existent optional resets (bsc#1012628). - s390/vx: fix save/restore of fpu kernel context (bsc#1012628). - platform/x86/intel/pmc: Fix hang in pmc_core_send_ltr_ignore() (bsc#1012628). - SUNRPC: Revert 5f7fc5d69f6e92ec0b38774c387f5cf7812c5806 (bsc#1012628). - wifi: ieee80211: don't require protected vendor action frames (bsc#1012628). - wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (bsc#1012628). - wifi: mac80211: check if the existing link config remains unchanged (bsc#1012628). - wifi: mac80211: don't re-add debugfs during reconfig (bsc#1012628). - wifi: mac80211: check defragmentation succeeded (bsc#1012628). - wifi: mac80211: mesh: check element parsing succeeded (bsc#1012628). - wifi: mac80211: mesh_plink: fix matches_local logic (bsc#1012628). - ice: fix theoretical out-of-bounds access in ethtool link modes (bsc#1012628). - bpf: syzkaller found null ptr deref in unix_bpf proto add (bsc#1012628). - Revert "net/mlx5e: fix double free of encap_header in update funcs" (bsc#1012628). - Revert "net/mlx5e: fix double free of encap_header" (bsc#1012628). - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list() (bsc#1012628). - net/mlx5e: Fix a race in command alloc flow (bsc#1012628). - net/mlx5e: fix a potential double-free in fs_udp_create_groups (bsc#1012628). - net/mlx5e: Fix overrun reported by coverity (bsc#1012628). - net/mlx5e: Decrease num_block_tc when unblock tc offload (bsc#1012628). - net/mlx5e: XDP, Drop fragmented packets larger than MTU size (bsc#1012628). - net/mlx5: Fix fw tracer first block check (bsc#1012628). - net/mlx5: Refactor mlx5_flow_destination->rep pointer to vport num (bsc#1012628). - net/mlx5e: Fix error code in mlx5e_tc_action_miss_mapping_get() (bsc#1012628). - net/mlx5e: Fix error codes in alloc_branch_attr() (bsc#1012628). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer (bsc#1012628). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (bsc#1012628). - net: mscc: ocelot: fix eMAC TX RMON stats for bucket 256-511 and above (bsc#1012628). - net: mscc: ocelot: fix pMAC TX RMON stats for bucket 256-511 and above (bsc#1012628). - octeontx2-pf: Fix graceful exit during PFC configuration failure (bsc#1012628). - net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (bsc#1012628). - net: sched: ife: fix potential use-after-free (bsc#1012628). - ethernet: atheros: fix a memleak in atl1e_setup_ring_resources (bsc#1012628). - net/rose: fix races in rose_kill_by_device() (bsc#1012628). - Bluetooth: Fix not notifying when connection encryption changes (bsc#1012628). - Bluetooth: Fix deadlock in vhci_send_frame (bsc#1012628). - Bluetooth: hci_event: shut up a false-positive warning (bsc#1012628). - Bluetooth: hci_core: Fix hci_conn_hash_lookup_cis (bsc#1012628). - bnxt_en: do not map packet buffers twice (bsc#1012628). - net: phy: skip LED triggers on PHYs on SFP modules (bsc#1012628). - ice: stop trashing VF VSI aggregator node ID information ... changelog too long, skipping 466 lines ... - commit e7a87d7 ==== kmozillahelper ==== - BuildRequire rpm_macro(cmake_kf5): we call cmake_kf5 to build and thus need to ensure the macro to be known. - Add extra-cmake-modules BuildRequires: fix build after recent KDE Frameworks update. ==== libarchive ==== Version update (3.7.0 -> 3.7.2) - skip write tests on 32bit, they OOM - update to 3.7.2: * Multiple vulnerabilities have been fixed in the PAX writer * bsdunzip(1) now correctly handles arguments following an - x after the zipfile * zstd filter now supports the "long" write option * SEGV and stack buffer overflow in verbose mode of cpio * bsdunzip updated to match latest upstream code * miscellaneous functional bugfixes ==== libebml ==== Version update (1.4.4 -> 1.4.5) - update to 1.4.5 (bsc#1218432): * Fix invalid memory access (reading beyond allocated memory) due to missing integer overflow check. ==== libheif ==== Version update (1.17.5 -> 1.17.6) Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif-svtenc libheif1 - update to 1.17.6: * A couple of build fixes and bug fixes detected by fuzzing. * Corrects these issues: * CVE-2023-49462 - #1043 * CVE-2023-49463 - #1042 - drop libheif-CVE-2023-49462.patch, libheif-CVE-2023-49464.patch, libheif-CVE-2023-49460.patch: upstream - security update - added patches fix CVE-2023-49460 [bsc#1217902], segmentation violation in decode_uncompressed_image() + libheif-CVE-2023-49460.patch - sync ExclusiveArch with SVT-AV1 - move HEIF plugins from examples to separate package - make sure all subpackages use the same libheif1 ABI ==== libical ==== Version update (3.0.16 -> 3.0.17) - update to 3.0.17: * Escape commas in x-property TEXT values * Built-in timezones updated to tzdata2023c * icalparser_ctrl setting defines how to handle invalid CONTROL characters during parsing * New publicly available functions: + get_zone_directory() + icalparser_get_ctrl + icalparser_set_ctrl ==== libical-glib ==== Version update (3.0.16 -> 3.0.17) - update to 3.0.17: * Escape commas in x-property TEXT values * Built-in timezones updated to tzdata2023c * icalparser_ctrl setting defines how to handle invalid CONTROL characters during parsing * New publicly available functions: + get_zone_directory() + icalparser_get_ctrl + icalparser_set_ctrl ==== libjpeg-turbo ==== Version update (8.2.2 -> 8.3.2) Subpackages: libjpeg8 libjpeg8-x86-64-v3 - update to 3.0.1 (bsc#1211542, CVE-2023-2804): * The x86-64 SIMD functions now use a standard stack frame, prologue, and epilogue so that debuggers and profilers can reliably capture backtraces from within the functions. * Fixed two minor issues in the interblock smoothing algorithm that caused mathematical (but not necessarily perceptible) edge block errors when decompressing progressive JPEG images exactly two MCU blocks in width or that use vertical chrominance subsampling. * The TurboJPEG API now supports 4:4:1 (transposed 4:1:1) chrominance subsampling, which allows losslessly transposed or rotated 4:1:1 JPEG images to be losslessly cropped, partially decompressed, or decompressed to planar YUV images. * Fixed various segfaults and buffer overruns (CVE-2023-2804) * that occurred when attempting to decompress various specially-crafted malformed 12-bit-per-component and 16-bit-per-component lossless JPEG images using color quantization or merged chroma upsampling/color conversion. The underlying cause of these issues was that the color quantization and merged chroma upsampling/color conversion algorithms were not designed with lossless decompression in mind. Since libjpeg-turbo explicitly does not support color conversion when compressing or decompressing lossless JPEG images, merged chroma upsampling/color conversion never should have been enabled for such images. Color quantization is a legacy feature that serves little or no purpose with lossless JPEG images, so it is also now disabled when decompressing such images. (As a result, djpeg can no longer decompress a lossless JPEG image into a GIF image.) * Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer overruns when attempting to decompress various specially-crafted malformed 12-bit-per-component JPEG images using djpeg with both color quantization and RGB565 color conversion enabled. * Fixed an issue whereby `jpeg_crop_scanline()` sometimes miscalculated the downsampled width for components with 4x2 or 2x4 subsampling factors if decompression scaling was enabled. This caused the components to be upsampled incompletely, which caused the color converter to read from uninitialized memory. With 12-bit data precision, this caused a buffer overrun or underrun and subsequent segfault if the sample value read from uninitialized memory was outside of the valid sample range. * Fixed a long-standing issue whereby the `tj3Transform()` function, when used with the `TJXOP_TRANSPOSE`, `TJXOP_TRANSVERSE`, `TJXOP_ROT90`, or `TJXOP_ROT270` transform operation and without automatic JPEG destination buffer (re)allocation or lossless cropping, computed the worst-case transformed JPEG image size based on the source image dimensions rather than the transformed image dimensions. If a calling program allocated the JPEG destination buffer based on the transformed image dimensions, as the API documentation instructs, and attempted to transform a specially-crafted 4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a large amount of metadata, the issue caused `tj3Transform()` to overflow the JPEG destination buffer rather than fail gracefully. The issue could be worked around by setting `TJXOPT_COPYNONE`. Note that, irrespective of this issue, `tj3Transform()` cannot reliably transform JPEG source images that contain a large amount of metadata unless automatic JPEG destination buffer (re)allocation is used or `TJXOPT_COPYNONE` is set. * Significantly sped up the computation of optimal Huffman tables. This speeds up the compression of tiny images by as much as 2x and provides a noticeable speedup for images as large as 256x256 when using optimal Huffman tables. * All deprecated fields, constructors, and methods in the TurboJPEG Java API have been removed. * Arithmetic entropy coding is now supported with 12-bit-per-component JPEG images. * Overhauled the TurboJPEG API to address long-standing limitations and to make the API more extensible and intuitive. ==== libqt5-qtbase ==== Version update (5.15.11+kde138 -> 5.15.12+kde147) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.12+kde147: * Http2: fix potential overflow in assemble_hpack_block() (bsc#1218413, CVE-2023-51714) * HPack: fix incorrect integer overflow check * HPack: fix a Yoda Condition - Update to version 5.15.12+kde144, rebased upstream: * QMimeDatabase: handle buggy type definitions with circular inheritance * xcb: only set base size when it's valid * QPixmapCache: fix leaking of QStrings and Keys on clear() * OpenFile portal: do not use O_PATH fds * QSystemTrayIcon: properly disconnect old menu in setContextMenu() * Guard QTabBar against nested event processing during moving tabs * QDial: don't crash when min==max and setting a value != min & max * QStandardItemModel: don't leak in mimeData() * SQL/MySQL: properly initialize variable * QWidgetTextControl: ignore invalid input method event * Update the LGPL license header * SQL/MySQL: fix handling of json column * Remove QMAKE_RANLIB and QMAKE_LINK_SHLIB from android/default_pre.prf * macOS: Fix less common writing systems on Catalina and later * Blacklist 1 tests in tst_QFtp on ubuntu-20.04 * Update bundled libpng to version 1.6.39 * Android: Fix signing of APKs that are generated when an AAB is also built * Update bundled zlib to version 1.2.13 * doc: update the limitation of QSystemTrayIcon on X11 * Blacklist 1 tests in tst_QTimer on ubuntu-20.04 * Add benchmarks for QLocale number parsing * Add benchmarks for QString number parsing * Android: Fix incorrect fullscreen dimensions * Gtk3Theme: set XCURSOR_SIZE and XCURSOR_THEME for wayland sessions * xcb: Flush Display when processing xcb events * xcb: Add xlib wrapper for XFlush() * QHostAddress: Fix incorrect comparison against 'Any' * QSsl[OpenSSL/Android]: Fix hardcoded 1_1 suffix * BLACKLIST: tst_QApplication::sendEventsOnProcessEvents for RHEL 9.0 * QMacStyle: do not set white color for grayed out button * Work round macOS's omission of en_DE from its own uiLanguages() * Suppress a deprecation warning in tst_QDateTime::toString_enumformat() * QJsonValue: fix incorrect to{Array,Object} when the value is empty * QGtk3Dialog: remove the #include for empty moc * Remove unneeded QWindow from QGtk3Dialog * tst_QSslSocket: Delete sslOptions * tst_QSslServer: Make the in-process server use TLS1.2 * Android: fix Gradle warning about using enableUncompressedNativeLibs * Mention limitation of QDir::drives() on Windows * QFileSystemEngine/Win: fix incorrect buffer size in currentPath() * Android: properly retrieve mime type of uri to for openUrl() * Android: Fix clipboard issue with urls * Android: Add a way to disable accessibility via an environment var * Update bundled libpng to version 1.6.38 * QIOSMessageDialog::exec - work around 'windowsless' exec * QIosScreen: retain the right window * tst_Q{BitArray,ContiguousCache}: check not only count(), but size(), too * QIosTextResponder: stop using deprecated constants and type * qcompilerdetection.h: detect Coverity * Android: Fix Display.getRealMetrics deprecation * Fix broken Text rendering when noantialiased NativeRendering is used * forkfd: fix Clang 15 ATOMIC_VAR_INIT deprecation warning * eglfs: Add env.var. to disable the dedicated drmHandleEvent thread * doc: Don't put strings into QVector<double> * Remove focusProxyAndInputMethods from tst_QWidget * Bump version to 5.15.12 * Update documentation of qWaitForWindowActive / qWaitForWindowExposed * QtHttp: Lower the severity of some log output * StyleSheetStyle: Fix color of placeholder texts in text edits * Android: Fix flickering on split screen mode * Update url to IAccessible2 Specification ==== libqt5-qtconnectivity ==== Version update (5.15.11+kde6 -> 5.15.12+kde6) Subpackages: libQt5Bluetooth5 libQt5Bluetooth5-imports libQt5Nfc5 libQt5Nfc5-imports libqt5-qtconnectivity-tools - Update to version 5.15.12+kde6, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtdeclarative ==== Version update (5.15.11+kde30 -> 5.15.12+kde31) - Update to version 5.15.12+kde31, rebased upstream: * QML: Fortify qmlExecuteDeferred some more * QV4: Avoid memory corruption in Reflect.apply * Blacklist 1 tests in tst_qquickanimations on macos * doc: Add note to PinchHandler.translation property about macOS trackpad * Revert "masm: Treat Android as generic Posix regarding mmap and friends" * QML: Check for stack overflows when creating objects * Fix wrong item-sizeHint-cache when StackLayout children were reordered * Doc: Add missing QQuickWindow constructor * Handle missing stops gracefully in Shape gradients * Do not crash if madvise() fails on MADV_WILLNEED * Blacklist 1 tests in tst_qquickbehaviors on macos * Avoid double applyDelegateChange in QQIV::setDelegate * QSGGeometry: add Q_DISABLE_COPY_MOVE * Qml: Don't crash on bad grouped properties * Fix TypeError in dynamicview1 example * Fix broken Text rendering when noantialiased NativeRendering is used * Trim file names before adding them to qml components and scripts * masm: Treat Android as generic Posix regarding mmap and friends * Bump version to 5.15.12 * Move StackLayout tests from qtquickcontrols.git (5.15) ==== libqt5-qtgraphicaleffects ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtimageformats ==== Version update (5.15.11+kde12 -> 5.15.12+kde10) - Update to version 5.15.12+kde10, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtlocation ==== Version update (5.15.11+kde4 -> 5.15.12+kde6) Subpackages: libQt5Location5 libQt5Positioning5 libQt5PositioningQuick5 - Update to version 5.15.12+kde6, rebased upstream: * Fix HereMap plugin not supporting authentication via apiKey * Fix build of Qt.labs.location QML plugin * PositionSource: fix lastKnownPosition request at startup * Bump version to 5.15.12 - Drop patches, now upstream: * 0001-Fix-build-of-Qt.labs.location-QML-plugin.patch ==== libqt5-qtmultimedia ==== Version update (5.15.11+kde2 -> 5.15.12+kde2) - Update to version 5.15.12+kde2, rebased upstream: * Fix crash on macos13 with iphone camera * VideoOutput: Always update geometry when video surface format changes * VideoOutput: fix resize of a finished video * Bump version to 5.15.12 * Windows: Fix cropping for HEVC-encoded videos ==== libqt5-qtnetworkauth ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtquickcontrols ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 * Remove tests for StackLayout ==== libqt5-qtquickcontrols2 ==== Version update (5.15.11+kde5 -> 5.15.12+kde5) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to version 5.15.12+kde5, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtscript ==== Version update (5.15.15 -> 5.15.16) - Update to version 5.15.16: * Bump version to 5.15.16 - Update to version 5.15.15+kde0, rebased upstream: * No code changes - Commits dropped by the rebase: * Bump version to 5.15.15 * Bump version to 5.15.14 * BumpÂ versionÂ toÂ 5.15.13 * Bump version to 5.15.12 * Bump version to 5.15.11 * Bump version to 5.15.10 ==== libqt5-qtsensors ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) Subpackages: libQt5Sensors5 libQt5Sensors5-imports - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtserialport ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtspeech ==== Version update (5.15.11+kde1 -> 5.15.12+kde1) Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd - Update to version 5.15.12+kde1, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtsvg ==== Version update (5.15.11+kde6 -> 5.15.12+kde6) - Update to version 5.15.12+kde6, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qttools ==== Version update (5.15.11+kde3 -> 5.15.12+kde4) Subpackages: libQt5Designer5 libQt5Help5 libqt5-qdbus libqt5-qtpaths - Update to version 5.15.12+kde4, rebased upstream: * qdoc: Ensure the generated temporary header file is closed properly * Bump version to 5.15.12 ==== libqt5-qttranslations ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtvirtualkeyboard ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell - Update to version 5.15.12+kde0, rebased upstream: * Doc: Improve locale section of technical guide * Fix visible area in the basic example * Bump version to 5.15.12 ==== libqt5-qtwayland ==== Version update (5.15.11+kde59 -> 5.15.12+kde60) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to version 5.15.12+kde60, rebased upstream: * Client: Always populate mimedata in drags * Client: Honor QGuiApplication::overrideCursor() * Always use blocking write for data_source.send * client: Mark return values as unused to suppress compiler warnings * tests: fix tst_seatv4 to use 24 as default cursor size * Bump version to 5.15.12 ==== libqt5-qtwebchannel ==== Version update (5.15.11+kde3 -> 5.15.12+kde3) Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports - Update to version 5.15.12+kde3, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtwebsockets ==== Version update (5.15.11+kde2 -> 5.15.12+kde2) Subpackages: libQt5WebSockets5 libQt5WebSockets5-imports - Update to version 5.15.12+kde2, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtwebview ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) Subpackages: libQt5WebView5 libQt5WebView5-imports - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtx11extras ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libqt5-qtxmlpatterns ==== Version update (5.15.11+kde0 -> 5.15.12+kde0) Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports - Update to version 5.15.12+kde0, rebased upstream: * Bump version to 5.15.12 ==== libraw ==== Version update (0.21.1 -> 0.21.2) - update to 0.21.2: * New compile-defined limit LIBRAW_MAX_PROFILE_SIZE_MB: limits allocation/read size for embedded color profile Embedded color profile allocation/read size: limited by input file size. * Multiple fixes (mostly inspired by oss-fuzz) to improve library stability and/or input checks. * raw-identify: use fallback if PATH_MAX not available * Disabled color conversion for Canon 16-bit thumbnails * docs/changelog: explained the case when no thumbnail is found in specific file * swapXX renamed to libraw_swapXX to avoid name conflict * better striped thumbnails handling - drop libraw-CVE-2023-1729.patch (upstream) ==== libstorage-ng ==== Version update (4.5.168 -> 4.5.169) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#975 - reduce number of udevadm settle calls during probing - use in-class member initialization - proved probe function taking SystemInfo as an additional argument - fixed typos - moved code - 4.5.169 ==== lttng-ust ==== Version update (2.13.5 -> 2.13.6) - update to 2.13.6: * Fix: segmentation fault on filter interpretation in "switch" mode * Fix: `ip` context is expressed as a base-10 field * Fix: c99: use __asm__ __volatile__ * Fix: c99: static assert: clang build fails due to multiple typedef * Fix: Reevaluate LTTNG_UST_TRACEPOINT_DEFINE each time tracepoint.h is included * Fix: trace events in C++ constructors/destructors * Fix: trace events in C constructors/destructors * Fix: use unaligned pointer accesses for lttng_inline_memcpy ==== newt ==== Version update (0.52.23 -> 0.52.24) - update to 0.52.24: * add support for python3.13 * fix compiler warnings ==== nftables ==== Subpackages: libnftables1 python311-nftables - buildrequire setuptools explicitly as pip drops the dependency ==== nodejs21 ==== Subpackages: npm21 - c-ares-fixes.patch: fixes unit tests for new c-ares ==== perl-IO-Socket-SSL ==== - Fix the test t/core.t to build with OpenSSL 3.2.0. [bsc#1218342] * https://github.com/noxxi/p5-io-socket-ssl/issues/147 * Add perl-IO-Socket-SSL-Openssl32.patch ==== perl-MIME-tools ==== Version update (5.510 -> 5.511.0) - updated to 5.511 see /usr/share/doc/packages/perl-MIME-tools/ChangeLog 5.511 2024-01-02 Dianne Skoll <dianne(a)skoll.ca> * VERSION 5.511 RELEASED * Silence a warning if used with a development version of MIME::QuotedPrint https://rt.cpan.org/Ticket/Display.html?id=150118 https://rt.cpan.org/Ticket/Display.html?id=149225 ==== php8 ==== Version update (8.2.13 -> 8.2.14) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.14 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.14 ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse - minor fixes for setup-pulseaudio * be sure /etc/profile.d/pulseaudio.sh exists before using grep ==== python-falcon ==== Subpackages: python-falcon-doc python311-falcon - removed unneeded build dependency on python3-pygments-style-railscasts ==== python-python-slugify ==== Version update (5.0.2 -> 8.0.1) - Update to version v8.0.1: * Legal Notice / Readme * Add note on licensing (#130) * By default, prefer unidecode if installed * Update import order for unidecode vs text_unidecode (#126) * Support Matrix * SemVer Table * merge sandbox * github action revert * cmdline options * update dev deps * Up Version * Add missing cmdLine options ==== python-unicodedata2 ==== - Add %{?sle15_python_module_pythons} ==== qca-qt5 ==== Version update (2.3.7+git8 -> 2.3.7+git12) Subpackages: libqca-qt5-2 qca-qt5-plugins - Update to version 2.3.7+git12: * Increase version number * Update rootcerts.pem * test: add test for EME_PKCS1_OAEP and fix openssl >= 3.2 does not failing anymore when decrypting with the wrong key * plugins/qca-ossl: Announce tripledes unconditionally again ==== qt6-base ==== Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 - Add upstream patches to fix an incorrect integer overflow check (boo#1218413, CVE-2023-51714): * 0001-HPack-fix-a-Yoda-Condition.patch * 0002-HPack-fix-incorrect-integer-overflow-check.patch - Add upstream patch to fix a potential overflow in assemble_hpack_block(): * 0001-Http2-fix-potential-overflow-in-assemble_hpack_block.patch ==== sdbootutil ==== Version update (1+git20231214.b186b2d -> 1+git20231221.42797ab) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20231221.42797ab: * Do not fail if LUKS2 section is empty ==== suse-module-tools ==== Version update (16.0.39 -> 16.0.42) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.42: * 60-io-scheduler.rules: test for "scheduler" sysfs attribute (boo#1216717) - Update to version 16.0.41: * rpm-script: fix issue during installation (bsc#1217775) * rpm-script: preun: remove stale .vmlinuz.hmac file * add blacklist entry for reiserfs (jsc#PED-6167) * rpm-script: add symlink /boot/.vmlinuz.hmac (bsc#1217775) * Remove kmp-install (boo#1214360) ==== tracker-miners ==== Subpackages: tracker-miner-files tracker-miners-lang - Rebase tracker-miners-drop-syscalls-in-seccomp.patch ==== unbound ==== Version update (1.18.0 -> 1.19.0) Subpackages: libunbound8 unbound-anchor - Update to 1.19.0: * Features: - Fix #850: [FR] Ability to use specific database in Redis, with new redis-logical-db configuration option. - Merge #944: Disable EDNS DO. Disable the EDNS DO flag in upstream requests. This can be helpful for devices that cannot handle DNSSEC information. But it should not be enabled otherwise, because that would stop DNSSEC validation. The DNSSEC validation would not work for Unbound itself, and also not for downstream users. Default is no. The option is disable-edns-do: no - Expose the script filename in the Python module environment 'mod_env' instead of the config_file structure which includes the linked list of scripts in a multi Python module setup; fixes #79. - Expose the configured listening and outgoing interfaces, if any, as a list of strings in the Python 'config_file' class instead of the current Swig object proxy; fixes #79. - Mailing list patches from Daniel GrÃ¶ber for DNS64 fallback to plain AAAA when no A record exists for synthesis, and minor DNS64 code refactoring for better readability. - Merge #951: Cachedb no store. The cachedb-no-store: yes option is used to stop cachedb from writing messages to the backend storage. It reads messages when data is available from the backend. The default is no. * Bug Fixes: - Fix for version generation race condition that ignored changes. - Fix #942: 1.18.0 libunbound DNS regression when built without OpenSSL. - Fix for WKS call to getservbyname that creates allocation on exit in unit test by testing numbers first and testing from the services list later. - Fix autoconf 2.69 warnings in configure. - Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1. - Merge #931: Prevent warnings from -Wmissing-prototypes. - Fix to scrub resource records of type A and AAAA that have an inappropriate size. They are removed from responses. - Fix to move msgparse_rrset_remove_rr code to util/msgparse.c. - Fix to add EDE text when RRs have been removed due to length. - Fix to set ede match in unit test for rr length removal. - Fix to print EDE text in readable form in output logs. - Fix send of udp retries when ENOBUFS is returned. It stops looping and also waits for the condition to go away. Reported by Florian Obser. - Fix authority zone answers for obscured DNAMEs and delegations. - Merge #936: Check for c99 with autoconf versions prior to 2.70. - Fix to remove two c99 notations. - Fix rpz tcp-only action with rpz triggers nsdname and nsip. - Fix misplaced comment. - Merge #881: Generalise the proxy protocol code. - Fix #946: Forwarder returns servfail on upstream response noerror no data. - Fix edns subnet so that queries with a source prefix of zero cause the recursor send no edns subnet option to the upstream. - Fix that printout of EDNS options shows the EDNS cookie option by name. - Fix infinite loop when reading multiple lines of input on a broken remote control socket. Addesses #947 and #948. - Fix #949: "could not create control compt". - Fix that cachedb does not warn when serve-expired is disabled about use of serve-expired-reply-ttl and serve-expired-client-timeout. - Fix for #949: Fix pythonmod/ubmodule-tst.py for Python 3.x. - Better fix for infinite loop when reading multiple lines of input on a broken remote control socket, by treating a zero byte line the same as transmission end. Addesses #947 and #948. - For multi Python module setups, clean previously parsed module functions in __main__'s dictionary, if any, so that only current module functions are registered. - Fix #954: Inconsistent RPZ handling for A record returned along with CNAME. - Fixes for the DNS64 patches. - Update the dns64_lookup.rpl test for the DNS64 fallback patch. - Merge #955 from buevsan: fix ipset wrong behavior. - Update testdata/ipset.tdir test for ipset fix. - Fix to print detailed errors when an SSL IO routine fails via SSL_get_error. - Clearer configure text for missing protobuf-c development libraries. - autoconf. - Merge #930 from Stuart Henderson: add void to log_ident_revert_to_default declaration. - Fix #941: dnscrypt doesn't work after upgrade to 1.18 with suggestion by dukeartem to also fix the udp_ancil with dnscrypt. - Fix SSL compile failure for definition in log_crypto_err_io_code_arg. - Fix SSL compile failure for other missing definitions in log_crypto_err_io_code_arg. - Fix compilation without openssl, remove unused function warning. - Mention flex and bison in README.md when building from repository source. ==== vim ==== Version update (9.0.2181 -> 9.1.0000) Subpackages: vim-data vim-data-common xxd - update to 9.1.0000 add missing help tags regenerate synmenu proto files need update improve filetype detection for *.v (V/Verilog/Coq) Update sh syntax and add local keyword for bash Update ftplugin and omni-complete Update Version9.txt for release 9.1 Add help tags to items in version9.txt Updated German translation Improve Turkish documentation update syntax and documentation Wrong display with 'briopt=sbr' and 'nobreakindent' Updates to indent and syntax Fix folding of code blocks Provide sass_recommended_style option Updates to ftplugin and syntax Make diffs foldable Add small ftplugin add Hungarian translation Updated Russian translation remove coveralls, move runtime/lang/Make_mvc.mak correct the :public example adjust tutor/README.ru.utf-8.txt Update Italian translations missing undo_ftplugin for indentkeys cursor wrong after { in single line buffer Visual not drawn with 'breakindent' when line doesn't fit add help tag multiple-constructors. fix indentation Syntax fix LTCG compile error ARM64 for write_chars clarify behaviour of ]m and ]M motions Update default links update ConTeXt keywords and other minor fixes Add variable categories and null related documentation Update R runtime files and docs Update Ukrainian translation Coverity complains about not checking return value Clarify that new() is not static list of new/changed features in version9.txt updates to indent, syntax and ftplugin Add loong64 arch add some error codes to `:help vim9class` Vim9: inconsistent :type/:class messages add support for matchit plugin add variants of opcodes Include Vim9 class features in version9.txt Maximum callback depth is not configurable Update Serbian messages translation reformat and align :h ft-c-syntax Update syntax file Vim9: need a way to reserve future extension Add TODO support to syntax script Vim9: missing error messages update helptags POSIX function name in exarg causes issues no filetype detection for execline scripts reg_executing() wrong for :normal with range Wrong cursor position when dragging out of window Update Serbian messages translation prevent E11 on FocusGained autocommand Update Japanese translation updated 8th syntax change dependabot prefix to "CI" Update change.txt Compile error with Motif UI + mouse support Create Changelog until v9.0.2175 Update Italian translations Update tmux syntax rules Update Turkish translations Compiler warning for uninitialized var update fortran syntax rules and doc notes Vim9: segfault when assigning to type remove deprecation warning for gdefault Vim9: crash when compiling for statement and non-existing type Vim9: compiling :defer may fail Updated Irish translation Update Logtalk runtime files for the latest language spec update Racket runtime files Update colorschemes The options[] array is still not sorted alphabetically Vim9: no support for const/final class/objects vars Vim9: builtin funcs may accept a non-value Moving tabpages on :drop may cause an endless loop sync runtime files with upstream grammar & typo fixes add Tbreak command Vim9: not consistently using :var for declarations Memory leak in Configure Script when checking GTK Vim9: can simplify arg type checking code Vim9: can use type a func arg/return value escape curdir in BrowseUpDir Vim9: type can be assigned to list/dict Vim9: type documentation out-dated Vim9: not able to use imported interfaces and classes Fix i386 build instanceof() should use varargs as second arg Update syntax file, fix missing for highlight ... changelog too long, skipping 30 lines ... Type check tests fail without the channel feature ==== wireless-regdb ==== Version update (20230901 -> 20231201) - Update to version 20231201: * wireless-regdb: Update keys and maintainer information ==== yast2-trans ==== Version update (84.87.20231224.d98b72cc24 -> 84.87.20231230.7bdda36766) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20231230.7bdda36766: * New POT for text domain 'security'. * New POT for text domain 'pam'. * New POT for text domain 'ntp-client'. * New POT for text domain 'add-on'. * Translated using Weblate (Georgian) * New POT for text domain 'installation'. * New POT for text domain 'autoinst'. * Translated using Weblate (Czech) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish)

1 0

New Tumbleweed snapshot 20240103 released!
by Dominique Leuenberger 04 Jan '24

04 Jan '24

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: python-psycopg2 qt6-base sudo (1.9.15p4 -> 1.9.15p5) thunar (4.18.8 -> 4.18.10) === Details === ==== python-psycopg2 ==== - require setuptools ==== qt6-base ==== Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 - Add upstream patch for a bug in QMimeDatabase which makes impossible to save JPEG files in Qt6 applications: * 0001-QMimeDatabase-collect-glob-patterns-from.patch * https://code.qt.io/cgit/qt/qtbase.git/commit/?id=4e9944e6c8a456353d243ab268… ==== sudo ==== Version update (1.9.15p4 -> 1.9.15p5) Subpackages: sudo-plugin-python - Update to 1.9.15p5: * Fixed evaluation of the lecture, listpw, verifypw, and fdexec sudoers Defaults settings when used without an explicit value. Previously, if specified without a value they were evaluated as boolean false, even when the negation operator ('!') was not present. * Fixed a bug introduced in sudo 1.9.14 that prevented LDAP netgroup queries using the NETGROUP_BASE setting from being performed. * Sudo will now transparently rename a user's lecture file from the older name-based path to the newer user-ID-based path. GitHub issue #342. * Fixed a bug introduced in sudo 1.9.15 that could cause a memory allocation failure if sysconf(_SC_LOGIN_NAME_MAX) fails. Bug #1066. ==== thunar ==== Version update (4.18.8 -> 4.18.10) Subpackages: libthunarx-3-0 thunar-lang - Update to 4.18.10: * Prevent infinite reload loop for symlinks (#1270) - Update to 4.18.9: * g_file_get_basename over realpath (#1030) * Fix and simplify symlink resolver (#1260) * Fix thumbnailer symlink support (#1260) * Prevent GLib GIO CRITICAL (#1204) * Translation Updates

1 0

New Tumbleweed snapshot 20231228 released!
by Dominique Leuenberger 03 Jan '24

03 Jan '24

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: bluez (5.70 -> 5.71) ell (0.60 -> 0.61) ffmpeg-4 hxtools (20231101 -> 20231224) mozilla-nss poppler (23.11.0 -> 23.12.0) poppler-qt5 (23.11.0 -> 23.12.0) postfix protobuf-c (1.4.1 -> 1.5.0) python-Babel (2.13.1 -> 2.14.0) python-alembic (1.13.0 -> 1.13.1) python-distro (1.8.0 -> 1.9.0) python-importlib-metadata (7.0.0 -> 7.0.1) python-psutil (5.9.6 -> 5.9.7) python-unicodedata2 (15.0.0 -> 15.1.0) qpdf (11.6.4 -> 11.7.0) timezone (2023c -> 2023d) xerces-c (3.2.4 -> 3.2.5) === Details === ==== bluez ==== Version update (5.70 -> 5.71) Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - update to 5.71: * Fix issue with not registering CSIS service. * Fix issue with registering pairing callbacks. * Fix issue with corruption during discovery filter parsing. - drop CVE-2023-45866.patch, Fix-.device_probe-failing-if-SDP-record-is-not.patch: upstream - update bluez-disable-broken-tests.diff: disable failing vcp test ==== ell ==== Version update (0.60 -> 0.61) - Update to release 0.61 * netconfig: Always set DHCP MAC address on start * netlink: Add workaround for missing NLM_F_ACK_TLVS and NLM_F_CAPPED ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Update ffmpeg-glslang-cxx17.patch to build with glslang 14 - Disable vmaf integration as ffmpeg-4 cannot handle vmaf>=3 - Delete vmaf-trim-usr-local.patch ==== hxtools ==== Version update (20231101 -> 20231224) Subpackages: fd0ssh ofl - Update to release 20231224 * Add gh-trim-workflowruns script * git-forest: port to Perl 5.38 ==== mozilla-nss ==== Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - add nss-allow-slow-tests-s390x.patch: "certutil dump keys with explicit default trust flags" test needs longer than the allowed 6 seconds on s390x ==== poppler ==== Version update (23.11.0 -> 23.12.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler133 poppler-tools - version update to 23.12.0 core: * Rewrite FoFiType1::parse to be more flexible * Small internal code refactoring ==== poppler-qt5 ==== Version update (23.11.0 -> 23.12.0) - version update to 23.12.0 core: * Rewrite FoFiType1::parse to be more flexible * Small internal code refactoring ==== postfix ==== - update default configuration to enable the long-term fix for bsc#1218304, CVE-2023-51764, SMTP smuggling attack: * smtpd_forbid_bare_newline = yes * smtpd_forbid_bare_newline_exclusions = $mynetworks ==== protobuf-c ==== Version update (1.4.1 -> 1.5.0) - update to 1.5.0: * Use CMAKE_CURRENT_BINARY_DIR instead of CMAKE_BINARY_DIR * remove deprecated functionality * Avoid "unused variable" compiler warning * Update autotools * Support for new Google protobuf 22.x, 23.x releases * Remove protobuf 2.x support ==== python-Babel ==== Version update (2.13.1 -> 2.14.0) - update to 2.14.0: * ``Locale.number_symbols`` will now have first-level keys for each numbering system. * Babel no longer directly depends on either ``distutils`` or ``setuptools``; if you had been using the Babel setuptools command extensions, you would need explicitly depend on ``setuptools`` * CLDR/Numbers: Add support of local numbering systems for number symbols * CLDR: Upgrade to CLDR 43 * Frontend: Allow last_translator to be passed as an option to extract_message * Frontend: Decouple `pybabel` CLI frontend from distutils/setuptools * Numbers: Improve parsing of malformed decimals ==== python-alembic ==== Version update (1.13.0 -> 1.13.1) - update to 1.13.1: * Fixed :class:`.Rewriter` so that more than two instances could be chained together correctly, also allowing multiple ``process_revision_directives`` callables to be chained. * Fixed issue where the method :meth:`.EnvironmentContext.get_x_argument` using the :paramref:`.EnvironmentContext.get_x_argument.as_dictionary` parameter would fail if an argument key were passed on the command line as a name alone, that is, without an equal sign ``=`` or a value. Behavior is repaired where this condition is detected and will return a blank string for the given key, consistent with the behavior where the ``=`` sign is present and no value. * Fixed issue where the "unique" flag of an ``Index`` would not be maintained when generating downgrade migrations. * Fixed bug in versioning model where a downgrade across a revision with two down revisions with one down revision depending on the other, would produce an erroneous state in the alembic_version table, making upgrades impossible without manually repairing the table. * Updated pep-484 typing to pass mypy "strict" mode, however including per-module qualifications for specific typing elements not yet complete. * This allows us to catch specific typing issues that have been ongoing such as import symbols not properly exported. ==== python-distro ==== Version update (1.8.0 -> 1.9.0) - update to 1.9.0: * Refactor distro.info() method to return an InfoDict [#360] * Ignore the file '/etc/board-release' [#353] * Ignore the file '/etc/ec2_version' [#359] * Test on modern versions of CPython and PyPy and macOS [#362] * Add support for ALT Linux Server 10.1 distribution [#354] * Add Debian Testing to the tests [#356] * Update archlinux resource for tests [#352] ==== python-importlib-metadata ==== Version update (7.0.0 -> 7.0.1) - update to 7.0.1: * Corrected the interface for SimplePath to encompass the expectations of locate_file and PackagePath. * Fixed type annotations to allow strings. ==== python-psutil ==== Version update (5.9.6 -> 5.9.7) - update to 5.9.7: * 2324_: enforce Ruff rule `raw-string-in-exception`, which helps providing clearer tracebacks when exceptions are raised by psutil. * 2325_, [PyPy]: psutil did not compile on PyPy due to missing `PyErr_SetExcFromWindowsErrWithFilenameObject` cPython API. - drop logind_y2038.patch (upstream) ==== python-unicodedata2 ==== Version update (15.0.0 -> 15.1.0) - update to 15.1.0: * Updated to Unicode 15.1 and added support for Python 3.12 ==== qpdf ==== Version update (11.6.4 -> 11.7.0) - update to 11.7.0: * Add QPDFAcroFormDocumentHelper::disableDigitalSignatures, which disables any digital signature fields, leaving their visual representations intact. The --remove-restrictions command-line argument now calls this. * Generate a more complete qpdf "man page" from the same source as qpdf --help. Fixes #1064. * Allow the syntax "--encrypt --user-password=user-password - -owner-password=owner-password --bits={40,128,256}" when encrypting PDF files. This is an alternative to the syntax "--encrypt user-password owner-password {40,128,256}", which will continue to be supported. The new syntax works better with shell completion and allows creation of passwords that start with "-". * When setting a check box value, allow any value other than /Off to mean checked. This is permitted by the spec. * Fix to QPDF JSON: a floating point number that appears in scientific notation will be converted to fixed-point notation, rounded to six digits after the decimal point. * Fix to QPDF JSON: the syntax "n:/pdf-syntax" is now accepted as an alternative way to represent names. This can be used for any name (e.g. "n:/text#2fplain"), but it is necessary when the name contains binary characters. * Update code and tests so that qpdf's test suite no longer depends on the output of any specific zlib implementation. This makes it possible to get a fully passing test suite with any API-compatible zlib library. CI tests with the default zlib as well as zlib-ng (including verifying that zlib-ng is not the default), but any zlib implementation should work. Fixes [#774]. * Bug fix: with --compress-streams=n, don't compress object, XRef, or linearization hint streams. * Add new C++ functions "qpdf_c_get_qpdf" and "qpdf_c_wrap" to qpdf-c.h that make it possible to write your own extern "C" functions in C++ that interoperate with the C API. See examples/extend-c-api for more information. ==== timezone ==== Version update (2023c -> 2023d) - update to 2023d: * Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. * Vostok, Antarctica changed time zones on 2023-12-18. * Casey, Antarctica changed time zones five times since 2020. * Code and data fixes for Palestine timestamps starting in 2072. * A new data file zonenow.tab for timestamps starting now. * Fix predictions for DST transitions in Palestine in 2072-2075, correcting a typo introduced in 2023a. * Vostok, Antarctica changed to +05 on 2023-12-18. It had been at +07 (not +06) for years. * Change data for Casey, Antarctica to agree with timeanddate.com, by adding five time zone changes since 2020. Casey is now at +08 instead of +11. * Much of Greenland, represented by America/Nuuk, changed its standard time from -03 to -02 on 2023-03-25, not on 2023-10-28. * localtime.c no longer mishandles TZif files that contain a single transition into a DST regime. Previously, it incorrectly assumed DST was in effect before the transition too. * tzselect no longer creates temporary files. * tzselect no longer mishandles the following: * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION. * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/. * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments. * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension. * zic no longer mishandles data for Palestine after the year 2075. ==== xerces-c ==== Version update (3.2.4 -> 3.2.5) - update to 3.2.5 (bsc#1159552, CVE-2018-1311): * [XERCESC-2163] - XercesMessages_en_US.cat is installed to wrong directory * [XERCESC-2188] - Use-after-free on external DTD scan

1 0