openSUSE ARM
Threads by month
- ----- 2024 -----
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
August 2023
- 2 participants
- 4 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
389-ds (2.4.0~git18.37ec5cd -> 2.4.0~git74.4297d88)
GraphicsMagick
ImageMagick (7.1.1.12 -> 7.1.1.15)
Mesa (23.1.4 -> 23.1.5)
Mesa-drivers (23.1.4 -> 23.1.5)
MozillaFirefox (115.0.3 -> 116.0.3)
NetworkManager (1.42.8 -> 1.44.0)
NetworkManager-vpnc
SDL2 (2.28.1 -> 2.28.2)
a52dec (0.7.5+svn613 -> 0.8.0)
accountsservice
amavisd-new
apache2
apache2-manual
apache2-mod_php8 (8.2.8 -> 8.2.9)
apache2-prefork
apache2-utils
at-spi2-core
attica-qt5 (5.108.0 -> 5.109.0)
baloo5 (5.108.0 -> 5.109.0)
bash-completion
bind (9.18.17 -> 9.18.18)
bluez (5.66 -> 5.68)
bluez-qt (5.108.0 -> 5.109.0)
breeze5-icons (5.108.0 -> 5.109.0)
brltty (6.5 -> 6.6)
busybox-links
ca-certificates-mozilla (2.60 -> 2.62)
catfish (4.16.4 -> 4.18.0)
ceph
chrony (4.3 -> 4.4)
clamav (0.103.8 -> 0.103.9)
colord
dcraw
dracut (059+suse.476.g5e324584 -> 059+suse.491.g87f19c22)
emacs (28.2 -> 29.1)
firewalld
fixmath
frameworkintegration (5.108.0 -> 5.109.0)
fuse3 (3.15.1 -> 3.16.1)
gcc13 (13.1.1+git7597 -> 13.2.1+git7683)
gdb
gdbm
gdm
giflib
glibc (2.37 -> 2.38)
glu
gmp (6.2.1 -> 6.3.0)
gnome-bluetooth (42.5 -> 42.6)
gnome-disk-utility
gnome-settings-daemon
gnome-software (44.3 -> 44.4)
gnome-terminal (3.48.1 -> 3.48.2)
gnutls (3.8.0 -> 3.8.1)
gpgme (1.21.0 -> 1.22.0)
gpgmeqt (1.21.0 -> 1.22.0)
grub2
gspell (1.12.1 -> 1.12.2)
gtk3
gtk4 (4.10.4 -> 4.12.0)
gupnp (1.6.4 -> 1.6.5)
harfbuzz (8.0.1 -> 8.1.1)
hwdata (0.372 -> 0.373)
imlib2 (1.11.1 -> 1.12.0)
java-11-openjdk (11.0.20.0 -> 11.0.20.1)
javapackages-tools
kactivities-stats (5.108.0 -> 5.109.0)
kactivities5 (5.108.0 -> 5.109.0)
karchive (5.108.0 -> 5.109.0)
kauth (5.108.0 -> 5.109.0)
kbookmarks (5.108.0 -> 5.109.0)
kcalendarcore (5.108.0 -> 5.109.0)
kcmutils (5.108.0 -> 5.109.0)
kcodecs (5.108.0 -> 5.109.0)
kcompletion (5.108.0 -> 5.109.0)
kconfig (5.108.0 -> 5.109.0)
kconfigwidgets (5.108.0 -> 5.109.0)
kcontacts (5.108.0 -> 5.109.0)
kcoreaddons (5.108.0 -> 5.109.0)
kcrash (5.108.0 -> 5.109.0)
kdav (5.108.0 -> 5.109.0)
kdbusaddons (5.108.0 -> 5.109.0)
kdeclarative (5.108.0 -> 5.109.0)
kded (5.108.0 -> 5.109.0)
kdelibs4support (5.108.0 -> 5.109.0)
kdesu (5.108.0 -> 5.109.0)
kdnssd-framework (5.108.0 -> 5.109.0)
kdoctools (5.108.0 -> 5.109.0)
kernel-firmware (20230724 -> 20230814)
kernel-source (6.4.6 -> 6.4.11)
kfilemetadata5 (5.108.0 -> 5.109.0)
kglobalaccel (5.108.0 -> 5.109.0)
kguiaddons (5.108.0 -> 5.109.0)
kholidays (5.108.0 -> 5.109.0)
khtml (5.108.0 -> 5.109.0)
ki18n (5.108.0 -> 5.109.0)
kiconthemes (5.108.0 -> 5.109.0)
kidletime (5.108.0 -> 5.109.0)
kimageformats (5.108.0 -> 5.109.0)
kinit (5.108.0 -> 5.109.0)
kio (5.108.0 -> 5.109.0)
kirigami-addons (0.10.0 -> 0.11.0)
kirigami2 (5.108.0 -> 5.109.0)
kitemmodels (5.108.0 -> 5.109.0)
kitemviews (5.108.0 -> 5.109.0)
kjobwidgets (5.108.0 -> 5.109.0)
kjs (5.108.0 -> 5.109.0)
kmod
knewstuff (5.108.0 -> 5.109.0)
knotifications (5.108.0 -> 5.109.0)
knotifyconfig (5.108.0 -> 5.109.0)
kpackage (5.108.0 -> 5.109.0)
kparts (5.108.0 -> 5.109.0)
kpeople5 (5.108.0 -> 5.109.0)
kplotting (5.108.0 -> 5.109.0)
kpty (5.108.0 -> 5.109.0)
kquickcharts (5.108.0 -> 5.109.0)
kross (5.108.0 -> 5.109.0)
krunner (5.108.0 -> 5.109.0)
kservice (5.108.0 -> 5.109.0)
ktexteditor (5.108.0 -> 5.109.0)
ktextwidgets (5.108.0 -> 5.109.0)
kunitconversion (5.108.0 -> 5.109.0)
kwallet (5.108.0 -> 5.109.0)
kwayland (5.108.0 -> 5.109.0)
kwidgetsaddons (5.108.0 -> 5.109.0)
kwindowsystem (5.108.0 -> 5.109.0)
kxmlgui (5.108.0 -> 5.109.0)
less (633 -> 643)
libKF5ModemManagerQt (5.108.0 -> 5.109.0)
libKF5NetworkManagerQt (5.108.0 -> 5.109.0)
libXaw3d (1.6.4 -> 1.6.5)
libadwaita (1.3.3 -> 1.3.4)
libcloudproviders (0.3.1 -> 0.3.2)
libetonyek
libfprint (1.94.5+tod1 -> 1.94.6+tod1)
libgit2 (1.7.0 -> 1.7.1)
libgweather4 (4.2.0 -> 4.3.2)
libimobiledevice (1.3.0+179git.20230430 -> 1.3.0+190git.20230705)
liblangtag (0.6.3 -> 0.6.4)
liblc3 (1.0.3 -> 1.0.4)
libpaper (2.1.0 -> 2.1.1)
libplacebo (6.292.0 -> 6.292.1)
libreoffice (7.5.4.2 -> 7.6.0.3)
libreoffice-share-linker
libselinux
libsemanage
libsoup2
libssh
libstorage-ng (4.5.133 -> 4.5.136)
libupnp (1.14.17 -> 1.14.18)
libvirt (9.5.0 -> 9.6.0)
libxmlb (0.3.11 -> 0.3.13)
libzypp (17.31.17 -> 17.31.19)
lsb-release
luajit
lvm2
lvm2-device-mapper
man (2.10.2 -> 2.11.2)
mc (4.8.29 -> 4.8.30)
mokutil
mozjs102 (102.12.0 -> 102.14.0)
mutter
ncurses (6.4.20230715 -> 6.4.20230812)
nodejs20 (20.3.1 -> 20.5.1)
okteta (0.26.12 -> 0.26.13)
openSUSE-repos-Tumbleweed (20230731.a018a46 -> 20230810.a7534f6)
openssl-3 (3.1.1 -> 3.1.2)
openssl (3.1.1 -> 3.1.2)
opensuse-welcome (0.1.9+git.0.66be0d8 -> 0.1.9+git.35.4b9444a)
openvpn (2.6.5 -> 2.6.6)
osinfo-db (20230518 -> 20230719)
pam
pam-full-src
pam_mount (2.19 -> 2.20)
patterns-base
pentaho-libxml (1.1.3 -> 1.1.6)
perl (5.36.1 -> 5.38.0)
perl-Authen-SASL (2.16 -> 2.170.0)
perl-Convert-ASN1 (0.33 -> 0.340.0)
perl-Image-ExifTool (12.64 -> 12.65)
perl-LWP-Protocol-https (6.10 -> 6.110.0)
php8 (8.2.8 -> 8.2.9)
pipewire (0.3.76 -> 0.3.77)
plasma-framework (5.108.0 -> 5.109.0)
plasma5-desktop (5.27.7 -> 5.27.7.1)
plasma5-workspace
plymouth
postgresql15 (15.3 -> 15.4)
prison-qt5 (5.108.0 -> 5.109.0)
procmail (3.22 -> 3.24)
procps
procps4
purpose (5.108.0 -> 5.109.0)
python-M2Crypto
python-Pillow
python-PyYAML (6.0 -> 6.0.1)
python-Pygments (2.15.1 -> 2.16.1)
python-SQLAlchemy
python-alembic (1.10.4 -> 1.11.2)
python-certifi (2023.5.7 -> 2023.7.22)
python-click (8.1.3 -> 8.1.6)
python-cryptography (41.0.2 -> 41.0.3)
python-gevent (22.10.2 -> 23.7.0)
python-gssapi
python-immutables
python-importlib-resources (5.12.0 -> 6.0.1)
python-ldap
python-libvirt-python (9.5.0 -> 9.6.0)
python-lxml (4.9.2 -> 4.9.3)
python-mailman
python-numpy (1.24.2 -> 1.25.2)
python-passlib
python-pexpect
python-psutil
python-pycups
python-pyzmq (25.0.2 -> 25.1.1)
python-semanage
python-typing_extensions (4.5.0 -> 4.7.1)
python311
python311-core
qemu (8.0.3 -> 8.0.4)
qqc2-desktop-style (5.108.0 -> 5.109.0)
qt6-declarative
qtkeychain-qt5 (0.13.2 -> 0.14.1)
rdma-core
re2c (3.0 -> 3.1)
rebootmgr (2.0 -> 2.1)
rpm
rubygem-moneta (1.5.2 -> 1.6.0)
sac
salt
setools (4.4.2 -> 4.4.3)
shadow (4.13 -> 4.14.0)
signon (8.60 -> 8.61)
smartmontools (7.3 -> 7.4)
solid (5.108.0 -> 5.109.0)
sonnet (5.108.0 -> 5.109.0)
speech-dispatcher (0.11.4 -> 0.11.5)
srt (1.5.1 -> 1.5.2)
suse-module-tools (16.0.32 -> 16.0.33)
syndication (5.108.0 -> 5.109.0)
syntax-highlighting (5.108.0 -> 5.109.0)
system-config-printer
systemd (253.7 -> 253.8)
sysvinit (3.07 -> 3.08)
tango-icon-theme
tar
telepathy-logger
threadweaver (5.108.0 -> 5.109.0)
tracker-miners
unixODBC (2.3.11 -> 2.3.12)
upower (1.90.1 -> 1.90.2)
util-linux
util-linux-systemd
w3m
webkit2gtk3 (2.40.4 -> 2.40.5)
webkit2gtk3-soup2 (2.40.4 -> 2.40.5)
wpebackend-fdo (1.14.0 -> 1.14.2)
wtmpdb (0.7.1 -> 0.9.1)
xdg-desktop-portal-gnome (44.1 -> 44.2)
xen (4.17.1_06 -> 4.17.2_02)
xfce4-terminal (1.0.4 -> 1.1.0)
xmlsec1
xz (5.4.3 -> 5.4.4)
yast2-apparmor (4.6.1 -> 4.6.2)
yast2-country (4.6.2 -> 4.6.3)
yast2-installation (4.6.5 -> 4.6.7)
yast2-packager (4.6.1 -> 4.6.2)
yast2-trans (84.87.20230729.64eca7e0a1 -> 84.87.20230818.ea489402e5)
zsh
zxing-cpp
=== Details ===
==== 389-ds ====
Version update (2.4.0~git18.37ec5cd -> 2.4.0~git74.4297d88)
Subpackages: lib389 libsvrcore0
- Update to version 2.4.0~git74.4297d88:
* issue 5890 part 2 - Need a tester for testing multiple listening thread feature (#5897)
* Issue i5846 - Crash when lmdb import is aborted (#5881)
* Issue 5894 - lmdb import error fails with Could not store the entry (#5895)
* Issue 5890 - Need a tester for testing multiple listening thread feature (#5891)
* Issue 5082 - slugify: ModuleNotFoundError when running test cases
- Update to version 2.4.0~git69.89c2de5:
* Issue 4551 - Part 2 - Fix build warning of previous PR (#5888)
* Issue 5834 - AccountPolicyPlugin erroring for some users (#5866)
* Issue 5872 - part 2 - fix is_dbi regression (#5887)
* Issue 4758 - Add tests for WebUI
* Issue 5848 - dsconf should prevent setting the replicaID for hub and consumer roles (#5849)
* Issue 5883 - Remove connection mutex contention risk on autobind (#5886)
* Issue 5872 - `dbscan()` in lib389 can return bytes
* Bump version to 2.4.3
* Issue 5729 - Memory leak in factory_create_extension (#5814)
* Issue 5870 - ns-slapd crashes at startup if a backend has no suffix (#5871)
==== GraphicsMagick ====
Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config
- add strlcpy-wrong-sizing.patch: fix incorrect usages of
strlcpy and strlcat detected by glibc 2.38's fortify
==== ImageMagick ====
Version update (7.1.1.12 -> 7.1.1.15)
Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.15
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023…
- modified patches
% ImageMagick-library-installable-in-parallel.patch (refreshed)
- deleted patches
- ImageMagick-CVE-2023-3428.patch (upstreamed)
==== Mesa ====
Version update (23.1.4 -> 23.1.5)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1
- Update to bugfix release 23.1.5
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
==== Mesa-drivers ====
Version update (23.1.4 -> 23.1.5)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to bugfix release 23.1.5
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
==== MozillaFirefox ====
Version update (115.0.3 -> 116.0.3)
- Mozilla Firefox 116.0.3
* Fixed an issue for OPFS users that broke access to files that
were locally cached in a previous version
(bmo#1847989, bmo#1847619)
* Fixed an issue that was breaking screensharing for some users
on Wayland (bmo#1841851)
* Fixed an issue where a fullscreen notification was persistently
being shown to a user, even after disabling it (bmo#1847901)
* Fixed an issue where Firefox would hang when doing a Google
search (bmo#1847066)
- After further testing on memory consumption during linking, it's
safe to remove most of the memory reducing options for ix86 linker.
A combination of these actually resulted in the OOM condition.
It's even possible to add basic debugging info while keeping
linker memory consumption at about 2GB
- Mozilla Firefox 116.0.2
* fixes for other platforms
- Workarold ld bug causing OOM when linking on 32-bit
- Remove -j1 limit on x86. The build runs on 64-bit kernel with a
32-bit userland. This means there is plenty of memory available
but userland is limited to just under 4GB per process.
- Mozilla Firefox 116.0.1
* fixes for other platforms
- ship vaapitest binary for supported archs
- re-enable ppc64le
- ship v4l2test binary for supported archs
- drop obsolete mozilla-bmo1775202.patch
- Mozilla Firefox 116.0
* https://www.mozilla.org/en-US/firefox/116.0/releasenotes/
MFSA 2023-29 (bsc#1213746)
* CVE-2023-4045 (bmo#1833876)
Offscreen Canvas could have bypassed cross-origin restrictions
* CVE-2023-4046 (bmo#1837686)
Incorrect value used during WASM compilation
* CVE-2023-4047 (bmo#1839073)
Potential permissions request bypass via clickjacking
* CVE-2023-4048 (bmo#1841368)
Crash in DOMParser due to out-of-memory conditions
* CVE-2023-4049 (bmo#1842658)
Fix potential race conditions when releasing platform objects
* CVE-2023-4050 (bmo#1843038)
Stack buffer overflow in StorageManager
* CVE-2023-4051 (bmo#1821884)
Full screen notification obscured by file open dialog
* CVE-2023-4052 (bmo#1824420)
File deletion and privilege escalation through Firefox uninstaller
* CVE-2023-4053 (bmo#1839079)
Full screen notification obscured by external program
* CVE-2023-4054 (bmo#1840777)
Lack of warning when opening appref-ms files
* CVE-2023-4055 (bmo#1782561)
Cookie jar overflow caused unexpected cookie jar state
* CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
bmo#1842325, bmo#1843847)
Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
* CVE-2023-4057 (bmo#1841682)
Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
and Thunderbird 115.1
* CVE-2023-4058 (bmo#1819160, bmo#1828024)
Memory safety bugs fixed in Firefox 116
- require NSS 3.91
- remove obsolete mozilla-fix-top-level-asm.patch
- re-enable LTO
==== NetworkManager ====
Version update (1.42.8 -> 1.44.0)
Subpackages: NetworkManager-bluetooth NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0
- Update to version 1.44.0:
+ Introduce a new "link" setting that holds properties related to
the kernel link such as "tx-queue-length", "gso-max-size",
"gso-max-segments", "gro-max-size".
+ Support sending a DHCPv6 prefix delegation hint via the
"ipv6.dhcp-pd-hint" connection property.
+ Support new bond options: "arp_missed_max", "lacp_active",
"ns_ip6_target".
+ Add new "initial-eps-bearer-configure" and
"initial-eps-bearer-apn" properties in the GSM setting.
+ Setting "connection.stable-id=default${CONNECTION}" changed
behavior to be identical to the built-in default value when the
stable-id is not set.
+ Add a "[keyfile].rename" option to NetworkManager.conf to force
renaming profiles on disk when their name changes.
+ The ifcfg-rh plugin is deprecated; it will only receive
bugfixes and no new features. A warning is emitted the log when
a connection in ifcfg-rh format is found.
+ To automatically migrate existing ifcfg-rh connections to the
keyfile format, a new configuration option
"main.migrate-ifcfg-rh" is provided. Migration is disabled by
default, but the default value can be changed at build time via
"--with-config-migrate-ifcfg-rh-default=yes".
+ When configuring hostnames in non-public TLD (like
"example.local"), use the TLD as default search domain instead
of the full hostname.
+ Always apply DNS options from the [global-dns] configuration
section
+ The NetworkManager daemon now acquires the D-Bus name only
after populating the D-Bus tree. This can add a delay during
startup but it is required to avoid race conditions with other
services depending on NM.
+ Add a "version-id" argument to the Update2() D-Bus call to
guard against concurrent modifications of profiles.
+ Don't use tentative IPv6 addresses to resolve the system
hostname via DNS.
+ Track the number of autoconnect retries left for each device
and connection. Previously it was tracked only per connection
and this lead to unexpected behaviors in case of multiconnect
profiles.
+ Set VLAN filtering options on bridge via netlink instead of
sysfs.
+ nm-cloud-setup now supports IMDSv2 on Amazon EC2.
+ nmtui now allows to enable or disable Wi-Fi and WWAN radios.
+ Honor ignore-carrier=no for bond/bridge/team devices.
+ Add version mismatch warning when running nmcli commands.
- Rebase patches with quilt.
==== NetworkManager-vpnc ====
Subpackages: NetworkManager-vpnc-gnome
- Add nm-vpnc-editor-interface-name.patch: properties: Don't set
interface name as empty string by default
(glgo#GNOME/NetworkManager-vpnc/commit/f4df2db6c, bsc#1213769).
==== SDL2 ====
Version update (2.28.1 -> 2.28.2)
- Update to release 2.28.2
* Fixed 8BitDo gamepad mapping when in XInput mode on Linux
* Fixed controller lockup initializing some unofficial PS4
replica controllers
* Fixed video initialization on headless Linux systems using VNC
==== a52dec ====
Version update (0.7.5+svn613 -> 0.8.0)
- Minor spec cleaning, use ldconfig_scriptlets macro, be more
explicit in listing of files (use less globs).
- Update to release 0.8.0
* Build system modernization
- Drop altivec.patch (inapplicable)
- Remove obsolete Groups tag (fate#326485)
==== accountsservice ====
Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0
- Rebase as-fate318433-prevent-same-account-multi-logins.patch:
(bsc#1213884).
==== amavisd-new ====
Subpackages: amavisd-new-docs
- Package failed to rebuild on Perl version changes due to missing
%{perl_requires}
==== apache2 ====
- Enable building of mod_md
==== apache2-manual ====
- Enable building of mod_md
==== apache2-mod_php8 ====
Version update (8.2.8 -> 8.2.9)
- version update to 8.2.9
* This is a security release.
* Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106]
* https://www.php.net/ChangeLog-8.php#8.2.9
- deleted patches
- php-unicode-allow-redistribution.patch (upstreamed)
- deleted sources
- repack.sh (not needed)
==== apache2-prefork ====
- Enable building of mod_md
==== apache2-utils ====
- Enable building of mod_md
==== at-spi2-core ====
Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0
- Support build environments like SLE 15 SP5 and Leap 15.5 which
had %{_distconfdir) not defined yet.
==== attica-qt5 ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Attica5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== baloo5 ====
Version update (5.108.0 -> 5.109.0)
Subpackages: baloo5-file baloo5-file-lang baloo5-imports baloo5-kioslaves baloo5-kioslaves-lang baloo5-tools baloo5-tools-lang libKF5Baloo5 libKF5BalooEngine5 libKF5BalooEngine5-lang
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Document uses and abuses of Baloo::IndexerConfig
* [BalooSearch] Add sort order option
* [Codecs] Make encode/decode methods static, cleanup
* [QueryTest] Add full stack test
* [TermGeneratorTest] Extend phrase coverage
* [AdvancedQueryParserTest] Extend phrase coverage
* [SearchStore] Move private helpers to anonymous namespace
* [BasicIndexingJob] Ignore filename based mimetype for empty files
* Reduce filesystem dependencies in more tests
* [DocumentUrlDbTest] Remove file system dependencies from test
* [DocumentUrlDb] Split document addition and file tree creation
* [DocumentUrlDbTest] Use explicit recursion when walking directory tree
* [Transaction] Use DocumentUrlDB::contains
* [DocumentUrlDB] Add `contains` method
* Remove proxy for obsolete org.kde.baloo interface
* [Transaction] Remove Transaction::exec convenience method
* Add explicit moc includes to sources for moc-covered headers
==== bash-completion ====
- Modify patches
* ls-completion-boo889319.patch
* rm-completion-smart-boo958462.patch
to avoid skipping spaces after last word on command line (boo#1210974)
- Add patch fix_quote_readline_by_ref.patch
* Do not escape leading ~ nor backslash and avoid empty quoting
==== bind ====
Version update (9.18.17 -> 9.18.18)
Subpackages: bind-doc bind-utils
- Update to release 9.18.18
Feature Changes:
* When a primary server for a zone responds to an SOA query, but
the subsequent TCP connection required to transfer the zone is
refused, that server is marked as temporarily unreachable. This
now also happens if the TCP connection attempt times out,
preventing too many zones from queuing up on an unreachable
server and allowing the refresh process to move on to the next
configured primary more quickly.
* The dialup and heartbeat-interval options have been deprecated
and will be removed in a future BIND 9 release.
Bug Fixes:
* Processing already-queued queries received over TCP could cause
an assertion failure, when the server was reconfigured at the
same time or the cache was being flushed. This has been fixed.
* Setting dnssec-policy to insecure prevented zones containing
resource records with a TTL value larger than 86400 seconds (1
day) from being loaded. This has been fixed by ignoring the TTL
values in the zone and using a value of 604800 seconds (1 week)
as the maximum zone TTL in key rollover timing calculations.
==== bluez ====
Version update (5.66 -> 5.68)
Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3
- Use %_firmwaredir
- For pushing bluez 5.68 to 15-SP6 (bluez-5.65), sync change log:
(jsc#PED-5599)
- RPi-Move-the-43xx-firmware-into-lib-firmware.patch be removed
by Stefan Seyfried since updating to bluez-5.66. (bsc#995059)(bsc#1094902)
Because the header file has "#ifndef FIRMWARE_DIR...#define FIRMWARE_DIR /etc/firmare"
instead of patching. So we just supply FIRMWARE_DIR on compiler's
command line in bluez.spec:
export CPPFLAGS="$CPPFLAGS -DFIRMWARE_DIR='\"/lib/firmware\"'
- For pushing bluez 5.68 to 15-SP6 (bluez-5.65), sync change log:
(jsc#PED-5599)
- The avrcp-Fix-crash-while-handling-unsupported-events.patch
be merged to bluez-5.67 since 2023. (bsc#1210398)(CVE-2023-27349)
- 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch be
removed by Timo Jyrinki when updating to 5.68. I saw some reasons:
- Upstream didn't take this patch:
https://www.spinics.net/lists/linux-bluetooth/msg40136.html
- Fedora also marked this patch in bluez.spec since bluez-5.68-2.fc39
https://src.fedoraproject.org/rpms/bluez/blob/2b133d795f4f823c8b22ef5a07569…
We didn't put any bug number of this patch when it be introduced
to bluez.spec since Nov 23, 2021. So, let's remove this patch unless
upstream or Fedora add it back.
- update to 5.68
* Fix issue with A2DP and handling of Transport.Acquire.
* Fix issue with BAP and initiating QoS and Enable procedures.
* Fix issue with BAP and detaching streams when PAC is removed.
* Fix issue with BAP and reading all instances of PAC.
* Fix issue with BAP and not being able to reconfigure.
* Fix issue with BAP and transport configuration changes.
* Fix issue with BAP and handling unexpected disconnect.
* Fix issue with GATT and not removing pending services.
* Fix issue with GATT and client ready handling.
* Fix issue with handling fallback to transient hostname.
* Add support for SecureConnections configuration option.
* Add support for Mesh Remove Provisioning.
* Add support for Mesh Private Beacons.
- Remove patches that are not needed with the new upstream.
==== bluez-qt ====
Version update (5.108.0 -> 5.109.0)
Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== breeze5-icons ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- No code change since 5.108.0
==== brltty ====
Version update (6.5 -> 6.6)
Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi
- Add e6707d5e.patch: brlapi: Fix python crash on connection error.
Cython 3.0 started using the new Python object finalization APIs
from PEP 442.
- Update to version 6.6:
+ Too many changes; please read ChangeLog
- Update api_version.
- Rebase brltty-udev-dir.patch.
==== busybox-links ====
Subpackages: busybox-bzip2 busybox-coreutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-misc busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-which busybox-xz
- Check in filelists instead of buildrequiring all non-busybox utils
==== ca-certificates-mozilla ====
Version update (2.60 -> 2.62)
- readd _multibuild
- Updated to 2.62 state of Mozilla SSL root CAs (bsc#1214248)
Added:
- Atos TrustedRoot Root CA ECC G2 2020
- Atos TrustedRoot Root CA ECC TLS 2021
- Atos TrustedRoot Root CA RSA G2 2020
- Atos TrustedRoot Root CA RSA TLS 2021
- BJCA Global Root CA1
- BJCA Global Root CA2
- LAWtrust Root CA2 (4096)
- Sectigo Public Email Protection Root E46
- Sectigo Public Email Protection Root R46
- Sectigo Public Server Authentication Root E46
- Sectigo Public Server Authentication Root R46
- SSL.com Client ECC Root CA 2022
- SSL.com Client RSA Root CA 2022
- SSL.com TLS ECC Root CA 2022
- SSL.com TLS RSA Root CA 2022
Removed CAs:
- Chambers of Commerce Root
- E-Tugra Certification Authority
- E-Tugra Global Root CA ECC v3
- E-Tugra Global Root CA RSA v3
- Hongkong Post Root CA 1
==== catfish ====
Version update (4.16.4 -> 4.18.0)
Subpackages: catfish-lang
- Update to version 4.18.0
* Filters: Add Archives, Other, update Apps
* Use Gio to open files, fix "no default app" issue
* Add symlink emblem to thumbnails in thumbnail mode
* config: Prefer plocate over mlocate if available
* window: Avoid IndexError on right click when selection is empty
* Create shared filetype lists for searching and filtering
* Ensure site-packages directory is prepended to sys.path
* Fix double border between sidebar and results area
* window: Fix and refactor new_column()
* window: Fix markup warnings in thumbnail view
* Fix GtkBuilder warnings
* Revert "Suppress the various GTK warnings GtkBuilder outputs"
* Fix crash and translations when install prefix != /usr
* Update `.gitignore`
* Remove generated file po/catfish.pot
* Performance improvements (fix #79)
* Translation Updates
- Refresh 0001-Force-disable-Zeitgeist-support.patch
- Remove _service file
==== ceph ====
Subpackages: librados2 librbd1
- restrict to older Cython
==== chrony ====
Version update (4.3 -> 4.4)
Subpackages: chrony-pool-openSUSE
- Update to 4.4:
* Add support for AES-GCM-SIV with Nettle >= 3.9 to shorten NTS
cookies to avoid some length-specific blocking of NTP on
Internet.
* Add support for multiple refclocks using extpps option on one
PHC.
* Add maxpoll option to hwtimestamp directive to improve PHC
tracking with low packet rates
* Add hwtstimeout directive to configure timeout for late
timestamps.
* Handle late hardware transmit timestamps of NTP requests on
all sockets.
* Handle mismatched 32/64-bit time_t in SOCK refclock samples
* Improve source replacement
* Log important changes made by command requests (chronyc)
* Refresh address of NTP sources periodically
* Set DSCP for IPv6 packets
* Shorten NTS-KE retry interval when network is down
* Update seccomp filter for musl
* Warn if loading keys from file with unexpected permissions
* Warn if source selection fails or falseticker is detected
* Add selectopts command to modify source-specific selection
options.
* Add timestamp sources to serverstats report and make its fields
64-bit.
* Add -e option to chronyc to indicate end of response
- Update clknetsim to snapshot ef2a7a9.
==== clamav ====
Version update (0.103.8 -> 0.103.9)
Subpackages: libclamav9 libfreshclam2
- Renew clamav.keyring .
- Update to 0.103.9
* CVE-2023-20197: Fixed a possible denial of service vulnerability in
the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through
1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8
through 0.103.0. (boo#1214342)
* Fixed compiler warnings that may turn into errors in Clang 16.
==== colord ====
Subpackages: colord-color-profiles libcolord2 libcolorhug2
- Reduce memory constraints for riscv64
==== dcraw ====
Subpackages: dcraw-lang
- add dcraw-glibc-2.38.patch to fix prototype clash on memmem with glibc 2.38+
==== dracut ====
Version update (059+suse.476.g5e324584 -> 059+suse.491.g87f19c22)
- Update to version 059+suse.491.g87f19c22:
* fix(dracut-install): protect against broken links pointing to themselves
* fix(dracut.sh): exit if resolving executable dependencies fails (bsc#1214081)
- Update to version 059+suse.488.g81715832:
This is the 3rd backport of the most important fixes and features from the upstream master branch,
while the release date of version 060 is still undefined.
* fix(systemd-udevd): add missing override paths
* fix(systemd-journald): add systemd-sysusers dependency
* fix(base): correct handling of quiet in loginit
* chore(suse): require gawk instead of awk
* refactor(install): log about missing firmware only once
* fix(integrity): do not require ls
* fix(dracut-init.sh): `module_check` method ignores `forced` option
* fix(man): add missing initrd-root-device.target to flow chart
* fix(dracut-init.sh): use the local _ret variable
* fix(dracut.sh): use gawk for strtonum
* fix(man): remove duplicate entry
==== emacs ====
Version update (28.2 -> 29.1)
Subpackages: emacs-el emacs-eln emacs-info emacs-nox emacs-x11 etags
- Require bwrap at build time as some tools requires it if checks
are enabled
- Modify patch emacs-29.1.dif
* Avoid in ispell.el unused lexical variable `load-dict'
- Extend patch pdump.patch
* Make various emacs flavours find their pdmp files even if first
argument is simply named "emacs" (slack message, boo#1214008)
- Update to GNU Emacs version 29.1
* Official tree-sitter support
* EGlot, the Language Server Client
* Use-package a declarative configuration tool finally in
* Better long line support
* Native SQLite Support
* Changing the init directory
You can now instruct Emacs to read its initialization from
another directory from the command line.
- Use natively compiled lisp files only for GTK variant as every
binary has its own hash keys for the eln location as well as for
the eln native compiled lisp files
- Port rmailgen.el and .gnu-emacs to 29.1
- Remove the old patches now upstream
* 01a4035c.patch
* 3c1693d0.patch
* CVE-2022-48338.patch
* CVE-2022-48339.patch
* d3209119.patch
* d48bb487.patch
- Port and rename patch emacs-28.1.dif which is now emacs-29.1.dif
- Port the patches
* emacs-24.1-ps-mule.patch
* emacs-24.3-iconic.patch
* emacs-24.3-x11r7.patch
* emacs-24.4-glibc.patch
* emacs-24.4-nonvoid.patch
* emacs-24.4-ps-bdf.patch
* emacs-25.1-custom-fonts.patch
* emacs-25.2-ImageMagick7.patch
* emacs-26.1-xft4x11.patch
* emacs-27.1-Xauthority4server.patch
* emacs-27.1-pdftex.patch
* pdump.patch
- Re-enable ImageMagick usage
==== firewalld ====
Subpackages: firewalld-bash-completion firewalld-zsh-completion python3-firewall
- fix(cli): all --list-all-zones output identical (boo#1213609)
[+ fix_list_all_zones_output.patch]
==== fixmath ====
- Build with g++ >= 7 in order to be able to use C++17 features
- Added patch:
* cmake-tests-old-cmake.patch
+ allow building with cmake >= 3.5
+ conditionally applied on SLE12-SP5 whose cmake is old
==== frameworkintegration ====
Version update (5.108.0 -> 5.109.0)
Subpackages: frameworkintegration-plugin libKF5Style5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== fuse3 ====
Version update (3.15.1 -> 3.16.1)
Subpackages: libfuse3-3
- Update to release 3.16.1
* Readdir kernel cache can be enabled from high-level API.
==== gcc13 ====
Version update (13.1.1+git7597 -> 13.2.1+git7683)
Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc13 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1
- Bump to cc279d6c64562f05019e1d12d0d825f9391b5553, git7683
* Includes GCC 13.2 release
* Includes patch to fix broken testcase in libbacktrace, fixing
build problems on SLES 12
- gdcflags.patch: Use substituted GDCFLAGS
- Filter out -Werror=return-type from D compile flags
==== gdb ====
- Drop libdebuginfod1 BuildRequires/Recommends. The former isn't
needed because there's a build requirement on libdebuginfod-devel
already, which will pull the shared library. And the latter,
because it's bogus since RPM auto generated dependency will take
care of that requirement.
==== gdbm ====
Subpackages: libgdbm6 libgdbm_compat4
- Fix bsc#1209583, gdbm_load and gdbm_dump receive a SEGFAULT if
run without arguments
bsc1209583.patch
==== gdm ====
Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Do not use %autopatch to build on SLE where rpm version is not
ready for the macro.
==== giflib ====
- Define make_build for distributions which do not define them in
system macros
==== glibc ====
Version update (2.37 -> 2.38)
Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd
- Update to glibc 2.38
* When C2X features are enabled and the base argument is 0 or 2, the
following functions support binary integers prefixed by 0b or 0B as
input
* PRIb*, PRIB* and SCNb* macros from C2X have been added to
<inttypes.h>.
* printf-family functions now support the wN format length modifiers for
arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t
and the wfN format
length modifiers for arguments of type int_fastN_t or uint_fastN_t, as
specified in draft ISO C2X
* A new tunable, glibc.pthread.stack_hugetlb, can be used to disable
Transparent Huge Pages (THP) in stack allocation at pthread_create
* Vector math library libmvec support has been added to AArch64
* The strlcpy and strlcat functions have been added
* CVE-2023-25139: When the printf family of functions is called with a
format specifier that uses an <apostrophe> (enable grouping) and a
minimum width specifier, the resulting output could be larger than
reasonably expected by a caller that computed a tight bound on the
buffer size
- Enable build with _FORTIFY_SOURCE
- glibc-2.3.90-langpackdir.diff: avoid reference to __strcpy_chk
- iconv-error-verbosity.patch: iconv: restore verbosity with unrecognized
encoding names (BZ #30694)
- printf-grouping.patch, strftime-time64.patch,
getlogin-no-loginuid.patch, fix-locking-in-_IO_cleanup.patch,
gshadow-erange-rhandling.patch, system-sigchld-block.patch,
gmon-buffer-alloc.patch, check-pf-cancel-handler.patch,
powerpc64-fcntl-lock.patch, realloc-limit-chunk-reuse.patch,
dl-find-object-return.patch; Removed
==== glu ====
- devel package: added missing dep to Mesa GL devel package
(boo#1213976)
==== gmp ====
Version update (6.2.1 -> 6.3.0)
- GMP 6.3.0
* A possible overflow of type int is avoided for mpz_cmp on huge operands.
* A possible error condition when a malformed file is read with mpz_inp_raw
is now correctly handled.
* New public function mpz_prevprime, companion of the existing mpz_nextprime.
* New documented pointer types mpz_ptr, mpz_srcptr, and similar for other
GMP types. Refer to the manual for full list and suggested usage. These
types have been present in gmp.h at least since GMP-4.0, but previously
not advertised to users.
* Support for 64-bit Arm under Macos.
* Support for the loongarch64 CPU family.
* Support for building with LTO, link-time optimisations.
* New special code for base = 2 in mpz_powm reduces the average time for
the functions that test primality.
* Speedup for the function mpz_nextprime on large operands.
* Speedup for multiplications (some sizes only) thanks to new internal
functions to compute small negacyclic products.
* Special assembly code for IBM z13 and later "mainframe" CPUs, resulting
in a huge speedup.
* Improved assembly for several 64-bit x86 CPUs, Risc-V, 64-bit Arm.
- Removed gmp-6.2.1-CVE-2021-43618.patch which is included in the
new release.
==== gnome-bluetooth ====
Version update (42.5 -> 42.6)
Subpackages: libgnome-bluetooth-3_0-13 libgnome-bluetooth-ui-3_0-13 typelib-1_0-GnomeBluetooth-3_0
- Update to version 42.6:
+ Fix problems with icons for mice and tablets.
+ Updates status labels to be dimmed by default.
+ Updated translations.
==== gnome-disk-utility ====
- Support build environments like SLE 15 SP5 and Leap 15.5 which
had %{_distconfdir) not defined yet.
==== gnome-settings-daemon ====
- Do not use %autopatch to build on SLE where rpm version is not
ready for the macro.
- Drop patch gnome-settings-daemon-bnc873545-hide-warnings.patch:
the relevant color management has been moved to mutter.
==== gnome-software ====
Version update (44.3 -> 44.4)
Subpackages: gnome-software-plugin-packagekit
- Update to version 44.4:
+ Improve error notifications from failed GPG checks.
+ Disable animations in the UI according to the userâs
accessibility settings.
+ Fix applying updates which require some packages to be removed
to satisfy dependencies.
+ Updated translations.
==== gnome-terminal ====
Version update (3.48.1 -> 3.48.2)
Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal
- Update to version 3.48.2:
+ build: Bump vte req version.
+ Updated translations.
==== gnutls ====
Version update (3.8.0 -> 3.8.1)
Subpackages: libgnutls-dane0 libgnutls30
- Fix missing GNUTLS_NO_EXTENSIONS compatibility.
* Upstream: gitlab.com/gnutls/gnutls/commit/abfa8634
* Add gnutls-GNUTLS_NO_EXTENSIONS-compatibility.patch
- tests: Fix the SRP test that fails with SIGPIPE signal return due
to a socket being closed before using it.
* Add gnutls-srp-test-SIGPIPE.patch
- Update to version 3.8.1:
* libgnutls: ClientHello extensions are randomized by default
To make fingerprinting harder, TLS extensions in ClientHello
messages are shuffled. As this behavior may cause compatibility
issue with legacy applications that do not accept the last
extension without payload, the behavior can be reverted with the
%NO_SHUFFLE_EXTENSIONS priority keyword.
* libgnutls: Add support for RFC 9258 external PSK importer.
This enables to deploy the same PSK across multiple TLS versions
(TLS 1.2 and TLS 1.3) in a secure manner. To use, the application
needs to set up a callback that formats the PSK identity using
gnutls_psk_format_imported_identity().
* libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to
%GNUTLS_NO_DEFAULT_EXTENSIONS.
* libgnutls: Add additional PBKDF limit checks in FIPS mode as
defined in SP 800-132. Minimum salt length is 128 bits and
minimum iterations bound is 1000 for PBKDF in FIPS mode.
* libgnutls: Add a mechanism to control whether to enforce extended
master secret (RFC 7627). FIPS 140-3 mandates the use of TLS
session hash (extended master secret, EMS) in TLS 1.2. To enforce
this, a new priority keyword %FORCE_SESSION_HASH is added and if
it is set and EMS is not set, the peer aborts the connection. This
behavior is the default in FIPS mode, though it can be overridden
through the configuration file with the "tls-session-hash" option.
In either case non-EMS PRF is reported as a non-approved operation
through the FIPS service indicator.
* New option --attime to specify current time.
To make testing with different timestamp to the system easier, the
tools doing certificate verification now provide a new option
- -attime, which takes an arbitrary time.
* API and ABI modifications:
gnutls_psk_client_credentials_function3: New typedef
gnutls_psk_server_credentials_function3: New typedef
gnutls_psk_set_server_credentials_function3: New function
gnutls_psk_set_client_credentials_function3: New function
gnutls_psk_format_imported_identity: New function
GNUTLS_PSK_KEY_EXT: New enum member of gnutls_psk_key_flags
* Rebase patches:
- gnutls-FIPS-140-3-references.patch
- gnutls-FIPS-jitterentropy.patch
* Remove patches merged/fixed upstream:
- gnutls-FIPS-PCT-DH.patch
- gnutls-FIPS-PCT-ECDH.patch
==== gpgme ====
Version update (1.21.0 -> 1.22.0)
Subpackages: libgpgme11 libgpgmepp6
- Fix builds with qt and qt6 [T6673]:
* qt,tests: Fix build in source directory. Include Qt binding
sources before C++ binding sources and C sources. This fixes
the problem that the debug.h in the C sources was found before
the one in the Qt bindings.
* build: Suggest out-of-source build. Suggest to run configure
from a build subdirectory.
* Add patches:
- gpgme-qt-tests-Fix-build-in-source-directory.patch
- gpgme-build-Suggest-out-of-source-build.patch
- Update to 1.22.0:
* Prevent wrong plaintext when verifying clearsigned signature.
* Return bad data error instead of general error on unexpected data.
* Take care of offline mode for all operations of gpgsm engine.
* Prepare the use of the forthcoming libassuan version 3.
* New configure option --with-libtool-modification.
* cpp: Expose gpgme_decrypt_result_t.is_mime.
* qt: Clean up after failure or cancel of sign/encrypt archive operation.
* qt: Add setInputEncoding to QGpgMe::EncryptJob.
* qt: Make toLogString helper public.
* Interface changes relative to the 1.21.0 release:
- qt: EncryptJob::setInputEncoding NEW.
- qt: DecryptionResult::isMime NEW.
- qt: toLogString NEW.
- Run testsuite in qemu build
==== gpgmeqt ====
Version update (1.21.0 -> 1.22.0)
- Fix builds with qt and qt6 [T6673]:
* qt,tests: Fix build in source directory. Include Qt binding
sources before C++ binding sources and C sources. This fixes
the problem that the debug.h in the C sources was found before
the one in the Qt bindings.
* build: Suggest out-of-source build. Suggest to run configure
from a build subdirectory.
* Add patches:
- gpgme-qt-tests-Fix-build-in-source-directory.patch
- gpgme-build-Suggest-out-of-source-build.patch
- Update to 1.22.0:
* Prevent wrong plaintext when verifying clearsigned signature.
* Return bad data error instead of general error on unexpected data.
* Take care of offline mode for all operations of gpgsm engine.
* Prepare the use of the forthcoming libassuan version 3.
* New configure option --with-libtool-modification.
* cpp: Expose gpgme_decrypt_result_t.is_mime.
* qt: Clean up after failure or cancel of sign/encrypt archive operation.
* qt: Add setInputEncoding to QGpgMe::EncryptJob.
* qt: Make toLogString helper public.
* Interface changes relative to the 1.21.0 release:
- qt: EncryptJob::setInputEncoding NEW.
- qt: DecryptionResult::isMime NEW.
- qt: toLogString NEW.
- Run testsuite in qemu build
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Change the bash-completion directory (bsc#1213855)
* grub2-change-bash-completion-dir.patch
==== gspell ====
Version update (1.12.1 -> 1.12.2)
Subpackages: libgspell-1-2 typelib-1_0-Gspell-1
- Update to version 1.12.2:
+ Small code maintenance: don't use g_slice_*().
==== gtk3 ====
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Do not use %autopatch to build on SLE where rpm version is not
ready for the macro.
==== gtk4 ====
Version update (4.10.4 -> 4.12.0)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Add 6af9dc86.patch: print: Revert "Start sorting apart includes"
change for gtkprinteroptionprivate.h.
- Update to version 4.12.0:
+ List widgets: Add scroll_to APIs
+ GtkFileLauncher: Add an always-ask property
+ GtkTextView: Make backspace behavior match GtkEntry
+ gsk: Fix handling of luminance in mask nodes
+ Text rendering: Automate the setting of gtk-hint-font-metrics
from the scale factor. This improves font rendering in flatpaks
+ Wayland:
- Fix behavior of stylus buttons
- Support suspended window state
+ Vulkan: Many improvements
+ Tools: Add gtk4-rendernode-tool
+ Debugging: Drop the GTK_DEBUG_TOUCHSCREEN flag
+ Build: Some build options have been renamed:
- gtk_doc -> documentation
- update_screenshots -> screenshots
- The old names still work
+ Updated translations.
- Update option passed to meson following upstream changes.
- Update to version 4.11.4:
+ GtkFileChooser:
- Default to sorting folders first
- Fix a crash when visiting recent files
+ GtkTextView: Fix corner cases in word navigation
+ GtkMenuButton: Normalize label layout
+ GtkDropDown: Add support for sections
+ GtkVideo: Make the overlay icon clickable
+ GtkWindow: Clear the resize cursors to avoid artifacts
+ GtkFileDialog: Always set initial-folder
+ GtkDropDown: Update on expression changes
+ GtkMapListModel: Implement GtkSectionModel
+ Accessibility:
- Improvements all over the place: GtkButton, GtkPasswordEntry,
GtkFontChooserDialog, GtkColorChooserDialog,
GtkShortcutsWindow, GtkMenuButton, GtkAboutDialog,
GtkFileChooserDialog, GtkStackSidebar, GtkStackSwitcher,
GtkMediaControls, GtkColorDialogButton, GtkDropDown,
GtkInfoBar, GtkNotebook, GtkPrintUnixDialog, GtkModelButton
- Make name computation follow the ARIA spec more closely
- Adapt name computation for the common 'nested button'
scenario
- Change many containers to use `generic` instead of `group`
- Use `generic` as the default role
- Use `application` instead of `window` for windows
- Add properties for accessible names of not directly exposed
widgets in GtkListView, GtkGridView and GtkColumnView
+ DND: Fix criticals when drops are rejected
+ X11: Fix regressions in GLX setup
+ Windows: Center newly created transient windows
+ Vulkan:
- Add antialising for gradients
- Do less work on clipped away nodes
- Redo image uploading
- Support different image depths and formats
- Add a pipeline cache
+ Demos:
- gtk4-demo: Improve window sizing
- gtk4-demo: Improve focus behavior
- gtk4-demo: Add many missing a11y properties
+ Tools: gtk4-builder-tool: Make render an alias screenshot
+ Inspector:
- Show more information in the a11y tab
- Add an accessibility overlay with warnings and
recommendations
- Limit the width of the a11y tab
+ Build:
- Require GLib 2.76
- Make asan builds work again
- Fix the build if ld is not ld.bdf
+ Updated translations.
- Update to version 4.10.5:
+ Fix ordering problems with filter model signals
+ Avoid lingering resize cursors
+ Fix alignment issues on sparc
+ Fix a problem with CSS corner values
+ Updated translations.
==== gupnp ====
Version update (1.6.4 -> 1.6.5)
- Update to version 1.6.5:
+ Fix build with meson 1.2
- Drop patches fixed upstream:
+ a10c57bd.patch
+ 884639bd.patch
==== harfbuzz ====
Version update (8.0.1 -> 8.1.1)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- Update to version 8.1.1:
+ Fix shaping of contextual rules at the end of string,
introduced in 8.1.0.
+ Fix stack-overflow in repacker with malicious fonts.
+ 30% speed up loading Noto Duployan font.
- Update to version 8.1.0:
+ Fix long-standing build issue with the AIX compiler and older
Apple clang.
+ Revert optimization that could cause timeout during subsetting
with malicious fonts.
+ More optimization work:
- 45% speed up in shaping Noto Duployan font.
- 10% speed up in subsetting Noto Duployan font.
- Another 8% speed up in shaping Gulzar.
- 5% speed up in loading Roboto.
+ New API: +hb_ot_layout_collect_features_map().
==== hwdata ====
Version update (0.372 -> 0.373)
- update to 0.373:
* Update pci, usb and vendor ids
==== imlib2 ====
Version update (1.11.1 -> 1.12.0)
Subpackages: imlib2-loaders libImlib2-1
- Update to 1.12.0:
* test_load2: make error messages more descriptive
* Y4M loader: fix support for 420 colorspaces
* Y4M loader: add support for images with unexpected aspects
* imlib2_view: Avoid potential use of uninitialized data
* GIF loader: Enable showing animated images even if truncated
* Introduce __imlib_perror() to produce error messages
* loaders: Use common function to print error messages
* imlib2_load: Move time_us() to separate file
* imlib2_conv: Add option to time save operations
* test: Fix pr_info() when not printing to stdout
* loading: Enable calling function on loader load/unload
* HEIF loader: Call heif_[de]init() on loader load/unload
* autofoo: Don't check for freetype if we are building without text
* QOI loader: Add progress calback, indent, cosmetics
* Loaders: Static constify some data that may as well be
* TGA loader: Fix TGA v2.0 signature check
* test: Add basic qoi checks
* test_scale: Test scaling some more
* scaling: Unifdef OLD_SCALE_DOWN
* scaling: Correct scaleinfo array length
* scaling: Move scaling function call sequence into common __imlib_Scale()
* scaling: Cosmetics (comments)
* scaling: Simplify scaling points calculation (eliminate j)
* scaling: Change ypoints[] from pointers to indices
* scaling: Cosmetics
* scaling: Minor refactoring
* scaling: Correct scaling up
* test_scale: Update for new scaling
* image: Fix missing munmap() when using imlib_load_image_fd()
* image: Fix potentially using incorrect file size
* file: Remove a couple of unused functions
* image: Fix potentially using incorrect file size - fixup
* test: Bypass wrappers when running tests
* test_load: Minor fix in debug message
* Add new raw loader
* TIFF loader: Slightly more strict signature check
* image: Use sub-second time info when available
* image: Fix preservation of alpha chanel flag in imlib_clone_image()
* image cache: Avoid negative refcounts
* image cache: Drop redundant cleanup
* image cache: Rework cleanup
* Revert "scaling: Correct scaling up"
* Revert "test_scale: Update for new scaling"
* scaling: Various trivial changes
* scaling: Improve non-AA scale-up case
* scaling: Correct scaling up - take 2
* test_scale: Update for new scaling (re-applied)
* test_scale: Exercise non-AA path too
* WEBP saver: allow lossless and respect compression tag
* add a new QOI decoder
* QOI loader: fix build on non-gnu compilers
* QOI loader: use memcmp for magic and endmarker check
* Y4M loader: check file size before magic check
* loading: add some debug logs
* loading: check for alloc failure
* Y4M loader: use custom y4m parser
* test_load: allow y4m memory loading
* file: Remove unused functions some more
* introduce imlib_image_decache_file()
==== java-11-openjdk ====
Version update (11.0.20.0 -> 11.0.20.1)
Subpackages: java-11-openjdk-headless
- Update to upstream tag jdk-11.0.20.1+1 (August 2023 emergency
release fixing a regression in July 2023 CPU)
* Changes:
+ JDK-8313765: Invalid CEN header (invalid zip64 extra data
field size)
+ JDK-8314678: Bump update version for OpenJDK: jdk-11.0.20.1
- Added patch:
* reproducible-javadoc-timestamp.patch
+ use SOURCE_DATE_EPOCH in javadoc and make the javadoc
generation more reproducible
==== javapackages-tools ====
Subpackages: javapackages-filesystem
- Modified patch:
* javapackages-6.1.0-maven-depmap.patch
+ try to make the list of aliases more reproducible
==== kactivities-stats ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kactivities5 ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kactivities5-imports libKF5Activities5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== karchive ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Support reading file sizes from ZIP64 extended fields
* Add explicit moc includes to sources for moc-covered headers
==== kauth ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Auth5 libKF5Auth5-lang libKF5AuthCore5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kbookmarks ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcalendarcore ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcmutils ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kcmutils-imports libKF5KCMUtils5 libKF5KCMUtilsCore5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcodecs ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcompletion ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kconfig ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigGui5 libKF5ConfigQml5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kconfigwidgets ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcontacts ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kcontacts-lang libKF5Contacts5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kcoreaddons ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5CoreAddons5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* kurlmimedata: limit amount of in-flight FDs for portal submission (kde#472716)
* Remove code variants for building with Qt 6
* kurlmimedata: don't portal symlinks (kde#464225)
* KSignalHandler: possibility to register signal handler as early as possible
* Add explicit moc includes to sources for moc-covered headers
==== kcrash ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* On windows, look for drkonqi.exe
==== kdav ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5DAV5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kdbusaddons ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kdbusaddons-tools libKF5DBusAddons5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kdeclarative ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5QuickAddons5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== kded ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kdelibs4support ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5KDELibs4Support5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kdesu ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* SuProcess: Disable echo in the PTY before starting sudo (kde#452532)
* PtyProcess: Allow calling enableLocalEcho before PTY creation
==== kdnssd-framework ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kdoctools ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5DocTools5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- No code change since 5.108.0
==== kernel-firmware ====
Version update (20230724 -> 20230814)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20230814 (git commit 0e048b061bde):
* amdgpu: DMCUB updates for various AMDGPU asics
* Revert "amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2"
* amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2
* cirrus: Add CS35L41 firmware for HP G11 models
* linux-firmware: Update AMD cpu microcode
* rtl_bt: Add firmware v2 file for RTL8852C
* Revert "rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225"
* amdgpu: DMCUB updates for various AMDGPU asics
* cxgb4: Update firmware to revision 1.27.4.0
* Mellanox: Add new mlxsw_spectrum firmware xx.2012.1012
* linux-firmware: Add URL for latest FW binaries for NXP BT chipsets
* rtw89: 8851b: update firmware to v0.29.41.1
* qcom: sdm845: add RB3 sensors DSP firmware
- Drop the obsoleted patch
amd-ucode-CVE-2023-20569.patch
- Update AMD 19h ucode for "Inception" (bsc#1213287, CVE-2023-20569)
amd-ucode-CVE-2023-20569.patch
- Update to version 20230731 (git commit 253cc179d849):
* amdgpu: Update DMCUB for DCN314 & Yellow Carp
* ice: add LAG-supporting DDP package
* i915: Update MTL DMC to v2.13
* i915: Update ADLP DMC to v2.20
* cirrus: Add CS35L41 firmware for Dell Oasis Models
* copy-firmware: Fix linking directories when using compression
* copy-firmware: Fix test: unexpected operator
* qcom: sc8280xp: LENOVO: remove directory sym link
* qcom: sc8280xp: LENOVO: Remove execute bits
==== kernel-source ====
Version update (6.4.6 -> 6.4.11)
Subpackages: kernel-64kb kernel-default
- Linux 6.4.11 (bsc#1012628).
- tpm: Disable RNG for all AMD fTPMs (bsc#1012628).
- tpm: Add a helper for checking hwrng enabled (bsc#1012628).
- ksmbd: validate command request size (bsc#1012628).
- ksmbd: fix wrong next length validation of ea buffer in
smb2_set_ea() (bsc#1012628).
- KVM: SEV: snapshot the GHCB before accessing it (bsc#1012628).
- KVM: SEV: only access GHCB fields once (bsc#1012628).
- wifi: nl80211: fix integer overflow in
nl80211_parse_mbssid_elems() (bsc#1012628).
- wifi: rtw89: fix 8852AE disconnection caused by RX full flags
(bsc#1012628).
- selftests: forwarding: Set default IPv6 traceroute utility
(bsc#1012628).
- wireguard: allowedips: expand maximum node depth (bsc#1012628).
- mmc: moxart: read scr register without changing byte order
(bsc#1012628).
- mmc: sdhci-f-sdh30: Replace with sdhci_pltfm (bsc#1012628).
- ipv6: adjust ndisc_is_useropt() to also return true for PIO
(bsc#1012628).
- selftests: mptcp: join: fix 'delete and re-add' test
(bsc#1012628).
- selftests: mptcp: join: fix 'implicit EP' test (bsc#1012628).
- mptcp: avoid bogus reset on fallback close (bsc#1012628).
- mptcp: fix disconnect vs accept race (bsc#1012628).
- dmaengine: pl330: Return DMA_PAUSED when transaction is paused
(bsc#1012628).
- dmaengine: xilinx: xdma: Fix interrupt vector setting
(bsc#1012628).
- net: mana: Fix MANA VF unload when hardware is unresponsive
(bsc#1012628).
- ACPI: resource: Add IRQ override quirk for PCSpecialist Elimina
Pro 16 M (bsc#1012628).
- zram: take device and not only bvec offset into account
(bsc#1012628).
- io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc
(bsc#1012628).
- parisc: Fix lightweight spinlock checks to not break futexes
(bsc#1012628).
- riscv: Start of DRAM should at least be aligned on PMD size
for the direct mapping (bsc#1012628).
- riscv/kexec: load initrd high in available memory (bsc#1012628).
- riscv,mmio: Fix readX()-to-delay() ordering (bsc#1012628).
- riscv/kexec: handle R_RISCV_CALL_PLT relocation type
(bsc#1012628).
- riscv: mm: fix 2 instances of -Wmissing-variable-declarations
(bsc#1012628).
- nvme: fix possible hang when removing a controller during
error recovery (bsc#1012628).
- nvme-tcp: fix potential unbalanced freeze & unfreeze
(bsc#1012628).
- nvme-rdma: fix potential unbalanced freeze & unfreeze
(bsc#1012628).
- nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and
512G (bsc#1012628).
- drm/nouveau/gr: enable memory loads on helper invocation on
all channels (bsc#1012628).
- drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
(bsc#1012628).
- drm/shmem-helper: Reset vma->vm_ops before calling
dma_buf_mmap() (bsc#1012628).
- drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (bsc#1012628).
- drm/amd/pm: correct the pcie width for smu 13.0.0 (bsc#1012628).
- drm/amd/display: check attr flag before set cursor degamma on
DCN3+ (bsc#1012628).
- tpm: tpm_tis: Fix UPX-i11 DMI_MATCH condition (bsc#1012628).
- cpuidle: dt_idle_genpd: Add helper function to remove genpd
topology (bsc#1012628).
- cpuidle: psci: Move enabling OSI mode after power domains
creation (bsc#1012628).
- io_uring: correct check for O_TMPFILE (bsc#1012628).
- zsmalloc: fix races between modifications of fullness and
isolated (bsc#1012628).
- hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for
pfe1100 (bsc#1012628).
- radix tree test suite: fix incorrect allocation size for
pthreads (bsc#1012628).
- cpufreq: amd-pstate: fix global sysfs attribute type
(bsc#1012628).
- fs/proc/kcore: reinstate bounce buffer for KCORE_TEXT regions
(bsc#1012628).
- nilfs2: fix use-after-free of nilfs_root in dirtying inodes
via iput (bsc#1012628).
- accel/ivpu: Add set_pages_array_wc/uc for internal buffers
(bsc#1012628).
- hugetlb: do not clear hugetlb dtor until allocating vmemmap
(bsc#1012628).
- mm/damon/core: initialize damo_filter->list from
damos_new_filter() (bsc#1012628).
- selftests: mm: ksm: fix incorrect evaluation of parameter
(bsc#1012628).
- mm: memory-failure: fix potential unexpected return value from
unpoison_memory() (bsc#1012628).
- mm: memory-failure: avoid false hwpoison page mapped error info
(bsc#1012628).
- drm/amd/pm: expose swctf threshold setting for legacy powerplay
(bsc#1012628).
- drm/amd/pm: avoid unintentional shutdown due to temperature
momentary fluctuation (bsc#1012628).
... changelog too long, skipping 1486 lines ...
- commit 02597d2
==== kfilemetadata5 ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove awkward warning message also from Exiv2 autotests
* Add explicit moc includes to sources for moc-covered headers
==== kglobalaccel ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccelPrivate5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kguiaddons ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5GuiAddons5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* fix google-maps-geo-handler
* Add explicit moc includes to sources for moc-covered headers
==== kholidays ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Update Swedish holidays
* Add explicit moc includes to sources for moc-covered headers
==== khtml ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== ki18n ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kiconthemes ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Do not automatically set breeze as the fallback theme on Android
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== kidletime ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kimageformats ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* psd: Fix UB type punning (kde#471829)
* Treat 3-channel MCH images as CMY images
* Add explicit moc includes to sources for moc-covered headers
==== kinit ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* This framework needs a new maintainer
* Add explicit moc includes to sources for moc-covered headers
==== kio ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kio-core
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Use switcheroo-control to find discrete GPUs (kde#449106)
* file: preserve mode on put (kde#471539)
* KFileWidget: Use targetUrl to extract urls, better handle absolute urls cases (kde#459485)
* Add explicit moc includes to sources for moc-covered headers
* KFileWidget: better exclude string that may look like Urls (kde#473228)
==== kirigami-addons ====
Version update (0.10.0 -> 0.11.0)
- Update to 0.11.0
* Moved Kirigami.CategorizedSettings and Kirigami.SettingAction
from Kirigami to Kirigami Addons
* Two new components: FloatingButton and DoubleFloatingButton
* Renamed MobileForm to FormCard
* New About Pages
==== kirigami2 ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Kirigami2-5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Change Instantiator to Repeater in NavigationTabBar
* Avatar: Always use uppercase initials
* Add explicit moc includes to sources for moc-covered headers
==== kitemmodels ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kitemmodels-imports libKF5ItemModels5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kitemviews ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kjobwidgets ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kjs ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5JS5 libKF5JSApi5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* setitimer(, NULL, ) is not supported. glibc will immediately coredump.
* Add explicit moc includes to sources for moc-covered headers
==== kmod ====
Subpackages: kmod-bash-completion libkmod2
- Remove compatibility patches, add README.usrmerge (boo#1212835).
* Delete Provide-fallback-for-successfully-running-make-modules_install.patch
* Delete compat-module_directory-module_prefix.patch
==== knewstuff ====
Version update (5.108.0 -> 5.109.0)
Subpackages: knewstuff-imports libKF5NewStuff5 libKF5NewStuffCore5 libKF5NewStuffWidgets5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== knotifications ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== knotifyconfig ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kpackage ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* KPackageTool: Show deprecation warning when metadata.desktop file is used
* Add explicit moc includes to sources for moc-covered headers
==== kparts ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kpeople5 ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* QML plugin: use KPeople namespace meta object, instead of duplicating
* Add explicit moc includes to sources for moc-covered headers
==== kplotting ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kpty ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== kquickcharts ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kross ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== krunner ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* runnerpython cgit.kde.org does not exist
* Add explicit moc includes to sources for moc-covered headers
==== kservice ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== ktexteditor ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* completion: Fix only start chars of items are matched
* Fix chaotic up/down cursor movement in Block Selection Mode
* Fix backspace behavior for empty lines with cursor beyond lineâs end (block selection mode)
* Add explicit moc includes to sources for moc-covered headers
==== ktextwidgets ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kunitconversion ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kwallet ====
Version update (5.108.0 -> 5.109.0)
Subpackages: kwallet-tools kwalletd5 libKF5Wallet5 libkwalletbackend5-5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kwayland ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
* Unbreak build where XLib's Bool definition harms moc
generated code
==== kwidgetsaddons ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== kwindowsystem ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== kxmlgui ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== less ====
Version update (633 -> 643)
- Update to 643:
* Fix problem when a program piping into less reads from the tty,
like sudo asking for password (github #368).
* Fix search modifier ^E after ^W.
* Fix bug using negated (^N) search (github #374).
* Fix bug setting colors with -D on Windows build (github #386).
* Fix reading special chars like PageDown on Windows (github #378).
* Fix mouse wheel scrolling on Windows (github #379).
* Fix erroneous EOF when terminal window size changes (github #372).
* Fix compile error with some definitions of ECHONL (github #395).
* Fix crash on Windows when writing logfile (github #405).
* Fix regression in exit code when stdin is /dev/null and
output is a file (github #373).
* Add lesstest test suite to production release (github #344).
* Change lesstest output to conform with
automake Simple Test Format (github #399).
==== libKF5ModemManagerQt ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== libKF5NetworkManagerQt ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== libXaw3d ====
Version update (1.6.4 -> 1.6.5)
- Update to libXaw3d 1.6.5:
* Set close-on-exec when opening files
* configure: pass noyywrap to AC_PROG_LEX if using autoconf 2.70 or later
* Raises minimum autoconf version from 2.60 to 2.64 for m4_version_prereq
* Clears autoconf warning:
configure.ac:29: warning: AC_PROG_LEX without either yywrap or noyywrap is obsolete
./lib/autoconf/programs.m4:716: _AC_PROG_LEX is expanded from...
./lib/autoconf/programs.m4:709: AC_PROG_LEX is expanded from...
configure.ac:29: the top level
* configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
* AC_PROG_LIBTOOL was replaced by LT_INIT in libtool 2 in 2008,
so it's time to rely on it.
* Clears autoconf warnings:
configure.ac:13: warning: The macro `AC_PROG_LIBTOOL' is obsolete.
configure.ac:13: You should run autoupdate.
aclocal.m4:3465: AC_PROG_LIBTOOL is expanded from...
configure.ac:13: the top level
* libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac,
libtoolize: and rerunning libtoolize and aclocal.
* Issue #5: incompatible function pointer passed in _XawImRealize()
* Import wrapper function with expected arguments from libXaw,
where it appears to have been originally fixed in XFree86 3.9Nb
by Paulo Cesar Pereira de Andrade.
- Port patch xaw3d-secure.patch
==== libadwaita ====
Version update (1.3.3 -> 1.3.4)
Subpackages: libadwaita-1-0 typelib-1_0-Adw-1
- Update to version 1.3.4:
+ AdwAboutWindow: Fix :translator-credits property
+ AdwComboRow: Fix accessible role on the dropdown arrow
+ AdwEntryRow: Fix accessibility
+ AdwLeaflet: Fix back/forward mouse button handling
+ AdwTabBar: Fix accessibility
+ AdwTabThumbnail:
- Fix duplicate thumbnail during transitions
- Fix the transition curve
+ AdwViewSwitcher: Set correct accessible role for icons
+ AdwWindowTitle: Fix initial title visibility
+ Stylesheet:
- Fix .card buttons within .osd
- Fix single-item menu height
==== libcloudproviders ====
Version update (0.3.1 -> 0.3.2)
- Update to version 0.3.2:
+ No upstream changes provided.
==== libetonyek ====
- Build against mdds-2.1
- Added patch:
* stdcxx17.patch
+ require C++17, since newer mdds needs it
==== libfprint ====
Version update (1.94.5+tod1 -> 1.94.6+tod1)
- update to 1.94.6+tod1:
* goodixmoc: New PIDs 0x60A4, 0x60BC, 0x6092, 0x633C and 0x6304.
* goodixmoc: Fix missing "enroll create" state.
* elanmoc: New PID 0x0C99.
* upektc: Improve compatibility with sensors 147e:2016.
* aes4000: Actually support 08FF:5501 devices.
* virtual-device-listener: Fix failing tests with GLib 2.76
* tests: Add installed tests
* Added installed TOD tests
* #526 libfprint: fpcmoc: use after free if enrollment or
identification is cancelled (Vasily Khoruzhick)
- New installed-tests is set to disabled
==== libgit2 ====
Version update (1.7.0 -> 1.7.1)
- update to 1.7.1:
* proxy: Return an error for invalid proxy URLs instead of crashing
* ssh: fix known_hosts leak in _git_ssh_setup_conn
* repository: make cleanup safe for re-use with grafts
* fix: Add missing include for oidarray
* Revert "CMake: Search for ssh2 instead of libssh2."
==== libgweather4 ====
Version update (4.2.0 -> 4.3.2)
Subpackages: gweather4-data libgweather-4-0 typelib-1_0-GWeather-4_0
- Update to version 4.3.2:
+ Fix fallback metric unit detection logic
+ Documentation fixes
+ Performance improvements for nearest location lookups
+ Location database changes
+ Updated translations.
==== libimobiledevice ====
Version update (1.3.0+179git.20230430 -> 1.3.0+190git.20230705)
- Update to version 1.3.0+190git.20230705:
* tools/idevicecrashreport: Silence compiler warning
* Silence (v)asprintf related compiler warnings
* Updated OpenSSL-specific code to use OpenSSL 3.0+ API
* 3rd_party/libsrp6a-sha512: Updated to work with OpenSSL 3.0+ API
* 3rd_party/libsrp6a-sha512: Update function definitions to modern style
* 3rd_party/ed25519: Silence compiler warning about missing return value for fread
* tools/idevicedebug: Add missing default case for switch statement
* tools/idevicedevmodectl: Add missing include
* idevice: Add missing include for Windows
* idevice: Fix network address handling in other code paths too
* idevice: Use network addresses as is from what we get from (lib)usbmuxd
- restrict to Cython < 3
==== liblangtag ====
Version update (0.6.3 -> 0.6.4)
- Fix check-tag test failled
[0001-ro-MD-ro-to-get-make-check-to-succeed.patch]
- Version update to 0.6.4
Replace the word of 'master' to 'primary'
trivial update
Stop shipping ChangeLog
Fix build issue for docs
==== liblc3 ====
Version update (1.0.3 -> 1.0.4)
- Update to version 1.0.4:
+ Enhancement: Add fuzzing test harness.
+ Fixes: Gain adjustment during second quantization phase can
exceed minimum gain (introduce distortion at high bitrate).
==== libpaper ====
Version update (2.1.0 -> 2.1.1)
Subpackages: libpaper-tools libpaper2
- Update to 2.1.1:
* This release fixes the -N flag of paperconf.
==== libplacebo ====
Version update (6.292.0 -> 6.292.1)
- Update libplacebo to version 6.292.1. See details in:
https://code.videolan.org/videolan/libplacebo/-/tags/v6.292.1
==== libreoffice ====
Version update (7.5.4.2 -> 7.6.0.3)
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Update to 7.6.0.3 (official 7.6.0 release):
https://wiki.documentfoundation.org/ReleaseNotes/7.6
https://wiki.documentfoundation.org/Releases/7.6.0/RC3
- Update to 7.6.0.2:
https://wiki.documentfoundation.org/ReleaseNotes/7.6
https://wiki.documentfoundation.org/Releases/7.6.0/RC2
- Update bundled dependencies:
* boost_1_80_0.tar.xz - > boost_1_82_0.tar.xz
* curl-8.0.1.tar.xz -> curl-8.1.2.tar.xz
* icu4c-72_1-data.zip -> icu4c-73_2-data.zip
* icu4c-72_1-src.tgz -> icu4c-73_2-src.tgz
* libassuan-2.5.5.tar.bz2 -> libassuan-2.5.6.tar.bz2
* poppler-22.12.0.tar.xz -> poppler-23.06.0.tar.xz
* poppler-data-0.4.11.tar.gz -> poppler-data-0.4.12.tar.gz
- New bundled dependencies:
* graphite2-minimal-1.3.14.tgz
* harfbuzz-8.0.0.tar.xz
+ needed for SLE12-SP2, where harfbuzz is really old
- Removed patches:
* atklistener-32bit-type-mismatch.patch
+ integrated upstream
* fix_harfbuzz_on_sle12_sp5.patch
+ not needed, since SLE12-SP5 uses now the bundled harfbuzz
- Added patch:
* python34-no-f-strings.patch
+ Applied on SLE12-SP5
+ Do not format using F-strings, since it is python 3.6+ feature
and SLE12-SP5 has python 3.4
- Refreshed patch:
* 0002-Revert-Require-HarfBuzz-5.1.0.patch
- Added patch:
* atklistener-32bit-type-mismatch.patch
+ fix type mismatch on i586
- Add missing dependencies on jre-64 for riscv64
- Update to 7.6.0.1:
https://wiki.documentfoundation.org/ReleaseNotes/7.6
https://wiki.documentfoundation.org/Releases/7.6.0/RC1
- Update bundled dependencies:
* pdfium-5408.tar.bz2 -> pdfium-5778.tar.bz2
* skia-m103-b301ff025004c9cd82816c86c547588e6c24b466.tar.xz ->
skia-m111-a31e897fb3dcbc96b2b40999751611d029bf5404.tar.xz
- Removed upstreamed patches:
* bsc1198666.patch
* bsc1200085.patch
* bsc1204040.patch
==== libreoffice-share-linker ====
- Do not format using f-strings, since it is python 3.6+ feature
and SLE12-SP5 has python 3.4
==== libselinux ====
Subpackages: libselinux1 selinux-tools
- Do not BuildRequire swig and ruby-devel in the main build phase:
those are only needed for the bindings.
- (bsc#1212618) Divide libselinux and libselinux-bindings again.
libselinux itself is in Ring0 so it has to have absolutely
minimal dependencies, so it is better to separate
libselinux-bindings into a separate pacakge.
- Fix python packaging by setting the name to a fixed value
- Remove separate libselinux-bindings SPEC file (bsc#1212618).
- Add explicit BuildRequires for python3-pip and python3-wheel on
15.5, currently the macros don't do the right thing
- allow building this with different python versions, to make this
usable for the new sle15 macro (using python3.11)
- Add python-wheel build dependency to build correctly with latest
python-pip version.
==== libsemanage ====
Subpackages: libsemanage-conf libsemanage-migrate-store libsemanage2
- Add _multibuild to define additional spec files as additional
flavors.
Eliminates the need for source package links in OBS.
- Add -ffat-lto-objects to CFLAGS to prevent rpmlint errors because
of LTO
- Enable LTO now (boo#1138812).
==== libsoup2 ====
- Add upstream bug fixes:
+ 4d12c3e5.patch: lib: Add g_task_set_source_tag() everywhere
+ 48b3b611.patch: lib: Add names to various GSources
- Drop no longer valid translation-update-upstream BuildRequires
and macro.
- Use ldconfig_scriptlets macro for post(un) handling.
==== libssh ====
Subpackages: libssh-config libssh4
- Add fix to spec file for the incorrect include path as a result
of the default openSSH move to /usr/etc, (boo#1211718).
==== libstorage-ng ====
Version update (4.5.133 -> 4.5.136)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Indonesian) (bsc#1149754)
- 4.5.136
- Translated using Weblate (Georgian) (bsc#1149754)
- 4.5.135
- Translated using Weblate (Catalan) (bsc#1149754)
- 4.5.134
==== libupnp ====
Version update (1.14.17 -> 1.14.18)
Subpackages: libixml11 libupnp17
- Update to release 1.14.18
* miniserver: fix busy loop on socket error
==== libvirt ====
Version update (9.5.0 -> 9.6.0)
Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs
- spec: Disable Xen driver in ALP-based products
- Add upstream commit 3d2f3fb72b to fix max file limits in systemd
services
- Update to libvirt 9.6.0
- Many incremental improvements and bug fixes, see
https://libvirt.org/news.html#v9-6-0-2023-08-01
- jsc#PED-3725
- spec: Unconditionally enable modular daemons
- spec: Remove logic handling package upgrade from old libvirtd
==== libxmlb ====
Version update (0.3.11 -> 0.3.13)
- Update to 0.3.13:
* Use indexes when binding value
* Correctly tokenize when using a bound text value
* Ensure tokens are all NULL when using xb_opcode_init()
* Avoid building errors and debug strings when possible to make
XbQuery faster
* Fix content type detection on macOS
* Inline a number of machine internals to make queries faster
* Make zstd support optional
* Setup various release build options
==== libzypp ====
Version update (17.31.17 -> 17.31.19)
- Fix zypp-tui/output/Out.h to build with clang.
- Fix zypp/Arch.h for clang (fixes #478)
Clang seems to have issues with picking the overload in
std::men_fn if there is a static overload of a member function.
We need to explicitely specify the correct type of the function
pointer. To make sure this would not break compiling a
application with clang that builds against libzypp this patch
works around the problem.
- version 17.31.19 (22)
- SINGLE_RPMTRANS: Respect ZYPP_READONLY_HACK when checking the
zypp-rpm lock (fixes openSUSE/openSUSE-repos#29)
- version 17.31.18 (22)
==== lsb-release ====
- add util-linux dependency for getopt to avoid:
/usr/bin/lsb_release: line 123: getopt: command not found
==== luajit ====
- Update luajit-s390x.patch from gh#LuaJIT/LuaJIT#631 to the
current form.
==== lvm2 ====
Subpackages: liblvm2cmd2_03
- blkdeactivate calls wrong mountpoint cmd (bsc#1214071)
+ bug-1214071-blkdeactivate_calls_wrong_mountpoint.patch
==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03
- blkdeactivate calls wrong mountpoint cmd (bsc#1214071)
+ bug-1214071-blkdeactivate_calls_wrong_mountpoint.patch
==== man ====
Version update (2.10.2 -> 2.11.2)
- Update to 2.11.2:
* Fix compile and test failures when `troff` is not `groff`.
* Fix segfault in typical uses of `man` when `nroff` is not installed.
* Fix crash in `mandb` when processing stray cats.
* SECURITY: Replace `$` characters in page names with `?` when constructing
`less` prompts.
* Silence error message when processing an empty manual page hierarchy with
a nonexistent cache directory.
* `man(1)` now sorts whatis references below real pages, even if the whatis
references are from a section with higher priority.
* `mandb` now correctly records filters in the database if it uses cached
whatis information.
* Upgrade Gnulib, fixing syntax error on glibc systems with GCC 11.
* The `CATWIDTH` configuration file directive now overrides `MINCATWIDTH`
and `MAXCATWIDTH`.
* Database entries for links were often incorrectly stored as if they were
entries for the ultimate source of the page. They are now stored with
the correct type.
* Store links in the database using the section and extension of the link
rather than of the ultimate source file.
* Consider pages for adding to the database even if they seem to already
exist; this performance optimization is no longer needed due to caching,
and it produced inconsistent results in some unusual cases.
* `man` now runs any required preprocessors in the same order that `groff`
does, rather than trusting the order of filters in a page's preprocessor
string.
* Fix building on MinGW. (I haven't been able to test this; help from
MinGW experts would be welcome.)
Improvements:
* Check for stray cats even if no manual pages in a given manpath were
changed.
* Add section `3type` to the default section list just after `2`. This is
used by the Linux man-pages package.
* Recognize more Hungarian translations of the `NAME` section.
* Add more recognized case variants for localized versions of the `NAME`
section.
* Maintain multi keys in sorted order, improving database reproducibility.
* Pick a more consistent name for the target of a whatis entry in the
database.
* Extend rules for when to replace one database entry with another,
producing more stable behaviour.
* Fully reorganize databases after writing them, allowing the reproduction
of bitwise-identical databases regardless of scan order (at least with
GDBM).
- Port patches
* man-db-2.6.3-chinese.dif
* man-db-2.6.3-listall.dif
* man-db-2.7.1-zio.dif
* man-db-2.9.4-alternitive.dif
* man-db-2.9.4-no-chown.patch
* man-db-2.9.4.patch
* man-propose-online.patch
==== mc ====
Version update (4.8.29 -> 4.8.30)
Subpackages: mc-lang
- Update to 4.8.30
- Core
* Support PCRE2 as search engine (via ----with-search-engine=pcre2) (#4450)
* Implement panelization buffers for both file panels (#4370)
- VFS
* tar: support extended headers (including long file names and sparse files) (#1952, #2201)
* extfs helpers: replace "perl -w" with "use warnings" (MidnightCommander/mc#174)
* extfs/patchfs: be more specific in error message (#4485)
- Editor
* Add syntax highlighting:
- Jenkinsfiles (#4469)
- B language (#4470)
* Improve syntax highlighting:
- ECMAScript (MidnightCommander/mc#172)
- ECMAScript in TypeScript (MidnightCommander/mc#172)
- use diff syntax highlighting for git commit messages (COMMIT_EDITMSG) (MidnightCommander/mc#85)
- Misc
* Code cleanup (#4426, #4438)
* Filehighlight:
- recognize vsix files as zip files (MidnightCommander/mc#171)
* Skin updates:
- julia256 (#4441, #4445)
- Fixes
* Usage of 'sed' in build system/makefiles is not portable (#4459, #4466)
* Unportable '$<' in Makefiles (#4460)
* FTBFS if ncurses used without --with-ncurses-includes= configure parameter (#4462)
* Ncurses library is duplicated in MCLIBS (#4463, #4465)
* FTBFS without ext2fs attributes support (#4464)
* Wrong sort order after swapping panels (#4432)
* Incorrect time delimiter in the copy/move progress window (#4437)
* Incorrect redraw of overlapped file panels (#4408)
* Subshell/Command line prompt is empty/missing (#3121)
* Find file: relative ignore directory is applied to the start search directory (#4235)
* Diff viewer: options are not applied on second run (#4486)
* mc.ext.ini: 'Edit' command from 'Default' section is ignored (#4434)
* mc.ext.ini: .md files are not recognized as Markdown ones by extension (#4444)
* mcedit: off-by-one error in paragraph formatting (#4446)
* ftp: incomplete file listing: block and character devices, pipes, sockets are missed (#4472)
* Various typos in the source code (MidnightCommander/mc#177, MidnightCommander/mc#178)
==== mokutil ====
- Remove modhash (bsc#1214358)
+ The modhash script is rarely used and it's impractical to block
a kernel module with the hash.
==== mozjs102 ====
Version update (102.12.0 -> 102.14.0)
- Update to version 102.14.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-4045: Offscreen Canvas could have bypassed
cross-origin restrictions.
+ CVE-2023-4046: Incorrect value used during WASM compilation.
+ CVE-2023-4047: Potential permissions request bypass via
clickjacking.
+ CVE-2023-4048: Crash in DOMParser due to out-of-memory
conditions.
+ CVE-2023-4049: Fix potential race conditions when releasing
platform objects.
+ CVE-2023-4050: Stack buffer overflow in StorageManager.
+ CVE-2023-4054: Lack of warning when opening appref-ms files.
+ CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar
state.
+ CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox
ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and
Thunderbird 102.14.
- Changes from version 102.13.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-37201: Use-after-free in WebRTC certificate generation
+ CVE-2023-37202: Potential use-after-free from compartment
mismatch in SpiderMonkey
+ CVE-2023-37207: Fullscreen notification obscured
+ CVE-2023-37208: Lack of warning when opening Diagcab files
+ CVE-2023-37211: Memory safety bugs fixed in Firefox 115,
Firefox ESR 102.13, and Thunderbird 102.13
==== mutter ====
- Add mutter-revert-window_draw_issues.patch: Revert commit
43cee4b6: Do clipped redraws when drawing offscreen
(boo#1210744, glgo#GNOME/mutter#2771).
- Disable %autopatch on SLE which has not the macro ready.
- Rebase mutter-SLE-bsc984738-grab-display.patch.
- Drop mutter-Lower-HIDPI_LIMIT-to-144.patch (fate#326682,
bsc#112546). The upstream has reworked the logic of scale factor
selection based on actual screen size, see:
https://gitlab.gnome.org/GNOME/mutter/-/commit/2f1dd049bfbbb60e0b3c2351e9ba…
==== ncurses ====
Version update (6.4.20230715 -> 6.4.20230812)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20230812
+ add/use putty+cursor to reflect amending of modified cursor-keys
in 2021 -TD
+ add ecma+strikeout to putty -TD
+ add functions to query tty-flags in SCREEN (request by Bill Gray).
- Add ncurses patch 20230805
+ fix a few manpages needing tbl marker, seen by lintian warning.
+ fixes for compiler-warnings.
+ minor grammatical fix for manpages (Branden Robinson).
- Add ncurses patch 20230729
+ improve manpages for wgetnstr() and wget_wnstr().
+ modify MinGW configuration to provide for running in MSYS/MSYS2
shells, assuming ConPTY support (patch by Pavel Fedin).
+ add assignment in CF_MAN_PAGES to fill in value for TERMINFO_DIRS in
ncurses, terminfo and tic manpages (patch by Sven Joachim).
- Add ncurses patch 20230722
+ add "auto" default for --with-xterm-kbs configure option.
==== nodejs20 ====
Version update (20.3.1 -> 20.5.1)
Subpackages: npm20
- Update to version 20.5.1:
* (CVE-2023-32002, bsc#1214150): Policies can be bypassed
via Module._load (High)
* (CVE-2023-32558, bsc#1214155): process.binding() can bypass
the permission model through path traversal (High)
* (CVE-2023-32004, bsc#1214152): Permission model can be bypassed
by specifying a path traversal sequence in a Buffer (High)
* (CVE-2023-32006, bsc#1214156): Policies can be bypassed
by module.constructor.createRequire (Medium)
* (CVE-2023-32559, bsc#1214154): Policies can be bypassed
via process.binding (Medium)
* (CVE-2023-32005, bsc#1214153): fs.statfs can bypass
the permission model (Low)
* (CVE-2023-32003, bsc#1214151): fs.mkdtemp() and fs.mkdtempSync()
can bypass the permission model (Low)
- Changes in 20.5.0:
* events: allow safely adding listener to abortSignal
* fs: add a fast-path for readFileSync utf-8
* test_runner: add shards support
- Changes in 20.4.0:
* tls: add ALPNCallback server option for dynamic ALPN negotiation
* adds support for ECMAScript Explicit Resource Management
* adds Mock Timer support to test module
For details see,
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20…
versioned.patch: refreshed
==== okteta ====
Version update (0.26.12 -> 0.26.13)
Subpackages: libKasten4 libOkteta3 libkasten-lang libokteta-lang okteta-data
- Update to 0.26.13
* Improved: translations
* Improved: Decoding table now displays some control chars as
escaped terms
* Improved: Decoding table now supports editing some chars as
escaped terms
* Improved: Structures tool now feeds some chars as escaped
terms to editor
* Improved: CMake Unity builds now possible
* Fixed: Structures tool stored edited primitive array
elements on bad offset
* Fixed: Structures tool now displays chars only as the
supported 7-bit ASCII
==== openSUSE-repos-Tumbleweed ====
Version update (20230731.a018a46 -> 20230810.a7534f6)
- Update to version 20230810.a7534f6:
* Disable NVIDIA pkg building on LeapMicro. Fixes #34
PM confirmed that NVIDIA related deployments are expected
to have all drivers/tools inside of container.
* Fix incorrect with_nvidia usage
- Update to version 20230804.41e41a9:
* Add NVIDIA repo. Issue #28
* Add supplements for all NVIDIA cards
* Add NVIDIA obsoletes for migration from Leap 15
* Add spec comment about suggests in release package
* Add download.opensuse.org-non-oss.repo in legacy backup list
==== openssl-3 ====
Version update (3.1.1 -> 3.1.2)
Subpackages: libopenssl3
- Update to 3.1.2:
* Fix excessive time spent checking DH q parameter value
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
various checks on DH parameters. After fixing CVE-2023-3446 it
was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A
correct q value, if present, cannot be larger than the modulus
p parameter, thus it is unnecessary to perform these checks if
q is larger than p. If DH_check() is called with such q parameter
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
computationally intensive checks are skipped.
* Fix DH_check() excessive time with over sized modulus
(bsc#1213487, CVE-2023-3446). The function DH_check() performs
various checks on DH parameters. One of those checks confirms
that the modulus ("p" parameter) is not too large. Trying to use
a very large modulus is slow and OpenSSL will not normally use
a modulus which is over 10,000 bits in length. However the
DH_check() function checks numerous aspects of the key or
parameters that have been supplied. Some of those checks use the
supplied modulus value even if it has already been found to be
too large. A new limit has been added to DH_check of 32,768 bits.
Supplying a key/parameters with a modulus over this size will
simply cause DH_check() to fail.
* Do not ignore empty associated data entries with AES-SIV
(bsc#1213383, CVE-2023-2975). The AES-SIV algorithm allows for
authentication of multiple associated data entries along with the
encryption. To authenticate empty data the application has to call
EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as
the output buffer and 0 as the input buffer length. The AES-SIV
implementation in OpenSSL just returns success for such call
instead of performing the associated data authentication operation.
The empty data thus will not be authenticated. The fix changes the
authentication tag value and the ciphertext for applications that
use empty associated data entries with AES-SIV. To decrypt data
encrypted with previous versions of OpenSSL the application has to
skip calls to EVP_DecryptUpdate() for empty associated data entries.
* When building with the enable-fips option and using the resulting
FIPS provider, TLS 1.2 will, by default, mandate the use of an
extended master secret (FIPS 140-3 IG G.Q) and the Hash and HMAC
DRBGs will not operate with truncated digests (FIPS 140-3 IG G.R).
* Update openssl.keyring with the OTC members that sign releases
* Remove openssl-z16-s390x.patch fixed upstream in
https://github.com/openssl/openssl/pull/21284
* Remove security patches fixed upstream:
- openssl-CVE-2023-2975.patch
- openssl-CVE-2023-3446.patch
- openssl-CVE-2023-3446-test.patch
==== openssl ====
Version update (3.1.1 -> 3.1.2)
- Update to 3.1.2
==== opensuse-welcome ====
Version update (0.1.9+git.0.66be0d8 -> 0.1.9+git.35.4b9444a)
- Update to version 0.1.9+git.35.4b9444a:
* panellayouter: use QTemporaryFile for applyLayout()
(bsc#1213708, CVE-2023-32184).
* Translation updates.
==== openvpn ====
Version update (2.6.5 -> 2.6.6)
- update to 2.6.6:
* configure.ac: fix typ0 in LIBCAPNG_CFALGS
* Avoid unused function warning/error on FreeBSD (and potientially others)
* fix warning with gcc 12.2.0 (compiler bug?)
* Fix CR_RESPONSE mangaement message using wrong key_id
* Print a more user-friendly error when tls-crypt-v2 client auth fails
* Ignore Ipv6 route delete request on Android and set ipv4 verbosity to 7
* Revert commit 423ced962d
* Implement using --peer-fingerprint without CA certificates
* show extra info for OpenSSL errors
* dist: add more missing files only used in the MSVC build
* dist: Include all documentation in distribution
* unit_tests: Add missing cert_data.h to source list for unit tests
* test_tls_crypt: Improve mock() usage to be more portable
* Remove old Travis CI related files
* options: Do not hide variables from parent scope
* pkcs11_openssl: Disable unused code
* route: Fix overriding return value of add_route3
==== osinfo-db ====
Version update (20230518 -> 20230719)
- Update to database version 20230719
osinfo-db-20230719.tar.xz
- Add support for SLE 15-SP6
add-sle15sp6-support.patch
- Add support for SLE Micro 5.5
add-slem5.5-support.patch
- Drop patches contained in new tarball
add-opensuse-leap-15.5-support.patch
add-sle15sp5-support.patch
add-slem5.3-support.patch
add-slem5.4-support.patch
==== pam ====
- pam_access backports from upstream:
- pam_access-doc-IPv6-link-local.patch:
Document only partial supported IPv6 link local addresses
- pam_access-hostname-debug.patch:
Don't print error if we cannot resolve a hostname, does not
need to be a hostname
- pam_shells-fix-econf-memory-leak.patch:
Free econf keys variable
- disable-examples.patch:
Don't build examples
==== pam-full-src ====
- pam_access backports from upstream:
- pam_access-doc-IPv6-link-local.patch:
Document only partial supported IPv6 link local addresses
- pam_access-hostname-debug.patch:
Don't print error if we cannot resolve a hostname, does not
need to be a hostname
- pam_shells-fix-econf-memory-leak.patch:
Free econf keys variable
- disable-examples.patch:
Don't build examples
==== pam_mount ====
Version update (2.19 -> 2.20)
Subpackages: libcryptmount0
- Update to release 2.20
* Tokenization support for user principal names
(usernames in the form of foo(a)bar.de)
* Added a volume option to control empty password behavior
==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced
- move udev-configure-printer from enhanced_base to x11_enhanced
Currently it pulls in Cups and Mesa dependencies the first is
probably not really needed by default on servers and the second
is certainly not desired there. Originally it was included for
livecd's
==== pentaho-libxml ====
Version update (1.1.3 -> 1.1.6)
- Update to upstream version 1.1.6.
* no structured changelog available starting from 2008
- Rebased and updated patches:
* libxml-1.1.2-build.patch -> pentaho-libxml-1.1.6-build.patch
* pentaho-libxml-1.1.3-sourcetarget.patch -> pentaho-libxml-1.1.6-sourcetarget.patch
==== perl ====
Version update (5.36.1 -> 5.38.0)
Subpackages: perl-base perl-doc
- Update to perl 5.38.0
* new "class" feature
* support for unicode 15.0
* defined-or and logical-or assignment default
expressions in signatures
* optimistic eval in patterns
* readline() no longer clears the stream error and eof flags
* "INIT" blocks no longer run after an "exit()" in "BEGIN"
* utf8::upgrade() keeps the undef value
* deprecation of ' as package name separator
* deprecation of the smart match operator
* PERL_USE_SAFE_PUTENV is now the default
- Rebase perl-5.36.0.diff to perl-5.38.0.diff
- Refresh perl_skip_flaky_tests_powerpc.patch
==== perl-Authen-SASL ====
Version update (2.16 -> 2.170.0)
- Remove perl526.path (not needed anymore)
- updated to 2.1700
see /usr/share/doc/packages/perl-Authen-SASL/Changes
2.1700 2023-08-09
[Fixed]
- Version numbering (released as 2.1700,
because 2.17 < 2.1401)
- POD errors
- Typos
- Minimum Perl version 5.005 -> 5.6.0
- Kwalitee errors
* Accidentally packaged MYMETA.*
* 'use warnings;' added in all modules
* Synchronized versions in all modules
- Out of bounds substr() (RT 85294)
[Added]
- README
- More tests
[Changed]
- Release switched from EUMM to D::Z
[Removed]
- Authen::SASL::Cyrus is no longer loaded as
an implementation; Authen::SASL::XS has been
the successor for more than a decade
==== perl-Convert-ASN1 ====
Version update (0.33 -> 0.340.0)
- updated to 0.34
see /usr/share/doc/packages/perl-Convert-ASN1/ChangeLog
0.34 -- Mon Aug 07 19:46:22 ADT 2023
Bug Fixes
Thanks to chrisridd and fschlich for these bug fixes
* Fixes: #47 2nd - Debug output using print instead of printf
* Fixes #47 Debug output using print instead of printf
* ASN1.pod: fix minor typo
==== perl-Image-ExifTool ====
Version update (12.64 -> 12.65)
Subpackages: exiftool perl-File-RandomAccess
- Update to 12.65:
* Added a new QuickTime Keys tag
* Added a new CanonModelID
* Added a new Canon LensType
* Added number in brackets to converted Samsung MCCData value
* Decode a number of new Sony tags
* Decode a few new FlashPix tags (github #217)
* Improved decoding of Nikon Z9 firmware 4.0 tags
* Improved parsing of PDF:Keywords to support semicolon-separated lists
* Enhanced -api option to show list of available options if no argument is provided
* Lowered priority of IFD1 tags in ARW images so IFD0/SubIFD take precedence
* Changed QuickTime tag names for atID (AlbumTitleID to ArtistID)
and plID (PlayListID to AlbumID) (github issue #216), and added cmID (ComposerID)
* Changed Apple:MediaGroupUUID tag name back to ContentIdentifier
* Patched the -d option to handle the %s format code internally when writing (avoids problems due to
inconsistent behaviour of this format code in the strptime function on different systems)
* Patched patch of version 12.32 to restore ability to read from named pipes
* Fixed bug which could cause a hang when processing a corrupt BigTIFF image
* Fixed document number for auxiliary image metadata in HEIC files
* Fixed misspelt Apple tag name
* API Changes:
+ Added AvailableOptions method
==== perl-LWP-Protocol-https ====
Version update (6.10 -> 6.110.0)
- Remove CVE-2014-3230.patch, upstream was fixed. CVE-2014-3230, Debian #746576
- Update LWP-Protocol-https-6.09-systemca.diff
- updated to 6.11
see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes
6.11 2023-07-09 15:10:30Z
- Remove Authority section from dist.ini (GH#64) (Olaf Alders)
- Add very basic diagnostic information via test (GH#73) (Olaf Alders)
- CVE-2014-3230 - don't disable verification if only hostnames should not
(GH#14) (Steffen Ullrich)
- Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen
Ullrich and Olaf Alders)
- Remove _in_san and _cn_match. Empty out the _check_sock hook (GH#71)
(Chase Whitener)
- Use warnings (GH#69) (Pete Houston)
==== php8 ====
Version update (8.2.8 -> 8.2.9)
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter
- version update to 8.2.9
* This is a security release.
* Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106]
* https://www.php.net/ChangeLog-8.php#8.2.9
- deleted patches
- php-unicode-allow-redistribution.patch (upstreamed)
- deleted sources
- repack.sh (not needed)
==== pipewire ====
Version update (0.3.76 -> 0.3.77)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Fix from upstream to ensure effect and sink nodes are set to
running:
* 0001-context-Dont-stop-setting-runnable-when-meeting-the-driving.patch
- Fix from upstream to prevent a crash when stopping a device
provider:
* 0001-gst-Prevent-a-crash-when-stopping-device-provider.patch
- Fix from upstream to fix a regression that makes plugins/effects
disappear in Carla Patchbay when there's no playback:
* 0001-jack-ports-become-visible-when-the-registration-is-queued.patch
* 0002-jack-handle-node.always-process-=-false-jack-nodes.patch
- Fix from upstream to fix pavucontrol and plasma-pa showing
duplicated sinks after resume or switching audio device profiles
(boo#1214374):
* 0001-pulse-server-set-all-change_mask-flags-when-removing.patch
- Update to version 0.3.77:
* Highlights
- Fix a bug in ALSA source where the available number of
samples was miscaluclated and resulted in xruns in some
cases.
- A new L permission was added to make it possible to force a
link between nodes even when the nodes can't see eachother.
- The VBAN module now supports midi send and receive as well.
- Many cleanups and small fixes.
* PipeWire
- Global objects now only show permissions that apply to them.
The permissions required to perform various API calls are
documented.
- A new L permission was added to make it possible to force a
link between nodes even when the nodes can't see eachother.
- Config files need to end with .conf.
- The client.api is added the to global properties of a node.
* modules
- The VBAN module now supports midi send and receive as well.
- Fix module-profiler alignment and make sure we don't overrun
our buffers with many nodes.
- Protect libcanberra calls with a mutex because it is not
thread safe.
* SPA
- Support older compilers for spa_clear_ptr().
- Fix a bug in ALSA source where the available number of
samples was miscaluclated and resulted in xruns.
- Don't set inotify on /dev but on the videoX devices directly.
Setting inotify on /dev would cause a lot of spurious wakeups
and lock contention in the fsnotify subsystem on some
benchmarks.
- Audioconvert now rate limits the warnings when it runs out of
buffers.
* pulse-server
- Some bugs and inconsistencies were fixed in device lookup.
- Improve subscribe event emission, detect changes to the sink
or the monitor and send the right sink/source event.
* JACK
- The libjack.so now has a minor version of 3 and a micro
version of the pipewire version.
- JACK clients will now see portregistration from other jack
clients when they activate/deactivate like real JACK.
* bluetooth
- Use some more autoptr cleanups, fix some leaks.
==== plasma-framework ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Plasma5 plasma-framework-components
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* dataengine: do not emit removal signals while iterators are open (kde#446531)
* Add explicit moc includes to sources for moc-covered headers
==== plasma5-desktop ====
Version update (5.27.7 -> 5.27.7.1)
Subpackages: plasma5-desktop-emojier
- Update to 5.27.7.1:
* Panel: fix applet not returning focus after pressing applet shortcut (kde#472909)
* Migrate missing key handling/accessibility features from default CompactRepresentation
==== plasma5-workspace ====
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Add patch to fix crash when opening windows (kde#473432)
* 0001-TriangleMouseFilter-check-intercepted-item-still-exi.patch
* 0002-TriangleMouseFilter-also-check-optional-position-has.patch
- Add patch to fix crash when closing popup on Wayland (kde#473054)
* 0001-shell-avoid-potential-crash-when-previous-window-is-.patch
==== plymouth ====
Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner
- Remove plymouth-runstatedir-revert.patch: Tumbleweed following
upstream, which already support "--runstatedir", don't need this
modification anymore(jsc#PED-5841).
- Add plymouth-runstatedir-revert.patch: For plymouth update
successfully build in SLE-15-SP6:GA. The current edition of
autoconf on SLE-15-SP6:GA don't support "--runstatedir" yet, so
reverse plymouth compile option to the old "--withruntimedir"
(jsc#PED-5841).
==== postgresql15 ====
Version update (15.3 -> 15.4)
Subpackages: libpq5 postgresql15-contrib postgresql15-server
- Update to 15.4:
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
owner name into an extension script if the name contains a
quote, backslash, or dollar sign.
* bsc#1214061, CVE-2023-39418: Fix MERGE to enforce row security
policies properly.
* https://www.postgresql.org/docs/15/release-15-4.html
- Restore the independence of mini builds from the main build after
the -mini name change from April 4, 2023.
- Adjust icu handling to prepare for PostgreSQL 16.
- Overhaul postgresql-README.SUSE and move it from the binary
package to the noarch wrapper package.
- Change the unix domain socket location from /var/run to /run.
==== prison-qt5 ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Prison5 prison-qt5-imports
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== procmail ====
Version update (3.22 -> 3.24)
- Update to procmail 3.24 (New Upstream)
- Don't coredump in comsat code if interrupted early
- Correctly handle COMSAT=on
- Once used, the 'H' and 'r' flags would never be cleared
- Fix possible buffer overflow in variable-capture actions
- Fix up the parsing of variable-capture actions
- LMTP code assumed sizeof(long)==sizeof(int)
- SHELL is now always preset to /bin/sh. USER_SHELL contains
the shell from the user's passwd entry
- When HOST is mismatched, reset it for the next rcfile
- Always read in a new, global rcfile (/etc/procmail.conf)
to allow runtime configuration of variables like DEFAULT.
This rcfile cannot deliver or filter messages
- Mismatched HOST in /etc/procmailrc didn't discard the message
- backquote expansion in a condition disabled header
concatenation for that condition
- LMTP didn't correctly handle quoted localparts
- Removed SIZE extension from LMTP (unsupportable semantics)
- Don't coredump if unable to exec /bin/sh
- Enable "+detail" processing in LMTP mode by passing the
delimiter (e.g., "+") as an optional argument after -z
- In LMTP mode, save the domain of the recipient in
PROCMAIL_DOMAIN
- Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect
the mode option it was invoked with, if any
- Fixed all bugs collected by Debian and others
during the past 21 years. See the git commit history
for detailed descriptions.
- Port patches
* procmail-3.22-autoconf.dif
* procmail-3.22-headerconcat.dif
* procmail-3.22-ipv6.patch
* procmail-3.22-mailstat.patch
* procmail-3.22-owl-truncate.dif
* procmail-3.22.dif
* procmail-cflags.dif
- Remove former Debian and SUSE patches from procmail-3.22-patches.tar.bz2
* 04
* 06
* 10
* 11
* 12
* 13
* 14
* 15
* 16
* 17
* 18
* 19
* 22
* 23
* 24
* 25
* 26
* 27
* 28
* 29
* 30
- Collect and port our patches from old procmail-3.22-patches.tar.bz2
into new procmail-3.24-patches.tar.bz2
* 01
* 02
* 03
* 05
* 07
* 08
* 09
* 20
* 21
==== procps ====
Subpackages: libprocps8
- Modify patches
* procps-ng-3.3.9-w-notruncate.diff
* procps-ng-3.3.17-logind.patch
to real to not truncate output of w with option -n
- procps-ng-3.3.17-logind.patch: Backport from 4.x git, prefer
logind over utmp (jsc#PED-3144)
- Add patch CVE-2023-4016.patch
* CVE-2023-4016: ps buffer overflow (bsc#1214290)
==== procps4 ====
Subpackages: libproc2-0
- Modify patch procps-ng-3.3.9-w-notruncate.diff
to real to not truncate output of w with option -n
- procps-ng-4.0.3-logind.patch: Backport from 4.x git, prefer
logind over utmp (jsc#PED-3144)
- procps-ng-3.3.9-w-notruncate.diff: Rebase
- Add patch CVE-2023-4016.patch
* CVE-2023-4016: ps buffer overflow (bsc#1214290)
==== purpose ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Purpose5 libKF5PurposeWidgets5
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Remove code variants for building with Qt 6
* Add explicit moc includes to sources for moc-covered headers
==== python-M2Crypto ====
- Make tests running again.
==== python-Pillow ====
- Add Provides for python-PIL
==== python-PyYAML ====
Version update (6.0 -> 6.0.1)
- update to 6.0.1:
* pin Cython to < 3.0
==== python-Pygments ====
Version update (2.15.1 -> 2.16.1)
- update to version 2.16.1:
* Fix native style missing from style list (#2484)
- additional changes from version 2.16.0:
* New lexers:
+ ASN.1 (#2462)
+ Blueprint (#2434)
+ BQN (#2472)
+ DNS zone files (#2464)
+ GraphQL (#2428)
+ Linux desktop files (following the specification of the
Freedesktop group, formerly known as XDG) (#2470)
+ NVIDIA PTX (#2432)
+ OpenSCAD (#2449)
+ systemd (#2470)
+ TLS presentation language (#2455)
+ Verifpal (#2430)
+ YARA (#2453)
* Updated lexers:
+ ASC: Add application/pem-certificate-chain mimetype (#2471)
+ C/C++: Refine keyword lists (#2421, #2422)
+ Carbon: Fix long processing times on invalid input, fix
number lexing (#2454, #2456)
+ Elpi: Handle quotations (#2419)
+ Go: Support additional built-ins (#2481)
+ HTTP: Support empty headers (#2461), support more general
methods (#2460), also recognize responses in analyse_text
implementation (#2460), and highlight URL encoded data
(#2465, #1620)
+ Igor Pro: Update to Igor Pro 9 (#2482)
+ lean: Recognize expressions nested within attributes (#1817)
+ Macaulay2: Update builtins (#2457)
+ Markdown: Allow extra characters after language name in code
blocks (#2437)
+ NestedText: Update to version 3 (#2459)
+ scdoc: Improve language guessing implementation (#2402)
+ Spice: Update to latest version (#2476)
+ Transact SQL: Add Pre-sorted Group keyword (#2417)
+ Uxntal: Update for current runes (#2424)
+ Wikitext: Fix templates in wiki links; fix a language
converter false positive; add bold italic markup (#2447)
* Add Generic.EmphStrong token for bold italic markup (#2444)
* Add Lightbulb style (#2474)
* Improve contrast in Monokai style (#2448)
* Add documentation how to create terminal code highlighting
commands (#2131, #2425)
* Add support for loading TrueType fonts to the ImageFormatter
(#1960)
==== python-SQLAlchemy ====
- use generic Cython >= 3 buildrequires
==== python-alembic ====
Version update (1.10.4 -> 1.11.2)
- update to 1.11.2:
* Added typing to the default script mako templates.
* Added support in autogenerate for NULLS NOT DISTINCT in
* the PostgreSQL dialect.
* Fixed format string logged when running a post write hook
* Added parameters if_exists and if_not_exists for index
operations.
- update to 1.11.1:
* As Alembic 1.11.0 is considered a major release (Alembic does
not use semver, nor does its parent project SQLAlchemy;
this has been `clarified <versioning_scheme>` in the documentation),
* :ticket:`1130` modified calling signatures for most
operations to consider all optional keyword parameters to
be keyword-only arguments, to match what was always documented
and generated by autogenerate. However, two of these
changes were identified as possibly problematic without a
more formal deprecation warning being emitted which were the
``table_name`` parameter to :meth:`.Operations.drop_index`,
which was generated positionally by autogenerate prior to
version 0.6.3 released in 2014, and
``type_`` in :meth:`.Operations.drop_constraint` and
:meth:`.BatchOperations.drop_constraint`, which was
documented positionally in one example in the batch documentation.
* Fixed typing use of :class:`~sqlalchemy.schema.Column` and
other generic SQLAlchemy classes.
* Restored the output type of :meth:`.Config.get_section` to
include ``Dict[str, str]`` as a potential return type, which
had been changed to immutable ``Mapping[str, str]``.
When a section is returned and the default is not used,
a mutable dictionary is returned.
* Added placeholder classes for :class:`~.sqla.Computed` and
* :class:`~.sqla.Identity` when older 1.x SQLAlchemy versions
are in use, namely prior to SQLAlchemy 1.3.11 when the
:class:`~.sqla.Computed` construct was introduced.
Previously these were set to None, however this
could cause issues with certain codepaths that were using
``isinstance()`` such as one within "batch mode".
* Correctly pass previously ignored arguments ``insert_before``
and ``insert_after`` in ``batch_alter_column``
* Argument signatures of Alembic operations now enforce
keyword-only arguments as passed as keyword and not
positionally, such as Operations.create_table.schema
.Operations.add_column.type_, etc.
* Fix autogenerate issue with PostgreSQL
:class:`.ExcludeConstraint` that included sqlalchemy
functions. The function text was previously rendered
as a plain string without surrounding with ``text()``.
* Fixed regression caused by :ticket:`1166` released in version
1.10.0 which caused MySQL unique constraints with multiple
columns to not compare correctly within autogenerate,
due to different sorting rules on unique constraints vs.
indexes, which in MySQL are shared constructs.
* Repaired the return signatures for :class:`.Operations` that
mostly return ``None``, and were erroneously referring to
``Optional[Table]`` in many cases.
* Modified the autogenerate implementation for comparing
"server default" values from user-defined metadata to not
apply any quoting to the value before comparing it to the
server-reported default, except for within dialect-specific
routines as needed. This change will affect the format of
the server default as passed to the
:paramref:`.EnvironmentContext.configure.compare_server_defau
lt` hook, as well as for third party dialects that implement
a custom ``compare_server_default`` hook in their alembic
impl, to be passed "as is" and not including additional
quoting. Custom implementations which rely on this quoting
should adjust their approach based on observed formatting.
* allow running async functions in the ``upgrade`` or
``downgrade`` migration function when running alembic using
an async dialect. This function will receive as first argument
an :class:`~sqlalchemy.ext.asyncio.AsyncConnection` sharing the
transaction used in the migration context.
==== python-certifi ====
Version update (2023.5.7 -> 2023.7.22)
- update to 2023.7.22:
Added certs:
[#] CN=Sectigo Public Server Authentication Root E46 O=Sectigo Limited
[#] CN=Sectigo Public Server Authentication Root R46 O=Sectigo Limited
[#] CN=SSL.com TLS RSA Root CA 2022 O=SSL Corporation
[#] CN=SSL.com TLS ECC Root CA 2022 O=SSL Corporation
[#] CN=Atos TrustedRoot Root CA ECC TLS 2021 O=Atos
[#] CN=Atos TrustedRoot Root CA RSA TLS 2021 O=Atos
Removed certs:
[#] CN=Hongkong Post Root CA 1 O=Hongkong Post
[#] CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim
Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi
[#] CN=E-Tugra Global Root CA RSA v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center
[#] CN=E-Tugra Global Root CA ECC v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center
==== python-click ====
Version update (8.1.3 -> 8.1.6)
- Update to 8.1.6
* Replace all typing.Dict occurrences to typing.MutableMapping for parameter
hints. #2255
* Improve type hinting for decorators and give all generic types parameters.
* Fix return value and type signature of
shell_completion.add_completion_class function. #2421
* Bash version detection doesnât fail on Windows. #2461
* Completion works if there is a dot (.) in the program name. #2166
* Improve type annotations for pyright type checker. #2268
* Improve responsiveness of click.clear(). #2284
* Improve command name detection when using Shiv or PEX. #2332
* Avoid showing empty lines if command help text is empty. #2368
* ZSH completion script works when loaded from fpath. #2344.
* EOFError and KeyboardInterrupt tracebacks are not suppressed when
standalone_mode is disabled. #2380
* @group.command does not fail if the group was created with a custom
command_class. #2416
* multiple=True is allowed for flag options again and does not require
setting default=(). #2246, #2292, #2295
* Make the decorators returned by @argument() and @option() reusable when the
cls parameter is used. #2294
* Donât fail when writing filenames to streams with strict errors. Replace
invalid bytes with the replacement character (�). #2395
* Remove unnecessary attempt to detect MSYS2 environment. #2355
* Remove outdated and unnecessary detection of App Engine environment. #2554
* echo() does not fail when no streams are attached, such as with pythonw on
Windows. #2415
* Argument with expose_value=False do not cause completion to fail. #2336
* Fix an issue with type hints for @click.command(), @click.option(), and
other decorators. Introduce typing tests. #2558
* Fix an issue with type hints for @click.group(). #2558
- Drop fix-tests.patch
==== python-cryptography ====
Version update (41.0.2 -> 41.0.3)
- update to 41.0.3:
* Fixed performance regression loading DH public keys.
* Fixed a memory leak when using
* :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20
Poly1305`.
==== python-gevent ====
Version update (22.10.2 -> 23.7.0)
- update to 23.7.0:
* Add preliminary support for Python 3.12, using greenlet
3.0a1.
* Update the bundled c-ares version to 1.19.1.
* Fix an edge case connecting a non-blocking ``SSLSocket`` that
could result in an AttributeError. In a change to match
the standard library, calling ``sock.connect_ex()`` on a
subclass of ``socket`` no longer calls the subclass's
``connect`` method.
* Make gevent's ``FileObjectThread`` (mostly used on Windows)
implement ``readinto`` cooperatively.
* Work around an ``AttributeError`` during cyclic garbage
collection when Python finalizers (``__del__`` and the like)
attempt to use gevent APIs. This is not a recommended practice,
and it is unclear if catching this ``AttributeError`` will fix
any problems or just shift them.
* Remove support for obsolete Python versions. This is
everything prior to 3.8.
* Stop using ``pkg_resources`` to find entry points (plugins).
Instead, use ``importlib.metadata``.
* Honor ``sys.unraisablehook`` when a callback function
produces an exception, and handling the exception in the hub
* also* produces an exception.
- drop skip-tests-in-leap.patch handle-python-ssl-changes.patch (obsolete)
==== python-gssapi ====
- add d9200d1018ac916b30433da23898c8c5fbde0f28.patch to
improve cython 3.x interoperability
==== python-immutables ====
- add python312.patch to fix build with python 3.12
==== python-importlib-resources ====
Version update (5.12.0 -> 6.0.1)
- update to 6.0.1:
* Bugfixes
* Restored Apache license. (#285)
* Deprecations and Removals
* Removed legacy functions deprecated in 5.3. (#80)
* Features
* Require Python 3.8 or later
==== python-ldap ====
- Re-run source download due to file differences.
==== python-libvirt-python ====
Version update (9.5.0 -> 9.6.0)
- Update to 9.6.0
- Add all new APIs and constants in libvirt 9.6.0
- jsc#PED-3725
==== python-lxml ====
Version update (4.9.2 -> 4.9.3)
- update to 4.9.3:
* ``lxml.objectify`` accepted non-decimal numbers like ``²²²``
as integers.
* A memory leak in ``lxml.html.clean`` was resolved by
switching to Cython 0.29.34+.
* GH#348: URL checking in the HTML cleaner was improved.
* GH#371, GH#373: Some regex strings were changed to raw
strings to fix Python warnings.
* Built with Cython 0.29.36 to adapt to changes in Python 3.12.
==== python-mailman ====
- Fix issues with importlib_resources for Python 3.11
* Added mailman-fix-importlib-resources.patch
- Add missing require for psycopg2
==== python-numpy ====
Version update (1.24.2 -> 1.25.2)
- Use %pyproject_wheel and %pyproject_install macros
- Disable broken tests in armv7l (bsc#1212710)
- limit to Cython < 3
- update to 1.25.2:
* Upgrade various build dependencies.
* use ``-ftrapping-math`` with Clang on macOS
* properly handle negative indexes in ufunc_at fast path
* PyObject_IsTrue and PyObject_Not error handling in setflags
* histogram small range robust
* Update meson.build files from main branch
* exclude min, max and round from ``np.__all__``
* Dependabot updates
* Fix the signature for np.array_api.take
* update OpenBLAS to an intermeidate commit
* Fix reference count leak in str(scalar).
* fix invalid function pointer conversion error
* Factor out slow ``getenv`` call used for memory policy warning
* correct URL in cirrus.star [skip cirrus]
* Fix C types in scalartypes
* do not modify the input to ufunc_at
* Further fixes to indexing loop and added tests
- Update to 1.25.1:
* NumPy 1.25.1 is a maintenance release that fixes bugs and regressions
discovered after the 1.25.0 release. The Python versions supported by
this release are 3.9-3.11.
* #23968: MAINT: prepare 1.25.x for further development
* #24036: BLD: Port long double identification to C for meson
* #24037: BUG: Fix reduction return NULL to be goto fail
* #24038: BUG: Avoid undefined behavior in array.astype()
* #24039: BUG: Ensure __array_ufunc__ works without any kwargs passed
* #24117: MAINT: Pin urllib3 to avoid anaconda-client bug.
* #24118: TST: Pin pydantic<2 in Pyodide workflow
* #24119: MAINT: Bump pypa/cibuildwheel from 2.13.0 to 2.13.1
* #24120: MAINT: Bump actions/checkout from 3.5.2 to 3.5.3
* #24122: BUG: Multiply or Divides using SIMD without a full vector can...
* #24127: MAINT: testing for IS_MUSL closes #24074
* #24128: BUG: Only replace dtype temporarily if dimensions changed
* #24129: MAINT: Bump actions/setup-node from 3.6.0 to 3.7.0
* #24134: BUG: Fix private procedures in f2py modules
- Skipped 1.25.0:
* The NumPy 1.25.0 release continues the ongoing work to improve the
handling and promotion of dtypes, increase the execution speed, and
clarify the documentation. There has also been work to prepare for the
future NumPy 2.0.0 release, resulting in a large number of new and
expired deprecation. Highlights are:
- Support for MUSL, there are now MUSL wheels.
- Support the Fujitsu C/C++ compiler.
- Object arrays are now supported in einsum
- Support for inplace matrix multiplication (@=).
* Full changelog: https://github.com/numpy/numpy/releases/tag/v1.25.0
The Python versions supported in this release are 3.9-3.11.
- Remove upstream patch:
* remove-deprecated-hypothesis-funcs.patch
==== python-passlib ====
- Add patch no-pkg_resources.patch:
* Stop using pkg_resources.
- Switch to pyproject macros.
==== python-pexpect ====
- add 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch
dae602d37493bae239e0e8db5b3dabafebfd59db.patch: python 3.12 compat
- Fix failing test when no alias in bash is defined
* add fix-fail-no-alias.patch
==== python-psutil ====
- Add logind_y2038.patch to use logind if systemd >= 254 is used, to
fix the issue of ut_tv.tv_sec and the Y2038 problem.
==== python-pycups ====
- build as wheel
==== python-pyzmq ====
Version update (25.0.2 -> 25.1.1)
- update to version 25.1.1:
* Changes:
+ Allow Cython 0.29.35 to build Python 3.12 wheels (no longer
require Cython 3)
* Bugs fixed:
+ Fix builds on Solaris by including generated platform.hpp
+ Cleanup futures in Socket.poll() that are cancelled and never
return
+ Fix builds with -j when numpy is present in the build env
- update to version 25.1.0:
* Enhancements:
+ Include address in error message when bind/connect fail.
* Packaging changes:
+ Fix inclusion of some test files in source distributions.
+ Add Cython as a build-time dependency in build-system.requires
metadata, following current recommendations of the Cython
maintainers. We still ship generated Cython sources in source
distributions, so it is not a strict dependency for packagers
using --no-build-isolation, but pip will install Cython as part
of building pyzmq from source. This makes it more likely that
past pyzmq releases will install on future Python releases,
which often require an update to Cython but not pyzmq
itself. For Python 3.12, Cython >=3.0.0b3 is required.
==== python-semanage ====
- Add _multibuild to define additional spec files as additional
flavors.
Eliminates the need for source package links in OBS.
- Add -ffat-lto-objects to CFLAGS to prevent rpmlint errors because
of LTO
- Enable LTO now (boo#1138812).
==== python-typing_extensions ====
Version update (4.5.0 -> 4.7.1)
- update to version 4.7.1:
- Fix support for `TypedDict`, `NamedTuple` and `is_protocol` on PyPy-3.7 and
PyPy-3.8. Patch by Alex Waygood. Note that PyPy-3.7 and PyPy-3.8 are unsupported
by the PyPy project. The next feature release of typing-extensions will
drop support for PyPy-3.7 and may also drop support for PyPy-3.8.
- update to version 4.7.0:
- This is expected to be the last feature release supporting Python 3.7,
which reaches its end of life on June 27, 2023. Version 4.8.0 will support
only Python 3.8.0 and up.
- Fix bug where a `typing_extensions.Protocol` class that had one or more
non-callable members would raise `TypeError` when `issubclass()`
was called against it, even if it defined a custom `__subclasshook__`
method. The correct behaviour -- which has now been restored -- is not to
raise `TypeError` in these situations if a custom `__subclasshook__` method
is defined. Patch by Alex Waygood (backporting
https://github.com/python/cpython/pull/105976).
- update to version 4.7.0rc1:
- Add `typing_extensions.get_protocol_members` and
`typing_extensions.is_protocol` (backport of CPython PR #104878).
Patch by Jelle Zijlstra.
- `typing_extensions` now re-exports all names in the standard library's
`typing` module, except the deprecated `ByteString`. Patch by Jelle
Zijlstra.
- Due to changes in the implementation of `typing_extensions.Protocol`,
`typing.runtime_checkable` can now be used on `typing_extensions.Protocol`
(previously, users had to use `typing_extensions.runtime_checkable` if they
were using `typing_extensions.Protocol`).
- Align the implementation of `TypedDict` with the implementation in the
standard library on Python 3.9 and higher.
`typing_extensions.TypedDict` is now a function instead of a class. The
private functions `_check_fails`, `_dict_new`, and `_typeddict_new`
have been removed. `is_typeddict` now returns `False` when called with
`TypedDict` itself as the argument. Patch by Jelle Zijlstra.
- Declare support for Python 3.12. Patch by Jelle Zijlstra.
- Fix tests on Python 3.13, which removes support for creating
`TypedDict` classes through the keyword-argument syntax. Patch by
Jelle Zijlstra.
- Fix a regression introduced in v4.6.3 that meant that
``issubclass(object, typing_extensions.Protocol)`` would erroneously raise
``TypeError``. Patch by Alex Waygood (backporting the CPython PR
https://github.com/python/cpython/pull/105239).
- Allow `Protocol` classes to inherit from `typing_extensions.Buffer` or
`collections.abc.Buffer`. Patch by Alex Waygood (backporting
https://github.com/python/cpython/pull/104827, by Jelle Zijlstra).
- Allow classes to inherit from both `typing.Protocol` and `typing_extensions.Protocol`
simultaneously. Since v4.6.0, this caused `TypeError` to be raised due to a
metaclass conflict. Patch by Alex Waygood.
- Backport several deprecations from CPython relating to unusual ways to
create `TypedDict`s and `NamedTuple`s. CPython PRs #105609 and #105780
by Alex Waygood; `typing_extensions` backport by Jelle Zijlstra.
- Creating a `NamedTuple` using the functional syntax with keyword arguments
(`NT = NamedTuple("NT", a=int)`) is now deprecated.
- Creating a `NamedTuple` with zero fields using the syntax `NT = NamedTuple("NT")`
or `NT = NamedTuple("NT", None)` is now deprecated.
- Creating a `TypedDict` with zero fields using the syntax `TD = TypedDict("TD")`
or `TD = TypedDict("TD", None)` is now deprecated.
- Fix bug on Python 3.7 where a protocol `X` that had a member `a` would not be
considered an implicit subclass of an unrelated protocol `Y` that only has a
member `a`. Where the members of `X` are a superset of the members of `Y`,
`X` should always be considered a subclass of `Y` iff `Y` is a
runtime-checkable protocol that only has callable members. Patch by Alex
Waygood (backporting CPython PR
https://github.com/python/cpython/pull/105835).
- update to version 4.6.3 (June 1, 2023)
- Fix a regression introduced in v4.6.0 in the implementation of
runtime-checkable protocols. The regression meant
that doing `class Foo(X, typing_extensions.Protocol)`, where `X` was a class that
had `abc.ABCMeta` as its metaclass, would then cause subsequent
`isinstance(1, X)` calls to erroneously raise `TypeError`. Patch by
Alex Waygood (backporting the CPython PR
https://github.com/python/cpython/pull/105152).
- Sync the repository's LICENSE file with that of CPython.
`typing_extensions` is distributed under the same license as
CPython itself.
- Skip a problematic test on Python 3.12.0b1. The test fails on 3.12.0b1 due to
a bug in CPython, which will be fixed in 3.12.0b2. The
`typing_extensions` test suite now passes on 3.12.0b1.
- update to version 4.6.2:
- Fix use of `@deprecated` on classes with `__new__` but no `__init__`.
Patch by Jelle Zijlstra.
- Fix regression in version 4.6.1 where comparing a generic class against a
runtime-checkable protocol using `isinstance()` would cause `AttributeError`
to be raised if using Python 3.7.
- update to version 4.6.1:
- Change deprecated `@runtime` to formal API `@runtime_checkable` in the error
message. Patch by Xuehai Pan.
- Fix regression in 4.6.0 where attempting to define a `Protocol` that was
generic over a `ParamSpec` or a `TypeVarTuple` would cause `TypeError` to be
raised. Patch by Alex Waygood.
- update to version 4.6.0:
- `typing_extensions` is now documented at
https://typing-extensions.readthedocs.io/en/latest/. Patch by Jelle Zijlstra.
- Add `typing_extensions.Buffer`, a marker class for buffer types, as proposed
by PEP 688. Equivalent to `collections.abc.Buffer` in Python 3.12. Patch by
Jelle Zijlstra.
- Backport two CPython PRs fixing various issues with `typing.Literal`:
https://github.com/python/cpython/pull/23294 and
https://github.com/python/cpython/pull/23383. Both CPython PRs were
originally by Yurii Karabas, and both were backported to Python >=3.9.1, but
... changelog too long, skipping 69 lines ...
https://github.com/python/cpython/pull/104048). Patch by Alex Waygood.
==== python311 ====
Subpackages: python311-curses python311-dbm
- restrict PEP668 to ALP/Tumbleweed
- add externally_managed.in to label this build as PEP-668 managed
- IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED!
- Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941)
partially reverting CVE-2023-27043-email-parsing-errors.patch,
because of the regression in gh#python/cpython#106669.
- (bsc#1210638, CVE-2023-27043) Add
CVE-2023-27043-email-parsing-errors.patch, which detects email
address parsing errors and returns empty tuple to indicate the
parsing error (old API). (The patch is faulty,
gh#python/cpython#106669, but upstream decided not to just
revert it).
==== python311-core ====
Subpackages: libpython3_11-1_0 python311-base
- restrict PEP668 to ALP/Tumbleweed
- add externally_managed.in to label this build as PEP-668 managed
- IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED!
- Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941)
partially reverting CVE-2023-27043-email-parsing-errors.patch,
because of the regression in gh#python/cpython#106669.
- (bsc#1210638, CVE-2023-27043) Add
CVE-2023-27043-email-parsing-errors.patch, which detects email
address parsing errors and returns empty tuple to indicate the
parsing error (old API). (The patch is faulty,
gh#python/cpython#106669, but upstream decided not to just
revert it).
==== qemu ====
Version update (8.0.3 -> 8.0.4)
Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios
- perl-Text-Markdown is not available in all distros and for all
arch-es. Use discount instead
- Patches added:
* [openSUSE][spec] Use discount instead of perl-Text-Markdown
- Update to version 8.0.4:
* Official changelog not released on the mailing list yet
* Security issues fixed:
- bsc#1212850 (CVE-2023-3354)
- bsc#1213001 (CVE-2023-3255)
- bsc#1213925 (CVE-2023-3180)
- bsc#1207205 (CVE-2023-0330)
==== qqc2-desktop-style ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Don't create Sonnet.Settings if not needed
* Add explicit moc includes to sources for moc-covered headers
==== qt6-declarative ====
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports
- Reduce memory constraints for riscv64
- Sort license tags
==== qtkeychain-qt5 ====
Version update (0.13.2 -> 0.14.1)
Subpackages: libqt5keychain1 libqt5keychain1-lang
- Update to 0.14.1:
* Many build system fixes and build fixes for recent Qt 6
releases
* Add QtQuick client example
* Added Dutch translation
* Add API to check whether a secure backend is available
at all
* Export QKeychain::isAvailable() to make it usable in a
shared build
* Protect against creating the QtKeychain::QtKeychain alias
target twice
- Drop patch, merged upstream:
* 0001-Define-a-poper-exported-CMake-target-instead-of-intr.patch
- Add missing dependency to the -devel packages
==== rdma-core ====
Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd
- Drop patches adding support for cxgb3 (EOL, removed from kernel 5.5)
- cxgb3-fix-declaration-of-free_context.patch
- cxgb3-fix-support-for-new-uquery-API.patch
- Revert-libcxgb3-Remove-libcxgb3-from-rdma-core.patch
- Revert-Update-kernel-headers.patch
- Update baselibs=.conf accordingly
==== re2c ====
Version update (3.0 -> 3.1)
- Update to 3.1:
* new options --leftmost-captures option and re2c:leftmost-captures on capturing groups
* new syntax (! ...) for non-capturing groups
* It is also possible to flip defaults with --invert-captures option or re2c:invert_captures configuration,
so that (...) is a capturing group and (! ...) is a non-capturing one
* TDFA paper and removal of experimental algorithms
* internal codebase , build system and CI improvements
see details at https://re2c.org/releases/release_notes.html#release-3-1
==== rebootmgr ====
Version update (2.0 -> 2.1)
- Update to version 2.1
- Support systemctl soft-reboot (systemd >= v254)
- Typo fix in spec description
==== rpm ====
Subpackages: librpmbuild9
- add remove-awk-dependency.patch to be able to drop awk dependency
from containers
==== rubygem-moneta ====
Version update (1.5.2 -> 1.6.0)
- updated to version 1.6.0
see installed CHANGES
1.6.0
* Adapters - Support for Rails 6.1 and above (Adapters::ActiveRecord, Adapters::ActiveSupportCache, ActiveSupportCache::MonetaStore)
* Adapters::YAML - add `theadsafe` option
* Adapters::Sequel - fix deadlock issue with #increment on MySQL in newer Sequel versions (#244)
* Adapters::Sequel - fix issue with Postgres HStore on newer Postgres (#243)
* Adapters - fixed an issue many adapters had where #merge! errored if passed an empty hash (#246)
* Support changes - Drop support for 2.3 and 2.4, add support for 3.x
==== sac ====
- Clean the spec file a bit to make it more readable
==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-transactional-update
- Create minion_id with reproducible mtime
- Fix detection of Salt codename by "salt_version" execution module
- Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844)
- Fix the regression of user.present state when group is unset (bsc#1212855)
- Fix zypper repositories always being reconfigured
- Fix utf8 handling in 'pass' renderer and make it more robust
- Prevent _pygit2.GitError: error loading known_hosts when $HOME is not set (bsc#1210994)
- Fix ModuleNotFoundError and other issues raised by salt-support module (bsc#1211591)
- tornado: Fix an open redirect in StaticFileHandler (CVE-2023-28370, bsc#1211741)
- Make master_tops compatible with Salt 3000 and older minions (bsc#1212516) (bsc#1212517)
- Avoid failures due transactional_update module not available in Salt 3006.0 (bsc#1211754)
- Avoid conflicts with Salt dependencies versions (bsc#1211612)
- Added:
* fix-utf8-handling-in-pass-renderer-and-make-it-more-.patch
* fix-the-regression-of-user.present-state-when-group-.patch
* make-master_tops-compatible-with-salt-3000-and-older.patch
* avoid-conflicts-with-dependencies-versions-bsc-12116.patch
* tornado-fix-an-open-redirect-in-staticfilehandler-cv.patch
* fix-regression-multiple-values-for-keyword-argument-.patch
* zypper-pkgrepo-alreadyconfigured-585.patch
* mark-salt-3006-as-released-586.patch
* fix-some-issues-detected-in-salt-support-cli-module-.patch
* define-__virtualname__-for-transactional_update-modu.patch
* 3006.0-prevent-_pygit2.giterror-error-loading-known_.patch
==== setools ====
Version update (4.4.2 -> 4.4.3)
Subpackages: python311-setools setools-console
- Update to version 4.4.3:
* Fix compilation with Cython 3.0.0.
* Improve man pages.
* Remove neverallow options in sediff.
* Add -r option to seinfoflow to get flows into the source type.
* Reject a rule with no permissions as invalid policy.
==== shadow ====
Version update (4.13 -> 4.14.0)
Subpackages: libsubid4 login_defs
- Remove dependency on libbsd:
On Tumbleweed we have glibc 2.38 already thus string functions
like strlcpy will be present and won't be needed from libbsd.
`readpassphrase()` is then the only function from libbsd not present.
Upstream shadow has an in tree copy of it, that is used when the
`--without-libbsd` flag is passed along.
By relying on glibc 2.38 we don't need to add libbsd and libmd
to our ring0 but can't easily upgrade on SLE.
- Update to 4.14.0:
* configure: add with-libbsd option
* Code cleanup
* Replace utmp interface #757
* new option enable-logind #674
* shadow userdel: add the adaptation to the busybox ps in 01-kill_user_procs.sh
* chsh: warn if root sets a shell not listed in /etc/shells #535
* newgrp: fix potential string injection
* lastlog: fix alignment of Latest header
* Fix yescrypt support #748
* chgpasswd: Fix segfault in command-line options
* gpasswd: Fix password leak
* Add --prefix to passwd, chpasswd and chage #714 (bsc#1206627)
* usermod: fix off-by-one issues #701
* ch(g)passwd: Check selinux permissions upon startup #675
* sub_[ug]id_{add,remove}: fix return values
* chsh: Verify that login shell path is absolute #730
* process_prefix_flag: Drop privileges
* run_parts for groupadd and groupdel #706
* newgrp/useradd: always set SIGCHLD to default
* useradd/usermod: add --selinux-range argument #698
* sssd: skip flushing if executable does not exist #699
* semanage: Do not set default SELinux range #676
* Add control character check #687
* usermod: respect --prefix for --gid option
* Fix null dereference in basename
* newuidmap and newgidmap: support passing pid as fd
* Prevent out of boundary access #633
* Explicitly override only newlines #633
* Correctly handle illegal system file in tz #633
* Supporting vendor given -shells- configuration file #599
* Warn if failed to read existing /etc/nsswitch.conf
* chfn: new_fields: fix wrong fields printed
* Allow supplementary groups to be added via config file #586
* useradd: check if subid range exists for user #592 (rh#2012929)
- Refresh useradd-default.patch
- Remove upstreamed patches:
* useradd-userkeleton.patch
* shadow-audit-no-id.patch
* shadow-fix-print-login-timeout.patch
* shadow-CVE-2023-29383.patch
- Dont build lastlog (lastlog.legacy) anymore since we
use lastlog2 by default now.
- This release depends either on libbsd or on glibc >= 2.38
which only recently got released. libbsd (and libmd) would be
new packages in our ring0
==== signon ====
Version update (8.60 -> 8.61)
Subpackages: libsignon-qt5-1 signon-plugins signond signond-libs
- Update to 8.61
* Port away from QHash::unite
* Don't emit QObject::destroyed() within Identity::destroy()
* Build: remove unnecessary qmake options
* Don't use -fno-rtti
* Run test script with Busybox compatible mktemp
* Fix typos in logs
* Tests: add missing parameter to mkdir command
* Fix deprecation warning
* signond: register the adaptors in SignonDaemonAdaptor
* signond: get appId of peer in SignonIdentityAdapter
* signond: add Error class
* signond: add ErrorAdaptor class
* signond: use ErrorAdaptor in SignonSessionCore
* signond: reduce usage of D-Bus in SignonIdentity class
* signond: introduce PeerContext class
* signond: reduce D-Bus usage in SignonAuthSession
* signond: register the adaptors, not the object itself
* signond: destroy adapter when Identity gets unregistered
* Fix Unicode $HOME dir
- Drop patch, merged upstream:
* 0001-Don-t-use-fno-rtti.patch
- Drop the unneeded baselibs.conf
==== smartmontools ====
Version update (7.3 -> 7.4)
- Update to version 7.4:
* See NEWS and ChangeLog files for full details
- Drop smartmontools-smartctl-NVMe-big-endian.patch (upstreamed)
- Refresh smartmontools-suse-default.patch
==== solid ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5Solid5 solid-imports solid-tools
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== sonnet ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5SonnetCore5 libKF5SonnetUi5 sonnet-imports
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== speech-dispatcher ====
Version update (0.11.4 -> 0.11.5)
Subpackages: libspeechd2 python3-speechd
- Update to version 0.11.5:
* Update CLDR to version 43 and symbols from NVDA.
* Fix parsing and emitting space character.
* Reduce espeak buffer size to avoid ssml issues.
* Add --disable-doc.
* Fix spd-conf not being able to set the default module.
* Fix pausing without index.
==== srt ====
Version update (1.5.1 -> 1.5.2)
- Update to 1.5.2:
* API
- 41c4b1f Fixed #ifdef ENABLE_AEAD_API_PREVIEW (#2603).
- b3a21e1 SRT version raised to 1.5.2.
- c0d9fcd Restored resetlogfa(..) in udt.h. Reverting #2558, although udt.h is not the official SRT API.
- 87de405 Added ENABLE_AEAD_API_PREVIEW build option to enable AEAD API.
- 60d1237 Crypto mode 'auto' implemented for listener (#2574).
- 27e7d8d Socket Options: do not allow AES GCM if TSBPD is disabled.
- 3e4561e Add GCM to the SRT API.
* Core Functionality
- 3cefede Correct remaining endianness issues
- 30e7ccd Minor fix of variable shadowing.
- 6fcff6d Fixed various compiler warnings on various platforms (#2679).
- 59cde53 Fixed FEC Emergency resize crash (#2717).
- 2fcd3d4 Fix crypto mode auto for listener sender (#2711).
- b010763 Fixed typos in MBedTLS where it referred to GnuTLS (#2699).
- a991767 Fix peer filter config being rejected because of endianness
- 1cffd2f Added rejection handshake sent to the peer in rendezvous mode (#2667).
- f57ba89 Added missing thread watchdog ticks in 3 thread loop (#2669).
- e8d0533 Fixed old ENABLE_AEAD_PREVIEW.
- 599c1fb Reworked the CRcvBuffer::dropMessage(..) function (#2661).
- 7948772 Removed duplicate lines (#2660).
- 3ffc93f Fixed CRcvBuffer::dropMessage (#2657).
- e9a3955 Fixed guard for rcv-rexmit fields (#1859).
- 22e97f8 Fixed warnings and removed redundant includes (#2658).
- c83c31b Reduce frequency of the decryption failure log (#2602).
- 21b55a2 Disabled warnings various platforms and fixed C++20 Windows build (#2411).
- 65bef37 Set CLOSING state when closing a socket (#2643).
- 02cba9e Drop undecrypted packet based on sequence number (#2654).
- 6d774dd Fixed invalid ASSERT checking outdated object in haicrypt (#2652).
- 8db35de Refaxed and fixed multiplexer reusage (#2608).
- 6c92a13 Fix crash when enable heavy log and socket id less than 10 (#2619).
- 64dedef CodeQL: operation requires 22 bytes.
- 0c583f8 CodeQL warning: checking NULL after new.
- b8962b4 Fixed PKTINFO case that was failing for IPv4+IPv6 bound sockets (#2630).
- a42a39f Fixed wrong null-safety condition check in haicrypt (#2616).
- 30f6f6b Removed extra redundant condition checks (#2615).
- 5f02310 Fix negative id when wrap around
- f533716 Fixed reject reason by a caller if connection is UNSECURE (#2622).
- 04e8dbc Fixed default reject reason for a listener callback (#2605).
- 0b9d583 AEAD: don't break a connection on decrypt failure.
- 6db28dc RCV Buffer Refax: added some utils and simplifications (#2522).
- 5889a2c AES-GCM payload length check (#2591).
- 45232ad Allow fileCC in group mode
- 98b1b00 Added extraction of IP_PKTINFO when reading (#456).
- de9fc45 Fix CRcvBuffer last position in getTimespan_ms (#2579).
- 38b4211 Remove use variable length array (#2279).
- 78dd987 Fixed missing DROPREQ for LOSSREPORT that partially predates ACK (#2498).
- 4090b25 Reject caller to caller connection (#2562).
- 0a835ea Refax: moved removal of one seq from fresh loss list to a separate function (#2521).
- 19af5d1 Obtain ConnectionLock while sending crypto keys.
- 3d517cf Fixed a warning: member referenced before initialized (#2433).
- fc82eac Refax: remove usage of LOGF/HLOGF (#2566).
- 637d439 Refax: removed m_iRcvLastSkipAck and its dependencies (#2546).
- 6c52f2d Pass std::string by const ref where possible.
- 6d62096 Applied clang-format on md5.cpp and md5.h.
- 2c48cba MD5: Removed null pointer subtraction (may have undefined behavior).
- ae39052 Fixed rendezvous connection in the Non Blocking Mode (#2548).
- 0138898 Fixed cloning the RX crypto context (AEAD)
- be1ccf5 Moved KM refresh in packUniqueData() (#2541).
- f864cec Fixed TARGET_OS_MAC not defined. Wrong include order.
- 432f2d8 fix CSndBuffer parameter incorrect in AES GCM mode
- cbfa812 Refax/postfix: further fixes after last refax changes (#2528)
- e082f30 Fixed validation of input parameters in srt_connect (#2520).
- 932e5bd Cleanup of bonding conditionals and unused code (#2525).
- f477b51 Fixed connected peer address recording (#2526)
- b76c8b2 Fixed CRcvBuffer::getAvailSize() may jump around. (#2490)
- 71c3e40 Refax: safety improvements for RCV loss list and closing state (#2517)
- 491e6e8 Extract RCV buffer insertion handling to a separate function (#2500).
- 258a858 Refax: added size cache to the group container (#2510).
- 2fd1363 Refax: improve logging and code readability around specific logging (#2511).
- f7a024a Refax: removed the synconmsg property and its handling in the group (#2509)
- 53735e1 Don't consider tool old ACK as IPE, it' may caused by network.
- d26bbf7 Fixed a false alarm: ACK ERROR...(diff -1)
- 0f6e7c7 Fixed the inconsistency between getFirstLostSeq() and ackDataUpTo() (#2488)
- ea86302 Reduced calls to steady_clock::now() from two to one.
- 8e9958a Reject if SRT_MAGIC_CODE is not set in the HS induction response.
- 8e67aa7 Tune logs of group members adding and removing.
- c01c646 Fixed AES-GCM support check.
==== suse-module-tools ====
Version update (16.0.32 -> 16.0.33)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.33:
* change wording in filesystem blacklist files
(gh#openSUSE/suse-module-tools#71)
* rpm-script: update bootloader after creating initramfs
(boo#1213822)
* usrmerge: Drop support for non-usrmerged (boo#1206798)
==== syndication ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== syntax-highlighting ====
Version update (5.108.0 -> 5.109.0)
Subpackages: libKF5SyntaxHighlighting5 syntax-highlighting-imports
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Hare language syntax highlighting
* Add explicit moc includes to sources for moc-covered headers
==== system-config-printer ====
Subpackages: python3-cupshelpers system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer
- Explicitly use --with-cups-serverbin-dir to find SERVERBIN when
cups.pc is not provided by older cups (boo#1213883).
==== systemd ====
Version update (253.7 -> 253.8)
Subpackages: libsystemd0 libudev1 systemd-container systemd-coredump udev
- Import commit fcdb2dd2c921db3c6b7c28465dbda314f4469d17 (merge of v253.8)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/2dac0aff9ced1eca0cd11c24e264b33…
==== sysvinit ====
Version update (3.07 -> 3.08)
Subpackages: sysvinit-tools sysvinit-tools-doc
- Update to sysvinit 3.08
* For OpenSUSE only cosmetic change which is support of kexec
for SysVinit reboot (not installed at all)
==== tango-icon-theme ====
- BuildRequire bitstream-vera-fonts for SVG text rendering
==== tar ====
Subpackages: tar-rmt
- Run testsuite also on qemu build
==== telepathy-logger ====
Subpackages: libtelepathy-logger3 typelib-1_0-TelepathyLogger-0_2
- Split the gsettings schema to a separate package
+ The telepathy-logger library has an hard dependency on the schema, and if
it's missing (before this change it has been part of the telepathy-logger
daemon) it will cause the loading application to crash.
+ The library does now require the schema package
- Drop dangling %glib2_gsettings_schema_requires macro.
==== threadweaver ====
Version update (5.108.0 -> 5.109.0)
- Update to 5.109.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.109.0
- Changes since 5.108.0:
* Add explicit moc includes to sources for moc-covered headers
==== tracker-miners ====
Subpackages: tracker-miner-files
- Update
+ Fix the tracker miner spec file to build for SLE_15
+ Rebase patch: tracker-miners-drop-syscalls-in-seccomp.patch
==== unixODBC ====
Version update (2.3.11 -> 2.3.12)
- Update to 2.3.12:
* Makefile.am: Do not install config.h #108
* DriverManager/drivermanager.h: fix build without threads #112
* DriverManager/_info.c: Get locale encoding on Windows. #115
* Fixed Connection String #127
* Allow diagnostics to be retrieved on SQL_NO_DATA #137
* Avoid implicit function declarations, for C99 compatibility #138
* Remove self-reference #140
* isql.1: Add information about handling passwords containing semicolons #126
- Remove unixODBC-gccwarnings.patch, unixODBC-2.3.6-declarations.patch:
Changes have been done in https://github.com/lurcher/unixODBC/pull/138
- Update unixODC-etc-location.patch
==== upower ====
Version update (1.90.1 -> 1.90.2)
Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0
- update to 1.90.2:
* Note that this is the last release of UPower with lid
handling. OS components that rely on the lid status
should get it from logind instead.
* Fix wireless devices not disappearing from Settings when
disconnected
* Require a newer libgudev to avoid bugs related to newline
stripping when reading sysfs attributes
* Add installed-tests files for use with gnome-desktop-testing
* Fix integration test to work with system installed upower
binary and under jhbuild
- add skip-tests-install.patch to skip installation of test-only
assets
==== util-linux ====
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Re-add util-linux-fix-tests-with-64k-pagesize.patch because it is
not in 2.39.1
- Disable last and lastb for ALP, too.
==== util-linux-systemd ====
- Re-add util-linux-fix-tests-with-64k-pagesize.patch because it is
not in 2.39.1
- Disable last and lastb for ALP, too.
==== w3m ====
- CVE-2023-38253: out-of-bounds read in growbuf_to_Str() at w3m/indep.c
(bsc#1213323)
- CVE-2023-38252 out-of-bounds read in Strnew_size() at w3m/Str.c
(bsc#1213324)
- add 0001-Fix-OOB-access-due-to-multiple-backspaces.patch
==== webkit2gtk3 ====
Version update (2.40.4 -> 2.40.5)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.40.5 (boo#1213905):
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592,
CVE-2023-38594, CVE-2023-38595, CVE-2023-38597,,
CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611.
==== webkit2gtk3-soup2 ====
Version update (2.40.4 -> 2.40.5)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Update to version 2.40.5 (boo#1213905):
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592,
CVE-2023-38594, CVE-2023-38595, CVE-2023-38597,,
CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611.
==== wpebackend-fdo ====
Version update (1.14.0 -> 1.14.2)
- Update to version 1.14.2
+ Reverted a change introduced in 1.14.1 which introduced crashes
both with WebKitGTK and WPE running under Wayland in some
configurations.
+ Fix a crash caused by wrong assertion, which was typically
triggered in debug builds when using the NVidia drivers.
- Update to version 1.14.1:
+ Fix WebKit no longer repainting after provisional navigation
wit PSON enabled.
+ Fix graphics buffer leaks by always freeing them in buffer
destroy listener callbacks.
==== wtmpdb ====
Version update (0.7.1 -> 0.9.1)
Subpackages: libwtmpdb0
- Fix last.1 manual page reference
- Update to version 0.9.1
- Fix printf format specifier on 32bit
- Update to version 0.9.0
- Try to detect systemctl soft-reboot
- Many conversation warning/error fixes
- Update to version 0.8.0
- wtmpdb boottime: print boot time
==== xdg-desktop-portal-gnome ====
Version update (44.1 -> 44.2)
- Update to version 44.2:
+ Expose settings backend when running outside of GNOME.
+ Updated translations.
==== xen ====
Version update (4.17.1_06 -> 4.17.2_02)
Subpackages: xen-libs xen-tools-domU
- bsc#1212684 - xentop fails with long interface name
64d33a57-libxenstat-Linux-nul-terminate-string.patch
- Update to Xen 4.17.2 bug fix release (bsc#1027519)
xen-4.17.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative
Return Stack Overflow (XSA-434)
- bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data
Sampling (XSA-435)
- Dropped patches contained in new tarball
64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
645dec48-AMD-IOMMU-assert-boolean-enum.patch
64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
646b782b-PCI-pci_get_pdev-respect-segment.patch
647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
648863fc-AMD-IOMMU-Invalidate-All-check.patch
64bea1b2-x86-AMD-Zenbleed.patch
- Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch
A bit is an index in bitmap, while bits is the allocated size
of the bitmap.
- Add more debug to libxc-sr-track-migration-time.patch
This is supposed to help with doing the math in case xl restore
fails with ERANGE as reported in bug#1209311
- bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed
(XSA-433)
64bea1b2-x86-AMD-Zenbleed.patch
==== xfce4-terminal ====
Version update (1.0.4 -> 1.1.0)
Subpackages: xfce4-terminal-lang
- Update to version 1.1.0
* Update copyright year
* Allow passing arguments to custom commands
* Fully translate strings in unsafe paste dialog
* window: Properly sync always-show-tabs
* cleanup: Include gdkx.h in one place
* preferences: Remove unused class member
* preferences: Check if channel itself exists instead of check
property
* screen: Review image loader memory management
* image-loader: Review cache management
* Add keywords to .desktop files (Fixes #50)
* screen: Take window scaling into account when drawing
(Fixes #71)
* Remove obsolete GNOME default-app file (Fixes #109)
* Add "Open File Manager Here" action (Fixes #133)
* Properly manage default encoding (Fixes #128)
* Move general include in private.h
* dropdown: Disable systray icon on Wayland
* Fix startup with GDK_BACKEND=x11 (Fixes #177)
* shortcuts: Restore broken action toggle-menubar
* shortcuts: Fix non-consumed key event for show-menubar
* main: Allow GTK to parse its options first (Fixes #216)
* search: Add missing sanity check
* Use GLib logging functions and do not translate warnings
* Remove obsolete CHECK_VERSION()
* Use g_new() instead of malloc()
* Fix Xfconf memory management
* search-dialog: Fix memory leak
* Remove extra separator at the end of context menu
* Missing shortcut keys in the standalone preferences dialog
(Issue #198)
* Apply 1 suggestion(s) to 1 file(s)
* Enable kinetic scrolling in VteTerminal
* Extend --disable-server description wrt. process model
* Drop obsolete --disable-server translations
* prefs-dialog: Fix untranslated strings
* Add sixel support
* Add icons at missing sizes, clean up SVG metadata
* build: Fix autoconf warnings
* build: Add GLib requirement
* Add accel entries for scrolling pages (Issue #221)
* Remove documentation for dead anti-aliasing option
* Make strings translatable (Issue #222)
* Fix shortcuts-editor include
* Support hyperlinks (Issue #21)
* Fix argument type for xfce_shortcuts_editor_new
* fix background_notify
* Remove disable-help preference.
* MR: !51 transitioned to Xfconf (#134)
* typos in MR !48 fixed
* Remove all references to terminal-preferences.glade
* Remove one more mention of terminal-preferences.glade
* Remove trailing slash
* Remove terminal-preferences-ui.h from makefile
* Remove terminal-preferences.glade
* MR: !48 shortcuts editor embedded into preferences-dialog (#195)
* MR: !48 preferences-dialog rewritten in C (#195)
* MR: !46 Change in implementation for TAB accels (#150)
* Implementation of MiscShiftArrowsToScroll as accelerators.
* Add PCRE2 build dependency
* Remove libxfce4ui 4.17 version guards
* Replace with xfce_gtk_menu_append_separator
* Tweak toolbar
* Translation Updates
- "gnome-control-center" support is no longer available; remove the
corresponding entries from the %files list
==== xmlsec1 ====
Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1
- Added patch:
* xmlsec1-ui_null.patch
+ fix build with older versions of openssl that don't have
UI_null() method
==== xz ====
Version update (5.4.3 -> 5.4.4)
Subpackages: liblzma5
- xznew: Remove bashsism.
- build: pass CONFIG_SHELL=/bin/sh to configure: the posix tools
are setting the current SHELL as the shebang, which is overkill:
any posix compliant shell, aka /bin/sh, is sufficient.
- Update to version 5.4.4:
* liblzma and xzdec can now build against WASI SDK when threading
support is disabled. xz and tests don't build yet.
* documentation update
* translations update
==== yast2-apparmor ====
Version update (4.6.1 -> 4.6.2)
- bsc#1214418
- Fixed crash on internal error when scanning audit.log
- 4.6.2
==== yast2-country ====
Version update (4.6.2 -> 4.6.3)
Subpackages: yast2-country-data
- Allow changing date to a later year than 2032 (bsc#1214144)
- 4.6.3
==== yast2-installation ====
Version update (4.6.5 -> 4.6.7)
- Require awk for use in startup scripts (bsc#1214277)
- 4.6.7
- bsc#1213959
- Change status label properly when toggling status in the
"Previousy used repositories" dialog.
- 4.6.6
==== yast2-packager ====
Version update (4.6.1 -> 4.6.2)
- Move loading the Pkg module to fix a failing unit test (bsc#1214069)
- 4.6.2
==== yast2-trans ====
Version update (84.87.20230729.64eca7e0a1 -> 84.87.20230818.ea489402e5)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20230818.ea489402e5:
* Translated using Weblate (Latvian)
* Translated using Weblate (Catalan)
* Translated using Weblate (Catalan)
* Translated using Weblate (Catalan)
- Update to version 84.87.20230811.13616e3be9:
* Translated using Weblate (Georgian)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Japanese)
* Translated using Weblate (Japanese)
* Translated using Weblate (Japanese)
* Translated using Weblate (Czech)
* Translated using Weblate (Dutch)
* Translated using Weblate (Czech)
* Translated using Weblate (Dutch)
* Translated using Weblate (Czech)
* New POT for text domain 'users'.
* New POT for text domain 'storage'.
* New POT for text domain 'sap-installation-wizard'.
* New POT for text domain 'qt-pkg'.
* New POT for text domain 'qt'.
* New POT for text domain 'pam'.
* New POT for text domain 'ncurses'.
* New POT for text domain 'migration_sle'.
* New POT for text domain 'kdump'.
* New POT for text domain 'installation'.
* New POT for text domain 'control'.
==== zsh ====
- Enable testsuite in qemu build
==== zxing-cpp ====
- Restore support for building on SLE12
- Build with gcc7-c++ or gcc-c++ >= 7 because of C++17 requirements
- Added patch:
* cmake.patch
+ allow building with cmake 3.5 on SLE12SP5
1
0
Guys,
I wanted to get openSUSE on a few of the LibreComputer boards, well the
first I tired All-H3-CC-H5, the tumble weed iso link is broken.
What ISO can I use? I want to use with the Renegade and La Potatoe.
Thanks Guys,
--
Terror PUP a.k.a
Chuck "PUP" Payne
-----------------------------------------
Discover it! Enjoy it! Share it! openSUSE Linux.
-----------------------------------------
openSUSE -- Terrorpup
openSUSE Ambassador/openSUSE Member
skype,twiiter,identica,friendfeed -- terrorpup
freenode(irc) --terrorpup/lupinstein
Register Linux Userid: 155363
openSUSE Community Member since 2008.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bluedevil5 (5.27.6 -> 5.27.7)
breeze (5.27.6 -> 5.27.7)
breeze-gtk (5.27.6 -> 5.27.7)
discover (5.27.6 -> 5.27.7)
drkonqi5 (5.27.6 -> 5.27.7)
ffmpeg-6
file (5.44 -> 5.45)
inkscape (1.2.2 -> 1.3)
kactivitymanagerd (5.27.6 -> 5.27.7)
kcm_flatpak (5.27.6 -> 5.27.7)
kcm_sddm (5.27.6 -> 5.27.7)
kde-cli-tools5 (5.27.6 -> 5.27.7)
kde-gtk-config5 (5.27.6 -> 5.27.7)
kgamma5 (5.27.6 -> 5.27.7)
khotkeys5 (5.27.6 -> 5.27.7)
kinfocenter5 (5.27.6 -> 5.27.7)
kirigami-addons (0.9.0 -> 0.10.0)
kmenuedit5 (5.27.6 -> 5.27.7)
kpipewire (5.27.6 -> 5.27.7)
kscreen5 (5.27.6 -> 5.27.7)
kscreenlocker (5.27.6 -> 5.27.7)
ksshaskpass5 (5.27.6 -> 5.27.7)
ksystemstats5 (5.27.6 -> 5.27.7)
kwayland-integration (5.27.6 -> 5.27.7)
kwin5 (5.27.6 -> 5.27.7)
kwrited5 (5.27.6 -> 5.27.7)
layer-shell-qt (5.27.6 -> 5.27.7)
libkdecoration2 (5.27.6 -> 5.27.7)
libkscreen2 (5.27.6 -> 5.27.7)
libksysguard5 (5.27.6 -> 5.27.7)
libopenraw (0.3.4 -> 0.3.7)
libplacebo5
libstorage-ng (4.5.127 -> 4.5.133)
libuv (1.44.2 -> 1.46.0)
milou5 (5.27.6 -> 5.27.7)
mozilla-nss (3.90 -> 3.91)
openssl-1_1 (1.1.1u -> 1.1.1v)
oxygen5-sounds (5.27.6 -> 5.27.7)
pam_kwallet (5.27.6 -> 5.27.7)
patterns-kde (20230403 -> 20230801)
plasma-browser-integration (5.27.6 -> 5.27.7)
plasma-nm5 (5.27.6 -> 5.27.7)
plasma5-addons (5.27.6 -> 5.27.7)
plasma5-desktop (5.27.6 -> 5.27.7)
plasma5-disks (5.27.6 -> 5.27.7)
plasma5-integration (5.27.6 -> 5.27.7)
plasma5-openSUSE
plasma5-pa (5.27.6 -> 5.27.7)
plasma5-systemmonitor (5.27.6 -> 5.27.7)
plasma5-thunderbolt (5.27.6 -> 5.27.7)
plasma5-workspace (5.27.6 -> 5.27.7)
polkit-kde-agent-5 (5.27.6 -> 5.27.7)
powerdevil5 (5.27.6 -> 5.27.7)
python-pexpect
systemsettings5 (5.27.6 -> 5.27.7)
virt-manager
xdg-desktop-portal-kde (5.27.6 -> 5.27.7)
=== Details ===
==== bluedevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: bluedevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze ====
Version update (5.27.6 -> 5.27.7)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang libbreezecommon5-5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze-gtk ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze gtk4-metatheme-breeze metatheme-breeze-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== discover ====
Version update (5.27.6 -> 5.27.7)
Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* rpm-ostree: Improve search and filter logic (kde#468162)
* Fix SteamOS dbus path
==== drkonqi5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: drkonqi5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* coredump-gui: don't delete qprocess in a slot that connects to it
==== ffmpeg-6 ====
Subpackages: libavcodec60 libavdevice60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7
- Bump required libplacebo version to v6.292.0 or newer for TW
- Temporarily demote deprecation errors to deprecation warnings
for vf_libplacebo
- Add upstream patches to fix build with libplacebo v6:
* 0001-avfilter-vf_libplacebo-remove-deprecated-field.diff
==== file ====
Version update (5.44 -> 5.45)
Subpackages: file-magic libmagic1
- Add patch file-5.45-type_t.dif
* Partly upstream check of type_t is wide on 32bit systems
* Extend (auto)configure to enable wide type_t type if possible
- On 32bit systems define _TIME_BITS=64 to make it build
- Update to 5.45:
* PR/465: psrok1: Avoid muslc asctime_r crash
* add SIMH tape format support
* bump the max size of the elf section notes to be read to 128K
and make it configurable
* PR/415: Fix decompression with program returning empty
* PR/408: fix -p with seccomp
* PR/412: fix MinGW compilation
- Remove upstream patch dc71304b.patch
- Modify patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-secure_getenv.patch
- Port and rename patch file-5.44.dif now file-5.45.dif
==== inkscape ====
Version update (1.2.2 -> 1.3)
Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp
- Update to version 1.3:
+ Shape Builder Tool for building up shapes on canvas
+ Font Collections
+ Pattern Editor
+ Document Resources Dialog
+ Improved performance thanks to fully asynchronous, multithreaded rendering
+ LPE dialog redesigned
+ Improved On-Canvas Pattern Editing
+ Better PDF import
+ Page margins & bleed
+ Return of Search, opacity & blend modes in Layers & Objects dialog and of an optional persistent snap bar
+ Syntax highlighting in XML Editor
+ See the full release notes
https://inkscape.org/doc/release_notes/1.3/Inkscape_1.3.html
- Drop patch 0001-Fix-build-with-GCC13.patch, fixed upstream
==== kactivitymanagerd ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_flatpak ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_sddm ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix loading theme.conf.user (kde#436272)
* Fix multi-line strings in QML file
==== kde-cli-tools5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kde-gtk-config5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kde-gtk-config5-gtk3
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kgamma5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== khotkeys5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kinfocenter5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kinfocenter5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kirigami-addons ====
Version update (0.9.0 -> 0.10.0)
- Update to 0.10.0. No changelog.
==== kmenuedit5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kpipewire ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kpipewire-imports libKPipeWire5 libKPipeWireDmaBuf5 libKPipeWireRecord5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* PipeWireSourceItem: proceed itemChange in QQuickItem
==== kscreen5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreen5-plasmoid
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kscreenlocker ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreenlocker-lang libKScreenLocker5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksshaskpass5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksshaskpass5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksystemstats5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* gpu/nvidia: Discover data fields based on headers (kde#470474)
==== kwayland-integration ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kwin5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Add closed window checks in restacking requests
* Add closed window checks in some window activation code paths
* x11: Sync frame extents in X11 native pixels (kde#471132)
* backends/drm: handle mismatching stride with CPU copying (kde#471517)
* scene: Pad damage if scale factor is fractional
* locale1: fix use-after-free in xkb_keymap creation
* effects: Make OpenGL context current before deleting framebuffer (kde#444665,kde#471139)
* plugins/backgroundcontrast,blur: ensure the effect is only applied behind the window (kde#469625)
* input: don't crash if the internal handle is nullptr (kde#471285)
==== kwrited5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== layer-shell-qt ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkdecoration2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private10
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkscreen2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libKF5Screen8 libKF5ScreenDpms8 libkscreen2-plugin
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* make sure kscreen-doctor exits when using --dpms
* Guard the deprecated Output::setPrimary (kde#471195)
==== libksysguard5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-plugins
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix typo
==== libopenraw ====
Version update (0.3.4 -> 0.3.7)
Subpackages: gdk-pixbuf-loader-libopenraw libopenraw9
- Update to version 0.3.7 and remove incorporated patch:
03f8270d6bb255ca6618505e83169ab9d95ccef1.patch
- Fix build using %prep from Gentoo and autoconf
- Upstream changes:
* Bug fixes:
Fix a crash when rendering Leica M Monochron DNG files.
Preserve the raw data photometric interpretation when
decompressing raw data.
Properly decode uncompressed big endian 16 bit raw data from
Pentax PEF. Issue #2. Including PENTAX *ist DS. #2
Added missing MPL-2.0 license to tarball. #15
Fix build issue with Rust 1.70.
Fix offline Rust build from tarball.
Fix a missing include with gcc 13. Issue #12.
* New features:
The Rust crates are vendored for the tarball. Note: resulting
tarball is bigger.
* Camera support:
[ a * denote that static WB coefficients have been included, unless DNG ]
Added Leica M11 Monochrom, Q3.
[ a * denote that static WB coefficients have been included, unless DNG ]
Added coefficients for Canon R8* and R50*.
Added coefficients for Panasonic S5M2*.
Added Panasonic GF8*.
Added Sony ZV-E1*, ILME-FX30*.
* Other:
Updated Exif tags.
==== libplacebo5 ====
- Fix libplacebo5-devel and plplay5 conflict with libplacebo-devel
and plplay, respectively
==== libstorage-ng ====
Version update (4.5.127 -> 4.5.133)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Czech) (bsc#1149754)
- 4.5.133
- Translated using Weblate (Japanese) (bsc#1149754)
- 4.5.132
- Translated using Weblate (Slovak) (bsc#1149754)
- 4.5.131
- Translated using Weblate (Dutch) (bsc#1149754)
- 4.5.130
- merge gh#openSUSE/libstorage-ng#943
- updated pot and po files
- 4.5.129
- merge gh#openSUSE/libstorage-ng#942
- support no-automount partition flag
- fixed include guard
- 4.5.128
==== libuv ====
Version update (1.44.2 -> 1.46.0)
- Switched keyring from Jameson Nash (vtjnash) to Santiago Gimeno
(santigimeno)
- Update to 1.46.0:
* Add some more iouring backend fs ops
* work around io_uring IORING_OP_CLOSE bug
- Updates in version 1.45.0:
* introduce io_uring support
* give thread pool threads an 8 MB stack
* change execution order of timers
==== milou5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: milou5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== mozilla-nss ====
Version update (3.90 -> 3.91)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
==== openssl-1_1 ====
Version update (1.1.1u -> 1.1.1v)
Subpackages: libopenssl1_1
- Update to 1.1.1v:
* Fix excessive time spent checking DH q parameter value
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
various checks on DH parameters. After fixing CVE-2023-3446 it
was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A
correct q value, if present, cannot be larger than the modulus
p parameter, thus it is unnecessary to perform these checks if
q is larger than p. If DH_check() is called with such q parameter
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
computationally intensive checks are skipped.
* Fix DH_check() excessive time with over sized modulus
(bsc#1213487, CVE-2023-3446). The function DH_check() performs
various checks on DH parameters. One of those checks confirms
that the modulus ("p" parameter) is not too large. Trying to use
a very large modulus is slow and OpenSSL will not normally use
a modulus which is over 10,000 bits in length. However the
DH_check() function checks numerous aspects of the key or
parameters that have been supplied. Some of those checks use the
supplied modulus value even if it has already been found to be
too large. A new limit has been added to DH_check of 32,768 bits.
Supplying a key/parameters with a modulus over this size will
simply cause DH_check() to fail.
* Update openssl.keyring with the OTC members that sign releases
* Rebase openssl-1_1-openssl-config.patch
* Remove security patches fixed upstream:
- openssl-CVE-2023-3446.patch
- openssl-CVE-2023-3446-test.patch
- Dont pass zero length input to EVP_Cipher because assembler
optimized AES cannot handle zero size. [bsc#1213517]
* Add openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
==== oxygen5-sounds ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== pam_kwallet ====
Version update (5.27.6 -> 5.27.7)
Subpackages: pam_kwallet-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== patterns-kde ====
Version update (20230403 -> 20230801)
Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast
- Drop the telepathy pattern.
The telepathy modules are now officially unmaintained upstream
and won't be released anymore.
==== plasma-browser-integration ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma-nm5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma-nm5-openconnect plasma-nm5-openvpn plasma-nm5-pptp plasma-nm5-vpnc
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Avoid double delete of TabWidget
==== plasma5-addons ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-addons-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* wallpapers/potd: use https in apodprovider
==== plasma5-desktop ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-desktop-emojier
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* applets/kickoff: add blocker to prevent focus change in search view (kde#466192)
* Kickoff: Fix grid view key nav in mirrored layout
* Update Unicode data for emojier to 15.0
* applets/taskmanager: use hardcoded value
* applets/taskmanager: make PauseAnimation wait longer (kde#470135)
* desktoppackage: activate panel on "Activate Panel Widget" shortcut pressed (kde#455398)
* kaccess: Use kcfg files of kcm
* kcms/access: Match kcfg default values to old defaults/kaccess
==== plasma5-disks ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-integration ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE
- Update to 5.27.7
==== plasma5-pa ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-pa-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Put volume change logic centrally in VolumeSlider
* Make setGenericVolume keep balance between channels (kde#435840)
==== plasma5-systemmonitor ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-thunderbolt ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-workspace ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Add patch to fix line wrapping of "100 %" in OSDs (kde#469576):
* 0001-OSD-Fix-size-calculation-for-progress-value.patch
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* libtaskmanager: fix unable to change order of launchers (kde#472812)
* Reorder removals to ensure launcher url is deallocated after last use
* Fix crash in LauncherTasksModel::Private::requestRemoveLauncherFromActivities (kde#472378)
* libtaskmanager: skip empty appId when matching '*.appId.desktop' (kde#472576,kde#428559)
* Do not write empty path to desktop file (kde#433304)
* Fix crash in TasksModel::move (kde#472524)
* kcm/region_language: fix enum order (kde#472108)
* kcms/region_language: Read from $LANGUAGE in options model
* kcms/region_language: Improve isSupportedLanguage detection
* kcms/region_language: Chop off the UTF-8 codepoint again
* kcms/region_language: Check if the language setting is default as well
* kcms/region_language: Simplify the language settings read
* kcms/region_language: Read the LANGUAGE environment variable for the default language value
* TriangleMouseFilter: remove unnecessary return
* TriangleMouseFilter: make `resendHoverEvents` actually work
* TriangleMouseFilter: fix incorrect handling of hover events and inactive state (kde#467426)
* TriangularMouseFilter: Filter event everytime when there was no movement at all
* Improve responsiveness of triangular filter
* shell: move `forceActiveFocus` to `PanelView`
* applets/mediacontroller: use PauseAnimation to delay showing busy indicator
* applets/mediacontroller: remove duplicate opacity animation
* applets/notifications: add workaround for QTBUG-100392 (kde#468180)
* Notifications: Also try X-SnapInstanceName for desktop file resolution
* libtaskmanager: fix a potential leak
==== polkit-kde-agent-5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== powerdevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: powerdevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== python-pexpect ====
- Clean up the SPEC file
==== systemsettings5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Properly show the custom header widget when started with non-QML KCMs
==== virt-manager ====
Subpackages: virt-install virt-manager-common
- bsc#1213790 - Application tab in virt-manager is collapsed,
therefore I can't read anything
virtman-fix-inspection-apps-window.patch
==== xdg-desktop-portal-kde ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.1.3 -> 23.1.4)
Mesa-drivers (23.1.3 -> 23.1.4)
MozillaFirefox (115.0.2 -> 115.0.3)
apache2-mod_php8 (8.2.7 -> 8.2.8)
apparmor
bind (9.18.16 -> 9.18.17)
cfitsio (4.2.0 -> 4.3.0)
crypto-policies (20230420.3d08ae7 -> 20230614.5f3458e)
curl (8.1.2 -> 8.2.1)
dLeyna
elfutils-debuginfod
fwupd (1.8.16 -> 1.8.17)
gcc13 (13.1.1+git7552 -> 13.1.1+git7597)
ghostscript
glu (9.0.2 -> 9.0.3)
grub2
gstreamer (1.22.4 -> 1.22.5)
gstreamer-plugins-bad (1.22.4 -> 1.22.5)
gstreamer-plugins-base (1.22.4 -> 1.22.5)
gstreamer-plugins-good (1.22.4 -> 1.22.5)
gstreamer-plugins-libav (1.22.4 -> 1.22.5)
gstreamer-plugins-rs (0.10.9 -> 0.10.11)
gstreamer-plugins-ugly (1.22.4 -> 1.22.5)
gupnp
hidapi (0.13.1 -> 0.14.0)
hwinfo (23.1 -> 23.2)
iio-sensor-proxy (3.4 -> 3.5)
ipmitool (1.8.19.0.g19d7878 -> 1.8.19.13.gbe11d94)
java-11-openjdk (11.0.19.0 -> 11.0.20.0)
kdeconnect-kde
kdump (1.9.3 -> 1.9.5)
kernel-firmware (20230707 -> 20230724)
kernel-source (6.4.3 -> 6.4.6)
kmod
lensfun (0.3.3 -> 0.3.4)
lftp
libapparmor
libarchive (3.6.2 -> 3.7.0)
libgexiv2 (0.14.1 -> 0.14.2)
libnvme
libqb (2.0.7+20230607.06c8641 -> 2.0.8+20230721.002171b)
libqt5-qtwebengine
librsvg (2.56.1 -> 2.56.3)
libshumate (1.0.4 -> 1.0.5)
libva (2.18.0 -> 2.19.0)
libva-gl (2.18.0 -> 2.19.0)
libvirt
libxcrypt (4.4.35 -> 4.4.36)
libzypp (17.31.15 -> 17.31.17)
lilv
man
mdadm
miniupnpc (2.2.4 -> 2.2.5)
mozilla-nss
ncurses (6.4.20230701 -> 6.4.20230715)
netcontrol
nftables (1.0.7 -> 1.0.8)
nghttp2 (1.54.0 -> 1.55.1)
openssh (9.3p1 -> 9.3p2)
openssh-askpass-gnome (9.3p1 -> 9.3p2)
openssl-1_1
openssl-3
ovmf (202302 -> 202305)
perl-File-Listing (6.15 -> 6.160.0)
perl-XML-LibXML (2.0208 -> 2.0209)
perl-libwww-perl (6.71 -> 6.720.0)
php8 (8.2.7 -> 8.2.8)
pipewire (0.3.74 -> 0.3.76)
publicsuffix (20230709 -> 20230717)
python-SQLAlchemy (2.0.16 -> 2.0.19)
python-mysqlclient
python-py
python-pycairo (1.23.0 -> 1.24.0)
python-pygit2 (1.11.1 -> 1.12.2)
python-reportlab
python-rich
python-urllib3 (2.0.3 -> 2.0.4)
python-zope.event
python-zope.hookable
python-zope.i18nmessageid
qalculate (4.6.1 -> 4.7.0)
qca-qt5 (2.3.6 -> 2.3.7)
qemu
qt6-base (6.5.1 -> 6.5.2)
qt6-declarative (6.5.1 -> 6.5.2)
qt6-imageformats (6.5.1 -> 6.5.2)
qt6-translations (6.5.1 -> 6.5.2)
qt6-wayland (6.5.1 -> 6.5.2)
raspberrypi-firmware-dt
rdma-core (45.0 -> 47.0)
re2-10
rsync
rubygem-rack-2.2 (2.2.7 -> 2.2.8)
samba (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852)
sdbootutil (1+git20230717.dac075e -> 1+git20230727.a0e666f)
selinux-policy (20230622 -> 20230728)
shotwell (0.32.1 -> 0.32.2)
sudo (1.9.13p3 -> 1.9.14p1)
systemd
sysuser-tools (3.1 -> 3.2)
tar
texlive-specs-n (2023.201.2.005svn65956 -> 2023.209.2.005svn65956)
tpm2-0-tss
update-alternatives (1.21.8 -> 1.21.22)
util-linux (2.39 -> 2.39.1)
util-linux-systemd (2.39 -> 2.39.1)
vala-panel-appmenu
vlc
webkit2gtk3 (2.40.3 -> 2.40.4)
webkit2gtk3-soup2 (2.40.3 -> 2.40.4)
wireless-regdb (20230601 -> 20230721)
xfsprogs (6.3.0 -> 6.4.0)
yast2-firstboot (4.6.0 -> 4.6.1)
yast2-trans (84.87.20230714.966688ddd0 -> 84.87.20230729.64eca7e0a1)
yast2-users (4.6.2 -> 4.6.4)
zlib-ng-compat
zypper (1.14.61 -> 1.14.62)
=== Details ===
==== Mesa ====
Version update (23.1.3 -> 23.1.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1
- Update to bugfix release 23.1.4
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
- supersedes u_fix-glx-context-opengl-4.5.patch
==== Mesa-drivers ====
Version update (23.1.3 -> 23.1.4)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to bugfix release 23.1.4
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
- supersedes u_fix-glx-context-opengl-4.5.patch
==== MozillaFirefox ====
Version update (115.0.2 -> 115.0.3)
- Mozilla Firefox 115.0.3
* fixes for other platforms
- remove bashisms from firefox startup script (boo#1213657)
==== apache2-mod_php8 ====
Version update (8.2.7 -> 8.2.8)
- version update to 8.2.8
* This is a bug fix release.
* https://www.php.net/ChangeLog-8.php#8.2.8
- modified patches
% php-sort-filelist-phar.patch (refreshed)
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- Add pam_apparmor README, referenced from online cha-apparmor-pam.html
documentation (bsc#1213472)
==== bind ====
Version update (9.18.16 -> 9.18.17)
Subpackages: bind-doc bind-utils
- Update to release 9.18.17
Feature Changes:
* If a response from an authoritative server has its RCODE set to
FORMERR and contains an echoed EDNS COOKIE option that was
present in the query, named now retries sending the query to
the same server without an EDNS COOKIE option.
* The relaxed QNAME minimization mode now uses NS records. This
reduces the number of queries named makes when resolving, as it
allows the non-existence of NS RRsets at non-referral nodes to
be cached in addition to the normally cached referrals.
Bug Fixes:
* The ability to read HMAC-MD5 key files, which was accidentally
lost in BIND 9.18.8, has been restored.
* Several minor stability issues with the catalog zone
implementation have been fixed.
==== cfitsio ====
Version update (4.2.0 -> 4.3.0)
- Update to version 4.3.0:
* Bug fix to fits_make_hist[d] that was introduced in 4.2.0.
* Added overflow checking for case of reading images with 8-byte
float values into 4-byte float arrays.
* fits_write_key_longstr now handles case of writing a long
keyword in combination with a long keyword value string.
* Add conversion of French locale comma-to-period in corner
cases appearing in ffr2e and ffd2e functions.
* Increased the precision when writing version number to
User-Agent strings for http connections. This is needed to
fully conform to 3-field version string format.
* Bug fix to GTIOVERLAP() calculator function, which was being
treated as a boolean value in expressions, and is now
correctly treated as a floating point result.
* Bug fix to ARRAY() calculator function, which caused a memory
overflow error
* Enhancement to the ARRAY function, such that ARRAY(V,d) can
apply new dimensions to V, as long as the total number of
array/vector elements does not change.
* Enhancement of long string keyword read/write functions to
fully conform with FITS standard specifications for multi-line
value and comment strings. Two new functions have been added
to implement this: fits_get_key_com_strlen and
fits_read_string_key_com.
- Make doc package noarch.
==== crypto-policies ====
Version update (20230420.3d08ae7 -> 20230614.5f3458e)
Subpackages: crypto-policies-scripts
- BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933)
derived from NEXT.pol
- Update to version 20230614.5f3458e:
* policies: impose old OpenSSL groups order for all back-ends
* Rebase patches:
- crypto-policies-revert-rh-allow-sha1-signatures.patch
- crypto-policies-supported.patch
==== curl ====
Version update (8.1.2 -> 8.2.1)
Subpackages: libcurl4
- Update to 8.2.1:
* Bugfixes:
- cfilters: rename close/connect functions to avoid clashes
- ciphers.d: put URL in first column
- cmake: add 'libcurlu'/'libcurltool' for unit tests
- cmake: update ngtcp2 detection
- configure: check for nghttp2_session_get_stream_local_window_size
- docs: mark two TLS options for TLS, not SSL
- docs: provide more see also for cipher options
- hostip: return IPv6 first for localhost resolves
- http2: fix regression on upload EOF handling
- http: VLH, very large header test and fixes
- libcurl-errors.3: add CURLUE_OK
- os400: correct EXPECTED_STRING_LASTZEROTERMINATED
- quiche: fix lookup of transfer at multi
- quiche: fix segfault and other things
- rustls: update rustls-ffi 0.10.0
- socks: print ipv6 address within brackets
- src/mkhelp: strip off escape sequences
- tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
- transfer: do not clear the credentials on redirect to absolute URL
- unittest: remove unneeded *_LDADD
- websocket: rename arguments/variables to match docs
- Update to 8.2.0 [bsc#1213237, CVE-2023-32001]
* Security fix:
- CVE-2023-32001: fopen race condition
* Changes:
- curl: add --ca-native and --proxy-ca-native
- curl: add --trace-ids
- CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
- haproxy: add --haproxy-clientip flag to set client IPs
- lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID
* Bugfixes:
- cf-socket: don't bypass fclosesocket callback if cancelled before connect
- cf-socket: skip getpeername()/getsockname for TFTP
- curl: count uploaded data to stop at the originally given size
- curl: return error when asked to use an unsupported HTTP version
- http2: fix crash in handling stream weights
- http2: send HEADER & DATA together if possible
- http3/ngtcp2: upload EAGAIN handling
- http: rectify the outgoing Cookie: header field size check
- hyper: fix EOF handling on input
- imap: Provide method to disable SASL if it is advertised
- libssh2: provide error message when setting host key type fails
- libssh2: use custom memory functions
- ngtcp2: assigning timeout, but value is overwritten before used
- quiche: avoid NULL deref in debug logging
- sectransp: fix EOF handling
- system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
- timeval: use CLOCK_MONOTONIC_RAW if available
- tls13-ciphers.d: include Schannel
- tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
- tool_operate: allow cookie lines up to 8200 bytes
- tool_parsecfg: accept line lengths up to 10M
- tool_writeout_json: fix encoding of control characters
- transfer: clear credentials when redirecting to absolute URL
- urlapi: have *set(PATH) prepend a slash if one is missing
- urlapi: scheme must start with alpha
- vtls: avoid memory leak if sha256 call fails
- websocket-cb: example doing WebSocket download using callback
- ws: make the curl_ws_meta() return pointer a const
==== dLeyna ====
- Add 61d24fdc.patch: Fix typos for meson 1.2 compatibility.
==== elfutils-debuginfod ====
Subpackages: debuginfod-profile libdebuginfod1
- Replace libdebuginfo1 sub-package's debuginfod-profile Recommends
with config(debuginfod-profile) Requires, but on the debuginfod-\
client sub-package, instead. And add binutils, bpftrace-tools,
elfutils, gdb, perf, systemd-coredump, and valgrind Supplements
to debuginfod-client sub-package. This should make installation
of debuginfod-client more consistent, along with debuginfod-\
profile, with software/packages that have debuginfod support.
==== fwupd ====
Version update (1.8.16 -> 1.8.17)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.8.17:
+ Correctly obtain the Thunderbolt is_native controller
attribute.
+ Fix a Wacom emulation failure on s390x.
+ Only allow --force on security attributes for unsupported
builds.
+ Reduce the amount of RSS by ~12% at startup.
==== gcc13 ====
Version update (13.1.1+git7552 -> 13.1.1+git7597)
Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc13 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1
- Bump to 9aac37ab8a7b919a89c6d64bc7107a8436996e93, git7597
* GCC 13.2 RC1
- Add rpmlint filter for SLE12 complaining about invalid licenses.
- Also handle -static-pie in the default-PIE specs
==== ghostscript ====
Subpackages: ghostscript-x11
- CVE-2023-38559.patch fixes CVE-2023-38559
"out of bounds read devn_pcx_write_rle() could result in DoS"
see bsc#1213637
and https://bugs.ghostscript.com/show_bug.cgi?id=706897
which is in base/gdevdevn.c the same issue
"ordering in if expression to avoid out-of-bounds access"
as the already fixed CVE-2020-16305 in devices/gdevpcx.c
see https://bugs.ghostscript.com/show_bug.cgi?id=701819
==== glu ====
Version update (9.0.2 -> 9.0.3)
- Update to version 9.0.3
* drop autotools
* apple: Fix compatibility version and current version of meson
build to be compatible with autotools build
* pkgconfig: Depend on opengl when built with libglvnd
* pkgconfig: Drop unneeded lines from autotools build
* pkgconfig: meson build should match autotools requires
* Remove deprecated register in C++17
- switch to meson build
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Fix error message "unknown command tpm_record_pcrs" with encrypted boot and
no tpm device present (bsc#1213547)
* 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
==== gstreamer ====
Version update (1.22.4 -> 1.22.5)
Subpackages: gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.5:
+ Highlighted bugfixes:
- Security fixes for the RealMedia demuxer
- vaapi decoders, postproc: Disable DMAbuf from caps
negotiation to fix garbled video in some cases
- decodebin3, playbin3, parsebin fixes, especially for stream
reconfiguration
- hlsdemux2: fix early seeking; don't pass referer when
updating playlists; webvtt fixes
- gtk: Fix critical caused by pointer movement when stream is
getting ready
- qt6: Set sampler filtering method, fixes bad quality with
qml6glsink and gstqt6d3d11
- v4l2src: handle resolution change when buffers are copied
- videoflip: update orientation tag in auto mode
- video timecode: Add support for framerates lower than 1fps
and accept 119.88 (120/1.001) fps
- webrtcsink: fixes for x264enc and NVIDIA encoders
- cerbero: Pull ninja from system if possible, avoid spurious
bootstrap of cmake
- packages: Recipe updates for ffmpeg, libsoup, orc
- various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- taglist, plugins: fix compiler warnings with GLib >= 2.76
- tracerutils: allow casting parameter types
- inputselector: fix playing variable is never set
- Rebase patch.
==== gstreamer-plugins-bad ====
Version update (1.22.4 -> 1.22.5)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.5:
+ d3d11bufferpool: Fix heavy CPU usage in case of fixed-size pool
+ jpegparser: jpegdecoder: Don't pollute bus and comply with spec
+ plugins: fix compiler warnings with GLib >= 2.76
+ webrtcbin: Prevent critical warning when creating an additional
data channel
+ webrtcstats: Properly report IceCandidate type
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-base ====
Version update (1.22.4 -> 1.22.5)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0
- Update to version 1.22.5:
+ appsink: add missing make_writable call
+ audioaggregator: Do not post message before being constructed
+ decodebin3:
- Prevent a critical warning when reassigning output slots
- Fix slot input linking when the associated stream has changed
- Remove spurious input locking during parsebin reconfiguration
+ urisourcebin: Set source element to READY before querying it
+ gl/viv-fb: meson build updates
+ plugins: fix compiler warnings with GLib >= 2.76
+ subtitleoverlay: fix mutex error if sink caps is not video
+ video:
- timecode: Add support for framerates lower than 1fps
- accept timecode of 119.88 (120/1.001) FPS
- cannot attach time code meta when frame rate is 119.88
(120000/1001)
+ videodecoder: fix copying buffer metas
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-good ====
Version update (1.22.4 -> 1.22.5)
Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-qtqml
- Update to version 1.22.5:
+ adaptivedemux2: Fix early seeking
+ hlsdemux2:
- Ensure processed webvtt ends with empty new line
- Don't set a referer when updating playlists
+ matroska: demux: Strip signal byte when encrypted
+ rtspsrc: Fix crash when is-live=false
+ gtk: Fix critical caused by pointer movement when stream is
getting ready
+ qt6: Set sampler filtering method, fixes bad quality with
qml6glsink and gstqt6d3d11
+ qtdemux: opus: set entry as sampled
+ v4l2src: handle resolution change when buffers are copied
+ v4l2videodec:
- Fix handling of initial gaps
- correctly register v4l2mpeg2dec
- replace custom QUERY_CAPS handling with getcaps callback
+ videoflip:
- update orientation tag in auto mode
- fix critical when tag list is not writable
- Rebase reduce-required-meson.patch.
- Pass qt-egl=disabled to meson, we are not ready for this feature
yet.
==== gstreamer-plugins-libav ====
Version update (1.22.4 -> 1.22.5)
- Update to version 1.22.5:
+ No changes
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-rs ====
Version update (0.10.9 -> 0.10.11)
- Update to version 0.10.11:
+ fallbackswitch:
- Change the threshold for trailing buffers
- Fix pad health calculation and notifies
+ fmp4mux: Fix draining in chunk mode if keyframes are too late
+ webrtcsink:
- fix pipeline when input caps contain max-framerate
- Configure only 4 threads for x264enc
- Translate force-keyunit events to force-IDR action signal for
NVIDIA encoders
- Set config-interval=-1 and aggregate-mode=zero-latency on
rtph264pay and rtph265pay
- Set VP8/VP9 payloader based on payloader element factory name
- Update to version 0.10.10:
+ webrtcsink:
- Avoid panic on unprepare from an async tokio context
- Use correct property types for nvvideoconvert
+ webrtc/signalling: fix race condition in message ordering
+ livesync:
- Wait for the end timestamp of the previous buffer before
looking at queue
- Improve EOS handling
+ videofx: Minimize dependencies of the image crate
+ togglerecord:
- Clip segment before calculating timestamp/duration
- Error out if main stream buffer has no valid running time
==== gstreamer-plugins-ugly ====
Version update (1.22.4 -> 1.22.5)
- Update to version 1.22.5:
+ rmdemux: add some integer overflow checks
- Rebase reduce-required-meson.patch.
==== gupnp ====
- Add upstream patches to fix build with meson 1.2.0:
+ a10c57bd.patch: Add missing "s" to wrap file syntax.
+ 884639bd.patch: properly spell [provide] in *.wrap files.
==== hidapi ====
Version update (0.13.1 -> 0.14.0)
- update to 0.14.0:
* general: add `hid_get_report_descriptor` API function (#451)
* libusb: fix crash in hid_enumerate() caused by a stale device
handle (#526)
* fixes (mostly error handling) of issues found by
Coverity Scan (#552/#554/#555/#559/#560/#561)
* various fixes and improvements
==== hwinfo ====
Version update (23.1 -> 23.2)
Subpackages: libhd23
- merge gh#openSUSE/hwinfo#128
- Add support for loongarch cpu
- 23.2
==== iio-sensor-proxy ====
Version update (3.4 -> 3.5)
- Update to version 3.5:
* Fix sensor hotplugging
* Fix some sensors not working when they were assigned a
sampling frequency they did not support.
* Add more tests.
* Correct the location of the D-Bus policy file.
==== ipmitool ====
Version update (1.8.19.0.g19d7878 -> 1.8.19.13.gbe11d94)
- Fix: ipmitool duplicates the timestamp (bsc#1213390)
A Fix-time-format-for-sel-list-v.patch
- Remove: Make-IANA-PEN-download-configurable (is mainline)
D 0006-Make-IANA-PEN-download-configurable-fix-uninitalized.patch
- Update to version 1.8.19.13.gbe11d94:
* configure.ac: allow disabling registry downloads
* lan: channel: Fix set alert on/off
* make: use correct docdir variable provided by autotools
* Do not require the IANA PEN registry file
* configure.ac: fix readline static build
* Update github actions for modern OSes
* Update macos target name in github actions
* delloem: Fix the unalign bug in arm64
* lanplus: Realloc the msg if the payload_length gets updated
* fru print: Add area checksum verification
* fru: Add decoder for multirec system mgmt records
* Fix enterprise-numbers URL
* Update issue templates
==== java-11-openjdk ====
Version update (11.0.19.0 -> 11.0.20.0)
Subpackages: java-11-openjdk-headless
- Upgrade to upstream tag jdk-11.0.20+8 (July 2023 CPU)
* CVEs
+ CVE-2023-22006, bsc#1213473
+ CVE-2023-22036, bsc#1213474
+ CVE-2023-22041, bsc#1213475
+ CVE-2023-22044, bsc#1213479
+ CVE-2023-22045, bsc#1213481
+ CVE-2023-22049, bsc#1213482
+ CVE-2023-25193, bsc#1207922
* Security fixes
+ JDK-8298676: Enhanced Look and Feel
+ JDK-8300285: Enhance TLS data handling
+ JDK-8300596: Enhance Jar Signature validation
+ JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1
+ JDK-8302475: Enhance HTTP client file downloading
+ JDK-8302483: Enhance ZIP performance
+ JDK-8303376: Better launching of JDI
+ JDK-8304468: Better array usages
+ JDK-8305312: Enhanced path handling
+ JDK-8308682: Enhance AES performance
* Other changes
+ JDK-8171426: java/lang/ProcessBuilder/Basic.java failed with
Stream closed
+ JDK-8178806: Better exception logging in crypto code
+ JDK-8187522: test/sun/net/ftp/FtpURLConnectionLeak.java timed
out
+ JDK-8209167: Use CLDR's time zone mappings for Windows
+ JDK-8209546: Make sun/security/tools/keytool/autotest.sh to
support macosx
+ JDK-8209880: tzdb.dat is not reproducibly built
+ JDK-8213531: Test javax/swing/border/TestTitledBorderLeak.java
fails
+ JDK-8214459: NSS source should be removed
+ JDK-8214807: Improve handling of very old class files
+ JDK-8215015: [TESTBUG] remove unneeded -Xfuture option from
tests
+ JDK-8215575: C2 crash: assert(get_instanceKlass()->is_loaded())
failed: must be at least loaded
+ JDK-8220093: Change to GCC 8.2 for building on Linux at Oracle
+ JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java
fails with AssertionError
+ JDK-8232853: AuthenticationFilter.Cache::remove may throw
ConcurrentModificationException
+ JDK-8243936: NonWriteable system properties are actually
writeable
+ JDK-8246383: NullPointerException in
JceSecurity.getVerificationResult when using Entrust provider
+ JDK-8248701: On Windows generated modules-deps.gmk can
contain backslash-r (CR) characters
+ JDK-8257856: Make ClassFileVersionsTest.java robust to JDK
version updates
+ JDK-8259530: Generated docs contain MIT/GPL-licenced works
without reproducing the licence
+ JDK-8263420: Incorrect function name in
NSAccessibilityStaticText native peer implementation
+ JDK-8264290: Create implementation for
NSAccessibilityComponentGroup protocol peer
+ JDK-8264304: Create implementation for NSAccessibilityToolbar
protocol peer
+ JDK-8265486: ProblemList javax/sound/midi/Sequencer/
/Recording.java on macosx-aarch64
+ JDK-8268558: [TESTBUG] Case 2 in
TestP11KeyFactoryGetRSAKeySpec is skipped
+ JDK-8269746: C2: assert(!in->is_CFG()) failed: CFG Node with
no controlling input?
+ JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile
+ JDK-8275233: Incorrect line number reported in exception
stack trace thrown from a lambda expression
+ JDK-8275721: Name of UTC timezone in a locale changes
depending on previous code
+ JDK-8275735: [linux] Remove deprecated Metrics api (kernel
memory limit)
+ JDK-8276880: Remove java/lang/RuntimeTests/exec/ExecWithDir
as unnecessary
+ JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -
add 4357905
+ JDK-8278434: timeouts in test java/time/test/java/time/format/
/TestZoneTextPrinterParser.java
+ JDK-8280703: CipherCore.doFinal(...) causes potentially
massive byte[] allocations during decryption
+ JDK-8282077: PKCS11 provider C_sign() impl should handle
CKR_BUFFER_TOO_SMALL error
+ JDK-8282201: Consider removal of expiry check in
VerifyCACerts.java test
+ JDK-8282467: add extra diagnostics for JDK-8268184
+ JDK-8282600: SSLSocketImpl should not use user_canceled
workaround when not necessary
+ JDK-8283059: Uninitialized warning in check_code.c with GCC
11.2
+ JDK-8285497: Add system property for Java SE specification
maintenance version
+ JDK-8286398: Address possibly lossy conversions in
jdk.internal.le
+ JDK-8287007: [cgroups] Consistently use stringStream
throughout parsing code
+ JDK-8287246: DSAKeyValue should check for missing params
instead of relying on KeyFactory provider
+ JDK-8287876: The recently de-problemlisted
TestTitledBorderLeak test is unstable
... changelog too long, skipping 104 lines ...
+ regenerate to changed context
==== kdeconnect-kde ====
Subpackages: kdeconnect-kde-zsh-completion
- Require kirigami-addons: used in app/qml/Settings.qml
==== kdump ====
Version update (1.9.3 -> 1.9.5)
upgrade to version 1.9.5
* SELinux: temporary hack for bsc#1213721
- upgrade to version 1.9.4
* fix FADUMP initramfs when not created by mkdumprd
* FADUMP: let dracut de-duplicate initrd by preserving modification times
* mkdumprd: only regenerate FADUMP initrds when needed
* mkdumprd: exit when destination not writable (transactional updates)
* mkdumprd: don't call update-bootloader
==== kernel-firmware ====
Version update (20230707 -> 20230724)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20230724 (git commit 59fbffa9ec8e):
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: add initial SMU 13.0.10 firmware
* amdgpu: add initial SDMA 6.0.3 firmware
* amdgpu: add initial PSP 13.0.10 firmware
* amdgpu: add initial GC 11.0.3 firmware
* linux-firmware: Update AMD fam17h cpu microcode
* linux-firmware: Update AMD cpu microcode
* amdgpu: update green sardine VCN firmware
* amdgpu: update renoir VCN firmware
* amdgpu: update raven VCN firmware
* amdgpu: update raven2 VCN firmware
* amdgpu: update Picasso VCN firmware
* amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs
* Updated NXP SR150 UWB firmware
* wfx: update to firmware 3.16.1
* mediatek: Update mt8195 SCP firmware to support 10bit mode
* i915: update DG2 GuC to v70.8.0
* i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL
* cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models
==== kernel-source ====
Version update (6.4.3 -> 6.4.6)
Subpackages: kernel-64kb kernel-default
- Update
patches.kernel.org/6.4.6-002-x86-cpu-amd-Add-a-Zenbleed-fix.patch
(bsc#1012628 bsc#1213286 CVE-2023-20593).
Add references.
- commit 55520bc
- Linux 6.4.6 (bsc#1012628).
- x86/cpu/amd: Add a Zenbleed fix (bsc#1012628).
- x86/cpu/amd: Move the errata checking functionality up
(bsc#1012628).
- commit cd14b53
- Update config files. (bsc#1213592)
Disable old unmaintained serial drivers
- commit ac1bf5a
- io_uring: Fix io_uring mmap() by using architecture-provided
get_unmapped_area() (bsc#1212773).
- Delete
patches.suse/Revert-io_uring-Adjust-mapping-wrt-architecture-alia.patch.
Replace the temporary fix by an upstream fix.
- commit 2f220f8
- Refresh
patches.suse/of-Preserve-of-display-device-name-for-compatibility.patch.
Update upstream status.
- commit 8817ac3
- Linux 6.4.5 (bsc#1012628).
- security/integrity: fix pointer to ESL data and its size on
pseries (bsc#1012628).
- HID: input: fix mapping for camera access keys (bsc#1012628).
- HID: amd_sfh: Rename the float32 variable (bsc#1012628).
- HID: amd_sfh: Fix for shift-out-of-bounds (bsc#1012628).
- net: lan743x: Don't sleep in atomic context (bsc#1012628).
- net: lan743x: select FIXED_PHY (bsc#1012628).
- ksmbd: add missing compound request handing in some commands
(bsc#1012628).
- ksmbd: fix out of bounds read in smb2_sess_setup (bsc#1012628).
- drm/panel: simple: Add connector_type for innolux_at043tn24
(bsc#1012628).
- drm: bridge: dw_hdmi: fix connector access for scdc
(bsc#1012628).
- drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime
(bsc#1012628).
- swiotlb: always set the number of areas before allocating the
pool (bsc#1012628).
- swiotlb: reduce the number of areas to match actual memory
pool size (bsc#1012628).
- drm/panel: simple: Add Powertip PH800480T013 drm_display_mode
flags (bsc#1012628).
- xen/virtio: Fix NULL deref when a bridge of PCI root bus has
no parent (bsc#1012628).
- netfilter: nf_tables: report use refcount overflow
(bsc#1012628).
- netfilter: conntrack: don't fold port numbers into addresses
before hashing (bsc#1012628).
- ice: Fix max_rate check while configuring TX rate limits
(bsc#1012628).
- ice: Fix tx queue rate limit when TCs are configured
(bsc#1012628).
- igc: Add condition for qbv_config_change_errors counter
(bsc#1012628).
- igc: Remove delay during TX ring configuration (bsc#1012628).
- igc: Add igc_xdp_buff wrapper for xdp_buff in driver
(bsc#1012628).
- igc: Add XDP hints kfuncs for RX hash (bsc#1012628).
- igc: Fix TX Hang issue when QBV Gate is closed (bsc#1012628).
- net/mlx5e: fix double free in mlx5e_destroy_flow_table
(bsc#1012628).
- net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
(bsc#1012628).
- net/mlx5e: fix memory leak in mlx5e_ptp_open (bsc#1012628).
- net/mlx5e: RX, Fix flush and close release flow of regular rq
for legacy rq (bsc#1012628).
- net/mlx5: Register a unique thermal zone per device
(bsc#1012628).
- net/mlx5e: Check for NOT_READY flag state after locking
(bsc#1012628).
- net/mlx5e: TC, CT: Offload ct clear only once (bsc#1012628).
- net/mlx5: Query hca_cap_2 only when supported (bsc#1012628).
- net/mlx5e: RX, Fix page_pool page fragment tracking for XDP
(bsc#1012628).
- igc: set TP bit in 'supported' and 'advertising' fields of
ethtool_link_ksettings (bsc#1012628).
- igc: Include the length/type field and VLAN tag in queueMaxSDU
(bsc#1012628).
- igc: Handle PPS start time programming for past time values
(bsc#1012628).
- blk-crypto: use dynamic lock class for blk_crypto_profile::lock
(bsc#1012628).
- scsi: qla2xxx: Fix error code in qla2x00_start_sp()
(bsc#1012628).
- scsi: ufs: ufs-mediatek: Add dependency for RESET_CONTROLLER
(bsc#1012628).
- bpf: Fix max stack depth check for async callbacks
(bsc#1012628).
- net: mvneta: fix txq_map in case of txq_number==1 (bsc#1012628).
- net: dsa: felix: make vsc9959_tas_guard_bands_update() visible
to ocelot->ops (bsc#1012628).
- net: mscc: ocelot: fix oversize frame dropping for preemptible
TCs (bsc#1012628).
- net/sched: cls_fw: Fix improper refcount update leads to
use-after-free (bsc#1012628).
... changelog too long, skipping 1825 lines ...
- commit f6ca0bc
==== kmod ====
Subpackages: kmod-bash-completion libkmod2
- Use pkgconfig for kmod configuration.
* Delete kmod-Add-config-command-to-show-compile-time-configu.patch
* Add kmod-Add-pkgconfig-file-with-kmod-compile-time-confi.patch,
Provide-fallback-for-successfully-running-make-modules_install.patch
compat-module_directory-module_prefix.patch.
- Refresh usr-lib-modprobe.patch, usr-lib-modules.patch.
- Add configure-Detect-openssl-sm3-support.patch to
fix build with older openssl without SM3 support.
==== lensfun ====
Version update (0.3.3 -> 0.3.4)
Subpackages: lensfun-data liblensfun1
- Update to 0.3.4
Check https://github.com/lensfun/lensfun/releases/tag/v0.3.4 for
the list of new cameras and lenses supported.
* Port apps/setup.py from Python distutils
* CMake: Numerous backports from master
==== lftp ====
- The lftp_wrapper script has been deprecated over 1.5 years ago.
It's time to remove it from the package. [jsc#SLE-17861]
- Dropped patches:
* 0004-Include-config.h-to-detect-gnulib-macros.patch
* add-deprecation-warning-to-lftp-wrapper.patch
- Refreshed patches:
* 0002-Add-content-of-lftp-compat-addfiles.patch.patch
* 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch
* lftp-default-ssl-cipher.patch
==== libapparmor ====
- Add pam_apparmor README, referenced from online cha-apparmor-pam.html
documentation (bsc#1213472)
==== libarchive ====
Version update (3.6.2 -> 3.7.0)
- update to 3.7.0
* bsdunzip port from FreeBSD
* fix 2 year 2038 issues
==== libgexiv2 ====
Version update (0.14.1 -> 0.14.2)
- Update to version 0.14.2:
+ Make compatible with exiv2 0.28 or later.
+ Fix double free if creation of meta-data fails.
+ Fix floating point compare in tests.
- Drop patches fixed upstream:
+ 06adc8fb70cb8c77c0cd364195d8251811106ef8.patch
+ fix-32bit-compat.patch
==== libnvme ====
Subpackages: libnvme-mi1 libnvme1
- Fix build with meson 1.2.0
==== libqb ====
Version update (2.0.7+20230607.06c8641 -> 2.0.8+20230721.002171b)
- Update to version 2.0.8+20230721.002171b (v2.0.8):
- log: fix potential overflow with long log messages (gh#ClusterLabs/libqb#490)
==== libqt5-qtwebengine ====
- build with older re2 on Tumbleweed, the upcoming re2 2023-07-01
breaks qtwebengine
==== librsvg ====
Version update (2.56.1 -> 2.56.3)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.56.3:
+ This is a security release for bug glgo#GNOME/librsvg#996.
- glgo#GNOME/librsvg#996: Fix arbitrary file read when href has
special characters.
- glgo#GNOME/librsvg#998: Fix cascade for symbol elements being
referenced from use elements.
==== libshumate ====
Version update (1.0.4 -> 1.0.5)
Subpackages: libshumate-1_0-1 typelib-1_0-Shumate-1_0
- Update to version 1.0.5:
+ Don't defer frame clock when widget is unrealized.
==== libva ====
Version update (2.18.0 -> 2.19.0)
Subpackages: libva-drm2 libva-wayland2 libva-x11-2 libva2
- Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
==== libva-gl ====
Version update (2.18.0 -> 2.19.0)
- Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
==== libvirt ====
Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs
- CVE-2023-3750: storage: Fix returning of locked objects from
'virStoragePoolObjListSearch'
bsc#1213447
==== libxcrypt ====
Version update (4.4.35 -> 4.4.36)
Subpackages: libcrypt1 libxcrypt-devel
- Update to 4.4.36
* Fix left over bits failing with Perl v5.38.0
==== libzypp ====
Version update (17.31.15 -> 17.31.17)
- Fix wrong filesize exceeded dl abort in zyppng::Downloader
(bsc#1213673)
In some cases when downloading very small files we can run into
issues when the URL is protected by credentials.
- version 17.31.17 (22)
- Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231)
- NetworkRequestManager: assert cookie file has mode 0600
(bsc#1158763)
- Don't cleanup orphaned dirs if read-only mode was promised
(bsc#1210740)
- version 17.31.16 (22)
==== lilv ====
- Actually package the __pycache__ that appears when building using
meson 1.2.0.
- Avoid __pycache__ directory with meson 1.2.0
==== man ====
- Remove harden_man-db.service.patch as already done upstream
at the end of the service file man-db.service
- Add man-propose-online.patch: if patch was not found locally,
propose to read it online, offering a URL where it could possibly
be found.
==== mdadm ====
- mdadm.spec: replace transitional %usrmerged macro with regular
version check (boo#1206798)
==== miniupnpc ====
Version update (2.2.4 -> 2.2.5)
- update to 2.2.5:
* GetListOfPortMappings NewStartPort 0 => 1
* CheckPinholeWorking is optional
* add 60x errors from UPnP Device Architecture
* cmake: install binaries, man pages and external-ip.sh
- drop python2 support
==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools
- Fix file conflict for pp manual page [bsc#1213281]
==== ncurses ====
Version update (6.4.20230701 -> 6.4.20230715)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20230715
+ correct wadd_wch_literal() when adding a non-spacing character to a
double-width character.
+ improve manual page for curs_util.
+ improve manual page for wadd_wch().
- Add ncurses patch 20230708
+ add linux+kbs for terminals which imitate xterm's behavior with
Linux -TD
+ modify MinGW driver to return KEY_BACKSPACE when an unmodified
VK_BACK virtual key is entered (prompted by patch by Pavel Fedin,
Savannah #64292).
+ disallow using $TERMINFO or $HOME/.terminfo when tic "-o" option is
used (report by Sven Joachim, Debian #1040048).
- Port the patch ncurses-6.4.dif
==== netcontrol ====
- Fix EOF handling in xml-reader to avoid `virsh iface-*` commands
hang on aarch64 (bsc#1213349)
[+ 0001-xml-reader-fix-xml_getc-and-xml_ungetc.patch,
+ 0002-xml-reader-allow-uppercase-for-lt-gt-and-amp-expansi.patch]
==== nftables ====
Version update (1.0.7 -> 1.0.8)
Subpackages: libnftables1 python3-nftables
- Update to release 1.0.8
* Support for setting meta and ct mark from other fields in
rules, e.g. set meta mark to ip dscp header field.
* Enhacements for -o/--optimize to deal with NAT statements, to
compact masquerade statements.
* Support for stateful statements in anonymous maps, such as
counters.
* Support for resetting stateful expressions in sets, maps and
elements, e.g. counters.
* broute support to short-circuit bridge logic from the bridge
prerouting hook and pass up packets to the local IP stack.
* JSON support for table and chain comments.
- Added 0001-Revert-py-replace-distutils-with-setuptools.patch
==== nghttp2 ====
Version update (1.54.0 -> 1.55.1)
- update to 1.55.1:
* Fix memory leak
This commit fixes memory leak that happens when
PUSH_PROMISE or HEADERS frame cannot be sent, and
nghttp2_on_stream_close_callback fails with a fatal error.
For example, if GOAWAY frame has been received, a
HEADERS frame that opens new stream cannot be sent.
This issue has already been made public via CVE-2023-35945
by envoyproxy/envoy project. During embargo period, the
patch to fix this bug was accidentally submitted to
nghttp2/nghttp2 repository [2]. And they decided to
disclose CVE early. I was notified just 1.5 hours
before disclosure. I had no time to respond.
PoC described in [1] is quite simple, but I think it is
not enough to trigger this bug. While it is true that
receiving GOAWAY prevents a client from opening new stream,
and nghttp2 enters error handling branch, in order to cause
the memory leak, nghttp2_session_close_stream function
must return a fatal error.
NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of
memory. It is unlikely that a process gets short of
memory with this simple PoC scenario unless application
does something memory heavy processing.
* NGHTTP2_ERR_CALLBACK_FAILURE is returned from application
defined callback function (nghttp2_on_stream_close_callback, in
this case), which indicates something fatal happened inside a
callback, and a connection must be closed immediately without
any further action. As nghttp2_on_stream_close_error_callback
documentation says, any error code other than 0 or
NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal
error code. More specifically, it is treated as if
NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that
envoy returns
NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is
translated into NGHTTP2_ERR_CALLBACK_FAILURE.
https://github.com/envoyproxy/envoy/security/advisories/GHSA-
jfxv-29pc-x22r
==== openssh ====
Version update (9.3p1 -> 9.3p2)
Subpackages: openssh-clients openssh-common openssh-server
- Update to openssh 9.3p2 (bsc#1213504, CVE-2023-38408):
Security
========
Fix CVE-2023-38408 - a condition where specific libaries loaded via
ssh-agent(1)'s PKCS#11 support could be abused to achieve remote
code execution via a forwarded agent socket if the following
conditions are met:
* Exploitation requires the presence of specific libraries on
the victim system.
* Remote exploitation requires that the agent was forwarded
to an attacker-controlled system.
Exploitation can also be prevented by starting ssh-agent(1) with an
empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring
an allowlist that contains only specific provider libraries.
This vulnerability was discovered and demonstrated to be exploitable
by the Qualys Security Advisory team.
In addition to removing the main precondition for exploitation,
this release removes the ability for remote ssh-agent(1) clients
to load PKCS#11 modules by default (see below).
Potentially-incompatible changes
- -------------------------------
* ssh-agent(8): the agent will now refuse requests to load PKCS#11
modules issued by remote clients by default. A flag has been added
to restore the previous behaviour "-Oallow-remote-pkcs11".
Note that ssh-agent(8) depends on the SSH client to identify
requests that are remote. The OpenSSH >=8.9 ssh(1) client does
this, but forwarding access to an agent socket using other tools
may circumvent this restriction.
==== openssh-askpass-gnome ====
Version update (9.3p1 -> 9.3p2)
- Update to openssh 9.3p2
* No changes for askpass, see main package changelog for
details
==== openssl-1_1 ====
Subpackages: libopenssl1_1
- Security fix: [bsc#1213487, CVE-2023-3446]
* Fix DH_check() excessive time with over sized modulus.
* The function DH_check() performs various checks on DH parameters.
One of those checks confirms that the modulus ("p" parameter) is
not too large. Trying to use a very large modulus is slow and
OpenSSL will not normally use a modulus which is over 10,000 bits
in length.
However the DH_check() function checks numerous aspects of the
key or parameters that have been supplied. Some of those checks
use the supplied modulus value even if it has already been found
to be too large.
A new limit has been added to DH_check of 32,768 bits. Supplying
a key/parameters with a modulus over this size will simply cause
DH_check() to fail.
* Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch
==== openssl-3 ====
Subpackages: libopenssl3
- Security fix: [bsc#1213487, CVE-2023-3446]
* Fix DH_check() excessive time with over sized modulus.
* The function DH_check() performs various checks on DH parameters.
One of those checks confirms that the modulus ("p" parameter) is
not too large. Trying to use a very large modulus is slow and
OpenSSL will not normally use a modulus which is over 10,000 bits
in length.
However the DH_check() function checks numerous aspects of the
key or parameters that have been supplied. Some of those checks
use the supplied modulus value even if it has already been found
to be too large.
A new limit has been added to DH_check of 32,768 bits. Supplying
a key/parameters with a modulus over this size will simply cause
DH_check() to fail.
* Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch
- Security fix: [bsc#1213383, CVE-2023-2975]
* AES-SIV implementation ignores empty associated data entries
* Add openssl-CVE-2023-2975.patch
==== ovmf ====
Version update (202302 -> 202305)
Subpackages: qemu-uefi-aarch64
- Removed the following patches because they are not necessary and
they blocked for submit to openSUSE:Factory. (bsc#1205978)
ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformAddHobCB.patch
ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformGetLowMem.patch
ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformReservati.patch
ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformScanE820-.patch
ovmf-Revert-OvmfPkg-PlatformInitLib-reorder-PlatformQemuU.patch
- Add openssl.keyring.README to shim.spec as Source113 to avoid
erroe when submit to openSUSE:Factory
- Enable support for riscv64
- Update to edk2-stable202305 (bsc#1205588)
- Features (https://github.com/tianocore/edk2/releases):
Expose IBT/BTI compatible runtime DXE drivers via memory attributes table
Update toolchain support
MdePkg: Support FDT library
Add google mocks support to UnitTestFrameworkPkg GoogleTestLib
Platform Redfish Host Interface library for USBNIC
[OpenSSL] Update OpenSSL version to version 1.1.1t to include CVE fix
Replace pre-standard FUNCTION with C99 func throughout edk2
Implement EFI memory attributes protocol for ARM platforms
Add TraceHubLib Support
- Patches (git log --oneline --date-order edk2-stable202302..edk2-stable202305):
ba91d0292e MdeModulePkg/Core/Pei: set AprioriCount=0 before walking through next FV
5ce29ae84d ArmPkg/ArmMmuLib AARCH64: Add missing ISB after page table update
c5cf7f69c9 pip-requirements.txt: Update edk2 pip modules
0abfb0be6c OvmfPkg: RiscVVirt: Add missing SerialPortInitialize to Sec
45da4e3135 MdePkg: add SBI-based SerialPortLib for RISC-V
2900e75511 MdePkg: BaseRiscVSbiLib: make more useful to consumers
cafb4f3f36 UefiPayloadPkg: Fix boot shell issue for universal UEFI payload
80bc13db83 Maintainers.txt: Update reviewers and maintainers for FdtLib.
d322557712 BaseTools/tools_def: Disable overzealous unused variable warning on Clang
e2607d3a78 BaseTools/tools_def: Drop ref to undefined CLANGDWARF_ARM_PREFIX
0b37723186 ShellPkg/UefiShellDebug1CommandsLib: Replace hardcoded SMBIOS strings.
2d4c76f783 MdePkg/IndustryStandard: Add SMBIOS anchor string & length defines.
c08a3a96fd MdePkg/IndustryStandard: Add IPMI Interface Capabilities definitions
083b029538 MdePkg: Add new PCDs for IPMI SSIF
dea6c7dc2a MdePkg/IndustryStandard: Add definitions for IPMI SSIF
0a0e60caf2 Maintainers.txt: Update reviewers and maintainers for TraceHubDebugLib.
0f0422cedc MdeModulePkg: Add TraceHubDebugSysTLib library
3d50fdc5c6 MdePkg: Add NULL library of TraceHubDebugSysTLib
c6bb7d54be MdePkg: Add MipiSysTLib library
782948c1a7 MdePkg: Add mipisyst submodule
6dd64168ed BaseTools/Plugin: Too many execute files cause "cmd too long" failure
c6382ba0f2 SecurityPkg: Add missing break in Tpm2TestParms
77f75c7fb8 BaseTools: Update Tests/TestTools.py to allow it to work on Windows
b9bbb4ae93 BaseTools: only print the environment once in toolsetup.bat
dd246227d6 BaseTools: Update toolsetup.bat to not use BASETOOLS_PYTHON_SOURCE
f47415e031 BaseTools: Revert Set the CLANGDWARF OBJCOPY path in tools_def.template
6fb2760dc8 OvmfPkg: drop PlatformBootManagerLibGrub
81dc0d8b4c OvmfPkg/AmdSev: stop using PlatformBootManagerLibGrub
63887e272d OvmfPkg/NvVarsFileLib: disable in case PcdBootRestrictToFirmware is set
41d7832db0 OvmfPkg/PlatformBootManagerLib: add PcdBootRestrictToFirmware
e6447d2a08 Remove bashisms from edksetup.sh and BaseTools/BuildEnv
373a95532a BaseTools: Remove the CLANGCC build rule for Hii-Binary-Package.UEFI_HII
ecbc394365 BaseTools: Set CLANGDWARF RC path to llvm-objcopy in tools_def.template
11f62f4cc0 BaseTools: Set the CLANGDWARF OBJCOPY path in tools_def.template
c6f47e678f BaseTools: Remove BUILDRULEFAMILY from CLANGDWARF in tools_def.template
9165a7e95e CryptoPkg: Delete CLANG35 and CLANG38 build flags; add CLANGDWARF flags
e97b9b4e5a MdePkg: Add more HobLib/PeiServicesLib gmock support
25c9d44315 MdeModulePkg: Add more PciHostBridgeLib gmock support
bee67e0c14 OvmfPkg: Relax assertion that interrupts do not occur at TPL_HIGH_LEVEL
ae0be176a8 OvmfPkg: Clarify invariants for NestedInterruptTplLib
5215cd5baf BaseTools: Update toolsetup.bat and Tests/PythonTest.py to check ver
e6de6052a0 edksetup.bat: if toolsetup.bat fails, just exit
11ec5161fa BaseTools: use threading.current_thread in NmakeSubdirs.py
db7e6291c0 BaseTools: Remove Python2/Python3 detection from toolset.bat
6eeb58ece3 RedfishPkg: Fix compile issue on Linux
665fca9ee7 RedfishPkg: Add missing newline character
a1f6485a9b RedfishPkg: Create RestEx child on selected interface
05762bd2e0 RedfishPkg: Fix condition checking of error status
c580e27efc RedfishPkg: Correct variable type to prevent memory corruption
d89492456f Securitypkg/hddpassword: Update HddPasswordDxeInit to use Variable Policy
8dbf868e02 Add volatile keyword to NvmExpressPei's Passthru CQ
293b97d0c4 Add the volatile keyword to NvmExpressDxe's Passthru CQ
4dea9e4a0e BaseTools/Conf: Add quotes to ADDDEBUGFLAG in tools_def.txt
8e985ac3fd BaseTools/Conf: Align CLANGDWARF and CLANGPDB warning overrides
66494e5324 MdeModulePkg/CapsuleApp: Add EFIAPI to CompareFileNameInAlphabet()
eabaeb0613 OvmfPkg: move OvmfTpmDxe.fdf.inc to Include/Fdf
8bca1bb977 OvmfPkg: move OvmfTpmPei.fdf.inc to Include/Fdf
b65c0eed6b BaseSynchronizationLib: Fix LoongArch64 synchronization functions
757f502a3b BaseTools/Conf/tools_def.template: Bump VERSION to 3.00
050d6e9434 BaseTools: Delete CLANG38 from tools_def.template
128547b081 BaseTools: Remove CLANG35 toolchain from tools_def.template
4ef4b81c9b BaseTools: As with CLANGDWARF IA32 and X64, use lld for ARM and AARCH64
98edce75fa BaseTools: Add ARM and AARCH64 CLANGDWARF support in tools_def.template
0fc07b1c6a BaseTools/Conf/tools_def.template: Add section for deprecated toolchains
01225075db Add GCC and GCCNOLTO toolchains to tools_def.txt and update packages
66803cafcf BaseTools: Update VS toolchain descriptions in tools_def.txt.template
d7c6030a47 BaseTools: Remove EBC (EFI Byte Code) compiler definitions
8b441847e3 BaseTools: Remove unused IPHONE_TOOLS and SOURCERY_CYGWIN_TOOLS defs
ba634ce82b edksetup.bat: Remove VS2008-VS2013 remnants
c844d86bee MdePkg: Remove VS2008-VS2013 remnants
c3ac3301e9 BaseTools: Remove VS2008-VS2013 remnants
0363584ac9 BaseTools: Remove VS2008, 2010, 2012 and 2013 toolchain definitions
94c802e108 MdePkg/BasePeCoffLib: Deal with broken debug directories
ff7cb2d7c9 .pytool: Support FDT library.
5d586606c7 MdePkg: Support FDT library.
10416bf46e Tianocore: Support FDT library.
d992a05ade Maintainers.txt: Update for IntelFsp2Pkg and IntelFsp2WrapperPkg.
... changelog too long, skipping 312 lines ...
issue be fixed.
==== perl-File-Listing ====
Version update (6.15 -> 6.160.0)
- updated to 6.16
see /usr/share/doc/packages/perl-File-Listing/Changes
6.16 2023-07-12 15:22:25 -0600
- Support dosftp listings with four-digit years (gh#3, gh#26)
==== perl-XML-LibXML ====
Version update (2.0208 -> 2.0209)
- Added versions to 'Provides' lines after fixing a bug in cpanspec
- updated to 2.0209
see /usr/share/doc/packages/perl-XML-LibXML/Changes
2.0209 2023-07-15
- t/35huge_mode.t: fix test with libxml2 2.11
- thanks to Dominique Martinet
- Add clearer reference to using cloneNode to extract node with namespaces
- thanks to Timothy Legge
- initialize xmlValidCtxt
- thanks to Alexander Bluhm
==== perl-libwww-perl ====
Version update (6.71 -> 6.720.0)
- updated to 6.72
see /usr/share/doc/packages/perl-libwww-perl/Changes
6.72 2023-07-17 22:01:19Z
- Don't mangle protocol scheme and don't require it to be valid if
implementor is already known (GH#436) (mwgamera)
==== php8 ====
Version update (8.2.7 -> 8.2.8)
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter
- version update to 8.2.8
* This is a bug fix release.
* https://www.php.net/ChangeLog-8.php#8.2.8
- modified patches
% php-sort-filelist-phar.patch (refreshed)
==== pipewire ====
Version update (0.3.74 -> 0.3.76)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 0.3.76:
* Highlights
- Fix a regression that would cause the MPV pipewire backend
to fail because of a spurious thread-loop signal.
- Fix a crash when DBus is not found.
- ALSA hires timestamps are now disabled by default.
- Some more fixes and improvements.
* PipeWire
- A new option was added to pw-thread-loop to signal when the
thread starts.
- This is only used in module-rt to avoid regressions in mpv.
(#3374)
- Fix a compilation problem.
- Stream flags now only set the properties when not already
set. This fixes a regression with node autoconnect. (#3382)
* Tools
- pw-cat will now stop when the stream is disconnected. (#2731)
- Improve the pw-cat man page, mention that stdin/stdout
handling is only on raw data.
* modules
- module-rt will now not crash when dbus is not available but
error out as before.
- A new VBAN (vb-audio.com) sender and receiver was added.
(#3380)
* SPA
- Add an option in audioconvert to disable volume updates.
(#3361)
- ALSA hires timestamps are disabled by default because many
drivers seem to give wrong timestamps and cause extra delay.
* bluetooth
- LE Audio support is now enabled by default when liblc3 is
available now that bluez has support for detecting the
hardware features.
- Add code in the spec file to modify the patch file
reduce-meson-dependency.patch (used to build in SLE/Leap) so that
we don't need to rebase it manually for every version update.
- Use gcc 11 in SLE/Leap since gcc 9 fails to build 0.3.75 with
../spa/include/spa/utils/cleanup.h:52:13: error: dereferencing pointer to incomplete type âDIRâ {aka âstruct __dirstreamâ}
52 | __typeof__(*(ptr)) *_old_value = spa_steal_ptr(ptr); \
- Update to version 0.3.75:
* Highlights
- Link permissions between nodes are now enforced. This avoids
potential portal managed screencast nodes to link to the
camera even though it was not assigned permissions to do so
by the session manager (boo#1213682).
- Libcamera and v4l2 devices now have properties so that
duplicates can be filtered out by the session manager.
- A bug with draining was fixed where a buffer would be marked
EMPTY and would not play when it contained drained samples.
- Many fixes and improvements.
* PipeWire
- Permissions for links between nodes are now enforced. The
link will now check that the owner clients of the nodes can
see each other before allowing the link. This avoids
screensharing clients to accidentally being linked to the
camera nodes by the session manager. A side effect is that
patchbay tools will no longer be able to link portal managed
screencast nodes to the camera, for this we need a new
permission for those patchbay clients.
- The stream.rules/filter.rules are now evaluated when
connecting the stream/filter so that more properties can be
matched.
- Move some internal events from the context to the nodes to
better handle per-node threads in the future.
- The thread-loop will now signal when the thread is started.
* modules
- A timestamp workaround in module-raop was reverted because it
does not work in all cases. Instead latency was increased to
1.5 seconds, which also makes the problematic device in
question work.
- The profiler module was reworked a bit to use the new node
realtime events. It should now also handle dynamically added
and removed drivers.
- The module-rt now does the rtkit calls from a separate thread
so that it does not block the main thread. This could cause
deadlocks during startup in some cases.
* SPA
- Atomic operation macros were move from internal pipewire API
to public API.
- The video-info structure now has a new
SPA_VIDEO_FLAG_MODIFIER_FIXATION_REQUIRED flag to instruct
the application to fixate the modifiers. This simplifies some
logic in applications a lot.
- The libcamera and v4l2 nodes now have properties to enumerate
the device id they are using. This can be used to match v4l2
devices and libcamera devices and filter out duplicates.
- A bug with draining was fixed where a buffer would be marked
EMPTY and would not
==== publicsuffix ====
Version update (20230709 -> 20230717)
- Update to version 20230717:
* Domains are removed `hidora.com`, `users.scale.virtualcloud.com.br`, `clicketcloud.com` (#1598)
* Add storipress.app (#1583)
==== python-SQLAlchemy ====
Version update (2.0.16 -> 2.0.19)
- update to 2.0.19:
* Various bugfixes, see
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.19
==== python-mysqlclient ====
- Drop sphinx doctrees for reproducible builds
==== python-py ====
- Skip tests failing with pytest 7.4, they don't matter
* failure comes from py.core, which has low usage
* https://github.com/pytest-dev/py/issues/288
* according to that this code is not used in Tumbleweed anyway
==== python-pycairo ====
Version update (1.23.0 -> 1.24.0)
- update to 1.24.0:
* Dropped Python 3.7 support
* Bumped meson version requirement from 0.53.0 to 0.56.0
* Various cairo dependency updates for the Windows wheel build
* Various code cleanups :pr:`306`
* Added Python 3.12 Windows wheels
==== python-pygit2 ====
Version update (1.11.1 -> 1.12.2)
- Update to version 1.12.2:
+ Update wheels to bundle libssh2 1.11.0 and OpenSSL 3.0.9.
Remove obsolete Remote.save().
- Changes from version 1.12.1:
+ Fix segfault in signature when encoding is incorrect.
+ Typing improvements.
+ Update wheels to libgit2 v1.6.4.
- Changes from version 1.12.0:
+ Upgrade to libgit2 v1.6.3.
+ Update Linux wheels to bundle OpenSSL 3.0.8.
+ Downgrade Linux wheels to manylinux2014.
+ New ConflictCollection.__contains__.1
+ New Repository.references.iterator(...).
+ New favor, flags and file_flags optional arguments for
Repository.merge(...).
+ New keep_all and paths optional arguments for
Repository.stash(...).
+ New Respository.state().
+ Improve Repository.write_archive(...) performance.
+ Sync type annotations.
- Drop support-libgit2-1.6.patch: fixed upstream.
- Add support-libgit2-1.7.patch: support libgit2 1.7.0.
==== python-reportlab ====
- Add %{?sle15_python_module_pythons}
==== python-rich ====
- %{?sle15_python_module_pythons} mut be at beginning to work.
==== python-urllib3 ====
Version update (2.0.3 -> 2.0.4)
- update to 2.0.4:
* Added support for union operators to ``HTTPHeaderDict``
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
``http.client.connect`` audit event to have the same behavior
as the standard library HTTP client
* Relied on the standard library for checking hostnames in
supported PyPy releases
==== python-zope.event ====
- Drop sphinx doctrees for reproducible builds
==== python-zope.hookable ====
- Drop sphinx doctrees for reproducible builds
==== python-zope.i18nmessageid ====
- Drop sphinx doctrees for reproducible builds
==== qalculate ====
Version update (4.6.1 -> 4.7.0)
Subpackages: libqalculate22 qalculate-data
- version update to 4.7.0
* Support for custom default angle unit, e.g. turn, arcsec, arcmin
* Append default angle unit (instead of always radians) when converting
value without unit to angle unit
* More consistent addition and removal of angle unit from function arguments
* Always interpret ./, .*, and .^ as entrywise operators if user intention is unclear
* Change order of operations to place entrywise and ordinary operators on
the same precedence level
* Add function, kron(), for Kronecker product, and constants for Pauli matrices
* Add radius to planets dataset and update other properties
* Support replacement of unknown variables within variable values
* Fix besselj(0, 0)
* Fix incomplete calculation in tan() with try exact approximation
* Fix 0/0=0 equality (do not return true) and output of 2/0 (and similar)
* Fixes and improvements for newtonsolve() and secantsolve()
* Fix segfault when MathStructure is deleted after Calculator, and in destructor
of calculated DynamicVariable (called from Calculator destructor)
* Do not save mode on exit if "-defaults" command line switch where used (CLI)
* Allow multiple actions for keyboard shortcuts (GTK, Qt)
* Add toggle precision, and min, max, or min and max decimals to available
shortcut and button actions (GTK, Qt)
* Add option to exclude units for unformatted ASCII copy (GTK, Qt)
* Add optional value to copy result action, allowing expression copy and
formatting selection (GTK, Qt)
* Fix copy unformatted ASCII when local digit group separator is same as selected
decimal separator (GTK, Qt)
* Add option to automatically copy result (Qt)
* Always set (primary) selection clipboard contents when whole expression is
selected or selection is cleared, e.g. after calculation (Qt)
* Improve support dark mode and high contrast modes, and change default style
to Fusion, on Windows (Qt)
* Minor bug fixes and feature enhancements
==== qca-qt5 ====
Version update (2.3.6 -> 2.3.7)
Subpackages: libqca-qt5-2 qca-qt5-plugins
- Update to 2.3.7
* OpenSSL3: don't quit if legacy provider is unavailable
==== qemu ====
Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios
- Fix bsc#1179993, bsc#1181740, bsc#1213001
- Patches added:
* hw/ide/piix: properly initialize the BMIBA register
* ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
==== qt6-base ====
Version update (6.5.1 -> 6.5.2)
Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3
- Use a mirror to download sources for all Qt packages. Upstream
servers are very slow since a couple weeks.
- Update to 6.5.2
* https://www.qt.io/blog/qt-6.5.2-released-1
- Drop patches, merged upstream:
* 0001-Schannel-Reject-certificate-not-signed-by-a-configur.patch
* 0001-Ssl-Copy-the-on-demand-cert-loading-bool-from-defaul.patch
* 0001-tabbar-fix.patch
- Add patch:
* CVE-2023-38197-qtbase-6.5.diff (boo#1213326, CVE-2023-38197)
==== qt6-declarative ====
Version update (6.5.1 -> 6.5.2)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports
- Update to 6.5.2
* https://www.qt.io/blog/qt-6.5.2-released-1
==== qt6-imageformats ====
Version update (6.5.1 -> 6.5.2)
- Update to 6.5.2
* https://www.qt.io/blog/qt-6.5.2-released-1
==== qt6-translations ====
Version update (6.5.1 -> 6.5.2)
- Update to 6.5.2
* https://www.qt.io/blog/qt-6.5.2-released-1
==== qt6-wayland ====
Version update (6.5.1 -> 6.5.2)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.5.2
* https://www.qt.io/blog/qt-6.5.2-released-1
==== raspberrypi-firmware-dt ====
- Update 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch description
- Use compatible string which is supported by spidev module (bsc#1212791):
* 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch
==== rdma-core ====
Version update (45.0 -> 47.0)
Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd
- Update to v47.0
- Fixes for all providers
==== re2-10 ====
- legacy lib package forked from re2, for libqt5-qtwebengine
==== rsync ====
- Add support directory to %docdir.
Includes some upstream provided scripts such as rrsync. (bsc#1212198)
==== rubygem-rack-2.2 ====
Version update (2.2.7 -> 2.2.8)
- update to version 2.2.8
* Limit file extension length of multipart tempfiles (https://github.com/rack/rack/pull/2069)
* Fix inefficient assert pattern in Rack::Lint (https://github.com/rack/rack/pull/2101)
==== samba ====
Version update (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs
- Update to 4.18.5
* CVE-2022-2127: lm_resp_len not checked properly in
winbindd_pam_auth_crap_send; (bso#15072); (bsc#1213174).
* CVE-2023-34966: Samba Spotlight mdssvc RPC Request Infinite
Loop Denial-of-Service Vulnerability; (bso#15340); (bsc#1213173).
* CVE-2023-34967: Samba Spotlight mdssvc RPC Request Type
Confusion Denial-of-Service Vulnerability; (bso#15341); (bsc#1213172).
* CVE-2023-34968: Spotlight server-side Share Path Disclosure;
(bso#15388); (bsc#1213171).
* CVE-2023-3347: Samba doesn't require SMB2+ signing if
`server signing = mandatory` is set; (bso#15397); (bsc#1213170).
* secure channel faulty since Windows 10/11 update 07/2023;
(bso#15418); (bsc#1213384).
- Update to 4.18.4
* Backport --pidl-developer fixes; (bso#15404).
* Named crashes on DLZ zone update; (bso#14030).
* smbcacls and smbcquotas do not check // before the server;
(bso#2312).
* cli_list loops 100% CPU against pre-lanman2 servers;
(bso#15382).
* smbclient leaks fds with showacls; (bso#15391).
* smbd returns NOT_FOUND when creating files on a r/o
filesystem; (bso#15402).
* NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry
and causes test timeouts; (bso#15355).
* net ads lookup (with unspecified realm) fails; (bso#15384).
* Register Samba processes with GPFS; (bso#15381).
* Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation); (bso#15390).
* The winbind child segfaults when listing users with `winbind
scan trusted domains = yes`; (bso#15398).
* Remove comments about deprecated 'write cache size';
(bso#15383).
* smbget memory leak if failed to download files recursively;
(bso#15403).
==== sdbootutil ====
Version update (1+git20230717.dac075e -> 1+git20230727.a0e666f)
Subpackages: sdbootutil-snapper
- Update to version 1+git20230727.a0e666f:
* Set and honor $SYSTEMD_ESP_PATH
* rpm-script: don't remove kernel on reinstalls
- Update to version 1+git20230726.a994d2e:
* Fix installing extra kernels in MicroOS
* Replace file triggers with scriptlet
* Fix cleanup of rollback files
* Don't install unchanged files
* Add is-bootable and list-kernels commands
* Add ARCHITECTURE.md which explains how the setup works
* Add default loader config when installed
==== selinux-policy ====
Version update (20230622 -> 20230728)
Subpackages: selinux-policy-targeted
- Update to version 20230728:
* Allow kdump_t to manage symlinks under kdump_var_lib_t (bsc#1213721)
* allow haveged to manage tmpfs directories (bsc#1213594)
==== shotwell ====
Version update (0.32.1 -> 0.32.2)
- Update to version 0.32.2:
+ Fix using wrong data folder when starting profile through
browser
+ Fix sendto in flatpak environment
+ Support HEIF files with HIF extension
+ Fix meta-data being written in a loop
+ Fix detecting false mtime changes
+ Fix broken aspect ratio of thumbnail when using external
editors
+ Fix critical when exporting file with no exposure date
+ Fix minor leak in Flickr and Google authenticators
+ Enable C&P of paths in profile editor
+ Updated translations.
==== sudo ====
Version update (1.9.13p3 -> 1.9.14p1)
Subpackages: sudo-plugin-python
- Update to 1.9.14p1:
* Fixed an invalid free bug in sudo_logsrvd that was introduced
in version 1.9.14 which could cause sudo_logsrvd to crash.
* The sudoers plugin no longer tries to send the terminal name
to the log server when no terminal is present. This bug was
introduced in version 1.9.14.
* Fixed a bug where if the "intercept" or "log_subcmds" sudoers
option was enabled and a sub-command was run where the first
entry of the argument vector didn't match the command being run.
This resulted in commands like "sudo su -" being killed due to
the mismatch. Bug #1050.
* The sudoers plugin now canonicalizes command path names before
matching (where possible). This fixes a bug where sudo could
execute the wrong path if there are multiple symbolic links with
the same target and the same base name in sudoers that a user is
allowed to run. GitHub issue #228.
* Improved command matching when a chroot is specified in sudoers.
The sudoers plugin will now change the root directory id needed
before performing command matching. Previously, the root directory
was simply prepended to the path that was being processed.
* When NETGROUP_BASE is set in the ldap.conf file, sudo will now
perform its own netgroup lookups of the host name instead of
using the system innetgr(3) function. This guarantees that user
and host netgroup lookups are performed using the same LDAP
server (or servers).
* Fixed a bug introduced in sudo 1.9.13 that resulted in a missing
" ; " separator between environment variables and the command
in log entries.
* The visudo utility now displays a warning when it ignores a file
in an include dir such as /etc/sudoers.d.
* When running a command in a pseudo-terminal, sudo will initialize
the terminal settings even if it is the background process.
Previously, sudo only initialized the pseudo-terminal when running
in the foreground. This fixes an issue where a program that
checks the window size would read the wrong value when sudo was
running in the background.
* Fixed a bug where only the first two digits of the TSID field
being was logged. Bug #1046.
* The "log_pty" sudoers option is now enabled by default. To
restore the historic behavior where a command is run in the
user's terminal, add "Defaults !use_pty" to the sudoers file.
GitHub issue #258.
* Sudo's "-b" option now works when the command is run in a
pseudo-terminal.
* When disabling core dumps, sudo now only modifies the soft limit
and leaves the hard limit as-is. This avoids problems on Linux
when sudo does not have CAP_SYS_RESOURCE, which may be the case
when run inside a container. GitHub issue #42.
* Sudo configuration file paths have been converted to colon-separated
lists of paths. This makes it possible to have configuration
files on a read-only file system while still allowing for local
modifications in a different (writable) directory. The new
- -enable-adminconf configure option can be used to specify a
directory that is searched for configuration files in preference
to the sysconfdir (which is usually /etc).
* The "intercept_verify" sudoers option is now only applied when
the "intercept" option is set in sudoers. Previously, it was
also applied when "log_subcmds" was enabled.
* The NETGROUP_QUERY ldap.conf parameter can now be disabled for
LDAP servers that do not support querying the nisNetgroup object
by its nisNetgroupTriple attribute, while still allowing sudo to
query the LDAP server directly to determine netgroup membership.
* Fixed a long-standing bug where a sudoers rule without an explicit
runas list allowed the user to run a command as root and any
group instead of just one of the groups that root is a member
of. For example, a rule such as "myuser ALL = ALL" would permit
"sudo -u root -g othergroup" even if root did not belong to
"othergroup".
* Fixed a bug where a sudoers rule with an explicit runas list
allowed a user to run sudo commands as themselves. For example,
a rule such as "myuser ALL = (root) ALL", "myuser" should only
allow commands to be run as root (optionally using one of root's
groups). However, the rule also allowed the user to run
"sudo -u myuser -g myuser command".
* Fixed a bug that prevented the user from specifying a group on
the command line via "sudo -g" if the rule's Runas_Spec contained
a Runas_Alias.
* Sudo now requires a C compiler that conforms to ISO C99 or higher
to build.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-coredump udev
- Drop 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
/etc/hostname is supposed to contain the static host name of the system. This
patch was used to work around cases where users incorrectly save the FQDN
instead. However this is incorrect and not consistent with what
systemd-hostnamed does and what other distributions do. Also assuming that
/etc/hostname will contain the system host name only removes any ambiguities
since the host name can contain a period.
/etc/hosts is usually where one sets the domain name by aliasing the host name
to the FQDN.
Note that the installer used to save the FQDN in /etc/hostname but this has
been fixed since several years now (bsc#972463).
- systemd-homed is no more considered as experimental
It's been moved to its own dedicated sub-package "systemd-homed".
- systemd-userdb is no more considered as experimental (jsc#PED-2668)
As such it's been moved to the main package.
==== sysuser-tools ====
Version update (3.1 -> 3.2)
- Version 3.2
- update sysusers_requires to request sysuser-shadow 3.2
- Use TAB consistently for indention in sysusers2shadow.sh
- This pkg needs to follow behavior which is described in sysusers.d(5).
Always create a system group of the same name as the system user,
even if the user already exists. (bsc#1205161, bsc#1207778, bsc#1213240)
- Add "quilt setup" friendly hint to %sysusers_requires usage
It is not required to have sysuser-tools installed when working
with a pkg source which uses sysuser-tools at build time.
==== tar ====
Subpackages: tar-rmt
- Update tests-skip-time01-on-32bit-time_t.patch to not run test
on armv6 either
==== texlive-specs-n ====
Version update (2023.201.2.005svn65956 -> 2023.209.2.005svn65956)
- Rework lua(meta)tex/context resource findings
- Add requirement in invoice2 for siunitx as shown upstream
- Add patch context_shell-escape.dif
* Add upstream fix for enabling --socket and --shell-escape
- Drop gracht.mp, detcow.mp, and mycow.mp from context.doc as
only given with CC-BY-NC-SA-3.0, a non-commercial license
==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tctildr0
- Require openssl-3 over openssl-1 to assist migration of applications
to newer openssl-3.
==== update-alternatives ====
Version update (1.21.8 -> 1.21.22)
- openssl.patch: use openssl library for MD5 calculation instead
of relying on libmd. libmd is not in Ring0
- require Perl 5.28.1 or later
==== util-linux ====
Version update (2.39 -> 2.39.1)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== util-linux-systemd ====
Version update (2.39 -> 2.39.1)
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== vala-panel-appmenu ====
Subpackages: appmenu-gtk-module-common appmenu-gtk2-module appmenu-gtk3-module libappmenu-gtk2-parser0 libappmenu-gtk3-parser0
- Fix systemd_user_post macro use.
- Spec clean-up.
==== vlc ====
Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau
- Update specfile to prevent building with libplacebo v6.292.0 or newer
==== webkit2gtk3 ====
Version update (2.40.3 -> 2.40.4)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.40.4:
+ Fix a bug in JavaScript reading variable arguments in a call.
==== webkit2gtk3-soup2 ====
Version update (2.40.3 -> 2.40.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Update to version 2.40.4:
+ Fix a bug in JavaScript reading variable arguments in a call.
==== wireless-regdb ====
Version update (20230601 -> 20230721)
- Update to version 20230721:
* wireless-regdb: Update regulatory info for Türkiye (TR)
* wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidelines
==== xfsprogs ====
Version update (6.3.0 -> 6.4.0)
Subpackages: libhandle1
- update to 6.4.0:
- xfs_db: expose the flag in rmapbt keys
- xfs_repair: warn about unwritten bits set in rmap btree keys
- xfs_repair: check low keys of rmap btrees
- xfs_repair: always perform extended xattr checks on uncertain inodes
- xfs_repair: fix messaging when fixing imap due to sparse cluster
- xfs_repair: fix messaging in longform_dir2_entry_check_data
- xfs_repair: fix messaging when shortform_dir2_junk is called
- xfs_repair: don't log inode problems without printing resolution
- xfs_repair: don't spray correcting imap all by itself
- libxcmd: Fix crash due to missing return value check on add_command()
- xfs_db: make the hash command print the dirent hash
- xfs_db: Add new cmd to create dirents and xattrs that induce dahash collisions
- mkfs: deprecate the ascii-ci feature
- xfs_db: fix metadump name obfuscation for ascii-ci filesystems
- libxfs: kernel sync
==== yast2-firstboot ====
Version update (4.6.0 -> 4.6.1)
- Adapt users client to the changes in yast2-users (related to
bsc#1206627).
- 4.6.1
- Removed unnecessary executable flag from several files
(bsc#1209094)
==== yast2-trans ====
Version update (84.87.20230714.966688ddd0 -> 84.87.20230729.64eca7e0a1)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20230729.64eca7e0a1:
* Translated using Weblate (Kurdish)
* Translated using Weblate (Czech)
- Update to version 84.87.20230720.09601d9b28:
* Translated using Weblate (English (United Kingdom))
* Translated using Weblate (English (United Kingdom))
* Translated using Weblate (Russian)
==== yast2-users ====
Version update (4.6.2 -> 4.6.4)
- bsc#1211583
- do not pre-fill non-sense user password when going back after
importing user
- 4.6.4
- Allow to edit the NIS master server databases instead of the
local ones, relying on the --prefix argument added to several
commands in the "shadow" package (bsc#1206627).
- 4.6.3
==== zlib-ng-compat ====
- Fix build on riscv64
- Build with %{optflags}
==== zypper ====
Version update (1.14.61 -> 1.14.62)
Subpackages: zypper-log zypper-needs-restarting
- man: revised explanation of --force-resolution (bsc#1213557)
Point out that the option not only allows to remove packages but
may also violate any other active policy if there is no other way
to resolve the job.
- Print summary hint if policies were violated due to
- -force-resolution (bsc#1213557)
- BuildRequires: libzypp-devel >= 17.31.16 (for zypp-tui)
- version 1.14.62
1
0